Re-Inventing the API Client
Bruno is a Fast and Git-Friendly Opensource API client, aimed at revolutionizing the status quo represented by Postman, Insomnia and similar tools out there.
Bruno stores your collections directly in a folder on your filesystem. We use a plain text markup language, Bru, to save information about API requests.
You can use git or any version control of your choice to collaborate over your API collections.
Bruno is offline-only. There are no plans to add cloud-sync to Bruno, ever. We value your data privacy and believe it should stay on your device. Read our long-term vision here.
SMTP Smuggling
[An updated version of this text may be found at https://www.postfix.org/smtp-smuggling.html]
Author: Wietse Venema
Last update: December 21, 2023
Summary
Days before a 10+ day holiday break and associated production change freeze, SEC Consult has published an email spoofing attack that involves a composition of email services with specific differences in the way they handle line endings other than <CR><LF>.
Unfortunately, criticial information provided by the researcher was not passed on to Postfix maintainers before publication of the attack, otherwise we would certainly have convinced SEC Consult to change their time schedule until after people had a chance to update their Postfix systems.
Snoopy is a small library that logs all program executions on your Linux/BSD system.
Developer documentation outlines how it actually does that (a fairly technical read). And don't miss the security disclaimer about it.
plugin phpstan todo
Chyrp Lite makes it possible to host a blog on your own web server with minimal fuss. You can have a traditional blog, a tumbleblog, or you can add oodles of customisation and build a general-purpose web publishing platform with blogging features on the side. You get five beautiful blog themes and a friendly administration console, all fully navigable on a broad range of devices, thanks to the power of responsive HTML5. Semantic markup and comprehensive ARIA labelling ensure your blog will be accessible to visitors who use assistive technologies.
With a flexible system of Feathers and Pages, you can make your website whatever you want it to be. Feathers enable different types of blog content – you can restrict yourself to absolute textual purity, or you can create a multimedia rainbow. Pages let you publish articles separate from your blog content – be it a simple colophon or a hierarchy of multiple pages, optionally including a homepage that your visitors will see when they first arrive at your website.
Blocking security
php terminal UI
What is Revolt?
Revolt is a rock-solid event loop for concurrent PHP applications. The usual PHP application spends most of its time waiting for I/O. While PHP is single threaded, cooperative multitasking can be used to allow for concurrency by using the waiting time to do different things.
PHP’s traditional synchronous execution flow is easy to understand. Doing one thing at a time. If you query a database, you send the query and wait for a response from the database server. Once you have the response, you can start doing the next thing.
Amp, ReactPHP, and other libraries have offered cooperative multitasking in PHP for a long time. However, their event-driven nature was incompatible to many existing interfaces and required a different thinking model. PHP 8.1 ships with fibers built-in, which offers cooperative multi-threading. Calls can be asynchronous without promises or callbacks, while still allowing for non-blocking I/O.
Every application making use of cooperative multitasking needs a single scheduler (also called event loop), which this package provides. Revolt is the result of combining years of experience of Amp’s and ReactPHP’s event loop implementations. However, it is not a full-blown framework for writing concurrent PHP applications, but only provides what’s necessary as a common base. Different (strongly) opinionated libraries can be built on top of it and both Amp and ReactPHP will continue to co-exist.
Installation
It may surprise people to learn that the PHP standard library already has everything we need to write event-driven and non-blocking applications. This package can be installed as a Composer dependency on PHP 8.1 and later.
Pinokio is a browser that lets you install, run, and programmatically control ANY application, automatically.
Very few technologies have persisted near to their original form as much as email services over time on the internet. It has been over 50 years since Ray decided to use the at symbol to designate a user and destination for electronic mail1. And while it has a few different skins, the fundamental concept and protocols remain largely unchanged to this day.
Given the lack of underlying evolution of email services, combined with the growth of ecosystems, there has been a dramatic shift to a seemingly monopolistic dominance of email services by Google, Microsoft and Apple (via Gmail, M365 and iCloud respectively). One major advantage enjoyed by users of the users of large providers is their price (free) and accessibility from anywhere (web and mobile applications). Combined with enhanced security capabilities and good spam mitigation, it’s completely understandable why we don’t really spend time thinking about non-mainstream email capabilities.
The scale of the larger operators is difficult to estimate, but it’s very safe to say that Google, Microsoft and Apple are responsible for the majority of email services online. As of March 2020, Google had 2 billion MAU alone2.
While Google and others provide easy access to email, it comes at a cost for other providers - to ensure safe delivery and reduction of spam across large user bases, the bar has been raised, and continues to be raised3 to successfully deliver email into each ecosystem.
Having recently had a small side project which required email capabilities whilst simultaneously wishing to avoid adopting any specific ecosystem, I set about building a self-hosted email solution.
I am a strong believer that very few problems that I face in life are unique, so I turned to the good folk at /r/selfhosted4 to find prior art relating to self-hosted email. What I found across dozens of threads relating to email capabilities was a mass of confusion, ad-hoc solutions, dodgy recommendations, delivery nightmares and general complexities intertwined with people who have successfully self-hosted mail for years without issue.
In short - mail hosting looked like a bit of a mess5.
The former systems administrator in me ended up wondering was it as hard as some on the subreddit asserted? Was it as easy as others suggest? Or does it land somewhere inbetween?
For the remainder of this essay, I will explore the basic design, build and deployment of Mail Transfer Agent (MTA) and Mail Delivery Agent (MDA) capabilities to host an informal email solution for a non-enterprise project.
If you're like every other human in the world, you no doubt believe many things. There are things you believe are factually true. There are things you believe are morally true. There are things you believe are the best course of action given certain circumstances. You're probably right about many of them, perhaps most of them.
Visualization is a fundamental part of modern data-centered applications: a plot can show you in the blink of an eye if your data has the shape that you’re expecting, but having to retrieve all your samples just to cram them in a graph without enough pixels to show them all is clearly not a good idea.
Downsampling seems the obvious next step, but how to choose which samples to keep and which to throw away? The key idea is to take the samples that make the overall shape of your data as similar to the original one as possible.