<sYnfo>
I went through couple big repos and found the inefficient patterns couple times. Does this look like an interpreter bug to you? Or is this just a pattern people should know not to use (and hence it might be worth opening bugs against its usage).
ih8u has quit [Quit: ih8u]
ih8u has joined #ruby
jenrzzz_ has quit [Ping timeout: 240 seconds]
Linux_Kerio has joined #ruby
donofrio has quit [Read error: Connection reset by peer]
jenrzzz_ has joined #ruby
donofrio has joined #ruby
jenrzzz_ has quit [Ping timeout: 264 seconds]
johnjaye has quit [Ping timeout: 252 seconds]
jenrzzz_ has joined #ruby
johnjaye has joined #ruby
jenrzzz_ has quit [Ping timeout: 276 seconds]
<[0x1eef_]>
Nice post. Is '# frozen_string_literal: true' set ? Maybe that could help by re-using the same string.
_ht has joined #ruby
<sYnfo>
Hmmm, where would you set that? I'm not much of a Ruby person.
<[0x1eef_]>
You could try ''.freeze as well. That comment usually put at the top of the file.
<sYnfo>
Looks like neither of those help!
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 256 seconds]
<[0x1eef_]>
input[0...written].clear might be another one to try. Those two lines seem very different. One is clearing the string, and the other re-using the string's contents.
<[0x1eef_]>
Ah I see. The new variant copying the rest of the string instead.
<[0x1eef_]>
If you can find a way to still write (at least that it would appear so from Ruby) then I think it could be optimized by Ruby, otherwise I'm not sure.
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 264 seconds]
<sYnfo>
Interesting, thanks!
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 264 seconds]
jenrzzz_ has joined #ruby
reset has joined #ruby
clemens3 has joined #ruby
jenrzzz_ has quit [Ping timeout: 260 seconds]
jenrzzz_ has joined #ruby
c10l has quit [Read error: Connection reset by peer]
infinityfye has quit [Quit: Leaving]
<[0x1eef_]>
And thanks for sharing :)
rapha has quit [Quit: WeeChat 3.7.1]
jposer has quit [Quit: Connection closed for inactivity]
grenierm has quit [Ping timeout: 250 seconds]
rapha has joined #ruby
<rapha>
hmm ... am I understanding Turbo correctly that if there's a <turbo-frame id="mainframe"></turbo-frame> somewhere on the page and i put Turbo.visit("/foobar", {frame: "mainframe"}); into the browser console, then the contents of that frame should change to whatever comes back from /foobar, provided it is also wrapped in the same frame, say, <turbo-frame id="mainframe">Hello world!</turbo-frame>?
<rapha>
(curiously, i can navigate the entire page around using Turbo.visit, but the frame won't budge)
<yoones2>
Hello, do you know of any way to run a ruby code in isolation of the rest of the ruby program and the OS? I'm looking for a way to execute a bit of unsecure code that comes from user input _inside_ a ruby program but without it being able to access the host OS or mess with the rest of the app (it shouldn't be able to access other consts, add/change classes, ..)
<[0x1eef_]>
yoones2: Usually best to rely on the OS for that.
<[0x1eef_]>
FreeBSD has jails, OpenBSD has pledge/unveil.
<[0x1eef_]>
On OpenBSD, you could fork, and use a combination of pledge + unveil.
<yoones2>
FOr the OS part I agree, but my need is for the insecure code to be executed in an existing ruby process that has (and should keep) its priviledges
milouse has joined #ruby
<yoones2>
Also I need to allow _some_ methods to be callable from the unsecure code
<[0x1eef_]>
I think that's going to be hard without forking. Or spawning a new process.
<[0x1eef_]>
Ruby has $SAFE but it's sort of a poor man's tool for this kind of thing.
<yoones2>
yeah $SAFE won't do it, you still can access any existing const in the current program :/
<yoones2>
which means you can mess with the rest of the program
<[0x1eef_]>
fork could solve that part. You could read parent process data but anything you write will be in its own address space.
<yoones2>
it means that if one of the methods I make accessible to the unsecure code is an interface to INSERT in a db, the unsecure code has all it takes to insert anything it wants in the db
<[0x1eef_]>
If reading is an issue too, then maybe you could const_remove anything you don't want to be visible. TBH dropping to the OS is going to be the most reliable way. I don't mean to keep repeating that, but I think it's the most reliable way to do it.
<[0x1eef_]>
Yes, but that's not going to solve the issue either. You don't want the DB to be contactable at all. From new code or existing code.
<[0x1eef_]>
I would approach it one of two ways: On FreeBSD, spawn the untrusted code within a jail. On OpenBSD, fork, and use a combination of pledge + unveil to restrict what the subprocess can do. On Linux I have no idea but it probably has something.
<yoones2>
LXC for Linux
<yoones2>
It means I would fork, restrict priviledges, and write some network proxy that the unsecure code would be able to communicate with, leaving this proxy the responsibility to communicate with the db and whatnot
<yoones2>
thanks for the help :)
<[0x1eef_]>
Yw.
milouse has left #ruby [#ruby]
<adam12>
yoones2: I might look at starting a new ruby inside firejail or something, and then having a drb connection between them. IIRC, $SAFE has been deprecated/removed because it couldn't make any guarantees.
<[0x1eef_]>
henk: Looks good to me. The retry method doesn't look to be acme-specific though, it could have a more general name. You could also let the retry attempts be configurable, and use recursion. It also seems odd that in case the attempts are up, nothing is raised.
<yoones2>
adam12: very interesting, I'll look into this, thanks :)
gxdWJFg has joined #ruby
Vonter has quit [Ping timeout: 268 seconds]
jenrzzz_ has joined #ruby
Vonter has joined #ruby
jenrzzz_ has quit [Ping timeout: 264 seconds]
sYnfo has quit [Quit: Client closed]
gxdWJFg has quit [Ping timeout: 264 seconds]
jenrzzz_ has joined #ruby
user71 has joined #ruby
jenrzzz_ has quit [Ping timeout: 240 seconds]
jenrzzz_ has joined #ruby
CRISPR has quit [Ping timeout: 264 seconds]
jenrzzz_ has quit [Ping timeout: 268 seconds]
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 260 seconds]
egality has joined #ruby
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 246 seconds]
Aminda has quit [Remote host closed the connection]
Aminda has joined #ruby
CrazyEddy has joined #ruby
hightower2 has quit [Ping timeout: 276 seconds]
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 240 seconds]
yoones2 has left #ruby [Leaving]
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 252 seconds]
hightower2 has joined #ruby
donofrio has quit [Ping timeout: 260 seconds]
rvalue has quit [Ping timeout: 264 seconds]
jenrzzz_ has joined #ruby
rvalue has joined #ruby
jenrzzz_ has quit [Ping timeout: 252 seconds]
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 256 seconds]
Vonter has quit [Ping timeout: 264 seconds]
donofrio has joined #ruby
Vonter has joined #ruby
jenrzzz_ has joined #ruby
donofrio has quit [Remote host closed the connection]
donofrio has joined #ruby
mobi has joined #ruby
jenrzzz_ has quit [Ping timeout: 264 seconds]
jenrzzz_ has joined #ruby
Linux_Kerio has quit [Read error: Connection reset by peer]
<henk>
I have a nested hash with e.g. config['certs']['foobar']['domains'] which is an array of domain names. I want to collect all domain names into one array. any advice how to do this? getting all second level (i.e. what’s 'foobar'), then iterating over these to get the 'domains' from each seems very inelegant …
<henk>
weaksauce: yeah, badly phrased, sorry. I’ll make a proper example code, give me a few minutes.
<henk>
http://pastie.org/p/4YbJ6bBI1Bz3ytm6CeUtdU I want to collect all values from the 'domain_names' key from all the hashes in 'cert'. my code does not know that the values in 'certs' will be 'foo' and 'bar', those come from user-provided config. 'certs' and 'domain_names' however are conventions where the code will know to look into.
<weaksauce>
i can't think of an elegant way to do that no
<henk>
does that make more sense?
<henk>
ah
<weaksauce>
foo["certs"].map .collect might be doable
<weaksauce>
er flatten
<rapha>
weaksauce: did you see my question about Turbo from earlier today? (i'm not sure though if you actually use it, yourself)
<rapha>
weaksauce: do i understand correctly that Turbo.visit('/foo', {frame: 'bar'}) is supposed to replace the contents of <turbo-frame id='bar'>old</turbo-frame> with whatever comes back from /bar, as long as that also contains <turbo-frame id='foo'>...</turbo-frame>?
<weaksauce>
i think they have to be the same frame id
<weaksauce>
> If frame is specified, find a <turbo-frame> element with an [id] attribute that matches the provided value, and navigate it to the provided location. If the <turbo-frame> cannot be found, perform a page-level Application Visit.
<rapha>
yeah, that's what the docs say
<rapha>
oh, damn
<rapha>
i confused bar and foo just there :P
<rapha>
anyhow, Turbo.visit is working fine for the whole page. but not for frames. no error message either.
jenrzzz_ has quit [Ping timeout: 268 seconds]
<weaksauce>
the docs on turbo frames are pretty terse aren't they rapha
<weaksauce>
rapha if you want to share some code i might see something out of place or something
<rapha>
terse would be okay i guess, weaksauce, but they're also not ... linear. and any forum posts you find are outdated.
<rapha>
but yes, i'd love to share some code. let me make a repo.
<rapha>
i mean, i'm using it outside of rails. which they claim to support but i'm sure never test.
<rapha>
cool :)
jenrzzz_ has quit [Ping timeout: 260 seconds]
jenrzzz_ has joined #ruby
jenrzzz_ has quit [Ping timeout: 276 seconds]
jenrzzz_ has joined #ruby
<weaksauce>
rapha looking through the source code and everything seems to work right but i'm not sure why it's not working
<weaksauce>
the request returns the right thing
jenrzzz_ has quit [Ping timeout: 256 seconds]
<rapha>
weaksauce: at least it's not working for you, as well. i was beginning to wonder if my laptop might be at fault. thank you for checking!
<rapha>
less the laptop, more the browser, i guess.
<weaksauce>
it just might be a fundamental difference in how turbo is meant to work?
jenrzzz_ has joined #ruby
<rapha>
difficult to know. the rails plugin didn't give me any clues.
<rapha>
oh, there's a Discord for Hotwired...
<rapha>
since this now has a repo, perhaps i'll show it there, too.
CRISPR has joined #ruby
<weaksauce>
i'd be curious to know what the problem is
<rapha>
same!
<rapha>
seems like a slow discord server, but someone did get an answer yesterday.
ruby[bot] has quit [Remote host closed the connection]
ruby[bot] has joined #ruby
jenrzzz_ has quit [Ping timeout: 252 seconds]
jenrzzz_ has joined #ruby
dviola has quit [Ping timeout: 276 seconds]
<weaksauce>
i tried stepping through the code in javascript land but i couldn't find anything that was even close to wanting to replace the content anywhere
<rapha>
wow
<rapha>
wait, is there a debugger built into firefox?
<weaksauce>
oh yeah for a while now
jenrzzz_ has quit [Ping timeout: 264 seconds]
<weaksauce>
there's a minified proxy js that *might* be the thing that does the replacing but it also might be something else idk
<rapha>
i'll have to check out that debugger, but not now. need to finish putting that new switch into the rack in the basement. question on hotwired discord is sent, will let you know once there's an answer!
<weaksauce>
cmd-option-i brings up the inspector and you can just click the debugger tab
<weaksauce>
ctrl-alt-i probably on linux/win
<rapha>
that's the funny thing, i know the ctrl-shift-i thing, and now i see "debugger" there, right in between the console and network tabs i'm using almost daily