TehPers

Rust currently isn’t as performant as optimized C code, and I highly doubt that even unsafe rust can beat hand optimized assembly — C can’t, anyways.

A bit tangential, but to answer this question, nothing beats the most optimized assembly code. At best, programming languages can only hope to match the most optimized assembly.

Rust does have macros for inlining assembly into your program, but it’s horribly unsafe and not super easy to work with.

Rewriting ffmpeg in Rust is not a solution here (like you’re saying).

Wow genius response. Glad you actually addressed my comment.

ffmpeg devs can refuse the AI generated bugfixes for all we care.

This is a separate problem, but it’s still a problem. Many projects have seen a rise in slop PRs. curl is notorious for complaining about AI slop vulnerabilities and patch requests.

But I think we both agree that Google needs to be doing something more rather than putting the workload entirely on the ffmpeg devs.

I don’t understand how a bug is supposed to know whether it’s triggered inside or outside of a google service.

Who found the bug, and what triggered it? Does it affect all users, or does it only affect one specific service that uses it in one specific way due to a weird, obscure set of preconditions or extraordinarily uncommon environment configuration?

Most security vulnerabilities in projects this heavily used are hyper obscure.

If the bug is manifestly present in ffmpeg and it’s discovered at google, what are you saying is supposed to happen?

e) Report it with the usual 90 day disclosure rule, then fix the bug, or at least reduce the burden as much as possible on those who do need to fix it.

Google is the one with the vulnerable service. ffmpeg itself is a tool, but the vast majority of end users don’t use it directly, therefore the ffmpeg devs are not the ones directly (or possibly at all) affected by the bug.

There are a bunch of Rust zealots busily rewriting GNU Coreutils which in practice have been quite reliable and not that badly in need of rewriting. Maybe the zealots should turn their attention to ffmpeg (a bug minefield of long renown) instead.

This is weirdly offtopic, a gross misrepresentation of what they are doing, and horribly dismissive of the fact that every single person being discussed who is doing the real work is not being paid support fees by Google. Do not dictate what they should do with their time until you enter a contract with them. Until that point, what they do is none of your business.

Alternatively (or in addition), some effort should go into sandboxing ffmpeg so its bugs can be contained.

And who will do this effort?

Bug reports that apply only to Google’s services or which surface only because of them are bugs Google needs to fix. They can and do submit bug reports all they want. Nobody is obligated to fix them.

The other part of this is, of course, disclosure. Google’s disclosure of these bugs discredits ffmpeg developers and puts the blame on them if they fail to fix the vulnerabilities. They can acknowledge the project as being a volunteer, hobby project created by others if they want, and they can treat it like that. But if they’re doing that, they should not be putting responsibilities on them.

If Google wants to use ffmpeg, they can. But a bug in ffmpeg that affects Google’s services is a bug in Google’s service. It is not the responsibility of unpaid volunteers to maintain their services for them.

The issue is not whether security issues exist in ffmpeg. It’s clear that vulnerabilities need to be fixed.

The issue is with who actually fixes them. Your last sentence is the core of it. Google can submit as many bug reports as they want, but they better be willing to ensure the bugs get fixed too.

I think the last thing ffmpeg devs want is AI generated bugfixes to their assembly-heavy codebase. What they should do is dedicate time for experienced devs to fix the bugs instead.

Having used it, it is. Immich is awesome.

Same. I didn’t use RoR before it was cool.

(Honestly I just didn’t like the syntax of Ruby and there were tons of great alternatives already by the time I was looking)

Having worked with a no-code product for a family member who ran for a local position, you can get pretty far with them. The issues are usually when you want to go outside their happy path and do your own thing, and unfortunately a large part of campaigning is branding. The tool we used let us write our own HTML though, so that’s where I came in to bring some custom CSS so that the website could look a bit more unique.

In general, for a small campaign, I agree with the author’s decision to go no-code. Writing a site from scratch is doable and maybe not that hard, but hooking up stuff for campaign donations, emails, etc was way too much for me to try to do on my own in my free time. Better funded campaigns can probably go further, though not sure if it’s even common there to go custom or just use one of these tools.

They probably just need to renew it. I’d raise it with the devs if it’s not resolved sometime in the next day.

Seconding this. Flatpak would be a lot simpler and would make me a lot more comfortable (assuming I had the time to test at all).

On Windows, either a .msi, or just zip the build output and send that.

GitHub also supports releases, so create a release on GH, then put your build artifacts there for people to download. Even better if it’s done automatically through a workflow (not that I care as a user, but it makes your job easier when publishing releases),

I don’t think it can be done by a village of 300 people

These things take an order of magnitude more companies today to build. Not only could 300 people not build the board inside one of the machines used for manufacturing, but 300 companies of hundreds to thousands of employees couldn’t either. Each component is usually created by one company that specializes in that specific component and only that component because of how complex these things are to manufacture individually.

For that to work, you’d need villages to specialize in what they produce and export, but then this leads to a completely different kind of society than what you two are discussing here.

the highest possible value for a product

How do you calculate this?

the amount of people who has the product - the amount of people who want the product

As demand increases, the value increases, but at some point when demand exceeds supply (which is common), the opposite happens: the magnitude of the value starts to decrease (though that value is now negative).

For example, two sellers sell a product, and four people want it. Let maximum value be v_m. Value is calculated to be v_m / (2 - 4) = -v_m / 2. If two more people want it suddenly (so 6 now), it becomes v_m / (2 - 6) = -v_m / 4, which has a lower magnitude despite the higher demand and static supply. This is contrary to how supply and demand actually work, where value generally increases as demand increases (if supply remains static).

Maybe value means something differently to me than it does to you though. Ideally supply would always equal demand (which makes your denominator 0, breaking the equation entirely since that would be undefined), but that would be really difficult to control.

Not really, no. Assuming that all currencies are going down the toilet and your software is supposed to sidestep it in some manner, then all you’re really introducing is basically an exchange for a new system of currencies. You end up in the same place in the theoretical future where barter is the main method of trading.

On the other hand, if you’re doing this just for fun, then there’s nothing wrong with that, and introducing it that way might get you a better reception. But this is not the future of trade, just a niche tool that some might find useful, which is perfectly fine.

This would still be true in a barter system.

You give your bank 2 chickens. Your account now has 2 chickens. To save people the effort of transporting chickens, you give someone an IOU (bank note) equivalent to 2 chickens, and they do the same for your gas or whatever. Now you have a system of currency and a method of exchanging each currency (chickens, gas, cows, etc) for each other.

Software is created on this system of currency, and defines conversion rates between each currency. Software defines the value of products relative to each other now.

Converting CSV to JSON is probably just a matter of translating column names to property and wrapping them all in a list. But if that’s the case, it may be worth opening an issue on FreeTube to have the docs and code updated.

Yes

For what it’s worth, on Windows, AppData\Roaming is intended to be shared across devices to some extent (there’s more nuance but the point being I’d be less worried about syncing data from there).

Unexpected Keyboard lets you adjust the vibration when pressing keys, but I don’t see any settings for the sound. Otherwise, I got nothing.