Skip to content

Christopher James Willcock

Enjoy Kaizen

Category: Programming

JavaScript can’t do this

++this.ring_pointer %= this.sample_width;

I want to firstly increment, and then take the modulus as the value of my variable.

Instead:

this.ring_pointer = ++this.ring_pointer % this.sample_width;

noize’s realm

I got a little side-tracked while figuring out the computer and didn’t notice the time. https://chris.willcock.ca/

Dads’ Breakfast: Commit 998df0135f

From the Making of Dads’ Breakfast

HTTPS://CJWILLCOCK.CA/DADS-BREAKFAST-MAKING-OF/

You are welcome to view this commit via github, sourcehut, or author’s original.

I use two (2) flatscreen LCD monitors at my writing desk. Both monitors are 1080p and leave me some room around the default block widths in the Gutenberg editor. These have a maximum width of 31.77% of my viewing area. I’m looking for nearer to half as a minimum return on my monitor-dollar.

I preserve some negative space around the tableau but impose a little bit more room for tables and various things, by applying the following CSS to the editor:

@media (min-width: 1280px){
	.wp-block{
		max-width: 800px;
	}
}

@media (min-width: 1600px){
	.wp-block{
		max-width: 960px;
	}
}

With this change, on any screen with two-thirds (2/3) the horizontal resolution of a monitor like one of mine the block widths increase from 47.66% to five-eights (5/8) of the viewport width. At screens five-sixths (5/6) mine the block widths increase from the 41.69% of the viewport width imposed by the previous media query -up from 38.125% at default WP size- to three-fifths (3/5) of the viewport width.

The ratio of viewport width to block width changes as the viewport width increases. I’m keeping the tableau on desktop to a comfortable one-half (1/2) of a 1920 pixels wide viewport. YMMV.

Verse, WordPress 5+

Test of verse type.
What's that about?
Enter key doesn't create a new block now.
This should be closer to the top of the visual queue.
Uh, guys? Guys? Shift+Enter doesn't create a new block. I'm stuck here.
Ah-ha! The down arrow is needed. 
But wait, there's WordPress! -_-
No HTML entities either?
 ,
 ,
`/

Why Sign Git Commits?

From the Making of Dads’ Breakfast


https://cjwillcock.ca/dads-breakfast-making-of/

When choosing to trust code written by another person, I endeavour to take a measured risk. Consider the attack on CoPay, carried out via the compromise of an overlooked-on-update dependency, otherwise unrelated to the virtual currency exchange software concern.

Scenario: What if that code-contributing person is victimized by a masquerading identity thief, and goes on unknowingly promulgating the originating repository, now including commits of malicious code?

Challenge: When all is found out, is the whole identity compromised?

Resolution (GPG): Notify the certifier of the compromised GPG fingerprint. The master private key holder has de-certification authority over the signature certified for signing commits, and may revoke certification of the maligned signing certification, rapidly upon providing their own advertisement of change of certifications. Upon receipt of such a fingerprint or similar identifying information, revoke the compromised signing key and exercise stable surety-of-identity from the master key to generate and certify anew, a signing key for origination of authentic commits to the code repository. The identity is not the signing key, and the originator can readily have an assured identity with which to signify the authenticity of corrective actions and sundry commits.

I hope my original works are useful mechanisms by which surety-of-origination acts to strengthen the whole, now that I am signing my commits.

I have my master private key stored offline in an encrypted USB, but keep a signing subkey-pair on my local machine for day-to-day use. I ensured that my signing subkey was present on the shell where my development work was taking place, and configured my git client to use my signing subkey.

When I could manually sign any commit by git commit -S, and have it work as expected, it was then time to have git challenge for signature on every commit, by setting the global option: git config --global commit.gpgsign true.

On commit, I answer the challenge with my GPG passphrase to apply my signature using my private signing subkey. Such signed commits are indicated as verified by both my-own installation of Gitea at code.cjwillcock.ca and third-parties Github, et al.

My signing certificate expires two (2) years from the day I certified it, on 2021-03-16. If I go down, I’m taking all my certificates with me! 😀 That’s the graceful failure mode, and hopefully unnecessary for a very long time while I give it some more thought!

I welcome criticism, discussion and advice of the reader, that we may talk awhile.

I found the article Create GnuPG key with sub-keys to sign, encrypt, authenticate by Gerhard, via Tinned Software, helpful in getting started with GPG.

I found the article Using an offline GnuPG master key by Damien Goutte-Gattat helpful in learning to remove the secret from my master key, such that I now have an offline master key in encrypted, cold storage, while continuing to have the convenience of signing keys on my workstation.

Signing My Git Commits w/ GPG

UPDATE: I elaborated on this in my follow-up post Why Sign Git Commits?

I have my master, secret GPG key stored offline in an encrypted USB drive, but keep a signing subkey on my local machine for day-to-day use. I ensured that my GPG signing subkey was available to the git client on the host where my development work was taking place, and configured that git client to use my signing subkey.

On commit, I answer the challenge with my GPG passphrase to apply my signature to my work using my private signing subkey. Such signed commits are indicated as verified by both my-own installation of Gitea at code.cjwillcock.ca and third-parties Github, et al.

I found the article Create GnuPG key with sub-keys to sign, encrypt, authenticate by Gerhard, via Tinned Software, helpful in getting started with GPG.

I found the article Using an offline GnuPG master key by Damien Goutte-Gattat helpful in learning to remove the secret from my master key, so that I could have this offline master key while keeping the convenience of signing keys on my workstation.

Found while looking for a port number to use. No time to read now but this looks interesting. Bookmarked!

I’m tired of dealing with WordPress – it’s going away.

mf2bench – Parse all the things (with all the parsers)

My Microformats2 parser passed all the tests a short while ago. After that milestone, I was wondering if it’s fast. That needs some context because fast compared to what? All the other Microformats2 parsers. Have they been measured? The answer to that one is: not before now as far as I can tell.

I took a little time to make mf2bench, a benchmarking tool that compares the performance of all (is it all?) the Microformats2 parsers out there. My work on the php-extension, mf2, came in second place in terms of speed, behind the Microformats2-parser for Go. I’m pretty happy with this, because I have been concentrated on coding to pass tests, to demonstrate that the parser meets the living specifications at microformats.org. Making it run fast, or as fast as is fun to make it, is still a little bit away.

I’ll next get mf2bench to provide some measure of what the parse from each parser is for the various samples. That will be neat.

 

========== UPDATE ==========

The above screenshot uses the default of three (3) parses per parser. It was captured for the sake of taking a picture, rather than of comparison between parsers, etc. Here is the same thing, with one hundred (100) parses per parser.

Versions of each parser tested:

Parser Version
ruby/microformats-ruby 4.1.0
python/mf2py 1.1.2
php/php-mf2 0.4.6
php/php-mf2 (w/ Masterminds\HTML5) 0.4.6 (2.5.0)
php-ext/mf2 unreleased
node/microformats-parser 2.0.1
go/microformats 0.1.26
perl/microformats2 0.5
elixir/microformats2 0.2.1
haskell/microformats2-parser 1.0.1.9