Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
It's kinda hilarious watching Republicans attack Democrats for representing a "far left" ideology that has been dead and buried within the party for years, just because they know Democrats will immediately snap to attention trying to prove their conservative bonafides.
Save the dates!
#BSidesNoVA2025 Friday, October 10 - Saturday, October 11 in Arlington, Virginia.
Check back for more info! bsidesnova.org
C++26: more constexpr in the core language https://lobste.rs/s/t1lbrg #c++
https://www.sandordargo.com/blog/2025/04/23/cpp26-constexpr-language-changes
Since no one has picked up the slack around here, I have implemented a new state-of-the art VIBINT platform. Since y'all are my fedi friends, you can check it all out for free.
The service accepts hashes, domains, and IP addresses. As well as other IoCs and IoAs that aren't yet documented. And it works with any browser, including especially cURL.
Try it yourself:
https://cascadiacrow.com/isThisMalware?hash=e71ee9dca014e33b7da6843aeeb8b980
https://cascadiacrow.com/isThisMalware?domain=cloudflare.com
https://cascadiacrow.com/isThisMalware?ip=127.0.0.1
「Featured」が「注目」に。ふむーん
Following the FEP-fe34 update, I am publishing a new version of FEP-ae97: Client-side activity signing
https://codeberg.org/fediverse/fep/pulls/564
The registration process is completely different now. Keys for signing S2S requests are generated on the server and only public parts are shared with the client.
When FEP-ae97 client retrieves activities from the inbox, it signs GET requests with a key associated with actor's DID authority.
For example, this actor:
@reiver ⊼ (Charles) 
ap://did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK/actor"
Will generate an HTTP signature with this keyId parameter:
keyId="did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
Implementations have been updated too (Nomadic AP Client and Mitra).
Active Automata Learning in Haskell
https://github.com/steve-anunknown/haal
Discussions: https://discu.eu/q/https://github.com/steve-anunknown/haal
眠ろうとしてる時に目を使うと疲れが取れない気がするのでポッドキャストを流しとくなあ
@frogfroggy@fosstodon.orgDavidマイナバードの写真ないなーっておっさんぽの時に撮ろうとしたんだけどPixel 7aちゃんのカメラだとこれがせいいっぱい (ちゃんとしたカメラを持ってても腕前がね)
The Rust Foundation is proud to be hosting 
@rustconf this year! 🦀✨
Reminder: the call for talk proposals closes on April 29 — if you’ve got an interesting #rustlang story to tell, we’d love for you to submit a talk proposal! https://sessionize.com/rustconf-2025 #rustconf #rustconf25
《419 守護台灣 拒絕統戰》集會活動
我是原住民,對於這次的大罷免,實在很抱歉我們沒能參與連署罷免原住民的舔共立委高金素梅,明著在國會喊:我們習近平等等舔共的行為,想想心裡真的非常的不甘心。
有次看到罷免羅明才的罷免團體,看見我經過跟我說來連署罷免,但我只能很抱歉地說:不好意思,我是原住民,心裡真的難過,所以這次想要再用行動站出來,至少我站出來了,有份參與守護台灣的行列裡,讓舔共的知道,真正愛台灣的人是絕對多數的,有我們在休想出賣台灣。
想告訴身邊的朋友,不要放棄你手中可以連署的機會,因為已經少了我們原住民可以連署的機會,你們更不能放棄,算是替我們一起守護屬於我們台灣人的台灣,謝謝你們了。
きょうもいっとこ 
ca4139be07 (upstream/main) chore(deps): update node.js to 22.15 (#34523)
ffc853c086 fix(deps): update dependency pg to v8.15.1 (#34516)
577e407ffc New Crowdin Translations (automated) (#34522)
b68c622a07 fix(deps): update dependency pg-connection-string to v2.8.1 (#34517)
7bc301e184 Make `Web::PushSubscription#user` and `Web::PushSubscription#access_token` relationships non-optional (#34498)
dee744c793 Fix quote serializer (#34510)
@joel never heard of firejail. Got to do some digging or waiting for a blog post ;)
They made computers behave like annoying salesmen
Link: https://rakhim.exotext.com/they-made-computers-behave-like-annoying-salesmen
Discussion: https://news.ycombinator.com/item?id=43773710
Excuse me? Don't think this is what we mean by "Autism Awareness Month".
All jokes aside, this is scary af.
https://www.theguardian.com/us-news/2025/apr/22/rfk-jr-autism-nih
@annaDr. Anna Latour at this point it feels like a relieve that the purpose behind this most likely is antivax "vaccines cause autism" stuff and nothing else.
Excuse me? Don't think this is what we mean by "Autism Awareness Month".
All jokes aside, this is scary af.
https://www.theguardian.com/us-news/2025/apr/22/rfk-jr-autism-nih
@annaDr. Anna Latour What the news is not stating is if this data is being collected anonymously, i.e. privately identifiable information being removed. Somehow, I doubt that this is happening.
I'm going to T-DOSE. See you there? https://t-dose.org/ #TDOSE
I'm currently putting the final touches on my talk for City JS conf on Friday!
Will I see anyone there?
"no one cares about this" have you considered that you're selecting the people you're encountering
At any rate what I was thinking about here is that you will have times when your own motivation and your own faith fails you, and then what? Who is around you helping to shape your thoughts? I think people underestimate the ways that the people they surround themselves with can change THEM rather than the other way around.
oh hello. if you live in the NYC area and haven't already heard my book talk on #othernetworks, or if you'd just like to come hang out and get a postcard or 
@mediaarchaeologylab sticker or pamphlet on how to build your own mini FM transmitter, please come to 161 Water Street 2pm on Saturday!
Following the FEP-fe34 update, I am publishing a new version of FEP-ae97: Client-side activity signing
https://codeberg.org/fediverse/fep/pulls/564
The registration process is completely different now. Keys for signing S2S requests are generated on the server and only public parts are shared with the client.
When FEP-ae97 client retrieves activities from the inbox, it signs GET requests with a key associated with actor's DID authority.
For example, this actor:
Glyph
ap://did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK/actor"
Will generate an HTTP signature with this keyId parameter:
keyId="did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
Implementations have been updated too (Nomadic AP Client and Mitra).
Geocoding APIs compared: Pricing, free tiers and terms of use
Link: https://www.bitoff.org/geocoding-apis-comparison/
Discussion: https://news.ycombinator.com/item?id=43770446
Ukraine has no great options if US recognizes Crimea as Russian
Ukraine is facing a crossroads in its fight against Russia's full-scale invasion, with the possibility of being forced to reject an unfavorable peace deal being imposed under huge pressure from the U.S.
Ukraine finds itself in an immensely frustrating position, having done all that was asked of it by the U.S. since the peace process began in earnest, yet now facing demands that are likely impossible.
Photo: Jabin Botsford/The Washington Post via Getty Images
🔗 https://kyivindependent.com/ukraine-has-no-great-options-if-us-recognizes-crimea-as-russian/
おはよみん!
I've currently been doing a tonne of work on Doorkeeper, a Mastodon dependency for OAuth, and currently that work is mostly uncompensated.
I'm also doing a reasonable amount of work on the standards side (W3C & IETF), which is also uncompensated.
I'm not making ends meet at the moment, so if you can spare €5-10 a month, please do consider supporting my work on Mastodon, Doorkeeper, standards, and the wider Fediverse.
I'm currently running a deficit of about €1000-1600 per month, which is completely unsustainable.
(there's also one-time, but ongoing support is what enables me to do this important work)
I feel an underappreciated problem with being a person who mostly just rants about the things they hate is that you surround yourself with the opposite of the people you apparently want to talk to
I trust you're already on your way
@dorkbotsf is happening tonight in SF at Monkey Brains HQ. These are always fun events filled with interesting artists and makers. I highly recommend checking it out if you are in the neighborhood. Speaker lineup and more details here http://dorkbotsf.org/archive/202504/
아니 갑자기 깼는데 잠이 안 오네..
Help an idiot who is useless with layout? How can I get this result with flexbox and no media queries? If viewport wide enough, those small articles are on the side, one under the other. Otherwise, they're below, next to one another.
https://codepen.io/thebabydino/pen/XJJpjzv
Thanks!
For Earth Day today, I had the honor of remembering Pope Francis on Democracy Now, recalling how first reading his Laudato Si' brought me to tears and how he saw social movements as a site of revelation: https://www.democracynow.org/2025/4/22/pope_francis_vatican_climate_crisis
Calling ASD a “disease” is stigmatizing and without basis. Tracking people with ASD in a database is fascistic and terrifying.
Ihr braucht öfter mal APN-Pläne und nutzt Apple-Geräte? 
Ich hätte da einen kleinen Shortcut erstellt.
Name
oder gleich
Ril 100-Abkürzung
eintragen – zack, hier kommt der APN-Plan. 
Download: https://www.icloud.com/shortcuts/4b169b65e4194c8588060049dfcfbdd8
Feedback gern gesehen! 
(Ist mein erstes öffentliches Projekt 👉👈)
PS: kann man sich auf dem Mac wunderbar auf z. B. command+P (für „Plan“) legen :)
Can you recommend a website, post, talk, etc. to learn more about accessibility APIs, the accessibility tree and the relationship between browsers and assistive technology? Thank you!
Language nerds, a question: if I want to start creating a hobbyist programming language, what should I read and why?
갑자기 깸..
@dorkbotsf is happening tonight in SF at Monkey Brains HQ. These are always fun events filled with interesting artists and makers. I highly recommend checking it out if you are in the neighborhood. Speaker lineup and more details here http://dorkbotsf.org/archive/202504/
35 years later... It's finally there! https://www.colino.net/wordpress/en/shufflepuck-cafe-for-apple-ii/
@grayface_ghostGhost of Hope 🏳️⚧️ fair enough. I've been out of the country too long to be familiar enough with him.
Today Melissa Lewis over on BlueSky pointed out that the font used in the infamous "You wouldn't steal a car" anti-piracy campaign was actually designed by Just van Rossum, whose brother, Guido, created the Python programming language (bsky.app/profile/melissa.news/post/3ln7hx5rhcj2v)
She also pointed out that the font had been cloned and released illegally for free under the name "XBAND Rough". Naturally, it would be hilarious if the anti-piracy campaign actually turned out to have used this pirated font, so I went sleuthing and quickly found a PDF from the campaign site with the font embedded (web.archive.org/web/20051223202935/http://www.piracyisacrime.com:80/press/pdfs/150605_8PP_brochure.pdf).
So I chucked it into FontForge and yep, turns out the campaign used a pirated font the entire time!
The Haskell Foundation is happy to announce that we are teaming up with @digitalocean. Let's thank DigitalOcean for helping us keep Haskell infrastructure sustainable! #DoforOpenSource
Have frameworks like React and Vue hindered adoption of modern web features like `<dialog>` and `popover`?
They don't map well to components because they expect to always exist in the DOM and have an imperative interface (show/close) for modifying their state.
They top layer is also incompatible with the "portal"/"teleport" model.
If you want something that shows up on top of a modal you actually need a `reverse teleport` where the dialog steals some dom nodes from outside itself.
Evan Prodromou
🏳️🌈🖖🏽 
