Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
How Europe’s new carbon tax on imported goods will change global trade
The new regulation arrives on New Year's Day.
https://arstechnica.com/tech-policy/2025/12/how-europes-new-carbon-tax-on-imported-goods-will-change-global-trade/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
NAS를 사용하면 PC 인터넷이 안되네 -_- 전에는 분명 안그랬는데
NAS 전송속도가 훨씬 느려진것 같고....무슨 문제인가
역시 게임에서 핑 튀는건 범죄인듯
일하다가 동료 한넘이 유별나게 핑 튀는걸 수상하게 여기고 회사에 불만 제기했는데
하필이면 그게 위장취업한 북한 요원이었음. ㅋㅋ
クリームパン おふたつどうぞ
On Monday Surfer turns 3 and yesterday we released v0.5.0 featuring the long awaited analog rendering 🎉
There are of course a bunch of other improvements that you can read more about in the change log
Massive thanks to Roman Popov for the analog drawing feature!
ミスキーの開発元は国産なのか。
これは応援したいな
泡以外の感情がない
依頼絵でした~~~~~
#イラスト #依頼絵 #vgencomm #commission
힙합보단 사랑
사랑보단 돈
힙합 < 사랑 < 돈
Testing 8 Solder Flux Pastes After Flux Killed a GeForce2 GTS
https://hackaday.com/2025/12/20/testing-8-solder-flux-pastes-after-flux-killed-a-geforce2-gts/
Top 5 #accessibility improvements in #GNOME Calendar 49:
1. Focus indicators were added in various places
2. Events are focusable with a keyboard
3. Year/month spin buttons are navigable with arrow keys
4. Calendar grids are skippable with Tab, and cells are wrapped via keyboard focus
5. Calendar list box now behaves like a check box
For screen readers: events and year/month spin buttons have proper semantics!
Over 91% There! We're making great progress, please help us get there!
椎花ちゃん(代理ちゃん)の三面図を3Dモデリング用に描きながら一部デザインし直してる
Donated a small amount to 
@django *checks notes* for the third time this year.
What I give is probably not much overall in needs, but without the great work on the framework I wouldn't have my own income, so that's a no-brainer.
@hongminhee洪 民憙 (Hong Minhee) 오... 감사합니다. 한번 살펴보겠습니다. 사실 Vercel AI SDK는 첫삽을 이걸로 떠버려서 어쩔수없이 쓰고있는 상태입니다. 급한 불만 끄고 좀더 나은 라이브러리로 갈아타려고 했어요.
@hongminhee洪 民憙 (Hong Minhee) Vercel AI SDK에서 제가 문제점이라고 느낀 디자인을 그대로 갖고 있네요. 사실 저도 아직 충분히 고민해보진 못했고 반대 의견은 매우 환영입니다.
제가 문제라고 느낀 부분은 Message 타입 밑에 Part가 있는 건데요. 그러니까 LLM의 응답이 플랫하게 Message[]이 아니라 Message[].Part[]가 됩니다. Part는 Plain Text거나 Tool Call일 수 있습니다. 그런데 이게 메시지를 DB에 저장하고 Streaming UI를 만들때 불편합니다. 그냥 Part를 없애고 Message만 있으면 좋겠어요.
처음에 저런식의 디자인을 한 동기를 추측해보자면, Message[]를 User/Assitant/User/Assistant/... 이렇게 번갈아 나타나는 형태를 기대하고, 그걸 만족시키려면 Assistant/Assitant 이렇게 연달아 나타나는걸 피해야하니 Part를 도입한게 아닌가 싶습니다. 근데 실제론 저 번갈아 나타나야한다는 조건이 타입으로 강제도 안되고(이건 어려우니 OK) 런타임에서 뭐라고 하지도 않아요. 그리고 실제 사용에서 연달아 나타나는걸 허용하는게 오히려 자연스럽습니다.
그래서 처음에 잠깐 잘못 생각해서 나온 디자인이, 실제론 의도한 제약을 주고있지도 못하고 그냥 쓰임만 불편하게 만들고 있는거 같습니다.
光の当たり具合がちょうどいい感じに
これだけ頭部の赤がはっきり見えるのは珍しいかも
#misskey写真部 #photography #birdphotography #birds #野鳥
光の当たり具合がちょうどいい感じに
これだけ頭部の赤がはっきり見えるのは珍しいかも
#misskey写真部 #photography #birdphotography #birds #野鳥
作り置き仕込んでようやっとごはん
今日は美術館に行ってきたんですけど、美術館で作品を見て回るのって体力が必要なんだなと思いました
2時間半ぐらい立って歩き回る必要があるので…
Rust has been named Stack Overflow's Most Loved (now called Most Admired) programming language every year since the 1.0 release in 2015.
What do people love about Rust?
https://blog.rust-lang.org/2025/12/19/what-do-people-love-about-rust/
Fedify의 HTML 파싱 코드에서 발견된 보안 취약점을 수정한 Hollo 0.6.19를 릴리스했습니다.
이 취약점(CVE-2025-68475)은 ReDoS(정규 표현식 서비스 거부) 문제로, 공격자가 연합 작업 중 특수하게 조작된 HTML 응답을 보내 서비스 장애를 유발할 수 있습니다. 악성 페이로드는 작지만(약 170바이트), Node.js 이벤트 루프를 장시간 차단할 수 있습니다.
모든 Hollo 운영자분들께 즉시 버전 0.6.19로 업그레이드하실 것을 강력히 권고드립니다.
| 항목 | 상세 |
|---|---|
| CVE | CVE-2025-68475 |
| 심각도 | 높음 (CVSS 7.5) |
| 조치 | Hollo 0.6.19로 업그레이드 |
FedifyのHTMLパースコードにおけるセキュリティ脆弱性に対応したHollo 0.6.19をリリースしました。
この脆弱性 (CVE-2025-68475) は ReDoS (正規表現によるサービス拒否) の問題であり、攻撃者がフェデレーション操作中に特別に細工されたHTMLレスポンスを送信することで、サービス停止を引き起こす可能性があります。悪意のあるペイロードは小さい (約170バイト) ですが、Node.jsのイベントループを長時間ブロックする可能性があります。
すべてのHollo運営者の皆様には、直ちにバージョン 0.6.19 へのアップグレードを強くお勧めします。
| 項目 | 詳細 |
|---|---|
| CVE | CVE-2025-68475 |
| 深刻度 | 高 (CVSS 7.5) |
| 対応 | Hollo 0.6.19 にアップグレード |
コゲラさん
#misskey写真部 #photography #birdphotography #birds #野鳥
We have released Hollo 0.6.19 to address a security vulnerability in Fedify's HTML parsing code.
This vulnerability (CVE-2025-68475) is a ReDoS (Regular Expression Denial of Service) issue that could allow an attacker to cause service unavailability by sending specially crafted HTML responses during federation operations. The malicious payload is small (approximately 170 bytes) but can block the Node.js event loop for extended periods.
We strongly recommend all Hollo operators upgrade to version 0.6.19 immediately.
| Field | Details |
|---|---|
| CVE | CVE-2025-68475 |
| Severity | High (CVSS 7.5) |
| Action | Upgrade to Hollo 0.6.19 |
Fedify의 HTML 파싱 코드에서 발견된 보안 취약점을 수정한 Hollo 0.6.19를 릴리스했습니다.
이 취약점(CVE-2025-68475)은 ReDoS(정규 표현식 서비스 거부) 문제로, 공격자가 연합 작업 중 특수하게 조작된 HTML 응답을 보내 서비스 장애를 유발할 수 있습니다. 악성 페이로드는 작지만(약 170바이트), Node.js 이벤트 루프를 장시간 차단할 수 있습니다.
모든 Hollo 운영자분들께 즉시 버전 0.6.19로 업그레이드하실 것을 강력히 권고드립니다.
| 항목 | 상세 |
|---|---|
| CVE | CVE-2025-68475 |
| 심각도 | 높음 (CVSS 7.5) |
| 조치 | Hollo 0.6.19로 업그레이드 |
We have released Hollo 0.6.19 to address a security vulnerability in Fedify's HTML parsing code.
This vulnerability (CVE-2025-68475) is a ReDoS (Regular Expression Denial of Service) issue that could allow an attacker to cause service unavailability by sending specially crafted HTML responses during federation operations. The malicious payload is small (approximately 170 bytes) but can block the Node.js event loop for extended periods.
We strongly recommend all Hollo operators upgrade to version 0.6.19 immediately.
| Field | Details |
|---|---|
| CVE | CVE-2025-68475 |
| Severity | High (CVSS 7.5) |
| Action | Upgrade to Hollo 0.6.19 |
Shoutout to the amazing mod team here at mastodon.social ❤️
Karma is real 🤣
Fedify의 HTML 파싱 코드에서 발견된 보안 취약점을 수정한 Hollo 0.6.19를 릴리스했습니다.
이 취약점(CVE-2025-68475)은 ReDoS(정규 표현식 서비스 거부) 문제로, 공격자가 연합 작업 중 특수하게 조작된 HTML 응답을 보내 서비스 장애를 유발할 수 있습니다. 악성 페이로드는 작지만(약 170바이트), Node.js 이벤트 루프를 장시간 차단할 수 있습니다.
모든 Hollo 운영자분들께 즉시 버전 0.6.19로 업그레이드하실 것을 강력히 권고드립니다.
| 항목 | 상세 |
|---|---|
| CVE | CVE-2025-68475 |
| 심각도 | 높음 (CVSS 7.5) |
| 조치 | Hollo 0.6.19로 업그레이드 |
FedifyのHTMLパースコードにおけるセキュリティ脆弱性に対応したHollo 0.6.19をリリースしました。
この脆弱性 (CVE-2025-68475) は ReDoS (正規表現によるサービス拒否) の問題であり、攻撃者がフェデレーション操作中に特別に細工されたHTMLレスポンスを送信することで、サービス停止を引き起こす可能性があります。悪意のあるペイロードは小さい (約170バイト) ですが、Node.jsのイベントループを長時間ブロックする可能性があります。
すべてのHollo運営者の皆様には、直ちにバージョン 0.6.19 へのアップグレードを強くお勧めします。
| 項目 | 詳細 |
|---|---|
| CVE | CVE-2025-68475 |
| 深刻度 | 高 (CVSS 7.5) |
| 対応 | Hollo 0.6.19 にアップグレード |
We have released Hollo 0.6.19 to address a security vulnerability in Fedify's HTML parsing code.
This vulnerability (CVE-2025-68475) is a ReDoS (Regular Expression Denial of Service) issue that could allow an attacker to cause service unavailability by sending specially crafted HTML responses during federation operations. The malicious payload is small (approximately 170 bytes) but can block the Node.js event loop for extended periods.
We strongly recommend all Hollo operators upgrade to version 0.6.19 immediately.
| Field | Details |
|---|---|
| CVE | CVE-2025-68475 |
| Severity | High (CVSS 7.5) |
| Action | Upgrade to Hollo 0.6.19 |
Fedify의 HTML 파싱 코드에서 발견된 보안 취약점을 수정한 Hollo 0.6.19를 릴리스했습니다.
이 취약점(CVE-2025-68475)은 ReDoS(정규 표현식 서비스 거부) 문제로, 공격자가 연합 작업 중 특수하게 조작된 HTML 응답을 보내 서비스 장애를 유발할 수 있습니다. 악성 페이로드는 작지만(약 170바이트), Node.js 이벤트 루프를 장시간 차단할 수 있습니다.
모든 Hollo 운영자분들께 즉시 버전 0.6.19로 업그레이드하실 것을 강력히 권고드립니다.
| 항목 | 상세 |
|---|---|
| CVE | CVE-2025-68475 |
| 심각도 | 높음 (CVSS 7.5) |
| 조치 | Hollo 0.6.19로 업그레이드 |
We have released Hollo 0.6.19 to address a security vulnerability in Fedify's HTML parsing code.
This vulnerability (CVE-2025-68475) is a ReDoS (Regular Expression Denial of Service) issue that could allow an attacker to cause service unavailability by sending specially crafted HTML responses during federation operations. The malicious payload is small (approximately 170 bytes) but can block the Node.js event loop for extended periods.
We strongly recommend all Hollo operators upgrade to version 0.6.19 immediately.
| Field | Details |
|---|---|
| CVE | CVE-2025-68475 |
| Severity | High (CVSS 7.5) |
| Action | Upgrade to Hollo 0.6.19 |
We have released Hollo 0.6.19 to address a security vulnerability in Fedify's HTML parsing code.
This vulnerability (CVE-2025-68475) is a ReDoS (Regular Expression Denial of Service) issue that could allow an attacker to cause service unavailability by sending specially crafted HTML responses during federation operations. The malicious payload is small (approximately 170 bytes) but can block the Node.js event loop for extended periods.
We strongly recommend all Hollo operators upgrade to version 0.6.19 immediately.
| Field | Details |
|---|---|
| CVE | CVE-2025-68475 |
| Severity | High (CVSS 7.5) |
| Action | Upgrade to Hollo 0.6.19 |
Over 91% There! We're making great progress, please help us get there!
윈도 태블릿의 장점
원격 데스크톱으로 해상도 확장 가능
#misskey写真部 #photography
これは入曽に来て飲むべし!
となるものの一つのように感じた。
紙コップパッケージもう少しどうにかならんかなあ。
堀兼の石田園さんの抹茶だそう。
#大垣書店入曽店
7年以上前の記事だけど、「 #Vivaldi 
は結局 Chrome/Chromium だから」という話が最近 Firefox のバタバタの絡みで出てくるのを目にしてついこの記事を思い出した
VivaldiブラウザはChromiumで開発していますが、Chromeではありません | Vivaldi Browser
https://vivaldi.com/ja/blog/vivaldi-different-from-chrome/
Driving myself crazy trying to remember the name of a social media reader project. Things I (think I) remember about it:
1. Conceptually, it was basically an RSS reader but had the ability to aggregate social media sites that didn't use RSS.
2. It ran as a browser plugin, not a standalone app or website.
3. It had a very "a trans catgirl wrote this" name and aesthetic, that did not make it obvious what the project actually was. Think like "pink robot kitten explosion" except, like. Not that, obviously.
4. I've seen the engine (?) of it repackaged as a plugin/extension for other feed reader apps.
And yes I am aware the above sounds like a fever dream but I swear to gods this was (is?) real and did (does?) exist and, fedi, if there's one place on the internet that may be able to remember this for me wholesale, I believe it to be you. Halp?
Edit: Found it! Knew you'd come through, fedi!
Making great progress on the new #Pixelfed web redesign!
Nuxt is so heckin awesome 👏
A terminal emulator that runs in your terminal. Powered by Turbo Vision
Link: https://github.com/magiblot/tvterm
Discussion: https://news.ycombinator.com/item?id=46301847
speaking of shoulds, I've been occasionally tempted by the prospect of buying a Playdate. i'm sure some of you have been paying attention to it more than I am - is it a good gimmicky small game handheld?
maybe it should be whichever word instagram uses
Q: 누카-콜라에 한 표를 던집니다 #neo_quesdon
神戸関電ビル
2025/11/16 撮影
FUJIFILM X-A5+XC50-230mmF4.5-6.7OISⅡ
maybe “login” is another one
진귀한 것을 샀습니다
しゅいろ
Paolo Melchiorre
白長谷
Andreas Freise
시오
洪 民憙 (Hong Minhee) 
GENKI
