Took the article pointing out that the c and r were transposed for me to even notice there was a problem!
Readit Newsarjvik commented on Ghrc.io appears to be malicious bmitch.net/blog/2025-08-2... · Posted by u/todsacerdoti
arjvik commented on Vendors that treat single sign-on as a luxury feature sso.tax/... · Posted by u/vinnyglennon
Some of these numbers don’t quite make sense. AppSmith has the highest percentage increase (16567%) but that’s because the minimum is 100 seats, so the actual number is $25/mo or 66% increase. How often do vendors enforce these minimums? I’ve never had a problem getting past them (at least with small to medium sized SaaS companies) when contacting sales as long as I had a few tens of users.
I really appreciate Cloudflare not putting SSO behind a paid subscription because using their Cloudflare Access product with Github SSO has been the easiest way to secure my personal services running on a VM.
Out of curiosity, why GitHub as the SSO provider? Am thinking about local SSO for my homelab and was debating passkeys vs tying to Google accounts.
arjvik commented on "Remove mentions of XSLT from the html spec" github.com/whatwg/html/pu... · Posted by u/troupo
I think this post is useful where the thread author proposed some solutions to the people affected: https://github.com/whatwg/html/issues/11523#issuecomment-318...
The main thing that seems unaddressed is the UX if a user opens a direct link to an XML file and will now just see tag soup instead of the intended rendering.
I think this could be addressed by introducing a <?human-readable ...some url...?> processing instruction that browsers would interpret like a meta tag redirect. Then sites that are interested could put that line at the top of their XML files and redirect to an alternative representation in HTML or even to a server-side or WASM-powered XSLT processor for the file.
Sort of like an inverse of the <link rel="alternate" ...> solution that the post mentioned.
The only thing this doesn't fix is sites that are abandoned and won't update or are part if embedded devices and can't update.
Purely out of curiosity, what are some websites that actually make use of XSLT?
arjvik commented on Lab-grown salmon hits the menu smithsonianmag.com/smart-... · Posted by u/bookmtn
arjvik commented on Lab-grown salmon hits the menu smithsonianmag.com/smart-... · Posted by u/bookmtn
> A handful of states, including Florida and Alabama, have banned or are considering bans on the creation and sale of the alternative protein.
Ouch. Red states are pro-deregulation, until laissez-faire innovation offends their beliefs.
Isn't this just Mixture-of-Depths but for DiTs?
If so, what are the DiT specific changes that needed to be made?
arjvik commented on I accidentally became PureGym’s unofficial Apple Wallet developer drobinin.com/posts/how-i-... · Posted by u/valzevul
> A Pass Type ID certificate from Apple Developer Portal
How much does this cost? I'd love to create Apple Wallet passes for things, but I'm weary of setting up a Apple Developer account and paying even more fees for just this.
arjvik commented on Vaultwarden commit introduces SSO using OpenID Connect github.com/dani-garcia/va... · Posted by u/speckx
arjvik commented on Vaultwarden commit introduces SSO using OpenID Connect github.com/dani-garcia/va... · Posted by u/speckx
SSO is really important in the "few tools, many users" case, but just as important in the "many tools, few users" case. I'm self hosting dozens of tools, and without SSO I'd have to set up username, password, TOTP and WebAuthn for each and every one of them, my 2FA app would be 90% my own services.
With SSO though, it's much simpler. I can just run an OIDC server and log into all my self-hosted services once, and I can use all of them. Vaultwarden is an exception to the rule though, as you can't really bootstrap that in the individual case.
Another use case I'm currently exploring is for sharing netflix/prime/disney+ passwords with roommates, partners and friends. They just sign in with their Google/Apple/whatever account and get access to the shared streaming provider passwords.
What's your (OSS?) OIDC server of choice?
Authelia? Authentik? Keycloak? (These are the three I see a lot about.) Something else?
I think ESP32 is really the one to beat.
Arduino have been lazily cashing in on their brand name for many years.
Looking for a successor to the RPi - good documentation, easy to write bare metal for (no SDK), no surprises.