Readit News logoReadit News
larntz commented on Replacing tmux in my dev workflow   bower.sh/you-might-not-ne... · Posted by u/elashri
tristan957 · a month ago
What is the benefit of this over pbcopy and wl-copy?
larntz · a month ago
If you're working locally I can't think of much. OSC52 works to copy to your local clipboard from a remote system (e.g., over ssh) from within tmux or nvim as long as you are using a terminal that supports it.

I use it to copy from remote system when I'm in nvim (`"+y`).

Here are a couple links that relate to tmux and nvim.

- tmux: https://github.com/tmux/tmux/wiki/Clipboard

- nvim: https://neovim.io/doc/user/provider.html#clipboard-osc52

larntz commented on I scanned all of GitHub's "oops commits" for leaked secrets   trufflesecurity.com/blog/... · Posted by u/elza_1111
bapak · 2 months ago
Repo secrets are just stored on someone's computer and they obviously have the keys. This is what I mean.

Same for your vault. The vault might be encrypted, but at some point you have to give the keys to the vault.

Your secrets are not safe from someone if someone needs them to run your code.

larntz · 2 months ago
> Your secrets are not safe from someone if someone needs them to run your code.

This is true. I don't disagree with that or you're assessment of repo secrets.

My comment was in the context of the grandparent committing secrets to a private repo which is a bad practice (regardless of visibility). You could do that for tests, sure (I would suggestion creating random secrets for each test when you can), but then you're creating a bad habit. If you can't use random secrets for tests repo secrets would be acceptable, but I wouldn't use them beyond that.

For CI and deploys I would opt for some kind of secret manager. CI can be run on your own infrastructure, secret managers can be run on your own infrastructure, etc...

But somewhere in the stack secret(s) will be exposed to _someone_.

larntz commented on I scanned all of GitHub's "oops commits" for leaked secrets   trufflesecurity.com/blog/... · Posted by u/elza_1111
sunbum · 2 months ago
Nope. Because if you push an AWS key then it gets automatically revoked by AWS.
larntz · 2 months ago
I wouldn't rely on anything other than rotating leaked credentials.
larntz commented on I scanned all of GitHub's "oops commits" for leaked secrets   trufflesecurity.com/blog/... · Posted by u/elza_1111
bapak · 2 months ago
Secrets gotta live somewhere. Are you supplying them every time you deploy or run CI?
larntz · 2 months ago
Yes. Either via a secret manager (eg vault) or configured as repo secrets if that kind of infra isn't available.

https://docs.github.com/en/actions/how-tos/security-for-gith...

Never commit secrets for any reason.

larntz commented on How to Run DeepSeek R1 Distilled Reasoning Models on RyzenAI and Radeon GPUs   guru3d.com/story/amd-expl... · Posted by u/waltercool
shosca · 7 months ago
in my case with a 6900xt:

1. sudo pacman -S ollama-rocm

2. ollama serve

3. ollama run deepseek-r1:32b

larntz · 7 months ago
Does that entire model fit in gpu memory? How's it run?

I tried running a model larger than ram size and it loads some layers into the gpu but offloads to the cpu also. It's faster than cpu alone for me, but not by a lot.

larntz commented on How to Run DeepSeek R1 Distilled Reasoning Models on RyzenAI and Radeon GPUs   guru3d.com/story/amd-expl... · Posted by u/waltercool
larntz · 7 months ago
I wrote a similar post about a week ago, but for an [unsupported] Radeon RX 5500 with 4Gi RAM with ollama and fedora 41. Can only run llama:3.2 or deepseek-r1:1.5b, but they're pretty usable if you're ok with a small model and it's for personal use.

I didn't go into detail about how to setup openweb-ui, but there is documentation for the on the project's site.

https://blue42.net/linux-ollama-radeon-rx5500/post/

larntz commented on Ask HN: Recommendations for a Linux Distro and Laptop?    · Posted by u/lemonberry
montroser · 7 months ago
I don't know why I never see anyone recommend it, but plain fedora with the default gnome is pretty great. In terms of design and usability, it's solid. You can't customize every little thing, so compared to other setups it's not as flexible in that way. But if you want something that is stable and boring so you can get to the stuff you actually have to do, fedora is a decent choice.
larntz · 7 months ago
This is what I'm using on a old-ish Dell Latitude. Everything works except the fingerprint reader, but I knew that going in and I'm ok with it.
larntz commented on We Need to Talk About Docker Hub   linuxserver.io/blog/we-ne... · Posted by u/darthShadow
8organicbits · 7 months ago
> none of them invented Docker

I think that depends on what you mean by docker. Lots of similar things existed before, just less formalized and less centralized.

larntz · 7 months ago
Which makes me wonder, would docker have gained traction if they didn't offer free registry services?
Posted by u/larntz 7 months ago
Trump pardons Silk Road founder Ulbricht for online drug schemereuters.com/world/us/trum...
larntz commented on United Health CEO Decries "Aggressive" Media Coverage in Leaked Recording   kenklippenstein.com/p/vid... · Posted by u/christhecaribou
forgetfreeman · 9 months ago
You might benefit from a closer examination of what an oligarchy is and how the US political system functions in the context of campaign finance, lobbyist groups involvement with drafting legislation, and the conveyor between the legislative branch and private industry jobs. If you have the constitution for rummaging through tweedy academic thickets you might also consider reviewing the Princeton papers that deconstruct the US political apparatus and indicate pretty vividly that the US is, in fact, an oligarchy. Lastly, given the combination of wealth inequality in the US and the Supreme Court rulings on money == speech and political influence == speech it's pretty trivial to conclude that money == political influence and the top 0.1% has more of both. To be clear, this is an indictment of both major political parties in the US, as they operate functionally identical campaign finance strategies.
larntz · 9 months ago
Are you referring to the Panama Papers? I searched for Princeton Papers but didn't find anything similar to you comment.
l

u/larntz

KarmaCake day221April 19, 2018View Original