|
Volguus posted:Hey, at least you can safely say that their application was written by drunken monkeys. With JSON, odds are that they were sober. They knew what they were doing. And that's even more frightening. Nobody knows what they're doing. We're all just faking it and pretending to care until the weekend. Realizing this is when you truly become a greybeard.
|
#
?
Dec 30, 2023 02:05
|
|
|
|
| # ? May 29, 2024 17:02 |
|
|
Does anyone here have good knowledge using ffmpeg? I can have scripts run ffmpeg, but now I can no longer run it in Terminal in macOS. I've tried installing the Xcode command line tools, and the newest version of Xcode. I'm not sure if it has anything to do with it. My usual command I've tried: code:code:
|
|
#
?
Dec 31, 2023 19:05
|
|
|
How did you install ffmpeg? Did you build from source or use Brew/MacPorts? Are you able to run the same command outside your scripts? That error is indicating a runtime linker error with a dependency; as a first attempt id run ‘brew doctor’ if this just broke after an update or something; then, if persists, see if you are able to install libtheora yourself (either manually or possibly indicating to your package manager that you need it, if possible) If it _is_ installed you may need to update your DYLD_LIBRARY_PATH (if it only breaks inside your script there might be some envvar issues)
|
|
#
?
Dec 31, 2023 19:28
|
|
|
edit: It's working now! changed permissions to theora folder in usr/local. Dijkstracula posted:How did you install ffmpeg? Did you build from source or use Brew/MacPorts? Are you able to run the same command outside your scripts? I installed it with brew a while back. I'm testing the command in Terminal outside my scripts, and that's where it fails. I think it started happening when I updated macOS. brew doctor says that lobsoxr is missing, and that I should install it. Attempting to install it tells me No such file or directory - /usr/local/var/homebrew/linked/libsoxr I did brew cleanup, and it says I should install theora, after brew reinstall theora, I got a bunch of permission errors: Failure while executing; `/usr/bin/env cp -pR /private/tmp/d20231231-97393-kofsds/theora/. /usr/local/Cellar/theora` exited with 1. Here's the output: cp: /usr/local/Cellar/theora/./1.1.1/lib/libtheoraenc.a: Permission denied cp: /usr/local/Cellar/theora/./1.1.1/lib/pkgconfig/theoradec.pc: Permission denied cp: /usr/local/Cellar/theora/./1.1.1/lib/pkgconfig/theora.pc: Permission denied cp: /usr/local/Cellar/theora/./1.1.1/lib/pkgconfig/theoraenc.pc: Permission denied cp: /usr/local/Cellar/theora/./1.1.1/lib/libtheora.a: Permission denied cp: /usr/local/Cellar/theora/./1.1.1/lib/libtheoradec.a: Permission denied It seems like it keeps going back to something wrong within Cellar. Good Sphere fucked around with this message at 20:21 on Dec 31, 2023 |
|
#
?
Dec 31, 2023 20:00
|
|
|
Use the static build? https://evermeet.cx/ffmpeg/
|
|
#
?
Dec 31, 2023 20:15
|
|
|
Good Sphere posted:I installed it with brew a while back. I'm testing the command in Terminal outside my scripts, and that's where it fails. I think it started happening when I updated macOS. What did you update from and to? A recent ish OSX upgrade locked down /usr/local. You might need to reapply permissions to allow using /usr/local edit: brew now installs by default to /opt/homebrew instead of using /usr/local, but that might be an M1 vs intel thing? Yeah, that's an arm vs x86 thing. Brew doctor should detect the permissions issue and suggest how to fix it. If its displaying several issues it might be easy to miss? necrotic fucked around with this message at 20:27 on Dec 31, 2023 |
|
#
?
Dec 31, 2023 20:21
|
|
|
necrotic posted:What did you update from and to? A recent ish OSX upgrade locked down /usr/local. You might need to reapply permissions to allow using /usr/local Yup, that's what I did and it's working now.  Thanks!!
|
|
#
?
Dec 31, 2023 20:23
|
|
|
Good Sphere posted:Yup, that's what I did and it's working now. Great! Yeah I think it was Big Sur where they changed the perms of /usr/local on upgrade? Its been a while though so I don't remember exactly.
|
|
#
?
Dec 31, 2023 20:28
|
|
|
necrotic posted:Great! Yeah I think it was Big Sur where they changed the perms of /usr/local on upgrade? Its been a while though so I don't remember exactly. yeah, I was gonna say, I remember hitting these permissions issues too - glad you figured it out!
|
|
#
?
Dec 31, 2023 20:58
|
|
|
Does this service exist? I'm a former system administrator that has gotten into development. I know I want to make a mobile web application that's using HTML, CSS, JavaScript and React. I know that I will need some kind persistent SQL Database. Is there some kind of service that can setup an entirely pre-created environment? What I would like is the ability to have a pre-designed placeholder app in something like an Azure Subscription that is already running, connected to Azure SQL DB along with a pipeline already connected to Azure DevOps. Granted, I could do all of this myself but this would save a chunk of time.
|
|
#
?
Jan 2, 2024 21:10
|
|
|
that's why infra as code exists generally more specifically, you might find the az dev cli useful: https://learn.microsoft.com/en-us/azure/developer/azure-developer-cli/overview
|
|
#
?
Jan 2, 2024 21:12
|
|
|
Right I get that but has no one made some kind of templated approach that gives me the terraform basics and I can just build on top of that?
|
|
#
?
Jan 2, 2024 21:25
|
|
|
that's what modules are and there are a million of them of varying quality also, the dev cli I linked above has templates for some configs
|
|
#
?
Jan 2, 2024 21:32
|
|
|
However, the reality is that if your goal is to learn the tools you mentioned above just run your stuff locally in docker. I'm sure there's a docker compose template for whatever stack you want. If your goal is to also learn the azure services, you should take the time to learn how to deploy them yourself with terraform without using anyone elses module/templates.
|
|
#
?
Jan 2, 2024 21:37
|
|
|
Is it possible to include a control in an email that if clicked will add data to a cell on a googlesheet?
|
|
#
?
Jan 3, 2024 21:51
|
|
|
Not without having something in between Literally why there are a millions forms/survey service options.
|
|
#
?
Jan 3, 2024 23:01
|
|
|
This stackoverflow post implies that it is possible, as they apparently do offer some HTTP API for doing this. Haven't tried it though.
|
|
#
?
Jan 3, 2024 23:21
|
|
|
I don't know all of the details of that API, but unless you can include everything you need as uri parameters it won't work, and the stackoverflow post at least includes an auth token in the headers and json in the body.
|
|
#
?
Jan 3, 2024 23:25
|
|
|
The Fool posted:I don't know all of the details of that API, but unless you can include everything you need as uri parameters it won't work, and the stackoverflow post at least includes an auth token in the headers and json in the body. Yes, that implies a level of .... openess (to put it mildly) for that google spreadsheet. Not an email that would be send to the world. Not data that would be trusted for anything serious, but probably fine to ask your friends how many drinks they had last year. Or maybe google is smart enough to auth people who would use that API? Let's say if one does not include the token in the API? Worth a try I presume. edit: anyway, since neither me nor The Fool know this API is just speculation what we're doing here. Based on nothing much but past experience and how this poo poo "should" work. Will it behave logically? Who knows? It's google so anything is possible.
|
|
#
?
Jan 3, 2024 23:29
|
|
|
That API is intended for server side / scripting interactions with a user authenticated to _your app_, not Google itself. https://developers.google.com/sheets/api/quickstart/js It’s not for beacons like what’s asked for here, at least without your own backend page that is authed to work with the API. necrotic fucked around with this message at 01:28 on Jan 4, 2024 |
|
#
?
Jan 4, 2024 01:25
|
|
|
I'm asking because I'm dealing with boomers and anything more than a link or button they can click in an email is something they'll refuse to engage with.
|
|
#
?
Jan 4, 2024 18:33
|
|
|
Link to a lambda/function app and do whatever you want with it
|
|
#
?
Jan 4, 2024 18:44
|
|
|
Are these the same boomers who are finally learning to never click on random links in email because 99.99% of the time it's a phishing attack? Unless you send them to a real website it seems like engagement could suffer, especially if most of the audience has been using MSOffice for decades and is scared of "all that cloud stuff".
|
|
#
?
Jan 6, 2024 08:07
|
|
|
The Fool posted:that's what modules are and there are a million of them of varying quality Good point.  The Fool posted:However, the reality is that if your goal is to learn the tools you mentioned above just run your stuff locally in docker. I'm sure there's a docker compose template for whatever stack you want. Good point x2. And now I understand why developers love containers. The Fool posted:If your goal is to also learn the azure services, you should take the time to learn how to deploy them yourself with terraform without using anyone elses module/templates. Let me share some backstory - I'm making a basic SPA Web App with HTML, CSS, JavaScript, React, etc. and using Azure SQL DB. The example I've seen so far are pretty straight forward on making an demo app. My app at end of the day is just recording data daily that amounts to not much more than a few dozen string and integers but my next follow-up question is how do I ensure an app will scale to a 1,000 users, 10k or more? How would you test this?
|
|
#
?
Jan 11, 2024 07:37
|
|
|
there's no way to "ensure" your system will scale to an arbitrary number of users. You could come up with some SLOs ("how long should the slowest 90% of all request take to complete", etc) and then build some load testing infrastructure to see how close to the mark you hit, but that's a waste of time for you. without knowing exactly what it is you're building, if a user is truly just updating a row or two (presumably unique to and keyed on that user's id, so no expensive DB joins, shared data, etc) once a day then there is no storage stack in the world that will not accommodate 10,000 or more users. Storing this data as a flat text file that gets written to a hard drive could keep up with that. (The real answer is that because your data is, by the sounds of it, structured entirely around a user, sharding the database when a single DB can't keep up is what would be done. But given what you've told us, you will not hit this situation, so don't worry about it. Even if you were building something more complicated, still, don't worry about it.)
|
|
#
?
Jan 11, 2024 15:20
|
|
|
as above, 10k users doesn't require anything special Since you're on azure, they have a load test service that you can leverage: https://azure.microsoft.com/en-us/products/load-testing
|
|
#
?
Jan 11, 2024 15:27
|
|
|
What you said does make sense, I suppose you have to "judge" the performance of an application. It's just that in my the back of mind as a former System Administrator I've been thinking to myself as I'm writing this program... "Users will likely login once a day through Instagram and basically do simple data entry. At worse, it's 12 unique strings and that are no more than a paragraph and a few integers. I know that's likely no more than a few kilobytes and the data is formatted as super small efficient JSON payloads which can go across the internet no problem. Storage should be cheap too." scaling shouldn't be an issue just because how small everything is today with current hardware. That said, and I realized this is super open ended once I do have a completed program what's the next step to having something on the Google Play or Apple App Store that is available for purchase? What kind of weeds is one getting themselves into here along with a bank account for the purchases to be stored?
|
|
#
?
Jan 11, 2024 23:53
|
|
|
Gucci Loafers posted:That said, and I realized this is super open ended once I do have a completed program what's the next step to having something on the Google Play or Apple App Store that is available for purchase? What kind of weeds is one getting themselves into here along with a bank account for the purchases to be stored? Optimally it's pretty straightforward, especially if you're publishing personally (as a company there's some verification that can be annoying). You'll need some screenshots and some way for store cops to test the app (e.g. a test account they can log into). If app review gets annoyed about something, it can take some back and forth as they argue rule 2.19.c forbids your app and you explain that it's not a slot machine app so that shouldn't apply. Apple guidelines are at https://developer.apple.com/app-store/review/guidelines/ and I think this is where you'd start for the Play Store https://support.google.com/googleplay/android-developer/answer/9859455?hl=en There's an Apple dev thread in the subforum if you run into anything on that side, I dunno what the overlap is with this thread but might get different answers.
|
|
#
?
Jan 12, 2024 00:11
|
|
|
I am trying to create an OData filter string for "Id in (\'1234\',\'abcdef\')" from an array of IDs in Power Automate and no combination of replace/decodeUriComponent that I have come up with has produced a useable string with a single slash when sent. Anyone dealt with their weird handling of escape characters before?
|
|
#
?
Jan 12, 2024 03:12
|
|
|
Gucci Loafers posted:Let me share some backstory - I'm making a basic SPA Web App with HTML, CSS, JavaScript, React, etc. and using Azure SQL DB. does azure offer some kind of API-service-layer automatically that can handle data sanitization? asking because if they don't, then in this js-frontend-sql-backend stack, my next question is what is sanitizing incoming data/making sure you're not just eating attack data? especially if you're showing whatever the recorded daily data is to other users
|
|
#
?
Jan 12, 2024 03:24
|
|
|
pokeyman posted:Optimally it's pretty straightforward, especially if you're publishing personally (as a company there's some verification that can be annoying). You'll need some screenshots and some way for store cops to test the app (e.g. a test account they can log into). This also seems straight forward given I am making a data entry app. Their documentation seems to emphasis don't make anything malicious or stuff like abusing corporate logos. Tempora Mutantur posted:does azure offer some kind of API-service-layer automatically that can handle data sanitization? I have no idea. I am that new of a developer as I can make... or I am making the program but it's stuff like this or things like setting up a business bank account that's connected to the app that are my next challenges with app development. Gucci Loafers fucked around with this message at 04:31 on Jan 12, 2024 |
|
#
?
Jan 12, 2024 04:28
|
|
|
Gucci Loafers posted:This also seems straight forward given I am making a data entry app. Their documentation seems to emphasis don't make anything malicious or stuff like abusing corporate logos. Do not underestimate the capriciousness of app review. I think you'll be fine, but give your timeline an extra week for a round trip or two before the first version gets through. Sometimes they're funny. Apple app review got me once with the goat man.
|
|
#
?
Jan 12, 2024 07:36
|
|
|
Gucci Loafers posted:I have no idea. I am that new of a developer as I can make... or I am making the program but it's stuff like this or things like setting up a business bank account that's connected to the app that are my next challenges with app development. I know it wasn't actually what you asked but it popped into my head because you need *something* that's going to safeguard input which is going to affect performance for load/scalability testing, and it's also a point to get easier metadata about actually valid requests/otherwise deal with anything you need to change in the future to keep with your stack, you can use Node (backend javascript library) with Azure Functions (so you don't have to focus much on actual server/container deployment for a backend and can just write what you need it to do and treat it like any other server in the context of inbound web requests) where the general architecture is: client browser -> "Service API Layer" (in this case, an azure function, though it could also be a full on server running on a VM/container/whatever) -> DB layer the reasoning here is: 1) security. your API layer should be the only thing that's publicly accessible, and all data the SPA uses is only sent from/to the API layer. the API layer is the only thing that can speak to the DB. this means your DB can avoid being exposed publicly, which means that as long as you do data sanitization on requests in your API layer (to prevent stuff like sql injection or various malicious attacks you can read about on owasp, you should be protected against most common attacks (aside from the platform itself, which isn't your concern or under your control, or any issues in your actual function scripting which is absolutely your concern and in your control, along with properly configuring security/permissions on your cloud) 2) security, again. just to be clear since you said you're making a SPA: everything in the browser is hostile. you cannot trust the web app to do anything for you because a malicious actor can use the magic of "press F12 in the browser and gently caress around in console" to do things like send data to your endpoints or just otherwise pick apart your code. this way, while you still want to do whatever frontend security you can, you can use your API layer to harden services like noted above. also certain things will require changes on front + back for security needs, but I'm not clear on the level of security you need e.g. do users have to auth or is it just a public portal (with no login/auth) since these are different issues to solve. 3) metadata now and flexibility later. let's say you want to know how many actually valid requests you get, or eventually you want to do something like send email notifications based on specific data you receive. while you could have something polling your DB or use DB triggers, it's (imo) a lot easier to have your input layer automatically handling data gathering like this, whether it's writing stuff to a logging table or using some kind of log aggregator like splunk/kibana or a cloud option or whatever. plus, by doing it in a service layer in a language that you're already working with/familiar with, instead of needing to learn DB-level stuff (which as a generalist ofc I encourage you to, heh) you can focus on javascript and control it at this layer, requiring less cognitive load for maintenance and updating later (plus I'm of the mindset it's a lot easier on your brain to design things where "the database is just a big ol bag of data, devoid of logic, all logic lives in my API service layer so that all application logic is in one general location," since it *sucks massive rear end* when someone who thinks they're smart puts 30% of the logic in the DB, 50% of the logic in the app, and 20% of the logic spread across different libraries buried in dependencies, with no testing or documentation so you just have to Figure It Out. anyway. good luck man, hopefully that's more helpful than overwhelming, my will to edit much more is waning so uh, hopefully that wall of text is more useful than overwhelming or annoying. technically the #1 priority is to Just Make poo poo Work, so you can actually ignore everything I wrote here, but if you're seriously talking about thousands of users, security should be pretty front of mind since *someone* is going to attack you the more people know about you.
|
|
#
?
Jan 12, 2024 20:09
|
|
|
That's a super informative reply. I haven't been thinking about SQL Injection attacks at all. If this is a whole website wouldn't I just want to host this as an Azure App Service over Azure functions?
|
|
#
?
Jan 13, 2024 04:59
|
|
|
Gucci Loafers posted:That's a super informative reply. I haven't been thinking about SQL Injection attacks at all. If this is a whole website wouldn't I just want to host this as an Azure App Service over Azure functions? to your overall question about Azure App Service, no idea. I don't really know the MS ecosystem, just experience in AWS and google cloud, but at a glance it looks like AAS is like a full pipeline you can pay for? sounds kind of neat maybe, depending on what they lock you into. I can't give you a good answer really because beyond not knowing that product, I'm biased towards having in-house pipelines, so I would recommend setting up and doing stuff yourself instead of using prebuilt stuff (not from scratch but learning how to use the cloud services manually like the fool mentioned) but ymmv/ultimately your goal is a product and if AAS works for you, go for it. but yes, you'd likely be able to use azure functions if your use case doesn't require some heavier weight backend service that requires an actual server (which to the broad notion of "user uploads data daily" is probably fine for an azure function that feeds the data to a DB) also when you say "website," you gotta be a little more specific in intent; most generically based on the single use case you've given, you could say you're building a "daily record upload web application" which is comprised of a static frontend website that accepts and passes user data to a backend service (azure function) which sanitizes and persists that data to a db. I say that because a website is just some HTML hosted somewhere that's maybe or maybe not running scripts that connect to external services/databases. imo if you can serve your frontend out of AWS S3 buckets/Azure blob storage/equivalents like that (I've only used S3 buckets, google says blob is the equivalent) that's preferable because it's very cheap and you can route https://www.whatever.tld to the bucket and still use HTTPS*. * on AWS at least, HTTPSing to a bucket involves three separate services, but I imagine that MS cloud also has quick tutorials similar to this AWS one: https://www.freecodecamp.org/news/simple-site-hosting-with-amazon-s3-and-https-5e78017f482a/ so if you found an MS cloud equivalent of the services you could do that (and maybe MS doesn't require the CDN like AWS, I dunno, or maybe AAS supports this, no idea) that all said, some googling shows this article from march 2023 about setting up what you're talking about (static website that connects to a db via azure function): https://learn.microsoft.com/en-us/azure/static-web-apps/database-azure-sql?tabs=bash&pivots=static-web-apps-rest but I barely glanced through it. what level of security they offer/tell you to configure, no idea. I have lazy enterprise dev brain and just do what I know until I have to google something new.
|
|
#
?
Jan 13, 2024 06:30
|
|
|
azure app service is a more traditional "here is some compute that you pay by hour for and if you turn it off your site is not available" it supports .net python node and a couple others deployed directly, and can also run containers it is what I would recommend for more monolithic app designs, or if portability is a concern azure functions only run when triggered, and work well for microservice designs you deploy your static content to blob storage or similar and build endpoints as function triggers that do your logic, those functions in turn access whatever backend resources they need (like your db) outside of forcing certain design choices, like separation of concerns, I wouldn't consider azure functions to be inherently more secure than any other deployment method, and functions are definitely harder to move to other services of that is a concern
|
|
#
?
Jan 13, 2024 16:56
|
|
|
oh yeah, local development for functions is trickier because you either need to just deploy to test or run an emulator
|
|
#
?
Jan 13, 2024 16:57
|
|
|
The Fool posted:outside of forcing certain design choices, like separation of concerns, I wouldn't consider azure functions to be inherently more secure than any other deployment method, and functions are definitely harder to move to other services of that is a concern this is all true to be clear when I say "you need a layer to sanitize data blah blah blah" those words are obfuscating the amount of thought and work necessary to go into safeguarding anything you build and expose to the public, though reading through owasp practices is an excellent way to get the basics of what you need to do to safeguard a system against the most common stuff/the programming equivalent of not leaving your car doors unlocked when you walk away The Fool posted:oh yeah, local development for functions is trickier because you either need to just deploy to test or run an emulator this is also true. I recommend lambdas/functions/serverless a lot but really hate working on them, it's kind of funny. I always prefer to stand up an actual server for my services, containerized or just a plain ol VM, both for this reason as well as because it's more portable (or at least as portable as I make it, which is also why I use java since I can shuffle things around at various points, whether it's the servlet itself or the nix distro of the image or whatever else). gucci if you're definitely sticking with MS stack, C# is a wonderful language and I like working with it a lot on personal stuff (you'd use C# to make your api service layer/backend), though I don't know anything about the actual .net ecosystem (like proper package management and stuff; all my C# stuff has been school, unity, and specific-game-mods so I never had to learn about its equivalents of maven/gradle/npm/yarn, or what their major frameworks are like spring/react/vue, etc)
|
|
#
?
Jan 13, 2024 18:36
|
|
|
the .net experience in azure is first class and you can even do the full stack with c# with blazor as your front end
|
|
#
?
Jan 13, 2024 18:45
|
|
|
|
| # ? May 29, 2024 17:02 |
|
|
The Fool posted:azure app service is a more traditional "here is some compute that you pay by hour for and if you turn it off your site is not available" azure app service is "what if we had a magical iis instance in the cloud" or whatever the linux equivalent is
|
|
#
?
Jan 14, 2024 01:29
|
|
