Macil
Repos
116
Followers
48

Hot Module Replacement plugin for Browserify

377
23

Utilities for updating code live with hot module replacement

60
2

React dropdown menu components

78
9

React component for a list of draggable collapsible items

266
37

Plugin for Minecraft servers that allows overlapping pathways to be created

0
0

Events

issue comment
Add ScryptIdentity.SetMinWorkFactor and document risk of online decryption oracles

This is a little awkward for me because just yesterday I was experimenting with using securely-generated long random passphrases with a minimal work factor to speed up decryption. (I'm storing age-encrypted files on a remote file host that I don't want to trust plaintexts to, and I'm using a reverse HTTP proxy that transparently decrypts the files while fetching them, similar to https://github.com/str4d/rage/pull/233. Recipient-based encryption would have mostly worked for my use-case, but I prioritized passphrase-based because of long-term quantum resistance, and partly because it verifies the files as coming from me, but for that maybe it'd be better if I was using some kind of asymmetric signing outside of age so that the signing is done by a key of mine that the reader program doesn't have.)

It would help my use-case if there's a way to opt out in the CLI from the enforced minimum work factor during decryption, or if there was some other supported way to do symmetric encryption within age that didn't involve work factors (like symmetric key file support or some kind of plugin support that could implement symmetric key files).

(I was considering making a feature request that files encrypted with an autogenerated passphrase should have a minimal work factor by default because a high work factor seems unnecessary in that case, but then I realized it would awkwardly mean that files with a high work factor are announcing themselves as having weak passphrases.)

Created at 1 week ago
push

Fix test and bench support for arm

Created at 2 weeks ago
pull request opened
Fix test and bench support for ARM CPUs

cargo test currently fails on Apple M1 processors with this error:

   Compiling i18n-embed v0.13.4
   Compiling i18n-embed-fl v0.6.4
   Compiling criterion-cycles-per-byte v0.1.2
error: criterion-cycles-per-byte currently relies on x86 or x86_64.
  --> /Users/macil/.cargo/registry/src/github.com-1ecc6299db9ec823/criterion-cycles-per-byte-0.1.2/src/lib.rs:34:1
   |
34 | compile_error!("criterion-cycles-per-byte currently relies on x86 or x86_64.");
   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

error[E0308]: mismatched types
  --> /Users/macil/.cargo/registry/src/github.com-1ecc6299db9ec823/criterion-cycles-per-byte-0.1.2/src/lib.rs:41:15
   |
41 | fn rdtsc() -> u64 {
   |    -----      ^^^ expected `u64`, found `()`
   |    |
   |    implicitly returns `()` as its body has no tail or `return` expression

For more information about this error, try `rustc --explain E0308`.
error: could not compile `criterion-cycles-per-byte` due to 2 previous errors
warning: build failed, waiting for other jobs to finish...
error: build failed

This PR disables the criterion-cycles-per-byte dev dependency when not on x86 or x86_64. cargo test and cargo bench work on Apple M1 now.

Created at 2 weeks ago
push

Fix test and bench support for arm

Created at 2 weeks ago
create branch
Macil create branch m1
Created at 2 weeks ago
fork
Created at 2 weeks ago
delete branch
Macil delete branch dependabot/npm_and_yarn/example/socket.io-2.4.1
Created at 3 weeks ago

Bump socket.io from 2.3.0 to 2.4.1 in /example

Bumps socket.io from 2.3.0 to 2.4.1.

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #57 from Macil/dependabot/npm_and_yarn/example/socket.io-2.4.1

Bump socket.io from 2.3.0 to 2.4.1 in /example

Created at 3 weeks ago
pull request closed
Bump socket.io from 2.3.0 to 2.4.1 in /example

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps socket.io from 2.3.0 to 2.4.1.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 3 weeks ago

Bump socket.io from 2.3.0 to 2.4.0

Bumps socket.io from 2.3.0 to 2.4.0.

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #58 from Macil/dependabot/npm_and_yarn/socket.io-2.4.0

Bump socket.io from 2.3.0 to 2.4.0

Created at 3 weeks ago
pull request closed
Bump socket.io from 2.3.0 to 2.4.0

Bumps socket.io from 2.3.0 to 2.4.0.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 3 weeks ago

Bump cached-path-relative from 1.0.2 to 1.1.0 in /example

Bumps cached-path-relative from 1.0.2 to 1.1.0.


updated-dependencies:

  • dependency-name: cached-path-relative dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #73 from Macil/dependabot/npm_and_yarn/example/cached-path-relative-1.1.0

Bump cached-path-relative from 1.0.2 to 1.1.0 in /example

Created at 3 weeks ago
pull request closed
Bump cached-path-relative from 1.0.2 to 1.1.0 in /example

Bumps cached-path-relative from 1.0.2 to 1.1.0.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 3 weeks ago

Bump cached-path-relative from 1.0.2 to 1.1.0

Bumps cached-path-relative from 1.0.2 to 1.1.0.


updated-dependencies:

  • dependency-name: cached-path-relative dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #74 from Macil/dependabot/npm_and_yarn/cached-path-relative-1.1.0

Bump cached-path-relative from 1.0.2 to 1.1.0

Created at 3 weeks ago
pull request closed
Bump cached-path-relative from 1.0.2 to 1.1.0

Bumps cached-path-relative from 1.0.2 to 1.1.0.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 3 weeks ago
delete branch
Macil delete branch dependabot/npm_and_yarn/example/async-2.6.4
Created at 3 weeks ago

Bump async from 2.6.3 to 2.6.4 in /example

Bumps async from 2.6.3 to 2.6.4.


updated-dependencies:

  • dependency-name: async dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #76 from Macil/dependabot/npm_and_yarn/example/async-2.6.4

Bump async from 2.6.3 to 2.6.4 in /example

Created at 3 weeks ago
pull request closed
Bump async from 2.6.3 to 2.6.4 in /example

Bumps async from 2.6.3 to 2.6.4.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 3 weeks ago
opened issue
Hovering over a message's menu causes call area to resize

Steps to reproduce

  1. Be in a voice/video call with someone.
  2. In that chat, hover over a message so its hover menu shows, and then hover over one of the react/reply/reply-in-thread buttons.

Outcome

What did you expect?

The hovered button should highlight and show a tooltip.

What happened instead?

The hovered button highlights and shows a tooltip, but the call element in the upper half of the screen becomes maybe 10px wider to the right for a moment, causing the whole page to readjust briefly.

Operating system

Windows

Application version

Element version: 1.10.11 Olm version: 3.2.8

How did you install the app?

installed the desktop app from https://element.io/get-started

Homeserver

matrix.org

Will you send logs?

No

Created at 3 weeks ago
Macil create tag v1.0.1
Created at 4 weeks ago

update docs for v1.0.1

Created at 4 weeks ago

update deps

mainly for stream_slicing bugfixes

Created at 4 weeks ago
Macil create tag v1.0.1
Created at 4 weeks ago

update docs for 1.0.1

Created at 4 weeks ago

add npm build

add mod.ts mainly for dnt/npm support

update docs

Created at 4 weeks ago

only resolve promises after all work is done in case of errors

Created at 4 weeks ago

fix BYOBPartialReader.streamAmount() handling of eof

Created at 4 weeks ago
pull request opened
fix(ext): disable bytes mode on streams that don't handle it correctly

Fixes #14219

Several ReadableStream instances were marked type: "bytes" but did not support bring-your-own-buffer mode and did not close themselves properly when used in byob mode.

Created at 4 weeks ago