It is expensive compared to the UK... But have a look at what an iPhone costs in Brazil :).

I like the Beef Chili Cheese Fries and Baked Potato (no idea if this is an UK or global thing). Equally bad for your health, but it is delicious for sure. My favourite is still Sour Cream & Chive Potato though.

nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgswaehxw309ahx7um5wghx6mmd9u2mk7fe apologies for bothering you (just checking in with the most active committer to NIP-17). Where does Amethyst publish kind 10050 lists? Does it send a copy of the list to the relays listed in the Kind 10050 itself? Does it also send a copy to the user’s Outbox relays? Anywhere else?

https://github.com/nostr-protocol/nips/blob/master/17.md

#asknostr #nip17 #dmRelaysList

Just resharing this in "Prime Western Nostr time". Nostr is a place where you’ll definitively find lots of JavaScript devs (and vibecoders) with hot wallets on their development machines. Please check your exposure and take proper remediation steps. If possible, avoid using real wallets in development environments, other than maybe test wallets with amounts you are willing to lose.

nostr:nevent1qqs0tnpn8cs65qgdsejvawpqud4m8tv66ugaszpk24ekp8xdg8x0tlgppemhxue69uhkummn9ekx7mp0qgsvragg6cy4muhjr2ks4gvktp9fed60sp873cvpmteqtmxunf6twqqrqsqqqqqpgwy5q2

#cyberSecurity #npm #supplyChainAttack #javaScript #hotWallets #devSafety

GM HavelFun.

Ok, we are not in the same wavelength at all. Thanks for your services regardless.

GM folks. Thanks to everyone who took the time to report bugs. Special shoutout to nostr:nprofile1qqsxr0mepvsfftasxj2uncfk4nmpt0s0enpvh9d44na47mxwlcvtqcspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz8rhwden5te0d3hkwetw9e38gcmxdae8qmr9vfejucm0d5hsz8rhwden5te0wfjkccte9e38gcmxdae8qmr9vfejucm0d5hsh7kga8 for making his first contribution to #Haven. New release incoming soon (hopefully today, if I can find the time).

GM Zed.

I don't think that having both features on one app was that confusing. But if helps with maintenance I'll gladly install both.

This sounds interesting. I'll have a look. Thanks for sharing!

Thanks!

And this is happening under a supposedly "Labour" government, which seems more interested in distracting voters and stoking anti-immigration paranoia than delivering on any of their commitments. Now brace for Nigel Farage, Reform UK, and billionaire party #3: fascist edition. Can you imagine an openly fascist UK?

To anyone who still thinks that mainstream political parties have any ideology beyond serving themselves and clinging to power: do you really believe we’re still living in a functional democracy with meaningful divides like left vs right or liberal vs authoritarian? Labour, Conservative and Reform are all just self-serving, corporate-sponsored parties squeezing people dry.

The UK is a sick man. The entire West is going downhill. The only ideology left is "socialism" for billionaires, with a giant tax bill and state-enforced violence for everyone else.

nostr:nevent1qqsqchs0pz4hnqm6jurakjwcd6wcrph7wyy80j0ljup68p4hynvsz3qpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygzd0ppq29uzurflavp569g2ms4khtjwuw6f0pne80l6g69k7kukkvpsgqqqqqqs3mvwkd

Is this working on Amethyst as well?

Testing Haven Dev Branch + khatru v0.19.0

#haven

And it is working fantastically so far, both for shooing users and new devs away :).

I try not to get into preference debates (been writing software for over 20 years, and by year 7 I had stopped defending mine). So let’s take the "most mature standard for schema specification" at face value and be pragmatic about it. It’s not like folks will rewrite all of Nostr to use a different format anyway.

Regardless, the payload schema is just a small part of an API specification, and there’s absolutely nothing stopping anyone from using JSON Schema with something like AsyncAPI. In fact, this is one of the most common choices. A good reason to use a popular spec like this is that 9 out of 10 times, someone has already done the hard work for you.

Nenhuma. Sem sacanagem.. Você não precisa de PoW a não ser que queira postar em algum relay que requira PoW. O usuário típico do Nostr postando para o relay do primal, Damus, etc pode simplesmente não selecionar a opção de PoW.

2nd test with --persist after restarting the bunker

Test NIP-46, rebased nak nostrconnect branch + dev.nosotros.app

Bookmarked. I’ll try to understand how all of this works and fits together.

Nostr unfortunately suffers a bit from not-invented-here syndrome. I mean, there are a gazillion well-known tools to specify APIs with proper documentation, validation, code generation, testing, mocking, etc tooling that can run locally on the CLI, in IDEs, in browsers, or in CI pipelines.

For instance, at first glance I think AsyncAPI would be a great fit for Nostr given the event-driven, JSON-over-WebSocket model. But I guess the devs doing core Nostr development have already evaluated and discarded off-the-shelf tooling. Unfortunately, I don’t know in what channels this sort of conversation is happening (assuming the folks developing the tooling talk amongst themselves to begin with). Again part of the herding the cats problem. If you ask me, communication (or lack thereof) is one thing that needs some love on Nostr. As ironic as it sounds given the amount of communication tools that devs are building over Nostr.

Thank you sir 🫡. Please cut a new version of Khatru if you can as well.

And feel free to ping me when you are ready to take contributions on nostrlib.

I went through this recently with Haven and had the same objection about “Trusting GitHub and random GitHub Actions with my private key.”

What I did was:

1. Created a new independent key for Haven (with UID haven@bitvora.com instead of my own). The master key only has cert capabilities.

2. Created a new signing subkey.

3. Gave GitHub only a copy of the signing subkey (without the master / cert key). Both the private key and passphrase are stored as secrets. I’ve since rotated the passphrase on the key uploaded to GitHub.

4. I use GoReleaser and GitHub Actions to GPG-sign releases.

5. Both nostr:nprofile1qqsw9n8heusyq0el9f99tveg7r0rhcu9tznatuekxt764m78ymqu36cpr3mhxue69uhhyetvv9ujucnfw33k76twwpshy6ewvdhk6tcpzdmhxue69uhhwmm59e6hg7r09ehkuef0qy2hwumn8ghj7un9d3shjtn4w3ux7tn0dejj7ne6u4e and I have copies of Haven’s master key and revocation certificates. If the subkey is ever compromised, we can easily revoke it and create a new signing subkey.

6. Users can find Haven’s public key in the GitHub repository and on keys.openpgp.org.

Commits, tags, etc. are still signed with my own key. GoReleaser checksums binary artifacts and signs those checksums with Haven’s key.

I haven't taken the time to make the builds fully (as in, bit by bit) reproduceable, but this can be done by modifying the pipeline t use commit information as part of the build ( https://goreleaser.com/blog/reproducible-builds/ ).

Another option is to bypass PGP altogether and sign releases with something like cosign. But hey, if it works for Fedora, Debian, Arch, etc., it works for me too.

Screen Alive saves the day. You can skill manually lock the screen,, but AFAIK it doesn't go on low resources mode. Or at least Pokey seems to be happy and delivering notifications.

Let me know how it feelsm I'm thinking of buying one for note taking and reading.

The funny part is that plenty of bad actors are using Cloudflare Workers for attacks, and Cloudflare doesn’t do anything about it. I recommend that every Nostr operator blacklist 2a06:98c0:3600::103.

Yes, it will block some legitimate traffic, but in my opinion the collateral damage is worth it if it means not having to deal with the attacks.

https://securityaffairs.com/181829/cyber-crime/cloudflare-blocked-a-record-11-5-tbps-ddos-attack.html

#Security #DDoS #Cloudflare #CloudflareWorkers

gradle be gradle 🤣

Yeah. Agreed. Interestingly, traffic to my personal relay has increased substantially and it does look legit. I'm not sure how Nostr.band stats are calculated. Do they count events written to smaller relays? Otherwise each client that switches to the Outbox model, like Amethyst did recently, will make a dent on nostr.band stats.

PS: Not dismissing the fact that a lot of folks left Nostr and that onboarding new people has been quite difficult.

I'll pike one and head there soon. Thanks for the hints!

Your "New Yorker" accusation may backfire sending someone that lives in London to Soho 🤣🤣. But I'll bite. The Thai one looks amazing.

Is this the one?

https://speedboatbar.co.uk/

Sure. Name a place, I'll "fly" there and even post a photo on Nostr :). And I promise to be fair in my assessment. There's good food in the UK. Its not the average, but there are good places.

I’ve found that keeping it simple is often the best solution here. Mike mentioned Sunday Roasts — and yes, they’re delicious. I’ve learned to really enjoy gravy; it fixes... a lot of things with british food 🙂.

Pub food in general is a safe bet too. I had an amazing gammon steak with eggs recently: simple, well done, full of flavour. You generally can’t go wrong with a schnitzel (and you don’t even need to go to a German restaurant), pastries, or stuff like that.

There are exceptions of course, absolutely common foods like lasagna, beef stroganoff, etc. can be disastrous, so it’s better to ask around first.

Won't use this as I'm allergic to TikTok and YouTube shorts. Sharing it anyway. Good luck!

14 years later, and the 2025 version of this guy is now "vibe-iterating" AI stuff.

(Exasperated, tired, too-old-for-this-crap noises)

https://youtu.be/3J9KhpgYVB0

#memestr #devstr #LeanStartupNinjaJunkie #KindlyGoIterateSomewhereElse

GM Logen. Building memories with family & frens (Bank Holiday where I live).

But will likely work on the upcoming Haven v2 this afternoon.

Not the new utxo Sir (and he’ll be back, let the man enjoy the summer :)).

I don’t have commit access to wot-relay and don’t want to fork it either, but this sounds like a good fit for Haven as well. An optional “fren” relay with notes written or imported from other relays according to the relay owner kind 3. It could be a nice experience with relay clients like Jumble, Nosotros, etc. Could you please open an issue so I don’t forget about it?

I don’t know of any good proxies for LinkedIn content unfortunately, and I don’t want to copy and paste the author’s work here or use LinkedIn to ask for permission to republish it. That said, there’s nothing in the article you wouldn’t already have a basic sense of. The gist of it is: You can’t trust Microsoft, the honeymoon with devs is over, and they’ll keep rug-pulling while going all in on the AI extraction phase. If GitHub is the only home for your code then you have no control over it.

Other than the nostr.wine thing, looks like Amethyst is still trying to publish a few notes to the "wrong" relays. E.g., notes that I'm not tagged in to my Inbox relay and non NIP-17 events to my chat relay.

Thanks and sorry to bother you in such a busy day for you :)

This has reminded me of this old goodie: https://nighthacks.com/jag/res/Fallacies.html

Thanks. Will do. None of my accounts have it on their Kind 10002 or NIP-05 json. I think nostr.wine made it to Amethyst relay list through my followers.

Trying to fight the same good fight as you, sir :). I’m not as good with hardware or people, and I don’t have enough room at home to do what you do. I also have to admit that my household produces quite a bit of technical waste. But yes, Clippy just wants to help! People should have the right to repair and to keep these old IBM ThinkPads with their great keyboards running for another decade or so.