Is this a new project that was intentionally started in PHP or something legacy? Any interesting benchmarks? Like minimal wire to wire network processing time and where the bottleneck is?

I saw md5 checksum implemented in scratch.

I would like to hear more

Not quite. Suppose instead of a single version of serde there’s now 46 versions like in https://crates.io/crates/parquet to be able to use instances derived in some other crate X you have to use the same version of serde. Now, how should a crate decide which versions of serde to support?

All 46 and all optional? Supporting that would be painful. Just the last one? crates.io is a cemetery full of dead crates, with this support strategy any handful of crates picked at random are not going to be serde-compatible with each other.

A better solution would be a better support for compile time reflection so serde doesn’t have to exist in its current state, but that’s got delayed (by big macro conspiracy :)

When adding a new dependency I almost always go over the source code to see what kind of performance to expect. If build.rs is there - checking it takes a single click so yes to that too. Derive macro - less frequently, but you have to do it when documentation is non existent.

No, serde_derive contains the binary and if you are on linux it will try to run it without asking the user. In fact there’s no way to make it so it won’t run.

Serde is incredible though

Sure. Fork of it can be incredible too. In fact the only difference can be traditional approach to building the derive macro. All it takes is for people to switch.

You can read a build.rs script.

Then there’s this: http://cm.bell-labs.co/who/ken/trust.html

Not sure, possibly. You still need to be pretty smart maintaining and extending all those tools.

serde is maintained by dtolnay, he is not the original author.

It seems it was done to marginally improve serde_derive build times? And just on x86_64-unknown-linux-gnu?

Indeed. If you use nix instead of compiling in 8 seconds it fails to compile almost instantly.

There’s a few suggestions about debugging it in Fedora, you should be able to replicate most of them. https://fedoraproject.org/wiki/How_to_debug_Firefox_problems

Ubuntu ships Firefox as a snap now so you have to get it from outside of the repo if you want it to be normal.

All of them.

Too many ads and bad UX? Right. This article is a great example for both: https://mastodon.gamedev.place/@aras/110846684099110476

a handful of states that require porn sites

A handful of states can require that, sure, but requiring is not enough. All the browsers and all the porn sites need to follow that and this is not going to happen

So, again, I don’t know why you’re thinking these solutions are the bad ones

If the goal is to make sure there’s age verification for users of some porn sites with some web browsers - yea, you can totally achieve that. A workaround is a) switch the website or b) switch the browser. That’s security theater though. Wastes time and money, fails to achieve the goal. If the goal is to make sure age is tested for users of all the porn sites for users of all browsers - this goal cannot be achieved without massive effort.

they’re just trying to roll it out nationwide now.

They have internet with porn in it in other nations :)

The option of “I don’t want to do it” may not be on the table anymore.

For this to be on the table you need to convince all the browser manufacturers to implement it and close the sources so it cannot be undone by the users or forked. And remove all the earlier copies and sources Next you need to ban tools like curl or wget because they can pretend to be browsers. If you want something that can’t be removed in reasonable time realistically you have to demand full web drm a-la Google but this means a bunch of older computers needs to be thrown away just because they can’t use newer browsers and/or newer OS.

Now that we figured out what needs to be done on the client site - let’s talk about server side. You need to convince every porn site out there to perform this check. A few more interesting things to think about - how many porn sites are out there? What to do with those that won’t follow your proposal?

In short - from technical point of view if you really want to achieve “enforced age verification” - internet must become a very different, much more closed system.

So it’s not your browser that checks your age but a third party. This raises a few questions:

1. What kind of IDs are accepted? Say I have one issued by Singapore…
2. How often should it check that a person that uses my browser is still me?

the browser decides if you can see it or

Yea, no. I decide, not the browser.

(the best one so far is that the browser itself checks your age

How? As a user I want to have total control over my browser and Internet is an open platform - any browser should be able to view any website even though google is trying to change that with their DRM.

Did twitter consider to affiliate with @musicfan, @musicmusic, @music123, or @musiclover instead?