Sunday, 2010-02-21

« Saturday, 2010-02-20 Index Monday, 2010-02-22 »
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)01:26
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 256 seconds)01:35
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)02:59
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 276 seconds)03:08
*** Joins: Heady| (~Heady@i59F76B4A.versanet.de)03:15
*** Quits: wolog_ (~wolog@ASt-Lambert-152-1-64-207.w82-120.abo.wanadoo.fr) (Remote host closed the connection)03:17
*** Joins: cobexer (~cobexer@91-113-120-6.adsl.highway.telekom.at)03:53
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)04:34
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 265 seconds)04:42
*** cobexer is now known as \cobexer|away05:16
paul__dhx_m: openssl is slow :P05:36
*** Quits: Heady| (~Heady@i59F76B4A.versanet.de) ()05:47
*** Joins: rolfkleef (~rolf@urtica.xs4all.nl)05:51
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)06:07
*** Quits: \cobexer|away (~cobexer@91-113-120-6.adsl.highway.telekom.at) (Remote host closed the connection)06:11
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 240 seconds)06:15
dhx_mhey06:40
dhx_mpaul__: apparently so :(06:40
*** Joins: fanno (~Morten@90.184.93.233)06:49
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)07:02
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 252 seconds)07:11
*** Joins: AzaToth (~azatoth@wikipedia/AzaToth)07:21
*** Joins: moto-moi (~hylke@cara.xs4all.nl)07:53
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)07:58
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 265 seconds)08:06
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)08:54
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 246 seconds)09:02
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)09:57
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 256 seconds)10:05
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)11:03
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 264 seconds)11:11
nuclear_eclipsedhx_m: I told you so :P12:00
*** Joins: daryn__ (~INTERACT\@h133.83.88.75.dynamic.ip.windstream.net)12:00
*** Quits: daryn_ (~INTERACT\@h83.145.28.71.dynamic.ip.windstream.net) (Ping timeout: 248 seconds)12:04
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)12:09
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 256 seconds)12:18
*** Quits: mellen (~thansen@x1-6-00-22-02-00-0c-40.k253.webspeed.dk) (Ping timeout: 260 seconds)12:28
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)13:18
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 260 seconds)13:26
*** Joins: wolog (~wolog@AOrleans-152-1-81-151.w90-21.abo.wanadoo.fr)13:40
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)14:25
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 245 seconds)14:33
*** Joins: ZiNC (~zinc@188.120.158.32)15:16
ZiNCHey.15:17
ZiNCWhy is there view.php (that just maps to bug_view_page.php)?15:19
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)15:30
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 276 seconds)15:39
paul__dhx_m: just drop crypto api :P16:25
paul__also, you there?16:25
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)16:34
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 252 seconds)16:43
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)17:39
*** Joins: mellen (~thansen@x1-6-00-22-02-00-0c-40.k253.webspeed.dk)17:46
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 256 seconds)17:47
*** Quits: moto-moi (~hylke@cara.xs4all.nl) (Quit: Ex-Chat)18:08
*** Joins: giallu (~giallu@fedora/giallu)18:14
*** Quits: aptituz (schoenfeld@85.214.56.206) (Remote host closed the connection)18:27
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)18:42
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 252 seconds)18:50
*** Quits: scribe9343423 (~scribe934@mantisforge.org) (Remote host closed the connection)19:00
*** Joins: scribe9343423 (~scribe934@mantisforge.org)19:00
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)19:56
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 256 seconds)20:04
*** Quits: giallu (~giallu@fedora/giallu) (Ping timeout: 245 seconds)20:07
*** Quits: rolfkleef (~rolf@urtica.xs4all.nl) (Ping timeout: 265 seconds)20:12
*** Quits: daryn__ (~INTERACT\@h133.83.88.75.dynamic.ip.windstream.net) (Ping timeout: 246 seconds)20:31
*** Joins: daryn (~INTERACT\@h52.149.55.139.dynamic.ip.windstream.net)20:46
*** Joins: micahg (~micah@ubuntu/member/micahg)20:47
micahghi, is there a bug tracker for the plugins on mantisforge?20:47
nuclear_eclipsedepends on the plugn20:48
nuclear_eclipseI have a tracker set up on my own domain for my plugins20:48
dhx_mnuclear_eclipse: hey20:48
nuclear_eclipsehi dhx_m 20:48
dhx_mnuclear_eclipse: I agree on pushing 1.2.x out the door :)20:48
micahgnuclear_eclipse: I'm referring to Timecard (yours I believe) :)20:49
dhx_mnuclear_eclipse: and if there are things waiting, put them in a follow-up 1.2.1 release20:49
nuclear_eclipseyes, http://leetcode.net/mantis/ should do the trick :)20:49
nuclear_eclipsedhx_m: sounds good to me20:49
micahgk, thanks nuclear_eclipse, it's great, I just have an idea20:49
dhx_mI'd much rather we stuck to some sort of release schedule so we have continuous releases20:49
nuclear_eclipseyeah20:49
dhx_mperhaps like the Linux Kernel... release every 3 months a 1.X release20:49
nuclear_eclipsemicahg: code submissions are always appreciated too :)20:50
dhx_mand we support the last Y months of releases with critical bug fixes and security updates20:50
micahgnuclear_eclipse: k, I might be up for that20:50
dhx_mor does that not work for the Redhat "We can only use software older than 6 years" crowd? :p20:50
micahgnuclear_eclipse: is it currently possible to display timecard entries for a single release?20:50
nuclear_eclipsedhx_m: the real trouble is trying to support distros that will keep "stable" versions in their repos for up to 2 or 3 years20:50
micahgnuclear_eclipse: I would suggest making 1 release every 2 or 3 years an LTS20:51
dhx_mIMO it's their problem... the kernel (which is quite important!) doesn't do that20:51
nuclear_eclipsevery true20:51
dhx_minstead you have Redhat maintaining their own kernel fork20:52
micahgdhx_m: kernel is a lot more popular/complicated20:52
dhx_mno one else is going to do it for them :p20:52
dhx_mmicahg: indeed it is, but they have a lot more people working on it too20:52
micahgdhx_m: indeed20:52
nuclear_eclipsedhx_m: I know Debian still uses 1.1.x, but what peeves me the most about Debian is that they more or less fork Mantis everytime they pull in a new version because of the way their silly DB system works20:52
dhx_mmicahg: I'm more referring to a smaller project such as MantisBT with only a handful of developers... maintaining old "stable" forks reliably isn't going to happen20:53
nuclear_eclipsewhich causes a *lot* of issues for us because people have problems when they try to upgrade from a debian package to an official tarball20:53
dhx_mjust recently I've found things fixed in 1.3.x that hadn't been backported to 1.2.x20:54
micahgdhx_m: the maintenance for stable releases in Ubuntu at least is high priority bugs and security updates20:54
nuclear_eclipseit seems every time someone complains of an upgrade problem, the root cause is Debian =\20:54
micahgare there really that many CVEs for mantis that it's hard to support for 2-3 years?20:54
nuclear_eclipsemicahg: it's more a lack of developer time20:54
dhx_mnuclear_eclipse: I'm not sure who moderates the mantisbt-dev mailing list, but I made a post (in moderation due to an attachment) about a new integrity checker I built into a revised check.php system20:54
dhx_mnuclear_eclipse: essentially it tells users if they're using modified files, have stray left-overs hanging around from old releases, etc20:55
nuclear_eclipseafaik, victor is the only maling list moderator, which I've tried to change multiple times and failed20:55
dhx_mmicahg: if I cared about CVEs, I would have submitted about 40 of them in the last few months for Mantis :)20:56
nuclear_eclipsewell, I think I'll start prepping my columns fix, and then once I get that patched in, start looking to another release20:56
micahgdhx_m: that's not encouraging20:56
dhx_mmicahg: that is seriously how much more secure 1.3.x is when compared to some old "stable" version20:56
dhx_mmicahg: you need to learn to get used to it... most web software is filled with security bugs20:56
micahgwell, that makes me glad my company's mantis installation is behind a FW20:57
dhx_mmicahg: most of these security issues I point out are relatively minor...20:57
micahgdhx_m: yes, but the hope is that when people find them, they patch/report them20:57
dhx_mmicahg: right, which is why they have been fixed quickly as they're discovered20:58
dhx_mmicahg: Mantis 1.2.x now has full CSRF protection, better security against XSS (I've done a lot of testing and fixing of obscure XSS problems), better cryptography in 1.3.x, etc20:59
micahgdhx_m: cool21:00
nuclear_eclipsespeaking of "better" cryptography, dhx_m, I told you so21:00
nuclear_eclipseopenssl RNG is slow as balls21:00
dhx_mnuclear_eclipse: I did say I didn't test openssl_pseudo_random_bytes :p21:00
micahgI wish I had more time to contribute, but I'm already into too many open source projects21:00
dhx_mnuclear_eclipse: I'll make it optional/off by default21:00
nuclear_eclipsethat would be appreciated :P21:00
dhx_mnuclear_eclipse: in case someone has a fast hardware RNG21:00
nuclear_eclipseit makes mantis on my VPS chug21:01
nuclear_eclipsealso dhx_m, we should switch from Docbook to Markdown :P21:02
dhx_mnuclear_eclipse: yes please! :)21:02
dhx_mnuclear_eclipse: I think you saw my post about MediaWiki a while ago... I'm not so sure about it though21:03
*** Quits: ZiNC (~zinc@188.120.158.32) (Read error: Connection reset by peer)21:03
nuclear_eclipseI've been putting together a simple pre-processor for Markdown that will do a few fancies right now21:03
*** Joins: ZiNC (~zinc@188.120.158.32)21:03
dhx_mnuclear_eclipse: but I still like the idea of making it easier for people to write documentation for Mantis21:03
nuclear_eclipseeg, it scans the document for headers, and generates a TOC 21:04
dhx_mhaving to checkout a git repository, edit text files, create patches, submit them, etc is too much work21:04
nuclear_eclipsewell, I don't think so :P21:04
dhx_mif you're a developer it's OK21:04
nuclear_eclipseI actually like having the documentation version controlled with the source code21:04
dhx_msame21:04
nuclear_eclipseit makes it very straightforward to request appropriate documentation changes with patches, and trivializes the need for differing documentation for various versoin branches21:05
nuclear_eclipseand tbh, I really don't think docbook is that difficult to work with; it's no harder than generating HTML...21:06
dhx_mI just hate Docbook because of it's verbosity (XML = readable by computers, not by humans)21:06
nuclear_eclipseand the Docbook tags are at least descriptive and consistent, more than you can say about HTML21:06
dhx_mI wouldn't say I like HTML that much either though21:06
dhx_myes21:06
nuclear_eclipsemy point is that for a *web app*, if you can write HTML, writing Docbook should be trivial, esp since you can use the rest of the documentation as an example of how to do it21:07
nuclear_eclipsehell, copy-paste and change the necessary bits if it's really that difficult21:07
nuclear_eclipsemy biggest complaint about Markdown is that it defers to HTML a bit too much, eg, no way to generate nested lists (that I know of), or to generate simple tables, etc21:09
nuclear_eclipsebut then again, that's also one of its biggest selling points21:10
dhx_myeah generating tables is horrible with plaintext documentation formats21:10
dhx_malthough most of the times people use tables, they shouldn't21:10
nuclear_eclipseand Mediawiki's table format is almost as bad as raw HTML21:10
dhx_myep21:10
nuclear_eclipseanyways, I'm toying with ideas to make 21:11
nuclear_eclipserather21:11
nuclear_eclipseto extend my Markdown preprocessor thingy work with a set of files, a la docbook21:11
nuclear_eclipseit's still a very toyish script anyways21:11
nuclear_eclipsedon't even know if I'm gonna keep it or try something different21:12
nuclear_eclipseI'm just trying to find a way to make a simple documentation format that's in between the complexities of markdown and docbook21:12
nuclear_eclipseeg, I love the fact that Docbook can do a lot of generation of TOC, pages, etc21:13
nuclear_eclipseand I like that it's trivial to link to exact positions in other pages and chapters21:13
dhx_myep21:14
nuclear_eclipseeg, assuming you give everything of value in your docbook a unique id, you can link to any of those from anywhere else, regardless if you rearrange the documentation21:14
dhx_mbeing able to nest sections at will is goo21:14
dhx_m*good21:14
nuclear_eclipseyep21:14
dhx_munlike LaTeX where it's all linear21:14
dhx_myou can't have a chapter that you include at different depths elsewhere21:14
nuclear_eclipseyeah, ntm Latex is all but greek to non-programmers21:14
dhx_malthough I did write a Mediawiki > LaTeX convertor that worked quite well :)21:15
dhx_msection depth reordering, etc21:15
dhx_mLaTeX formatted documents look a lot better than Docbook documents though21:15
nuclear_eclipseI really wouldn't mind wikis if it weren't so easy to orphan or lose information in the depths of the database...21:16
dhx_mDocbook output looks like Microsoft Word output... ugly word processor rubbish21:16
dhx_m(at least the examples I've seen)21:16
nuclear_eclipseso improve the docbook template we use :P21:16
dhx_mthere is a lot more to typography than what is possible with simple templates21:16
nuclear_eclipsewell, docbook uses lisp templates...21:16
nuclear_eclipseso if it's not possible with lisp templates, that's pretty bad :P21:17
dhx_mmicrotypography for instance is all about preventing word breaks at the end of lines, allowing periods and commas to overhang the text margin to make the text appear better aligned, etc21:17
dhx_mthe number of words per line is very important too, as is control over float placement, etc, etc21:17
nuclear_eclipseI'd rather focus on actually getting things documented than making the documentation text pretty :P21:18
dhx_mprecisely why I prefer a Wiki... so anyone can help us out21:18
nuclear_eclipsethe question is whether you really want all those people to be writing the documentation...21:19
nuclear_eclipseesp things like documenting the APIs or plugin system is stuff that I'd not want "normal" users touching...21:19
dhx_mwith some oversight it'd be OK21:19
dhx_mI'm thinking Mediawiki's new FlaggedRevs extension21:20
nuclear_eclipseyet another reason I like the barrier to entry of documentation in source control :P21:20
dhx_myep21:20
dhx_mI'd prefer one or the other21:20
dhx_mnot both21:20
nuclear_eclipsethat still requires someone's time to sit there and review every submission...21:20
dhx_mthe Wiki at the moment is fairly useless if you ask me... outdated, uncared for, etc21:20
nuclear_eclipsewell, yes21:20
nuclear_eclipsehalf the prolbem 21:20
dhx_myou only have to review them up to the point where you know the person making changes knows what they're doing (more or less)21:21
nuclear_eclipseis that dokuwiki is the worst wiki I've ever seen21:21
nuclear_eclipse(imo)21:21
nuclear_eclipseI've had nothing but headaches from supporting it at my old job21:21
nuclear_eclipseconstant issues with permissions breaking because it stores everything on the filesystem, etc21:22
dhx_myep21:22
nuclear_eclipseand tbh, giving web apps permission to write to the filesystem is a sysadmin's worst nightmare21:22
dhx_mI don't mind it too much, if you know what you're doing21:24
dhx_mie. don't put a writeable folder in your wwwroot! :)21:24
nuclear_eclipseyep21:24
nuclear_eclipsebut with dokuwiki, that's a requirement =\21:24
dhx_mand web servers generally serve multiple websites/web apps all using the same Unix user ID/group ID21:25
dhx_mwhich means one site on a server can mess with a different site21:25
nuclear_eclipsedhx_m: do you happen to know of anything else besides Latex and Docbook for generating documentation/manuals?21:25
dhx_m(if you're writing to the file system in any way)21:25
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)21:27
dhx_mnothing that would allow you to make pretty documentation for printing21:28
nuclear_eclipsehrm21:29
nuclear_eclipsethat's a shame21:29
dhx_malthough I personally don't see why that is overly important thesedays21:29
dhx_myou don't read software manuals from start to end :p21:29
dhx_myou tend to search them for particular information and help21:29
nuclear_eclipsedo you have an example of what your wiki->latex thingy can generate?21:29
dhx_mI guess if we're trying to make a "how to develop MantisBT" book it makes more sense21:29
dhx_msure, PM :)21:29
nuclear_eclipsedhx_m: well, that's what the developers' guide is :P21:30
*** Quits: fanno (~Morten@90.184.93.233) (Read error: Connection reset by peer)21:36
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 265 seconds)21:36
*** Quits: AzaToth (~azatoth@wikipedia/AzaToth) (Remote host closed the connection)21:47
*** Joins: daryn_ (~INTERACT\@h102.67.29.71.dynamic.ip.windstream.net)21:49
micahgnuclear_eclipse: I just contributed a bug + patch :)21:49
micahgfor timecad21:49
micahg*timecard21:49
nuclear_eclipseyay!21:49
micahghttp://leetcode.net/mantis/view.php?id=10321:49
dhx_mafaik I have fixed it as well in my branch @ http://git.mantisforge.org/w/timecard/dhx.git?a=shortlog;h=refs/heads/modtimestamp21:51
dhx_mwhich adds optional minute resolution to Timecard21:51
micahghmm, maybe I should've pulled your branch dhx_m21:52
dhx_myou didn't just rewrite that functionality yourself did you? heh21:52
*** Quits: daryn (~INTERACT\@h52.149.55.139.dynamic.ip.windstream.net) (Ping timeout: 256 seconds)21:52
micahgdhx_m: nah, just a simple check for no time21:52
dhx_mI don't even have a time_get_diff() function anymore21:53
micahgdhx_m: yep, I just returned N/A which I guess isn't the best solution for a localized product21:54
nuclear_eclipsea good bit of that plugin was written by a coworker, so I have no liability :P21:54
micahgin light of that, maybe I'll update my patch...21:56
dhx_mit even had carriage returns!21:57
dhx_mnuclear_eclipse: check my branch out :p21:57
nuclear_eclipsemaybe when I have nothing better to do ;)21:57
dhx_mhaha21:57
dhx_mbtw micahg/nuclear_eclipse... my branch is 1.3.x only21:58
micahgthen I'll have to wait :)21:58
nuclear_eclipsedhx_m: it's actually quite unfortunate that you changed db_table calls in 1.3, breaks 100% of my plugins... =\21:59
nuclear_eclipsedhx_m: review: http://mantis.pastebin.com/m70e2da9721:59
micahgI revised that patch to use a localizable string22:00
dhx_myeah it did expose the problem with plugins... changes upstream can easily break plugins22:00
dhx_mso you really need to maintain a version of a plugin for each version of Mantis22:01
dhx_m... at least until the core Mantis API becomes stable... which will be never at this rate :p22:01
nuclear_eclipsethat's why I added the ability to specify a maximum mantis version22:01
dhx_myep22:01
dhx_mI guess it'd be best to have the latest development version of each plugin as top tier on mantisforge22:02
dhx_mscrap that... it's called branches duh :)22:02
nuclear_eclipselol22:02
dhx_mI was going to suggest forking each plugin for each version of Mantis22:03
nuclear_eclipseother alternative is to have conditionals in plugins for various apis :P22:03
dhx_m... not thinking22:03
dhx_mnuclear_eclipse: you're lucky I can't reach through my screen and grab you at this moment :p22:03
nuclear_eclipse;)22:03
dhx_m#ifdef SOMETHING #ifdef FIX1902 #ifdef APIV8 ... printf( 'Hello World' ); #endif #endif #endif22:04
micahgmost codebases do something similar for versioning....22:04
* nuclear_eclipse <3 #ifdef22:05
dhx_m#22:05
dhx_m         * The following fields can not be included:22:05
dhx_m#22:05
dhx_m-        * BUG_FIELD_ID, BUG_FIELD_PROJECT, BUG_FIELD_DATE_SUBMITTED, BUG_FIELD_LAST_UPDATED, BUG_FIELD_STATUS,22:05
dhx_m#22:05
dhx_m-        * BUG_FIELD_RESOLUTION, BUG_FIELD_TAGS, BUG_FIELD_FIXED_IN_VERSION, BUG_FIELD_PROJECTION, BUG_FIELD_ETA,22:05
dhx_m#22:05
dhx_m-        * BUG_FIELD_REPORTER.22:05
dhx_m#22:05
dhx_m+        * 'id', 'project', 'date_submitted', 'last_updated', 'status',22:05
dhx_m#22:05
dhx_m+        * 'resolution', 'tags', 'fixed_in_version', 'projection', 'eta',22:05
dhx_m#22:05
dhx_m+        * 'reporter'.22:06
dhx_m(grrr... bad spacing with copy/paste)22:06
nuclear_eclipseflood :P22:06
dhx_mI was going to suggest removing the quotation marks in those comments22:06
nuclear_eclipsebah, that means I have to do more than a PCRE script... :P22:06
dhx_mperhaps one field per line too in a list format22:06
dhx_mah :)22:06
dhx_motherwise looks good to me22:06
nuclear_eclipseok22:06
nuclear_eclipsethose constants are more annoying to type, and harder to grasp, than strings...22:07
dhx_myep22:07
nuclear_eclipseand sticking with just strings will make an (eventual) plugin option more consistent22:07
dhx_mI started work (if you'd call ~200 lines "started") on an OO approach to fields22:09
dhx_mIntegerField, TextField, BooleanField, etc22:09
dhx_mwhich are then extended to form things like PriorityField, SummaryField, etc22:10
dhx_mso you have some base types (integers, currency fields, text fields, etc) that can be used for inbuilt fields as well as custom fields22:11
*** Quits: daryn_ (~INTERACT\@h102.67.29.71.dynamic.ip.windstream.net) (Remote host closed the connection)22:32
nuclear_eclipsedhx_m: good thing I tested my patch before committing :P22:39
dhx_mnuclear_eclipse: oh you wanted me to do that? :p22:39
nuclear_eclipsemy script didn't check for category->category_id22:39
dhx_mah22:40
nuclear_eclipseit was the only constant that didn't align with its string22:40
dhx_m"openssl rand" on my computer outputs 100MB in a few seconds22:43
nuclear_eclipsethat's kinda slow :P22:44
dhx_mfor random numbers it's OK :)22:44
nuclear_eclipsecompare that to mt_rand22:44
dhx_mmt_rand isn't secure though22:45
nuclear_eclipsebtw, I hate you22:45
nuclear_eclipseAPPLICATION ERROR #290022:45
nuclear_eclipseFor security reasons MantisBT will not operate when $g_crypto_master_salt is not specified correctly in config_inc.php.22:45
nuclear_eclipse /facepalm22:45
nuclear_eclipseso generate one :P22:46
nuclear_eclipseand in any case, mt_rand is perfectly fine against all but the most persistent hackers -- you'll get a DOS attack before you get someone brutally singling out your randomly generated numbers for attack22:47
nuclear_eclipseit's just a bugtracker for crying out loud22:47
nuclear_eclipseany sufficiently-critical bugtracker will most likely be protected by a firewall, apache auth, or SSL client cert check ...22:49
dhx_mhaha22:49
nuclear_eclipseor it'll be running over SSL22:49
dhx_mwe can't generate $g_crypto_master_salt without writing to config_inc.php22:49
nuclear_eclipseI know, that was supposed to be a joke ;)22:49
dhx_m:p22:49
nuclear_eclipsedhx_m: I'd be more worried about usernames, passwords, and cookies running in the clear than someone potentially predicting the output from mt_rand, seriously22:51
micahgBTW, if you guys need anything from Ubuntu, feel free to ping me on IRC22:51
nuclear_eclipsemicahg: I could use a job :)22:51
nuclear_eclipse(paying job that is)22:51
micahgnuclear_eclipse: http://webapps.ubuntu.com/employment/22:51
nuclear_eclipsemicahg: any of those open for non-senior level engineers? :P22:52
micahgnuclear_eclipse: idk, you'd have to read the individual descriptions22:53
nuclear_eclipseie, I graduated last may, and have only been doing "real" software engineering work for about three years, and no "official" experience beyond school projects and a job working on mantis22:53
micahgthat's a tough one...22:54
nuclear_eclipseyep, it seems that's the way the entire job market is right now, esp if you don't live in NYC or California...22:54
dhx_mI have just the job:22:55
micahgnuclear_eclipse: maybe these: http://www.jobvite.com/CompanyJobs/Jobs.aspx?c=qpX9Vfwa22:55
dhx_mhttp://hotjobs.yahoo.com/job-JHR3F06ROMU?source=SRP22:55
dhx_mComcast: check, CVS SCM: check, Java: check22:55
dhx_m:p22:55
* nuclear_eclipse hits dhx_m with frying pan22:55
dhx_munless that's a different CVS lol22:55
micahgnuclear_eclipse: where are you located?22:56
nuclear_eclipseCincinnati, OH22:56
micahgah22:56
nuclear_eclipsemakes it difficult, because family and friends are here, and wifey doesn't want to move out of state22:57
micahgnuclear_eclipse: http://www.jobvite.com/CompanyJobs/Job.aspx?c=qpX9Vfwa&v=1&j=orneVfwH22:57
dhx_mnuclear_eclipse: that's true, but I guess crypto_api is really about using a standard approach to generating nonces (rather than reimplementing it multiple times in the codebase)22:57
nuclear_eclipsedhx_m: I'm fine with that, I just think that we don't have any reason to need the power of openssl22:58
nuclear_eclipsemicahg: hmm, looks interesting, thank you22:58
dhx_mnuclear_eclipse: yep I'm going to write it out as being optional22:58
micahgnuclear_eclipse: np, good luck22:59
dhx_m"Willingness to write tests (unit and functional), even if you don't want to"22:59
dhx_mI love the "even if you don't want to" part :p22:59
nuclear_eclipsethe "remote possible" sounds like it would only work if I was head and shoulders above the other applicants though... =\22:59
nuclear_eclipsebut it's still worth a try22:59
dhx_mMantisBT development would probably help you out :)23:11
dhx_mas it shows you "get" open source23:11
nuclear_eclipsevery true23:14
*** Joins: mantisbot (~supybot@81-174-26-126.static.ngi.it)23:19
*** Quits: mantisbot (~supybot@81-174-26-126.static.ngi.it) (Ping timeout: 272 seconds)23:28
« Saturday, 2010-02-20 Index Monday, 2010-02-22 »

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!