Jesse Karmani

reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a sufficiently long username will make it accept any password. to fix this you can sha256 the input first.

The name makes it kind of hard to find, too. I tried searching for it many times in the past using searches like "replay merge conflict resolution", but since git replay is actually a thing that does something else entirely, I didn't find it

Anyone know why git rerere is not enabled by default? I just learned about it recently, and it could have saved me so much time merging new releases into a long-running fork

If you're looking for a way to cross-post on all of the new social networks popping up these days, check out fedica.com * Includes all of the major networks, plus the up-and-coming platforms * Customize the message per-platform * Schedule posts * Lots of analytics

Been playing around with the Arc browser. It's so beautifully designed and has a great UX to "zap" away elements of a site you don't like! Makes browsing twitter/x so much more pleasant 😊 I had it remove so much from the page it can be kinda jumpy when scrolling the timeline tho

@RBReich Thank you for sharing. Would you mind linking to the study?

Netflix, Tesla, Ford, and T-Mobile all paid their executives more than what they paid in federal income taxes from 2018-2022. When I say the system is rigged for the rich, this is what I mean.

Oh no, twitter is hiding likes now? lol, how will we ever see when politicians like porn accounts now? what a loss for the internet

In case you missed it, I was on the Decentered Podcast last week talking about what I'm building at frequency: wedistribute.org/podcast/freque…

I wrote up a blog post outlining the steps I took to migrate a custom Mastodon fork from heroku to fly: jesseplusplus.com/blog/migrating…

@r00k @shl Hmm this is great food for thought.. I’ve been burning a lot of time building subscription flows and getting very little feedback from folks when they don’t renew after trials. I guess I was afraid of missing customers or looking unprofessional not having a self-serve sign up 🤔

I think new products shouldn't have a pricing page. Or onboarding. Or self-serve signup. I think you should do this instead:

I do see a bit more downtime and API errors when doing deployments with fly, but heroku has had more than a decade to become as mature as it is 😄

I've been switched over for nearly a month now and am quite happy with the move. I just ran out of hobby plan credits and will officially start paying this month. Looking at the costs from last month, I think I'll end up paying about 1/3 the cost of heroku for similar perf

Valentine’s day is coming up, but I’ve never been a fan of the view American culture has of love or the way we “celebrate” it. It gives us all such a narrow definition of love. This describes a better one that we can all aspire to, if we have the courage: youtu.be/dHvWiTjbqNY

woof, just saw a cybertruck in person for the first time and it is truly awful 😂

I use Following almost exclusively since the algorithm change, but it can get annoying when you follow a high-volume account. I still find the For You feed pretty unusable, but maybe the more you use it the better it gets? I'd love to hear your experience.

Which feed do you use the most on twitter/x?

NEW @ConsumerReports study offers a rare look into the scope of Meta’s surveillance. It goes way beyond what most may expect—Meta can know many of the websites you visit and even what you’re doing IRL. mrkup.org/DaFCh

This is such a bad faith implementation of what the court ordered. Thank you Epic for continuing to fight against this BS for all of us 🙏🏻🙇🏻‍♀️