Yeah good point. I suppose the problem is this function that operates on numbers allows numeric strings to be passed in in the first place. The only place where I would really expect numeric strings to exist is captured directly from user input which is where the parsing into a numeric data type should happen, not randomly in a library function.

It’s kind of insane how bad this whole is-number thing is. It’s designed to tell you if a string is numeric, but I would argue if you’re ever using that you have a fundamental design problem. I hate dynamic typing as much as anyone else, but if forced to use it I would at least try to have some resemblance of sanity by just normalizing it to an actual number first.

Just fucking do this…

const toRegexRange = (minStr, maxStr, options) => {
  const min = parseInt(minStr, 10);
  const max = parseInt(maxStr, 10);
  if (isNaN(min) || isNaN(max)) throw Error("bad input or whatever");
  // ...

Because of the insanity of keeping them strings and only attempting to validate them (poorly) up front you open yourself up to a suite of bugs. For example, it took me all of 5 minutes to find this bug:

toRegexRange('+1', '+2')
// returns "(?:+1|+2)" which is not valid regexp

Ah yeah I don’t know how I would do that easily on a phone. Do those in my example above render for you? You should probably be able to just copy/paste them on a phone if they do.

I can’t find a keyboard with them, or a copy/pastable line where they’ve been typed

Maybe use combining diacritical marks?

I’m using 0x326 (Combining Comma Below), but you may need the CGJ in there to render correctly in all contexts

e.g.

Foo!̦ Bar?̦

Edit: Combining grapheme joiner, not zero width joiner

Agreed, but my point is with a centralized network the lowest common denominator wins. There is no reason you can’t have QoL features on an open network, and thusly let everyone have the features that they care most about.

Can you imagine what a shithole the internet would have been if email wasn’t federated an open? There is absolutely no way that whatever centralized bullshit would have spawned instead would already be either long gone or enshittified to the point of being useless.

Good for you, you have a short list of requirements out of a chat service and discord perfectly fills your niche. But different people have different requirements for chat, and they don’t align. And network effects force people who have differing requirements to use the service with the most users which sucks.

For instance here are things that I require from any chat service that I use that discord completely falls flat at:

• Ability to run it on my linux machine without using an electron client (npm is a huge mess of supply chain attacks and I refuse to run any software that is likely to contain dependencies from it)
• Ability to run it on my AOSP phone which does not have any google play services installed
• Ability to write software to back up messages without fear of a company changing their API and breaking my backup system

I hate that Google is exerting even more control on the internet with their TLD, but I don’t really think this attack is made all that much worse with .zip TLD. I can already bury a .com in a long URL and end it in .zip just fine like so:

https://github.com∕foo∕bar∕baz@example.com/foo/bar/baz.zip

Or even use a subdomain to remove the @:

https://github.com∕foo∕bar∕baz.example.com/foo/bar/baz.zip

The truth is most people don’t look much at URLs outside of a domain to verify its authenticity, at which point the .zip TLD does not do much more harm than existing domains do.

For mitigation, Firefox already doesn’t display the username portion of the URL on hover of a link and URL-encodes it if copy-pasted into the url bar. It also displays the punycode representation when hovering or navigating to the second example.

Edit: looks like lemmy now replaces 0x2215 which is a character that looks like forward slash with an actual forward slash, so my comment is a bit more confusing. For clarity, the slashes before example.com in the above urls were 0x2215 and not “/”.

Relevant XKCD

I use a hard G when pronouncing gif, and the inventor using a hard G is a good enough reason for me. But the argument that the G stands for graphics being the reason for it is a garbage argument. There are plenty of acronyms that are pronounced differently than the letters that make up those acronyms. For example the U in SCUBA is pronounced as a long U as in rule or June, but stands for underwater, which is pronounced as a short U.

Yes, you are correct in that a single individual’s action will make no difference, just like your single vote makes no difference either. However if everyone does their part it can make a massive difference.

While your individual contribution makes no difference, you still should try to do your part. Yes, change takes work and a bit of sacrifice. Just like how it takes time out of your day to do research on candidates and go to the polls.

If you don’t do the work, it doesn’t make you smart or clever, it just makes you an asshole taking advantage of others.

If I super heat a metal and it turns visibly red what is happening? Was it already emitting infrared and as it gets hotter the frequency shifts up? Or is it still emitting infrared but has a wider band of frequencies it is emitting as well (i.e. is it emitting frequencies below infrared as well as visible red)?

I just tried subscribing to !sircmpwn@spacepub.space, but it’s empty despite the peer tube channel having many videos. Any idea what’s going on?