Hacker News new | past | comments | ask | show | jobs | submit | Fileformat's comments login

No, it is a multi-stage build. The second stage [1] uses oven/bun:distroless

[1] https://github.com/regexplanet/regexplanet-bun/blob/main/Doc...


Don't show this to your favorite fascist billionaire!


I'm hoping for better quality than favicons. I've also looked at using the BIMI icons (which are SVG), but there aren't enough of them...

https://bimi-explorer.svg.zone/bimi/


Shameless self promotion: I build a logo search engine that currently has almost 500K logos indexed: https://logosear.ch/

Also, a good source of official SVG logos is BIMI, a standard that uses DNS to point to the URL of an SVG.

Spec: https://bimigroup.org/

I recently scraped them for the top N domains: https://bimi-explorer.svg.zone/bimi/


It's pretty surprising looking at this list that all these sites are paying $2000+ for a bimi cert.


They’re not. Some buy a Verified Mark Certificate (e.g. ikea.{com, ca, fr, maybe others} do), but most won’t ever (e.g. the first one on https://bimi-explorer.svg.zone/bimi/list.html 026430010.co.il, and a slightly random other dailydot.com). Also the two Mark Verifying Authorities listed at https://bimigroup.org/implementation-guide/ currently talk about approximately $1,300 and $1,600 per year, less than the $2,000 you say though recurring.


Well done!

A couple of points.

It would be great if it listed the file format and size on the results page, so I dont have to click on every logo to find that informatino out.

How does this differ from doing a google image search of "$BRAND logo"?


Feature suggestion: a "my location" button on the map, so you can zoom in to your current location. There is a browser API [1] for this (which asks permission, or you can do it based on the IP address [2]

[1] https://developer.mozilla.org/en-US/docs/Web/API/Geolocation...

[2] <shameless self-promotion> Geolocation provider comparison: https://resolve.rs/ip/geolocation.html </shame>


The real solution to WHOIS is RDAP.

Unfortunately, it isn't required for ccTlds, and there are plenty of non-ccTlds that aren't working.

https://en.wikipedia.org/wiki/Registration_Data_Access_Proto...

https://resolve.rs/domains/rdap-missing.html


How does it mitigate the issues outlined in the article?


The root cause for the PHP vulnerability is trying to parse unstructured text. The actual information in WHOIS has structure: emails, addresses, dates, etc. This info should be provided in a structured format, which is what RDAP defines.

IMHO, there is no reason for a registrar to not support RDAP, and to have the RDAP server's address registered with ICANN.


  Location:  Philadelphia, PA, USA
  Remote:    Remote/Hybrid/In-office
  Relocate:  Yes
  Résumé/CV: https://andrew.marcuse.info/resume/short.html
  Email:     andrew.marcuse+hn@gmail.com
  Technologies:
    TypeScript, JavaScript, Java, Go, Python
    SQL, PostgreSQL, Redis, MySQL, Microsoft SQLServer, ElasticSearch
    React, Remix, React-native, GraphQL
    Kubernetes, Docker, Kafka, AWS, Google Cloud, Azure
Hands-on development manager with a track record of building and shipping successful products (and teams).

Currently working in finance/fintech but open to everything.


I think this points to the real problem: it is hard to evaluate how "good" someone is during the hiring process

Lots of great coders don't have a big open presence. Years of experience isn't a good sign with the churn in tech, plus you don't know if they wrote code or just watched. Is being able to do a l33t coding exercise in a fixed time a sign? IMHO I'm decent programmer and I've failed them. Can you come up with an exercise that matches the work that will be done and can be completed in a reasonable amount of time?

And the phrase "matches the work that will be done" is doing some heavy lifting: many companies don't really know what they need. I've seen companies that need 99% soft skills that want a ton of niche tech experience. Or advertise for something other than the real dumpster-fire that you'll have to work on.

This is the fundamental reason that knowing someone works: they know your coding skills and they can give you the inside scoop on the position.


I made feed.style[1] to help people add a decent XSLT stylesheet to their feed.

I'm using it myself[2] and really like the effect.

I think it always makes sense to have a stylesheet (and use text/xml content type): otherwise people clicking a rss/atom link are greeted with a wall of xml (or a download prompt). Hard to think of a worse UI for people who aren't familiar with feeds & feed readers.

[1] https://www.feed.style/

[2] https://www.fileformat.info/news/rss.xml


feed.style also has a 'try it' feature: Here is what the OP's feed looks like with the stylesheet:

https://www.feed.style/example.xml?feedurl=https%3A%2F%2Fthe...


timg is a really nice similar tool that does pixel graphics in the terminal window if supported, falling back to character graphics if not.

The big plus is that it supports SVG images.

https://github.com/hzeller/timg

And it is available via brew/apt/etc.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: