- animated-text blocks yield using
Promise.resolve()instead ofruntime.requestRedraw()(which is better for handling turbo/warp, see also vm#2079 for similar issues) - setFoot doesn't
Cast.toString - setColor accepts any CSS color. Is it cool enough that we can keep?
- rainbow clears existing color effect
-
_onTargetCreatedcan useonceinstead of on+off - use-after-destroy: crash with zoom effect when a target is being removed
apple502j
/ animated-text.js
Last active
September 13, 2023 21:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Scratch3TextBlocks{ | |
| constructor (runtime){ | |
| /** | |
| * The runtime instantiating this block package. | |
| * @type {Runtime} | |
| */ | |
| this.runtime = runtime; | |
| this._onTargetWillExit = this._onTargetWillExit.bind(this); | |
| this.runtime.on('targetWasRemoved', this._onTargetWillExit); | |
| this._onTargetCreated = this._onTargetCreated.bind(this); |
apple502j
/ animated-text-issues.md
Last active
February 3, 2021 13:15
apple502j
/ cve-desc.md
Last active
February 28, 2021 16:00
A <Impact> exists when <Product> <Bug>, aka '<Product> <Impact> Vulnerability'.
<Impact> is one of: "remote code execution", "elevation of privilege", "spoofing", "denial of service", "information disclosure", "cross site scripting", "security feature bypass".
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. (CVE-2020-1472)
apple502j
/ breaking-changes-dpy.md
Last active
January 31, 2025 15:44
These are the breaking changes of discord.py version 2.0.
"Breaking change" includes:
- [R]emoval: a feature is removed.
- [N]ame changes: a feature is renamed.
- [B]ehavior: something does not behave the way they did in 1.x.
- [T]yping: types of arguments, attributes or return values changes in an incompatible way. (e.g. None disallowed for argument)
- [S]yntax: a syntax previously allowed for an operation is no longer allowed. (e.g. positional only arguments, new required arguments)
apple502j
/ howto-bring-back-old-mcwiki.md
Last active
July 15, 2021 13:39
- Install Redirector extension.
- Go to your extension page (about:addons)
- Click "Redirector"
- Click "Options"
- Click "Edit Redirects"
- Add redirects as shown below. Pattern type is all "Regular Expression". Advanced options are not used. If you haven't used Redirector before, you can instead just import the settings (see below for the JSON file)
- Install uBlock Origin extension.
- Go to your extension page (about:addons)
- Click "uBlock Origin"
apple502j
/ security-guide-for-dpy.md
Last active
January 18, 2025 20:06
Discord bots, just like web servers, deal with untrusted data. Most of those bots implement interactive commands, which makes the attack surface significantly larger. This guide is to improve security of Discord bots.
Security is usually represented by the three elements of CIA (not related to the agency) - Confidentiality, Integrity, and Availability.
- Confidentiality: Protecting your secrets (and others' secrets) from attackers. "Secrets" include your bot token, message contents and other PII, files stored on your computer and other private data.
- Integrity: Protecting your data from manipulation by attackers. "Manipulation" can vary from compromising the host computer to improper permissions/roles assignment or data spoofing/tampering (e.g. cheating in a chess game to obtain points).
- Availability: Protecting your bot from crashes or similar situations. Examples include infinite loop, blocking codes and error handling issues.
Here are some tips to im
apple502j
/ mc-private-bugs.md
Last active
October 31, 2023 09:37
MC private bugs of public knowledge
- https://bugs.mojang.com/browse/MC-248208 Villager POI not invalidated when they teleport through portals Source: originally reported public
- https://bugs.mojang.com/browse/MC-242793 Incorrect teleportation to end dimension when pushed into the end portal by a piston Source: originally reported public
- https://bugs.mojang.com/browse/MC-249054 Closing inventory by clicking outside of GUI doesn't close inventory properly, which can be used to carry 4 more stacks using player 2x2 crafting slot Source: originally reported public
- https://bugs.mojang.com/browse/MC-266177 Slowing or increasing ticking affects time calculation in demo mode
- https://bugs.mojang.com/browse/MC-262206 Trapdoor-note block update suppression/recursive neighbor update; fix 1.20.1 (partial), 23w35a (likely full fix)
apple502j
/ coinhive.md
Last active
January 22, 2022 21:08
TL;DR: It was a battle between us, the enginners who advocate for technology advancements, and the police. And we won.
TL;DR: It was a battle between us, the enginners who advocate for technology advancements, and the police. And we won.
On March 2018, after raiding his home and some interrogations (some of which was criticized - see later), the Kanagawa Police in Japan charged a web designer (@moro_is on Twitter) for violating the Penal Code. For violating Article 168-3, titled "Acquisition of Electronic or Magnetic Records Containing Unauthorized Commands".
The program in question was one line of HTML tag, that loaded the Coinhive script, a cryptominer. The summary court sentenced him to fine of 100,000 yen - around $940. He could just pay the fine, like many others who got prosecuted for the same "crime". But he instead contacted the lawyer - on March 29th. He had about 2 weeks to object to the summary court's decision and request a formal trial.
The news spread quickly - and many people expressed their concerns on how this could go badly. While cryptomi
apple502j
/ 22w06a-docs.md
Last active
May 7, 2022 23:09
Tagis nowTagKey- Registry entries have associated
RegistryEntry RegistryEntryListis a list ofRegistryEntry, supports directly referencing items and referencing using tags- Registries are frozen unless you use Fabric API: to add custom entries to a registry, you need to add Fabric API as an dependency!
- Instances of Block/Item/etc must be ALWAYS registered otherwise it'll crash.
TagKey, like RegistryKey, is a key/identifier for a tag. Many methods that took Tag will now take TagKey instead, such as BlockState#isIn. Built-in TagKeys are still available in BlockTags class, etc.
apple502j
/ tag-extension-api-in-1-18-2.md
Last active
March 3, 2022 08:18
Tag Extension API for Fabric has been removed in 1.18.2. Here are some vanilla replacements:
Vanilla ObjectBuilder contains addOptional (corresponding to addOptionalObject in FAPI) and addOptionalTag. They both return the builder itself, unlike FAPI provided ones that do not have return values. The arguments are the same, all taking one Identifier.
There is a generic method TagKey#of which can be used to create TagKey for any registries (blocks, items, biomes, villager professions, custom registry items, etc). You can also use BlockTags#register, etc provided you use accessor or access widener to make it public.
One thing to note is that Tag.Identified has become TagKey. TagKey, like RegistryKey, does not hold the value(s) itself - you have to query the values from the registry. For example, Registry.BLOCK.iterateEntries(tagKey) will return an iterable of RegistryEntry. The following code in 1.18.1: