Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 2, 2024.

These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished.

We are asking all Solana app developers to upgrade to version 1.95.8. Developers pinned to latest should also upgrade to 1.95.8.

Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on.

https://github.com/solana-labs/solana-web3.js/releases/tag/v1.95.8

Never say never. 1/0 = 0

The US started using mailboxes 14 years after the UK

In 1849, the Royal Mail first encouraged people to install letterboxes to facilitate the delivery of mail. Before then, letterboxes of a similar design had been installed in the doors and walls of post offices for people to drop off outgoing mail.

In 1863, with the creation of Free City Delivery, the US Post Office Department began delivering mail to home addresses.

And in reality: https://chatgpt.com/share/66f519a6-1348-8002-96eb-bb61fb25287b

Do you even know what regex is? Your neural network needs more training.

“Latin music superstar Nicky Jam. You know Nicky? She’s HOT!”

https://www.youtube.com/watch?v=7qK4PfqIHAk

During the pandemic any degree of effectiveness would save lives, so emergency approval was justified.

What? Pretty sure the requirement of effectiveness was at least 70%, and the approved vaccines had a >90% effectiveness. Obviously as the virus mutated the effectiveness nosedived, but they were very effective against the original strain. (edit: Effectiveness versus getting infected at all, not against serious illness and death, which remains good)

The 5GB free space of my OneDrive is filled with game saves in the documents folder. You can’t exclude directories there from being backed up. Good job.

Seems like you’re pretty far from getting it.

What if they write a GUI interface in Visual Basic to track your IP address?

Putting Ctrl in the home row by replacing the useless Caps-Lock is sufficient for me .

Alt is easily reached with the thumbs and shift is already close enough to the home row, with shift-ctrl using both pinkies.

Don’t worry, the good bible has the answer.

28 If a man happens to meet a virgin who is not pledged to be married and rapes her and they are discovered,
29 he shall pay her father fifty shekels of silver. He must marry the young woman, for he has violated her. He can never divorce her as long as he lives.

Your understanding is that in one of the countries with the least difference between rich and poor only the rich can afford cars?

Of course not. But they can, whenever they choose to. Parent comment said they have to grow since they are public, unlike private companies like Reddit.

Are you not aware that public companies split the profits too? They do not need to grow to have value for investors.

You could make the same argument for voting. What does your little drop in the vote bucket matter? Do you believe voting is a waste of time too?

Some developers seem to enjoy making their code obscenely difficult to understand, either because it actually makes sense to them that way, or because it makes them feel smarter.

Be wary about this mindset. This type of explanation sets you up for conflicts with existing developers. Several times I’ve seen developers coming into a team and complain about the code, creating conflicts that can last the entire working relationship for no good reason.

Much of the time the people who constantly work with code are already aware of the problems and may not be happy with it, but there’s no time or big benefit in improving working code. Or it’s complicated for good reasons which may not be immediately apparent. (ie. inherent complexity).

Here are a couple of benign reasons which probably will serve you much better.

1. It’s much more difficult and time consuming to make code that is easy to understand. Even in open source, there’s a limited amount of time to spend on any particular thing. This explanation is like a variation of Twain’s “I didn’t have time to write a short letter, so I wrote a long one instead.”, or more abrasively Hanlon’s razor “Never attribute to malice that which is adequately explained by stupidity time pressure”.

2. When writing the code, the developer has the entire context of his thought process available. You don’t have that, and that’s also the reason why your own code can make no sense a while later. Also it’s just much harder to read code than to write it.