01:58 <soweli_iki> using stenoboard has been so nice that now i am learning penti to see what i am missing

04:24 <abu[7]> Hi soweli_iki! I think Steno is much better though

04:52 <soweli_iki> Penti would be more comfortable on a tablet, i mean

04:52 <abu[7]> Yeah, Penti needs more space

04:52 <abu[7]> But it is more tiring for the hand

04:52 <abu[7]> I use Steno on Tablets too

04:53 <soweli_iki> when i have a surface to place my phone, i use Steno with a stylus :) it is fantastic

04:53 <abu[7]> :)

04:53 <soweli_iki> a great input for emacs

04:54 <abu[7]> Isn't the lacking Meta key a problem for emacs?

04:54 <soweli_iki> no, i usually tap the ESC square

04:54 <abu[7]> I see

04:55 <soweli_iki> you can use ESC as a prefix in place of Meta in most cases

04:55 <abu[7]> (did not know, I'm not an Emacs user)

04:55 <soweli_iki> haha, i noticed the vi sigils at the top of the steno docs

04:55 <soweli_iki> also, picolisp uses a very vi like built in editor

04:56 <abu[7]> yes

04:56 <abu[7]> A subset of vi/vim

04:59 <soweli_iki> it's a very good onboard editor for interactive development

05:00 <soweli_iki> i wonder how difficult calling out to emacsclient from inside pil would be

05:00 <abu[7]> I think there are several people who did that

05:03 <abu[7]> But Vip knows more about the runninp pil

05:03 <abu[7]> e.g. namespaces

13:09 <beneroth> [OT][FYI] GitHub added rate limiting to non-logged-in use: https://github.blog/changelog/2025-05-08-updated-rate-limits-for-unauthenticated-requests/

13:09 <beneroth> https://github.com/orgs/community/discussions/159123

13:10 <beneroth> I find this is once again confirmation that FOSS projects should be hosted individually and not centralized on the whims of some bigcorp (remember bitbucket)

13:12 <abu[7]> Right!

13:18 <aw-> beneroth: I don't see how those two things are linked. Rate limits are completely normal and expected of any service receiving millions if not billions of requests per day

13:19 <aw-> it's not like they're rate limiting people who are using the service legitimately with an account.. these things are almost always targetted at bots, spammers, abusers..

13:20 <beneroth> aw-, these rate limits are a (understandable) reaction the blatant scrapping and IP theft for LLM development (which was greatly accelerated by Microsoft).

13:20 <beneroth> aw-, well in the past, it was completely legitimate to use GitHub without an account. Now less so.

13:21 <beneroth> Apparently they increased the allowed rate, in the second link you can see people complaining that earlier it kicked in after 2-3 page hits, no apparently only with much more (maybe also depending from with ASN someone is coming)

13:22 <beneroth> aw-, I'm not criticizing GitHub, they offer a free service which was and is a huge benefit to humanity. I critize the people who make themselves dependent on that, when it's always quite certain that this will become a problem eventually.

13:26 <beneroth> if GitHub wanted, they could solve that issue in much better ways. Naturally, the go with the cheapest (for them) option (externalizing costs)

22:40 <aw-> what better way to you suggest to solve this problem?

22:44 <soweli_iki> these botnets are notoriously difficult to block via IP rules. from what the Emacs wiki (iirc) folks said, they tend to make just a few requests per client IP

22:45 <soweli_iki> but they come in swarms and can easily take down smaller services, or skyrocket the resource costs of larger ones

23:18 <beneroth> soweli_iki, yeah that's true. I experience it myself with my hosting offerings.

23:21 <beneroth> aw-, There is not really a single one-stop solution. I would expect MS to have a wild range of measures against this already with all their online services and Azure. But granted, probably I just overestimate them...

23:23 <beneroth> aw-, on my servers I often block whole ip-blocks which are clearly not enduser ISPs (e.g. AWS/OHV/hosters). That obviously wouldn't work really well for GitHub, giving their target audience and use, but could be used to segment rate limit categories

23:25 <beneroth> to me the current rate limits are designed to make people create accounts. otherwise that steep difference between anon (60/h) and authenticated (5k+/h) doesn't make any sense (numbers from https://news.ycombinator.com/item?id=43938433, in turn from GitHub documentation)

23:27 <beneroth> another check (to apply different rate limit categorizes) would be proof of work, e.g. captchas and the like - but they're annoying and stopped working in recent years (machines are better in solving them than humans), so that's mostly out.

23:30 <beneroth> question is a bit, what is the issue/goal? 1) server load, or 2) hindering "AI"-competition from taking stuff and make users authenticate for better data and control 3) network load it cannot be, because authentication makes no difference there

23:34 <beneroth> the best way is to optimize the server software and make use of HTTP caching mechanisms so the load is less of a problem. good botnets have enough IPs to keep going, so a simple rate limiting is only really restricting legitimate users (forcing the botnets to switch IPs only increases load with all the additional TCP connections).

23:37 <beneroth> if its individual IPs which misbehave then they can be detected by behavior analysis (behavior a legitimate client wouldn't do in bulk, e.g. many 404 calls etc).

23:42 <beneroth> the very low limits (they were increased recently) suggest it is primarily about getting clients to authenticate and not about stopping abusive scrappers - or if it is, then its made very lazily and without consideration of their (past) target audience, which will not be out of necessity for a IT company of such size, skill and resources.

23:44 <beneroth> ofc its right to turn their service into a walled garden. as did bitbucked a while ago.

23:56 <beneroth> s/its right/its their right