TV TV TV SPORTS SPORTS Call of Duty

err not my channel.. hi seamonkey

but was it a wrong channel?

let's ask the VAR

i imagine frg dressed as rambo firing a gun that shoots patch files

I am more like Harry Flashman in this case :)

Status meeting in 15 minutes if IanN shows up :) wiki.mozilla.org/SeaMonkey/StatusMeetings/2025-06-15

Status meeting in 9 minutes if IanN shows up 😊 wiki.mozilla.org/SeaMonkey/StatusMeetings/2025-06-15

hi .*

status meeting in 5 minutes - wiki.mozilla.org/SeaMonkey/StatusMeetings/2025-06-15

IanN hi master of desaster!

hi

status meeting time - wiki.mozilla.org/SeaMonkey/StatusMeetings/2025-06-15

Who's taking minutes?

me

thanks

Nominations for Friends of the Fish Tank?

I pass again sorry

urg, wiki keeps throwing 502 errors

anyone else to make the fishes happy? They starve!

Action Items

thanks :)

action items bau

Status of the SeaMonkey Infrastructure

bau. Any news about the signing key?

only that the new MS way is just for North America at the moment, so we need to go back to the drawing board or waiting until it is released for EU

grumpf...

Status of the SeaMonkey Source Tree

bau. Need to check if we can still push to hg comm-central again.

But want to do the reviews impacting l10n first.

ok

On the other hand the crlf removal might be a good test. Only a few files and no l10n.

Release Train

oops, spoke to soon

2.53.21 seems to be a quiet release or no users left :)

hopefully the former

there shouldn't be any files with windows line endings in a mozilla codebase

frg dug them out

nsITobin not true. Some extral packages and some mixed test cases. The later are a headache.

well yeah external but anything mozilla creates or long took possession of should all be linux line endings i am sure that was police before the 2010s

policy

No there are deliberate mixed test cases in the tree. Only a few.

right you did say test cases too i like mentally edit out that they exist

Extensions Tracking

nsITobin: the holiday special approach to coding :-P

bau

2.Next, Feature List, Planning and Roundtable

i'm not saying anything cause every time i do distractions happen :P expect .. to expect things.

bau. Doing this and that. wip is preogressing but needed a break. And real life issues too.

yeah frg has the right strategy!

Well I still like that wip is still working with all the stuff in

Use it for mail to see if something breaks badly over time but so far ok.

Suspect loaging js fragments is bad but not sure.

:D

^loading

that moves us onto AOB

uab or bau

I do however think maybe it is time to consider planning to decommision the composer.. it simply isn't up to the challenge of any real effective webdev for the past decade.. It can edit a simple html website but who has a simple html website that isn't github hosted at this point.. we do but that is besides the point.

thanks for your time today, next meeting is in 3 weeks time, same bat channel, same bat time

as for compatibility, mozillazine has deployed anubis, but this now works in SeaMonkey

but needs JS enabled and https to pass, once a week

I did a puick patch for our website to enable https for it.

^quick

so is the mainsite https-only now?

(given mozillazine is relevant for SeaMonkey, I thought I'd mention it here)

nsITobin: no, it works over http too, but anubis doesn't

ah

Basically yes You can switch to http when you got the cookie but pretty pointless

nsITobin: might be confusing, I know: it works over http if you've done anubis over https (or maybe also if anubis somehow decides you don't need to be tested?)

as for AOB, nothing else from me that I can recall, bau

great :)

(Next is July 6th?)

yes

oki

thanks again for your time, enjoy the rest of your day

i'm calling that a meeting

cu here as away

Everybody died while I made breakfast. THE END.

I'm surprised Anubis blocks HTTP, that's very much not nice for some use cases

also, reminds me of WineHQ's place, which has been a mess for a good part of this year

first a botched migration to PHP8 that left large parts of the site broken

then, Clownflare pretty much rendering the few remaining bits of the AppDB unusable

then they switched from Clownflare to Anubis... but not entirely, as leftover challenges now still break large parts of AppDB's maintainer functionality

(and sometimes it's Anubis itself that breaks that instead of CF because of poor implementation)

I'm reading a bit more on Anubis. Still not clear to me what changed for it to start working in SeaMonkey, I'll have to check the repository

tomman: you know since 2016 https only has been the pushed mandate

a mandate and standard I disagree with

njsg: Anubis has worked since Day One, except for the progressbar

tomman: uh?

and wish I could find the HN thread where the lead dev said "I won't be messing with niche browsers"

tomman: I remember it not passing - so would the progress bar break it that way?

The Supreme System Lord Ra will take care of Anubis.. trust me.

tomman: the lead dev doesn't seem to be hiding details about the design

which could be a valuable lesson for some idiots on the block

njsg: Maybe it's bias because I use the nightlies as my daily drivers, but the progressbar not rendering is just a cosmetic issue, the coal burning continues in the background and the performance stats do update on the page

any anti-ddos platform can be turned into a censorship platform

it must all go away

nsITobin: damned if you do, damned if you don't

nsITobin: or, if Cloudflare is involved, it can be turned into a self-DDoS platform

tomman: that is the essense of being Tobin..

there is no way to win this one, because if you don't do anti-DDoS defense, your site is toast AND it will cost you massive money

congrats you worked it out

tomman: when did you first see Anubis passing?

njsg: Since the first time I met it, which was sometime in this year as Anubis is quite new and exploded real fast in popularity

just a couple months ago I was having trouble with freedesktop and a blog, I think even with JS enabled it wouldn't pass

tomman: maybe a lot of these websites deserve to be toast.. not mine of course.. but you see

the first time it actually passed for me was when I had to go through it for mozillazine

nsITobin: even my web hosting provider has been caught trying to play the anti-DDoS stuff without my authorization

...especially on a site that (thankfully!) still flies under the radar of the AI/LLM/CCP bots

tomman: afterburst does on-demand ddos mitigation when it is impacting their systems.. normal defense messures cause one vps is still an attack on the node

(and yet I did found a OpenAI shitstain on my access logs recently, so... maybe it's time to take measures)

But I'm not going to deploy any anti-DDoS stuff, that's for sure - I care about my sites being accessible everywere

tomman: we have to talk as much as possible all the time everywhere so AI can suck it up and it becomes US

and yes, that includes DOS on a 386SX running Arachne on a 3Com packet driver

... not sure how that is better but at least I can get it lol

tomman: you may want to converse with someone who deploys anti-scrapper measures, say, some Jamie Werner Zawinski :-P

njsg: I already knew what will be the answer for that: *plonk* :D

he already hates the "Retro Windows League"

(but only when visiting THEIR blog, he is fine recommending other retrocomputing targets)

--HIS blog

jzw was a hero for a different era.. we don't need a hero to come save the day.. WE need to just do the shit and save it our selves.. This i still believe.. but if you wanna make a hero i volenteer but i do need help.

I need a hero right now, to clean my toilet

I think at least for some corner cases of his blocking, he might be following a logic of "if you can handle such a [old/...] system, you can somehow hack it into lying about what it is"

well then jwz may be the hero you need for that.. he has quite the experience now

tomman: got a samsung battery?

Surprisingly... yes

but it's in use, I'm afraid

see if he can compile xscreensaver for your shitter while he is at it

:D

port*

well, it has a water leak, so at least it is still fit in spirit

eh why not toaster, that could get some LCD fitted, albeit it'd probably need some TPS tiles from STS OVs for heat dissipation

and wasn't there some flying toast screen saver somewhere?

njsg: flying toasters on a smarttoaster

when

will

it

happen

and why hasn't it already

what is the point of all this bullshit technology when we can't do the shit we always wanted to and waited to be able to do on it

njsg: logoff/logout

i literally can't restart my linux os.. i can only reboot it

i feel the kernel needs rust to solve this issue

... and if i were to be serious i might have some gainful oppertunities.. but that is so dumb.. I'd have to slap the person who agreed with it if i tried it..

maybe that's what I can do post-internet

just go around get people to agree with me on stupid crap then slap them in the face and walk away and repeat

oh my god - why is code signing the MS way restricted to North America ? Azure KeyVault with HSM support can be used anywhere on the world

because it is a service

guest_: unless you want the 15 year spanning political answer i am well beyond reiterating

but digital services have basically no rights only conditional terms

our Azure KeyVault HSM code signing is in West Europe and we can use this certifcate from anywhere on the world for code signging as long as conditional access is configured according to allow the remote sites/IP to access the cert

as far as I know aquiring the cert is currently the problem.

why does it relate to "only that the new MS way is just for North America...".

the requirement for FIPS 140-2 for code signing had been introduced by CA/Browser Forum and not by MS

I trhink this is only for the key aquisition but not involved.

do you intent to use Microsoft Managed Signing services ?

yes

this is not a good decision as it is very expensive. More cheaper is to buy a normal code signing cert and install it into Azure KeyVault (HSM) and perform the code signing yourself.

guest_: part of the reason a small contributing factor of why I am doing my own linux from scratch is to not have those kinds of barriors.. code signing is a barrior.. enforced verification is a barrior.. https is also a barrior with a hoop jump every 3 months minimum.. i don't believe in its effectiveness or requirement.

sure it is a barrior but in the real world unsigned code will be potentially be blocked - e.g Defender in Enterprise blocks unsiged EXE, future Windows version may also block unsigned exe etc.

which is unacceptable

and not why i learned all this stuff

i will not be held to the bounds and standards of people who otherwise wouldn't give a shit if steve jobs didn't shove a fuckin iphone into their asspocket

it guts everything i have learned and everything I have always wanted to do..

Not here

i can't do shit about the geopolitical bullshit in the world OR in tech and i have tried.. and those people that brought it online into my browser into my operating system into my code and changed everything for no good reason because what they change it into doesn't stick around for more than a trump headline does before they change it again.. You can't build a sustainable future on sand that is literally imaginary and doesn't physically exist

for more than a news or update cycle

essenutally guest_ i think the problem with people's security and privacy is a problem they created when they came here without understanding what the hell they are doing and refused to learn anything just change it to be the same disgusting social political power nonsense as everywhere else the masses get into

if you own a smartphone you are part of the problem and in a way responsible for Trump.

before the masses were online with their assphones there would have been no way for trump to have come to power

before the masses were online with their assphones there would not be shadowbans or deplatforming

all weapons in the hands of trump

I wanted to form a XUL and Mozilla Tech alliance years ago with a common platform and common goals coordinated to the betterment of everyone.. Today there is this chromium superfriends bullshit while mozilla bottoms out..

I propose a radical experiment.. and don't worry no one here has to do anything.. I want to re-port seamonkey to UXP and release it with as many 2.53 enahcements as possible.. and when it is release as a one off I want users and you guys to run it sidebyside and see which is objectively better.

and then i want to do a thing with newer mozilla code and i want it also to be looked at and considered.

cause I can theorize all day but what is needed is visual aids

do anything to materalize it*

release == build and upload it and link it

what do you think frg_Away IanN_Away

uxp is missing much of the later mozilla refactorings. Between 52 and 56 the code changed tremendously. I even tried to port the library fixes back to 2.49 if you remember and gave up. Took too much time. The new code might not always be better and we are still mssing stuff uxp has but I rather contine as I do now before again dealing with people on a browser crusade.

... the government of Brasil apparently blacklists NCSA mosaic UAs