The README talks a lot about crypto. But the interesting bit is how you can access the passwords. Is there an API? If yes, how does it protect your passwords from malicious software? If not -- are you sure? (Have you checked for example accessibility APIs by the platform?)
PassForgePro does not have any API for accessing passwords. It’s a local-only, offline-first project. There is no remote service, no API endpoint, no cloud sync, and no server communication at all.
All passwords are stored in an encrypted local SQLite vault with AES-256-GCM, and the key is derived using PBKDF2. Decryption happens only in memory after the vault is unlocked by the user.
There is no interface that exposes secrets outside the app. When I talk about cryptography and design in the README and FAQ, the focus is on local protection, not on a remote API.
As I mention in the FAQ, PassForgePro is an experimental learning project, not a production-grade password manager. It does not claim to defend against a fully compromised OS or malicious local software — that’s outside its threat model.
So if someone assumes there must be an API or external access, that assumption doesn’t match the actual architecture.
It is a Maneki-neko (beckoning cat / Winkekatze). The video team started putting them on podiums so they could see when a stream was frozen. So it became kind of a mascot.
This is probably a Linux issue. Mac OS and Windows implement the FIDO2 Platform API, which allows them to act as authenticators themselves. Linux does not. See https://github.com/linux-credentials.
With macOS and Windows I'm still stuck in corporate ecosystems though which was my point. I used to use Mac but I couldn't deal with the increasing iOSification and I only use windows now for gaming (VR) because it's such an awful OS.
But that's another point, I do use many OSes so being locked in to one ecosystem is not an option. I must also have the option to back up my credentials at all times (eg a cloud service will never suffice)
But yeah I should have mentioned Linux. I thought it was the norm here really especially among people advocating against corporate ecosystems.
I also think these are very similar. The main difference in my view is that the state parameter is checked by the client, while PKCE is checked by the server.
I run an authentication server and requiring PKCE allows me to make sure that XSS protection is handled for all clients.
> For coders, visual aesthetics don’t matter. For lawyers, they are a technical requirement. While this difference may seem arbitrary on the surface, it is downstream of a critical technical difference between the two fields. Machines interpret the work of coders. Human institutions interpret the work of lawyers.
I believe this is not only infuriating, I am pretty sure it is actually illegal. If lawyers would think that visuals are more important than semantics, they would explicitly discriminate blind people.
100% this. When I reached the end of that page I felt pranked because the obvious question was never answered. How are these cases resolved? Is it possible to fix some inputs and only update others? What if I sometimes want to change input A, and other times I want to update input B? All this should be explained as early as possible.
You can do it and it is explained, actually. Use # as a prefix to indicate a constant, e.g.: #50 will be a constant and not a variable.
In the future I'd like to support more user input constraints, in particular domain constraints for variables. So you could tell the solver that this cell must remain in some interval, and it would respect that interval instead of assigning any real value.
Yes. Hyprland has burnt bridges with many of the classic/pre-existing Linux dev communities. Amongst other things, the main developer was banned from freedesktop.
But they have a very, very large user base, which means lots of contributors - especially young, first-time-FOSS/Linux contributors. In a way, Hyprland has partially done what Linus was hoping to do by adding Rust to the kernel (attract the next-generation of young developers). And they have an active BDFL - no "led by committee" issues.
i don’t care, hyprland is great software and much better than whatever the ‘non-toxic as labeled by drew devault’ communities have come up with for WMs
Drew Devault is a left wing nutjob. He's done nothing but cause drama and attack people for years now.
Vaxry is an immature ~20 year old Polish dude. That means a bit of angst, Eastern European humour, more conservative opinions than most US tech workers.
Yeah, Vaxry is considered abrasive to some of the ultra-privileged leftwing US tech sphere. Most people don't care, just as people don't care about DD's views when using Sway, Miguel de Icaza's views when using Gnome, etc...
The linux developer community has quite a diverse set of opinions so it would be unfair to say that they despise hyprland. At most it's just a small number of developers who hold such an extreme position.
I don't think despised is correct. Drew made an argument for more mature and responsible behavior and leadership but some people just want to write code and not manage a community. I think that can be a lot to expect from some young programer thrown into the public eye, Hyprland is a well regarded implementation amongst tiling wms but the category always has and in my opinion always will have limited appeal for good reason.
Your link itself admits the 0.05 makes it a different formula. Both Y and L* go to zero for hard black which is a very common color (the most common for me) and would be infinite with black in there. I disagree this is all "not real".
The 2x2 table in that contrast experiments link I sent enumerates some differences along the edge cases { even with just |diff|s. }. Just empirically if you change that 0.05 to 0.02 or 0.10 things change "a lot" in terms of all the edge cases. You can try fiddling with running that Python script yourself and see.
Also, I believe the project of an actual "contrast measurement" - not merely threshold checking - is a worthy goal. I think it would be good to be able to say how bad, and for that the specific monotonic transformation absolutely matters, and again, I expect the color space designer people have opinions on this very worth listening to. I think they are targeting differences in the numbers being the most meaningful thing.
All that said, I did like your George Box quote. :-) I just don't think dismissing the problem is a great solution here. I'm not sure there is a great solution. But you & anyone are always free to find any problem uninteresting. I mean, you could also find all the color space distinctions of TFA similarly "no real difference".
reply