展開所有 GitHub comment 的 Bookmarklet

看到 Eric Meyer 弄了一個可以展開 GitHub comment 的 bookmarklet:「Bookmarklet: Load All GitHub Comments」。

分析他的程式碼,稍微手動排一下,可以看出來邏輯蠻簡單的,就是去找出對應的 button,然後模擬按下去的 event:

javascript:function start() {
  let buttons = document.querySelectorAll('button');
  let loaders = [];
  for (let i = 0; i < buttons.length; i += 1) {
    if (buttons[i].textContent.trim() == 'Load more%E2%80%A6') {
      loaders.push(buttons[i]);
      buttons[i].dispatchEvent(new MouseEvent('click', {
        view: window,
        bubbles: false
      }))
    }
  }
  if (loaders.length > 0) {
    setTimeout(start, 5000)
  }
}
setTimeout(start, 500);
void(20240130);

意外可以看到一些應該是作者以前寫習慣的寫法 (畢竟 Eric Meyer 這個名字二十年前就聽過了?),現在 for 拿來當 iteration 應該會用 of 的語法了,另外是 letconst 的差異...

還好這邊還是用 querySelectorAll(),而不是直接看到 getElementsByTagName(),不然就更有考古感了...

拿「Quadratic time internal base conversions #90716」這個測了一下還行,不過我不是那麼常用到,大概不會掛到 bookmark bar 上面...

作者有提到考慮過寫成 userscript,不過看起來是懶 XD

Google 在歐盟的服務將提供 Reject All Cookies 的按鈕

看到「Google gives Europe a ‘reject all’ button for tracking cookies after fines from watchdogs」這篇,在講 Google 在歐盟的服務開始提供 Reject All Cookie 的按鈕,其中 Google 官方的公告可以在「New cookie choices in Europe」這邊看到。

Reject All Cookies 的按鈕是像這樣的設計:

照報導說的,今年初的時候法國罰了 Google 一億五千萬歐元,因為 Accept All Cookies 只要一個按鍵,但 Reject All Cookies 需要按很多選單才能達成,而法國認為這樣非對稱式的設計是違法的:

Earlier this year, France’s data protection agency CNIL fined Google €150 million ($170 million) for deploying confusing language in cookie banners. Previously, Google allowed users to accept all tracking cookies with a single click, but forced people to click through various menus to reject them all. This asymmetry was unlawful, said CNIL, steering users into accepting cookies to the ultimate benefit of Google’s advertising business.

Google 的說明裡面也有提到法國的事情,但當然沒有提到罰款:

Based on these conversations and specific direction from France’s Commission Nationale de l’Informatique et des Libertés (CNIL), we have now completed a full redesign of our approach, including changes to the infrastructure we use to handle cookies.

另外就是這個功能目前只在法國啟用,後續會放到整個歐盟區:

We’ve kicked off the launch in France and will be extending this experience across the rest of the European Economic Area, the U.K. and Switzerland.

把 git log 用得很開心...?

看到「git log – the Good Parts」這篇文章,裡面研究了 Gitgit log 的各種好用的功能,然後整理出來... (所以是 good parts XD)

作者用的參數是一個一個加上去,所以可以一個階段一個階段了解用途。除了可以用作者推薦的 repository 測試外,我建議大家拿個自己比較熟悉的 open source 專案來測 (有用到比較複雜的架構):

git log
git log --oneline
git log --oneline --decorate
git log --oneline --decorate --all
git log --oneline --decorate --all --graph

看到喜歡的部份可以在 ~/.gitconfig 裡設 alias 使用,像是用 git l 之類的?保留 git log 本身可以避免一些 script 用到這個指令時因為輸出格式跟預期不一樣而爛掉 XD

Yahoo! 的資料外洩數量超過之前公佈的十億筆,上升到三十億筆

Oath (Y! 的新東家,Verizon 持股) 發表了新的通報,外洩數量直接上升到 3 billion 了:「Yahoo provides notice to additional users affected by previously disclosed 2013 data theft」。

也就是當時所有的使用者都受到影響:

Subsequent to Yahoo's acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft.

在「Yahoo says all 3 billion user accounts were impacted by 2013 security breach」這邊的報導則是寫的比較清楚,把當時的使用者數字翻出來:

Yahoo today announced that the huge data breach in August 2013 affected every user on its service — that’s all three billion user accounts and up from the initial one billion figure Yahoo initially reported.

2013 這包用的是 MD5 hash,以現在的運算能力來看,可以當作沒有 hash...:

The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.

已經是 "all" 了,接下來要更大包只能是其他主題了...

Amazon 推出 AWS CloudTrail,可以稽核 API 使用量...

因為最近幾天是 re:Invent,所以 AWS 在這個期間會丟出很多新玩意。

這次推出的是 AWS CloudTrail,會將 API call 記錄起來存到 Amazon S3 或是透過 Amazon SNS 發出,於是你就可以利用這些資料分析出各種想要撈出的資訊:「AWS CloudTrail - Capture AWS API Activity」。

目前只支援北美的 US East (Northern Virginia) 以及 US West (Oregon),也就是 us-east-1 與 us-west-1。