exu

The main unauthenticated action is video streaming, but an attacker would need to guess the correct id by chance.

https://github.com/jellyfin/jellyfin/issues/5415#issuecomment-2825240290

Some of them can be fixed, though you don’t necessarily need to do all of them. Easiest thing is ignoring them as long as everything works.

Please rewrite to node and make it mandatory. Also make it inverse proportional to how big the package is to punish stuff like leftpad

/s, but only partially

Long pressing on the image also shows the alt text btw

No, it’s just something to be aware of

Just FYI, unless you absolutely need anonymity from ICANN/the country owning the TLD I wouldn’t choose Njalla. Legally any domain you purchase is owned by them, that’s how they can keep your name from law enforcement requests. However, that also means in any dispute between you and Njalla they can just refuse to service you and keep your domain without recourse.
Normal domain registrars are regulated and if you purchase a domain through them you are its legal owner, if they don’t want your service they must still allow you to transfer the domain somewhere else. Any good registrar provides domain WHOIS protection and will only give out your name to legal requests by law enforcement, so I wouldn’t worry too much about that.

I think that breaks most clients

I started using Quadlets recently and it’s great to have declarative configs for containers all managed with systemd. It only gets good with Podman version 5 though, 4.4 doesn’t support .pod files, which I use quite heavily.

Not sure what Plex debrid does, but anything managed by a good service manager (like systemd) is more reliable than starting a shell session and hoping it doesn’t die.

Nested VMs stay performant about three levels deep, so do that as well.

Most clients have it disables by default and you’ll still have to install the intro skipper plugin.

With version 10.10 they integrated chapter markers into Jellyfin. You still need a plugin to generate the intro timings, but any client I tried has support for skipping with a button.

Can’t be a relational database, Musk said the government doesn’t use SQL.

I’m also not a programmer, you’ll find my longest comments to explain why I’ve done some terrible mangling, what this does and how.

I’d stick to using the host IP for communication between pods. It keeps the separation of different pods intact, makes it easier to add new services and if you ever get a second machine for containers you can continue doing it the same way just with a different IP.

I know about that and use it for some projects, but it’s still the hassle of donating to individual projects and small payments have disproportionally higher fees (I’m not blaming them it just is like that)

I know micropayments is a bad word, but a centralized nonprofit where I could pay 50$ a month to distribute amongst projects I use and their dependencies would be great. Disregarding any privacy concerns of course, as they would have to track all or most of the applications I use and for how long.

I know Findroid allows easy downloading and offline watching. Fladder (another newer Android client) also has downloading, haven’t tried it myself yet.

The AIO container is so terrible, like, that’s not how you’re supposed to use Docker.
It’s unclear whether OP was using that or saner community containers, might just be the AIO one.

Minecraft loves single core performance, so it will likely behave differently to most general benchmarks.
But that also makes dedicating a few cores to it and everything else to other services.

Seconds are clearly defined by one specific caesium-133 transition

The second […] is defined by taking the fixed numerical value of the caesium frequency, ΔνCs, the unperturbed ground-state hyperfine transition frequency of the caesium 133 atom, to be 9192631770 when expressed in the unit Hz, which is equal to s−1