It supports pipelines, batched pipelines, and basic runners, as well as idempotent keys (including batching them). It also lets you "partition" a queue into multiple sub-queues so that you can easily segregate your jobs within your application without a lot of setup on the outside. For example, you create a root queue talking to PostgreSQL and pass it around to subsystems that then each create their own sub-queue off that to enqueue entries into and their own workers that dequeue them.

It's only used internally right now but I've been thinking about creating a separate package (with documentation) with it for others to use as well. Any feedback or pull requests would be appreciated !

[0] https://github.com/KeetaNetwork/anchor/blob/main/src/lib/que...

[1] https://github.com/KeetaNetwork/anchor/blob/main/src/lib/que...

MII//epi

Is converted to MII/epi

  f=g.open("/etc/passwd",0);
  e="rkeene:x:0:0:System administrator:/root:/run/current-system/sw/bin/bash\n".encode()
  ...
  g.system("/run/wrappers/bin/su - rkeene")

[0] https://rkeene.org/viewer/tmp/copy_fail_exp.c.htm

  $ stat /bin/su
    File: /bin/su
    Size: 59552           Blocks: 118        IO Block: 59904  regular file
  Device: 0,52    Inode: 796854      Links: 1
  Access: (4711/-rws--x--x)  Uid: (    0/    root)   Gid: (    0/    root)
  Access: 2023-09-18 13:23:03.117105665 -0500
  Modify: 2021-02-13 05:15:56.000000000 -0600
  Change: 2023-09-18 13:23:03.119105665 -0500
   Birth: 2023-09-18 13:23:03.117105665 -0500

Since it just uses PKCS#11, it also works with tpm_pkcs11. Source for the various bits that are bundled is here [1].

Here's an overview of how it works:

1. Application asks to sign with GPG Key "1ABD0F4F95D89E15C2F5364D2B523B4FDC488AC7"

2. GPG looks at its key database and sees GPG Key "1ABD...8AC7" is a smartcard, reaches out to Smartcard Daemon (SCD), launching if needed -- this launches gnupg-pkcs11-scd per configuration

3. gnupg-pkcs11-scd loads the SSH Agent PKCS#11 module into its shared memory and initializes it and asks it to List Objects

4. The SSH Agent PKCS#11 module connects to the SSH Agent socket provided by Keeta Agent and asks it to List Keys

5. Key list is converted from SSH Agent protocol to PKCS#11 response by SSH Agent PKCS#11 module

6. Key list is converted from PKCS#11 response to gnupg-scd response by gnugpg-pkcs11-scd

7. GPG Reads the response and if the key is found, asks the SCD (gnugpg-pkcs11-scd) to Sign a hash of the Material

8. gnupg-pkgcs11-scd asks the PKCS#11 module to sign using the specified object by its Object ID

9. PKCS#11 module sends a message to Secretive over the SSH Agent socket to sign the material using a specific key (identified by its Key ID) using the requested signing algorithm and raw signing (i.e., no hashing)

10. Response makes it back through all those same layers unmodified except for wrapping

(illustrated at [2])

[0] https://github.com/KeetaNetwork/agent

[1] https://github.com/KeetaNetwork/agent/tree/main/Agent/gnupg/...

[2] https://rkeene.org/tmp/pkcs-sign.png

If you don't intentionally allow accounts access to any app stores, do you still need to collect the data ? It says to collect it, and that's the purpose but it doesn't say if you're not permitting that purpose you don't have to collect it

If giving the US President unlimited and arbitrary authority as long as they can claim it was useful for meeting a legal obligation created by Congress were the correct interpretation then we need look no further than the "Take Care" clause of the US Constitution, where the US President is given the obligation to take care that all laws are faithfully executed -- which, with this interpretation, would mean that any action would be under the purview of the US President as long as they could claim at doing that action resulted in the laws being faithfully executed.

When the US President commits crimes as the US President, he has absolute immunity from prosecution (otherwise, he might not be emboldened to break the law) so there is no judicial recourse, but the US Congress can still see the illegal activity and impeach and remove him from office to stop the execution of illegal activity. As our representatives within the US Government, they are responsible to us to enact our legislative outcomes. It appears they have determined that the illegal activity is what we wanted, or there would be articles of impeachment for these illegal acts.

The legislative branch can of course deliberately impose tariffs at any time for the reasons you listed.

The parent comment was stating that if you use the open(2) system call on a WebDAV mounted filesystem, which doesn't perform any read operation, the entire file will be downloaded locally before that system call completes. This is not true for NFS which has more granular access patterns using the READ operation (e.g., READ3) and file locking operations.

It may be the case that you're using an application that isn't LibreOffice on files that aren't as small as documents -- for example if you wanted to watch a video via a remote filesystem. If that filesystem is WebDAV (davfs2) then before the first piece of metadata can be displayed the entire file would be downloaded locally, versus if it was NFS each 4KiB (or whatever your block size is) chunk would be fetched independently.

Do you believe that the Vienna Convention requires that countries treat their diplomatic representatives in some special legal way ? For example, do you believe that the Vienna Convention obligates the US to extend diplomatic immunity to the US Ambassador to France ?

If so, that's backwards. It doesn't obligate one country to treat their own diplomats specially inside their own legal system, it defines how participants of the treaty will treat FOREIGN diplomats. The benefit of being part of the treaty is that your diplomats are treated specially when they are in foreign lands, and the cost is you treat foreign diplomats specially when they are in your land.

The currency of treaties is reciprocity.

A treaty can never be binding, there exists no superior entity for which to bring your appeal which can then ultimately use their monopoly on force to extract justice -- each nation is sovereign and a peer in that respect.

Finally, I didn't address your last paragraph but I will now: It does not matter if the USA calls it a law enforcement operation and not invasion, it was still an invasion. It was an invasion because it meets the definition of the word. But ALSO it wasn't a law enforcement operation because the laws of the US do not apply in Venezuela. Also, it's illegal in the US to use the US Military for enforcing US laws except in times of invasion... although it sadly specifies that the US must be the entity being invaded, not just there be an invasion.