The command line version is here:
https://github.com/villares/sketch-a-day/blob/main/admin_scripts/pngs_to_gif.py
I should add a "public domain dedication" to both scripts...
I have this very simple #Python script that uses #imageio to convert all PNG files on a folder into a #GIFAnimation, and this is a #FreeSimpleGUI version of it (I usually run a command line version).
As I usually run #gifsicle on the command line after creating a GIF, I decided to update it to add #pygifsicle to do it for me and save a step.
https://github.com/villares/sketch-a-day/blob/main/admin_scripts/make-gif.py
Imageio is a Python library that allows users to read and write images, videos, and other data. It is cross-platform and can run on Python 3.9 and later.
Website
https://pypi.org/project/imageio/
Documentation
https://imageio.readthedocs.io/en/stable/
Essentially, distro developers are firefighters, putting out fires made by careless upstreams.
What I've wasted time on, today:
- making the non-standalone test suite of #Hatchling (sigh) work without #UV again, so that a critical build dependency of a growing number of #Python packages could be tested everywhere
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc6e54e1df5e0802198c793f39107a9028b8698f
https://bugs.gentoo.org/930662
- fixing effectively dead (but with a promise of revival) #PassLib not to break random stuff via printing warnings when using newer #BCrypt versions
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1e015b65b74283a51893672739c5e4784b95273
https://bugs.gentoo.org/925289
- hacking the test suite of #ImageIO work using an offline copy of test data, rather than cloning its git repository at the beginning of tests
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77ff4bc09d68067f2c635d43d446f308990e0873
I really wish people would consider donating to distro developers more often, rather than to projects that create this thankless work for us.
W gruncie rzeczy, devowie distro są jak strażacy, walczący z pożarami wywołanymi przez nieostrożnych twórców oprogramowania.
Dzisiaj zmarnowałem czas na:
- naprawienie testów systemu budowania #Hatchling (które nie są wyodrębnione od testów Hatcha, wzdych), by działały znów bez #UV, abyśmy powtórnie mogli wszędzie testować tę krytyczną zależność rosnącej liczby paczek Pythona
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc6e54e1df5e0802198c793f39107a9028b8698f
https://bugs.gentoo.org/930662
- naprawianie praktycznie martwej (ale z obietnicą resuscytacji) biblioteki #PassLib, by nie psuła przypadkowych paczek, wypisując ostrzeżenia z nowszymi wersjami biblioteki #BCrypt
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1e015b65b74283a51893672739c5e4784b95273
https://bugs.gentoo.org/925289
- obchodzenie upierdliwości w #ImageIO tak, by dało się tę bibliotekę testować offline, z pobranymi wcześniej danymi, zamiast przy każdym uruchomieniu testów klonować repozytorium git
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77ff4bc09d68067f2c635d43d446f308990e0873
Naprawdę chciałbym, by ludzie częściej rozważali wsparcie devów distro, a nie tylko projektów, które tworzą im tę niewdzięczną pracę.
#Apple #iOS 17.1 terrifyingly spooky vulns... please patch ASAP!
#FindMy: An app may be able to read sensitive location information
#ImageIO: Processing an image may result in disclosure of process memory
#IOTextEncryptionFamily: An app may be able to execute arbitrary code with kernel privileges
#Kernel: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
#mDNSResponder: A device may be passively tracked by its Wi-Fi MAC address
#Passkeys: An attacker may be able to access passkeys without authentication
#Photos: Photos in the Hidden Photos Album may be viewed without authentication
#WebKit: Processing web content may lead to arbitrary code execution (x3)
The #WebP bug (identified by @citizenlab) that underlies both the #Apple #ImageIO and the #Chrome + #Firefox hotfixes, is a very complex beast.
For efficiency purposes, the WebP implementation used everwhere ("libwebp") is extremely complex and relied on assumptions the (resourceful!) attackers were able to break.
"The problem, we now know, is that this format is incredibly complex and fragile, and the preconditions to trigger this issue are immense." https://blog.isosceles.com/the-webp-0day/
Early last week, Google released a new stable update for Chrome. The update included a single security fix that was reported by Apple's Security Engineering and Architecture (SEAR) team. The issue, CVE-2023-4863, was a heap buffer overflow in the WebP image library, and it had a familiar warning attached: "Google
Tarnkappe.info
Alexandre B A Villares 🐍
TOV
Jesus Michał "Le Sigh" 🏔 (he)
Jezus Michał "Le Wzdych" (on)
Javed A. Butt
yawnbox
Marcel Waldvogel