Go 1.23 默认为
目前已知的相关 issue 有:AWS 基于 Suricata 的防火墙会默认丢弃过长的 TLS Client Hello 导致 Go 1.23 编写的应用无法访问 AWS API( https://github.com/hashicorp/terraform-provider-aws/issues/39311 );AdGuardHome 及其其使用的 DNS 转发库
Go 1.23 更新日志: https://tip.golang.org/doc/go1.23
-----
https://acg.mn/@sukka/113572701104608722
https://fxtwitter.com/isukkaw/status/1862888987595280883
https://bsky.app/profile/skk.moe/post/3lc6hhgg6zc2y
crypto/tls 启用了实验性质的「后量子时代加密 Cipher」X25519Kyber768Draft00,导致通过 Go 1.23 内置的 TLS 实现发送的 TLS Client Hello 从典型的 252 bytes 激增到 1476 bytes。对于一些未正确配置的防火墙或 LB 来说,这会导致使用 Go 1.23 + Go 内置 TLS 实现的客户端 TLS 握手失败。目前已知的相关 issue 有:AWS 基于 Suricata 的防火墙会默认丢弃过长的 TLS Client Hello 导致 Go 1.23 编写的应用无法访问 AWS API( https://github.com/hashicorp/terraform-provider-aws/issues/39311 );AdGuardHome 及其其使用的 DNS 转发库
adguard/dnsproxy 无法和 DNSPod 公共 DNS 的 DoH 和 DoT 完成 TLS 握手(https://github.com/AdguardTeam/AdGuardHome/issues/7357 、 https://www.v2ex.com/t/1094021#reply0 )。Go 1.23 更新日志: https://tip.golang.org/doc/go1.23
-----
https://acg.mn/@sukka/113572701104608722
https://fxtwitter.com/isukkaw/status/1862888987595280883
https://bsky.app/profile/skk.moe/post/3lc6hhgg6zc2y
GitHub
Go 1.23: Additional key exchange mechanism `X25519Kyber768Draft00` causes AWS Network Firewall to drop packets · Issue #39311 ·…
v5.65.0 of the Terraform AWS Provider upgraded to Go 1.23.0, which introduced a minor change to the crypto/tls standard library package: The experimental post-quantum key exchange mechanism X25519K...
https://fxtwitter.com/isukkaw/status/1888162540896788693
https://bsky.app/profile/skk.moe/post/3lhnti7n5y22d
https://bsky.app/profile/skk.moe/post/3lhnti7n5y22d
FxTwitter
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
So @pnpmjs's onlyBuiltDependencies feature is flawed by default: you don't re-approve to update dependencies.
Let's say you use @rspack_dev and add "rspack/core" to the list, what happens if rspack is compromised and releases a malicious version? It is still…
Let's say you use @rspack_dev and add "rspack/core" to the list, what happens if rspack is compromised and releases a malicious version? It is still…
Sukka's Notebook
https://fxtwitter.com/isukkaw/status/1900087310731141137
🧵 Thread • FxTwitter / FixupX
liyoujia.1988@163.com мoniter (@tencentcloud2)
@isukkaw @tencentcloud @TencentGlobal Dear Sukka,We have received your feedback and conducted verification. The article you reported was user-generated content within the community, and we have taken it down accordingly. Thank you for your supervision and…
Sukka's Notebook
SukkaW/Surge 现已支持: - sing-box Rule Set Sukka/Surge@75f188f1 - 转换 Surge 的 DOMAIN-WILDCARD 为 Clash 的 DOMAIN-REGEX 和 sing-box 的 domain_regex Sukka/Surge@f3595820
SukkaW/Surge 现已恢复对 Dreamacro 的 Clash Premium 的 Rules Provider 支持,路径前缀为
注:只提供 classical ruleset、去除 DOMAIN-REGEX 和 IP-ASN。其余和 Mihomo(
/LegacyClashPremium/ :Sukka/Surge@70c5625注:只提供 classical ruleset、去除 DOMAIN-REGEX 和 IP-ASN。其余和 Mihomo(
/Clash/ )一致。domain(set) 和 ipcidr 可直接使用 /Clash/ 下的文件。GitHub
GitHub - SukkaW/Surge: Rule Snippet & Rule Set for Surge / Mihomo (Clash.Meta) / Clash Premium (Dreamacro) / sing-box / Surfboard…
Rule Snippet & Rule Set for Surge / Mihomo (Clash.Meta) / Clash Premium (Dreamacro) / sing-box / Surfboard for Android / Stash - SukkaW/Surge
Sukka's Notebook
SukkaW/Surge 现已恢复对 Dreamacro 的 Clash Premium 的 Rules Provider 支持,路径前缀为 /LegacyClashPremium/ :Sukka/Surge@70c5625 注:只提供 classical ruleset、去除 DOMAIN-REGEX 和 IP-ASN。其余和 Mihomo( /Clash/ )一致。domain(set) 和 ipcidr 可直接使用 /Clash/ 下的文件。
FxTwitter
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
SukkaW/Surge 现已恢复对 Dreamacro 最后一版 Clash Premium 的 Rules Provider 支持,路径前缀为 /LegacyClashPremium/
只提供 classical ruleset、去除 DOMAIN-REGEX 和 IP-ASN。domain(set) 和 ipcidr 可继续使用 /Clash/ 下的文件。
https://github.com/SukkaW/Surge/commit/70c56251992c6fda1da1b83582e00f706614726f…
只提供 classical ruleset、去除 DOMAIN-REGEX 和 IP-ASN。domain(set) 和 ipcidr 可继续使用 /Clash/ 下的文件。
https://github.com/SukkaW/Surge/commit/70c56251992c6fda1da1b83582e00f706614726f…
Sukka's Notebook
SukkaW/Surge 现已恢复对 Dreamacro 的 Clash Premium 的 Rules Provider 支持,路径前缀为 /LegacyClashPremium/ :Sukka/Surge@70c5625
SukkaW/Surge 现已提供试验性的 Surfboard for Android 的 RULE-SET 支持,路径前缀为
不提供 Surfboard 单独的 DOMAIN-SET、可以直接使用 Surge 的 DOMAIN-SET(
SukkaW/Surge 现已支持 Protocol/Network(如匹配 TCP、UDP 等)规则的解析和输出:Sukka/Surge@76f56fa0。
/Surfboard/ :Sukka/Surge@c3e4a1a4不提供 Surfboard 单独的 DOMAIN-SET、可以直接使用 Surge 的 DOMAIN-SET(
/List/domainset)。SukkaW/Surge 现已支持 Protocol/Network(如匹配 TCP、UDP 等)规则的解析和输出:Sukka/Surge@76f56fa0。
GitHub
GitHub - SukkaW/Surge: Rule Snippet & Rule Set for Surge / Mihomo (Clash.Meta) / Clash Premium (Dreamacro) / sing-box / Surfboard…
Rule Snippet & Rule Set for Surge / Mihomo (Clash.Meta) / Clash Premium (Dreamacro) / sing-box / Surfboard for Android / Stash - SukkaW/Surge
SukkaW/Surge 现提供 Stash for Mac/iOS 的支持,路径前缀为
/Clash/ 下的文件现和 Stash 完整兼容。
Sukka's Notebook
https://fxtwitter.com/isukkaw/status/1925020329631735985
🧵 Thread • FxTwitter
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
I just created the fastest HTML escape library for JavaScript (both Node.js and browser). The GitHub repo alongside the full benchmark can be found in the reply.
Always be careful of small details: I even adjusted the order of `switch case` to compare more…
Always be careful of small details: I even adjusted the order of `switch case` to compare more…
Sukka's Notebook
UniFi 就图个乐子,我是没见过哪家迫真企业级网络设备厂、两个月解决不了 Android 手机无法连接 WPA2-Enterprise/WPA3-Enterprise 的问题的。 请大家不要学习我使用 UniFi 产品、请优先购买来自企业级网络设备厂商,如 BugTik、Disco、Juniper、NetGear、Aruba、RUCKUS 的产品。
🧵 Thread • FxTwitter
Sukka / 毛绒绒的大尾巴🦊 (@isukkaw)
So, @Ubiquiti is a joke when it comes to network equipment companies. I have never seen any company like this before, failing to identify the issue behind many of my Android phones failing to connect to a WPA2-Enterprise/WPA3-Enterprise Wireless network for…
Sukka's Notebook
https://fxtwitter.com/isukkaw/status/1929543736066814130
本来还想给 UniFi 客服与技术支持部门廉政邮箱 发邮件的,邮件写到一半、UniFi 的推特账号反而第一个找上来说帮我 escalate 了
https://fxtwitter.com/Ubiquiti/status/1929552201367593071
https://fxtwitter.com/Ubiquiti/status/1929552201367593071
🧵 Thread • FxTwitter
Ubiquiti Inc (@Ubiquiti)
@isukkaw Thanks for flagging. We’ve escalated your case to a manager to review ASAP. Thank you.