awnumar/memguard[1] exists and does even more

1) allocations via memguard bypass gc entirely

2) they are encrypted at all times when not unsealed

3) pages are mprotected to prevent leakage via swap

4) and so on...

Not as ergonomic as OP's proposal, of course.

[1] https://github.com/awnumar/memguard

LlamaLab's Automate has a non-root privileged service via network adb service. Would it be possible to simplify app installation via adb the same way? An app that reads apk, sends it over pre-paired ADB. Sounds like a much simpler solution.

from typing import Protocol, TypeVar

T_co = TypeVar("T_co", covariant=True)

class Indexable(Protocol[T_co]): def __getitem__(self, i: int) -> T_co: ...

def f(x: Indexable[str]) -> None: print(x[0])

I am failing to format it proprely here, but you get the idea.

Just fyi: https://news.ycombinator.com/formatdoc

> Text after a blank line that is indented by two or more spaces is reproduced verbatim. (This is intended for code.)

If you'd want monospace you should indent the snippet with two or more spaces:

  from typing import Protocol, TypeVar
  
  T_co = TypeVar("T_co", covariant=True)
  
  class Indexable(Protocol[T_co]):
    def __getitem__(self, i: int) -> T_co: ...
  
  def f(x: Indexable[str]) -> None:
    print(x[0])

I give Rust a lot of points for putting control over covariance into the language without making anyone remember which one is covariance and which one is contravariance.

One of the things that makes typing an existing codebase difficult in Python is dealing with variance issues. It turns out people get these wrong all over the place in Python and their code ends up working by accident.

Generally it’s not worth trying to fix this stuff. The type signature is hell to write and ends up being super complex if you get it to work at all. Write a cast or Any, document why it’s probably ok in a comment, and move on with your life. Pick your battles.

Kotlin uses "in" and "out": https://kotlinlang.org/docs/generics.html

Co- means with. Contra- means against. There are lots of words with these prefixes you could use to remember (cooperate, contradict, etc.).

There is also bunch of prepackaged types, such as collections.abc.Sequence that could be used in this case.

Sequence does not cut it, since the op mentioned int indexed dictionaries. But yeah.

    Sequence[SupportsFloat] | Mapping[int,SupportsFloat]

Whether or not you explicitly write out the type, I find that functions with this sort of signature often end up with code that checks the type of the arguments at runtime anyway. This is expensive and kind of pointless. Beware of bogus polymorphism. You might as well write two functions a lot of the time. In fact, the type system may be gently prodding you to ask yourself just what you think you’re up to here.

> Sequence[SupportsFloat] | Mapping[int,SupportsFloat]

This is really just the same mistake as the original expanding union, but with overly narrow abstract types instead of overly narrow concrete types. If it relies on “we can use indexing with an int and get out something whose type we don’t care about”, then its a Protocol with the following method:

  def __getitem__(self, i: int, /) -> Any: ...

More generally, even if there is a specific output type when indexing, or the output type of indexing can vary but in a way that impacts the output or other input types of the function, it is a protocol with a type parameter T and this method:

  def __getitem__(self, i: int, /) -> T: ...

It doesn’t need to be union of all possible concrete and/or abstract types that happen to satisfy that protocol, because it can be expressed succinctly and accurately in a single Protocol.

As of Python 3.12, you don’t need separately declared TypeVars with explicit variance specifications, you can use the improved generic type parameter syntax and variance inference.

So, just:

  class Indexable[T](Protocol):
    def __getitem__(self, i: int,/) -> T: ... 

is enough.

So, now you have to worry about your VPS/Internet provider deplatforming you. Or about your domain name being seized. And spam filtration, backups, redundancy...

I'm not saying email self hosting should not be done, I just say a bit of planning should be done.

DNS seems like the most annoying part, it is SPoF by design. The problem can be mitigated, but seems like cannot be solved. For example, owning multiple domain names in multiple jurisdictions. And round-robin them. You cannot eliminate SPoF for any one specific service you want to login using email. But you won't lose access to everything at once.

Edit: P.s. At the same time, owning your domain for mail seems to be one of the most impactful things to do to reduce digital serfdom. Banned at *mail? Just switch those MX records and go on.

> So, now you have to worry about your VPS/Internet provider deplatforming you. Or about your domain name being seized. And spam filtration, backups, redundancy...

Your VPS / ISP better have a good reason to "deplatform". If you're really worried, use two different ones.

Also, people have more problems with being "deplatformed" by Google, often with no reason given, and with no way to communicate with a human about the issue. Look it up. I'd be more worried about that.

DNS isn't a single point of failure. Nor is email when it comes to reception (that's what backup MXs are for). If you need redundancy when it comes to being able to fetch email, you can easily have the primary MX also forward to mailboxes on another host so you have two (or more) copies of everything. None of this is all that hard, and people have been doing it for ages. Give it a try :)

1) To quote myself: "I'm not saying email self hosting should not be done, I just say a bit of planning should be done". I self host my email. I just meant it is not "just rent a VPS and slap some docker containers on it"

2) I never said receiving email is a SPoF

3) Please explain in detail what do I do in order to keep receiving emails using "me@johndoe.com" after johndoe.com gets undelegated. I do not know of a way and would very much like to know. If there is no way.. It is a SPoF.

edit: formatting

There is - and was featured here a couple of times. atuin dot sh. But it uses sqlite under the hood afaik

What may be the implications of a breach like this?