DDraceNetwork

Learath2

18.8 had an issue for some reason we couldn't figure out, it just doesn't update

I still have 18.8 and there should be already 19.0

Cosmic Xenor {Yannik}

I still have 18.8 and there should be already 19.0

He means that 18.8 doesnt auto update, just update it manually from website/steam

kebs

He means that 18.8 doesnt auto update, just update it manually from website/steam

how can i update it without replacing everything?

01:30

what are the important files?

Cosmic Xenor {Yannik}

what are the important files?

Configs are saved elsewhere, not in downloaded folder

kebs

Configs are saved elsewhere, not in downloaded folder

and my own files? mapres, automapping, ...? (edited)

01:32

i'm not sure where i saved them

every time I change a seed or ddnet crashes

Cosmic Xenor {Yannik}

and my own files? mapres, automapping, ...? (edited)

Just download to other folder and check, you dont have to replace

bug: the game allows outer aplicatsons on windows to force themselfs to the forground on windows. disable this by calling LockSetForegroundWindow (edited)

02:15

this can be very annoying when a prosses forces itself to the forground while playing

Just got a virus warning from a github actions build ddnet client. I don't think this comes from my modifications

it does that

16:35

it's because of demo_extract_chat.exe for some reason

16:36

or one of those I forgot which one

Report as false positive if you want. It's a generic machine learning-based detection, hence the !ml. No idea if it's possible to avoid this detection with any build changes, obviously they are secretive about how their detection works. I guess the combination of fetching various files via HTTP and capability to execute files trips the generic detection.

Its actually because it's matching the strings and other things that are in the binary because of the github build runner system I'm pretty sure. Any time someone released malware built on a github runner it causes regular binaries to get flagged like this

17:37

If you build it yourself it will never be flagged I've only seen this from the github actions

17:38

Its sorta unavoidable unless you add code signing to your github ci which is what people do to avoid this

Tater

If you build it yourself it will never be flagged I've only seen this from the github actions

Well our releases done on deens computer also get flagged sometimes, so it's not just that. We seem to share some chunk with a malware somewhere

17:54

Maybe the call to GetModuleFileNameW, it's not very common for software to be concerned with the current executable path

why doesn't deen sign the code we have enough users that you don't need to pay for trust signing for it to work

18:03

after a few hundred installs it whitelists you (edited)

Tater

why doesn't deen sign the code we have enough users that you don't need to pay for trust signing for it to work

I think we looked into a couple options but none were free and most required us to be an actual company

An OV cert doesn't work? Why not?

18:07

Hmm maybe you do need to be a business for this

Tater

An OV cert doesn't work? Why not?

We are not a business

DDNet GmbH, where do I apply?

I think you can probably find a provider who will give it to you

I don't think there are free code signing providers (edited)

https://shop.certum.eu/open-source-code-signing.html There is this, idk if we could pass the verification without being a company tho

Open Source Code Signing - set

Who can use Open Source Code Signing Certificate? programmers and software developers working under Open Source licenses. What is Open Source Code Signing Certificate? The certificate allows software developers working under the Open Developer license to digitally sign the original code, and recipients to verify the integrity of the data. Usin...

I'm seeing that, it seems like they got more expensive actually I didn't know this was happening

18:11

You can get an azure EV certificate for less than most of the OV providers

I'm not quite sure if just any EV/OV certificate is enough btw. https://learn.microsoft.com/en-us/windows-hardware/drivers/dashboard/code-signing-cert-manage they only trust these CAs and it needs to be a code signing certificate specifically, I think microsoft cross-signs their code signing CA certificate

Manage Code Signing Certificates - Windows drivers

This article describes how to get, add, and update code signing certificates to the hardware dashboard.

https://azure.microsoft.com/en-us/pricing/details/trusted-signing/

Trusted Signing - Pricing | Microsoft Azure

Trusted Signing, Security, Signing

Drivers are different than normal applications though

Though this is for drivers, maybe the rules are different for any app yeah

https://www.digicert.com/signing/code-signing-certificates

Buy Code Signing Certificates | DigiCert

Buy a DigiCert Code Signing certificate to stop application and software tampering so customers know their downloaded files are published as intended.

18:14

Its $120/y for the azure EV cert if you need less than 5000 signs per month

Certum is cheaper then for open source projects

18:16

it's only 25e

18:17

well 69e to begin with because you can't just store the certificate as a file, you need to get a smartcard

Is this not the cheapest one? https://shop.certum.eu/open-source-code-signing-on-simplysign.html (edited)

18:22

oh I see the one your talking about

Tater

Is this not the cheapest one? https://shop.certum.eu/open-source-code-signing-on-simplysign.html (edited)

We don't need it in the cloud I guess, unless we want to sign the github builds too

18:23

The offline version can be integrated into the regular release process deen runs locally (edited)

I thought cloud was cheaper

18:24

Microsoft azure charges you more for offline but it's backwards here

18:27

Apparently Microsoft mandates hardware tokens like that card for certs now unless you use cloud

18:27

as of 1 year ago

It's a good idea, certificates have been leaked in the past

Apparently IV (individual validation) certs exist but I can't find anyone who sells or provides them

18:44

I was unaware they were so strict about giving out the certs. Its surprisingly unreasonable

Can someone explain what's the idea that those stupid buttons is possible to press with any mouse button? Mouse wheel, RMB... like why? Just died on the map cuz of it

middle click connect dummy and your dummy opens in a new window trollet

oxyzo

middle click connect dummy and your dummy opens in a new window trollet

lol

when resizing layers, first ctrl+z works fine, 2nd ctrl+z erases everything, 3rd ctrl+z crashes the game

Cammodude

when resizing layers, first ctrl+z works fine, 2nd ctrl+z erases everything, 3rd ctrl+z crashes the game

Works for me. Is this the latest version?

19.0 on linux

ok, can reproduce it. only crashes when you use the ctrl+z hotkey while the layer popup is open

19:58

looks like it's related to the layer being deleted by undoing and not to the resize though

ZeroMS(Fake)

Can someone explain what's the idea that those stupid buttons is possible to press with any mouse button? Mouse wheel, RMB... like why? Just died on the map cuz of it

every button is coded like that kek

if any mouse button=click

20:31

ill fix up these in game tab for you

1