# Color Formats in CSS

Nice introduction into CSS color formats by Joshua Comeau. I learned about the upcoming lch():

LCH is a color format that aims to be perceptually uniform to humans. Two colors with an equivalent “lightness” value should feel equally light!

Looks great!

Also, TIL about that rgb(r g b / a) thing I’ve seen a few times:

For most of CSS’ existence, we specified RGB colors using a slightly different syntax.

This changed in CSS Colors level 4, which introduces a standardized notation used across newer color formats. rgba() isn’t explicitly deprecated, but it’s recommended to use the newer format (fortunately, browser support is excellent).

# ReDoS ”vulnerabilities“ and misaligned incentives

TL;DR: ReDoS “vulnerabilities” are, overwhelmingly, indistinguishable from malicious noise:

1. They exist primarily because of misaligned incentives in the security reporting and vulnerability reporting ecosystems (and industries);

2. The risk they pose is extremely context sensitive and does not align with their ridiculous “severity” scores;

3. They produce security fatigue in the very engineers they’re meant to help, and effectively represent their own denial of service against timely resolution of actual vulnerabilities.

I agree with this.

While it would be nice to switch everything to non-backtracking regular expressions, most cases of ReDOS don’t cause major security issues.

This is also a problem with the industry in general, as various vulnerability scanners are full of useless noise.

# 2022 was the year of Linux on the Desktop

Linux as a primary operating system had been steadily climbing for the past 5 years. 2018 through 2021 saw steady growth with 23.2%, 25.6%, 26.6%, 25.3%, and finally in 2022 the usage was 40.23%. Linux usage was more than macOS in 2021, but only by a small margin. 2022 it is now 9% more than macOS.

Based on 2022 StackOverflow developer survey, of course.

# How I still use Flash in 2022

When Adobe killed Flash Player in 2020, I didn’t want my Flash games to disappear forever.
[…]
The way forward was obvious; I’d have to make my own Flash player.

A fairly detailed description of how a game developer converted Flash games to run natively.

Love this bit:

Although I developed the game mostly on my Mac, during development Apple invented this thing called “Notarization” where if you run any app on a new version of MacOS, it’ll make a network request to Apple to ask if the app’s developer pays Apple a yearly fee.