🚨 Problamma; qq; gotenberg; anonymous letters
🚨 Before we begin, I know there’s a bunch of readers who are riffing with Ollama, and y’all need to be aware of a critical remote code execution vulnerability (CVE-2024-37032) has been discovered and patched. The flaw, dubbed (sigh) “Probllama,” could allow attackers to overwrite arbitrary files and achieve remote code execution, particularly in Docker deployments. Wiz researchers found over 1,000 exposed Ollama instances hosting AI models without protection. Folks are urged to update to version 0.1.34 or later to mitigate this risk.
Now, on to today’s regularly scheduled Drop!
TL;DR
(This is an AI-generated summary of today’s Drop using Perplexity with the GPT-4o model.)
- The
qqutility is a new CLI tool that acts as an inter-operable configuration format transcoder withjqquery syntax. It supports multiple input and output formats and can be used as a replacement forjqor via a REPL with auto-complete. https://github.com/JFryy/qq/ - Gotenberg is a tool with a clean API that allows conversion of various document formats (HTML, Markdown, Word, Excel, etc.) to PDF using Chromium and LibreOffice. It’s containerized for easy dependency management and supports multiple programming languages. https://gotenberg.dev/
- Optimize your criminal activities with anonymous letters!
Just when you thought we were running out of two-letter CLI tools comes a new contender for your default tool installs. The qq utility is an “inter-operable configuration format transcoder with jq query syntax powered by gojq. qq is multi modal, and can be used as a replacement for jq or be interacted with via a REPL with auto-complete and real-time rendering preview for building queries.”
Input formats supported: CSV, HCL, INI, JSON, TF, TOML, XML, YAML.
Output formats supported: HCL, INI, JSON, TF, TOML, XML, YAML
Things on the TODO list include:
- Support for protobuff
- Support for HTML
- TUI View fixes on large files
- TUI Auto-completion improvements
- Optimization and Maintenance of encoder and encoder wrappers.
- Support slurp and other flags of
jqthat are useful.
It could use some more documentation besides the screencast, but I’m all for working with known query path syntax and adding in support for more file formats. While I do not mind piping from one tool to another, having a Swiss Army knife for data in one tool is pretty dope.
gotenberg
Gotenberg (GH) is a tool/project that sports a super clean API that lets us interact with spiffy tools like Chromium and LibreOffice for converting document formats like HTML, Markdown, Word, Excel, etc., into PDF files++. A yuge plus is that they’ve containerized the whole thing, so you don’t have to manage separate dependencies.
If you follow the container route, you’re an edit/paste away from trying:
curl \
--request POST http://localhost:3000/forms/chromium/convert/url \
--form url=https://example.com \
--form landscape=true \
--form marginTop=1 \
--form marginBottom=1 \
-o output.pdf
That command sends a POST request to the local Gotenberg API, specifying the URL to convert, setting the page orientation to landscape, and adjusting top and bottom margins
It has library support for many programming languages, and even has a WebHook mode; plus, it has it’s very own awesome list, so you know there’s also a community out there backing it up.
I don’t have a ton of need for this type of tool/service anymore, but others might. If you do use it, drop a note back to let folks know what to watch out for or what cool things they can do with it!
anonymous letters
This one is just for funsies.
Tired of cutting out letters from magazines (after carefully removing all fingerprints and DNA-identifiable micro-particles, ofc) and pasting them into coherent passages on ransom notes you send? Well, do I have a service for you!
Anonymous Letters does all the hard work of selecting random letters from a fairly large database of image cut-outs.
Make sure to disable your printer’s watermarking before making the final version to send to your fav detective!
FIN
Remember, you can follow and interact with the full text of The Daily Drop’s free posts on Mastodon via @dailydrop.hrbrmstr.dev@dailydrop.hrbrmstr.dev ☮️
hrbrmstr's Daily Drop 
Leave a comment