Time Nick Message 01:02 LazyJ Question about the mapfix mod's settings syntax -- there is no indication whether to use a space or "=" between the first part of the statement and the integer. Which example is correct: "mapfix_default_size 32" or "mapfix_default_size = 32"? 01:15 MTDiscord The latter 01:16 MTDiscord And it gets it from minetest.conf via minetest.settings, so its actually minetests setting syntax 01:19 LazyJ Jonathon, thanks. ;) 01:22 MTDiscord if thats wrong it would be rather awkward as i wrote that 01:27 LazyJ It would help if modders would include example versions of the settings, verbatim. 01:27 LazyJ But I don't think they would understand why the extra work would be useful. 01:28 LazyJ When you are steeped in a project it is easy to forget or be oblivious to things that other's not as involved would need or not know intuitively. 01:30 MTDiscord what is settingtypes.txt 01:30 MTDiscord if it has that file, a modder has done there job 01:31 MTDiscord your question was a how are settings in minetest.conf formatted question 01:31 LazyJ It has a settingtypes.txt but the operator to use is not specified. In the past there have been settings that use comma separated values, spaces, operators, sums, and individual integers. 01:33 MTDiscord again >your question was a how are settings in minetest.conf formatted question 01:33 LazyJ My confusion comes from previous years where Minetest's setting info and mod info where quiet messy. 01:34 LazyJ I'm sorry for not forming the question precisely enough. I won't bother with it again. Thanks. 01:34 MTDiscord thats fine, but its not really a modders thing to include even tho some do https://github.com/wsor4035/liquid_restriction#setup 01:34 MTDiscord np 11:21 Guest35 rubenwardy: Your contentdb api is not good: "Access to fetch at 'https://content.minetest.net/api/whoami/' from origin 'http://localhost' has been blocked by CORS policy (...)" 11:22 Guest35 please fix that! 11:24 Guest35 (...) = "No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." 12:46 MTDiscord I'm pretty sure CORS should not just be disabled without considering the consequences, like whether it could make CDB vulnerable to a CSRF attack against logged-in users or something. 12:50 rubenwardy I would only apply it the API 12:50 rubenwardy and only API endpoints that don't except cookie auth 12:56 MTDiscord Every article I have read about CORS only explains how to open it up, and the only explanation they give for why it's closed by default is "security reasons" but they say neither whose security nor from what. 13:07 rubenwardy maybe I could only allow read APIs through CORS to begin with 13:08 rubenwardy eh 13:08 MTDiscord CORS is more about client security than server security, client is doing something it probably should not if it triggers, it can guard against multiple things like certain XSS scams 13:09 MTDiscord It is request from server for client to protect itself 13:10 MTDiscord Most sane web browsers will follow advice of server and protect themselves. 13:20 MTDiscord If it were to protect the client then it doesn't make sense for a server to be the one that makes the override decision. If it was that nonsensically designed then no wonder everyone keeps turning it off. 13:25 MTDiscord There is command line switches or configuration for web browsers to disable CORS security... 13:31 MiniontobyPI but how 13:31 MiniontobyPI if i use no-cors mode, then my thing not works.... 13:32 MiniontobyPI maybe only allow the api urls or some kind of auth code (there is something with cors and authentictaion) 13:38 MTDiscord see debug log and check if it blocks requests anyway because of another client side security policy like https://en.wikipedia.org/wiki/Same-origin_policy 13:39 MTDiscord CORS is simply extension of same-origin policy allowing origins that server reported as trusted 13:40 MTDiscord Web browser then trusts that server knows those origin domains are safe to use while using their site 13:41 MTDiscord And therefore web browser will not block requests to those domains. 13:42 MiniontobyPI I can run my browser for now in no-cors mode, but i dont rellay like that... And i cannot do it with shell code, but that worked... 13:43 MiniontobyPI Yeah, I am for now going to add a bit of code to my extension which is going to add aceess allow * 13:43 MTDiscord And you should not do that unless you just want shortcut to test some application you trust without being able to have proper configuration right now 13:49 MiniontobyPI shortcuts wont work 13:53 MTDiscord What are you actually trying to do? 14:09 MiniontobyPI I am trying to allow cors 15:02 MTDiscord Server allows CORS not you, CORS is basically list of domains that server reports as trusted so that web browser knows if it is safe or not to make request with current open site context. 15:03 MiniontobyPI yeah 15:03 MiniontobyPI I am trying to edit the request when heeaders got received 15:04 MiniontobyPI but no luck 15:04 MiniontobyPI 405 errors 15:05 MTDiscord But there's several ways to get around that restriction (with proper limitations), I think JSONP is most used method by site front ends but as you're it sounds just trying to avoid it without revealing exact use case then just make your program to not follow same-origin policy and implement your own security policy that is sufficient for you (like no user input for URLs or static URL validation) 15:08 MTDiscord Sometimes the easiest workaround is just to proxy the remote back-end through a local back-end. 15:15 MiniontobyPI ¨Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.¨ 15:16 MiniontobyPI but yeah 15:19 MiniontobyPI WHy am I not able to talk on the discord server 15:21 MTDiscord someone obviously didnt read the rules 15:22 MiniontobyPI I read rules 15:22 MTDiscord well, didnt read #rules-info 15:22 MiniontobyPI oh i see 15:22 MiniontobyPI You must be Lurker rank or higher to: Chat in IRC channels. 15:23 MTDiscord people reading the rules? impossible 15:23 MiniontobyPI hmmmm 15:23 MiniontobyPI I am going to stay at irc 15:23 MiniontobyPI F to discord 15:23 MTDiscord "I am trying to edit the request when heeaders got received", it sounds that you do not yet completely understand that CORS is client side blocking. You program where you send requests is blocking requests, to be clear your computer is not allowing you to make thing that seems unsafe. 15:24 MiniontobyPI It works 15:24 MiniontobyPI for the non-screenshot url 15:24 MiniontobyPI whoami url works fine 15:25 MTDiscord probably server says that there's every origin is fine 15:28 MiniontobyPI hmmmm 15:29 MTDiscord (or your problem is not anymore same-origin and your requests do not anymore require following that policy but something else is broken) 15:34 MTDiscord To get basics thing why CORS is a thing: it is mostly to prevent evil web request injection where your current data (in your web browser program) meant to be only available for current website is possibly being sent to another server. 15:35 MTDiscord That's also why you can work around it by making requests that are similar to opening new site with new context, that's what JSONP is about. 15:35 MiniontobyPI But i only need to bypass it 15:36 MTDiscord That whole threat model doesn't make sense because it's the API server that controls CORS. If you ask the server "can I trust you?" why wouldn't an attacker just say "um, yes" 15:36 MTDiscord It is not API of server that controls CORS, you clearly have no idea what CORS is... 15:37 MTDiscord API of server advices browser by telling browser that server trusts certain sites. After server told browser that it is itself trusting those sites then browser allows requests to be made. 15:38 rubenwardy I suggest waiting 30 minutes for me to just allow CORS 15:38 MTDiscord I'm going to have to assume this is just a language barrier. 15:39 MTDiscord Yeah, if nobody can make a case why you shouldn't add the CORS headers then I guess ? just allow them and move on. 15:39 MTDiscord If you ask the server "can I trust you?", you do not ask server if you can trust it. You trust server and server tells what can be trusted 15:39 MTDiscord Especially if it's just read-only, and especially especially if it's just public stuff. 15:40 MTDiscord If server does not tell what can be trusted then browser blocks all request but ones going towards original server 15:40 MTDiscord However if server says that also foo.com is fine then browser allows requests to that server too 15:40 MTDiscord If the threat model is really this badly mangled then maybe they should just flip the default to open and take a different approach, like they did with HPKP and CAA 15:41 celeron55 doesn't warr1024 imply he doesn't trust any server he connects to? what's the point of opening the browser at all then 15:41 rubenwardy Am I right in thinking that browsers will send OPTIONS to each URL to check CORS? 15:41 MTDiscord Warr1024, problem is that you clearly do not understand why CORS is available. 15:42 MTDiscord CORS will not improve your server security at all, not a bit. And it is not meant to. 15:42 celeron55 what doesn't seem to be logical at first is that why would a server tell the browser to ask for resources from places the server doesn't want resources to be fetched from 15:42 celeron55 and the answer is XSS and such that users injected to the server 15:43 celeron55 like, imagine someone manage to put an tag inside your bank invoice that you're viewing on your bank's website 15:43 rubenwardy CORS is about different origins 15:43 rubenwardy that doesn't protect against that though 15:44 rubenwardy because the attacker site can still just allow CORS 15:44 rubenwardy CORS is done on the site you're connecting to, not the site you're on 15:44 rubenwardy CSP can be used to prevent tags to other sites in bank invoices 15:44 celeron55 wait, was it that way around 15:44 rubenwardy to prevent XSS, you want CSP really 15:45 rubenwardy CORS makes DDoS harder 15:45 rubenwardy as attackers can't just use JS on user machines to make loads of big requests to a website, only preflight requests 15:45 celeron55 this is so badly written https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS 15:46 rubenwardy CORS also prevents websites from accessing local services 15:47 celeron55 i insist on trying to put this into simpler words so: with CORS a server says "don't make requests to me unless the user is on one of these domains" 15:47 rubenwardy yeah 15:47 MTDiscord To make things clearer: CORS makes DDoS harder only if DDoS is executed from script in browser that supports CORS. 15:48 celeron55 and the browser assumes local services say "don't make requests to me from any domain" 15:48 rubenwardy MiniontobyPI: done 15:48 MiniontobyPI oke 15:48 rubenwardy (The ContentDB API now allows all origins) 15:49 MiniontobyPI doesnt work yet for me.... 15:49 MiniontobyPI oh wait 15:49 celeron55 and with CSP the server says "if i tell you to request a resource from somewhere other than these domains, don't do it" 15:50 rubenwardy yeah 15:50 rubenwardy you can also disable loading inline scripts 15:50 rubenwardy which is a huge protection against XSS 15:50 rubenwardy CDB has strict CSP enabled 15:50 MTDiscord Yes, there never was a question of WHAT CORS is. The question was simply WHY. 15:50 rubenwardy to the detriment of those that want images in long descriptions 15:50 MTDiscord And putting the what in other terms has really not helped explain the why. 15:51 rubenwardy The main why is to protect firewalled websites from being accessed 15:51 rubenwardy not sure if session cookies are also sent as well 15:51 MiniontobyPI hmm i see the acceess crontrol thing on the api page it self, but when it is trying to fetch it, it doesnt wokr 15:51 MTDiscord The DDoS thing is an interesting angle but it seems kind of thin (you can still flood someone with OPTIONS requests) and really seems out of scope for what web standards normally try to tackle anyway (usually they punt this to the network layer) 15:51 rubenwardy that could be an issue, would result in CSRF 15:52 rubenwardy https://mobilejazz.com/blog/which-security-risks-do-cors-imply/ 15:52 MTDiscord I think celeron55 got WHY covered in just 3 first comments very nicely :) 15:52 rubenwardy which first 3 comments? I don't see any whys 15:52 celeron55 i agree with Warr1024, CORS doesn't make sense for an API because it kind of makes the API an internal API but with only enforcement for good parties 15:53 MTDiscord So it sounds like CORS is just CSRF-protection-lite where they tried to protect against exfiltration of data from a protected API, but you need full CSRF protection anyway to prevent mutations being pushed in. Seems to make CORS sound pretty useless...? 15:53 rubenwardy yeah, which is why I've just disabled CORS for the CDB API 15:53 rubenwardy Warr1024: CSRF protection won't help if you turn off CORS 15:54 rubenwardy because a malicious script could just make a request to first get the CORS tokens 15:54 MTDiscord you mean the CSRF tokens? 15:54 rubenwardy yeah that 15:54 rubenwardy assuming CORS requests send any session tokens, which is what would cause the CSRF 15:55 MTDiscord Yeah, I was gonna say that CORS can't be defaulted off because there's no such thing as a general automatic CSRF protection yet, you need to design it into the flow of your entire protocol, so that's probably why they left it in place even though it's inadequate. 15:55 rubenwardy again, turning off CORS would make CSRF protections ineffective 15:56 MTDiscord How would that even work? 15:56 MiniontobyPI hmmmm 15:56 MiniontobyPI Access to fetch at 'https://content.minetest.net/api/whoami/' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. 15:56 rubenwardy fake news 15:59 MiniontobyPI AHHHHHHHHHHh 15:59 definitelya D: 16:00 rubenwardy https://i.rubenwardy.com/493ea.png 16:00 MTDiscord Try clearing your cache, then restarting your browser, then rebooting your computer, then dropping it in a vat of acid and buying a new computer and see if it still happens on the new one. 16:01 MiniontobyPI I did 16:01 MiniontobyPI shift-f5 16:01 MiniontobyPI and ctrl-shift-del 16:01 MTDiscord That's not a hard reload 16:02 rubenwardy Using devtools network is super useful 16:02 MiniontobyPI I do 16:02 rubenwardy you can see whether it's cached 16:02 MiniontobyPI I ahve enabled ¨disable cache¨ 16:02 MiniontobyPI also not work 16:02 rubenwardy ctrl+shift+r 16:02 MiniontobyPI but when I go to the url it self 16:03 MiniontobyPI then if i look at headers 16:03 MiniontobyPI it is there 16:03 MiniontobyPI ctrl+shift+r -> not helps 16:03 rubenwardy also, errors like this may happen with incorrect URLs 16:03 rubenwardy so check the request URL 16:03 rubenwardy eg: ContentDB has trailing slashes 16:04 rubenwardy method also matters 16:04 MiniontobyPI oh 16:04 rubenwardy the wrong method will trigger a CORS Failure 16:04 MiniontobyPI maybe that 16:04 MiniontobyPI let me see 16:04 rubenwardy needs to be GET 16:04 MiniontobyPI https://content.minetest.net/api/whoami/ 16:04 MiniontobyPI this should be good 16:04 MiniontobyPI {headers: headers, method: "GET"} 16:04 MiniontobyPI so yeah 16:05 MiniontobyPI and it worke 16:05 MiniontobyPI with my cors blocker 16:05 rubenwardy what was it? 16:05 MiniontobyPI but then packages/(...)/mypackes/screenshot 16:05 MiniontobyPI didnt 16:05 rubenwardy screenshots 16:05 MiniontobyPI Oh wait 16:05 MiniontobyPI I got idea 16:06 rubenwardy I suppose I should do this at the nginx level so that 404s etc in /api/ will allow CORS 16:06 rubenwardy but heh 16:07 MiniontobyPI I can change them 16:07 MiniontobyPI instead of adding new one 16:07 rubenwardy whatcha making btw? 16:08 MiniontobyPI I am trying to make a webapp where you can just use the methods 16:08 MiniontobyPI so i can test 16:09 MiniontobyPI for later 16:09 MiniontobyPI when I might make a bot to find packages 16:09 MiniontobyPI or something like that 16:10 rubenwardy nice 16:11 MiniontobyPI contentdb.html:1 Access to fetch at 'https://content.minetest.net/api/packages/Miniontoby/doorbell/screenshots/960' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request. 16:11 MiniontobyPI but I got the other one now working 16:12 MiniontobyPI becuase i edited it 16:13 rubenwardy missing 16:13 rubenwardy / 16:13 rubenwardy "Redirect is not allowed for a preflight request." means you've got the URL wrong 16:13 rubenwardy well, it means you've got the URL wrong in a way that CDB redirects 16:13 rubenwardy so either http or missing / 16:14 MiniontobyPI oh 16:15 MiniontobyPI now 16:15 MiniontobyPI has been blocked by CORS policy: Method PUT is not allowed by Access-Control-Allow-Methods in preflight response. 16:16 rubenwardy it's in the allowed methods 16:16 rubenwardy maybe caching issue again 16:16 MiniontobyPI Idk 16:16 IceDragon hello 16:16 MiniontobyPI let me see 16:17 MiniontobyPI access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS 16:17 MiniontobyPI That says netwrok 16:17 MiniontobyPI thing 16:18 MiniontobyPI I have edited it now from my client side 16:22 MiniontobyPI PUT https://content.minetest.net/api/packages/Miniontoby/doorbell/screenshots/960/ 405 16:22 MiniontobyPI wait thats a mistype in my code 16:23 MiniontobyPI or maybe not 16:24 rubenwardy there's no PUT API for screenshots 16:24 rubenwardy you'll need to delete and recreate it 16:24 rubenwardy if there was a put API, it would only allow updating the title anyway 16:31 MiniontobyPI I got it working now 16:32 MiniontobyPI I gtg 16:32 MTDiscord Trying to do a PUT from a browser...? I have a hard time imagining a use-case for that... 16:33 MTDiscord I mean especially for screenshots I guess 16:34 rubenwardy The ContentDB API uses PUT for anything that edits/updates 16:34 rubenwardy the browser is the new GUI platform 16:34 rubenwardy could be a fancy CDB client 16:44 MTDiscord I suppose that could be the case ... but if there are any UX deficiencies in CDB that others can cure, it'd be nicer to see those as PRs :-) 16:47 rubenwardy yeah definitely 21:11 MTDiscord Is it possible for a client to upload media to a server? I could see a usecase for taking screenshots and then uploadind them to the server to be added as dynamig media for a photography mod 21:11 MTDiscord via csm's and modchannels 21:12 MTDiscord What are modchannels? 21:12 MTDiscord maybe 21:12 sfan5 in theory via CSM but how would you get the media into there 21:12 sfan5 so effectly the answer is just "no" 21:12 MTDiscord https://github.com/minetest/minetest/blob/master/doc/lua_api.txt#L6401-L6418 21:13 MTDiscord the easiest way in reality is to have a formspec for providing a url, and http api to grab it 21:13 MTDiscord Thx 21:13 MTDiscord Or a csm to upload automatically to the url 21:14 MTDiscord that seems stupid 21:14 MTDiscord but you do you 21:14 MTDiscord ? 21:14 MTDiscord why use csms when you have absolutely no need or reason to 21:14 MTDiscord given its a hassle to enforce users to install and use thm 21:14 MTDiscord *them 21:15 MTDiscord Well any idea of when we get sscsm or is that still undetermined? 21:16 sfan5 undetermined 21:20 MTDiscord Ok well @wsor yeah it will be stupid util then 21:22 MTDiscord send message to server and make it move some spectator character running another instance at server at player location, take screenshot, make server handle it :p 21:23 MTDiscord then you should also have camera as item in game 21:25 MTDiscord it is very much doable but wont look exactly same for most clients but having actual in game camera to take screenshots and also over complicated hack to take actual screenshots server side sounds kinda fun 21:28 MTDiscord I guess it would be harder (or near impossible) to make server itself take screenshots without having client logged in? 21:30 MTDiscord Well I suppose you could make a script to make the server log in automatically 21:30 MTDiscord The server would hae to be running x11 21:32 MTDiscord Would a server-controlled fake player be useful for anything else? 21:32 MTDiscord forceload world anchor 21:33 MTDiscord Yeah that 21:33 MTDiscord make /kick command move player to target and kick him 21:33 MTDiscord Huh? 21:34 rubenwardy I could see there being a file input GUI element 21:34 rubenwardy not sure about large formspec submissions though 21:36 MTDiscord well, not best idea but I was saying move your fake spectator player to target and kick in game instead of actually disconnecting 21:37 MTDiscord Like add an element to the formspeg api @rubenwardy? 21:37 rubenwardy yeah 21:37 MTDiscord That would be cool 21:38 rubenwardy the Irrlicht file explorer sucks a bit 21:38 MTDiscord It would allow ingame skin submissions 21:38 MTDiscord Would be cool but is it good idea considering users? 21:38 rubenwardy generally, in a game you want to avoid opening up native GUIs as it's distracting to the user 21:38 rubenwardy this may be a case where you may want to use the native file mgr gui though 21:39 MTDiscord You mean like the spectator gomes and swings their foot and hits you? 21:39 rubenwardy SX: with a limited upload size and content types, I don't see much of a technical risk 21:39 rubenwardy however, from a moderation point of view it's risky to have players upload skins like thi 21:40 MTDiscord About moderation true but there are ways to handle it like requireing admins to approve each submission 21:40 MTDiscord @oderators im 21:41 MTDiscord that but I guess moderation could be handled, however I was thinking a bit that direct and easy upload could be tool for scams and there's a lot of users that are not really that tech savvy 21:41 MTDiscord Scams? 21:41 MTDiscord Like? 21:42 MTDiscord Im on mobile btw whioh is why my typing sucks 21:44 MTDiscord probably would open many ways but simplest would be collecting larger amounts of information. using native file manager would probably reduce that risk a bit, also file type and size limitations. 21:46 MTDiscord very much possible that it wont be problem really but I think users who might fall to good scams on discord will fall for any scam in game 21:47 MTDiscord for there to be a scam you have to have evil intent from the server owner. If the server owner is evil intentioned then I think that they could find other ways to scam anyways, right? 21:47 MTDiscord I mean it seems like many ppl somehow always trust that game is protected and nothing "real" can happen there 21:48 MTDiscord Yes, they will find ways but having thing integrated into game might make it way simpler. Not sure though and I think there would be ways to reduce that risk 22:50 * Wikiwide waves sleepily 22:51 specing Hi Wikiwide 22:51 Wikiwide A question: what is a practical/utilitarian impetus to actually play minetest? You see, I want to counter my younger brother's obsession with Minecraft by diving into Minetest - the open-source alternative that doesn't try to cajole real-world money out of users. But, since I am not generally a fun of video games or entertainment for entertainment's sake... 22:52 Wikiwide ...I need a cause. And "It will give you skills" doesn't fit - if I wanted skills, I would go to a real-world welding workshop in a makerspace. Pity is, I don't have welding-ready boots yet - but that's off-topic. 22:53 specing I think it boils down to motivation and goal-setting. Since minetest has no goal, you have to set yourself up with goals 22:53 specing you can also play with a community of players 22:54 specing and each can motivate another 22:54 Wikiwide So far, I scrounged that if Minetest physics are near enough to real-world physics, then I could use it for simulation for urban island effect, and construction of different buildings with goal to figure out how to minimise energy usage for heating/cooling/air-conditioning while still providing denizens with sufficient/healthy amount of sunlight 22:55 Wikiwide But I am not sure if the temperatures are even simulated. Are there any bushfires in Minetest? Lighting? Droughts? 22:55 specing Not really, no 22:55 * Wikiwide tsks 22:57 Wikiwide I understand that simulating whole planet, and its climate, would be too much. But is it possible to include with ecosystem a setting for its climate? Does Minetest include seasons - winter-spring-summer-autumn? Rain, hail, and such? 22:57 Wikiwide Well, I remember it can include snow. For the one time I tried out minetest a few years ago. 22:57 MTDiscord Minetest is actually pretty good for learning programming and modding skills that are generalizable. Sure, you could go to a workshop, but those aren't all necessarily that fun... 22:58 MTDiscord Wikiwide, I think you're looking for the Exile game for Minetest. 23:00 MTDiscord Yeah, on the "why Minetest" question, there are also some exclusive games for it that you can't get on Minecraft. 23:01 Wikiwide But there are also probably some exlusive games for Minecraft that you can't get on Minetest? 23:02 MTDiscord Could be, sure. It's only a "why Minetest" argument, not necessarily a "why not Minecraft" one. 23:03 MTDiscord I haven't played Minecraft in about 8 years, but I did still pay for it. It can be both. 23:04 Wikiwide Hmm, going by > Taigas are cold snow-covered biomes with rich vegetation with snow and dirt with snow as surface. < , there are no seasons yet. And I cannot see anything about wind. At least, there is changing brightness of sunlight, even if it's always vertical. And there isn't a recipe for glass lens, yet, so no nifty "Create fire from sunlight" thing yet. 23:04 MTDiscord Not in MTG at least 23:04 MTDiscord You can light a fire with a lens in NodeCore though 23:07 Wikiwide : Thank you. I find the premise of Exile strange, I am more of a city person. But having jumped to ContentDB, I now see https://content.minetest.net/packages/TestificateMods/climate_api/ 23:11 Wikiwide Very interesting... So, https://content.minetest.net/packages/TestificateMods/climate/ mentions lightning. 1) Does that include dry lightnings, or only rainstorm-lightnings? Because dry lightning sparkled one of the largest bushfires during Black Summer, when ring of fire surrounded Sydney. 2) Does this model include bushfires? 23:12 Wikiwide Could you please share whether these climate packages include non-vertical sunlight? Or heat generated on different surfaces (grass vs sand vs stone vs asphalt) by sunlight? 23:15 Wikiwide Also, if I connect to a multiplayer server, the mod's availability depends on the server more so than on my client's configuration, right? How do I know if a server has the climate package installed? 23:17 calcul0n you can type /mods in the server chat to get the list of installed mods 23:17 specing Wikiwide: wget 'https://servers.minetest.net/list' -O - | python3 -m json.tool /dev/stdin | less 23:18 specing search there 23:33 Wikiwide Lol, I did wonder why maximum number of people on a server would have been 200, when I was reading https://www.minetest.net/servers/. Now I recognise that it is software-imposed limit, probably for the sake of reducing lag, and not a matter of not-enough-people-to-reach-more-than-200-clients-on-a-server. 23:40 Wikiwide specing: Thank you. 4 servers equipped with climate_api. 1) ZAP server at minetest; 2) [CraftLab] Craft Test Dummies [FR] at perdu.com ; 3) Notre Ami Le Cube (Survival & PVP) [FR/EN] at sys4.fr ; 4) "Vineland Survival [0.4, 5.x]" aka "vine.edgy1.net" . In no particular order. 23:41 MTDiscord I think it's because saying you'll support WAY more players than any server could ever realistically be challenged to actually handle could only serve to manipulate scores or reputation without actually ever being called to account or something. 23:46 specing Wikiwide: when checking out the servers, ask what their policy towards CSMs is. Client-side mods allow you to enhance your experience (even modify physics a bit) 23:54 Wikiwide Hmm, I currently like Vineland Survival, probably because carpathian map generator. But then sys4.fr with "Be a builder, engineer, warrior or even a magician." sounds good, too. Either of them supports IRC and IRC_commands mods, whatever that means. 23:55 specing probably means that they have an irc channel bridged from somewhere