I think that any guides you find for Gitea + Renovate should work still for Forgejo + Renovate.

I believe the process is:

• Create Forgejo instance
• Create a user for Renovate within Forgejo
• Using the CLI on your local machine (or another tool to complete this step), create an SSH public/private key for the Renovate user
• Log into Forgejo using the Renovate user and configure the previously created SSH keys and separately generate a Forgejo token
• Create a Renovate instance with settings for at least RENOVATE_GIT_PRIVATE_KEY (SSH private key value), RENOVATE_TOKEN (Forgejo token value), RENOVATE_PLATFORM (gitea), RENOVATE_ENDPOINT (Forgejo API base URL), and any other Renovate settings that you may find helpful/necessary to configure (eg: GITHUB_COM_TOKEN, RENOVATE_AUTODISCOVER, etc.)
• Depending on how you want things to work, you may need to give the Renovate Forgejo user access to individual repos

uv

It is made by the Astral team, who made ruff and are working on a static type checker. They’re making great Python tooling and uv is no exception.

It is not clear that this is the app that will be used for the new watches. I imagine it will support the new RePebble watches, but I believe that app was intended for the original Pebble watches.

The thing that makes it so unclear to me is that this is a repo owned by the Rebble team, not the RePebble team. I do not know how much overlap there is between the two teams, but the RePebble team does not have any open source repos that I could find. Any mention of open source software by RePebble (including the OS) are links to repos owned by other teams, which is a little concerning.

I understand that the watch operating system is open source. However, it seems that the watch will connect to a companion smartphone app. Do you know if the app is a requirement and/or if the app will be open source?

If you know your VPN’s DNS server, you can change your local DNS so that it redirects your specified domains/subdomains to the appropriate, local IP address and all other requests would then use your VPN’s DNS.

If you don’t know your VPN provider’s DNS server information, you may be able to still do something similar to the above depending on your setup. Otherwise, you could run your own DNS resolver or use a different DNS provider. I guess doing so could potentially be used to further fingerprint you, but the concern about “DNS fingerprinting” is moreso DNS leaks where your DNS queries are accessible to unintended parties due to improper configuration.

I believe the only other option would be to change your hosts file on each device you want to use to connect to your services, which is probably not the best approach and may be challenging/impossible for certain devices.

Also, unless you setup the self signed certs to be trusted on a network/domain level (or again on each individual device), you will likely get a warning/error about the self signed certs when accessing your services. You may need to work through this process each time the certs renew.

I recommend buying a domain if you do not already have one and finding a service that provides wildcard certification challenges. This would allow you to setup a valid, trusted certificate that you could reuse for all of your services. The only thing that you would need to provide is an email address (can be any email address) and your domain name (in addition to other information that may be required to setup an account at the cert provider, but you may already have an account there as it could be the domain name registrar or other services like VPS providers, Cloudflare, etc.). Since it is a wildcard cert, each subdomain does not need to be set publicly and if you only use the domain within your network, the domain does not need to be publicly associated with any IP address.

If you do go forward with that approach, you could use the wildcard cert directly within NginxProxyManager or other reverse proxies. They will also automatically update/maintain the cert for you.

That’s true, but how often have you heard a finance team member wanting a CSV file so they can more easily process the data using Pandas or visualize it with MatPlotLib? How many accountants or finance people (especially those that ask for everything in Excel) do you know that is comfortable writing even a single line of Python code? How many of the finance team’s Excel-based tools will Python integrate well with? What feature(s) does Python within Excel provide that Excel (formulas, pivot tables, VBA, Power Query, Power Pivot, etc.) does not provide that someone on the finance team would need? What advanced charting/dashboarding functionality does Python in Excel provide that isn’t better accomplished in PowerBI (if not handled by standard Excel charts/graphs)?

Don’t get me wrong - Microsoft’s implementation of Python in Excel has its merits and will solve some problems that otherwise would not be possible in Excel and will make some people happy. However, this is not the solution most people were expecting, asking for, or find useful.

I agree with everything you said, but (in Microsoft’s eyes) this is a feature - not a bug.

Without this cloud component, how could:

• Microsoft make sure that the accounting team does not introduce a malicious/old Python library into the Excel file?
• Microsoft protect its users from writing/running inefficient, buggy, or malicious Python code?
• Microsoft provide a Python runtime to users who do not know how to install Python?
• Microsoft charge to run code that you wrote in a free, open source software programming language on a device that you own?

Over a year later and I still do not understand what the use case for this is.

A lot of the examples/documentation that was made by Microsoft for this seems to focus on data analysis and data visualization. Anyone in those fields would probably prefer to get the data out of Excel and into their tool/pipeline of choice instead of running their Python code in Excel. That also makes the big assumption that the data being used is fully contained within the Excel file and that the libraries used within the code are avalaible in Excel (including the library version).

For anyone looking to learn/use Excel better, I doubt the best use of their time is learning a new programming language and how Excel implements that programming language. They would likely be better off learning Excel’s formulas, pivot tables, charts, etc. They could even learn Power Query to take things to another level.

For anyone looking to learn Python, this is absolutely a terrible way to do so. For example, it abstracts away library maintenance, could provide modified error messages, and makes the developer feedback loop more complicated.

If you want to automate Excel then this realistically allows for very little new functionality that did not exist prior to this feature. Using other Python libraries like OpenPyxl and xlWings will still be required to automate Excel.

I am sure there are edge cases where this iteration of Python in Excel is perfect. However, this feels like a checkbox filler (“yeah, Excel supports Python now”) than an implementation of an actual useful feature. A fully featured and supported Python library that manipulates Excel/Excel files would have been a much more exciting and useful feature - even if it had to be executed outside of Excel, like OpenPyxl.

I did not know about autolinks - thanks for the link!

It is interesting how different parsers handle this exact situation. I usually am cautious about it because I typically am not sure how it will be handled if I am not explicit with the URL and additional text.

I’m curious about this. The source text of your comment appears that your comment was just the URL with no markdown. For your comment about a markdown parsing bug to be true, shouldn’t the URL have been written in markdown with []() notation (or a space between the URL and the period) since a period is a valid URL character? For example, instead of typing https://google.github.io/styleguide/cppguide.html., should [https://google.github.io/styleguide/cppguide.html.](https://google.github.io/styleguide/cppguide.html) have been typed?

Congrats on getting everything working - it looks great!

One piece of (unprovoked, potentially unwanted) advice is to setup SSL. I know you’re running your services behind Wireguard so there isn’t too much of a security concern running your services on HTTP. However, as the number of your services or users (family, friends, etc.) increases, you’re more likely to run into issues with services not running on HTTPS.

The creation and renewal of SSL certificates can be done for free (assuming you have a domain name already) and automatically with certain reverse proxy services like NGINXProxyManager or Traefik, which can both be run in Docker. If you set everything up with a wildcard certificate via DNS challenge, you can still keep the services you run hidden from people scanning DNS records on your domain (ie people won’t know that an SSL certificate was issued for immich.your.domain). How you set up the DNS challenge will vary by the DNS provider and reverse proxy service, but the only additional thing that you will likely need to set up a wildcard challenge, regardless of which services you use, is an email address (again, assuming you have a domain name).

tl;dr: A notable marketshare of multiple browser components and browsers must exist in order to properly ensure/maintain truly open web standards.

It is important that Firefox and its components like Gecko and Spidermonkey to exist as well as maintain a notable marketshare. Likewise, it is important for WebKit and its components to exist and maintain a notable marketshare. The same is true for any other browser/rendering/JavaScript engines.

While it is great that we have so many non-Google Chrome alternatives like Chromium, Edge, Vivaldi, etc., they all use the same or very similar engines. This means that they all display and interact with websites nearly identically.

When Google decides certain implementation/interpretation of web standards, formats, behavior, etc. should be included in Google Chrome (and consequently all Chromium based browsers), then the majority marketshare of web browsers will behave that way. If the Chrome/Chromium based browsers reaches a nearly unanimous browser marketshare, then Google can either ignore any/all open web standards, force their will in deciding/implementing new open web standards, or even become the defacto open web standard.

When any one entity has that much control over the open web standards, then the web standards are no longer truly “open” and in this case becomes “Google’s web standards”. In some (or maybe even many) cases, this may be fine. However, we saw with Internet Explorer in the past this is not something that the market should allow. We are seeing evidence that we shouldn’t allow Google to have this much influence with things like the adoption of JPEG XL or implementation of FLoC.

With three or more browser engines, rendering engines, and browsers with notable marketshares, web developers are forced to develop in adherence to the accepted open web standards. With enough marketshare spread across those engines/browsers, the various engines/browsers are incentivized to maintain compatibility with open web standards. As long as the open web standards are designed and maintained without overt influence by a single or few entities and the open standards are actively used, then the best interest of the collective of all internet users is best served.

Otherwise, the best interest of a few entities (in this case Google) is best served.