The HackerOne report that does not even apply has 44 upvotes.
What do upvotes mean on HackerOne?
I guess, at least here, they're mindless "looks interesting" or "looks well worded" or something?
While the 2nd approach is not wrong, the first method is considered more Pythonic. Many people don’t agree, but I’ve already put forward my points in a previous article on that debate.
Does Pythonic mean best practice in the python community or "good python"?
If "many people don't agree", how can they claim it to be "pythonic"? Isn't that contradictory?
adding some clarifications to the winget portions:
However, the graphical windows for the various installed dependencies still show up, making it obvious that all winget is doing is run the regular setup scripts under the hood.
winget does some default best effort of and on common installer tech to show the least UI necessary. If a UI shows up after all, that indicates to me that the manifest (the article talks about Neovim) does not have the appropriate flags included, or that the installer that the publisher uses does not support it.
Most, but not overwhelmingly, of the stuff I install and upgrade does not show installer windows.
which often leaves your computer full of background processes that only exist to routinely check for updates to a lot of programs in the background
The services are not only for updating in the background and unprompted, but also for installing with admin permissions without asking the user for admin. Stuff installed into C:\Program Files is elevated on admin permissions rather than having user modify permissions, which is a security feature. A consequence is that a convenient update process needs a Windows Service that may install them without requiring the user to have and approve elevated permissions.
As a matter of fact, after installing Neovim, there was actually no way to run it!
This may also be an issue of manifest information for instructing the installer, or installer defaults. Or maybe the installer itself does not provide this?
Either way, of course these things are inherent shortcomings and efforts of integrating third party installers. I just wanted to clarify.
Regarding bad winget experiences: I assume this is not the case anymore, but installing a LibreOffice featureversion upgrade leading to an automatic system reboot without warning or confirmation sucked. lol This was relatively early on in the winget release cycles though.
I've always followed the "only one h1 per page" guidance. I had no idea this was a thing.
Seems like a good simplification.
The fact that it is being done and how breaking changes like that are handled is interesting - specifically in the context of messy mixed html parsing and contexts and usage. The least specificity selector :where(h1) is also interesting as guidance.
When I bash my head into a wall, does that count?
I learned of those files outside the context of programming. When program or file zip packages contained these random ds store files and I looked up what they are.
Turns out, it's metadata ~~caching~~ for macOS. Irrelevant and does not belong into [distributed or shared] packages.
/edit: It's been a long time ago. Looking at it again, I guess it adds folder metadata, so it could be useful when distributing to other macOS. But for other OS, it's noise. Either way, usually it's not intentionally included.
Case insensitive handling protects end-users from doing "bad" things and confusion.
Who has age authority? A state agency or service. Like the state issues an ID with age.
Preferable, we want the user to interact with a website, that website request age authentication, but not the website to talk to the government, but through the user.
Thus, something/somewhat like
- State agency issues a certificate to the user
- User assigns a password to encrypt the user certificate
- User connects to random website A
- Random website A creates an age verification request signed to only be resolveable by state agency but sends it to the user
- User sends the request to a state service with their user certificate for authentication
- State agency confirms-signs the response
- User passes the responds along to the random website A
There may be alternative, simpler, or less verbose/complicated alternatives. But I'm sure it would be possible, and I think it lays out how "double-blind"(?) could work.
The random website A does not know the identity or age of the user - only to the degree they requested to verify - and the state agency knows only of a request, not its origin or application - to the degree the request and user pass-along includes.
he l p
looks like a multi-threading or concurrency issue
I did a bunch of other experiments, which didn't make things faster:
Also particularly interesting what didn't work.
Go has goto too. They surely did not "mindlessly copy" it.
The standard library makes use of it. So they most definitely see a warranted use-case for it.
OP argument against using it in high level languages may still hold though. Go may have introduced it as a systems language which allows control over alternative implementations.
Kissaki
joined 3 years ago
That's wonderful to read, that it caught and motivated you.
I suspect these systematic issues are much worse in bigger organizations. Smaller ones can be victims, try to pump out, or not care about quality too, but on smaller teams and hierarchies, you have much more impact. I suspect the chances of finding a good environment are higher in smaller companies. It worked for me, at least. Maybe I was just super lucky.