Being asked to gesture words I don’t know, or Nierenfunktionsstörung and other long German words like that 😅☠️

The need to manually download and load a lib and then send the results manually via email is somewhat of a hassle, unfortunately.

I do hate that all these features are yet more keywords and weird syntax. It’s becoming C##.

It’s called sharp because you can cut yourself. /s

Like them.

They have their downsides, so they’re no more than an alternative to other approaches. They can condense code and concerns in some cases. The more complex the type is, the less obvious the primary constructor parameters become.

Is it bent like that because you can bend stuff in the app?

A meta analysis is an interesting reaction to, or should I say founded in, the post title. But we better let go.

deleted by creator

“early stages”, “could not verify”, “company did not respond”, “considers making available for purchase”

That’s neither solid news, nor a real or full GitHub alternative.

The CLA can never override the code license. It handles the transition of your code into their code, and what they can do with it. But once it’s published as AGPL, you or anyone else can fork it and work with it as AGPL anyway. The CLA can allow them to change the license to something different. But the AGPL published code remains published and usable under AGPL.

I’m usually fine with contributing under CLA. A CLA often make sense. Because the alternative is a hassle and lock-in to current constructs. Which can have its own set of disadvantages.

A FOSS license and CLA combination can offer reasonable good to both parties: You can be sure your contribution is published as FOSS, and they know they can continue to maintain the project with some autonomy and choices. (Choices can be better or worse for others, of course.)

Seems like TypeScript could be generating JavaScript code that does these type checks on function entry - with a runtime cost of course.

Is there no such setting, general or conditional toggle on functions or types?

Sanitizer logic: Skips execution (wrong type)

But why? Why does it “skip” when there’s logic there? That doesn’t make sense.

If someone passes an object with a length property, this works. If they pass an array, it works.

This later example explains how it can work for some logic. But it doesn’t correlate to the actual exploitation or code in question.

That /unsaved/{id} path with a unique server-assigned identifier means your diff content was transmitted to and stored on their servers.

Not necessarily. URLs can be changed client-side, within the browser, through JavaScript. The fact that the URL changed to unsaved alone is no proof. It could very well be browser-local, labeled unsaved and held in session store for example, ready to be saved.

With the other indications, you can of course make a guess and/or consider it a strong indication.

It should be pretty obvious/observable when observing interaction and network requests within the browser. A network request with the content as body would be much better proof.

It’s in the name after all. 1 regex, 0 other stuff, and 1 com.

I’m a bit confused by them publishing their personal essays on their htmx project page. This essay certainly doesn’t have anything to do with htmx directly. Either way, valuable content and possibly their strategy to get people to htmx, or reuse a domain and website they already have.

I totally get the focus on avoiding “layers”, it’s something I’m very mindful of too.

Thank you for the insight, I’ll have a closer look into it, although I’m a little bit skeptical about having to integrate additional extensions and workflows, which is it’s own bag of worms for maintainability, longevity, and complexity in general.

11ty = Eleventy? Are you familiar with Hugo? Do you have an opinion or experience between the two systems?

I’m somewhat dissatisfied with Hugo, which I have used for many years, but whenever I checked alternatives, nothing really spoke to me as a clear improvement worth the learning barrier and migration investment If I can use deno, a js static site generator could be viable too - something I traditionally avoided 🤔

Glad to see them mention dialog is in proposal for improvements. If popover covers more accessibility than dialog, that seems like a significant, surprising, and obvious shortcoming. Surely there’s technical and/or historical reasons for that, but still.

abstracting away determinism /s

This part from the article supports this sentiment:

In a pleasant surprise, reactions have been positive. Throttled organizations were “surprised and apologetic,” mistaking issues for malice rather than “ignorance, unawareness.”

I sneakily changed our pipeline to pull from the in-house docker registry, and for pipelines to require pulling from package repos only when locks changed. Our CI is faster than every other team, but nobody noticed.

So yeah, charge the companies! Please!

How come this is not an obvious improvement opportunity that materializes in other teams too, and visibly so, rather than “sneakily” hidden?

Isn’t it better not only for performance but also for reliability?