I’m half like “make it stop” and half like fire Elmo and want to see how far it can go and see which bad guys get wrecked next
Trying to quit caffeine again. It’s one of the hardest things Iv ever tried to do
I’m starting to think the most important thing you learn as an engineer is familiarity with unknowns. Specifically how to know when you don’t know something and how to handle yourself in the face of unknowns.
Sounds about right
Really good article on passkeys. The way this is being implemented is very sketch. https://lapcatsoftware.com/articles/2023/5/1.html?utm_source=tldrnewsletter
You have never worked for a big corporation have you?
Docker is by far the easiest. And you can create a new user for each service and run the daemon under that user if you are worried about vulnerabilities in docker itself
For some that’s as extreme as only running code your wrote/verified yourself. For others it’s “YOLO I want the latest and greatest no matter the risks”
I don’t think the balance between security and convenience can ever be solved. It’s a constant game of ever-evolving trade offs. The answer for two distinct entities can be drastically different and that’s a good thing.
What do you mean by pop’d?
This is why I run almost everything in isolated containers now
Question for android users: Can you immediately tell when an app is using a web view instead of native scrolling? On iOS I can immediately tell when I’m using a web view and it feels horrible. Is it something Apple does to discourage web apps or is there something inherently worse about webviews?
Self hosted Gitlab
v4v is cool but corporations are willing to pay more for a skilled developers time. It then becomes hard to justify putting in the hours for such a small reward. This might not be the case if you have a large social media presence and can get eyes on your work and people to promote you. Most developers don’t have this. There’s a lot of passion in this space so it kinda works but you are still missing out on the majority of the talent pool with that model.
I don’t really understand bounties. Am I supposed to drop what I’m doing and put hundreds of hours into something and hope I win? Maybe that makes sense for a teenager or a new developer but not a professional with a family and bills to pay.
Copilot really shines when your are using a language you aren’t that familiar with or for boilerplate code which is really common in enterprise settings.
I think copilot has gotten worse too. I thought it was just me but it used to suggest what I wanted a lot of the time and now it’s giving me a bunch of nonsense.
It says this in the NIP “The zap receipt MAY contain a preimage tag to match against the payment hash of the bolt11 invoice. This isn't really a payment proof, there is no real way to prove that the invoice is real or has been paid. You are trusting the author of the zap receipt for the legitimacy of the payment.
The zap receipt is not a proof of payment, all it proves is that some nostr user fetched an invoice. The existence of the zap receipt implies the invoice as paid, but it could be a lie given a rogue implementation.”