In an alternate reality, we’d all be using JSSS, which was even worse. https://en.wikipedia.org/wiki/JavaScript_Style_Sheets
Aussie living in the San Francisco Bay Area.
Coding since 1998.
.NET Foundation member. C# fan
https://d.sb/
Mastodon: @dan@d.sb
In an alternate reality, we’d all be using JSSS, which was even worse. https://en.wikipedia.org/wiki/JavaScript_Style_Sheets
What is a “top” story on Lemmy, given everyone subscribes to different communities? Is it the most popular across all communities?
Syslog isn’t really overkill IMO. It’s pretty easy to configure it to log to a remote server, and to split particular log types or sources into different files. It’s a decent abstraction - your app that logs to syslog doesn’t have to know where the logs are going.
The amount of clients that are missing basic events like "you’ve run out of disk space
For my personal servers, I use Netdata for this. Works pretty well.
Software that runs on embedded systems usually benefits from being small, too.
I didn’t think any JSON parsers used regex given how simple the grammar is… but I’ve seen some horrors, so I shouldn’t rule it out.
Are you referring to AOT compilation specifically? JavaScript in V8 is JIT compiled if it’s “hot” (executed enough that the cost of JIT compilation is less than the cost of continuing to run it in interpreted mode).
They actually did try to optimize it a bit in v5.6.1, but the person that found the exploit was on the older unoptimized version v5.6.0.
I don’t like it either, but there’s probably some apps that only support LDAP.
I’ve never tried Keycloak so I’m not sure, sorry.
One feature Authentik has that I don’t think Authelia nor Keycloak support is operating as an LDAP server. With Authelia at least, you have to run a separate LDAP server if you need LDAP. With Authentik, it’s built in.
For any self-hosted services you use, run something like Authentik and configure all the apps to use it for auth via OIDC (OpenID Connect). Makes the experience a lot nicer, instead of every service having its own separate user system.
Until you get locked out of your email account and can no longer access anything. This happens all the time with freemail (Gmail, Hotmail, Yahoo, etc) accounts.
The contents of mails also shouldn’t be considered secure. I like the idea of doing proper SSO through an email provider though - for example, using OIDC (OpenID Connect).
One of the largest banks in Australia (Westpac) used to require passwords to be exactly 6 characters (no more, no less) and they were case insensitive. It also had a fun ‘denial of service’ attack built-in: If you got it wrong three times, it’d lock the account and force you to go to the bank to unlock it, meaning anyone that knew your bank username could lock you out of your account and cause some pretty big headaches. Fun.
In fact, I’m not sur whether they ever fixed this. Haven’t used their services in a long time.
I’m a senior developer and I rarely copy and paste… I’ll sometimes look at some other code to get ideas, but I retype it. It helps me understand the code, and I can refractor it or write it differently as I go.
“Manager” classes often end up like “God classes”, just like how “Utils” classes end up with a bunch of random stuff in them.
Run Debian testing or get packages from backports if you need newer packages. It’s still more stable than a rolling distro.
Debian stable is great if you value stability over everything else, for example on a server, or a desktop PC you want to “just work”. Major updates happen around once every 2 years, not 5 years.
I’ve known some fantastic developers that used Nano as their primary editor. It supports syntax highlighting, linting, and bracket matching (jumping to the matching opening bracket when a closing one is selected, and vice versa), which is enough for some people.
Sure, it’s no micro, but it’s already installed practically everywhere.
This list is accurate except for Debian. Debian can do no wrong.
CSS isn’t as bad these days if you use Flexbox. Debugging floats and absolute/relative positioning was a nightmare in comparison.
In E2E tests you should ideally be finding elements using labels or ARIA roles. The point of an E2E test is to use the app in the same way a user would, and users don’t look for elements by class name or ID, and definitely not by data-testid.
The more your test deviates from how real users use the system, the more likely it is that the test will break even though the actual user experience is fine, or vice versa.
This is encouraged by Testing Library and related libraries like React Testing Library. Those are for unit and integration tests though, not E2E tests. I’m not as familiar with the popular E2E testing frameworks these days (we use an internally developed one at work).