I don’t know who you’re including in “we”, but since most CEOs are being paid more for their judgment than HN commenters are, it wouldn’t be unreasonable to hold them to higher standards.
Yeah upon looking it up it appears to have nothing to do with the data structure.
When they were doing a linear scan to find a large enough free block I was waiting for a heap to come into the picture, but apparently it’s not done that way.
If you haven’t taken a lock, any other code can start executing at any time, so any invariant you might have established on one line may no longer be true on the next line.
If you don’t depend on anything mutable that anyone else can modify then this is mitigated, but that’s a very specific discipline you have to abide by.
Is revocation really such a hard problem? Seems you could store a set of revoked tokens in memory and have a background task update it every couple of seconds. I guess it’s a separate set of infrastructure to maintain but I don’t see why it’s always presented as the thing that undermines an entire authentication scheme.
I guess if you need your tokens revoked this millisecond it’ll require an extra synchronous call on every request but that seems like a unlikely requirement. And not that any of this matter for your 10 user app anyway I guess.
Do you all really have your random public git repos accidentally being used in production by Facebook? No one’s ever made one of my one-commit git repos a key component of corporate infrastructure.
Or do you mean that the meaning of what it is to “publish” something has shifted?