HackerTrans
TopNewTrendsCommentsPastAskShowJobs

syjer

no profile record

comments

syjer
·3 years ago·discuss
I think it's this one: https://news.ycombinator.com/item?id=35114009
syjer
·5 years ago·discuss
From my experience, enterprise apps are generally complex because they are a combination of:

- environment: integration of a large amount of services - and a good amount of them are legacy and idiosyncratic

- use case: enterprise app are at the intersection of real life and the virtual world: the rules are messy, illogical and have a baggage of 20/30+ years. Thus they cannot be changed at all. This is IMO the main difference between a "pure" greenfield startup kind of project and the enterprise one.

- add another layer of burocracy and complex environment to navigate

And with that you got the enterprise app world :).

In the end whatever framework is chosen, the most important property is the availability of common language/patterns.
syjer
·5 years ago·discuss
You may notice that in the linked article, only the artifact id has been spoofed. In maven you need to declare both groupId and artifactId for your dependency (and a fixed version, a range is generally considered a bad practice).

To be noted, it makes this kind of attack more difficult, but not impossibile.

Especially the mix public/private artifacts. I guess it will force a lot of companies to at least lock their groupId on maven central, if they never bothered to do so.
syjer
·6 years ago·discuss
The trick is setting the right redirect_uri [0].

Generally it's implemented with a custom URI scheme (that the target application is registered for) or a loopback ip address.

[0] https://developers.google.com/identity/protocols/oauth2/nati...
syjer
·6 years ago·discuss
Yes you can upload: https://support.google.com/youtubemusic/answer/9716522?hl=en .

The UI/UX of youtube music is lacking compared to GPM, but at least the file locker functionality that I use is still here.