HackerTrans
TopNewTrendsCommentsPastAskShowJobs

deeebug

no profile record

comments

deeebug
·il y a 27 jours·discuss
Looks like it's that, plus vibe coding (in areas like crypto!) - https://kerkour.com/stdx
deeebug
·il y a 2 mois·discuss
They have build.rs (https://doc.rust-lang.org/cargo/reference/build-scripts.html)
deeebug
·il y a 2 mois·discuss
As someone who uses gitea, honestly it’s because I set it up a while ago and foregjo hasn’t offered anything compelling to force a switch, nor has gitea “enshittified” like the concerns around the fork raised.

Honestly, stay where you are
deeebug
·il y a 5 mois·discuss
Do note rustfs has had a...questionable...security posture. See https://github.com/rustfs/rustfs/security/advisories/GHSA-h9... as a good example (hardcoded static token).
deeebug
·il y a 7 mois·discuss
> So if the minio maintainers (or anybody that forks the project and wants to work it) can fix any security issues that may occur I don't see any problems with using it.

The concerning language for me is this part that was added:

> Critical security fixes may be evaluated on a case-by-case basis

It seems to imply that any fixes _may_ be merged in, but there's no guarantees.
deeebug
·il y a 2 ans·discuss
> That aside, I’m confused about the 250ms thing. You don’t have to hit a Google API to construct a signed URL. It should just be a signature calculation done locally in your server. [0]

I assume the additional latency is the initial cred fetch from the VM Metadata Service to perform that sign, no?
deeebug
·il y a 2 ans·discuss
Slight correction, the sales org uses GitLab, mainly to segregate any “code” they build for customers. Internal AWS/Amazon teams use an internal git-backed UI.