HackerTrans
TopNewTrendsCommentsPastAskShowJobs

syjer

no profile record

comments

syjer
·il y a 3 ans·discuss
I think it's this one: https://news.ycombinator.com/item?id=35114009
syjer
·il y a 5 ans·discuss
From my experience, enterprise apps are generally complex because they are a combination of:

- environment: integration of a large amount of services - and a good amount of them are legacy and idiosyncratic

- use case: enterprise app are at the intersection of real life and the virtual world: the rules are messy, illogical and have a baggage of 20/30+ years. Thus they cannot be changed at all. This is IMO the main difference between a "pure" greenfield startup kind of project and the enterprise one.

- add another layer of burocracy and complex environment to navigate

And with that you got the enterprise app world :).

In the end whatever framework is chosen, the most important property is the availability of common language/patterns.
syjer
·il y a 5 ans·discuss
You may notice that in the linked article, only the artifact id has been spoofed. In maven you need to declare both groupId and artifactId for your dependency (and a fixed version, a range is generally considered a bad practice).

To be noted, it makes this kind of attack more difficult, but not impossibile.

Especially the mix public/private artifacts. I guess it will force a lot of companies to at least lock their groupId on maven central, if they never bothered to do so.
syjer
·il y a 6 ans·discuss
The trick is setting the right redirect_uri [0].

Generally it's implemented with a custom URI scheme (that the target application is registered for) or a loopback ip address.

[0] https://developers.google.com/identity/protocols/oauth2/nati...
syjer
·il y a 6 ans·discuss
Yes you can upload: https://support.google.com/youtubemusic/answer/9716522?hl=en .

The UI/UX of youtube music is lacking compared to GPM, but at least the file locker functionality that I use is still here.