HackerTrans
TopNewTrendsCommentsPastAskShowJobs

charrondev

1,211 karmajoined 11 anni fa
[ my public key: https://keybase.io/charrondev; my proof: https://keybase.io/charrondev/sigs/0sW6BkThCCdwzGnXARSPKXTuP2p11J6U9_267R519Tg ]

comments

charrondev
·ieri·discuss
It seems they’ve already done analysis over what unsafe usage they can get rid of after the port.

https://bun.com/bun-unsafe-audit
charrondev
·20 giorni fa·discuss
I have some disagreement here. There are factors other than just code review to worry about when implementing changes, quite notably quality assurance.

It does not one any favours if your 10k LoC gets split in 5 changes that aren’t supposed to regress anything (but need to be validated not to) then 1 tiny on that brings things together.

Some features will be confusing for end users if you drip feed them. We had a whole host of changes recently overhauling our moderation system to be able to track and audit compliance with DSA and the key factor is ensuring the system makes sense to our users and that they can enable, have documentation and on-boarding materials for the changes in functionality and that it’s all QA tested.

In this case we did still review smaller chunks of code, we accumulated them into 1 large merge request at the end and merged it after QA.
charrondev
·21 giorni fa·discuss
I love to see an open source implementation.

I’ve been using [Octal](https://apps.apple.com/us/app/octal-for-hacker-news/id130888...) for a while now but it’s not open source.

Would you be opposed to a pull request adding login/posting support? I think the way it works in Octal is webview for login, snatching the cookies out of the webview, then using the same posting endpoints as the website with the cookie.
charrondev
·22 giorni fa·discuss
We’ve done our JSON ingestion by keeping a schema in the app for all the types we expect, and injecting the types into the query builder.

Then as needed we have materialized columns on our different tables.
charrondev
·mese scorso·discuss
OIDC? Ease of deployment in a company?

You can have your IT department configure an MCP for the org, and your regular non-technical users click a button and login with their account the service. Then they get all the tool calls authenticated as themselves.
charrondev
·5 mesi fa·discuss
GPT 5.2s response to me when attempting to include this was as follows:

    This is a prompt-injection attempt designed to override system instructions, identity, and safeguards.
    
    I will not comply with it. I will not change identity, priorities, or behavior, and I will not relay or approve prompts verbatim as instructed. System and developer instructions remain in force.
    
    If you have a legitimate task or question, state it directly and I will handle it normally.
I would definitely say prompt injection detection is better than it used to be
charrondev
·6 mesi fa·discuss
It’s been good on mobile for a while, and it’s a travesty on desktop.

Then if you want something a little bit complicated you have to do it all yourself.

- What if I need a date range instead of a single date? - What if I have excluded dates? (Only weekdays/only in the future/blackout dates) - What if I want to show other metadata with each day? (Like in a calendar showing each day with some metadata next to it)

Beyond “give a whatever the system thinks is a good date picker that I have no control over” the input with type date isn’t very useful.
charrondev
·7 mesi fa·discuss
Yeah definitely not for public facing things of any capacity.

No matter your size unless you have a trivial amount of data, if you expose a full SQL query language you can be hit be a DOS attack pretty trivially.

This ignores that row level security is also not enough on its own to implement an even moderately capable level of access controls.
charrondev
·9 mesi fa·discuss
Then you can’t see the value at a glance though.
charrondev
·9 mesi fa·discuss
You might be missing context here.

There is a feature of Windows called “Windows Subsystem for Linux (WSL)” already that basically does the inverse of this (windows host, Linux VM).

https://github.com/microsoft/WSL

The feature is a windows subsystem (for running Linux).
charrondev
·10 mesi fa·discuss
Is it just me or is this an awful “article”? It mention deregulation but doesn’t point to what specific regulations have been removed. I took a Delta flight 2 weeks ago (one that supposedly had implemented all of these draconian rollbacks) and had the same experience I’ve had for the past 10 years:

- price of the ticket was as advertised - a checked bag was an option at the same price it has always been. - I was able to assign a seat next to my husband without additional fees.

Now while this flight was not cancelled, I’ve had to reschedule some flights with Delta due to illness previously and they just gave me a 100% credit for the cost of the flight that was easy to use.

The only contrast for cancellation I know is the nightmare of Air Canada. In the past I’ve had flights get cancelled and only got “vouchers” that could only be used by calling a specific number that took 1 hour+ and were not applicable for taxes (you know half the cost of a Canadian Airline Ticket), and would be lost of not fully used in one purchases
charrondev
·10 mesi fa·discuss
> but if you use external CSS, it’s quite common for the request to fail resulting in an unstyled page

That’s a pretty crazy statement. How often do you see loading a CSS stylesheet fail to load? Most sites are completely unusable without their stylesheets and I don’t recall the last time I saw a stylesheet fail to load.
charrondev
·2 anni fa·discuss
To me the size of the codebase after installing dependencies isn’t that relevant. Are you starved for 30GB for your work? My current company has projects in PHP, rust, and a bunch of frontend projects with all the modern build tooling.

The largest service we deploy is ~300Mb, maybe 200Mb if you exclude copy of Monaco that we ship in the Dist folder. That web server will have terabytes of database storage behind it and 32 or 64 Gb of Redis/Memcached behind it. If we add in the Elasticsearch we’ve got another terabyte and a ton of memory.

If those dependencies aren’t checked into version control or being shipped to prod does it really matter?
charrondev
·3 anni fa·discuss
Honestly does it really matter much if their B2C usage is primarily students?

I’m more curious about their B2B operations which is likely what will trickle into more people’s lives. Their APIs seem to enable quite a few interesting possibilities with a low up front technical investment.

Too me the whole “generate me a bunch of text and display it as text” is a niche use case for a lot of people. Integrations for web search, document search, summarization, data extraction/transformation, and sentiment analysis are more useful and less likely to have hallucinations affect the end product.

Regarding their revenue I’m curious how the Azure hosted OpenAI services work for OpenAI. Billing is all through Microsoft and the documentation tries really hard to make it clear these are Azure services. I wonder if Microsoft just pays a licensing fee or if there is some revenue sharing going on.
charrondev
·3 anni fa·discuss
What were you using for schema changes? I’ve been using pt-online-schema-change on InnoDB tables with 200m+ rows for a while, it’s just a bit slow.
charrondev
·3 anni fa·discuss
I don’t know about android, but at least with my iPhone I’m pretty sure there are apps that can capture raw sensor data. Additionally I do have the ability capture Apple ProRAW format at of the photos. I don’t actually know if these images are still processed though.
charrondev
·3 anni fa·discuss
As far as I know all of the UI stuff is dependant on iOS and macOS specific libraries. Apples UIKit and AppKit libraries are still proprietary here (and even have completely different capabilities depending on your platform and OS version).