HackerTrans
TopNewTrendsCommentsPastAskShowJobs

deeebug

no profile record

comments

deeebug
·27 giorni fa·discuss
Looks like it's that, plus vibe coding (in areas like crypto!) - https://kerkour.com/stdx
deeebug
·2 mesi fa·discuss
They have build.rs (https://doc.rust-lang.org/cargo/reference/build-scripts.html)
deeebug
·2 mesi fa·discuss
As someone who uses gitea, honestly it’s because I set it up a while ago and foregjo hasn’t offered anything compelling to force a switch, nor has gitea “enshittified” like the concerns around the fork raised.

Honestly, stay where you are
deeebug
·5 mesi fa·discuss
Do note rustfs has had a...questionable...security posture. See https://github.com/rustfs/rustfs/security/advisories/GHSA-h9... as a good example (hardcoded static token).
deeebug
·7 mesi fa·discuss
> So if the minio maintainers (or anybody that forks the project and wants to work it) can fix any security issues that may occur I don't see any problems with using it.

The concerning language for me is this part that was added:

> Critical security fixes may be evaluated on a case-by-case basis

It seems to imply that any fixes _may_ be merged in, but there's no guarantees.
deeebug
·2 anni fa·discuss
> That aside, I’m confused about the 250ms thing. You don’t have to hit a Google API to construct a signed URL. It should just be a signature calculation done locally in your server. [0]

I assume the additional latency is the initial cred fetch from the VM Metadata Service to perform that sign, no?
deeebug
·2 anni fa·discuss
Slight correction, the sales org uses GitLab, mainly to segregate any “code” they build for customers. Internal AWS/Amazon teams use an internal git-backed UI.