Ah of course, a HN thread about TLS/SSL/webservers wouldn't be complete without someone exclaiming their love for Caddy. We get it, it's the bestest server ever.
> If I do want to stick this out and turn this team around, I'm going to be working nights and weekends for at least a year - there's just too much to fix.
Is it worth though? For whom are you fixing the issues? For the coworkers who will leave while you're still refactoring? For the charismatic boss? Your own personal pride? Also, is the work worth your overtime? If they staff "idiots", do they deserve your free time on the weekend?
I applaud you for being able to care so much in what you describe is a terrible team.
> We’ve also introduced pruned module graphs in this release. Modules that specify go 1.17 or higher in their go.mod file will have their module graphs include only the immediate dependencies of other Go 1.17 modules, not their full transitive dependencies.
This is a very welcome change and make the go.mod much more obvious to understand. Hooray!
Maybe the Firefox devs will at some point have mercy and undo this change to the tab bar. Maybe they can sell it in version 95 as a "fresh new idea to improve usability".
Funny enough, I only get a 403 Forbidden error when opening that website. And I am located in Germany with a German IP. Though my server at Hetzner (also in Germany) has no problem retrieving contents from that domain.
If I had a BLAKE3 implementation available in the programming language of choice, is there any reason to still prefer the SHA family over it (for integrity checks, not for password hashing, as mentioned in the readme)?
GitHub's dependabot is causing a ton of "spam" in our frontend (Angular) repositories, as it seemingly opens 1-5 PRs per day to bump random dependencies. I really hope this does not become common practice for our Go repositories.
Is there an option to tell dependabot "make one PR per week at most, please, and bundle your changes"?