HackerTrans
トップ新着トレンドコメント過去質問紹介求人

mjw1007

no profile record

コメント

mjw1007
·2 か月前·議論
GitHub also centralises abuse detection. I'm not thinking about sophisticated attacks here so much as dealing with plain old spam. That's fairly easy to deal with on a tiny scale, and possible on a huge scale, but it's a great pain at a medium scale.
mjw1007
·4 か月前·議論
It's common that if you extract a function or a module with a well defined interface, that function or module can't tell whether a "bad" input indicates an expected or an unexpected error.

For example division by zero often indicates an "unexpected" error, but it wouldn't if you were implementing a spreadsheet.

So to me the approach of using different forms of error reporting for the two kinds of error doesn't seem promising: if you imagine you had to implement division yourself, which kind of error should it report? Should you have two variants of every fallible function so the caller can choose?
mjw1007
·5 か月前·議論
Not any more, according to this article you're commenting on, no.
mjw1007
·7 か月前·議論
> If a package hosted by Fedora or Debian or PyPI or crates.io, etc claims to correspond to an upstream git commit or release, then the hosting system should build the package, from the commit or release in question plus whatever package-specific config and patches are needed, and publish that.

For Debian, that's what tag2upload is doing.
mjw1007
·7 か月前·議論
They weren't in any way attempting to rely on security by obscurity.

They didn't assume nobody would guess the URL.

They did take active steps to ensure the data was only available at the correct time.

But they didn't check that their access control was working, and it wasn't.
mjw1007
·8 か月前·議論
Is this a real judge, or is an "Immigration Judge" one of those not-actually-a-judge decisionmakers employed by the executive?
mjw1007
·8 か月前·議論
I think what you've written is pretty much what the "almost all programs have paths that crash" was intended to convey.

I think "perhaps the density of crashes will be tolerable" means something like "we can reasonably hope that the crashes from Fil-C's memory checks will only be of the same sort, that aren't reached when the program is used as it should be".
mjw1007
·9 か月前·議論
It makes tab completion work.
mjw1007
·10 か月前·議論
One of the things that this group of "stewards" could do to get their costs down is get together and implement a high quality free software caching proxy that understands all their back-ends.

But that would compete with the commercial offerings of at least one of the organisations sponsoring that message. So I expect they won't do that.
mjw1007
·昨年·議論
My mistake.

The support for writing CGI programs in Python is in wsgiref.handlers.CGIHandler .
mjw1007
·昨年·議論
The Python maintainers are removing the module _named_ cgi, but they're not removing the support for implementing CGI scripts, which is CGIHTTPRequestHandler in the http.server module.

All that was in the cgi module was a few functions for parsing HTML form data.
mjw1007
·5 年前·議論
I think Wayland has come too close to the following pattern, which I've seen in other cases of free software which have become controversial:

- decide it's time to make a New Thing which will supersede the Old Thing rather than living beside it

- decide that some features of Old Thing will not be directly supported by New Thing; instead New Thing will be flexible enough that people could implement those features on top of it

- declare that the work done to support those features will have to be done by the people who want to use them

- declare that the time has come for New Thing to supersede Old Thing, before said work has been done

[Edit: this wasn't intended to be a list of things that are individually bad ideas. It's only the last, in combination with the others, that I think is ill-advised.]
mjw1007
·9 年前·議論
4.13 (released this September) added the dm-zoned device-mapper target, which presents an SMR drive as if it was a normal block device.

I suppose what it does is similar to what drive-managed SMR drives do internally.