HackerTrans
トップ新着トレンドコメント過去質問紹介求人

nikeee

no profile record

コメント

nikeee
·2 か月前·議論
I suspect that, too. But to me, it signals the exact opposite.
nikeee
·2 か月前·議論
In that case I still want to see exactly this prompt. Then I know that the person didn't even think about my question thoug I asked _them_ for their opinion and I could have asked ChatGPT myself (and already probably have).
nikeee
·2 か月前·議論
When I'm encountering some WoT like that, I'd like to have a button like "view source", but for "view prompt".

Most ai generated messages or docs are unnecessarily verbose and just reading the prompt would suffice. I don't really get why some people seem to think that it's somehow better to have their bullet point prompt as a huge text.

It just wastes my time. And probably only makes it look like it took more effort than it actually did (it may be the exact opposite).
nikeee
·2 か月前·議論
Zig is a moving target that has breaking changes in every release (which is fine as they are sub-1.0). But that means that AI tools have been trained on outdated syntax/etc. Zig isn't that common, so there is even less training data to begin with.

Rust on the other hand is pretty established by now and has less breaking changes. It also has more compile-time safety-guarantees that makes vibe-coding a bit more confident.

In top of that, Zig has rejected their upstream contributions. So they'd have to maintain their own compiler in the long run, which is probably just technical debt to maintain.
nikeee
·3 か月前·議論
I am building an S3 client [1] where I have a test matrix that tests against common S3 implementations, including RustFS.

That test matrix uncovered that post policies were only checked for exsitence and a valid signature, not if the request actually conforms to the signed policy. That was an arbitrary object write resulting in CVE-2026-27607 [2].

In the very first issue for this bug [3], it seemed that the authors of the S3 implementation didn't know the difference between the content-length of GetObject and content-length-range of a PostObject. That was kind of a bummer and leads me to advise all my friends not to use rustfs, though I like what they are doing in principal (building a Minio alternative).

[1]: https://github.com/nikeee/lean-s3 [2]: https://github.com/rustfs/rustfs/security/advisories/GHSA-w5... [3]: https://github.com/rustfs/rustfs/issues/984
nikeee
·3 か月前·議論
What matters for LLMs is what matters for humans, which usually means DX. Most Microservice setups are extremely hard to debug across service boundaries, so I think in the future, we'll see more architectural decisions that make sense for LLMs to work with. Which will probably mean modular monoliths or something like that.
nikeee
·4 か月前·議論
It is called Duration.
nikeee
·4 か月前·議論
> the only viable use cases were compute-heavy workloads like codecs and crypto,

I tried using it for crypto, but WASM does not have instructions for crypto. So it basically falls back to be non-hw-accelerated. Tried to find out why and the explanation seems to be that it's not needed because JS has a `crypto` API which uses hw intrinsics.
nikeee
·4 か月前·議論
That could probably be solved by opting in to the permission model of Node. But that won't work for everybody, especially in legacy applications.

Having trusted dependencies at least drastically reduces the risk that 'git clone && npm install' takes over the entire system.

Cooling down dependencies would certainly help, also.
nikeee
·4 か月前·議論
Some tools also install pre-commit hooks. I don't like this practice, but I get why people are using it.
nikeee
·4 か月前·議論
Bun added `trustedDependencies` [1] to package.json and only executes postInstall scripts coming from these dependencies. I think this is something that should be supported across all JS package managers, even more than version cooldowns.

[1]: https://bun.com/docs/guides/install/trusted
nikeee
·4 か月前·議論
So if i happen to know the numbers of other file descriptors of the process (listed in /proc), i can redirect to other files opened in the current process? 2>&1234? Or is it restricted to 0/1/2 by the shell?

Would probably be hard to guess since the process may not have opened any file once it started.
nikeee
·5 か月前·議論
I use git-trim for that:

https://github.com/foriequal0/git-trim

Readme also explains why it's better than a bash-oneliner in some cases.
nikeee
·5 か月前·議論
Or you don't use the defualt case and rely on definite assignment analysis or checks for returns in every code path.

I find the never type in TS actually being a proper bottom type + having control-flow based types vastly superior to what rust offers.
nikeee
·6 か月前·議論
There was dudle [1] developed and hosted by a German university. Seems unmaintained, but there is an independent project called BitPoll [2].

[1]: https://github.com/kellerben/dudle [2]: https://github.com/fsinfuhh/BitPoll
nikeee
·6 か月前·議論
I hope that when all online content is entirely AI generated, humanity will put their phone aside and re-discover reality because we realize that the social networks have become entirely worthless.
nikeee
·6 か月前·議論
What if the software is developed and potentially backdoored in the US and deployed by the EU team in the sovereign region? Or did they rewrite the entire AWS stack?
nikeee
·6 か月前·議論
Keep in mind that a train in Germany counts as one-time if it is less than 6 minutes late. In Switzerland, it's 3 minutes.

Also in Germany, a train that did not even arrive does not count as too late.

There is also a concept of the "Pofalla-Wende", which is when a train is so late that it just does a 180 and drives back, to mitigate that the delay doesn't carry over to the train's next route. Of course, that means that it skips the stations at the end of the route.
nikeee
·7 か月前·議論
Given that I can dump hundreds of TBs into the private container registry without paying anything I'm pretty surprised that they now charge for what is basically providing log streaming and retention.
nikeee
·7 か月前·議論
MS Office only has icons for the things that matter most. I think MS even had a UI guideline similar to the one that is cited from apple in TFA, but I cannot find it.

The author doesn't ask for _no_ icons at all. So I really don't get this critique.

Intentionally omitting some icons is a really powerful tool to draw attention to the actions that the user wants to do most of the time. I think that pattern went away in some places because it looks more consistent (that doesn't mean that usability is better) and some designers have some kind of OCD. At least that's what I have experienced in that exact case.