HackerTrans
TopNewTrendsCommentsPastAskShowJobs

alex_smart

1,314 karmajoined 12 jaar geleden

comments

alex_smart
·eergisteren·discuss
The /wordpress/ part of url suggests otherwise
alex_smart
·6 dagen geleden·discuss
The problem only arises when you have to worry about persistent state. As soon as you have to worry about that, you have to think about backups, replicas, disaster recovery drills and so on. It is much easier to solve for that can of worms for one system than three.
alex_smart
·25 dagen geleden·discuss
Sorry my brain somehow missed the literal first three words of the oc.
alex_smart
·25 dagen geleden·discuss
Less installed things means smaller security surface area, fewer things to patch when CVEs get discovered etc.

Thanks to `kubectl debug`, you don't need to install debugging utilities into your production image.
alex_smart
·25 dagen geleden·discuss
Isn't that the whole point of TCP? Creating a pair of two streams you can read out of and write to out of less reliable network primitives?

I am not sure why this is a revelation. Any college level networking course would cover this?!
alex_smart
·2 maanden geleden·discuss
Who uses JWT like this anyway?

Typical production architecture would look like - frontend only ever sees an opaque session cookie - bff stores the access token against session and attaches it when calling backend services

Yes, storing JWTs directly in the frontend client is a bad idea but surely there is a better way of communicating that than "JWT is a scam and your app doesn't need it".

> RS256 verification is in the same order of magnitude as a Redis lookup

But the point is that the verification is CPU bound and local to the service - which means that it is horizontally scalable.
alex_smart
·2 maanden geleden·discuss
> If I’m understanding this correctly

You're not.

> it starts by raising this question, then argues that it’s kind of a cheap and meaningless punch-down.

The cheap and meaningless punch-down in the article is the vibecoding accusation. The question in the title is actually their main line of attack against that accusation, all the way to the end.

>> QED So. Where are the vibecoded Photoshops? WHERE IS THE THREAT YOU MADE UP TO ATTACK ME?

>>I'm waiting.

I find it hilarious that so many people are finding it so difficult to grasp even the general line of argument of the article despite trying earnestly.
alex_smart
·2 maanden geleden·discuss
Do they really? Do you genuinely that most people asking the "Where Are the Vibecoded Photoshops?" question are those who don't understand that "Level 2 and 3 activities" were the real bottleneck or are they trying to explain that to people who don't and are unreasonably expecting a 10x productivity boost out of them?
alex_smart
·2 maanden geleden·discuss
That probably explains why I needed an LLM to make sense of it at all.
alex_smart
·2 maanden geleden·discuss
It doesn't help that the article is actually quite poorly written.
alex_smart
·2 maanden geleden·discuss
This is the first time in my life I have ever felt the need of an LLM to understand an article. Even after understanding the overall gist of the article (thanks ChatGPT!), I still can't make head or tail of many sentences and find many questionable choices made in the way the article was structured.

e.g.

>And the accusers never want to address that, because addressing it means admitting the accusation doesn't hold up.

This is the first sentence that introduces the "accuse" word in the article without establishing what the accusation is, who the accusers are or why should the accuser be worried about their claim being spectacularly successful (zero counterexamples). The last part is still not clear to me at all.

Then the article makes a bunch of unestablished claims to the point of becoming straight up ad hominem. No, the senior developers of the world are not asking this question because they don't understand that the requirement gathering, architecting and decision making (level 2 and 3 activities in the nomenclature of the article) - but precisely because of it. Senior developers world over are being pressured into unreasonable expectations around delivery speed by CEOs and other management types. The entire point of "Where Are the Vibecoded Photoshops?" is to hopefully be able to communicate to these people that the bottleneck hasn't moved, so to expect 10x increase in delivery is entirely unreasonable.
alex_smart
·2 maanden geleden·discuss
Which is where the "emacsification" analogy breaks for me.

The reason people who like emacs write their one-off program in emacs is that it is an extraordinarily introspectable and debuggable programming environment. There is no "code, compile, run" loop - you just write code against the live running environment. Devoid of that fast feedback loop, writing code just isn't as much fun.
alex_smart
·4 maanden geleden·discuss
That is because the terminology (and the keybindings) come from the Emacs tradition, not vim. Most shells come with “vim mode” as well, but at least in my experience, the dual mode editing paradigm of does not feel like a good fit for the shell.
alex_smart
·4 maanden geleden·discuss
> US has privacy laws in place that will protect you

They don't protect us at all. Thanks to Snowden, we all know that the US government has extremely sophisticated and wide-ranging ability to get access to any data we share with American companies.

> but China is worse

And why so?
alex_smart
·4 maanden geleden·discuss
The original comment was neither false dichotomy nor whataboutism. It was a simple point that the rest of the world is already used to their data being snooped by the US government. So apart from US exceptionalism, there is no particular reason they would be especially alarmed by the prospect of their data being sent to "Chinese servers".
alex_smart
·4 maanden geleden·discuss
Getting snooped on by the US government being so normalized is obviously not propaganda though? Right?
alex_smart
·4 maanden geleden·discuss
You overestimate how much the rest of the world cares about data being sent to “chinese servers”, when all this while our data was being sent to “American servers” anyways.
alex_smart
·4 maanden geleden·discuss
> No print publication on the planet does this

At least in India, most popular newspapers actually do this nowadays. Several full page ads including on the front page have become the norm.

It is mostly a function of how little the reader is willing to pay for content. When the price point is too low (which for online content is too low), publishers make their money by other means. It is not rocket science.
alex_smart
·5 maanden geleden·discuss
It’s worth nothing, to the point it makes people wonder why you even volunteer that information.
alex_smart
·5 maanden geleden·discuss
I know Jenkins is not fashionable these days, but the warnings-ng plugin is perfect for solving this in a tool-independent way. :chefskiss:

The way it works is - the underlying linter tool flags all the warnings, and the plugin helps you keep track of when any particular issue was introduced. You can add a quality gate to fail the build if any new issue was added in a merge request.