HackerLangs
TopNewTrendsCommentsPastAskShowJobs

Too

no profile record

comments

Too
·w zeszłym miesiącu·discuss
Fill with what stuff exactly?

The only thing I want to inherit from the parent process is its cwd and environment variables, even those are often overridden. The rest can easily be passed explicitly through other channels like pipes or command line arguments.

Back to the example from the article. It makes no sense that a git-subprocess forked from a web server need to have any process state inherited from the web server.
Too
·5 miesięcy temu·discuss
This does not match my experience. Terraform validate will check for types and you have great IDE support with refactor, find usages, resource documentation and everything else you might expect. You can of course build a monster of untyped dictionaries but that’s true for almost any language. Do you have examples of something else that the validation step does not find?
Too
·6 miesięcy temu·discuss
Sure you can secure boot the kernel and the game binary itself but then you have all the surrounding support from the OS that also need to interop without being tamperable. Screenshots, network and input devices for example are routed through user space before reaching the game, and they can be used to make cheats. Now some of those layers are getting more isolated, for example with Wayland. Even so, that means your secure boot chain must go all the way up to include a non tampered window manager too, taking you closer and closer into reinventing a Android like console OS.
Too
·6 miesięcy temu·discuss
> The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation.

That would require essentially turning it into a console or Android.
Too
·6 miesięcy temu·discuss
GitHub desperately needs a feature to pin comments in issues or sort by reactions.

Very often in those infamous bugs that has been open for years, having hundreds of ”me too” comments, there are gems with workarounds or reproductions, unfortunately hidden somewhere under 4 iterations of ”click to load 8 more comments”, making it difficult to find. This generates even more ”anyone know how to solve this” spam, further contributing to the difficulty to find the good post.
Too
·6 miesięcy temu·discuss
What’s the benefit of manually pasting a massive prompt and enable egress to make queries over http vs just using MCP?
Too
·7 miesięcy temu·discuss
That’s if you run a OS version older than 5 years. You can still update to a newer Ubuntu version for free and get another 5 years if you pick an LTS version.
Too
·7 miesięcy temu·discuss
To be honest Linux desktop has been ready for the past 4-5 years or so. Long gone are the days where Bluetooth suddenly stopped, external monitors crashing and when closing the lid only put the laptop to sleep every fifth time. Heck, even Wayland, wireless printers and usb-c docking stations work these days, even with nvidia. You might even find some games.

It’s become a boring appliance that just works every time. Just they way I want it. I even forgot how to use grub.
Too
·7 miesięcy temu·discuss
Beyond LiteralString there is now also t-strings, introduced in Python 3.14, that eases how one writes templated strings without loosing out on security. Java has something similar with Template class in Java 21 as preview.
Too
·7 miesięcy temu·discuss
When was the last time you used a library computer, let alone logged onto a private service with it? This was a bad idea even 20 years ago. In today’s security climate, aw hell no.
Too
·7 miesięcy temu·discuss
Simple: include those relevant details in the exceptions instead of hiding them.
Too
·7 miesięcy temu·discuss
Agree with the post. The job of blackbox is to turn probes into metrics. If a probe fails, that should just become a probe_success=0 metric. Blackbox did its job and should not log an error.
Too
·7 miesięcy temu·discuss
This is why it’s almost always wrong for library functions to log anything, even on ”errors”. Pass the status up through return values or exceptions. As a library author you have no clue as how an application might use it. Multi threading, retry loops and expected failures will turn what’s a significant event in one context into what’s not even worthy of a debug log in another. No rule without exceptions of course, one valid case could be for example truly slow operations where progress reports are expected. Modern tracing telemetry with sampling can be another solution for the paranoid.
Too
·7 miesięcy temu·discuss
Is anyone paying for Prime just for streaming? I always saw it as a nice bonus included with free shipping and all the other discounts you get on Amazon, it breaks even very quickly. It cost half of a Netflix subscription. The content is also half the quality, so it’s not like I would like to pay anything for it anyway. I hate ads as much as anyone, after the ad introductions I just stopped slop watching.
Too
·7 miesięcy temu·discuss
If I understand correctly, this is essentially a more composable way to write Dockerfiles? That alone is a very welcome improvement. They would do themselves a big favor if they were more clear on that in their marketing, instead of boasting around the bush with all kinds of other terminology and claims of redefining foundations.

If I already have a Dockerfile that doesn’t need composition, how does this help me vs being a small cosmetic improvement over ”docker build” command line?
Too
·7 miesięcy temu·discuss
But that dependency order is usually just one big blob of ”COPY src/ . + RUN make”, within that block you have none of the benefits. Bazel/Buck has much finer awareness down to every individual file.

Out of curiosity, would it be feasible to take a big cmake project and generate thousands of compile rules into dagger and use it as a substitute for make with sandboxing? I’ve never seen builkit used with such many nodes, how would it fare?
Too
·7 miesięcy temu·discuss
From a definition point of view that might be right and it’s no doubt a good step up, compared to continuing with tainted data. In practice though, that is still not enough, these days we should expect higher degree of confidence from our code before it’s run. Especially with the mountains of code that LLMs will pour over us.
Too
·7 miesięcy temu·discuss
Can someone give a tldr of what makes fil-c different from just compiling with clang’s address sanitizer?

Calling it memory safe is a bit of a stretch when all it does is convert memory errors to runtime panics, or am I missing something? I mean, that’s still good, just less than I’d expect given the recent hype of fil-c being the savior for making C a competitive language again.
Too
·7 miesięcy temu·discuss
To optimize that code snippet, use temporary variables instead of member lookups to avoid slow getattr and setattr calls. It still won’t beat a compiled language, number crunching is the worst sport for Python.
Too
·8 miesięcy temu·discuss
You should also factor in that a zero-day often isn’t surfaced to be exploitable if you are using the onion model with other layers that need to be penetrated together. In contrast to a supply chain vulnerability that is designed to actively make outbound connections through any means possible.