HackerTrans
TopNewTrendsCommentsPastAskShowJobs

clncy

no profile record

comments

clncy
·há 20 dias·discuss
You can do it, but if you stuff that process up (e.g. touch the wrong tables/schemas) you’re now dealing with a more complex recovery.

Also are you applying migrations with CREATE OR REPLACE etc? I find that much harder to collaborate on than just standard code.
clncy
·há 20 dias·discuss
While I love postgres, I take issue with coupling too much application logic to the DB. It’s much easier to update/rollback stateless containers/cloud functions/VMs than to recover a DB.
clncy
·há 12 meses·discuss
I agree that it seems very improbable. The only possible malicious scenario I can imagine is that the Github repo is clean, but npm creds have been compromised.
clncy
·há 12 meses·discuss
It's so hard to triage this when no justification has been provided for the advisory. Was the GHSA released in response to npm pulling the package, or vice versa?

Many suggestions for workarounds, but if the GHSA is indeed accurate (all versions affected) then that seems unwise.
clncy
·ano passado·discuss
The beacon to be guarded at all times by Ralphie??
clncy
·ano passado·discuss
Exactly. More like changing the state of the system to reduce the observed behaviour while introducing other (unknown) behaviours
clncy
·há 3 anos·discuss
MS PowerApps, PowerAutomate and related offerings are truly awful products. I’ve given them the benefit of the doubt and been burned repeatedly.

Don’t tar all no/low code tools with the same brush though. I’ve had good success with Retool, for example.
clncy
·há 3 anos·discuss
No-code platforms are really DSLs wrapped in a nice UI. No-code platforms that are more open and developer focused typically let you actually dump out the app as a big bundle of config/DSL (e.g. a custom JSON format).

Maybe using LLMs to generate DSL code will produce better (and more maintainable) results than fully-fledged languages?
clncy
·há 3 anos·discuss
“In the land of the blind, the one-eyed man is King”