HackerTrans
TopNewTrendsCommentsPastAskShowJobs

deeebug

no profile record

comments

deeebug
·27 дней назад·discuss
Looks like it's that, plus vibe coding (in areas like crypto!) - https://kerkour.com/stdx
deeebug
·2 месяца назад·discuss
They have build.rs (https://doc.rust-lang.org/cargo/reference/build-scripts.html)
deeebug
·2 месяца назад·discuss
As someone who uses gitea, honestly it’s because I set it up a while ago and foregjo hasn’t offered anything compelling to force a switch, nor has gitea “enshittified” like the concerns around the fork raised.

Honestly, stay where you are
deeebug
·5 месяцев назад·discuss
Do note rustfs has had a...questionable...security posture. See https://github.com/rustfs/rustfs/security/advisories/GHSA-h9... as a good example (hardcoded static token).
deeebug
·7 месяцев назад·discuss
> So if the minio maintainers (or anybody that forks the project and wants to work it) can fix any security issues that may occur I don't see any problems with using it.

The concerning language for me is this part that was added:

> Critical security fixes may be evaluated on a case-by-case basis

It seems to imply that any fixes _may_ be merged in, but there's no guarantees.
deeebug
·2 года назад·discuss
> That aside, I’m confused about the 250ms thing. You don’t have to hit a Google API to construct a signed URL. It should just be a signature calculation done locally in your server. [0]

I assume the additional latency is the initial cred fetch from the VM Metadata Service to perform that sign, no?
deeebug
·2 года назад·discuss
Slight correction, the sales org uses GitLab, mainly to segregate any “code” they build for customers. Internal AWS/Amazon teams use an internal git-backed UI.