HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jefozabuss

215 karmajoined 11 yıl önce

comments

jefozabuss
·evvelsi gün·discuss
I think loading the big wordlist (279496 words as of now) is a waste of bandwidth as you only need to load permutations of the words in the selected challenge (e.g. you don't need "ABANDONEES" if you don't have a word with those letters).
jefozabuss
·8 ay önce·discuss
The links are using images instead of texts in the footer, which is well not ideal as they are not searchable.
jefozabuss
·9 ay önce·discuss
While it does not use a commonly used "framework" it uses many libraries and likely has its own custom framework.

In the past we used http://microjs.com/ and similar to find small libs to work with when we threw together marketing websites, not sure how maintained that list is nowadays but the idea is that you can make websites like lego, sometimes you don't need a whole box of Eiffel tower to make a little tree.

If your functionality is well thought out and not super complicated, don't have 10s or 100s of devs on the same project then working without a well known framework could make sense, otherwise there can be steeper learning curve when onboarding new devs, scope creep / bloat, etc that will likely cause issues down the road.

To learn about this you could try to replicate for example the mentioned Obsidian by yourself and research solutions for all the issues you run into, e.g. minimal routing, custom view renders, reactivity, performance, etc.
jefozabuss
·9 ay önce·discuss
Rationale is likely the requirements of age verification rules by UK, some US states, etc.

We could likely see a bit more of these data leaks in the future I guess, due to how there are more and more countries/states adopting this.
jefozabuss
·10 ay önce·discuss
I think all public package registries have this problem as it's not unique to npm.

The "blind" auto updating to latest versions seems to be also an issue here, simply you cannot trust it enough as there is (seemingly) no security vetting process (I mean if you get obfuscated gibberish pushed into a relatively sanely written codebase it should ring some alarms somewhere).

Normally you'd run tests after releasing new versions of your website but you cannot catch these infected parts if they don't directly influence the behavior of your functionality.
jefozabuss
·10 ay önce·discuss
Seems like people already forgot about Jia Tan.

By the way why doesn't npm have already a system in place to flag sketchy releases where most of the code looks normal and there is a newly added obfuscated code with hexadecimal variable names and array lookups for execution...
jefozabuss
·10 ay önce·discuss
You also accumulate screen time if you are using navigation while commuting, etc. I easily rack up 2 hours daily just from driving to my workplace and back home, so there are definitely some "passive" ways to increase those numbers.

I think focusing on numerical stats here is also a bit of a problem and while making these guardrails might help some people but the main issue should be addressed (overconsumption/addiction).

I wonder by reducing the screen time of the phone, how the screen time of the other devices (computer/tv/etc) changed.
jefozabuss
·11 ay önce·discuss
I just use .npmrc with save-exact=true + lockfile + manual updates, you can't be too careful and you don't need to update packages that often tbh.

Especially after the fakerjs (and other) things.
jefozabuss
·3 yıl önce·discuss
As someone who dealt with payment iframes in SPAs I'm so happy I don't have to use any iframes nowadays. There are a few articles how you can "kind of track" when the iframe caused extra history entries then you need to increase your back navigation by the count of them, it was a mess back in the days so not sure how is it solved nowadays.