I think Denmark is in the same situation, and recently gave a timeline of 10 years for new projects to get connected to the grid.
I don't think any of the national id services I've heard of stores all your data in a centralized place. Usually the national id service only provides identification to the service providers that request it. Each…
Compared to the Java ecosystem, I think there's a couple of issues in the NPM ecosystem that makes the situation a lot worse: 1) The availability of the package post-install hook that can run any command after simply…
I haven't looked into it much, but I assume the point is that it avoids the SWIFT system.
At least here in Denmark, they seem to have opted for installing bigger "pipes", instead of just laying down some fiber cables. Then in the future they can just push new cables through the pipes. An idea I bet they wish…
What do you mean? They can be in a single service file.
The Senna series from 2024 is also pretty good.
It's been possible to use Content Blockers for Safari for a long time, which alters the page content. Firefox Focus came out about a decade ago, and can be used as one.
It's been possible for about a decade to use Firefox Focus as a Content Blocker for Safari. I assume it's open source, "well trusted" is of course subjective.
And earlier than that, they jumped on the train.
anal_reactor says so.
No, not for a connector for 500W, on a $2000 GPU from one of the worlds biggest companies. They can do better.
I'm not debating that. I'm pointing out, that the person replied to, said there's no reason to mix it together with the artifact dependencies. In other words, no need to mix "dependencies" and "dev dependencies"…
Tbh, I think you missed this part: "[..] mixed with artefact dependencies itself".
Maybe that section of highway could easily be cleared in time with a warning system, like when we warn for crossing trains. A wall doesn't have to be the only solution.
My modern dishwasher is also very kind, and displays the time to end in minutes throughout the wash. Counting down from an hour. But I don't know what kind of upbringing it had, for some reason, the sneaky bastard…
It seems like a bad design choice, that, besides allowing for running untrusted code directly at download time, also makes it difficult to properly mirror artifacts, and I'd assume, make platform portability…
I'm pretty sure that's incorrect. One portion of the build-to-host buildfile was only present in the release tarball. https://www.openwall.com/lists/oss-security/2024/03/29/4
I don't really think thats more obvious. It's expected to install dev libraries, not system services, it shouldn't have that need.
Why the hell does npm support a postinstall script? There really shouldn't be a need to run arbitrary code provided by the package for something like this.
The xz backdoor was an example of exploiting this disconnect. It was not present in the repository, it was inserted only into the release artifacts. Anyone getting xz by checking out the repository and building it…
I have a toddler, and that has changed my view on it a bit, from the same starting point you are expressing. With the social pressure going on, I expect she'll get a smartphone earlier that I'd honestly prefer (not that…
Fair enough, I'll admit I missed that completely.
According to you, when does a child earn their own share of sunlight, so their parents are not "overusing" their share? Is it at a certain age, or is that only for children born latest at $YOUR_BIRTHYEAR?
I think you might have hit the moo^Wnail on the head.
I think Denmark is in the same situation, and recently gave a timeline of 10 years for new projects to get connected to the grid.
I don't think any of the national id services I've heard of stores all your data in a centralized place. Usually the national id service only provides identification to the service providers that request it. Each…
Compared to the Java ecosystem, I think there's a couple of issues in the NPM ecosystem that makes the situation a lot worse: 1) The availability of the package post-install hook that can run any command after simply…
I haven't looked into it much, but I assume the point is that it avoids the SWIFT system.
At least here in Denmark, they seem to have opted for installing bigger "pipes", instead of just laying down some fiber cables. Then in the future they can just push new cables through the pipes. An idea I bet they wish…
What do you mean? They can be in a single service file.
The Senna series from 2024 is also pretty good.
It's been possible to use Content Blockers for Safari for a long time, which alters the page content. Firefox Focus came out about a decade ago, and can be used as one.
It's been possible for about a decade to use Firefox Focus as a Content Blocker for Safari. I assume it's open source, "well trusted" is of course subjective.
And earlier than that, they jumped on the train.
anal_reactor says so.
No, not for a connector for 500W, on a $2000 GPU from one of the worlds biggest companies. They can do better.
I'm not debating that. I'm pointing out, that the person replied to, said there's no reason to mix it together with the artifact dependencies. In other words, no need to mix "dependencies" and "dev dependencies"…
Tbh, I think you missed this part: "[..] mixed with artefact dependencies itself".
Maybe that section of highway could easily be cleared in time with a warning system, like when we warn for crossing trains. A wall doesn't have to be the only solution.
My modern dishwasher is also very kind, and displays the time to end in minutes throughout the wash. Counting down from an hour. But I don't know what kind of upbringing it had, for some reason, the sneaky bastard…
It seems like a bad design choice, that, besides allowing for running untrusted code directly at download time, also makes it difficult to properly mirror artifacts, and I'd assume, make platform portability…
I'm pretty sure that's incorrect. One portion of the build-to-host buildfile was only present in the release tarball. https://www.openwall.com/lists/oss-security/2024/03/29/4
I don't really think thats more obvious. It's expected to install dev libraries, not system services, it shouldn't have that need.
Why the hell does npm support a postinstall script? There really shouldn't be a need to run arbitrary code provided by the package for something like this.
The xz backdoor was an example of exploiting this disconnect. It was not present in the repository, it was inserted only into the release artifacts. Anyone getting xz by checking out the repository and building it…
I have a toddler, and that has changed my view on it a bit, from the same starting point you are expressing. With the social pressure going on, I expect she'll get a smartphone earlier that I'd honestly prefer (not that…
Fair enough, I'll admit I missed that completely.
According to you, when does a child earn their own share of sunlight, so their parents are not "overusing" their share? Is it at a certain age, or is that only for children born latest at $YOUR_BIRTHYEAR?
I think you might have hit the moo^Wnail on the head.