This. Much of the most prevalent messaging on both the extreme left and the extreme right tends to be from other countries posing as Americans. It’s also difficult to even form opinions lately as the amount of lying by all outlets is nearly impossible to sift through. All we really know is that right, left, black, white, gay or straight, nobody is actually on our side anymore.
How is it we've made it this far and we still don't have any kind of independent auditing of basic publish security on NPM? You'd think this would be collectively a trivial and high priority task (to ensure that all publishes for packages over a certain download volume are going through a session that authenticated via MFA, for instance).
> You'd think this would be collectively a trivial and high priority task (to ensure that all publishes for packages over a certain download volume are going through a session that authenticated via MFA, for instance).
Because all mainstream packages are published via CI/CD pipeline not by an MFA'd individual uploading a GZIP to npm.com
Requiring a human-in-the-loop for final, non-prerelease publication doesn't seem like that onerous of a burden. Even if you're publishing multiple releases a day on the regular (in which case ... I have questions, but anyway) there are all sorts of automations that stay secure while reducing the burden of having to manually download an artifact from CI, enter MFA, and upload it by hand.
You can still have a step that requires a certain user/group to sign off, and you can still enforce that those users have MFA set up. Almost any serious shop that expects to pass audits already does this in some form or fashion before pushing code to prod.
Can we get a non-AI-generated article for this? I think the aikido one might be fine, but if there’s a more official source let’s use that in lieu of this AI nonsense.
It’s quite possible (likely, even) for there to be more bugs reported than Apple has capacity to investigate. I assume this is just a filter they use to get the queue down to a more reasonable size and remove bug reports that are especially old (trusting that if they’re still issued they’ll be re-reported). This kind of culling happens all the time with low pri stuff and even sometimes medium pri if there’s a clear workaround.
I 100% agree when it comes to security issues. They would have to host it themselves on their intranet through AppleConnect.
I'm a bit removed from what software Apple uses nowadays. Back when I worked there ~2021 it was still a mix of native apps (Radar, Phantom) and self-hosted enterprise versions of popular development tools. (eg. GitHub)
Which is why I commented — because there was a blind spot to their point.
I interpret “modern EV” as an EV in the 2010+ era (as opposed to the original EVs from the 1880s-1910s, which were not modern) which were made for streets / commuting (as opposed to golf carts / theme park cars, which have been around for many decades). And I don’t think I’m alone when using this framing.
They are both cartoonishly expensive. This kind of watch culture to me is even more unpalatable than country club culture. At least those people are getting quite a lot of service for what they’re paying.
I think if there's ever a day I prefer country club culture to the result of an industrial designer deciding to spend a decade coming up with all the engineering hacks to make something that cool work, I'm just going to walk out into the blizzard.
Glad to know I haven’t picked up any seriously bad habits, but how the heck do you keep the chopsticks aligned without tapping them somewhere?
Most of these seem related to health/sanitary practices/being considerate more than anything. Just avoiding contaminating what others are going to eat with your own utensils is an easy way to describe several of them.
You can just slide them with your fingers, even one handed, and it's not like they need to be perfectly aligned.
But, yeah, I tap them to align them all the time, have seen Japanese people do it day in and day out. I've even done it in some fine dining places in Japan. No one yelled at me, but I am a gaijin, so...
reply