“npm install” in particular is getting me.
“npm install” in particular is getting me.
I did it last week. We were out of power for about 30 hours. But I actually have a degree in Computer Engineering, and I did it with a friend who is a professional Electrician.
It is indeed EXTREMELY dangerous. If you don’t know what you’re doing, or make a mistake, best case scenario, you fry your generator. Worst case, you electrocute a lineman from the power company, who isn’t expecting lines to be live when there’s an outage, because yes, if you feed power into your house, that will flow OUT of your house onto the main lines (to some extent), if you let it. You could end up trying to power your whole block on your little gas generator.
We made sure both the indoor and outdoor main power shutoffs for the house were turned off, as well as all breakers. Then we unplugged the oven, and used that for the feed from the generator. Then we gradually re-activated breakers so as not to add too much load to the generator at once. Ultimately, we were able to run the whole house, except for the AC compressor, which the generator actually would have had enough power to run, but not to kick-start.
The proper way to hook up a generator to feed your house is to install an “inlet” which is both nominatively and physically the opposite of an outlet: instead of holes going into a box, you have prongs sticking out of a box. Generally, it’ll be one of the big fat 4-pronged round cables, like what your oven might use. That’ll feed down to a large double-breaker, in the top-right slot of your breaker panel. That breaker stays off until you want to run a generator, and, to meet code, you have to also install a special bracket that prevents you from turning this breaker off without turning off the primary feed for the whole house. Still kinda dangerous, but they make those brackets surprisingly foolproof.
If she does manage to fulfill her revenge fantasy, and then find peace, THAT I would find rather unbelievable. Living in hate and rage for that long, you can’t just let go of it, regardless of logic.
Love the followup to that verse.
Master, who then can be saved?
Jesus, internally: Oh, shit, good point, uhh…
What is impossible for man is not impossible for God.
Dude was just talking out his ass the whole time.
My guess would be they were expecting a moral payoff, and didn’t get it. Mizu’s “Violence only begets more violence, I must let go of my revenge” moment. Especiallly since the episode or 2 prior really seemed to be setting up for it.
I was offput by it as well, but a bad ending is one that has nothing interesting to say, or something really shit to say, or that isn’t believable in some way, not just one I hoped would be different. Plus, this story isn’t over.
Interesting that several people are reporting using “you” for negative sentiments, because I use “I” for those as well. E.G. “Well, I’m a fucking idiot.”
C, C++, C#, to name the main ones. And quite a lot of languages are compiled similarly to these.
To be clear, there’s a lot of caveats to the statement, and it depends on architecture as well, but at the end of the day, it’s rare for a byte
or bool
to be mapped directly to a single byte in memory.
Say, for example, you have this function…
public void Foo()
{
bool someFlag = false;
int counter = 0;
...
}
The someFlag
and counter
variables are getting allocated on the stack, and (depending on architecture) that probably means each one is aligned to a 32-bit or 64-bit word boundary, since many CPUs require that for whole-word load and store instructions, or only support a stack pointer that increments in whole words. If the function were to have multiple byte
or bool
variables allocated, it might be able to pack them together, if the CPU supports single-byte load and store instructions, but the next int
variable that follows might still need some padding space in front of it, so that it aligns on a word boundary.
A very similar concept applies to most struct and object implementations. A single byte
or bool
field within a struct or object will likely result in a whole word being allocated, so that other variables and be word-aligned, or so that the whole object meets some optimal word-aligned size. But if you have multiple less-than-a-word fields, they can be packed together. C# does this, for sure, and has some mechanisms by which you can customize field packing.
I recently discovered that Plex no longer works over local network, if you lose internet service. A) you can’t login without internet access. B) even if you’re already logged in, apps do not find and recognize your local server without internet access. So, yeah, Plex is already there.
That’s a good analogy.
It’s far more often stored in a word, so 32-64 bytes, depending on the target architecture. At least in most languages.
I’d say it depends on WHY you like the art. Does it tie into the toxic or reprehensible traits of the artist? Was the artist trying to send a toxic or reprehensible message with this art?
If not, then it’s just a matter of ensuring that your enjoyment of the art doesn’t translate into support for the artist. Or, at least, that it doesn’t cross your personal line of support for the artist.
So, for example, does the Kanye music you like have nazi themes or messaging? Far as I’m aware, no, the nazi-ism is just his newest shit, so you’re probably fine as long as you’re not streaming from Spotify or YouTube, or otherwise giving him revenue.
Yes, absolutely.
You know what we, in the industry, call a detailed specification fo requirements detailed enough to produce software? Code.
The REAL problem is that the industry collectively uses JS almost exclusively for shit it was never meant to do. Like you say, it’s intended for it to not throw errors and kill your whole web page, because it was only ever intended to be used for minor scripts inside mostly-static HTML and CSS web pages. Then we all turned it into the most-popular language in the world for building GUI applications.
Honestly, if you’re having trouble finding stuff for vanilla JS, I’d recommend looking at jQuery. Not that you should USE jQuery, necessarily, but the library is basically a giant wrapper around all the native JS APIs, so the approach to building stuff is essentially the same: it all focuses on tracking and manipulation of DOM elements.
I do vanilla JS (actually TypeScript) dev at work, daily, and that was my big takeaway from spearheding our team’s migration from jQuery to vanilla TypeScript: I honestly don’t know what benefit jQuery provides, over vanilla, because all the most-common jQuery APIs that we were using have a 1:1 native equivalent.
We do also use 2 third-party libraries alongside vanilla, so I’l mention those: require.js and rx.js. Require you probably don’t need, with modern JS having bundling and module support built-in but we still use it for legacy reasons. But rx.js is a huge recommend, for me. Reactive programming is the IDEAL way to build GUIs, in my opinion.
My big reason would be “it hurts readability”. That is, when writing code, readibility for others who aren’t familiar with it (including future me) is my top-priority, and that means indentation and alignment are HIGHLY important, and if I spend the time to write code with specific indentation and alignment, to make it readable at a glance, I want to be certain that it’s always going to display exactly that way. Tabs specifically break that guarantee, because they’re subject to editor settings, which means shit like the below example can occur:
I write the following code with an editor that uses a tab size of 4.
myObject.DoSomething(
someParameter: "A",
someOtherParameter: "B",
value: "C");
If someone pulls this up in an editor that uses a tab size of 8, they get…
myObject.DoSomething(
someParameter: "A",
someOtherParameter: "B",
value: "C");
Not really a big deal, in this simple case, but it illustrates the point.
My second reason would be that it makes code more difficult to WRITE, I.E. it’s not that hard to insert spaces when you mean to insert tabs, considering that you’re not LITERALLY using only tabs just only tabs for indentation and alignment. And if you do accidentally have spaces mixed in, you’re not going to be able to tell. The guy on another machine with different editor settings will, though.
I’m aware there are fonts that can make spaces and tabs visible and distinct, but that sounds like a NIGHTMARE to write and read code with. I mentioned above, my top priority is easy readability, and introducing more visual noise to make tabs and spaces distinct can only hurt readability.
Denying that the logo used to have a cornucopia is a thing? Sheesh, TIL.
You’re right to think that “since it’s open source, people can see what it’s doing and would right away notice something malicious” is bullshit, cause it pretty much is. I sure as hell don’t spend weeks analyzing the source code of every third party open source package or program that I use. But just like with close-source software, there’s a much bigger story of trust and infrastructure in play.
For one, while the average Joe Code isn’t analyzing the source of every new project that pops up, there are people whose job is literally that. Think academic institutions, and security companies like Kaspersky. You can probably argue that stuff like that is underfunded, but it definitely exists. And new projects that gain enough popularity to matter, and don’t come from existing trusted developers are gonna be subject to extra scrutiny.
For two, in order for a malicous (new) project to be a real problem, it has to gain enough popularity to reach its targets, and the open source ecosystem is pretty freakin’ huge. There’s two main ways that happens: A) it was developed, at least partially, by an established, trusted entity in the ecosystem, and B) it has to catch the eye of enough trusted or influential entities to gain momentum. On point B, in my experience, the kind of person who takes chances on small, unknown, no-name projects is just naturally the “exceptionally curious” type. “Hmm, I need to do X, I wonder what’s out there already that could do it. Hey, here’s something. Is it worth using? I wonder how they solved X. Lemme take a look…”
For three, the open source ecosystem relies heavily on distribution systems, stuff like GitHub, NuGet, NPM, Docker, and they take on a big chunk of responsibility for the security and trustability of the stuff they distribute. They do things like code scanning, binary validation, identity verification, and of course punitive measures taken against identified bad actors (I.E. banning).
All that being said, none of the above is perfect, and malicious actor absolutely do still manage to implant malware in open source software that we all rely on. The hope is that with all of the above points, as well as all the ones I’ve missed, that the odds of it happening are rare, and that when it DOES happen, it’s way easier to identify and correct the problems than when we have to trust a private party to do it behind closed doors.
Great recent example, from last year: https://www.akamai.com/blog/security-research/critical-linux-backdoor-xz-utils-discovered-what-to-know
Me, I see this story as rather uplifting. I think it shows that the ecosystem we have in place does a pretty good job of controlling even the worst malicious actors, cause this story involves just about the worst kind of malicous actor you could imagine. They spent a full 2 years doing REAL open source work to develop that community trust I talked about, as well as maintaining a small army of fake accounts submitting support requests, to put pressure on the project to add more maintainers, resulting in a VERY sophisticated, VERY severe backdoor being added. And they still got found out relatively quickly.
Arcane.
Alternative image for C: Mr. Incredible: “A PARAMETER IS A PARAMETER!”