> And git! Don't get me started on git! The best minds of a generation stuck in a paradigm of downloading files to their local machine, making changes, then emailing git pushing them up to be approved? Madness!
I'm far from a seasoned user of git(hub), but the way I use it is to do a whole lot of local futzing around with a bunch of intermediate files and then only git push the final sanitised, public consumption-ready versions which aren't actually possible without the unsanitised intermediate files that I choose to keep private and local.
Yeah, maybe there are access controls possible to setup for all that to make the whole enchilada "in the cloud", but why bother when you can just push the wheat and ignore the chaff? If it's all in the cloud there's more chance of accidentally exposing it to the world (which even happens with the above-described scenario).
The diatribe appears to be sarcasm but I can't really understand what he actually advocates for. You can't "living document" source code by having a bunch of people all edit it at the same time like a google doc.
And the line about git is just wrong. You don't git push something "to be approved". If you can push it then it is "approved" to wherever you pushed it to.
Storing data on your own computer is a security risk sure. There are places that prohibit checking out source code locally. That has nothing to do with git though, in fact those places generally tend to still use git. Which is a database for your files and changes. You just need non-local computers to edit, compile, test, etc. Which is entirely possible.
I am not going to take it sarcasm. I will take it quite literally for the nonsense that it is. Sarcasm is a subjective label that has no objectivity, and so it is best if discarded when not made explicit.
Until there is some agreed upon open solution I don't have to pay for every month in perpetuity, and can script against as easily as reading a file from my local file system, I'll take files.
Counterpoint: when the product manager attempts to revise history about what was specified for a certain feature at a certain point in time, I'm often able to search my emails for a copy of a powerpoint they'd sent round with wording to the opposite effect. Yes, version history is a thing on collaborative docs, and our documentation processes should be a lot better, but timestamped copies are a sometimes the best way to track what happened with a piece of dev work 10 years ago.
Bingo! A file sent out creates a specific paper trail and accountability for all parties. If I want to make sure there’s a record of me sending documentation to someone, I’m not relying on giving them write permission to the critical piece of text… this isn’t even about distrust but about clarity for all parties in the file transfer.
> Counterpoint: when the product manager attempts to revise history about what was specified for a certain feature at a certain point in time, I'm often able to search my emails for a copy
Hit the nail on the head. I even send emails summarizing hallway conversations I've had, just so there's a record of what understanding I came out of the conversation with. In part because ephemeral conversations (be they in person or over some IM system) often leads to misunderstanding and a summary can surface those misunderstandings, and in part to cover my ass when someone revised history.
Similarly I tend to overdocument everything, everywhere: emails with summaries from in-person chats; messages confirming something decided/agreed upon during a meeting; commit messages with details about why and how something non-obvious was decided and implemented; code comments linking to documents when some product decision was made that I objected to; comments on tickets about decisions/discussions; PR descriptions referencing documents related to the task.
It's not only to cover my ass but also to leave as many breadcrumbs in the trail to anyone that needs to read this in the future to understand what happened (including, most times, myself).
It's saved my ass many times and it's just a natural part of my workflow.
I have in the past taken to saving a copy of a web page or document and just keep it in my downloads directory for this very purpose, files aren't big or problematic to use usually. There is a lot more space on a local machine than is usually allocated in enterprise drives and email its a much better place to keep most things, all be it you have to do another backup solution if they matter.
One organisation I worked for published the bonus scheme as a web page and I saved it and a year later when they were paying those bonuses they had changed the page silently without any notice it had changed. They refused to admit it changed when people called it out, until I provided the copy that matched everyone’s memory exposing management as liars. I was the only person that saved it, the workers were being short changed for £100,000s.
The author is not against files, but against sharing files.
You can't control what the person does with it or who they share it with. For all I know they are just uploading it straight to ChatGPT. Therefore sharing files is loosing ownership.
On the other hand just because something is in a cloud doesn't mean it isn't yours. It can also be in your own self-hosted cloud.
> You can't control what the person does with it or who they share it with. For all I know they are just uploading it straight to ChatGPT. Therefore sharing files is loosing ownership.
Maybe they are feeding it into a screenreader or a local LLM because that is what works for them, or because they suffer from challenges you aren't aware of and don't need to be. You still have the same "ownership" of any files on your computer and data within, from a legal perspective. What you are talking about isn't ownership, it's control. Control to hamper others' usage of data which they're already allowed to access.
That desire for technical control is an exercise in futility: If I wanted to share a piece of sensitive info, aside from copying it via a number of technical means, I can just talk to someone in person and say "I saw...", or perhaps a malicious actor will hack my computer and gain access to it via screenshots, packet captures, arbitrary logging, etc.
Thus, if you don't trust me to secure the contents of a file (whether due to incompetence or malice), and aren't willing to risk it, don't send it to me. Most people in the world don't send me their files, and I'm ok with that. Alternatively, and also common, is to send the file to people who are contractually bound to use it in accordance with a set of terms. For example: an employment contract; or a partnership agreement.
Because security locked-down anything more tech-savvy. Tbh I think the only 'allowed' way of sending data out where I work is to build an API and surface it from a data exchange platform so locked down the incompetent security team barely knows how to get data into it or out of it.
If you look at the venn diagram of 'things people want to send' and 'things people are willing to spend years of approvals and networking headaches to send' you quicky realise why emailed (or sometimes even on a USB) CSVs are the lingua franca of government data.
Dead wrong on Git, not to mention the general, inherent issues with locking your ability to freely share your data behind the monthly plans of cloud vendors. No, local sync isn't a replacement as it's often in a non-free binary format. Cross vendor compatibility issues are waved away as "having to work a little harder". Rarely has a sentence done so much work.
The author attempts to moderate at the end by saying sometimes you need a local copy. However, as this option becomes rarer, so do the tools that support it. Eventually, you won't even get to make that choice.
As for development, "merging" is far more complicated than for text documents and cannot be left to an automated system.
Is sharing files less secure? Surely. Is it worth it? Yes.
We have a number of "living documents" that are the specification for the project I'm currently working on. It's terrible. There's no easy way to know that changes have been made or what they are. Sure, there's red-lining and history. But it requires me to visually scan the document for changes every day, sometimes ever hour.
Sure emailing a copy isn't ideal, but it does have the advantage of saying "Here is a set of ideas that I've decided is complete" As opposed to "Watch my stream of consciousness and decide whether it's done or in mid-edit and act on it."
> Sure emailing a copy isn't ideal, but it does have the advantage of saying "Here is a set of ideas that I've decided is complete" As opposed to "Watch my stream of consciousness and decide whether it's done or in mid-edit and act on it."
I agree with your concept but I wish more people treated email like rather than as a stream of consciousness or a series of one-line exchanges that would be better off as chats (in some situations, anyways)
Readit News
I'm far from a seasoned user of git(hub), but the way I use it is to do a whole lot of local futzing around with a bunch of intermediate files and then only git push the final sanitised, public consumption-ready versions which aren't actually possible without the unsanitised intermediate files that I choose to keep private and local.
Yeah, maybe there are access controls possible to setup for all that to make the whole enchilada "in the cloud", but why bother when you can just push the wheat and ignore the chaff? If it's all in the cloud there's more chance of accidentally exposing it to the world (which even happens with the above-described scenario).
And the line about git is just wrong. You don't git push something "to be approved". If you can push it then it is "approved" to wherever you pushed it to.
Storing data on your own computer is a security risk sure. There are places that prohibit checking out source code locally. That has nothing to do with git though, in fact those places generally tend to still use git. Which is a database for your files and changes. You just need non-local computers to edit, compile, test, etc. Which is entirely possible.
Hit the nail on the head. I even send emails summarizing hallway conversations I've had, just so there's a record of what understanding I came out of the conversation with. In part because ephemeral conversations (be they in person or over some IM system) often leads to misunderstanding and a summary can surface those misunderstandings, and in part to cover my ass when someone revised history.
It's not only to cover my ass but also to leave as many breadcrumbs in the trail to anyone that needs to read this in the future to understand what happened (including, most times, myself).
It's saved my ass many times and it's just a natural part of my workflow.
One organisation I worked for published the bonus scheme as a web page and I saved it and a year later when they were paying those bonuses they had changed the page silently without any notice it had changed. They refused to admit it changed when people called it out, until I provided the copy that matched everyone’s memory exposing management as liars. I was the only person that saved it, the workers were being short changed for £100,000s.
You can't control what the person does with it or who they share it with. For all I know they are just uploading it straight to ChatGPT. Therefore sharing files is loosing ownership.
On the other hand just because something is in a cloud doesn't mean it isn't yours. It can also be in your own self-hosted cloud.
Maybe they are feeding it into a screenreader or a local LLM because that is what works for them, or because they suffer from challenges you aren't aware of and don't need to be. You still have the same "ownership" of any files on your computer and data within, from a legal perspective. What you are talking about isn't ownership, it's control. Control to hamper others' usage of data which they're already allowed to access.
That desire for technical control is an exercise in futility: If I wanted to share a piece of sensitive info, aside from copying it via a number of technical means, I can just talk to someone in person and say "I saw...", or perhaps a malicious actor will hack my computer and gain access to it via screenshots, packet captures, arbitrary logging, etc.
Thus, if you don't trust me to secure the contents of a file (whether due to incompetence or malice), and aren't willing to risk it, don't send it to me. Most people in the world don't send me their files, and I'm ok with that. Alternatively, and also common, is to send the file to people who are contractually bound to use it in accordance with a set of terms. For example: an employment contract; or a partnership agreement.
Example: screenshot. Now toss it in ChatGPT or tool of your choice and ask it to extract the content.
Deleted Comment
If you look at the venn diagram of 'things people want to send' and 'things people are willing to spend years of approvals and networking headaches to send' you quicky realise why emailed (or sometimes even on a USB) CSVs are the lingua franca of government data.
The author attempts to moderate at the end by saying sometimes you need a local copy. However, as this option becomes rarer, so do the tools that support it. Eventually, you won't even get to make that choice.
As for development, "merging" is far more complicated than for text documents and cannot be left to an automated system.
Is sharing files less secure? Surely. Is it worth it? Yes.
Sure emailing a copy isn't ideal, but it does have the advantage of saying "Here is a set of ideas that I've decided is complete" As opposed to "Watch my stream of consciousness and decide whether it's done or in mid-edit and act on it."
I agree with your concept but I wish more people treated email like rather than as a stream of consciousness or a series of one-line exchanges that would be better off as chats (in some situations, anyways)