Readit News logoReadit News
ROARosen commented on Ask HN: Developer abused “sign in with GitHub”?    · Posted by u/2Gkashmiri
wpietri · 3 years ago
Oh? If it's that easy, could you explain how you would have applied that in the Firefox case and avoided the massive problems they experienced?

Because in my view their problem wasn't about API versioning. They came out with a new version and deprecated the old, after all. It was that they provided way too much coverage early on.

ROARosen · 3 years ago
I don't get your point. There will obviously be cased where API's are not needed or too complicated to maintain, which was presumably the case with Firefox, which BTW is a locally installed platform. I don't see how this affect the general discussion regarding (mostly) web platforms - which usually run on a client-server model anyway - maximizing their API footprint to expose the most functionality possible via their API.

Just because you or anyone working there doesn't see a useful use case for using that functionality over the API doesn't mean there won't be someone who will come up with something useful based on that in the future.

ROARosen commented on Volatile pay for gig workers linked to health problems   apa.org/news/press/releas... · Posted by u/hhs
ROARosen · 3 years ago
> poor sleep quality, headaches, stomach issues and back pain

While it's true that volatile-pay work is extremely stressful, this seems like a cherry-picked study to be able to write a flashy headline to people rightly concerned over a hot-button issue. They could have just as easily just said that volatile pay causes anxiety and stress, which IMHO you don't need a study for, just like we don't need a study saying that eating less increases hunger symptoms.

Anxiety and stress itself is a well-known cause of all these above issues, and there are a multitude of other work-related stresses than just volatile pay.

ROARosen commented on Facebook tracking is illegal in Europe   tutanota.com/blog/posts/f... · Posted by u/starsep
wackget · 3 years ago
> The EU decision will not have direct consequences for users, unfortunately, as it can be appealed to. Such an appeal would lead to a lengthy judicial process.

So companies can flout the law for years, making massive profits, and continue to do so for as long as they can string along an appeal process? Seems like a pretty nice loophole.

ROARosen · 3 years ago
Is there no concept of a preliminary injunction in the EU legal system?
ROARosen commented on Ask HN: Developer abused “sign in with GitHub”?    · Posted by u/2Gkashmiri
wpietri · 3 years ago
> the more API coverage a platform can provide the better

This is a very common opinion of people who consume APIs, but people maintaining the APIs often feel differently. Every API endpoint is a promise, and it's also a constraint on future innovation. Firefox is a good example, in that their old API allowed extensions to "intimately intertwine" [1] themselves, which proved a huge barrier to improving the Firefox core.

[1] https://arstechnica.com/information-technology/2015/08/mozil...

ROARosen · 3 years ago
>Every API endpoint is a promise, and it's also a constraint on future innovation.

I'm not referring to keeping any particular API endpoint alive. The problem you raise can be easily mitigated with a correctly built-out API versioning system and - more importantly - API deprecation policy.

I'm referring to just API coverage of platform features. In that sense maintaining API's can be viewed as not much different than maintaining the actual platform features themselves. Obviously the more feature you provide the more maintenance/resources will be required. That goes for both API's and the features themselves.

ROARosen commented on Ask HN: Developer abused “sign in with GitHub”?    · Posted by u/2Gkashmiri
askiiart · 3 years ago
Sounds cool, except that people will get banned. I'd recommend making a menu where people can click on individual dependencies to star, or have a button to star all (but with a very clear warning about the possibilty if getting banned).
ROARosen · 3 years ago
Great idea! will keep in mind.
ROARosen commented on Ask HN: Developer abused “sign in with GitHub”?    · Posted by u/2Gkashmiri
pydry · 3 years ago
I can't see the need for an API to star repos at all. There shoulnt even BE a permission, let alone one that is opaquely labeled.
ROARosen · 3 years ago
Just because you don't find any legitimate use case for this doesn't mean there is no use case. IMHO the more API coverage a platform can provide the better. Obvs only when it's possible to do so in a safe manner.

For instance I'm in the process of building a VScode and browser extension that would automatically star repo's of all npm packages and linked scripts used in your code (including dependencies). I think that's a basic gratitude thing for myself, and a tool some people might be interested in.

ROARosen commented on Is it time to retire the .gb top level domain?   cddo.blog.gov.uk/2022/11/... · Posted by u/robin_reala
ROARosen · 3 years ago
> There is a risk that if handed back another country might try to claim it for themselves

I really don't get this. What exactly is the risk? If they don't need it why do they need to make sure no one else gets it?

ROARosen commented on Tell HN: I can't login to Gmail due to phone cannot be used for verification    · Posted by u/sawirricardo
hobo_mark · 3 years ago
So now your second factor is... the Authy master password?
ROARosen · 3 years ago
Ha. Happens to be there is a script out there somewhere which allows you to extract the private key of any of your MFA codes from Authy through Chrome DevTools (it's an Electron app) so you can use it in whichever MFA solution you want.
ROARosen commented on Tell HN: I can't login to Gmail due to phone cannot be used for verification    · Posted by u/sawirricardo
adyavanapalli · 3 years ago
I once changed my Gmail password and promptly forgot it. When I was trying to recover it, I had no MFA set up (I had a yubikey, but somehow that wasn't allowed???), so the only option left for me was to provide them with the month and year I created the account. Since it was roughly a 10 year old account, I had no idea what those numbers were. There was also no way to reach out to an actual human for help through their account recovery workflow. I ended up creating a Twitter bot that would tweet at one or two of the handles owned by Google, once a day. After about a week, I had someone reach out, and I was finally able to prove that I actually owned the account and recover it. It was definitely a stressful time.
ROARosen · 3 years ago
I find it interesting they didn't block you. Also, would this be affected by the latest changes at Twitter?
ROARosen commented on What Beirut was like before the war (2019)   the961.com/this-is-what-b... · Posted by u/mmastrac
Apocryphon · 3 years ago
So, after the Lebanese Civil War already ended.
ROARosen · 3 years ago
Arafat was chairman of the PLO from the 1960's, before the Lebanese Civil War started. These were his policies.
R

u/ROARosen

KarmaCake day810August 14, 2020View Original