Readit News logoReadit News
herge commented on Quirks, Caveats, and Gotchas in SQLite   sqlite.org/quirks.html... · Posted by u/thefilmore
herge · 3 years ago
I hit annoyances when using sqlite when dealing with some corner-cases. I wanted to implement a lock and share some small amount of data (who did what when) between two different linux users on the same machine.

I figured "sqlite is better than fopen, let's use that!", but between directory permissions, all the WAL files, probably the sqlite3 python lib and Diskcache (https://pypi.org/project/diskcache/) not helping things, it was a real pain, where regularly under different race conditions, we would get permission denied errors. I managed to paper it over with retries on each side, but I still wonder if there was a missing option or setting I should have used.

herge commented on Games people play with cash flow   commoncog.com/blog/cash-f... · Posted by u/kalonis
hpoe · 5 years ago
So I've always been confused by this argument of just start taxing the money that goes to shareholders because the business will reinvest it and create jobs and what not.

What keeps the company from reinvesting in the form of company luxury cars for the executives, a company home that they let the CEO live in, and executive compensation. Essentially redirecting the money that would've at least gone to index holders to the shareholders that we felt were getting too much of the pie to begin with.

Can someone explain this to me?

EDIT: just to clarify I don't mean they actually sign over the deed to the house to the ceo but rather the company maintains the house as an "executive" hq that the CEO just happens to live in, and the company doesn't give the execs luxury cars they have company cars that the executive just happen to have they keys to and only the execs. Things like that, the company claiming as corporate assets that are really only used by execs. And I am sure there are baskc laws to try and prevent something like this but there are also highly motivated CFOs to find loopholes.

herge · 5 years ago
> company luxury cars for the executives, a company home that they let the CEO live in, and executive compensation

All those should be taxed like the equivalent of income for those executives, which is a higher rate than the corporate tax rate. If these benefits in kind are not taxed as income, then it is fraud.

herge commented on KeePassXC 2.6.2 Released   keepassxc.org/blog/2020-1... · Posted by u/varjolintu
herge · 5 years ago
Does anyone know of a good KeepassX client on iOS?
herge commented on Why Canada's cannabis bubble burst   bbc.com/news/world-us-can... · Posted by u/RickJWagner
derefr · 6 years ago
Provinces aren’t states. The powers of the Canadian provincial governments are delegated to them from the Canadian federal government, not the other way around. Canada does not have a constitution that constrains federal power, since it was not formed by the uniting of states wary of federal power, but rather the uniting of colonies which all considered themselves to be under the aegis of a single sovereignty (Britain).

Fun fact: rather than each province having a plain-old governor, Canada (as any Commonwealth country) has one Governor General for the whole country; and then each province has a Lieutenant Governor, also appointed by the Queen, to serve under the Governor General.

herge · 6 years ago
Provinces aren't states, but, for example, I live in a distinct nation to you (I assume, if you are under the "aegis of Britain" ;)

There is no written constitution, but there are specific acts, charters and traditions that form constitutional law, and define the clear divisions of responsibility between the provincial and federal government. That includes my government's right to set laws about signage of commercial establishments, specific consumer rights I get, and also the commercial law around the sale of both alcohol and cannabis.

herge commented on Why Canada's cannabis bubble burst   bbc.com/news/world-us-can... · Posted by u/RickJWagner
CoolGuySteve · 6 years ago
Is it even constitutional for a province to sandbag a federal regulation like this? Retail marijuana sales in Ontario are still effectively illegal.
herge · 6 years ago
Because it is unconstitutional for the federal government to but into commercial law that is not under it's purview?
herge commented on Notice of Security Incident   about.flipboard.com/suppo... · Posted by u/captn3m0
nameismypw · 7 years ago
How are you going to rehash them without having the cleartext password? Hash the SHA1s to bcrypt and then check every password's bcrypt and SHA1*bcrypt's password from then on?
herge · 7 years ago
Yes, and slowly upgrade from bcrypt(sha1(password)) to just bcrypt(password) as uses reenter their password. Do the same when you finally upgrade from bcrypt to whatever is next. No harm in specifying the encryption 'state' in your database for each user.
herge commented on Icecream – A little debugging library   github.com/gruns/icecream... · Posted by u/pplonski86
bow_ · 7 years ago
I used to do print debugging a lot. And then I tried using the `breakpoint()` call available since Python 3.7[1], and now I can't imagine doing any serious debugging without PDB (or any other debugger).

(I mentioned Python, since this is linking to the Python-flavor of Icecream).

Sure, there are still times when just calling print() is sufficient. But they are becoming less frequent. `print()` is only shorter than `breakpoint()` by just 5 - len(variable_name_to_print) characters after all.

I know `import pdb; pdb.set_trace()` was available before, though `breakpoint()` is just a lot simpler, among others for the reasons they mentioned in the PEP.

There is also the `--pdb` flag in pytest[2], that lets me jump into a PDB session upon test failure.

All of this makes me think, what are the cases where print-level debugging is the better option in Python, compared to using an actual debugger?

[1] https://www.python.org/dev/peps/pep-0553/

[2] https://docs.pytest.org/en/latest/usage.html#using-the-built...

herge · 7 years ago
And if you really spend a lot of time in a python debugger, pudb (https://pypi.org/project/pudb/) is a lot of fun. It includes a full curses debugger, it saves breakpoints between runs, can run any interpreter (ipython, bpython, ...) you want, etc.

And since it's console only, you can even run it remotely without too much hassle.

herge commented on Jenkins Is Getting Old   itnext.io/jenkins-is-gett... · Posted by u/zdw
0xdeadbeefbabe · 7 years ago
Is buildbot old too? I sure enjoyed the flexibility. https://buildbot.net/
herge · 7 years ago
One complaint about buildbot is that if you get too creative, your buildmaster.cfg gets very hard to maintain, but if you stay very diligent, just having python (and being able to print or log whatevery is happening) makes debugging and having complex setups be very easy.

Also, if you ever need to schedule jobs/tasks (not just ci builds) across multiple machines, buildbot is great because all you need is a master, and slave python processes which just need a network connection to the master.

herge commented on Sensible Software Engineering   scriptcrafty.com/2019/02/... · Posted by u/myth_drannon
jasode · 7 years ago
>Bugs are correlated with lines of code and TDD forces writing more code so how can it reduce bug counts? If the test code has no bugs then just write the rest of the code in the same style

I'm not advocating for TDD (the programmer methodology in the IDE) but the author's explanation about "test code" isn't correct. Code written for explicit purposes of a test to exercise other code has been shown to increase correctness. E.g. SQLite database has 711x more test code than the core engine code.[1] (I made a previous comment why this is possible: https://news.ycombinator.com/item?id=15593121)

Low-level infrastructure code like database engines, string manipulation libraries, crypto libraries, math libraries, network protocol routines, etc can benefit from a suite of regression tests.

It's the high-level stuff like GUIs in webpages being tested with Selenium or LoadRunner that has conflicting business value because altering one pixel can have a cascading effect of breaking a bunch of fragile UI test scripts.

[1] https://www.sqlite.org/testing.html

herge · 7 years ago
Maybe the spry takeaway is that you should write tests for things you want to make sure they will not break.

Your UI being off by a pixel won't break your application, so if a test hangs on that, then it is not a good test.

However, your business logic, or network protocol routine, those should not break even if you heavily refactor or add new features (especially business logic where a broken behaviour might seem correct), so those need to be heavily tested.

If it is hard to test the juicy parts like business logic without also dragging in the UI, different OS/platform/db parts, etc, then you should look at how your application is structured and if it is really optimized for writing good tests.

herge commented on De-facto closed source: the case for understandable software   13brane.net/rants/de-fact... · Posted by u/zdw
randomsearch · 7 years ago
New to web dev. New to node. Looks like a complete mess to me, deserves criticism, as does much of the web dev ecosystem.

Package maintainer should indeed have found someone to pass it onto (see Cathedral & the Bazaar). And that doesn’t include the first person he’s never heard of stepping up.

BUT this applies to all package managers, maintainers, and OSS at some level.

The idea that say a startup has time to audit every line of every dependency is absurd. Even a big business can’t do that. The idea that you “don’t have to trust” the authors is untrue, in the current workflow. FOSS relies entirely on trust.

I’m not convinced FOSS is even a good idea at this point, but with the advent of widespread cyberwarfare we need to either introduce a sophisticated accompanying trust model, or exclude FOSS when working commercially.

This is a business opportunity. Audit FOSS and sell your audit guarantees in a contract. Offer services to audit more recent versions on the proviso that you can sell that audit elsewhere.

This will have the incidental benefit of encouraging clean software to be written in languages that minimise audit costs, as those projects will get used more.

Some commercial arbitration of FOSS now looks inevitable.

herge · 7 years ago
> Audit FOSS and sell your audit guarantees in a contract

Pay Redhat enough and they will do that. Although you will be limited in what you can use.

h

u/herge

KarmaCake day2155January 12, 2009View Original