Readit NewsLike how xz was attacked, everyone pointed at that and no one said they didn't vet their dependencies.
That's the whole point, you attack a dependency that everyone relies on because it's been good and stable. That's how these pyramids build up over time.
So spoiler, it's not unlikely one of the dependencies in your minimal set gets exploited...
Sure there are packages trying to solve 'the world' and as a result come with a whole lot of dependencies, but isn't that on whoever installs it to check?
My point was that git clone of the source can't be the solution, or you own all the code... And you can't. You always depend on something....
Say you need compression, you're going to review changes in the compression code? What about encryption, a networking library, what about the language you're using itself?
That means you need to be an expert on everything you run. Which means no one will be building anything non trivial.
So unless you're not logging your request path/query string you're doing something very very wrong by your own logic :). I can't imagine diagnosing issues with web requests and not be given the path + query string. You can diagnose without but you're sure not making things easier
They compare to natural gas. Not the cheapest alternative.
>Pipes run through the pile, and fluid flowing through them removes heat to supply the customer
Just basic district level geothermal heat pumps do the same. You don't need to heat the soil. Just drill down and install pipes. Earth generates heat. What is the cost difference now?
This doesn't with everywhere though? Because of geology?
Then your storage model becomes "a cloudy week" rather than "a whole season", and the storage scale changes significantly.
This shows how immature the field of software engineering is. Imagine bridges or houses were built like that. Or your surgeon was trained like that.
Over time, we hopefully develop estblished norms, but at the moment, things are too much in flux. Put 5 sw engineers in a room, pose a problem and you will get not just 5 different solution proposals, but there will likely be strong disagreements on which approach is a good one.
"I recognize a good solution when I see it" is just not good enough for a serious engineering discipline.
While I don't disagree with you in general, this does feel a bit off.
By that logic you can call the field of music immature, and all of the arts. I think the difference is that its easy to experiment without high costs.
I genuinely think that if building bridges was cheap and quick, the fastest way to learn was to try...
The way I understand it, Germany had a horrid mix of anti-nuclear eco-activists, local coal lobbyists and Gazprom's natural gas lobbyists. The politicians not included in any of the above were too toothless, and couldn't fight through this bullshit and secure good outcomes regardless.
I mean not always, they put feed in tarifs for solar in law at the end of the 90s. This led to a huge boom in solar production and it made the Germans very big in solar panel production. Unfortunately, like all other countries they were eventually outproduced by china.
This model has been copied in a lot of places afterwards and only when a mature market for solar exists does it stop working (it becomes a subsidy for people that produce paid for by people that don't).