Readit News logoReadit News
marifjeren commented on Shai-Hulud compromised a dev machine and raided GitHub org access: a post-mortem   trigger.dev/blog/shai-hul... · Posted by u/nkko
marifjeren · a day ago
> """ I'm strongly in favor of blocking post-install scripts by default. :+1: This is a change that will have a painful adjustment period for our users, but I believe in ~1 year everyone will look back and be thankful we made it. It's nuts that a [pnpm|yarn|npm] install can run arbitrary code in the first place. """

- a pnpm maintainer 1 year ago

https://github.com/pnpm/pnpm/pull/8897

marifjeren commented on Programmers and software developers lost the plot on naming their tools   larr.net/p/namings.html... · Posted by u/todsacerdoti
marifjeren · 4 days ago
There is actually a good reason not mentioned, not to name tools by their purpose:

- the purpose will change

Your "silicon-valley-bank-integrator" tool will eventually need to be updated to do something else.

Or your "login-page-config-service" tool may eventually do more than just logins.

Using gibberish or mythological names gives a nice memorable name that doesn't lead (or mislead) you to believe it does a particular thing which may or may not be correct anymore.

marifjeren commented on ULID: Universally Unique Lexicographically Sortable Identifier   packagemain.tech/p/ulid-i... · Posted by u/der_gopher
sedatk · 6 days ago
You mean someone who wants to attack your system might be discouraged by Base32 encoding?
marifjeren · 6 days ago
Sorry, I'm not familiar with the ULID spec. You seem to be, hence my asking. Are you saying monotonic/sequential ULIDs are just (or just as easily enumerated as) Base32-encoded integers?

Oh and yeah, I guess I do think lots of script / AI kiddies would be discouraged by, or fail to see an opportunity when presented with, something that does not look like the numbers they saw in school.

marifjeren commented on ULID: Universally Unique Lexicographically Sortable Identifier   packagemain.tech/p/ulid-i... · Posted by u/der_gopher
sedatk · 6 days ago
Whenever ULID comes up, I need to remind that it has a sequential ID generation mode in its spec which is prone to conflicts on multi-threads, processes or hosts which kills the purpose of a "universal" identifier. If you need a sequential ID, just use an integer, preferably one that's autoincremented by the database.

It's best to stick to UUIDv7 because of such quirks of ULID.

marifjeren · 6 days ago
> If you need a sequential ID, just use an integer

Are monotonic/sequential ULIDs as easily enumerated as integers? It's the ease of enumerability that keeps a lot of folks away from using sequential integers as IDs

marifjeren commented on 1D Conway's Life glider found, 3.7B cells long   conwaylife.com/forums/vie... · Posted by u/nooks
marifjeren · 12 days ago
What does 1D mean here? It's a single row of length 3.7b?
marifjeren commented on Study finds memory decline surge in young people   onepercentrule.substack.c... · Posted by u/drcwpl
boxerab · a month ago
spike protein is known to travel across the blood brain barrier

https://pubmed.ncbi.nlm.nih.gov/35052867/

But of course something introduced between 2013 and 2023 that gets your cells to manufacture spike protein, with no way of regulating the spike dose, couldn't possibly be connected with memory decline.

marifjeren · a month ago
Why would that differentially affect young people?

Deleted Comment

Deleted Comment

marifjeren commented on NPM debug and chalk packages compromised   aikido.dev/blog/npm-debug... · Posted by u/universesquid
marifjeren · 3 months ago
Definitely sounds like spear phishing targeting you specifically.

Kudos to you for owning up to it.

As others have said, it's the kind of thing that could happen to anyone, unfortunately.

marifjeren commented on Sheafification – The optimal path to mathematical mastery: The fast track (2022)   sheafification.com/the-fa... · Posted by u/atomicnature
marifjeren · 4 months ago
Not much attention given at all to explaining what order in which these should be read or what optimality means. This is just a list of books some guy is proud to have read
m

u/marifjeren

KarmaCake day188January 25, 2018View Original