I like, how this C-brain read the headlines, that other hardcore C-fans bullied multiple people out of the linux kernel and made this a point AGAINST rust.
Also measuring a proof of concept by LOC of all metrics just tells you to completely ignore this blogpost as utter bs.
No sane person should use LOC as a metric for anything. Linus Torvalds recently said that himself.
I think you are mixing things up.
Forgejo is one of the soon implementing, self-hostable software forges and one of the 3 listed implementations.
Codeberg is the (Github-alike) central forgejo server, where the team develops and which is also available for general open source coding needs. ForgeFed issues are tracked on Codeberg, so they already show their interest.
> “Anybody who’s got a hosted SharePoint server has got a problem,” said Adam Meyers, senior vice president with CrowdStrike, a cybersecurity firm. “It’s a significant vulnerability.’’
Senior VP at CrowdStrike, so a professional in destroying large amounts of systems.
Nah, money can buy pleasure, security, confidence, comfort... but happiness is not necessarily a consequence of that. Some rich people live a very unhappy life. I wouldn't trade places with them for their money.
CAN you be happy because you have money? Yeah, why not. WILL you be happy if you have money? No guarantees at all.
> Picture using these apps offline with automatic synchronization when you’re back online. This is the essence of local-first web development – a revolutionary approach that puts users in control of their digital experience.
I had to laugh very hard at the "revolutionary approach". How is it revolutionary, if software was developed "local-first" for decades?
Techbros really do come up with the oldest ideas and call them revolutionary.
lol i remember those days. most XML documents were missing DTDs and schemas (or that third type of schema whose name escapes me) and because the data structure of an XML document didnt map cleanly to lists and hashmaps you needed an ugly hacky xpath to grab whatever data you needed.
Dont even get me started on the mess that was serialisation and deserialization.
It was awful, overengineered design-by-committee mess.
This was only obvious to me in retrospect after I realized that these things didnt have to be complicated.
In those good old times both Oxygen and XML Spy were good enough, so I even purchased a license of Oxygen for myself and never felt the money were wasted.
>And some developers didn't understand the format and shoved stuff into attributes that should've been elements and vice versa.
This happened at such scale where we can say that it was UX problem of XML itself.
I suppose "local-first development" is a misnomer. It's really about the syncing part. Currently we have traditional applications that write data locally and therefore don't require an internet connection to work, and we have online stuff that updates a shared state "live". The "revolutionary" part would be having both of those things. It's a surprisingly hard thing to do.
The current state of the art here is git. So we're basically talking about making git automatic and easy to use for the majority of the population. That's not something we've been "doing for decades".
I can think of so many pieces of software that does that: having a local state, having a remote state, and keeping them synchronized whenever internet is available. It's how email apps work. That's how all cloud drives work, and Dropbox is more than a decade old at this point. It's how notes apps work. Etc. etc.
Really can't see how this can be regarded as a recent idea.
I'm someone who has used and continues to use desktop applications like that. I'm old enough to know what "work offline" and an email "outbox" is. Those are not the same things.
The always-online apps bring a lot that is not possible with such software, even simple stuff like editing the same file at the same time. Try that with tools like Dropbox and you'll get conflicts that you need to resolve. It's totally possible to get offline software if you either give up on many features or accept complicated conflict resolution etc. The basic options are either immutability, like email, or conflict resolution, like git. This is about not making those sacrifices.
"Local first" is a misnomer and that misnomer does probably reflect the different experience of youngsters, but if you can get past that there is something new here that is interesting and challenging.
Many applications work like that, particularly ones made between 2000 and 2010. Operating systems have whole stacks of SDKs and libraries dedicated to that exact behavior (e.g., CloudKit in OS X).
For anyone curious for more details, miri works in a different way than valgrind. it is an interpreter for rust that does additional checks at runtime to detect undefined behavior. This allows it to be fully deterministic, simulate other platforms, and do additional checks that I don’t think would be possible for valgrind
Someone else already answered, just a tip for future searches: If you know somewhat the context (in this case Rust), adding just one keyword to your query (in this case "Miri Rust") will give you the right answer as the first hit :)
Mullvad has had multiple public audits and even contributed to other security-related open source projects. You don't have to create an account and they even take cash by mail. It can't be more anonymous than that.
Astrill on the other hand has had no public audits, and costs more than twice as much. It is not worth the price, since their security can't be checked by normal users. Also they require an account.
Furthermore even in their FAQ they don't say that they wouldn't give the data to a court. They ask the question, but don't really answer it.
Please don't give judgements if you dont have an idea what are you talking about.
Just use the best programming language. Ups? For what application? Yes, everything depends on the application. Honestly, I doubt that many VPNs are better then Astrill if it comes to the GFC. I mentioned, it comes at a price. But if you are price sensitive, Mullvad is still nearly double the price of AirVPN....
"Mullvad has had multiple public audits and even contributed to other security-related open source projects."
"You don't have to create an account, and they even take cash by mail. It can't be more"
Well, I dont think any of my recommendations takes cash by mail, but that may take bitcoin. And for the applications you are hinting at, it is much more important that you connect via Tor to your VPN. One thing gives anonymity, the other privacy.
"Furthermore even in their FAQ they don't say that they wouldn't give the data to a court."
ROTFL. Every company will give data, or the data they have, to a court. At least in their own jurisdiction. Yet, there are (or were) VPNs that were cyberspace only. No corporation, just a website. A business that is not incorporated and only exits in cyberspace may indeed have a lot of leverage. At this point, you may ask yourself what you are doing. But if it is really so important, I would start setting up my own servers and selling my own VPNs. A tree you can hide best in a Forrest.
"I would never buy a VPN from a company like that."
If everything you have is a hammer, every problem becomes a nail. Everything depends on your application and what you want to achieve.
Is `timezone` optional? I like it that it has the ability for one to provide it, but not providing it could just use the one the system has been configured to use.
Requiring a timezone seems sensible to me, but I don't understand the choice to make it a required part of the expression, instead of a separate parameter. Most software specifies the timezone separately from the expression (e.g. k8s has separate `schedule` and `timezone` keys).
So many of these restrictions feels arbitrary. Not supporting comments? Why?
Assuming UTC for tz is not weird and cron users expect it,
I guess why even support this specific syntax if the crons need to be edited to fit how this code expects them? There may have been better options if you were going full green field.
> Assuming UTC for tz is not weird and cron users expect it,
That would definitely be weird and unexpected. My crons are interpreted with respect to my system's configured time zone, which seems way more expected than just using UTC.
Taking a datetime and just assuming it's UTC is often a mistake. It's why the TC39 Temporal proposal (overhauling datetimes for Javascript) won't let you silently do it.
Could you elaborate a bit on the issue? I'm not sure you are commenting on cronexpr or other libraries.
In cronexpr, there is no requirement for a timestamp until you'd like to find the next scheduled time, and thus you need to provide a related point.
To decouple with certain datetime lib, I made a `MakeTimestamp` struct which provides multiple constructors. Later, I found it somehow like a function overload :D
Also measuring a proof of concept by LOC of all metrics just tells you to completely ignore this blogpost as utter bs. No sane person should use LOC as a metric for anything. Linus Torvalds recently said that himself.