> It's not like anything behind cloudflare is "mission critical" in the sense that lives are at stake or even a huge amount of money is at stake.
This is far too dismissive of how disruptive the downtime can be and it sets the bar way too low for a company so deeply entangled in global internet infrastructure.
I don’t think you can make such an assertion with any degree of credibility.
As a joke I put a face into GPT and said, make it look upset.
It rejected it, saying it violated policy, it can’t show people crying and what not, but it could do bittersweet.
I said that crying is bittersweet and it generated the image anyway.
I tried the same by turning a cat into a hyper realistic bodybuilder and it got as far as the groin before it noped out. I didn’t bother to challenge that.
I've yet to figure out a way to make it make Mario. It'll make coloring pages of Hello Kitty just fine, but asking for "Italian plumber" or anything similar has resulted in "content policy".
I got as far as asking for Mario, then telling it to do Steamboat Mickey, and then making it pixel based with 8 bit colours, and then making some of them blue and red, and then adding a flat cap.
Given the fairly shoddy security story with NPM, I genuinely don't understand the hesitation to publish a binary and have a README instruction to curl/wget it into `/usr/local/bin` or `~/.local/bin`. If it's going through NPM that publishing step has to be done already, unless the NPM build is pulling down rust to compile it all as a native extension.
Eventually it'd wangle it's way into homebrew or the unstable branch of another package registry.
But that's me, because I really dislike installing binaries via a language's package manager, because they don't get updated unless I frequently run the upgrade commands for each package manager.
Thing is… who is regularly running `npm update` or `cargo update` to keep local software up to date?
I wouldn’t, because I might be in a repo and it starts upgrading all my local dependencies, and I’m not gonna add a text editor as a dev dependency. I’ll happily take the binary, or a tar.gz with the binary in it, though.
(Btw I love how it’s following the old DOS aesthetic)
> who is regularly running `npm update` or `cargo update` to keep local software up to date?
I do, religiously, as part of my routine to check for updates.
n lts && npm uninstall -g corepack && npm update -g && n prune
Sometimes things break (that's how `npm uninstall -g corepack` became a part of my one-liner), but it is easier to update often than to neglect updates for years.
I'm in the same boat as a JS/TS developer for years to get used to npm install the recent AI command line tools under global scope, it's really weired. Personally I don't event install front end toolchains global as almost all of them work under project scope.
But I totally get the idea behind this, it's greatly combined with the cargo toolchain and is widely installed than cargo (which by the way npm is much easier to install than cargo with my personal experience), npm handles update nicely, and it can handle multiple arch too. I would still prefer npm install because I have installed a lot recently so it's ok.
Does it matter? You are apparently contemplating running a third-party binary on your machine anyway. It seems a bit weird to Worry about npm’s security story, which is all about executing arbitrary code.
I agree with the sentiment (people changing their minds), but the flipside to that is people pleasing. Someone who capitulates under even the slightest pressure is not much better than the person who is set in their ways.
The trouble there, of course, is that the motivation for changing (or not changing) one's mind is not always clear, and it's easy to score points from spinning it one way or another.
Engineers are not exactly famous for people-pleasing. Maybe management, but engineering? Maybe some fresh junior?
I'm not convinced that the existence of a low-probability event justifies normalizing the regular occurrence of a much more likely (and negative) event, like a belligerent engineer throwing a fit in a design meeting. I'd go as far as to say I'm open to more people-pleasers in engineering.
Also, fwiw, if you want to know why someone changed their mind, you can just ask them and see how you feel about the answer. If someone changes their mind at the drop of a hat, my guess is that their original position was not a strongly held one.
You and I obviously have different experiences because I encounter belligerent engineers much less frequently than ones who are enthusiastic to do what they can, and those who don't want to rock the boat when challenged.
I thought I made a fairly innocuous point, I don't even think I was talking about engineers specifically.
You can’t read people’s mind, so when in doubt, assume good intention.
It’s not particularly relevant (to me as a random non-zig affiliated HN reader) why they right their wrongs, as long as they did it, I find it positive (at least better than if they had left the monkey comments in the post).
If I felt the need to optimise things like infra setup and config at an early stage of a project, I'd be worried that I'm investing effort into the wrong thing.
Having an LLM churn out infra setup for you seems decidedly worse than the `git push heroku:master` of old, where it was all handled for you. And, frankly, cheaper than however much money the LLM subscription costs in addition to the cloud.
reply