Lock files were begrudgingly introduced after people who aren’t playing around with move fast and break things cried foul about dependencies being updated unexpectedly. The “semantic versioning” dogma and the illusion of safety that it brings was the original motivation. At NPM’s creation time, mature dep management ecosystems did not have floating versions, they were always pinned.
When you are talking about checking your dependencies in the source tree, you are effectively pinning exact versions, and not using floating/tilde versioning syntax.
I asked Claude to set up a new NPM project and it configured the install task as “npm ci || npm install”, which is stupid. That was on Opus4.7 xhigh. When I pointed out that doing so defeats the purpose, it said “oh yeah of course.”
Turns out there is no equivalent to “npm ci” that doesn’t clear node_modules first, and you can’t call npm install to simulate NPM ci behavior (sans clean).
Merge queues are not as frequently used… ~2000 PRs affected over 4 hours. I reckon that’s on the order of 10 commits per tenant. It’s a feature with low traction, probably because it creates more problems than it solves.
Kotlin’s closed-by-default design choice makes it worse than Java, and thus not strictly better than Java. It’s premature optimization, and a design-up-front-influenced paranoia/fear of any extension in not-designed-for places. But when I write code, I prefer to keep it open to extension, and in practice, I found a lot of value in extending decently written code, that would not be possible with Kotlin without having to go back and modify things to be open.
A startup might have trouble with, and might not have enough automation for:
- proving churned customer data was deleted completely and within the agreed-on period of time
- - not enough to have a record
- - auditors will ask you to prove the data is not laying around
- proving all changes shipped are reviewed and linked to tracked work
- proving branch rules are set to require PRs and prohibit changing history on release/trunk branches
- - auditors will ask you to show live that you can’t approve your own changes
- - some auditors might ask you for an audit log to prove no unexpected branch rule changes occurred —- depending on the observation period, you might have to build your own audit log capture to prove this
- proving you performed penetration testing
- proving you performed a disaster recovery test in production with the frequency you claim (e.g. annually)
- - running a DR test might be more than a few hours depending on your data size and level of infra automation
- - this is often something that startups are ready to execute, but don’t invest a lot of time automating
- proving you have and enforce full-disk-encryption on all your employee laptops
- - this is automated with MDM but a startup might not be running an MDM yet
- proving you are rotating credentials on the frequency you ascribe to in your policies
- - automated reports are available for some credentials, e.g. AWS keys, but takes more work for smaller vendors
- - even with AWS, you might discover you forgot to rotate something, and it might be because it’s non-trivial to execute
- perform quarterly access reviews
- - some systems are more difficult/time consuming to inspect against your employee and permissions list
- - ideally this is automated, but often times at a startup, you might not have fully automated authorization and access control, such that when employees change teams or leave the company, that you get notified and don’t miss it
- proving that you act on performance or reliability alerts
- - auditors will ask you to show live some examples of past alerts and that someone handled it
- - auditors will often ask you to show live that these alerts are consistently configured for all your production system —- startups might not have the alerting and PagerDuty-like setup be fully automated (e.g. with Terraform)
If gasoline engines burned their fuel as efficiently as possible, they would produce three by-products: water vapor (H2O), carbon dioxide (CO2) and nitrogen (N2).
Unfortunately, engines do not run perfectly, and as a result, they also produce three by-products commonly referred to as the "terrible trio" of automotive pollutants. This trio includes the following:
* Carbon monoxide (CO) – An odorless, tasteless, poisonous gas, carbon monoxide can cause a variety of health problems and even death. Many urban areas experience critically high levels of carbon monoxide, especially during the cold winter months when engines take longer to warm up and run cleanly
* Unburned hydrocarbons (HC) – Responsible for causing a variety of respiratory problems, unburned hydrocarbons can also cause crop damage and promote the formation of smog
* Oxides of nitrogen (NOX) – Like unburned hydrocarbons, oxides of nitrogen cause respiratory problems and promote the formation of smog
It’s impossible to install XCode without an Apple account. It’s only distributed through the Mac App Store, and downloads from Mac App Store require an Apple ID. And even XCode beta downloads are locked behind an Apple login.
You can install XCode CLI dev tools without an Apple account, which comes with clang and swift for example. With this, you can build most Mac software, but I don’t think you can run Swift tests without a full XCode.
As the sibling comment notes, you can install GCC/llvm and whatever other open source tools and build Mac software without full XCode.
You can also install Apple container support without an Apple account.
Xcode is also available as a standalone download from developer.apple.com, which requires an account too, but at least it's way more reliable than downloading from the store.
It’s because when placed inside the engine bay, the large wiring harness is shorter, which is not only cheaper, but also shorter wiring helps with the consistency of electrical timing and reduces noise.
Yes they do. They can tolerate engine bay heat, but not exhaust heat. They are usually shielded from getting soaked.
Some Mazdas put the metal-cased engine computer in a plastic air box that feeds cold air from the front, to help ensure the engine computer stays cool enough.
In general, I believe the cooling airflow from the frontal air and the cooling fans keeps engine bay in check.
Yeah, on the Cummins the ECU is mounted on the intake side of the engine away from the exhaust and turbo and toward the front right under the fuel injection pump so it gets lots of cooling air.
This thread is interesting to me 'cause I'm also a software guy and recently took a job dealing with building fighter jets and the amount of engineering going into the wiring and computers on those things is insane. It's been a very interesting learning experience.
When you are talking about checking your dependencies in the source tree, you are effectively pinning exact versions, and not using floating/tilde versioning syntax.