The problem is working on different computers & sometimes switching back and forth between private time and work time. That’d require actual button presses or something to “clock” in/out
The problem is working on different computers & sometimes switching back and forth between private time and work time. That’d require actual button presses or something to “clock” in/out
As someone who works atrocius times of their own volition & has to create a clean timesheet every end of the month, this is a great idea -buyt there are too many special rules to consider imo - also I never properly track time (keep forgetting) but reconstruct work times from emails, chats & calendar entries :)
thanks, now I’ll be policing my own speech for this :D
One good alternative: codeberg.org
For the purpose of protecting important data, the distinction really doesn’t matter. And the good old xkcd comic has a point - for many people, all relevant data is in the user’s accessible storage area anyways. Hence me running almost all internet applications and steam in a jail.
Okay, fair point, let me rephrase: if someone knows what kernel (admin) level execution means, and installs a game that requires this on a computer where they keep important data, they are a dumbass mtherfcker :) Generally speaking though: most people shouldn’t be allowed to use technology - humans are unbelievably stupid for the most part.
we just need one pvp game with kernel level anti cheat
Leaving aside that security patches should be done, if you install that kind of game on a system where you have any data worth protecting, you’re a dumb ass mtherfcker. Sorry, but seriously, that’s just how it is.
While security has nothing to do with my disgust for docker and people advocating its use, docker adds a layer of complexity, which means it is not necessarily more secure.
What is extremely bad about docker:
In general, if you can’t write a good user manual, or at least clearly identify needed dependencies and configurations, you should not be developing software for other people.
it combines the disadvantages of a VM (shitty performance) and running directly on the host OS (sandboxing is not nearly as good as on a VM)
it creates insane bloat, by completely bypassing the concept of shared libraries and making people download copies of software they already have on their system
it adds a lot of security risks because the user would have to not only review the source code they are compiling and installing, but also would have to scan all the dependencies and what-not, and would basically have to trust the developer and/or anyone distributing an image that they did not add any malware.
I have no mistress, and I know no misters.
you lost me at “docker”. The only people using docker are morons and those that trust software by morons.
yeah, that describes my thought process well - I am thinking in words while typing (or while reading, speaking, listening, obviously), but in abstract concepts when not interacting with language, but with objects around me.
From all the attempts of people expaining it a bit differently each time, I think your assessment as a spectrum is the one explanation that makes the most sense, and feels fitting for my “wtf are people talking about”-reaction. It’s like “did you know that 10% of all cars will have an engine failure within the first 50 thousand kilometers” as clickbait for statistical defects…
Still not specific enough. I may sometimes “think loud inside” i.e. think in sentence form / “I should definitely do this” - and I definitely “speak silently” in my brain when I am typing out a sentence like this one right here - but I think that is VERY much the norm if not impossible not to do - because writing down language requires the language center / processing skills of the brain.
Beyond that, however, I wouldn’t normally comment on what I see / do - because that’s… kinda redundant?
Does it mean there are people who really comment everything in their brains? Like “Mhh… this wall is yellow. There’s a doorframe to my right - the door is made of wood.” etc?
I still don’t know whether that means my absolutely everyday way to think the words I am typing right now, or if some people can actually hear their “inner voice” like in a movie voiceover when the protagonists thoughts are narrated in the protagonist’s voice. Or do people have a “dialogue” in their heads? I mean that never occurred to me because at least that part of "mono"logue is clear…
What’s driving me wild about these claims is I DON’T KNOW WHAT THE FUCK PEOPLE EVEN MEAN with “inner monologue”. And none of those stupid articles seems to bother to first and foremost try to define what the fuck they are writing about. A definition of the word…
you are at the same time right, but … wooosh.
I am strongly anti-violence but sometimes I think a bit of torture wouldn’t be the worst means to remind politicians who they represent.
For the keys - do you mean something like
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 00000000 where 00000000 is replaced with the fingerprint of the key you want to fetch?
I do agree - the apt-key command is kinda dangerous because it imports keys that will be generally trusted, IIRC. So a similar command to fetch a key by fingerprint for it to be available to choose as signing keys for repositories that we configure for a single application (suite) would be nice.
I always disliked that signing keys are available for download from the same websites that have the repository. What’s the point in that? If someone can inject malicious code in the repository, they sure as hell can generate a matching signing key & sign the code with that.
Hence I always verify signing keys / fingerprints against somewhat trustworthy third parties.
What we really need though is a crowdsourced, reputation-based code review system. Where open source code is stored in git-like versioning history, and has clear documentations for each function what it should and should not do. And a reviewer can pick as little as an individual function and review the code to confirm (or refute) that the function
Then, your reputation score would increase according to other users concurring with your assessment (or decrease if people disagree), and your reputation can be used as a weighting factor in contributing to the “review thoroughness” of a code module that you reviewed. E.g.: a user with a reputation of 0.5 confirms that a module does exactly what it claims to do: Module gets review count +1, module gets new total score of +0.5, new total weight of ( combined previous weights + 0.5 ) and the average review score is “reviews total score” / “total weight”.
Something like that. And if you have a reputation of “0.9”, the review count goes +1, total score +0.9, total weight +0.9 (so the average score stays between 0 and 1).
Independent of the user reputation, the user’s review conclusion is stored as “1” (= performs as claimed) or “0” (= does not perform as claimed) for this module.
Reputation of reviewers could be calculated as the sum of all their individual review scores (at the time the reputation is needed), where the score they get is 1 minus the absolute difference between the average review score of a reviewed module and their own review conclusion.
E.g. User A concludes: module does what it claims to do: User A assessment is 1 (score for the module) User B concludes: module does NOT what it claims to do: User B assessment is 0 (score)
Module score is 0.8 (most reviewers agreed that it does what it claims to do)
User A reputation gained from their review of this module is 1 - abs( 1 - 0.8 ) = 0.8 User B reputation gained from their review of this module is 1 - abs( 0 - 0.8 ) = 0.2
If both users have previously gained a reputation of 1.0 from 10 reviews (where everyone agreed on the same assessment, thus full scores):
User A new reputation: ( 1 * 10 + 0.8 ) / 11 = 0.982 User B new reputation: ( 1 * 10 + 0.2 ) / 11 = 0.927
The basic idea being that all modules in the decentralized review database would have a review count which everyone could filter by, and find the least-reviewed modules (presumably weakest links) to focus their attention on.
If technically feasible, a decentralized database should prevent any given entity (secret services, botfarms) to falsify the overall review picture too much. I am not sure this can be accomplished - especially with the sophistication of the climate-destroying large language model technology. :/
Makefiles/automake isn’t a reasonable expectation these days, with a plethora of languages and build toolchains, but good, clear instructions are definitely something to include.
As for the Makefiles, I meant that for whatever build toolchain the project uses - because the rules to build a project are an essential part of the project, linking the source code into a working library or executable. Whether it is cmake, or gnu make, or whatever else there is - that’s not so important as long as those build toolchains are available cross platforms.
I think what is really missing in the open source world is a distribution-agnostic standard how to describe application dependencies so that package maintainers can auto-generate distro-packages with the distribution-specific dependencies based on that “dependencies” file.
Similar to debian dependencies
Depends: libstdc++6 (>= 10.2.1)
but in a way that identifies code modules, not packages, so that distributions that package software together differently will still be able to identy
findPackageFor( dependency )
I would really like to add this kind of info to my projects and have a tool that can auto-build a repo-package from those.
Big red button might help, but when I’m “in the zone” with coding, normally I forget everything around me :) One moment I’ll be browsing the web on my leisure time, and then I have an idea for one of my work projects, switch to that and “wake up” 8 hours later with lots of stuff done and no idea when I “clocked in” - that’s usually when I do “ls -lR” on my project folders and check file timestamps :D