Ephera

Yeah, if I ever catch a calm hour in the store, I'll actually look through the aisles and check out products I wouldn't normally buy. If the store is busy, I grab the usual and flee as quickly as possible.

I mean, modern package managers generally now come with lock files, which effectively auto-pin your dependencies, until you trigger a dependency update.

And while it isn't bullet-proof, it does result in you effectively having a dependency cooldown most of the time. You're only vulnerable, if you trigger the dependency update while the compromised dependency release is public.

Obviously, this can be bad enough, but it does also mean that an ecosystem with lock files is far less attractive to target with a supply-chain attack, since far fewer hosts will get compromised on average.

Ok.

One time, I had to request firewall access for a machine we were deploying to, and they had an Excel sheet to fill in your request. Not great, I figured, but whatever.

Then I asked who to send the Excel file to and they told me to open a pull request against a Git repo.
And then, with full pride, the guy tells me that they have an Ansible script, which reads the Excel files during deployment and rolls out the firewall rules as specified.

In effect, this meant:

1. Of course, I had specified the values in the wrong format. It was just plaintext fields in that Excel, with no hint as to how to format them.
2. We did have to go back and forth a few times, because their deployment would fail from the wrong format.
3. Every time I changed something, they had to check that I'm not giving myself overly broad access. And because it's an Excel, they can't really look at the diff. Every time, they have to open it and then maybe use the Excel version history to know what changed? I have no idea how they actually made that workable.

Yeah, the whole time I was thinking, please just let me edit an Ansible inventory file instead. I get that they have non-technical users, but believe it or not, it does not actually make it simpler, if you expose the same technical fields in a spreadsheet and then still use a pull request workflow and everything...

Still works well as a concept for PeerTube...

It's a speed limit, not a mandatory speed.

I also have to say that I was frequently tailgated, because I was going at the speed limit, when mostly everyone else went above.

They have breaking changes in their minor versions...

Personally, I find that (complex) software implemented in Python tends to be so unreliable that I typically don't want to use it after all, but I only find that out after wasting a bunch of time learning the software.
It's just frustrating, especially if I come back to the software every so often, naively thinking that it's been a few versions, so maybe they've fixed it. It's always just different bugs, which still end up being too frustrating to use the software.

To give an example, I like to compose music using Lilypond, which is more-or-less a programming language to create sheet music. And there is a program that's supposed to give you a well-integrated workflow for that (i.e. an IDE), called Frescobaldi.
The first time I tried it, playback of the composed music wouldn't work.
The second time, I couldn't click on notes to jump to the respective code snippet.
And I tried it again a few weeks ago and it just crashed immediately with an obscure error message.

Instead, I've slapped together a script, which just opens the sheet music in my PDF viewer, the code in my normal editor and then uses a CLI tools to generate and playback the sheet music. And while it's definitely not perfect, it has been working more reliably for me than Frescobaldi ever has.

Yeah, this discrepancy really irks me in programming, too. It's really good at known problems, like student homework or whatever task a middle manager will throw at it to see how well it works.
But because of the nature of software – if there is a solution, you can easily share it with everyone in the world – it's kind of our job to work on anything but known problems.

Yeah, there's gonna be some known parts, where it may be able to assist, similar to a library or StackOverflow. But if it can put together your whole solution without tons of human input, chances are that solution is already out there and you should be using it instead.

Ah, thanks, I hadn't read that far. It says this:

A 1941 Commerce Department survey found no significant expansion of retail sales due to the change.

With this as source: https://www.nytimes.com/1941/05/21/archives/thanksgiving-goes-back-to-old-date-in-42-president-says-change-did.html

Damn, what a concept. If people buy extra in this time period, it is 100% crap that they don't need. Otherwise, they would be buying it, no matter when it gets stocked. So, the way to combat an economic crisis is to produce more garbage. Incredible.

Bash fucks me up so much, too. You just put the parentheses there to say that something is a function, not for actually declaring the parameters that can be passed in...