Then again, cookie auth is vulnerable to CSRF. Pick your poison.
Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.
Then again, cookie auth is vulnerable to CSRF. Pick your poison.
Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.
Framework has multiple config files, allowing you to customize almost every aspect of it.
Nooo, this is too much config files, they take up too much space in my project tree.
Framework is a monolith with a single file to configure it.
Nooo, the file is unreadable and developing extensions for it is annoying.
Framework is minimal
Nooo, it doesn’t have any useful built-in features.
Framework is a complete solution without too many things to configure.
Nooo, it doesn’t allow me to do what I want.
Reminds me of that one episode on House M.D. where he performed an operation on himself in the bathroom.
The fact is there is no evidence for existance of
GodFlying Spaghetti Monster. But also there is no evidence that disproves the existence ofGodFlying Spaghetti Monster.
See how that doesn’t make sense?
General rule of thumb: Comments say why is it here, not what it does. Code itself should describe what it does.
Yeah I don’t get why it spits out whole types instead of only differences between them. Like “function expects non-null ‘some.param.in.object’ of type ‘string’ in argument ‘someArgument’, which is missing in passed argument”.
The language itself is not that bad. Especially the newest releases are really great, thought out DX improvements. What stinks are its legacy parts and how it needs to be run.
My biggest pain is that for it to actually behave like it should it requires some sort of an actual web server like apache or nginx.
Also, servers written in are actually request handlers - every time a request comes, the whole app is reinitialized, because it just can’t hold its state in memory. In many apps every request means reinitializing connection with database. If you want to keep some state, you have to use some caching mechanism like redis or memcached.
Also had one time when Symfony app was crashing, because someone forgot to close class braces, and everything was “working” until some part of code didn’t like it and was just dying without any error.
And one time when someone put two endlines after php closing tag at the end of the file, confusing the entire php interpreter into skipping some lines of code - also without warning, and only in specific php version.
Honestly, if you work in a shell a lot, learning vim is a great investment. You’re gonna fly through files editing them faster than with any IDE.
Lockfile contains exact state of the npm-managed code, making it reproducible exactly the same every time.
For example without lockfile in your package.json you can have version 5.2.x. In your working directory, you use 5.2.1, however on repo, 5.2.2 has appeared, matching your criteria. Now let’s say a new bug appeared in 5.2.2.
Now you have mismatched vendor code, that can make your code behave differently on your machine, and your coworker’s machine, making you hunt for bug that wasn’t even on your side.
Lockfile prevents that by saving an actual state of vendor code.
The way I use it is ‘undefined’ is literally undefined (not set), but null means no value - explicitly.
I actually had to refactor configuration module some time ago. These really came in handy. But was it worth it? Well… it saved some time, the time that could be used to debug problems manually, but it made me a lot more confident that the functionality that worked before, worked after.
95%? More like 99.999%, considering how many Wordpress sites are there.
And in many of these 0.001% cases, simple horizontal scaling would do the trick.
And if you need more than that, just use something that can work on the edge.
It is better than in most languages with exceptions, except from languages like Java, that require you to declare that certain method throws certain error.
It’s more tedious in Go, but at the end of the day it’s the same thing.
When I use someone else’s code I want to be sure if that thing can throw an error so I can decide what to do with it.
Software engineering nowadays is really complex. There is no way you’re going to know what’s going on, nobody is.
It’s just the more experience you have, the easier it is to figure out what’s going on. If you want to learn coding, just start coding.
I will start from something no one mentioned - start with Linux. Windows has its own very “special” ways of compiling stuff, while Linux is very simple. If you start on Windows, you’ll probably use IDE which will set up everything for you (cause setting up thing in Windows is messed up), and it will still be a black magic for you how the code transforms into binary.
Many people recommend python, but I would start with C (not C++, C++ sucks). It will give you the understanding of basic concepts like memory management.
Then start using something like javascript, which will get you wide range of libraries, which you can use to build anything.
Then at the end learn how infrastructure works, how are services communicating with each other, how to put your server to the public, learn Docker, set up reverse proxy, run stuff in cloud.
You can just as easily have keylogger running in backround as clipboard sniffer.
Browsers don’t have permission to read clipboard, just change them (unless you specifically give them permission to read it).
As you can see no benefits not using PM. It’s in fact safer, because if databade with non-hashed passwords leaks, your password doesn’t because it’s different for every service.
Markdown has code blocks with syntax highlighting.
https://www.markdownguide.org/extended-syntax/#syntax-highlighting
Except age rating is a joke - especially 18+. I get that many games are violent, contain sex scenes, drugs etc., but in my eyes 18 is a barrier when you become responsible for your actions, which would imply playing 18+ games is dangerous like alcohol and cigarettes, while it’s just a PEGI’s way of saying “Somebody said fuck several times”.
Like Witcher 3 obviously fits into 18+, but not because it’s should be 18+, but we got used to these games being 18+. At the age of 14 in school I was required to read Sapkowski’s novels, but god forbid you play Witcher 3.
Ah yes, perfect data format, where markup takes more space than the actual data.