Moreover, social logins are often implemented in an insecure way. Users, in this case, have to trust every application which implemented this feature to handle their identifier confidentially.

One more example of a simple approach to this that might help a lot too is add a PORO generator. It could be incredibly basic - rails g poro MyClass yields class MyClass end But by doing that and landing the file in the app/models directory, it would make it clear that was the intended location instead of lib.

So then they put it into lib only to find that they have to manually require it. Then later realize that this also means they now have to reboot their server any time they change the file (after a painfully long debugging time of "why what aren't my changes working?", because their lib folder classes are now second-class citizens). Then they go down the rabbit hole of adding lib to the autoload paths, which burns them because rake tasks then all get eager loaded in production. Then they inevitably realize anything inside app is autoloaded and make an app/lib per Xavier's advice.

I think the symmetry of the naming between lib and app/lib will lead a fresh Rails developer to seek out the answer to “Why are there two lib directories?", and they will become illuminated. And it will prevent them from seeking the answer to “How do I autoload lib?” which will start them on a rough path that leads to me advising them to undo it.

In API design, exceptional use cases may justify exceptional support. You design for the common case, and let the edge case be edge. In this case, I believe lib deserves ad-hoc API that allows users to do exactly that in one shot:

it should provide one task only and do it well

UNIX philosophy: Do one thing and do it well!

In recent git versions, git restore is supposed to be a "better" way to revert undesired local changes than the overloaded checkout. Great, that sounds reasonable - a nice simple purpose-built tool for a common operation.

We now take an opinionated stance on which second factor you should set up first – you'll no longer be asked to choose between SMS or setting up an authenticator app (known as TOTP), and instead see the TOTP setup screen immediately when first setting up 2FA.

I have yet to see a Snapd or Flatpak build of Audacity that I'm happy with. Those builds are beyond our control as they are made by 3rd parties. I do find it mildly annoying that Flatpak direct users that have problems with their builds to us.

If a contact ever reaches out and is no longer receiving messages because they accidentally marked one of your campaigns as spam, you can reach out to Product Support. We can remove them from the suppression list for you. 

Let’s say the recipient is considering unsubscribing. He or she may be too busy to search through the email to find the unsubscribe link, so he or she just clicks “Report as SPAM” to stop the emails from coming. This is the last thing any marketer wants to see happen. It negatively impacts sender reputation, requiring extra work to improve email deliverability. With the list-unsubscribe header, you will avoid getting into this kind of trouble in the first place.

In v3, svelte-preprocess was able to type-check Svelte components. However, giving the specifics of the structure of a Svelte component and how the script and markup contents are related, type-checking was sub-optimal. In v4, your TypeScript code will only be transpiled into JavaScript, with no type-checking whatsoever. We're moving the responsibility of type-checking to tools better fit to handle it, such as svelte-check, for CLI and CI usage, and the VS Code extension, for type-checking while developing.

Good commit hygiene is considered a best practice. GitLab should encourage and enable these kinds of best practices. This feature currently creates a problem and requires workarounds that remove information, or significant manual work.

highly recommended that the resulting image be just one concern per container; predominantly this means just one process per container, so there is no need for a full init system

Doing everything PID 1 needs to do and nothing else. Things like reading environment files, changing users, process supervision are out of scope for Tini (there are other, better tools for those)

This breaks the TIMTOWTDI rule

I'm afraid you missed the joke ;-) While you believe spaces are required on both sides of an em dash, there is no consensus on this point. For example, most (but not all) American authorities say /no/ spaces should be used. That's the joke. In writing a line about "only one way to do it", I used a device (em dash) for which at least two ways to do it (with spaces, without spaces) are commonly used, neither of which is obvious -- and deliberately picked a third way just to rub it in. This will never change ;-)

The language was designed with this idea in mind, in that it “doesn't try to tell the programmer how to program.”

This motto has been very much discussed in the Perl community, and eventually extended to There’s more than one way to do it, but sometimes consistency is not a bad thing either (TIMTOWTDIBSCINABTE, pronounced Tim Toady Bicarbonate).[1] In contrast, part of the Zen of Python is, "There should be one— and preferably only one —obvious way to do it."

After the first week of the campaign, we realized what are the main problematic pillars and fixed them right away. Nevertheless, even with these improvements and strong support from the Gamefound team, we’re not even close to achieving the backer numbers with which we could safely promise to create a game of the quality we think it deserves.

First and foremost, we need to acknowledge that even though the funding goal has been met–it does not meet the realistic costs of the project. Bluntly speaking, we did not have the confidence to showcase the real goal of ~1.5 million euros (which would be around 10k backers) in a crowdfunding world where “Funded in XY minutes!” is a regular highlight.

If anyone can completely refactor the JSON Schema description for OpenAPI v3.0 to accurately describe the schema in all its glory, without using this new keyword, then please do so, but I would kindly ask you to test the theory first.

This option wasn’t offered by the library, but that doesn’t have to stop us. Isn’t that fun?

5.5 Logic, reason, and common sense are your best tools for synthesizing reality and understanding what to do about it.

All this hoopla seems out of character for the sedate man who likes to say of his work: ''Whatever I did, there was always someone around who was better qualified. They just didn't bother to do it.''

Making MoneySerializer reloadable would be confusing, because reloading an edited version would have no effect on that class object stored in Active Job.

Indeed, if MoneySerializer was reloadable, starting with Rails 7 such initializer would raise a NameError.

I am open to discussion but I don't want to jump on the conclusion.

The biggest reason is that we still have several options, so I didn't want to restrict the future possibility.

if you put the reactive statement $: validate(inputValue); after the function updateInputValue declaration, it's working as expected:

Installing a sanitary tee and wye drain, or any multi-outlet drainage fitting requires basic plumbing knowledge. Once you know the basics, it is easy to install this kind of piping system without hiring outside assistance.

Users think every Webpack tool/config problem is a problem with a specific package and opens an issue asking for support on the package instead of Webpack. In the past year alone, I’ve had to deal with hundreds of Webpack issues on my repos.

Now consider we want to handle numbers in our known value set: const KNOWN_VALUES = Object.freeze(['a', 'b', 'c', 1, 2, 3]) function isKnownValue(input?: string | number) { return typeof(input) === 'string' && KNOWN_VALUES.includes(input) } Uh oh! This TypeScript compiles without errors, but it's not correct. Where as our original "naive" approach would have worked just fine. Why is that? Where is the breakdown here? It's because TypeScript's type system got in the way of the developer's initial intent. It caused us to change our code from what we intended to what it allowed. It was never the developer's intention to check that input was a string and a known value; the developer simply wanted to check whether input was a known value - but wasn't permitted to do so.

Noticed that with 100+ s, I am not alone here. There are definitely a lot of devs wanting this feature. So I took some time out and decided to give this a go myself. I have created a PR for the same

What happens when you look it up in a dictionary rather than as a phrase in Google? Google just catalogues other people's [mis-]uses

On existing projects, consider the global effort to change from origin/master to origin/main. The cost of being different than git convention and every book, tutorial, and blog post. Is the cost of change and being different worth it?

Note: Instead of storing a user’s ID in the session cookie you could store a JWT, but I’m not sure what that buys you. However, you may be using specific JWT claims that make this worthwhile.

For me the diagrams make it easier to talk about what the tests do without getting bogged down by how they do it.

When mocking is deemed profitable:

Also cross-compatibility with mail clients can be hairy, so you should see what the industry experts are doing.

A good heuristic is to not trust the libraries you did not write either.

Of course you must not use plain-text passwords and place them directly into scripts. You even must not use telnet protocol at all. And avoid ftp, too. I needn’t say why you should use ssh, instead, need I? And you also must not plug your fingers into 220 voltage AC-output. Telnet was chosen for examples as less harmless alternative, because it’s getting rare in real life, but it can show all basic functions of expect-like tools, even abilities to send passwords. BUT, you can use “Expect and Co” to do other things, I just show the direction.

But in all this incongruous abundance you'll certanly find the links to expect It's just what is wanted: the tool, which is traditionally used to communicate automatically with interactive programs. And as it always occurs, there is unfortunately a little fault in it: expect needs the programming language TCL to be present. Nevertheless if it doesn't discourage you to install and learn one more, though very powerful language, then you can stop your search, because expect and TCL with or without TK have everything and even more for you to write scripts.

“Who cares? Let’s just go with the style-guide” — to which my response is that caring about the details is in the heart of much of our doings. Yes, this is not a major issue; def self.method is not even a code smell. Actually, that whole debate is on the verge of being incidental. Yet the learning process and the gained knowledge involved in understanding each choice is alone worth the discussion. Furthermore, I believe that the class << self notation echoes a better, more stable understanding of Ruby and Object Orientation in Ruby. Lastly, remember that style-guides may change or be altered (carefully, though!).

Wasn't sure if this belonged as an issue in Devise or Rails though.

It sounds like a gnome-open (or the equivalent library call) bug. Reassigning.

Focus is better than features.

Write modules that do one thing well. Write a new module rather than complicate an old one.

Meh... as I said earlier, I think using Webpack is the recommended way now. Another issue is there is no way to generate source maps in production.

Is there a PR to... something? sassc-rails? That would make the patch not necessary? (I don't know if there's any good way to monkey-patch that in, I think you have to fork? So some change seems required...) Should the defaults be different somehow? This is very difficult to figure out.

Is there a PR to... something? sassc-rails?

I don't even know how to tell if they're working 100%, I'm getting mixed signals ..

Should it only contain link* calls?

When should I use link, vs dir, vs. tree?

but I still have no idea if I'm writing this new file correctly.

always use real <label for="correct_input"> elements. Just that alone is a UX consideration all too many forms fail on

Webshim is also more than a polyfill, it has become a UI component and widget library. Webshim enables a developer to also enhance HTML5 capable browsers with more highly customizable, extensible and flexible UI components and widgets.

Hey, that’s is an imaginary complication of our example - please don’t do this with every condition you have in your app.

For branching out a separate path in an activity, use the Path() macro. It’s a convenient, simple way to declare alternative routes

step :decide_type, Output(Activity::Left, :credit_card) => Track(:with_credit_card)

# Create the track, which would automatically create an implicit End with the same id.
Track(:with_credit_card) do
    step :authorize
    step :charge
end

class Example::ValidationErrorTrack < Trailblazer::Activity::Railway
  step :validate_model, Output(:failure) => Track(:validation_error)
  step :save,           Output(:failure) => Track(:validation_error)

  # Can't use fail here or the magnetic_to won't work and  Track(:validation_error) won't work
  step :log_validation_error, magnetic_to: :validation_error,
    Output(:success) => End(:validation_error), 
    Output(:failure) => End(:validation_error) 
end

puts Trailblazer::Developer.render o
Reloading...

#<Start/:default>
 {Trailblazer::Activity::Right} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=validate_model>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=validate_model>
 {Trailblazer::Activity::Left} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Right} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=save>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=save>
 {Trailblazer::Activity::Left} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Right} => #<End/:success>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Left} => #<End/:validation_error>
 {Trailblazer::Activity::Right} => #<End/:validation_error>
#<End/:success>

#<End/:validation_error>

#<End/:failure>

class Example::ValidationErrorTrack::VPathHelper1 < Trailblazer::Activity::Railway
   validation_error_path = Path(end_id: "End.validation_error", end_task: End(:validation_error)) do
    step :log_validation_error
  end
  step :validate_model, Output(:failure) => validation_error_path
  step :save,           Output(:failure) => validation_error_path
end

o=Example::ValidationErrorTrack::VPathHelper1; puts Trailblazer::Developer.render o
Reloading...

#<Start/:default>
 {Trailblazer::Activity::Right} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=validate_model>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=validate_model>
 {Trailblazer::Activity::Left} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Right} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=save>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Right} => #<End/:validation_error>
#<Trailblazer::Activity::TaskBuilder::Task user_proc=save>
 {Trailblazer::Activity::Left} => #<Trailblazer::Activity::TaskBuilder::Task user_proc=log_validation_error>
 {Trailblazer::Activity::Right} => #<End/:success>
#<End/:success>

#<End/:validation_error>

#<End/:failure>

step :direct_debit

While Trailblazer offers you abstraction layers for all aspects of Ruby On Rails, it does not missionize you. Wherever you want, you may fall back to the "Rails Way" with fat models, monolithic controllers, global helpers, etc. This is not a bad thing, but allows you to step-wise introduce Trailblazer's encapsulation in your app without having to rewrite it.

The new 2.1 version comes with a few necessary but reasonable changes in method signatures. As painful as that might sound to your Rails-spoiled ears, we preferred to fix design mistakes now before dragging them on forever.

The assert method is used by all the other assertions. It pushes the second parameter to the list of errors if the first parameter evaluates to false or nil.

The more important point comes from a program design perspective. Here, "programming to an interface" means focusing your design on what the code is doing, not how it does it. This is a vital distinction that pushes your design towards correctness and flexibility.

It makes me happy to see people actually think about things and not just accept a shitty API.

DSLs can be problematic for the user since the user has to manage state (e.g. am I supposed to call valid? first or update_attributes?). This is exactly why the #validate is the only method to change state in Reform.

Writing the uniqueness validations yourself is easy so I felt it was better to leave this up to the developer

Yes, you do face difficult choices (moral) but you don't care about it. All you care are the reputation bars. So... Let's kill this guy, who cares if he is innocent, but this faction needs it or I'm dead. Sounds great on paper but to be honest... you just sit there and do whatever for these reputation bars. If you won't, then you lose

that's a point, but I would say the opposite, when entering credit card data I would rathre prefer to be entirely in the Verified By Visa (Paypal) webpage (with the url easily visible in the address bar) rather that entring my credit card data in an iframe of someone's website.

Systemd flies in the face of the Unix philosophy: 'do one thing and do it well,' representing a complex collection of dozens of tightly coupled binaries

I'm very (VERY!) tempted to use that ppa, but without offense to it's maintainers... it's just some random ppa. If it had more "traction" I'd use it. Right now it has only 3 maintainers.

You should default to the most permissive option imo and there really is no reason to check anything until you really need to If it were left to me I'd just use optional chaining, as it also eliminates the need for no-ops

"Headless Tippy" refers to Tippy without any of the default element rendering or CSS. This allows you to create your own element from scratch and use Tippy for its logic only.

It's a generic abstraction for the logic and styling of elements that pop out from the flow of the document and float next to a reference element, overlaid on top of the UI.

Popper has a sole goal: position elements. That's why we call it a "positioning engine" and not a "tooltip library".

Dropped FFmpeg support (focus on primary functions instead)

Jbuilder gives you a simple DSL for declaring JSON structures that beats manipulating giant hash structures. This is particularly helpful when the generation process is fraught with conditionals and loops.

I tried leaking session and page data and indeed it's easy. Too easy. So I definitely agree that session data should not be readable from anywhere but the request itself.

it focuses on compiling non-standard language extensions: JSX, TypeScript, and Flow. Because of this smaller scope, Sucrase can get away with an architecture that is much more performant but less extensible

You can afford to make a proper PR to upstream.

No more waiting around for pull requests to be merged and published. No more forking repos just to fix that one tiny thing preventing your app from working.

Svelte makes the pit of success larger because it hides all of this from us at compile time.

So handling the interop upfront will avoid users writing invalid ES6 and make sure that they write ES6 that loads CommonJS in the right way.

If everyone did this, the repair shops would be out of business.

Used by folks at

Obviously we shouldn't rush into anything. But changes like these are best made earlier on in a project's lifecycle, so I'm eager to hear what people think so that we can start making some progress.

In principle, this information is already available through other means, but it is actually a fair amount of work to gather it in this form, and I think it could be useful to open it up to programmatic consumption.

If you have a better/simpler/"more official" solution, I'd still love to see it!

Focus on your application: forget about forms details like I'm dirty, field touched...

You can try to build a solution to tackle these issues on your own, but it will cost you time and money... why not use a battle-tested solution to handle all this complexity?

If you want to implement a form with a superb User Experience, you have to take care of many variables:

Form validation can get complex (synchronous validations, asynchronous validations, record validations, field validations, internationalization, schemas definitions...). To cope with these challenges we will leverage this into Fonk and Fonk Final Form adaptor for a React Final Form seamless integration.

Managing Form State (holding field information, check if a control has been touched, if the user has clicked the submit button, who owns the current focus...) can be tedious and prone to errors. We can get help from React Final Form to handle these challenges for us.

But it sounds like the library could use some way to setTouched()

Modules from the following layer can require anything from all the previous layers, but not vice versa.

Any software that makes HTTP requests to other sites should make it straightforward to enable the use of a cache.

Wondering how to get field state from multiple fields at once? People coming from Redux-Form might be wondering where the equivalent of Redux Form's Fields component is, as a way to get state from several fields at once. The answer is that it's not included in the library because it's so easy to write one recursively composing Field components together.

formvalidation: path.resolve

import luhn from 'formvalidation/algorithms/luhn';

I'm okay with an overall design that allows people to plugin the parts they need in order to be able to generically support a compile-to-javascript language, but to bake in support for one singular solution because its popular is simply bad engineering.

Of all the compile-to-languages, the one that strikes me as having the least merit is JSX. It's basically a ton of added complexity for the sake of what boils down to syntax. There are no real gains in terms of language semantics in JSX.

Furthermore, JSX encourages bad non-dry code. Having seen a lot of JSX over the past few months, its encourages copypasta coding.

I'm suggesting there should be a way to write lifecycle related code that also responds to changing props, like how useEffect works. I think how React handles this could be a good source of inspiration.

It provides several capabilities that are difficult to achieve with React alone, while being compatible with the newest features of React.

Disclaimer: I’m new to Svelte so this isn’t so much a recommendation as it is a “I guess this is a way to do it 🤷‍♂️”

but everything they were doing started to make sense

React does not attempt to provide a complete "application library". It is designed specifically for building user interfaces[3] and therefore does not include many of the tools some developers might consider necessary to build an application.

Rollup also does something very different compared to the other bundlers. It only tries to achieve one simple goal: Bundle ES modules together and optimise the bundle.

Luckily, there is absolutely no good reason not to use strict mode for everything — so the solution to this problem is to lobby the authors of those modules to update them.

DX: start sapper project; configure eslint; eslint say that svelt should be dep; update package.json; build fails with crypt error; try to figure what the hell; google it; come here (if you have luck); revert package.json; add ignore error to eslint; Maybe we should offer better solution for this.

When the message say function was called outside component initialization first will look at my code and last at my configuration.

There are work arounds, but nothing clean. I just feel like this should be functionality that should be part of the slot feature.

Lets not extend the framework with yet another syntax

I totally get not wanting to extend the syntax. I tried doing these things and in practice it was not easy or pretty. Actions provide a much cleaner and easier way to accomplish a certain set of functionality that would be much more difficult without it.

You must: reference each element you are extending using refs or an id add code in your oncreate and ondestroy for each element you are extending, which could become quite a lot if you have a lot of elements needing extension (anchors, form inputs, etc.)

The feature is highly likely to be implemented, the API and implementation are the only real topics of discussion right now.