10,000 Matching Annotations
  1. Mar 2023
    1. But getting codes by phone turns out not to be not very secure at all. A vulnerability in SMS messaging is that crooks can reroute text messages(Opens in a new window).
    2. Unlike the other apps listed here, Authy requires your phone number when you first set it up. We're not fans of this requirement, since we’d rather have the app consider our phones to be anonymous pieces of hardware; and some have suggested that requiring a phone number opens the app up to SIM-card-swap fraud.
    3. 2FAS doesn't need your phone number or even require you to create an online account, so it's not susceptible to SIM-swapping fraud.
    1. The lack of interoperability among hardware and software technology vendors has been a limiting factor in the adoption of two-factor authentication technology. In particular, the absence of open specifications has led to solutions where hardware and software components are tightly coupled through proprietary technology, resulting in high-cost solutions, poor adoption, and limited innovation.
    1. The verifier MUST NOT accept the second attempt of the OTP after the successful validation has been issued for the first OTP, which ensures one-time only use of an OTP.
    2. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations.
    1. It is also used to migrate existing clients using direct authentication schemes such as HTTP Basic or Digest authentication to OAuth by converting the stored credentials to an access token.
    1. On my ZE620KL nothing worked, many tries, I waited a few days and it didn't work. Even changing the rom for an official Asus rom (without root) the app kept saying that the device is not safe. It only started to allow contactless payment after relocking the bootloader. I believe that in my case, gpay did not work by detecting the unlocked bootloader. Edit The device passed all tests, safenet, Google protect, basic, CTS (with root). but it still only worked after relocking the bootloader

      .

    1. Finding good names is quite difficult. Single words are also almost always better than combined names, even though one is a bit limited with single words alone. There are exceptions though. For example .each_with_index or .each_index are good names, IMO.
    1. And, my kids learned all about the inner workings of the car in areas that are usually hidden. This was an exhilarating accomplishment, and a triumph of a homeschool project. I hope to do more with the kids over the years so that they have practical life skills, and I encourage other parents to work with their children to fix the family car.
    2. I am not a mechanic, but I like to dabble in fixing whatever is at hand, especially when it saves our family money.
    1. Why is it, then, that although publicly is far more common as the adverbial form of public than publically, the ratio of usage has diminished? Publically is becoming more common for the same reason that people write irregardless in place of regardless or write “diffuse the situation” instead of “defuse the situation” or “all of the sudden” rather than “all of a sudden”: evolution. Language is, in a sense, alive, and just as life itself evolves, so does language—but note that the primary definition of evolution is not “improvement”; it simply means “change.” And how does language change? The change is modeled: New words are coined, or new senses of existing words develop (or new spellings or new forms occur), because someone, somewhere acts to make it so, and the evolution goes viral.
    2. First, dictionaries are not arbiters of highly literate writing; they merely document usage. For example, irregardless has an entry in many dictionaries, even though any self-respecting writer will avoid using it—except, perhaps, in dialogue to signal that a speaker uses nonstandard language, because that is exactly how some dictionaries characterize the word. Yes, it has a place in dictionaries; regardless of that fact, its superfluous prefix renders it an improper term.

      what to call these words? illiterate words?

    1. Ultra-high frequencies typically offer better range

      better range for bad actors to try to steal the data from my tag?

    2. Does the EDL/EID card transmit my personal information? No. The RFID tag embedded in your card doesn't contain any personal identifying information, just a unique reference number.

      Can this unique reference number be used to identify me (assuming they've already identified me another way and associated this number with me)? Yes!!

      So this answer is a bit incomplete/misleading...

    1. Code your own template with HTML, or use our markup language MJML, the only framework that makes creating responsive designs easy.
    1. What are transactional emails? Typically any email that is triggered by or sent automatically from your application.
    2. Welcome emails Actionable emails Password resets Receipts Monthly invoices Support requests App error alerts Reminders etc.
    1. for instance, when the recipient’s address is full (a soft bounce: just wait and re-send) or worst, when it’s non-existent (a hard bounce: you need to remove the account from your list)
    1. As an aside, I think I now prefer this technique to Python for at least one reason: passing arguments to the decorator method does not make the technique any more complex. Contrast this with Python: <artima.com/weblogs/viewpost.jsp?thread=240845>
    2. When you call 'foo' in Ruby, what you're actually doing is sending a message to its owner: "please call your method 'foo'". You just can't get a direct hold on functions in Ruby in the way you can in Python; they're slippery and elusive. You can only see them as though shadows on a cave wall; you can only reference them through strings/symbols that happen to be their name. Try and think of every method call 'object.foo(args)' you do in Ruby as the equivalent of this in Python: 'object.getattribute('foo')(args)'.
    3. def document(f): def wrap(x): print "I am going to square", x f(x) return wrap @document def square(x): print math.pow(x, 2) square(5)
    1. I am a developer, and we are developing the app for the customer, that will not publish through the google play store. But when we distribute the app to the customer, customer get that error. I want to avoid that alert of the Play stored.I want to understand, exactly which security concern has been break by my app.
    1. The benefits of getting administrative privileges over an open-source OS like Android stands aplenty. Among them, it’s the ability to flash modules and tweaks that is at the top of the priority queue, However, this is just one side of the coin. Rooting has its own downsides as well, the primary among them is the fact that SafetyNet getting triggered.
    1. Google has had the ability to harden SafetyNet checks using hardware-backed key attestation for several years now. The fact that they refrained to do so for 3 years has allowed users to enjoy root and Magisk Modules without sacrificing the ability to use banking apps. However, it seems that Magisk's ability to effectively hide the bootloader unlock status is soon coming to an end. It's a change that we've expected for years, but we're sad to see it finally go into effect.
    1. Fortunately, topjohnwu has been given the green light to continue developing Magisk, but this approval is contingent on the project dropping support for its root hiding feature called MagiskHide.

      .

    1. For people like me, who believe that accessibility applies to all users, the following two words come to mind: Inclusive design. The British Standards Institute (2005) defines inclusive design as "The design of mainstream products and/or services that are accessible to, and usable by, as many people as reasonably possible..."

      inclusive design

    1. Conversations are collections of messages that all have the same Subject. When "conversation mode" is on, searches return entire conversations as results. So what should gmail search do if a conversation contains both a message that matches, and a message that does not match your search? You are probably expecting it to return conversations only if all messages in that conversation match. But that is not correct. Instead, Gmail search will return conversations even if only a single message in that conversation matches. So that means that if you do the same search above with "conversation mode" on, the results are likely to include messages that do not match your search!
  2. Feb 2023
    1. I am a software engineer, canoeist, gardener and and all-round tinkerer. I got into software because of my curiosity about how things work. I kept asking “why” until I eventually found myself doing it for a job. I love the range of work I get to do as an engineer. My work often focuses on performance improvements and coaching teams in code design choices. I value thoughtful communication that amplifies marginalized voices in the workplace.
    1. As a general practice, it seems like gems should remain compatible with current/recent versions of their dependencies. Otherwise, if you have 2 gems in your project that depend on faraday, and one of those is locked to faraday 0.17.6, and the other requires at least 2.x, then you have a problem...
    1. Note though, that this only works when you're already using git for your dependency

      I was trying to figure out why it wasn't working for me. This was probably the reason.

      So if you just have gem 'rack', it just silently has no effect.

      It seems like it should just work either way. Or at least give a warning/error if you try to use this config and it's not going to use that config!

    1. The official Bambora Ruby library is not thread-safe. This means you will run into errors when using it with Sidekiq or Puma. This gem is a thread-safe client for the Bambora and Beanstream APIs.
    1. Forwarding will always break emails specially in Outlook as it adds it's own code before composing. You can have a forward link on emails which takes you to a page to forward to a friend or you can go with a broken email when it's forwarded. It's harsh I know but there is no way around it.
    1. It used to be a lot more common for people to have work and personal phones before the internet made it possible for work to take over every aspect of your day to day life.
    1. Its outlooks rubbish filtering system. They have "AI" rules that look at the sending ip address for reputation. They score you on user reportsand lots of other bits they will not tell you about. Make sure you have SPF, DMARC, DKIM, and sign up for their JMRP and SDNS they will tell you. But it still is a game of cat and mouse. Its a slippery slope and even Microsoft trap their own mail to their own outlook users. PITA, to be honest and luckily we managed to get a mitigation to the issue. However some users in different domains still complain of email going to JUNK. Go figure. I hate having to work on issues with Outlook.com. They themselves send out spam and have the audacity to block well configured SMTP senders. I wish you luck. You will need it.
    1. But, since they'll automatically encode in rich text if there are any HTML tags placed in the message by the device itself, putting a single space (&nbsp) in the signature via the mail app itself, and then bold/italic-izing said space makes it work.
    1. The issue is that Mail isn't behaving as expected. If I tell it to always send messages as Rich Text I expect it to send them as Rich Text no matter what. Instead, sometimes it will send out emails as plain text. This is clearly an issue with Mail. If, for example, you tell your word processor of choice, be it Pages, LibreOffice or Word, to save all your documents as ODF files you expect it to do so no matter what and not to automatically revert to TXT files for documents that you haven't formatted yet without giving you proper notice, thereby preventing you from ever formatting those particular documents in the future.

      software that thinks it knows better than you

      software doing things without giving you notice

    1. Rack::Session was moved to a separate gem. Previously, Rack::Session was part of the rack gem. Not every application needs it, and it increases the security surface area of the rack, so it was decided to extract it into its own gem rack-session which can be updated independently.
    1. The reason is Rails only reads and creates the session object when it receives the request and writes it back to session store when request is complete and is about to be returned to user.
    2. Session race conditions are very common in Rails. Redis session store doesn't help either! The reason is Rails only reads and creates the session object when it receives the request and writes it back to session store when request is complete and is about to be returned to user.
    1. As you can see from the example, the session cookie is updated on every request, regardless of if the session was modified or not. Depending on when the response gets back to the client last, thats the cookie that will be used in the next call. For example, if in our previous example, if get_current_result’s response was slower than get_quiz, then our cookie would have the correct data and the next call to update_response would of work fine! So sometimes it will work and sometimes not all depending on the internet gods. This type of race condition is no fun to deal with. The implications of this is that using cookie storage for sessions when you are doing multiple ajax call is just not safe.
    2. A better solution would be to use a server side session store like active record or memcache. Doing so prevents the session data from being reliant on client side cookies. Session data no longer has to be passed between the client and the server which means no more potential race conditions when two ajax are simultaneously made!
    1. If you already have an instance of your model, you can start a transaction and acquire the lock in one go using the following code: book = Book.first book.with_lock do # This block is called within a transaction, # book is already locked. book.increment!(:views) end
    1. Event Replay: If we find a past event was incorrect, we can compute the consequences by reversing it and later events and then replaying the new event and later events. (Or indeed by throwing away the application state and replaying all events with the correct event in sequence.) The same technique can handle events received in the wrong sequence - a common problem with systems that communicate with asynchronous messaging.
    1. As our needs become more sophisticated we steadily move away from that model. We may want to look at the information in a different way to the record store, perhaps collapsing multiple records into one, or forming virtual records by combining information for different places. On the update side we may find validation rules that only allow certain combinations of data to be stored, or may even infer data to be stored that's different from that we provide.
    1. If you haven't seen it yet, check out the PinePhone Pro and its docking station. Much like the Steam Deck's docking station, it plugs the phone into a monitor, keyboard, and mouse to turn your phone into a PC.
    2. When Ubuntu was confronted with making Debian user friendly, the issue was speeding up software updates. Manjaro has the opposite issue with Arch and is handling it appropriately.
    1. B/ Mainline kernel offers many ways to increase desktop responsiveness without the need to patch or reconfig it. Many tweaks can be activated using the cfs-zen-tweaks you can download and just run but I would advise you just read the very simple code and learn how each of the tweaks impact. Don't hesitate to lower the priority of your cpu-bound processes (compilations, simulations...) and increase the priority of your interactive tasks thanks to the renice command and even change their scheduling policy using chrt Ultimately, you can always pin interrupts to dedicated cpus (setting desired values in /proc/irq/[irq_id]/smp_affinity) , having one in charge of the keyboard and the mouse, another one for the graphic adaptor a third one for the sound card and a fourth one housekeeping for all the possible remaining. Just plenty of solutions left opened without changing a byte in your distro-kernel.
    1. Sure, eagerly failing loudly would be better also. The outcome is still the same - you wouldn’t be able to do the thing you want, you just would be informed faster.
    2. deleting user files without being asked for is by far an "unsafe in nonzero scenarios" decision, no program should do it. The sane option is to refuse working and/or display a visible warning explaining why.
    3. There should thus be an option to give npm a list of vulnerability IDs (CVEs etc.) that it does not need to defend because the admin has decided it does not apply to their edge case.

      should be optional

    1. If the answer to this is "no" with some set of reasons, that's a perfectly reasonable outcome.
    2. The intent of this RFC is to do that - propose a solution. I do not expect that this solution will go through unanimously and unchanged, but I'd like to get something up that can be talked about and addressed both by the ecosystem and by those thinking about Security in the registry and CLI.
    3. There's been an interest expressed in the ecosystem of having some form of counterclaim for advisories surfaced by npm audit. There's been some discussion of a potential counterclaim mechanism for some time, but I've not seen a solution proposed.
    1. Scaling a single VCS to hundreds of developers, hundreds of millions lines of code, and a rapid rate of submissions is a monumental task. Twitter’s monorepo roll-out about 5 years ago (based on git) was one of the biggest software engineering boondoggles I have ever witnessed in my career. Running simple commands such as git status would take minutes. If an individual clone got too far behind, it took hours to catch up (for a time there was even a practice of shipping hard drives to remote employees with a recent clone to start out with). I bring this up not specifically to make fun of Twitter engineering, but to illustrate how hard this problem is. I’m told that 5 years later, the performance of Twitter’s monorepo is still not what the developer tooling team there would like, and not for lack of trying.
    2. In very large code bases, it is likely impossible to make a change to a fundamental API and get it code reviewed by every affected team before merge conflicts force the process to start over again.
    3. Developers are faced with two realistic choices. First, they can give up, and work around the API issue (this happens more often than we would like to admit).
    1. One approach to avoiding this kind of problem is regression testing. A properly designed test plan aims at preventing this possibility

      The antecedent of "this possibility" is unclear. (Perhaps it used to be clear and then someone else made an edit and added a sentence in between?)

    1. Capybaras ancestor and sibling methods are called on an element and take the same parameters as find. They are implemented by locating all elements that match the passed in parameters and intersecting that with the set of ancestor or sibling elements respectively.
    1. Apple can afford to make user privacy a priority AND be very strict about cookies because its revenue does not strongly depend on advertising.
    1. Discolored doesn't answer any questions like why the color is gone, why it's your job to fix them or how you even can, or why the player should even care about fixing the color; Discolored just tells you to do it.
    1. eBay got jealous when Dan’s site began to grow in leaps and bounds and made him change his name to Bricklink two years later.

      Can they really do that? The name seems different enough?

    1. [Episode!]! represents an array of Episode objects. Since it is also non-nullable, you can always expect an array (with zero or more items) when you query the appearsIn field. And since Episode! is also non-nullable, you can always expect every item of the array to be an Episode object.

      Note that this still allows an empty array, []. It only disallows: null and [null].

    1. So, when fighting, one should fix one's eyes firmly on the target with only one idea in mind, that of attacking the enemy most simply and directly.

      .

    2. Having excessive ideals with regard to fighting will cause one to be far too nervous. Wing Chun theory is flawless indeed if one can accomplish it absolutely, but a theory is only just a theory, never can a person reach such a state of perfection, human beings are all apt to make mistakes at some time or another.

      no one is perfect

    3. We welcome your feedback on the accessibility of this site. If you have specific questions or feedback about this site's accessibility or need assistance using specific features, please contact us. If you have found an inaccessible area on the site, please specify the web page or element, and provide any other relevant information to help us locate the problem.  In the event a page cannot be made accessible, we will work with you to make a text version of the content available. Please contact us via telephone or email to request a specific electronic format. Additionally, please provide us with your contact information, the format you require, the web page address, and the location of the content. We welcome your questions about this accessibility statement and comments on how to improve our website's accessibility.  
    1. Strip unsafe tags, leaving behind only the inner text. Prune unsafe tags and their subtrees, removing all traces that they ever existed. Escape unsafe tags and their subtrees, leaving behind lots of < and > entities. Whitewash the markup, removing all attributes and namespaced nodes.
    2. It includes some nice HTML sanitizers, which are based on HTML5lib's safelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.)
    1. You can simulate a pre-checkout git hook:
    2. Result of lots of searching on net is that pre-checkout hook in git is not implemented yet. The reason can be: There is no practical use. I do have a case It can be achieved by any other means. Please tell me how? Its too difficult to implement. I don't think this is a valid reason
    1. If you want a workaround for the case where you can't just replace key with a string literal, you could write your own user-defined type guard function called hasProp(obj, prop). The implementation would just return prop in obj, but its type signature explicitly says that a true result should cause obj to be narrowed to just those union members with a key of type prop: function hasProp<T extends object, K extends PropertyKey>( obj: T, prop: K ): obj is Extract<T, { [P in K]?: any }> { return prop in obj; } and then in your function, replace key in a with hasProp(a, key): function f3(a: A) { const key = 'b'; if (hasProp(a, key)) { return a[key]; // okay } return 42; }
    1. The variable x initially has the type unknown: the type of all values. The predicate typeof x === "number" extracts dynamic information about the value bound to x, but the type-checker can exploit this information for static reasoning. In the body of the if statement the predicate is assumed to be true; therefore, it must be the case the value bound to x is a number. TypeScript exploits this information and narrows the type of x from unknown to number in the body of if statement.
  3. Jan 2023
    1. Do Not Post About Commercial Products For support of commercial themes or plugins, go to the official support channel. In order to be good stewards of the WordPress community, and encourage innovation and progress, we feel it’s important to direct people to those official locations. Doing this will provide the developer with the income they need to make WordPress awesome. Forum volunteers are also not given access to commercial products, so they would not know why a commercial theme or plugin is not working properly. Ultimately, the vendors are responsible for supporting their commercial product. If you are a vendor and observe someone asking questions about your paid plugin or theme, please direct them towards your own support resources.
    1. As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center. – Community Bot

      How can a bot judge that the answer is unclear?

      Why doesn't it also suggest what about it is unclear and suggestions for improving it while it's at it?

    1. Mailgun is primarily a developer’s tool so the best way use Mailgun is through our APIs.

      developers first API first

    1. Do not separate numbers from letters on symbols, methods and variables.

      Okay... Why not?

    2. These words are redundant and inconsistent with the style of boolean methods in the Ruby core library, such as empty? and include?.
    1. click_link('Create Account', match: :first) It's better than first(:link, 'Create Account').click as it will wait till at least one Create Account link will appear on the page. However I believe it's better to choose unique locator that doesn't appear on the page twice.
    1. Since Rails creates callbacks for dependent associations, always call before_destroy callbacks that perform validation with prepend: true.
    1. This depends on the ruby code. Some projects will be semi-dormant due to various reasons. That's for us to address as a community. Are we going to let a single decade-old gem prevent us from moving Ruby forward? What's the threshold? There's libraries out there that don't work on Ruby 1.9. We left them behind or replaced them. And are people depending on a gem that's unmaintained really going to be the ones to jump on Ruby 3.0 the day after Christmas 2020? This is also still supposition. Name some gems that are unmaintained and in wide use. We can fix them! We have the technology! In my opinion, if matz's objective is to make the transition to ruby 3.0 simple, then it actually makes a lot of sense to postpone frozen strings by default. Postpone until when? 3.1? So then 3.1 will be the hard break? They've been discussed for what, ten years now? How long is long enough? We've added many ways for people to start transitioning to immutable literal strings, and people are using those mechanisms widely. We've pushed this transition a long time, and we still have another year until 3.0 is out and longer than that until people will need to make a move. What is the threshold for being "ready" to make this change? Unless we're planning to wait until Ruby 4.0 in 2030 to do this, I think we should do it now. I use frozen strings in most of my ruby projects, most of them set to true via the toplevel comment, so either way, it would not affect me. Exactly. Most people already do use frozen string literals. And adding a pragma means we can transition troublesome code to the new way with a single line per affected file. Heck, we can even add --enable:mutable-literal-string for people that are stuck with some of that old unmaintained code, allowing them to have a soft landing.
    2. I guess the interaction between the "false" state and the current runtime default is what has me confused. I see "true" and "false" here more like "on" and "off", and if frozen-string-literal is off, to me that means it does nothing at all and whatever defaults are in place take effect.
    3. I'm still against frozen-string-literal by default. It is arguable if the string creation limits performance so much in real-world programs. We need to first measure how much Ruby can be faster by frozen-string-literal. If it is not significant, Ruby should prefer dynamics and flexibility.
    1. because most languages treat strings as immutable, which helps ensure you don't accidentally modify them and can improve performance. Fewer state changes in a program mean less complexity. It's better to opt-in to mutability after careful consideration rather than making everything mutable by default. What is immutability and why should I worry about it? may help.
    1. Until we release 2.0 you should continue to use 1.6.4, which can be found at bblimke/webmock.

      https://github.com/bblimke/webmock is at 3.18.1 so this repo is apparently abandoned and should be archived

    1. bundle update rails-controller-testing --conservative. The –conservative flag says when updating this gem do no update any of its dependencies. Using the –conservative flag with bundle is really useful for minimizing changesets as well as avoiding upgrading things that you don’t need to upgrade.
    1. Judge Domino is a game in which players judge if toppling a line of dominoes will succeed or fail. Players take turns adding to the line, but to score points, you must make others think that the toppling will fail. Can you baffle other players' judgment?
    1. There's a fundamental error in your question: commits are not diffs; commits are snapshots. This might seem like a distinction without a difference—and for some commits, it is. But for merge commits, it's not.
    2. For ordinary commits, it's trivially obvious what to compare: compare this commit's snapshot to the previous (i.e., parent) commit's snapshot. So that is what git show does (and git log -p too): it runs a git diff from the parent commit, to this commit. Merge commits don't have just one parent commit, though. They have two parents.1 This is what makes them "merge commits" in the first place: the definition of a merge commit is a commit with at least two parents.
  4. datatracker.ietf.org datatracker.ietf.org
    1. If the client knows the access token expired, it skips to step (G); otherwise, it makes another protected resource request.

      It doesn't have to wait until it gets an invalid token error. It can independently be checking the expiration time before making a request, and if it sees that it has expired, don't even bother making the request, just skip directly to using the refresh token.

    2. Figure 2: Refreshing an Expired Access Token
    3. Unlike access tokens, refresh tokens are intended for use only with authorization servers and are never sent to resource servers.

      Interesting observation...

    1. ou play a level of one hole and then move onto the next stage to play another hole.

      onto -> on to

    1. belongs_to does not ensure reference consistency, so depending on the use case, you might also need to add a database-level foreign key constraint on the reference column, like this: create_table :books do |t| t.belongs_to :author, foreign_key: true # ... end
    1. class String alias strip_ws strip def strip chr=nil return self.strip_ws if chr.nil? self.gsub /^[#{Regexp.escape(chr)}]*|[#{Regexp.escape(chr)}]*$/, '' end end
    2. No, in Python "[ [] foo [] boo [][]] ".strip(" []") returns "foo [] boo".

      I would have expected it would remove the string " []", not the occurrences of any of the characters within the string...

    3. There is no such method in ruby, but you can easily define it like: def my_strip(string, chars) chars = Regexp.escape(chars) string.gsub(/\A[#{chars}]+|[#{chars}]+\z/, "") end
    4. wer lesen kann, ist klar im Vorteil
    1. And misunderstandings so easily occur here, when we're talking about encodings, but not those encodings, the other encoding, which is really charset. And it's especially hard because you can't visually tell the difference and in so many cases everything still works even though it is wrong.
    1. Did you see the rest of my post too? If you are reading the replies only in email, don't. Visit the forum and open the thread. Because when we edit a post, you don't receive the modification by email, only the initial post. I added few things to my last one...
    1. Nice try, but it's still full of exceptions. To make the above jingle accurate, it'd need to be something like: I before e, except after c Or when sounded as 'a' as in 'neighbor' and 'weigh' Unless the 'c' is part of a 'sh' sound as in 'glacier' Or it appears in comparatives and superlatives like 'fancier' And also except when the vowels are sounded as 'e' as in 'seize' Or 'i' as in 'height' Or also in '-ing' inflections ending in '-e' as in 'cueing' Or in compound words as in 'albeit' Or occasionally in technical words with strong etymological links to their parent languages as in 'cuneiform' Or in other numerous and random exceptions such as 'science', 'forfeit', and 'weird'.
    1. The Templates API allows you to store, version, duplicate, and delete any templates on your account.

      Duplicate? How do you duplicate? We want this ability,but could not find it.

    1. Because endpoints are URLs, you can – and should – monitor them to ensure they stay online. When talking about online services and websites, you’ll often hear the word “uptime”. This is the percentage of time your application stays up – in other words, the percentage of time your app is accessible and functioning. Outages and performance errors will lower your overall percentage.Monitoring your endpoints also gives you metrics on which endpoints are being accessed and what types of API calls developers are making. This can help you track user behavior, and gain insight into which endpoints are highly trafficked so you can maintain your performance.
    2. As an email service provider (ESP), Mailgun’s API support is all about programmatic solutions to make your email program more efficient and successful at scale. Our email API is a specific type of API that you can use to connect your web app or platform to an ESP to use its features within your own application.
    1. The array subscript numbers are written within square brackets. By default PostgreSQL uses a one-based numbering convention for arrays, that is, an array of n elements starts with array[1] and ends with array[n].
    1. You can use ActiveRecord::Tasks::DatabaseTasks.structure_dump_flags to configure pg_dump. For example, to exclude comments from your structure dump, add this to an initializer: ActiveRecord::Tasks::DatabaseTasks.structure_dump_flags = ['--no-comments']
    1. with a low level understanding of computing and tech

      Does "low level" here mean "not much" or a lot (he's familiar with the low level of these technologies)?

    1. I was very surprised to discover that Finder has no native SFTP integration. As an everyday Gnome user, it is unbelievable to me, how this can even be
    1. The best way to learn common table expressions is through practice. I recommend LearnSQL.com's interactive Recursive Queries course. It contains over 100 exercises that teach CTEs starting with the basics and progressing to advanced topics like recursive common table expressions.