> To me it has become a bit of a meme that you always end up in this old-issue flow: I want to do X -> Try it -> Run into an issue -> Search for solution -> Find an official bugreport that is 3-8y old.
That's been my experience as well and, in fact, it was totally a meme at my former client! See also my comment in another recent thread: https://news.ycombinator.com/item?id=46296816
> It's CICD syntax is a breeze for the most part too
Hard disagree. Gitlab CI, while more powerful than some alternatives, is so so bad, its YAML-based syntax included. As I said in another thread[0]:
> I worked with Gitlab CI on the daily from 2021 till 2024 and I started curating a diary of bugs and surprising behavior I encountered in Gitlab.
No matter what I did, every time I touched our CI pipeline code I could be sure to run into yet another Gitlab bug.
Weird, I helped manage a transition of a few hundred repos from GitHub enterprise to Gitlab enterprise, which included helping a few dozen teams migrate their CI to gitlab ci.
I had such a better experience with gitlab CI than any other I have used. There are quirks, but they make sense after you learn them.
Same experience, GitLabs CI/CD language is to me so much better - it has really strong abstractions and you can model a lot of developer experience into it. Especially when it comes to security practices of GitLab CI, but also custom runners, web terminals, ... there is just so much that is shining much more than any other Git forge with built-in CI/CD.
I agree that the YAML can get out of hand. We use the `extends` keyword to put together jobs from pieces so that details can live in one place and the job bits and graph description can live in another. The way we've done our pipelines are very difficult to do with GHA as we build a DAG (with splits and forks) that are greatly aided by artifacts being integrated into GitLab-CI instead of separate piecemeal actions.
We also need custom runners anyways because macOS and Windows are important and getting those with graphical session access and/or CUDA hardware in the cloud is either $$$$ or severely limited. Even with our setup, we split the build and test phases so that CUDA hardware slots aren't wasted on running compilers. It also lets us test a single build under different environments easily.
So, yeah, I can see fighting with the feature spectrum, but you need to restrict yourself in most other cases with that kind of stuff too. But at least what we do is possible with GitLab-CI.
Well, I have used a lot of Github Action too, and Gitlab is by far easier to do fairly complicated stuff with, but Github Actions has much better re-usability if you need to re-use or share parts of the job with all projects you build.
In general you shouldn’t be letting your ci system’s job orchestration be handled in YAML. It’s just too complex of a concept to try and capture in some half baked YAML DSL
the pattern I recommend is to use CI system only at the event trigger layer e.g. setting up invocation as a response to webhooks. Then you drop down into whatever orchestration layer you implement yourself to do the actual work. So in my configurations, the ci yml is very minimal, it essentially says "set up env vars, inject secrets, install minimal deps and invoke `ci` command of whatever adult system you so choose" (Dagger would be one example).
What UI are you looking for outside of log streaming? If you want to see a DAG of your workflows and their progress you can use other systems as you say (Dagger has this), or your orchestration layer can implement that.
If you want to use the orchestration component of your ci tooling, you always can do so, and get your DAG viewer, but you have to accept all of the constraints that come with that choice
I can't imagine a world where I had to work with the Gitlab CI pipeline on the daily. I'm sure it's not perfect, but what are you even doing if you have to touch it DAILY?!
I didn't mean to say I changed the pipelines on the daily, though admittedly I did have to touch them rather frequently since we were migrating stuff away from Jenkins.
Uhh… The fact that there's no Archlinux package for a given language doesn't imply there's no tree-sitter support (official or 3rd-party) for that language? See e.g. the very long list of languages on https://github.com/Goldziher/tree-sitter-language-pack , which does include R, YAML, Golang, and many more.
Uhh… What does Design Thinking have to do with UX? Sure, it could be used to come up with novel ideas for user interfaces but DT (nowadays) is an approach that's several orders of magnitude more general.
Sure. Let me then call it this way: "Design Thinking is the Data Science of design: an attempt to gain influence in fields that you don't have expertise in."
I’d retort that software developers aren’t domain experts either. At the end of the day you either luck out if domain experts and actual users are involved in eliminating toil (in the sense that Google defines that) and optimizing the user experience, while reducing friction in applications and providing insights into data.
Never heard of gog.com before (not much of a gamer anymore these days) but it looks really cool! I wonder, though, how exactly do they handle the copyright and licensing topic? Do they negotiate terms separately with every copyright holder? Do they get access to the source code in order to preserve the games and make them fully offline-compatible?
Not trying to change your mind but at least when it comes to exchanging the SSD and battery, you can do the same thing with practically all Thinkpads and Dells?
Just did it with my old Dell a couple days ago – I was done in 5 minutes.
Official battery replacements are impossible to find for older Lenovo models. I have a 4 year old X13 Yoga and can’t really get a new official battery for it in my country. So while replacement is easy, finding the parts is not.
Not too long ago, in a galaxy pretty close to here, there were laptops with removable batteries, and switching them required no tools and took all of about 10 seconds.
> This two-factor system is generally secure. The space of all 6-character alphanumeric confirmation codes combined with all possible last names is astronomically large, making it impossible to “guess” a valid pair.
Depending on the threat model, the attacker's goal might not be to guess a single pair but to access any valid pair (of a booking with a flight date in the future, or maybe even in the past). Suddenly you're looking at thousands of valid booking codes and the attacker can try a couple dozen of common names. Brute-forcing valid pairs then becomes relatively easy.
To anyone who says "I have nothing to hide" I respond with "Unfortunately, you are not the one who gets to decide whether what you have is worth hiding."
(I think I first might have come across this beautifully succinct and unfortunately very true counter in a Reddit AMA with Edward Snowden way back when, but I might be misremembering.)
Both of these are not good responses and are easily discounted by most people ("I don't take nude photos"/"I never tell anyone my pin").
Average people see zero equivalence between sending nudes or their bank pin to a specific stranger and Google keeping a record of every website they've ever visited.
Surely the "I never tell anyone my pin" is just an admission that they do have something to hide?
The point is that there are many things that should be kept private/secret and often the need for that secrecy isn't obvious to people who have never been in particular situations. A woman trying to escape from an abusive relationship may need to keep her location secret to avoid being murdered by her ex, but your typical white male who declares "nothing to hide" may have difficulty in understanding that, whereas they may be able to grasp why their PIN should be kept secret.
I understand the point, but you're taking their statement "I have nothing to hide" way too literally, and these sorts of arguments based on literal interpretations rarely convince anyone. Has anyone actually ever been convinced to take privacy more seriously by this "insight"?
It's not so much a method to convince people to take privacy more seriously, but demonstrating that people who say "I have nothing to hide" haven't really thought about it and how it's such a ridiculous statement.
My aim would be to get people to understand that everyone has stuff that should be kept secret and that it varies according to their circumstances.
It's just so weird you would bring your hatred of a "typical White male" strawman into this discussion when most people on this website are White and male and are themselves arguing for full stop privacy for everyone.
You could have named any other group (and been far more accurate in your assumption of a disregard for privacy, by the way) but you chose White men (like the ones who codified "a right to privacy" in the first place). Why?
I was thinking a little about it lately. Not the saying itself, but the positioning to the general public. The annoying reality is that for most of the things that I consider important enough to voice discontent over ( and maybe even suppress need for convenience for ) are not always easy to 'present'. Note that it is not even always easy here either, but we do, by design, give one another a charitable read.
Hell, look at me, I care and I accepted some of it as price to pay for house peace.
yeah, it's a cascade. maybe you are not a threat to gov or corp but locally there's people who are like the people in clubs who spike you because they want you out or because they want your girls or the girls you will steal from them. info can be power. rumors, gossip, your browsing history, what you draw, what you code in your free time, what you talk to your kids about, what they do with that when they visit "friends" who already had info that you decided wasn't worth hiding ... from your kids ...
all can and will be used to induce stress or to divert attention of the young ones.
governments used to build massive societies and create rules and order and kaizen infrastructures that would get us as far away from the dark ages as possible ... but here we are closing that gap again. Go VCs! Go Agents! Go Puppies of Wall Street! Go work for LLM companies instead of using those big capable brains of yours for something other than personalized copypastable copypastacopypasta ...
"the other girls and kids made it through, and so will you, just let it happen, let it be" and so it goes ...
In his second post he included a link to GitHub: https://github.com/mikekelly/claude-sneakpeek
reply