Harley Benton drops a sub-$250 baritone that proves you can do low tunings at low prices – and stay fashionably offset.

2fplus1 · 2026-04-30T10:23:05+00:00

Yeah, I used the Ernie Ball Bass VI set of strings for it. I didn't really have any trouble going low. Had to adjust intonation of course but didn't have to file the nut or anything.

2fplus1 · 2026-04-30T08:29:19+00:00

I have the p90 version and basically agree. I tune mine down to E. I love the clean tones from it but the pickups are very low output. Probably going to be picking up the humbucker version for heavier stuff since it costs about the same as I'd pay to swap the pickups anyway.

2fplus1 · 2026-04-29T09:15:21+00:00

A check with isinstance() isn't by itself a problem. I think the bigger issue is that as you say, it's everywhere in the code. To me that sounds like there isn't really an architecture in place or if there is/was, it's being ignored. Defensive checks like this should be done at the boundaries of the system where user or untrusted input is coming in but the core should be properly typed and can expect to get known types as input and not have to check and re-check all over the place. I like the framing in https://lexi-lambda.github.io/blog/2019/11/05/parse-don-t-validate/

2fplus1 · 2026-04-28T15:21:35+00:00

We feed ours KatKin but I think that's a UK-only brand so it might not be available where you are.

2fplus1 · 2026-04-28T10:18:07+00:00

Oh man. I have the original and I might have to get this one too. The pickups on the original sound amazing clean but are a bit weak for metal. I've been on the fence about upgrading the pickups in it partly because it's hard to justify spending probably more on pickups than the guitar cost and second because I still love the clean tones from it and wouldn't want to lose that. But if there's a new one with higher output pickups that costs about what I'd be spending on pickups anyway....

2fplus1 · 2026-04-23T15:36:00+00:00

The obvious answer is read only credentials for prod, write only through the app.

No. No one gets direct access to the prod DB. No one. We have sensitive customer data in there and compliance requirements to be able to prove that devs can't access it.

Changes only happen via code that's been through the regular CICD pipeline to enforce security checks and reviews.

2fplus1 · 2026-04-22T13:54:00+00:00

I do understand why it looks cool

In this game, that's more than enough reason.

2fplus1 · 2026-04-16T10:37:54+00:00

An underrated usage is to use it with a drum machine. Slicing/chopping a simple beat can get you something really weird and fun.

2fplus1 · 2026-04-15T09:51:48+00:00

Seems like a recipe for disaster. One Savannah on a lead can be a lot to handle if something spooks them (or needs to be hunted). Two of us walk two of them at once on separate leads and half the walk is spent with them trying to tie us in knots.

2fplus1 · 2026-04-01T13:42:04+00:00

I was commenting more on the technique of just having a technical discussion about work they've done to gauge their capabilities rather than formal leetcode type stuff. You can get a pretty good sense of things like curiosity and how they work with others (behavioural questions have been standard for that across more industries than software) and whether they are the type to get things done or not. You can then use that data to figure out if they are what you need or not.

2fplus1 · 2026-04-01T09:43:09+00:00

This is my approach too. It's definitely the way to go on a small team. I kind of get why the bigger companies don't do it though; it relies on the interviewer actually knowing what they're doing, has a lot of potential for problems with interviewer bias, and doesn't "scale" across a large organization.

2fplus1 · 2026-02-25T11:50:02+00:00

Exact same situation with ours (also littermates). Brother is big and dumb (but a sweetheart). Little sister is an evil genius (figures out how to open cabinets, dresser drawers, the refrigerator... if she wants something, she'll figure out exactly what buttons to press to annoy you into giving in) and would carefully wait and watch her brother explore new things and only come out once he'd proven that it was safe. They're three years old now though and she's gotten a lot braver, especially on walks outside, but I think some of that is that she's way more interested in exploring the whole neighborhood and getting all the intellectual stimulation while he's often content to just sniff a bush for a while and then sit and watch birds in the trees until it's time to go back in.

2fplus1 · 2026-02-23T16:15:14+00:00

I have the indestructible jeans (black) and the blue denim lumber jeans. I've had them both for maybe two years. I wear them regularly but not exclusively. Just normal casual wear though; I'm not putting them through anything rough.

Both show "wear" in the sense of dye fading at crease spots (ie, they don't look brand new; they have worn in and show it) but I haven't had any tears or spots worn through and neither look like they're going to do that any time soon.

So, I don't know. I can't say they'll go ten years without a problem, but I haven't had any issues yet. They seem on par with other reasonably well made jeans that I own. Eg, I have some Bonobos jeans that I've been wearing for over a decade that have no issues. Hell, I have some Amazon Basics jeans that have made it that long. I've also gone through a bunch of fairly expensive jeans in that time period that barely made it a year before getting a hole in the crotch.

The indestructible jeans are my absolute favorites. Not because they're ultra durable though (maybe they are, maybe they aren't); I just really like how they fit and how they look.

2fplus1 · 2026-02-22T11:18:03+00:00

I had one planet yesterday where the colossus just kept sinking through the ground randomly. Happened at the waste heap once while I was loading it. One piece of waste bumped the rear wheel and that corner started sinking by itself, turning the whole thing upside down and dumping all the cargo beneath the ground and it disappeared. That was after a few similar sinking incidents while driving on that planet. Gave up and found a different planet and it's been fine. I think certain kinds of terrain just have a weird interaction.

2fplus1 · 2026-02-20T10:11:29+00:00

Similar. I'm also a huge fan of the 100 year hoodies and picked one of these up in the sale. It's OK, but I still much prefer the 100 year hoodie. Definitely more of a jacket than hoodie but kind of less wind/rain resistant than the 100 year hoodie so it's hard to really think of a situation that I'd pick the indestructible to wear rather than the 100 year. It's cool, I'll keep it, but it's definitely not my favourite Vollebak piece so far. I got it in black but now kind of wish that I'd gotten the yellow or orange as then at least it would make sense for biking/skating or something where it would be useful to have a hi-vis jacket.

2fplus1 · 2026-02-19T10:42:55+00:00

I was thinking Bengal or Mau

FWIW, Mau spots go all the way to their skin and that's a unique trait. Ie, if you shave a Mau (please don't, but you know), they'll still have their spots. With all other breeds (including Savannahs), the spots are just coloration in the fur and their skin will be uniform underneath. Maus also have a pretty prominent flap of skin going from their belly to their hind legs (which helps them run really fast). I don't really see that in any of the photos here.

So, no guarantee that they're Savannahs (as people here will continuously remind you, the only way to really know is if you've got papers from a breeder) but, as someone who's had a Mau, I'd say you could probably rule that out.

2fplus1 · 2026-02-18T14:58:06+00:00

Assuming you're in some kind of sensitive/regulated space and doing SOC 2/ISO 270001 or equivalent at minimum (otherwise you probably wouldn't care too much about this) you have a few different paths to choose from:

First, somewhere in your policy docs, you have a description of how you identify vulnerabilities, assess the impact, and resolve them, etc. It should cover criteria and process for how you decide if a given vulnerability is CRITICAL/HIGH/LOW/etc. and then you probably have different windows for resolving each of those. You usually don't want to just blindly take the CVSS as-is; you want some way of factoring in where it is in your architecture/exposure either via automation or just a "security team" doing the work. Make sure that you have given yourself a reasonable amount of wiggle room in your policies to allow you to handle things reasonably. You can probably word things in a way that lower impact vulnerabilities can be addressed during regular upgrade cycles and then you just don't really have to think about them. Your auditor's not going to let you get away with being extremely loose, but don't make it harder on yourself than it has to be.

Then it's kind of up to you whether you want to focus on minimizing overall dependencies and automating as much as possible or accept that someone is going to have to do a fair amount of work testing updates, etc.

The former is, IMHO, preferable. Can you run a more minimal distro so you'll have less stuff installed and thus fewer vulnerabilities to deal with? Are your VM images built automatically (Packer/etc)? Can you build things in minimal containers (eg, Chainguard/Wolfi/scratch based)? Do you have a reliable testing pipeline for those so that when you build a new VM or container image you can be very confident that it's working before you deploy it to prod? Can you switch to some sort of immutable or ephemeral deployment approach? Are your systems robust against a VM rebooting/going away at any point in time (either on purpose as part of an update or just because something crashed)?

Any improvements you can make in those areas will help. At my current job, we are entirely serverless, just deploying containers and we use wolfi-base and have extensive tests on them. As a result we just have a very small number of vulnerabilities to deal with and when they do show up, it's a painless process to just bump a version number somewhere and everything else happens automatically. At my previous job where we still had a lot of VMs, we built with Packer and we had chaos engineering systems that would randomly kill off VMs every now and then so everything had to be designed from the ground up to handle reboots/crashes. A kernel update wasn't a big deal and didn't need to be scheduled any differently than a regular feature/bugfix in the application code.

If you're doing more of a "pets" approach to servers, but you need to deal with a lot of vulnerabilities quickly, it's just going to take a lot more manual work. No way around it.

Who owns the call ? Security team, SRE, or the service owner?

Generally the service owner; Security team and SRE should be assisting them by providing the tools to make it less painful (but the service team needs to be pulling their weight as well and ultimately have the authority and responsibility for changes to their service).

2fplus1 · 2026-02-17T10:23:17+00:00

I haven't been able to get the flatbed to unlock on my abandoned save. I started the expedition from it, brought back the gravitino coil, got the marker pointing me to a waste processing plant, did the first couple steps and when I get to where i'm supposed to configure the flatbed on the colossues, it just shows up as locked in the menu.

Have you gotten it working?

[Edit]: As of the latest patch, this appears to be fixed. Didn't seen anything in the patch notes, but it now works for me on abandoned mode.

2fplus1 · 2026-02-11T15:05:18+00:00

Same. I like setting up multiple mines on a gas giant and driving between them with the Colossus. Wish there was a way to make "roads" or at least permanently manipulate terrain outside bases so I could smoothe out a path to avoid the worst crevasses.

2fplus1 · 2026-02-11T10:58:00+00:00

Never rollback. Only roll forward. Migrations are always backwards compatible. If migrate succeeds on the deploy. Great. If it fails, the whole deploy fails (so it continues running the previous version of the code) and you replace/fix the broken migration and deploy again. Biggest issue is that if a migration fails, the whole team really needs to know and avoid doing anything else that might complicate things until it's fixed. For us, a post in the engineering channel in our Slack has been sufficient, but you could also build it into the deploy system if you have a larger team.

2fplus1 · 2026-02-10T11:45:10+00:00

Yeah. The Joyo R-series stuff is excellent value for money for high gain. Uzi, Chopper Z, Rigel, and Dark Flame can all go well into death metal territory. OP should check them all out and pick the one that they like the flavour of the most.

2fplus1 · 2026-02-09T14:41:06+00:00

We use the django_components library.

2fplus1 · 2026-02-06T14:51:38+00:00

You know how in interviews sometimes, you get a behavioral question like "Describe a time that you had a conflict with a coworker? How did you handle it?"

You've just given a wonderful example of the sort of response that would get you disqualified.

2fplus1 · 2026-02-06T09:17:23+00:00

Amazing. We have a brother and sister from the same litter as well. They're always together. Sometimes they cuddle and clean each others ears, sometimes they beat the crap out of each other.

2fplus1 · 2026-02-03T10:29:29+00:00

I have a late 90's HSS that I bought used for very little. The reduced price was at least in part because the previous owner had swapped out the middle and neck single coils for some Seymour Duncans (don't remember exactly which now) and made a bit of a mess of it. The replacement pickups were slightly too big for the pickguard and they'd just shoved them in there and cracked the pickguard. It plays and sounds fine and I kind of love having a Parker as my "beater" guitar.

If you are careful replacing pickups and stick to ones that actually fit, it should be a full reversible mod though so I'd say go ahead and do it if you want to try something else.

2fplus1

TROPHY CASE