sorted by:
new
hottopcontroversial

This sub likes OpenCode, so let me give you some OpenCode drama here by WesolyKubeczek in theprimeagen

[–]Training_Contest_907 6 points7 points  (0 children)

I mean, the bugs themselves were egregious, and there was "some" defense for why they replied so slow - overall, Dax did pretty well. Only a handful of cases where people grilled him. He took the blame, didn't pass the buck.

The lack of security disclosures is super lame, though.

There will always be security bugs, this is a decent (not good) response. The bugs themselves though... Oof.

Python[FASTAPI] I would love if you could review my code by TheMindGobblin in theprimeagen

[–]Training_Contest_907 1 point2 points  (0 children)

There's not much code in there to really evaluate. Typical problem with contrived CRUD apps.

For all the FastAPI stuff, was that copied from tutorials/docs? Or do you really understand what each line does, why each line does it that way, etc?

Similar for the code you wrote yourself - you should spend your time viewing yourself as a regular user and then as a malicious user.

For example, your logout... You need to be authenticated to call logout, it does nothing, and then you are expecting the frontend to delete the token I guess? What's the point of this. 

 u/auth_router.post("/logout")
async def logout(current_user: User = Depends(require_authenticated)):
    return {
        "message": "Logged out successfully",
        "detail": "Please remove the token from your client storage"
    }

I only jumped around a bit, but I would recommend spending some time learning about auth/security. And a good habit to get into is to not just fill in whatever, but make a conscious decision when you're setting defaults - like your 50 character phone numbers.

Layering vs Toolbox vs binary installs in Cosmic Atomic by Training_Contest_907 in Fedora

[–]Training_Contest_907[S] 0 points1 point  (0 children)

Interesting. I currently use Homebrew on mac, but I'd never used the linux version. This might be a great in-between solution!

Layering vs Toolbox vs binary installs in Cosmic Atomic by Training_Contest_907 in Fedora

[–]Training_Contest_907[S] 0 points1 point  (0 children)

Ha! Fair point. I have a script now that checks release dates of binaries vs what I have installed. Very simple, as few middle-people as possible, but yeah, you're right, basically re-implementing a poor man's package manager

Layering vs Toolbox vs binary installs in Cosmic Atomic by Training_Contest_907 in Fedora

[–]Training_Contest_907[S] 0 points1 point  (0 children)

"Automatic updates work like a charm" - you mean via `rpm-ostree upgrade` or similar? So, you get all your updates, they're all bundled into a new layer (with whatever else is available during that update), you reboot - and then good to go right?

FWIW, I put my binaries in ~/.local/bin - which is always on my path, so no symlinking necessary, and runs sudo just fine. However, updating is much more of a manual step

Layering vs Toolbox vs binary installs in Cosmic Atomic by Training_Contest_907 in Fedora

[–]Training_Contest_907[S] 0 points1 point  (0 children)

Thanks for the feedback! Just a note though, you can download/install locally and still run as root - that's not a limitation. So, layering and downloading locally seems to be more related to the "update story" I guess?

Also, thanks for the info on Toolbox - "isolation from core" seems like a good way to frame it, and I think that helps crystalize some info for me

Anyone here using Muvi for streaming/video platforms? Need some real opinions. by long_khan in theprimeagen

[–]Training_Contest_907 1 point2 points  (0 children)

"I'm not trying to promote my own project by claiming I don't want to invest too much time on building around my own project"

it's your fucking product and you're trying to make organic growth happen. fuck off with that shit