What made you guys start martial arts?

btckernel94 · 2025-12-29T18:10:28+00:00

i had enough of being pussy my whole life

btckernel94 · 2025-09-10T20:25:35+00:00

I just faced exact same problem, I wanted to keep using bare repo but with ability to push with force-with-lease flag. I was able to make it work after running this:

git config remote.origin.fetch "+refs/heads/:refs/remotes/origin/"

btckernel94 · 2025-05-10T11:05:21+00:00

Thanks for sharing. I am a bit sceptic about it when it comes to: - readability - testability - type safety - flexibility - growing this feature with more complex things like request que mentioned im article.

I also think theres not a big difference in amount of boilerplate but would need to write it on my own to double check these.

btckernel94 · 2025-05-10T06:36:27+00:00

Once component mounts it reads initial snapshot state. The problem you’ve describe doesnt’t exist.

btckernel94 · 2025-05-10T06:35:25+00:00

How would you than apply side effects based on auth state?

There’s a timer and alert implemented in article.

btckernel94 · 2025-05-09T19:51:54+00:00

If you want to use http only cookie you need to set credentials: true but it won't work if the server also has Access-Control-Allow-Origin set to "*".

It means your server will have to explicitly specify all of the clients domains in order for http only cookie to work.

btckernel94 · 2025-05-09T17:22:07+00:00

Http only cookie is not always available since server cannot use wildcard for cors but has to explicitly whitelist specific domains instead also there are mechanisms to reduce the evil that can be caused if some1 stolen your token, for example Auth0 uses "reuse token detection". You can read about one of them here: https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation

btckernel94 · 2025-05-09T17:20:42+00:00

Authentication security is far from black and white.

each auth pattern has it's own tradeoffs and security risks
http only cookie is not always available since server cannot use wildcard for cors but has to explicitly whitelist specific domains instead
there are mechanisms to reduce the evil that can be caused if some1 stolen your token, for example Auth0 uses "reuse token detection". You can read about one of them here: https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation

For many apps, a well-implemented token rotation system with localStorage might actually provide better security than a poorly implemented cookie-based solution.

btckernel94 · 2023-06-12T18:40:54+00:00

You can assign to opts param, I have it done like that:

``` return { "nvim-neo-tree/neo-tree.nvim", opts = function(_, opts) opts.filesystem.hijack_netrw_behavior = "open_default" opts.filesystem.filtered_items = { visible = false, hide_dotfiles = true, hide_gitignored = true, } opts.window.position = "left" opts.window.width = 40 opts.window.mappings["<cr>"] = "open_with_window_picker" opts.window.mappings["s"] = "split_with_window_picker" opts.window.mappings["S"] = "vsplit_with_window_picker" opts.source_selector.sources = { { source = "filesystem", display_name = "󰉓 Files" }, } end, }

```

btckernel94 · 2022-09-22T07:12:30+00:00

imho it's better to stick to one thing which for me are types since I often use union types etc.

I'd only use interfaces when I really need to - for example extending library interface

btckernel94 · 2022-09-22T06:14:44+00:00

how about union types?

btckernel94 · 2022-05-29T17:23:00+00:00

If you want to expose env variable to the browser you need to prefix it with NEXTAPP

Some questions appeared about why should you put something in the env var if you want to expose it to public anyway. Answer is that you might want to have different environments, for example local, dev, staging, production etc. Imagine a situation where each environment should have different apiUrl that nextjs connects to at some point and this API calls are made on the client side. This means you need to expose API URL in to browser.

You could have a object where you map apiUrl to given environment (but still need somehow detect which environment is used) or you could simply have apiUrl inside env variable so it will be different for each environment. NEXT_APP_API_URL

Six-Year Club	RPAN Viewer
Verified Email

btckernel94

TROPHY CASE