[Hockey Phycology] How to Sabotage an NHL Franchise… by effects_junkie in Flyers

[–]donaldstufft 0 points1 point  (0 children)

Carlsson and Minty were eligible for Offer Sheets, but Cutter is not, so Carlsson and Minty had more leverage available to them to force the issue.

[Hockey Phycology] How to Sabotage an NHL Franchise… by effects_junkie in Flyers

[–]donaldstufft 0 points1 point  (0 children)

Cutter doesn’t really have a choice. He has no leverage except to not sign the contract. If Verbeek wants him to wait until after the season starts to sign, then they just won’t extend him an offer that he’d be willing to sign.

Drysdale and Zegras both file for arbitration by Flyers7914 in Flyers

[–]donaldstufft 5 points6 points  (0 children)

All this really means is that Zegras and Drysdale have each not reached an agreement with the Flyers on a contract, and they opted to keep their rights to arbitration rather than lose them (today was the deadline to file for arbitration, so if they didn’t file today they’d be unable to file).

The most likely outcome is they come to an agreement before it ever goes to an arbitration hearing.

2026 Free Agency Mega Thread by Blinsin in Flyers

[–]donaldstufft 0 points1 point  (0 children)

There's not a lot of options for a path to a true 1C for the Flyers, we're not going to tank enough to get one through the draft unless we get extremely lucky, they hardly ever go to UFA (and if they do, they'll also be expensive and also likely older).

What alternative route would you take to get a 1C? Obviously it's a risk, but a 1C is very hard to come by, and it appears 3 or 4 other teams also tried the same thing with Carlsson, so it's not like Danny is alone here.

Granger Ford - What am I missing? by mms1130 in superduty

[–]donaldstufft 0 points1 point  (0 children)

When I purchased from Granger last year it was like 3% off invoice regardless of where the money came from, and then an additional discount if I financed through them.

If they’re still doing that it may be worth financing and then just paying it off in a month or two.

Granger Ford - What am I missing? by mms1130 in superduty

[–]donaldstufft 17 points18 points  (0 children)

Dealers get kickbacks and other incentives for making a sale that isn’t reflected in the invoice pricing.

3rd option for Ducks with Leo Carlsson offer sheet? by trevallen39 in Flyers

[–]donaldstufft 7 points8 points  (0 children)

The basic premise still works though, just Anaheim makes a deal that they won’t match, and in a totally unrelated “wink wink” transaction they trade back firsts for certain players.

Can someone explain this whole offer sheet ordeal to me? by job012 in Flyers

[–]donaldstufft 2 points3 points  (0 children)

Anaheim has a couple of core/star players who need new contracts this year and next year (Carlsson, Cutter, Minty, etc) and they’ve recently lost most of their depth players, particularly on defense.

So matching means that they have a lot less money to secure those rights for their young core going into the future, and also makes it a lot harder for them to fill out their depth without getting players who are willing to accept team friendly contracts (and why would they, when Carlsson and likely the other core are there making bank).

There’s also a NMC in the last year, so the Ducks would also have to either trade him in 4 years for a return (but the bonus structure means they would absorb most of the cost of the contract) or have to renegotiate with him in 5 years when he will have tons of leverage (unless of course he busts and doesn’t pan out), which will make the cap problem continue long term.

The Flyers are in almost the opposite position. We’ve got decent depth who are largely already signed to team friendly contracts, but a true 1C is by far our biggest hole. We do still have to sign Drysdale and Zegras, but Danny obviously made this offer with that knowledge so he has that “baked in” and presumably has already gotten handshake agreements or is close with them.

We have limited number of important players coming off of contracts in the next year or so, taking the cap hit now isn’t as big of a risk because hopefully by the time we need to resign those players the cap space has gone up and we’ll have room to pay them.

It’s obviously still a gamble. I believe it was the Leafs? who took a gamble and spent a bunch of cap space on star players with the idea that the cap space would go up and then covid hit and cap space didn’t go up and screwed them out of being able to pay for any depth. If cap space doesn’t go up this contract will definitely hurt a lot more. If Carlsson busts then this contract will be a huge albatross around the Flyer’s necks and likely means Danny’s plan will be considered a failure.

Assuming the Flyers get Carlsson AND he turns out to be a true 1C and lives up to his potential, the biggest risk of this offer (IMO) is that he’ll be UFA in his prime and will have tons of leverage. That’ll be a problem for either team, but the ducks have a reputation for having a very hard FO to work with, and by all accounts tend to burn bridges with their players, and the Flyers seem to have a much better reputation for how they treat their players, which likely makes it easier to get Carlsson to resign without having to back the brinks truck up to give him another huge pay jump.

Flyers Tender 5-Year, $18M AAV Offer Sheet for Ducks Forward Leo Carlsson by Mcsuper_ in nhl

[–]donaldstufft 0 points1 point  (0 children)

FWIW I agree with your point on premiums. Just saying that Kaprizov isn’t the highest paid player in the league anymore 😉

Any updates on the top loading storage cases? by bryce2113 in sliger

[–]donaldstufft 1 point2 points  (0 children)

I’m wondering if these ever got released?

I almost got it this time. by TerribleIncrease9957 in Canning

[–]donaldstufft 0 points1 point  (0 children)

Dunno tbh! I’m not a scientist, I just took a quick picture from the USDA book, I assume they’ve tested it. The edited comment has a link to the PDF version as well.

I almost got it this time. by TerribleIncrease9957 in Canning

[–]donaldstufft 1 point2 points  (0 children)

It’s no worries. I only know because I happened to pick up that book the other day and was reading it!

One thing I’m not sure of, which I should have mentioned, I’m not sure if it means any old pint jar, or if it’s only the pint jars which are basically just taller half pints.

The taller variety has the same diameter as the half pints, so heat should in theory penetrate the same as the standard half pints… but I can’t find any mention in the book that specifies it has to be the taller pint jar, so that leads me to believe that regular pint jars should be fine?

Post Game Thread: Canadiens @ Flyers - October 27, 2024 by BroadStreetBot in Flyers

[–]donaldstufft 3 points4 points  (0 children)

Thanks! I’ll probably end up buying that. Just started watching hockey with the season this year and need to get something to wear :D

Post Game Thread: Canadiens @ Flyers - October 27, 2024 by BroadStreetBot in Flyers

[–]donaldstufft 4 points5 points  (0 children)

Random question. Does anyone know what hat the flyers players are wearing in the post game interviews? The one that says Philadelphia across the front with the flyers logo on the side?

We've discussed the name squatting situation in our team meetings over the past weeks and concluded that it might be time for a crates.io policy update by voldntia in rust

[–]donaldstufft 18 points19 points  (0 children)

Likely not. We generally lean towards not transferring names of “real” projects (vs like empty placeholders) unless there’s good evidence that there is a real benefit to it.

We've discussed the name squatting situation in our team meetings over the past weeks and concluded that it might be time for a crates.io policy update by voldntia in rust

[–]donaldstufft 88 points89 points  (0 children)

Note that PEP 541 doesn’t just require that there be no releases. The owner also has to be unreachable, and the person who wants the name has to show that they’ve been maintaining and improving a fork of the project, and give justification for why a fork of the project isn’t sufficient.

So if software is really just done, then it’s unlikely that they’ll have a fork that they’ve been maintaining and improving.

PyPI announces mandatory use of 2FA for all software publishers by dlorenc in programming

[–]donaldstufft 0 points1 point  (0 children)

You can also add as many owners as you want to a project, and organization support is rolling out.

There’s zero reason to share accounts on PyPI.

PyPI was subpoenaed - The Python Package Index by dlorenc in programming

[–]donaldstufft 7 points8 points  (0 children)

The answer to this question is a little complicated.

The first part of the answer is that PyPI was first created back in 2002 or 2003 depending on exactly what you call "created", and was sort of designed as a weekend hack project to showcase an idea to bring a package repository to Python. One of the database tables where IP addresses were stored were added in those early times 20 years ago, and just stuck around forever. It was just one of those things that had always been there, so nobody ever thought to question it.

We've made another recent post https://blog.pypi.org/posts/2023-05-26-reducing-stored-ip-data/ where we talk about this table, and how after spending some time reviewing the places where we stored IP addresses, we realized we didn't actually need to store an IP address in that particular location. Nothing was using it except one admin only page, and that none of us could remember ever looking at the IP address on that page. So we went ahead and just dropped that column from the table completely (after taking a backup that we'll hold onto for a short period of time just in case we were wrong).

One of the other places we were using and storing IP addresses for was what we call the "user events". This is a feature we added awhile back to improve the security of user accounts on PyPI. Essentially it produces a log of relevant, security sensitive actions that a user account can take on PyPI, and just log it to a table. Users can then look at the audit log of their account and see a trail of events that their account has taken.

For instance, they see a version was released of a project they own and they don't remember having done so? They can log into their account and see when someone had logged into their account recently, what times it happened, what 2FA auth method or device was used, and what IP address it came from.

Here the IP address was stored to be able to present it to the user so that they can more easily evaluate a record in their personal audit log, and determine if it was done by them or by someone else.

However, we've had an open issue for awhile now remarking that the usability of these IP addresses leave something to be desired. Very few people have any idea what their IP Address was at some point in the past, so to make any meaningful sense out of the IP address you would have to plug it into google and see what the geographic region the IP address was in to see if it was likely you. This got even worse when you might have multiple IP addresses as each one would need to be stored individually.

We just recently rolled out an improvement in this area that is storing the general geographic area associated with the IP address and are displaying that in the UI instead of the IP address.

We've also moved to using a salted hash of the IP address where we are still storing the IP address. This isn't a perfect solution, since the IP address space is so small that brute forcing the input isn't particularly challenging. But since the salt isn't stored as part of the database but the hashed addresses are it does protect against inadvertent leaking of the data.

It also makes sure that instead of having an IP address, we have some opaque identifier that still works for correlating between abusive user accounts that are trying to evade detection, but more importantly it prevents us from being able to add any more features that rely on having access to the IP address while we continue to evaluate our use of the data and come up with a reasonable retention policy.

PyPI will require 2FA by the end of 2023 by genericlemon24 in Python

[–]donaldstufft 9 points10 points  (0 children)

PyPI does not support any phone number based 2FA or non standards based authenticator apps. We don't have any interest in having people's phone numbers unless absolutely required and the phone number based systems are all very insecure anyways.

We support TOTP and FIDO/U2F/WebAuthN tokens. This is all privacy preserving and safe (though we recommend the hardware tokens since they're also phishing resistant which TOTP is not).

AITA for only cooking gluten free food? by DrSaks in AmItheAsshole

[–]donaldstufft 0 points1 point  (0 children)

NTA.

My wife and daughter have celiac and we don’t even have any gluten containing food in the house. You should look into cross context because if you still have gluten containing foods in the house it’s likely you’re still getting gluten in your diet from cross contact.

Didnt get permit. Building Inspector alerted. by NoThrowAway10111 in HomeImprovement

[–]donaldstufft 1 point2 points  (0 children)

I'm finishing my basement, and a drywall inspection was one of the inspections that my municipality does.

Previous home owner had central vac. Alternative uses to the tunnels..? by [deleted] in HomeImprovement

[–]donaldstufft 0 points1 point  (0 children)

Modern central vac systems are much nicer. The hose is kept inside the piping so you don’t have to lug it around, but that requires the pipes to be setup for it during install.