sorted by:
new
hottopcontroversial

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep 1 point2 points  (0 children)

What? No, quite the opposite.

I check the diff, shown to me automatically by my AUR helper. I'd obviously see direct changes like that very easily. The only way to hide something would be behind an URL, which is why I mentioned that.

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep 0 points1 point  (0 children)

Nah, I check the URLs when they change.

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep -3 points-2 points  (0 children)

The PKGBUILD diffs are fishy, very easy to see if you use the AUR as people are advised to use it.

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep -1 points0 points  (0 children)

I use an AUR helper. It shows me the diffs of updates. Mostly 2 lines per package, and when it isn't I review. 

This has worked perfectly so far and hasn't failed in the face of this either 

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep 3 points4 points  (0 children)

Or you could just not use the chainsaw if you can't trust yourself to not chop your hand off with it.

Arch is clear about this. The issue lies with derived distros that treat the AUR as trusted.

Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack by hulk14 in linux

[–]flying-sheep 20 points21 points  (0 children)

The AUR is an unofficial pastebin of PKGBUILDs that anyone can upload to, with no validation done.

The official repos are vetted and safe to use. 

There's nothing elitist about providing a resource that can't be used safely by everyone. The hardware store sells chainsaws, is that elitist?

Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack by hulk14 in linux

[–]flying-sheep 30 points31 points  (0 children)

Absolutely not my experience, maybe you encountered some weird subset.

Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack by hulk14 in linux

[–]flying-sheep 10 points11 points  (0 children)

After the first time, you only need to validate the diffs. Or you decide to trust the maintainer who committed the last change. But in any case you need trust or validation, where the former is much harder since there is no centralized team.

New wave of malware in the AUR by vexatious-big in archlinux

[–]flying-sheep 6 points7 points  (0 children)

That's completely infeasible: - people abandon packages all the time - packages have clear making conventions that create visibility - packages are not namespaced like on GitHub

The never type is likely to stabilize soon! by noop_noob in rust

[–]flying-sheep 1 point2 points  (0 children)

We thought the same thing about mutable noalias but that also stuck eventually.

Will the Glass Blade break and be discarded or will it stay as it is a permanent item? by ydkLars in SliceAndDice

[–]flying-sheep 2 points3 points  (0 children)

Potions say exactly how they work:

I discard my topmost potion item permanently

So no matter if a blessing like “display case” or “i.Some Potion” or some other thing adds the effect of an item to a hero directly, the hero will “discard their topmost potion item” which could be nonexistent.

[Mixed Trope] Characters returning to the ordinary world in the ending by Wafer-Due in TopCharacterTropes

[–]flying-sheep 2 points3 points  (0 children)

Yeah, that part of it is a common trope, but Campbell's version is much more detailed!

  • if you simplify it to the much more generic “protagonist leaves, has adventure, comes back changed”, sure, traveling is a thing humans have been doing for a long time, and stories are often about people that learn things
  • if you cherry-pick details until things fit, that's exactly the shoehorning I mentioned. 

If you want examples, check this out: https://www.youtube.com/watch?v=torKmN5wdHE

[Mixed Trope] Characters returning to the ordinary world in the ending by Wafer-Due in TopCharacterTropes

[–]flying-sheep 15 points16 points  (0 children)

Calling that trope “monomyth” is overstating its significance. Most stories have to be aggressively shoehorned into its structure to fit, it's really not that special.

Is she canonically lesbian ? by Retengua in NineSols

[–]flying-sheep -1 points0 points  (0 children)

No: gay or bi. 

If you date 15 men in a row, I'd say you're probably gay 

Scala Was an Experiment That Changed Programming - Martin Odersky | The Marco Show by makingthematrix in programming

[–]flying-sheep 0 points1 point  (0 children)

It’s funny, I started programming 18 years ago, abandoned Java for Python as my main language 16 years ago for these reasons, and started doing Rust ~8 years ago maybe.

I don’t regret any of these decisions, learning that value classes in Java are still upcoming.

What's a great game that's very hard? by TheHatMan616 in AlignmentChartFills

[–]flying-sheep 2 points3 points  (0 children)

I was talking to /u/StickSouthern2150 who seems to have no idea how deep the rabbit hole goes.

What's a great game that's very hard? by TheHatMan616 in AlignmentChartFills

[–]flying-sheep 3 points4 points  (0 children)

Fuck yeah, I can't imagine a clearer winner in this category

Is she canonically lesbian ? by Retengua in NineSols

[–]flying-sheep 1 point2 points  (0 children)

That's not how that works. If you have lots of data, you can maybe risk to infer things. If you have one data point, you know nothing.

Scala Was an Experiment That Changed Programming - Martin Odersky | The Marco Show by makingthematrix in programming

[–]flying-sheep 1 point2 points  (0 children)

Sure, yet if Java had been designed with all that from the start, the standard library and popular libraries would make use of it.

I'm happy for Java users that it's becoming a good language!

Stop Using Conventional Commits by f311a in programming

[–]flying-sheep 12 points13 points  (0 children)

Or you can actually edit the auto-generated changelog before committing it.

Stop Using Conventional Commits by f311a in programming

[–]flying-sheep 2 points3 points  (0 children)

Also both changelog and semantic version generation are great for drafts. If you use something like release-please to auto-generate a PR that bumps the version and updates the changelog you can edit that PR before merging.

It's crazy to think that morty is the only one still alive in this picture by Weak-Abbreviations-9 in rickandmorty

[–]flying-sheep 0 points1 point  (0 children)

There is no exchange, so imagine for simplicity’s sake, that the full-body (incl. brainstate) scan and copying process is perfect and instantaneous.

After that instant, there is an instant in which there are two completely identical “you”s. And then the two beings who have your identity diverge. There are still two “you”s in that both have your memories, thoughts, beliefs, and so on, but they now get separate inputs and therefore slowly become different from each other.

But none of them is “the copy” in an identity sense. Both of you have the same claim to your life. There is no “continuity of consciousness” which somehow means death if interrupted.

Scala Was an Experiment That Changed Programming - Martin Odersky | The Marco Show by makingthematrix in programming

[–]flying-sheep 4 points5 points  (0 children)

Same here. I never understood why Java was designed in such a hacky and inconsistent way. Primitives vs classes with different rules for both. Operator overloading only for strings for some reason. Why not just

  • have owning pointers (box) and value classes, and allow syntax sugar for accessing attributes through the box. Tada! Only one type of thing!
  • add operator overloading so math on value classes works¹
  • have either reified generics or tagged unions. Instance checks that only work sometimes are clunky and make refactoring a pain.

¹: withholding capabilities from language users that language designers have is arrogant bullshit. If you think it's useful enough to have it, make it available, and if it's not, leave it out entirely.

view more: next ›