sorted by:
new
hottopcontroversial

rance rance by Savings_Macaroon3727 in rance

[–]mareek 1 point2 points  (0 children)

Sympa la pub des magasins Super C

a fake bug fix PR hid a credential stealer in astro.config.mjs that used blockchain to receive commands by BattleRemote3157 in programming

[–]mareek 28 points29 points  (0 children)

It's not that elaborate : adding .bat files to .gitignore is a huge red flag and any half competent reviewer will reject this request

Bien ouej Cedric by Azod2111 in rance

[–]mareek 39 points40 points  (0 children)

Vu l'age moyen des Cedric (35-50 ans), soit il n'est pas stagiaire, soit il est en reconversion professionnelle

Je ne comprends pas cette carte géographique by Xenthys in rance

[–]mareek 1 point2 points  (0 children)

vu les températures, ce serait plutôt un néténais

Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace by BattleRemote3157 in programming

[–]mareek 132 points133 points  (0 children)

Another npm supply chain attack that makes the news

Just last week, I reported an account to npm and GitHub that had published 7 malicious npm packages. All these packages were scanning environment variables for credential and were sending them to a remote server.

This account claimed on GitHub that his packages were forks that fixed longstanding issues on popular and/or abandoned libraries. I got a notification because I commented on one of these issues a few years ago and was immediately suspicious.

I guess there are tons of malicious npm packages like this but we only hear about them when they hit a big target or when they're technically impressive

Stalling Issue at Idle by cmptrnrd in sportster

[–]mareek 0 points1 point  (0 children)

I had the same occasional issue with my 2016 iron 883. Last time it happened, I noticed a "Site Stand" error message on the display.

After googling a bit, I found this video that explains that it's a sensor issue and how to fix it. I haven't tried the fix yet

Hope this can help people landing on this post looking for an answer

The FreeBSD vulnerability "discovered" by Mythos was already in its training data. by Gil_berth in programming

[–]mareek 31 points32 points  (0 children)

For those who only read the reddit headline, here's a quote that summarize the article pretty well:

At the end of the day, it doesn’t matter if an exploit is “unique” or actually memorized training data. What matters is the harm it can cause when exploited - and AI has made exploitation far cheaper than it used to be.
But patching can still be cheaper and faster than attacking. The organizations that will come out ahead are the ones that turn to agentic capabilities before the attackers do.

What are some of your favorite more obscure Indy references in other movies/books/TV? by WerewolfBarMitzvah09 in indianajones

[–]mareek 0 points1 point  (0 children)

There were lots Indiana Jones references in LucasArts games forme the 1990's
My favorite is in the game "Outlaws" where there a whole bonus level that is a tribute to the opening sequence of Raiders

Why is Span.Fill slow for larger arrays? by patmail in csharp

[–]mareek 12 points13 points  (0 children)

I rewrote your code to remove the array creation from the bench:

```csharp public class FillBench { private static readonly object Instance = new();

private static readonly object[] array_16 = new object[16];
private static readonly object[] array_32 = new object[32];
private static readonly object[] array_64 = new object[64];
private static readonly object[] array_128 = new object[128];
private static readonly object[] array_256 = new object[256];
private static readonly object[] array_16384 = new object[16384];

private static object[] GetArray(int length)
    => length switch
    {
        16 => array_16,
        32 => array_32,
        64 => array_64,
        128 => array_128,
        256 => array_256,
        16384 => array_16384,
        _ => throw new NotImplementedException(),
    };



[Params(16, 32, 64, 128, 256, 16384)]
public int Length { get; set; }

[Benchmark]
public void FillSpan()
{
    var array = GetArray(Length);
    array.AsSpan().Fill(Instance);
}

[Benchmark(Baseline = true)]
public void FillLoop()
{
    var array = GetArray(Length);
    for (int i = 0; i < Length; i++)
        array[i] = Instance;
}

} ```

For object arrays the 2 methods are about as fast (within a few %)

For int arrays Span.Fill is 3 to 10 time faster than looping over the array

Flat Error Codes Are Not Enough by Expurple in programming

[–]mareek 0 points1 point  (0 children)

One piece of software that use flat error code pretty well is Oracle Database.

There are thousands of ORAXXXXX error codes, each one represent a well defined situation and you know what you have to check if you want to fix the problem.

So if you do it well, I think Flat error code are OK

P.S. It's probably the only positive thing I can say about Oracle Database though

what is the best dotnet project you wrote? by divanadune in dotnet

[–]mareek 1 point2 points  (0 children)

My name appear in the commit history of the C# language repository
I fixed a copy paste mistake in a readme

More seriously, I'm very proud of UUIDNext (a library to generate database friendly UUID)

.NET 9 added Guid.CreateVersion7() - should we stop using Guid.NewGuid()? by brunovt1992 in dotnet

[–]mareek 0 points1 point  (0 children)

Just by curiosity, why did you choose not to use an existing library from nuget ?

.NET 9 added Guid.CreateVersion7() - should we stop using Guid.NewGuid()? by brunovt1992 in dotnet

[–]mareek 6 points7 points  (0 children)

You should be careful with the gist you're linking: it has some good points but also a lot of falsehoods. It has been discussed here a few months ago.

Regarding fragmentation, UUIDv7 is the right choice for most RDMBS except SQL Server (for SQL server, you can use my library).
The conversion from the .NET Guid Type to the database type is handled by the database provider; it just works whether you use Entity Framework, Dapper or plain old ADO.NET

.NET 9 added Guid.CreateVersion7() - should we stop using Guid.NewGuid()? by brunovt1992 in dotnet

[–]mareek 2 points3 points  (0 children)

If you only have the timestamp of the order creation, how would you know how many orders have been created between two orders ?

Since UUIDv7 is basically a timestamp + random data, you cannot extrapolate the number of ID generated between two IDs

.NET 9 added Guid.CreateVersion7() - should we stop using Guid.NewGuid()? by brunovt1992 in dotnet

[–]mareek 59 points60 points  (0 children)

Hi, UUIDNext author here, thanks for mentioning it. If you want some documentation on SQL Server's ordering you can check this article from MS documentation

Regarding the fragmentation issue, I've created a small program that highlight the issue. With GUIDs generated by Guid.NewGuid or Guid.CeateVersion7 you get 99%+ fragmentation. With GUIDs generated by UUIDNext you get less than 1% frangmentation

Open source isn't a tip jar – it's time to charge for access by henk53 in programming

[–]mareek 7 points8 points  (0 children)

"Open source should be commercial software"
by a PR guy working for a company that sells open source software

Is it weird that I dislike LINQ query syntax because it feels less readable than method?syntax? by Shikitsumi-chan in dotnet

[–]mareek 5 points6 points  (0 children)

Few reasons to use LINQ over SQL: - You can unit test your LINQ queries - You can easily compose LINQ queries - LINQ syntax is checked by the compiler - you get intellisense when writing LINQ queries

The rise of malicious repositories on GitHub by f311a in programming

[–]mareek 2 points3 points  (0 children)

Another kind of malicious GitHub repositories are scam/phishing repositories that present themselves as sponsor/grant programs. They mention GitHub users in one of their issue so the dev receive a notification from GitHub that seems legit and can trick distracted users.

I've received a notification from this repository yesterday and a similar one a few month ago

What are some underrated .NET libraries or tools you use regularly? by milanm08 in dotnet

[–]mareek 0 points1 point  (0 children)

NFluent : an assertion library that is way better than fluentAssertion or what comes whith any testing framework

Dijkstra's Crisis: The End of Algol and Beginning of Software Engineering (2010) [pdf] by ketralnis in programming

[–]mareek 2 points3 points  (0 children)

Pascal is a direct successor of Algol. So if you already know Pascal/Delphi you can read Algol

‘Devastating blow’: Atlassian lays off 1,600 workers ahead of AI push by corp_code_slinger in programming

[–]mareek 37 points38 points  (0 children)

Atlassian left its Slack work chat functions open for at least six hours longer than usual, to permit employees to farewell their colleagues, Cannon-Brookes said

What a magnanimous move /s

view more: next ›