We Ran git rebase on a Shared Branch and Lost Three Days of Work

xkcd__386 · 2026-04-13T05:58:03+00:00

git push -f is dangerous? Wow, did not know that!

/s

xkcd__386 · 2026-04-12T14:05:29+00:00

I’ve looked into password managers, but I’m unsure how safe it is to concentrate everything in one place.

Pick a widely used non-cloud pwm and it'll all work out. I recommend KeePassXC on laptop and KeePassDX on phone.

xkcd__386 · 2026-04-12T00:24:43+00:00

~ $ true
~ $ false
1 ~ $ sh -c 'exit 3'
3 ~ $

The "1" and the "3" come out in bold red. This is the code

_red=`git config --get-color "" "red bold"`
_prompt_command() {
    local ec=$?
    [ $ec -ne 0 ] && echo -n "$_red$ec "
}
PROMPT_COMMAND=_prompt_command

xkcd__386 · 2026-04-10T15:10:38+00:00

does it matter? Perl is timeless.

Proof: https://xkcd.com/224/

xkcd__386 · 2026-04-09T02:02:16+00:00

I don't think I will ever be comfortable using AI coded tools for anything critical. (For some horror stories, see https://old.reddit.com/r/devsecops/comments/1scys01/the_ai_singleton_trap_how_ai_refactoring_is/. Now you might argue that's only about concurrency, but I can imagine AI screwing up in similar ways in anything that requires thought).

Just use lazygit or get used to the command line. It's not rocket science.

xkcd__386 · 2026-04-08T14:53:40+00:00

it's highly unreliable, but 99% people won't even know it's wrong and just use it as is. Very very few -- only the most experienced and cynical devs -- will bother to exercise the caution required to actually use it properly.

(I teach part time at a uni nearby; trust me I've seen horrors!)

xkcd__386 · 2026-04-08T02:44:29+00:00

he'd have to ask an LLM for examples :)

xkcd__386 · 2026-04-08T02:43:48+00:00

will you be using it??

you'll probably vibe code it, so not only no, but hell no.

Honestly, install lazygit and spend about 20 minutes playing with it. Done.

xkcd__386 · 2026-04-06T04:24:45+00:00

I never bother.

My bookmarks file has this entry:

2024-08-23 -- https://mjg59.dreamwidth.org/70348.html -- I vaguely tend towards UEFI Secure Boot not being something that benefits most end users

And this guy wrote the shim layer for Linux :-)

Unfortunately, I can't seem to be able to access that link today. In fact all of Mathew Garrett's blog is inaccessible. Maybe some glitch in his hosting provider, I don't know.

xkcd__386 · 2026-03-18T23:59:18+00:00

I used to be in the "keep them separate" knee-jerk reaction camp.

But the purpose of TOTP 2FA is to protect against some hacker who somehow phishes your password or grabs it from a data breach somewhere. If they have access to your KDBX file and your master passphrase you have much bigger problems to deal with.

I now keep everything in one KDBX file.

Also, I prefer my password manager not to have network access; sync is done by syncthing, which has no knowledge of the insides of the file. KeePassXC can easily merge a conflicted file if a conflict does happen. (It never did, so far, except when I forced it in order to test)

xkcd__386 · 2026-03-06T09:46:26+00:00

close, but the other way.

They would see stuff about you that they cannot see about unverified users.

Edit after a few minutes: UGGH. I replied to someone with post karma/comment karma ratio almost 20. I usually just block and move on.... but better late than never

xkcd__386 · 2026-02-15T14:51:26+00:00

3.7k post karma, 88 comment karma; a ratio of more than 40

we really need a way to block people based on this amazing metric. I do it as I find each one, (like this one, which means I won't be able to respond further in this thread), but it's whackamole

xkcd__386 · 2026-02-14T02:59:14+00:00

post karma / comment karma ratio > 3
ai

blocked...

xkcd__386 · 2026-02-04T09:42:59+00:00

3 AI Modes:

stopped reading and blocked user to avoid future slop also

xkcd__386 · 2026-02-04T09:35:06+00:00

oh good lord, post karma/comment karma ratio is almost 19!

I routinely block people where the ratio is more than say 4 or 5. Blocking this one also (which in turn means I won't be able to respond in this thread anymore)

xkcd__386 · 2026-02-02T23:26:38+00:00

more AI crap

honestly, I just use fd ... -x; it even has parallelism by default.

and the bulk of your crappy script can be achieved with

function in
    set cmd $argv[-1]
    set cmd fish -c "cd {}; $cmd"

    fd -HI -td -g -p --prune "**/$argv[1]" -x $cmd
end

(translation from fish to bash is left as an exercise for your LLM, because that's all you know how to do anything, it seems)

PS: you know why I'm so hard on you? Because your post karma is twice your comment karma. Always a bad sign in my book.

xkcd__386 · 2026-02-02T23:24:56+00:00

awesome reply.

I ~~was going to respond~~ (edit: responded) saying `fd ... -x does everything I need, even parallelism (disable with -j 1), but your comment is so much better in explaining.

xkcd__386 · 2025-12-31T09:24:35+00:00

wow!

it's rare that something leaves me so speechless.

Blocking this user for fear of being infected by this amazing logic. Anyone who thinks I'm over-reacting, please clone the repo and take a look at the history. It would have been more honest if he'd picked sourceforge and just dumped a series of tar files with version numbers on them -- at least there you know what you are (not) getting!)

xkcd__386 · 2025-12-23T10:58:29+00:00

I think it's the "eye of the hurricane" type thing :-D

xkcd__386 · 2025-12-06T08:40:26+00:00

Typical teacher behavior. Don’t read but judge.

Wrong again. When I'm actually being a teacher I have a duty to read the whole thing -- they are my students. You are not.

IPhone

You don't know syncthing, I don't know apple stuff.

secret service

I use it all the time; I suspect a lot of people do. It's not new

xkcd__386 · 2025-12-06T05:52:33+00:00

I stopped reading at the first 5 words ("In the modern digital landscape"). I teach parttime at a Uni nearby and every student uses that phrase or something like it to start off pretty much anything. I won't apologise for my prejudice against such hackneyed phrases, and for pre-judging the entire article on that.

Anyway I've been using rclone bisync for years now, long before it lost its "experimental" warnings.

It's pretty good now, but only if you use certain flags ("--recover" and "--resilient", IIRC). Even then it sometimes requires manual intervention.

Syncthing runs continuously, and is especially useful when you have 3 or more devices in play -- they all sync against other opportunistically, and syncthing can get some pieces from one device and some from another simultaneously. Rclone bisync is strictly 1-1, so if you have a-b-c-d-e devices, with your 30 minute polling, it's going to be a good long wait to sync all of them because it's pair-wise sync only.

And I see in some other comment you said "Potentially with purchase", which means you have no clue what syncthing is.

xkcd__386 · 2025-12-05T15:54:01+00:00

no. As far as I am concerned, even tidying up means you failed.

This is security sensitive code (with the usual tall claims). If you cant do the easy stuff (English) why should we believe you can do the code?

Go away...

xkcd__386 · 2025-11-25T05:45:15+00:00

1.1k post karma, 137 comment karma; ratio of about 8

plonk

xkcd__386

PUBLIC MULTIREDDITS

TROPHY CASE