Build a CLI for it (or a web UI)

Just remember that you can always add more, but you can’t take it away.

How Prisma will rewrite their Rust engine into typescript. It will make the code simpler than the current heavy solution.

To simulate unsupported CSS rules: delete them.

Providing fallback is as easy as providing multiple values for the same property: the first the most supported, then going to the last value.

In other situations, we might want to apply an alternative set of styles when a feature is unsupported. We can use the @supports at-rule for this.

The goal isn’t to produce exactly the same UI for all users. The goal is to provide a reasonable fallback experience.

2. browser breakdown

The statistics come from caniuse, that uses the web analystics statcounter. For each website, the audience will be different. Joshwcomeau notes that there are 4.1% more Firefox users visiting his website.

It leads to the potential harm: Is it OK to break the user experience for 1% of users? What is the potential harm caused by a broken experience?
To answer this question in business, this is a cost question: is it worth it? On the contrary, essential services such as a booking vaccine service needs to be as widely supported as possible.

Pro tip for media queries: using min-width container queries only will display at worse the mobile view.

JSON feeds is the best? It has more features.

By heart the RSS and Atom for HTMLishness.

Especially when things like XSLT (Extensible Stylesheet Language Transformations) come into the mix and your feed becomes a lovely looking web page!

everyone trying to convince me that AI will replace all of the software jobs within the next few years has to get past the obstacle that they always seem to be the same people who were trying to convince me that I’d be going around spending crypto rather than fiat currency “within the next few years” quite a bit more than a few years ago now

Elon Musk finance les partis d'extrême-droite.

La note du Hollandais Volant à ce sujet: https://lehollandaisvolant.net/?id=20241220183727

Ainsi que l'article de Politico https://www.politico.eu/article/elon-musk-endorses-germanys-far-right/

(via https://social.sciences.re/@DamienPetermann/113678302111236791)

A great TLDR

::target-text for text highlighted by a URL among other things

« David Lisnard veut expulser de son logement social la famille d'un homme ayant insulté la police . »

Rien ne va dans cette information.

Instead of hash functions to store password, use Password-Based Key Derivation Functions (PBKDF) such as Argon2id.

bcrypt should be avoided due to its huge footgun: it truncates inputs longer than 72 characters. Okta AD/LDAP was vulnerable because of it.

Checksum functions such as CRC32 and xxh3 are optimized for pure speed and don't provide any security guarantees about their output, and it's easy to find collisions for a given checksum.

In 2024 based on I/O speed, a hash function with a throughput of 1 GB / s / core is considered fast enough for most use cases.

I skip the speed part because it is not relevant for me: 100MB/s or 1GB/s does not make much difference.

SHA3 and the BLAKE family which produced secures hash functions that are also misuse resistant.

A strength >= 128 bits is considered secure. The security agencies recommendation are a bit different. Hash length ranges from 256 (NIST) to 512 (ECRYPT-CSA).

SHA3 has many functions, SHA2 is vulnerable to length extension attacks (secret || message) but BLAKE3 has none of these issues.

Post-Quantum security from Grover's algorithm divides by 2 the preimage and 2nd-preimage resistance. The BHT algorithm predicts however that a quantum computer can find a collision in $2^{\mathrm{<mfrac><mtext>n</mtext><mtext>3</mtext></mfrac>}}$ operations instead of 2^n/2

So SHA2 for convenience or BLAKE for the rest. There is only C and Rust that have official support for BLAKE though.

Example code is often simple because it lives in a idealized world. Use defensive programming to relates possible errors.

Scaling to power of 10s is challenging. As harmful to build for the system for the future as it is to build an inefficient system for the present.

Sources of complexity:

1. leaky abstractions
2. model/reality gaps: first and lastnames; unicode...
   • fix it, hack around it or ignore the problem
3. hyperspace: multiple runtimes, various screen sizes, multiple network speed, multiple version, etc...
   • example: 3 browsers with their 4 last versions each, 3 screen sizes on 3 platforms = 108 combinations
   • try to unify the environment: electron apps. Avoid NxM complexity.
4. Complexity (homeostatis) over time
   • some people tolerate more or less complexity
   • a valuable system is worth putting up with more pain (resources, ...)

Software architecture degrades [with] changes made to the software...
Find dependencies and eliminate them
Complexity isn't always bad! i.e. Legend of Zelda Breath of the Wild's "chemistry engine"

Living with complications

• The Gordian Knot: solve your problems by changing the rules.
• Just start over
• Do less with less (reduce scope)

A head-start at the author's company?

• Local-first software: runs on your computer, but collaborates with other people.
  • In-browser with IndexedDB
• Automerge (with portable versioned JSON-like data structure)

what’s the right number of hours to work in a week

is a question behind work/life balance.

Longer days

there is a mounting body of evidence showing correlation between number of hours worked and decline in both mental health and physical health

Longer workweeks

A friend of mine who read an earlier draft of this article also made the excellent point that 2 hours at work often aren’t equivalent to 2 hours at home

Burnout

The graphs above show that you can indeed get more stuff done by working more, but only up to a point. Beyond that point, you end up with a compounding negative return. But therein also lies a clue: crunch time is fine as long as there is a recovery period afterwards.

Exerting back-pressure

Perversely, this happens more in companies where the employees feel particularly dedicated to the company’s work; employees absorb more work and tighter deadlines by working harder because they care about what they’re working towards.

I want to stress that back-pressure does not mean “just say no”. Instead, effective back-pressure is all about negotiation. [...] when you’re near capacity and someone approaches you with more work, you should present them with what work would need to be dropped in order to take on their work instead.

Working smarter

The first is to get a given thing done faster.
The second is to better choose the order in which you do things such that your time is spent where it matters most. [...] The most needed; is blocking other people; or the closest to completion.
The third is to be more cognisant of what you work on.
the fourth is to be strategic about when you work.

As a wise mentor of mine has pointed out repeatedly to me, working smarter helps, but the real superpower is resting smarter. [...] The important thing is that you feel like that time is replenishing the same batteries you exhaust at work.

Finding the time

The important thing is that you feel like that time is replenishing the same batteries you exhaust at work.

Le lien redirige vers la page de connexion de la CNIL afin de déposer facilement des plaintes.

(via https://firefish.imirhil.fr/notes/a21vfsld53ku037t)

There are many approaches.
One solution is to set the color-schema CSS property color-scheme: light dark; then use the light-dark function.

But did you know that you can also set the media attribute to conditionally load and apply CSS based on user preferences? Such as media="(prefers-color-scheme: light)"

This media attribute can also be set in JS too, in order to load the proper stylesheet.

Shaarli is a kind of link blog

A summary of comments about maintaining projects over decades

About documentation:

This does not tell you however WHY things are like this. What is the idea behind how the system works? Is there a philosophy? Is there a specific reason why we do these non-obvious things? Why is the solution split up the way it is?

code definitely needs comments. Especially why a function is like that. Other feedback was to work on commit messages

• very few people seem to be concerned about the mathematical facts
• bitcoin is no money (medium of exchange, measure of value and a store of value=
• as I write this, bitcoin is down to only 53.9% of the value of the total cryptocurrency market. The percentage has been falling since the second cryptocurrency was created.
• many people don't understand that the bitcoin blockchain and the rules associated with it are defined entirely by the software.
• "as developer Gavin Andresen put it in 2015, Bitcoin’s design and evolution 'really comes down to, what code are people running, and how influential are the people who are running the code?" - article on coindesk.com
  • Given that governments are rapidly buying billions of dollars worth of bitcoins (which could be increased to trillions) and are becoming the new bitcoin whales, they now have a say in what changes can be made to the bitcoin software. They could buy enough bitcoin to take control of it and then decide to change the software.

A collection of projects using SQLite

Il a fallu remettre certains systèmes d'équerre pour que les futures mises à jour soient plus rapides.

"Faire bien" du premier coup, c'est mission impossible avant d'avoir fait le tour du métier assez longtemps.

C'était soit ça, soit construire sur des sables mouvants.

Le besoin de simplicité pour prendre des billets de train n'a jamais été aussi grand.

This is a playground for learning and testing CSS selectors in a visual way. Start by selecting a playground or let's start with a random selector.

(via https://mas.to/@markwyner/113683573348550997)

« We reviewed this with our external lawyers »

but what we are saying is wrong because it does not follow the GDPR.

Someone proudly posted in Astro Discord how they figured out how to feed Astro docs to their LLM, then proceeded to show its instructions to "get started with Astro"... which were not just worse than our recommended, but WRONG. Like, you'd FAIL. And I saw it in a heart beat.

Never been happier to be an old woman, "just working on docs", who will never be taken seriously in this industry anyway so I can yell that your LLMs are shit, and I don't have to care what the sensitive tech bros think.

On single-purpose pages containing forms.

Such as login, signup, password reset or 2FA pages.

There are some cases to avoid such as a login form with the use of social logins (Google, GitHub, and the like) and you don't know which one they'll use don't add an autofocus.

Essentially [Carrier-Grade Network Address Translations] allow the ISP to assign a single IPv4 address to multiple customers.

[A CGNAT] creates challenges trying to remotely access resources on my home network externally

You can usually tell if you're behind a CGNAT if your IP address is in a private IPv4 address range. [] ... Another method is running traceroute with your public facing IP address. [...] If there's more than one hop, then you're likely behind a CGNAT.

If you're unfortunate enough to be behind a CGNAT, you can sometimes request a static IP from your ISP (usually at a cost). However, there are options to access resources on your home network, such as using a Cloudflare Tunnel.