More

afiori · 2025-06-14T20:01:57 1749931317

It would be nice to have them auto-generated in the source, like a autofixable lint rule where the compiler add the annotations to your source code.

afiori · 2025-06-13T18:58:06 1749841086

How do you distinguish a tuple with both positional and named fields from a tuple that has a record as a field

Like how do you write the type of (1, {sum:2}) ? Is it different from (1 , sum :2)?

munificent · 2025-06-13T21:02:01 1749848521

The syntax is a little funny for mostly historical reasons. The curly braces are only part of the record type syntax. There's no ambiguity there because curly braces aren't used for anything else in type annotations (well, except for named parameters inside a function type's parameter list, but that's a different part of the grammar).

afiori · 2025-06-14T08:55:27 1749891327

so my examples would be (1, (sum:2)) and (1, sum:2)?

munificent · 2025-06-14T20:07:13 1749931633

Yes, exactly.

afiori · 2025-06-13T09:16:11 1749806171

"password too long" for password shorter than a megabyte is the most idiotic error ever created.

It only makes sense in HTTP basicauth and other system that keep plaintext passwords.

afiori · 2025-06-12T21:45:09 1749764709

I would not want a picture of my family as the default wallpaper of a global OS with millions of installs

afiori · 2025-06-07T10:25:21 1749291921

Protected pages are a feature of all wikis

afiori · 2025-06-07T07:21:10 1749280870

Do LLMs inference engines have a way to seed their randomness? so tho have reproducible outputs with still some variance if desired?

bavell · 2025-06-07T20:58:59 1749329939

Yes, although it's not always exposed to the end user of LLM providers.

afiori · 2025-06-05T15:49:11 1749138551

A WebSocket starts as a normal http request, so it is subject to cors if the initial request was (eg if it was a post)

hnav · 2025-06-05T17:23:49 1749144229

websockets aren't subject to CORS, they send the initiating webpage in the Origin header but the server has to decide whether that's allowed.

odo1242 · 2025-06-05T16:25:31 1749140731

Unfortunately, the initial WebSocket HTTP request is defined to always be a GET request.

afiori · 2025-06-04T23:30:17 1749079817

I completely agree with the author but during my brief presence in academia I discovered (was told by someone I trusted who claimed to have seen it) that some subfields of biology liked how publishers helped with typesetting and proofreading.

I was surprised

afiori · 2025-06-04T18:24:22 1749061462

Kernel level exploits are more dangerous but also way less common, for a lot of places docker is sorta okay as a security boundary

ta1243 · 2025-06-04T19:17:05 1749064625

It's layers. Docker is better than nothing, but a VM is better still, and even better is docker on a dedicated VM on dedicated hardware on a dedicated network segment.

mschuster91 · 2025-06-04T20:25:54 1749068754

That's sacrificing an awful lot of latency cost for each transcode job though.

xxpor · 2025-06-04T22:56:19 1749077779

Firecracker says it can start a VM in 125 ms, for most transcode jobs that seems like it'd be a trivial cost.

ethersteeds · 2025-06-04T21:32:21 1749072741

Each job sends a provisioning ticket to a thermal printer. 1 business day turnaround, unless we need to order more servers

afiori · 2025-06-04T21:07:28 1749071248

To make a bit of a strawman of what you are saying even better still would be an unplugged power cable as a turned off machine is (mostly) unhackable.

To be more serious seurity is often in conflict with simplicity, efficiency, usability, and many other good things.

A baseline level of security (and avoidance of insecurities) should be expected everywhere, docker allows many places to easily reach it and is often a good enough tradeoff for many realities.

endre · 2025-06-04T21:15:24 1749071724

that escalated quickly.

but I agree.

afiori · 2025-05-26T18:07:24 1748282844

Imho the complexity and cost of having super short-lived access tokens is worse than eating up 1 more per-request db lookup