Yeah I see what you're saying. In my case, I had a group of classes that relied on each other but they were all part of one conceptual "module" so I made a new file that imports and exposes all of them. In that new file I put the imports in the right order and made sure no code accesses the classes except through the new interface.

Doing so also means adding empty import statements to guarantee correct order of evaluation of modules (in ES modules, evaluation order is determined statically by the order of import declarations, whereas in CommonJS – and environments that simulate CommonJS by shipping a module loader, i.e. Browserify and Webpack – evaluation order is determined at runtime by the order in which require statements are encountered).

Specifically, since Root, Rule and AtRule all extend Container, it's essential that Container is evaluated (and therefore, in the context of a Rollup bundle, included) first. In order to do this, input.js (which is the 'gateway' to all the PostCSS stuff) must import root.js, root.js must import rule.js before it imports container.js, and rule.js must import at-rule.js before it imports container.js. Having those imports ensures that container.js doesn't then try to place Root, Rule or AtRule ahead of itself in the bundle.

Replaced nested `require` statements with `import` declarations for the sake of a leaner bundle. This entails adding empty imports to three files to guarantee correct ordering – see https://github.com/styled-components/styled-components/pull/100

Modules from the following layer can require anything from all the previous layers, but not vice versa.

Any software that makes HTTP requests to other sites should make it straightforward to enable the use of a cache.

Note that the <WarningEngine/> component must be at the bottom of the form to guarantee that all the fields have registered.

Wondering how to get field state from multiple fields at once? People coming from Redux-Form might be wondering where the equivalent of Redux Form's Fields component is, as a way to get state from several fields at once. The answer is that it's not included in the library because it's so easy to write one recursively composing Field components together.

Use ponyfill.com for linking here.

formvalidation: path.resolve

import luhn from 'formvalidation/algorithms/luhn';

Once again, this isn’t good or bad, it’s just the most efficient way to create something that is similar to something else

I'm okay with an overall design that allows people to plugin the parts they need in order to be able to generically support a compile-to-javascript language, but to bake in support for one singular solution because its popular is simply bad engineering.

Of all the compile-to-languages, the one that strikes me as having the least merit is JSX. It's basically a ton of added complexity for the sake of what boils down to syntax. There are no real gains in terms of language semantics in JSX.

Furthermore, JSX encourages bad non-dry code. Having seen a lot of JSX over the past few months, its encourages copypasta coding.

For event listeners we support the standard jsx naming convention onEventname (this is converted to on:eventname in svelte) as well.

An onevent event handler property serves as a placeholder of sorts, to which a single event handler can be assigned. In order to allow multiple handlers to be installed for the same event on a given object, you can call its addEventListener() method, which manages a list of handlers for the given event on the object.

However, in practice I do not think these tradeoffs are enough to justify logic-less templates.

Cons aren't covered by pros.

An alternative (maybe not good) would be to restrict {@const} to certain blocks like {#each} and {#if}. In both cases, it significantly reduces the "multiple ways to do the same thing" problem and avoids ergonomic and performance overhead of our current situation.

it also allows for more divergence in how people write there code and where they put their logic, making different svelte codebases potentially even more different due to fewer constraints. This last point is actually something I really value, I read a lot of Svelte code by a lot of different people and broadly speaking things look the same and are in the same places.

Svelte should make something like useEffect part of the framework so that this could work better and be less verbose.

I do like the direction Svelte is heading but I think this is one area that could be improved.

I'm suggesting there should be a way to write lifecycle related code that also responds to changing props, like how useEffect works. I think how React handles this could be a good source of inspiration.

I think it just needs a few changes, possibly non-breaking additions, to be as powerful as hooks, when it comes to abstracting lifecycle related logic, and making it easy to keep effects in sync with props.

I'm not sure I understand the problem, everything you are describing is already possible.

If Svelte came up with some kind of hooks like API maybe it could solve both these issues at once.

It provides several capabilities that are difficult to achieve with React alone, while being compatible with the newest features of React.

For reasons of compatibility and simplicity, it's best to use React's built-in state management capabilities rather than external global state.

I’d still be interested in Svelte making things easier so I’ve opened a feature request for Reactive statement cleanup functions.

Disclaimer: I’m new to Svelte so this isn’t so much a recommendation as it is a “I guess this is a way to do it 🤷‍♂️”

A “solution” to GR is more like a model in logic: it may satisfy a theory’s axioms but have other properties that are contingent (unless the theory is categorical, meaning that all of its models are isomorphic).

Solid supports templating in 3 forms JSX, Tagged Template Literals, and Solid's HyperScript variant.

People constantly suggest that I should have just worked with a different library instead of writing another one.

It was clear no one was interested in what I was working towards.

Very few were interested in furthering the platform in the places they just took for granted.

but everything they were doing started to make sense

Do we need another JS UI Library?

React does not attempt to provide a complete "application library". It is designed specifically for building user interfaces[3] and therefore does not include many of the tools some developers might consider necessary to build an application.

The $: can also be used to trigger effects.

We can run effects when some data changes using watchEffect - it takes a function that runs whenever a reactive value used inside changes.

There's one downside to Reacts reactivity model - the hooks (useState and useEffect) have to always be called in the same order and you can't put them inside an if block.

createState and createSignal are improvements over React's useState as it doesn't depend on the order of calls.

MobX - for me personally MobX is a far better way to manage state than React Hooks. It doesn't care about the UI layer so it can be used outside the React ecosystem, and it's simple to mutate data.

Confidence to express ignorance is a super power. One good way I hone this skill is by saying “Nothing to add” when I have nothing to add, instead of repeating what other people said.

I don't even have it on my PC. That's why I didn't test the code myself. Don't have time for everything in this world

PR’s welcome. As I said I don’t have bandwidth to cross check all the bundlers & transpilers combo.

This library exports a single React Hook, useMethods, which has all the power of useReducer but none of the ceremony that comes with actions and dispatchers.

r self-r

A Kind Word for Bullshit: The Problem of Academic Writin

Since this issue seems to pop up periodically, it would be useful to turn this into a warning. It may not be elegant, but it prevents surprise blank screens due to a navigation error.

do I really have to do something like that in order to have my local modules working? it's quite impracticable to explain it to a team! there's nothing a little bit more straightforward?

page components can have an optional preload function that will load some data that the page depends on. This is similar to getInitialProps in Next.js or asyncData in Nuxt.js.

It is showed as an error, but it is a warning as it doesn't break anything. I hate having warning/error in my console not coming from me. It is not justified as it's not bad practice imho

setContext / getContext can only be used once at component init, so how do you share your API result through context? Related: how would you share those API results if the call was made outside of a Svelte component, where setContext would be even more out of the question (and the API call would arguably be better located, for separation of concerns matters)? Well, put a store in your context.

let:hovering={active}

let:active={hovering}

The benefit of this approach is that rather than having these defaults and fighting against them, it’s fully up to you to decide how to handle everything.

Rollup also does something very different compared to the other bundlers. It only tries to achieve one simple goal: Bundle ES modules together and optimise the bundle.

Unfortunately, many third party libraries, even though they are written in ESM, are published to npm as CJS modules, so we still need to concatenate them.

There are two ways of handling this with Rollup, as described by the troubleshooting link from the warning. Unfortunately, both Rollup and React recommend the wrong one.

Luckily, there is absolutely no good reason not to use strict mode for everything — so the solution to this problem is to lobby the authors of those modules to update them.

DX: start sapper project; configure eslint; eslint say that svelt should be dep; update package.json; build fails with crypt error; try to figure what the hell; google it; come here (if you have luck); revert package.json; add ignore error to eslint; Maybe we should offer better solution for this.

When the message say function was called outside component initialization first will look at my code and last at my configuration.

The recommended solution for onMount is the same as for useEffect — place an async function inside the handler

There are work arounds, but nothing clean. I just feel like this should be functionality that should be part of the slot feature.

If you want this control then wrap them in a DOM node that the parent controls. If you want to pass in values then use props and if you want to pass in values from higher up the tree, the new style RFC may be able to help.

I think Svelte's approach where it replaces component instances with the component markup is vastly superior to Angular and the other frameworks. It gives the developer more control over what the DOM structure looks like at runtime—which means better performance and fewer CSS headaches, and also allows the developer to create very powerful recursive components.

They don't need to add a prop for every action. The action itself can be passed in as a prop. <script> export let action; </script> <div use:action>whatever</div> The argument for the action can be another prop or can be part of the same prop.

Lets not extend the framework with yet another syntax

I totally get not wanting to extend the syntax. I tried doing these things and in practice it was not easy or pretty. Actions provide a much cleaner and easier way to accomplish a certain set of functionality that would be much more difficult without it.

Why not just do something like this?

You must: reference each element you are extending using refs or an id add code in your oncreate and ondestroy for each element you are extending, which could become quite a lot if you have a lot of elements needing extension (anchors, form inputs, etc.)

This can and should be done with other components, IMHO.

Any reason adding bind:foo to the <Outer/> element doesn't work for this case?

The feature is highly likely to be implemented, the API and implementation are the only real topics of discussion right now.

You should install the packages individually. Alternatively, you can install all of them at once with the svelte-material-ui package.

(At the point at which it does make sense to turn this into a separate Tooltip.svelte component, the extraction is a completely mechanical process that could even be automated by tooling.)

6to5 attempted to ship a quick and dirty TDZ static checking feature but had to retract it immediately afterwards due to various bugs in the algorithm.

But what we should ask is "can we do better than the others".

But this is a case where it feels like we're papering over a deficiency in our language, and is the sort of thing detractors might well point to and say 'ha! see?'.

There are tools in Svelte that break this expectation to a degree, but they are a bit annoying to use, which makes it an active decision on the part of the developer. The API hints at the way we want you to do things because we feel that this will give the better experience.

Most of the linked issues, as well as this RFC, attempt to solve this problem by relaxing Svelte's CSS scoping rules, providing a better API with which to use global, or by manually passing down classes. We have never found this to be an acceptable solution which is why those issues have been closed. That position has not changed.

Or if we formally took a stance that the class prop is THE ordained way to pass class attributes, though I don't think this functionality warrants this restriction.

If your reaction to the video was 'fine, but if we use TypeScript and write plugins for each editor then we can get all the autocomplete and syntax highlighting stuff' — in other words, if you believe that in order to achieve parity with CSS it makes sense to build, document, promote and maintain a fleet of ancillary projects — then, well, you and I may never see eye to eye!

React doesn’t provide something like ng-class, but there is a great library called classnames that does the same and more. Install it:

GTD strategies

"that text has been removed from the official version on the Apache site." This itself is also not good. If you post "official" records but then quietly edit them over time, I have no choice but to assume bad faith in all the records I'm shown by you. Why should I believe anything Apache board members claim was "minuted" but which in fact it turns out they might have just edited into their records days, weeks or years later? One of the things I particularly watch for in modern news media (where no physical artefact captures whatever "mistakes" are published as once happened with newspapers) is whether when they inevitably correct a mistake they _acknowledge_ that or they instead just silently change things.

The second situation occurs when a person says unpleasant things about another when he or she ought to have known they are false. A reasonable person generally refrains from sharing negative information about others if he or she has reason to doubt its veracity.

The meta charset information must also be the first child of the <head> tag. The reason this tag must be first is to avoid re-interpreting content that was added before the meta charset tag.

Ultimately though, I'd say the file structure that makes the most sense for your i18n workflow is the best one.

While the modifying version will occasionally be useful, in general, we should gently push people towards using non-modifying code.

Matz, alas, I cannot offer one. You see, Ruby--coding generally--is just a hobby for me. I spend a fair bit of time answering Ruby questions on SO and would have reached for this method on many occasions had it been available. Perhaps readers with development experience (everybody but me?) could reflect on whether this method would have been useful in projects they've worked on.

[vérifier référence]

OK, so what about regular messages? Turns out they are not encrypted after all. Where Signal implements the security and privacy protocols right from the start, Telegram separates the two and offers an additional option. The problem is that not everyone is aware of the Secret Chat option and first-time users may send sensitive information in the regular chat window unknowingly.

doing the wrong thing quickly is a good way to bankrupt us and our customers

The order is important.

there’s 3 steps to building software: Make it work Make it right Make it fast

echo "${BASH_REMATCH[1]/:\/\//://gitlab-ci-token:${GL_TOKEN:-$GITLAB_TOKEN}@}" > $HOME/.config/git/credentials

git config --global credential.helper store

Pipes are great for taking output of one command and transforming it using other commands like jq. They’re a key part of the Unix philosophy of “small sharp tools”: since commands can be chained together with pipes, each command only needs to do one thing and then hand it off to another command.

By putting our data in the corporate cloud, we are that kid. We are giving corporations and governments a way to see where we are looking towards, and they can predict our future and decide whether and how to intervene or subvert.

From a game theoretic standpoint, we’ve already lost. Too many of our civil society adversaries have too much of our data, and we have so little of theirs.

This corpus became the largest collection of English language data in the world

We believe everyone deserves to report to exactly one person that knows and understands what you do day to day. The benefit of having a technically competent manager is easily the largest positive influence on a typical worker’s level of job satisfaction. We have a simple functional hierarchy, everyone has one manager that is experienced in their subject matter.

If we can encourage people to create clean commits as they go, the example as you showed above should be far less common, because cleaning up such history as an after-math is most of the time almost impossible.

Studying the masters will help you understand how all copywriting elements fit together.

The "'strict-dynamic'" source expression aims to make Content Security Policy simpler to deploy for existing applications who have a high degree of confidence in the scripts they load directly, but low confidence in their ability to provide a reasonable list of resources to load up front.

It even proclaims that "the processing of personal data should be designed to serve mankind."

If you're wearing the same shoes as I have so many times before where you're trying to make yourself heard and do what you ultimately believe is in the organisation's best interests

What we actually want to do is to escape content if it is unsafe, but leave it unescaped if it is safe. To achieve this we can simply use SafeBuffer's concatenation behavior:

Our helper still returns a safe string, but correctly escapes content if it is unsafe. Note how much more flexible our group helper has become because it now works as expected with both safe and unsafe arguments. We can now leave it up to the caller whether to mark input as safe or not, and we no longer need to make any assumptions about the safeness of content.

The only goal is correctness. Code style is not a consideration. Providing the level of configuration necessary to make everyone happy would be a huge distraction from the main purpose. After conversion, I recommend using rubocop's awesome --auto-correct feature to apply your preferred code style.

You see entropy is information leaking. When it comes to passwords (and secure systems in general) you want to leak as little information as possible. Otherwise an attacker has information they can use to their advantage.

Download the billions of breached passwords and blacklist them all. Attackers have a copy; so should you.

it reminds me of IT security best practices. Based on experience and the lessons we have learned in the history of IT security, we have come up with some basic rules that, when followed, go a long way to preventing serious problems later.

The fact is that it doesn’t matter if you can see the threat or not, and it doesn’t matter if the flaw ever leads to a vulnerability. You just always follow the core rules and everything else seems to fall into place.

This isn’t the first time Kerckhoffs’ Principle has come up. I specifically discussed it when talking about creating good, strong Master Passwords, when I said that we should use a system for coming up with Master Passwords that doesn’t lose its strength if the attacker knows the system that we used

Kerckhoffs’ Principle states that you should assume that your adversary knows as much about the system you use as you do. This is why – despite what I may have said on April Fools Day last year – security experts are skeptical of security systems that hide the details of how they operate. They are particularly skeptical of systems that derive their security from keeping the details of how they work secret. I could go on at great length about why openness about the system improves security. Indeed, my first draft of this article did go on at great length.

"the enemy knows the system"

"one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them"

Falcon tries to do as little as possible while remaining highly effective.

The handler can be a method or a Proc object passed to the :with option. You can also use a block directly instead of an explicit Proc object.