66 Matching Annotations
  1. Aug 2022
  2. Jul 2022
    1. General processes and common best practices learned from other Web Content Management projects do not apply and are in many ways obstructions to move quickly and get the best out of Helix.
  3. May 2022
    1. What does an IT Consultant do?

      An IT consultant is a person who offers advice, guidelines and a roadmap for the sourcing, use and management of IT resources and resources. The IT consultant provides organizations with best practices for using IT solutions and services for their business objectives and in solving their problems. He also often gives organizational advice.

    1. memory usage and (lack of) parallelism are concerns

      Memory usage is a concern? wat

      It's a problem, sure, if you're programming the way NPMers do. So don't do that.

      This is a huge problem I've noticed when it comes to people programming in JS—even, bizarrely, people coming from other languages like Java or C# and where you'd expect them to at least try to continue to do things in JS just like they're comfortable doing in their own language. Just because it's there (i.e. possible in the language, e.g. dynamic language features) doesn't mean you have to use it...

      (Relevant: How (and why) developers use the dynamic features of programming languages https://users.dcc.uchile.cl/~rrobbes/p/EMSE-features.pdf)

      The really annoying thing is that the NPM style isn't even idiomatic for the language! So much of what the NodeJS camp does is so clearly done in frustration and the byproduct of a desire to work against the language. Case in point: the absolutely nonsensical attitude about always using triple equals (as if to ward off some evil spirits) and the undeniable contempt that so many have for this.

    1. typeof v === "number"

      Using triple equals to check the results of typeof is totally unnecessary, and a sure sign that someone, somewhere has unthinkingly adopted some dubious advice; it's a code smell/red flag.

      A standard equality comparison (using ==) does exactly the right thing while also avoiding association with questions/doubts about the quality of the surrounding code.

    1. Requirements: Ruby and Bundler should be installed.

      wat

      This site has a total of two pages! Just reify them as proper documents instead of compilation artifacts emitted from an SSG.

  4. Feb 2022
    1. Appendix F: Questions Universities Can Ask Certification Bodies to Assess Quality of Certifications

      These questions (I believe) are coming from a place of validating certifications. Experts publish these as helpful guides to understand if and to what degree certifications are trustworthy. In other words, are they worth the paper they're printed on? In the case of micro-credentials, most questions are likely overkill for the proposal process, etc. Given the central role and importance of TRUST however, perhaps providing a version of these questions to stakeholders seeking to propose micro-credentials could be beneficial in pushing their thinking, or at least centering these themes in their thinking.

    1. “Public research universities are committed to improving the workforce outcomes of their students and to addressing the workforce needs of local economies. This approach can ensure students that their credentials will have value to the labor market, and it can ensure employers that graduates have the skills required to perform in the workplace.”

      For some, this is reasonable and rationale. It's the point of the whole enterprise. Yet for others, this take is controversial, as it may threaten the ideals and/or visions of the purpose of Public Education. These stakeholders may ask, "Is it the job of public education to serve industry's needs by preparing proper cogs for the workforce wheels?" At the same time, others may wonder, "Is public education willfully performing a disservice to our students if our credentials are not valued by employers?"

      These are important questions to ask, and to answer.

  5. Jan 2022
    1. t be issued for unevaluated learning accomplishments, such as the mere completion of a series of tasks, attendance at events, or for learning that has not been assessed, as competency and learning accomplishment evaluation is very important.

      Criteria must be measurable and assessable.

  6. Nov 2021
    1. "The Guide to Social Science Data Preparation and Archiving is aimed at those engaged in the cycle of research, from applying for a research grant, through the data collection phase, and ultimately to preparation of the data for deposit in a public archive: " from tweet

    1. The other commenters are right about the potential solutions. However, it is actually considered a best practice to move the object with the index signature to a nested property.Said differently: No property in the object with the index signature should depart from how the index signature is typed.
  7. Jun 2021
    1. When defining accessors in Ruby, there can be a tension between brevity (which we all love) and best practice.
    2. a principle I use is: If you have an accessor, use the accessor rather than the raw variable or mechanism it's hiding. The raw variable is the implementation, the accessor is the interface. Should I ignore the interface because I'm internal to the instance? I wouldn't if it was an attr_accessor.
    3. I have been wrapping instance variables in accessor methods whenever I can though.
    4. Setting an instance variable by going through a setter is good practice, and using two access modifiers is the way to accomplish that for a read-only instance variable
  8. May 2021
  9. Apr 2021
  10. Mar 2021
    1. Your validation functions should also treat undefined and '' as the same. This is not too difficult since both undefined and '' are falsy in javascript. So a "required" validation rule would just be error = value ? undefined : 'Required'.
    1. here is my set of best practices.I review libraries before adding them to my project. This involves skimming the code or reading it in its entirety if short, skimming the list of its dependencies, and making some quality judgements on liveliness, reliability, and maintainability in case I need to fix things myself. Note that length isn't a factor on its own, but may figure into some of these other estimates. I have on occasion pasted short modules directly into my code because I didn't think their recursive dependencies were justified.I then pin the library version and all of its dependencies with npm-shrinkwrap.Periodically, or when I need specific changes, I use npm-check to review updates. Here, I actually do look at all the changes since my pinned version, through a combination of change and commit logs. I make the call on whether the fixes and improvements outweigh the risk of updating; usually the changes are trivial and the answer is yes, so I update, shrinkwrap, skim the diff, done.I prefer not to pull in dependencies at deploy time, since I don't need the headache of github or npm being down when I need to deploy, and production machines may not have external internet access, let alone toolchains for compiling binary modules. Npm-pack followed by npm-install of the tarball is your friend here, and gets you pretty close to 100% reproducible deploys and rollbacks.This list intentionally has lots of judgement calls and few absolute rules. I don't follow all of them for all of my projects, but it is what I would consider a reasonable process for things that matter.
  11. Feb 2021
    1. step :direct_debit

      I don't think we would/should really want to make this the "success" (Right) path and :credit_card be the "failure" (Left) track.

      Maybe it's okay to repurpose Left and Right for something other than failure/success ... but only if we can actually change the default semantic of those signals/outputs. Is that possible? Maybe there's a way to override or delete the default outputs?

    2. This connects the failure output to the previous task, which might create an infinity loop and waste your computing time - it is solely here for demonstrational purposes.
  12. Jan 2021
    1. For the future, you should: Install LTS (Long-term support) versions as they have an 8-year life span (with Extended Security Maintenance) or 5 years without. The current LTS version is Ubuntu 18.04.1 LTS Bionic Beaver released on July 26, 2018 with an EOL in April 2023. OR Carefully watch the EOL of the interim / development releases and upgrade frequently.
    1. When you use target="_blank" with Links, it is recommended to always set rel="noopener" or rel="noreferrer" when linking to third party content. rel="noopener" prevents the new page from being able to access the window.opener property and ensures it runs in a separate process. Without this, the target page can potentially redirect your page to a malicious URL. rel="noreferrer" has the same effect, but also prevents the Referer header from being sent to the new page. ⚠️ Removing the referrer header will affect analytics.
  13. Nov 2020
  14. Oct 2020
    1. Teaching Tolerance offers some clear practices that can help establish connectedness:

      Are these not "techniques", "exercises", "manoeuvers", from the "front of the room"? I suppose the answer is that technique and leadership are necessary but not sufficient for building community, and that unlike a "best practice" in a controllable process, they may or may not resonate (and thus work) for any given person or group.

  15. Sep 2020
    1. With Svelte, components and files have a one-to-one relationship. Every file is a component, and files can't have more than one component. This is generally a "best practice" when using most component frameworks.
  16. Jul 2020
  17. Jun 2020
    1. On April 24, the U.S. National Security Agency published an advisory document on the security of popular messaging and video conferencing platforms. The NSA document “provides a snapshot of best practices,” it says, “coordinated with the Department of Homeland Security.” The NSA goes on to say that it “provides simple, actionable, considerations for individual government users—allowing its workforce to operate remotely using personal devices when deemed to be in the best interests of the health and welfare of its workforce and the nation.” Again somewhat awkwardly, the NSA awarded top marks to WhatsApp, Wickr and Signal, the three platforms that are the strongest advocates of end-to-end message encryption. Just to emphasize the point, the first criteria against which NSA marked the various platforms was, you guessed it, end-to-end encryption.
  18. Apr 2020
    1. it reminds me of IT security best practices. Based on experience and the lessons we have learned in the history of IT security, we have come up with some basic rules that, when followed, go a long way to preventing serious problems later.
    2. The fact is that it doesn’t matter if you can see the threat or not, and it doesn’t matter if the flaw ever leads to a vulnerability. You just always follow the core rules and everything else seems to fall into place.
    1. One suggestion is to check user's passwords when they log in and you have the plain text password to hand. That way you can also take them through a reset password flow as they log in if their password has been pwned.
    1. In 2017 NIST (National Institute of Standards and Technology) as part of their digital identity guidelines recommended that user passwords are checked against existing public breaches of data. The idea is that if a password has appeared in a data breach before then it is deemed compromised and should not be used. Of course, the recommendations include the use of two factor authentication to protect user accounts too.
    1. When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised.
  19. Feb 2020
    1. Do Browse like a user wouldTake natural pauses that users would take to consume page contentFocus on the most common use cases, rather than all the possible use casesTake note of pages where forms/logins occur, you will likely need to complete some scripting there
  20. Nov 2019
    1. Published by the American Sociological Association, the article addresses best practices for meeting the needs of military students in sociology classes in higher education. Drawing on Knowles' andragogy, the authors give tips for course organization, feedback, content, and communication.

      9/10

  21. Oct 2019
    1. Yes, absolutely, no two projects are alike. This step is moving towards a direction where we have a set of best practices for webpack isolated in a bundled package and can be maintained in isolation without impacting upgrades or end-user experience. If you have seen next.js or create-react-app they sort of do they same thing for ease and maintainability. Rails is a great example for this - there are some built-in best practices, opinionated defaults and gems that are hidden behind the scene plus power to do advance things where needed.
  22. Apr 2019
    1. Two commonly used change strategies are clearly not effective: developing and testing “best practice” curricular materials and then making these materials available to other faculty and “top‐down” policy‐making meant to influence instructional practices.

      Would this be predicted by the Cynefin framework? Teaching problems are rarely obvious enough for "best" practices; "better" practices may be the best we can hope for.

  23. Jul 2017
    1. (It's usually a mistake to pass back the concrete type of an error rather than error, for reasons discussed in the Go FAQ, but it's the right thing to do here because ServeHTTP is the only place that sees the value and uses its contents.)

      Good clarifying comment on when to pass back the concrete type of an error.

  24. Jan 2017
    1. Component classes should be lean. They don't fetch data from the server, validate user input, or log directly to the console. They delegate such tasks to services.

      A really good point! Lean-ness is something to strive for.

  25. Oct 2016
  26. Feb 2014
    1. For example, imagine you are annotating the second page of a New York Times article. You probably want to see your annotation when you are looking at the article later as a single page, right? Or perhaps you've annotated the HTML for a PLOS ONE article. Wouldn't you like to see those annotations when you are looking at the PDF version of the same article? If annotations were only associated with the URL you happened to be looking at in your browser then the scenarios above would not work, because the documents being annotated all have different URLs.

      Publisher Best Practices is a great idea that I would like to see codified in the authoring and publishing tools to make the practices commonplace by default.

      I would like to mix PBP with other techniques, though, for richer connection between source and rendering-- I have some source mapping ideas that make it possible to keep annotations linked even as the original source is edited over time.