36 Matching Annotations
  1. Nov 2023
    1. Implement restrictive defaults (potentially allowing an explicit bypass) I understand that easy usability and rich out-of-the-box functionality is likely essential to this library's appeal to its users. Nevertheless I'd like to propose making the authorization properties ransackable_[attributes/associations/etc.] empty sets by default, forcing the developer to explicitly define whitelists for their use case. To soften the usability blow, a new ransack_unsafe(params[:q]) or ransack_explicit(params[:q], ransackable_attributes='*', ransackable_associations=(:post, :comment)) method could be introduced to offer developers a shorthand to bypass or override the whitelists for specific queries (after they've had to read a warning about why these methods can be dangerous).
  2. Jun 2023
  3. Apr 2022
  4. Jan 2022
  5. Aug 2021
    1. 3. The no-keyword-arguments syntax (**nil) is introduced You can use **nil in a method definition to explicitly mark the method accepts no keyword arguments. Calling such methods with keyword arguments will result in an ArgumentError. (This is actually a new feature, not an incompatibility)
    2. This is useful to make it explicit that the method does not accept keyword arguments. Otherwise, the keywords are absorbed in the rest argument in the above example.
    3. You need to explicitly delegate keyword arguments. def foo(*args, **kwargs, &block) target(*args, **kwargs, &block) end
    4. foo({}, **{}) #=> Ruby 2.7: [{}] (You can pass {} by explicitly passing "no" keywords)
  6. Jun 2021
    1. Prettier intentionally doesn’t support any kind of global configuration. This is to make sure that when a project is copied to another computer, Prettier’s behavior stays the same. Otherwise, Prettier wouldn’t be able to guarantee that everybody in a team gets the same consistent results.
  7. May 2021
    1. If your python3 executable is named "python" instead of "python3" (this particularly appears to affect a number of Windows users), then you'll also need to modify the first line of git-filter-repo to replace "python3" with "python".
    1. --tag-rename '':'my-module-' (the single quotes are unnecessary, but make it clearer to a human that we are replacing the empty string as a prefix with my-module-)
  8. Apr 2021
    1. Explicit affordances are obvious, perceptual features of an item that clue you in on how it is to be used. With explicit affordances, physical appearance and any accompanying language or text inform the user of how an object is to be used.
  9. Mar 2021
    1. I like this approach more because I can scan the code that renders the Box component and easily spot that it takes two children. If the Box took any props, they'd be within the opening <Box> tag, and they would be distinct from any children props.
    1. the explicit modelling has one massive advantage: all possible outcomes of the nested activity are visible and have to be connected in the outer diagram
  10. Feb 2021
    1. To understand this helper, you should understand that every step invocation calls Output() for you behind the scenes. The following DSL use is identical to the one [above]. class Execute < Trailblazer::Activity::Railway step :find_provider, Output(Trailblazer::Activity::Left, :failure) => Track(:failure), Output(Trailblazer::Activity::Right, :success) => Track(:success)
    1. Because the Berne Convention in most countries by default grants copyright holders monopolistic control over their creations, copyright content must be explicitly declared free, usually by the referencing or inclusion of licensing statements from within the work.
  11. Dec 2020
  12. Nov 2020
    1. This decorators proposal is based on a common model where each decorator affects just one syntactic element--either a field, or a method, or a getter, or setter, or a class. It is immediately visible what is being decorated.
    1. There are several built-in modules — math, color, string, list, map, selector, and meta — which have to be imported explicitly in a file before they are used:
    2. In brief, @import is being replaced with more explicit @use and @forward rules. Over the next few years Sass @import will be deprecated, and then removed.
  13. Oct 2020
  14. Sep 2020
    1. Explicit interfaces are preferable, even if it places greater demand on library authors to design both their components and their style interfaces with these things in mind.
    2. Web developers are well aware of the mess you can get into with global CSS, and the action of writing <Child class="foo"/> and <div class={_class}>` (or similar) in the child component is an explicit indication that, while taking advantage of all the greatness of style encapsulation by default, in this case you have decided that you want a very specific and controlled "leak", of one class, from one component instance to one component instance.
  15. May 2020
    1. Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.
    1. Does a China-based company selling goods over a website only drafted in Chinese need to comply with the GDPR just because it’s possible, from a practical point of view, that some EU-based Chinese persons might purchase something from it? In principle we’d say no, unless it can be proven, that the company is doing relevant business with EU-based customers, or is addressing them expressly (for instance, by informing that “delivery to the EU” or “payment from an EU bank account” are possible etc.).
  16. Mar 2020
    1. these active behaviors may include continued browsing, clicking, scrolling the page or some method that requires the user to actively proceed; this is somewhat left up to your discretion. Some website/app owners may favor a click-to-consent method over scrolling/continued-browsing methods as the former is less likely to be performed by user error.
    1. Rather than using NFS for this task, use explicit data duplication, via one of the long-established mechanisms designed for this purpose.
  17. Feb 2020
    1. just ask the question directly, and the person will respond asynchronously. If you truly need to have a synchronous communication, then start by asking for that explicitly, while mentioning the subject. e.g., "I'm having trouble understanding issue #x, can we talk about it quickly?"