Implement restrictive defaults (potentially allowing an explicit bypass) I understand that easy usability and rich out-of-the-box functionality is likely essential to this library's appeal to its users. Nevertheless I'd like to propose making the authorization properties ransackable_[attributes/associations/etc.] empty sets by default, forcing the developer to explicitly define whitelists for their use case. To soften the usability blow, a new ransack_unsafe(params[:q]) or ransack_explicit(params[:q], ransackable_attributes='*', ransackable_associations=(:post, :comment)) method could be introduced to offer developers a shorthand to bypass or override the whitelists for specific queries (after they've had to read a warning about why these methods can be dangerous).

Anything that isn't explicitly enforced by contract is vulnerable to misunderstandings. It's doing your teammates a great service, and reducing everyone's effort, by eliminating ambiguity and enforcing information flow by design.

Explicitly defining the dependency in the reactive declarations

inputValue = updateInputValue(value);

3. The no-keyword-arguments syntax (**nil) is introduced You can use **nil in a method definition to explicitly mark the method accepts no keyword arguments. Calling such methods with keyword arguments will result in an ArgumentError. (This is actually a new feature, not an incompatibility)

This is useful to make it explicit that the method does not accept keyword arguments. Otherwise, the keywords are absorbed in the rest argument in the above example.

You need to explicitly delegate keyword arguments. def foo(*args, **kwargs, &block) target(*args, **kwargs, &block) end

foo({}, **{}) #=> Ruby 2.7: [{}] (You can pass {} by explicitly passing "no" keywords)

Prettier intentionally doesn’t support any kind of global configuration. This is to make sure that when a project is copied to another computer, Prettier’s behavior stays the same. Otherwise, Prettier wouldn’t be able to guarantee that everybody in a team gets the same consistent results.

Explicit types for function return values and arguments makes it clear to any calling code what is the module boundary's input and output.

If your python3 executable is named "python" instead of "python3" (this particularly appears to affect a number of Windows users), then you'll also need to modify the first line of git-filter-repo to replace "python3" with "python".

--tag-rename '':'my-module-' (the single quotes are unnecessary, but make it clearer to a human that we are replacing the empty string as a prefix with my-module-)

Explicit affordances are obvious, perceptual features of an item that clue you in on how it is to be used. With explicit affordances, physical appearance and any accompanying language or text inform the user of how an object is to be used.

I like this approach more because I can scan the code that renders the Box component and easily spot that it takes two children. If the Box took any props, they'd be within the opening <Box> tag, and they would be distinct from any children props.

the explicit modelling has one massive advantage: all possible outcomes of the nested activity are visible and have to be connected in the outer diagram

To understand this helper, you should understand that every step invocation calls Output() for you behind the scenes. The following DSL use is identical to the one [above]. class Execute < Trailblazer::Activity::Railway step :find_provider, Output(Trailblazer::Activity::Left, :failure) => Track(:failure), Output(Trailblazer::Activity::Right, :success) => Track(:success)

Because the Berne Convention in most countries by default grants copyright holders monopolistic control over their creations, copyright content must be explicitly declared free, usually by the referencing or inclusion of licensing statements from within the work.

Instead of trying to educate everyone on the complexities of copyright law, we’d rather make our intentions clear with this simple statement:

this second approach, while more verbose, sort of spells out better where things are coming from. (I like it, in other words.)

This decorators proposal is based on a common model where each decorator affects just one syntactic element--either a field, or a method, or a getter, or setter, or a class. It is immediately visible what is being decorated.

There are several built-in modules — math, color, string, list, map, selector, and meta — which have to be imported explicitly in a file before they are used:

In brief, @import is being replaced with more explicit @use and @forward rules. Over the next few years Sass @import will be deprecated, and then removed.

There's an issue #3368 for describing better what triggers reactive updates, as I do think there is some stuff we could be more explicit about

It will not re-run your component’s code on update unless explicitly told to do so, using the $: operator.

I couldn't land on how I wanted to box primitives. Should I use a getter/setter, or function form like Knockout, or explicit get/set like MobX? These were all ugly.

Explicit interfaces are preferable, even if it places greater demand on library authors to design both their components and their style interfaces with these things in mind.

Web developers are well aware of the mess you can get into with global CSS, and the action of writing <Child class="foo"/> and <div class={_class}>` (or similar) in the child component is an explicit indication that, while taking advantage of all the greatness of style encapsulation by default, in this case you have decided that you want a very specific and controlled "leak", of one class, from one component instance to one component instance.

Besides, it's probably better for component authors to be explicit about whether or not their component maps to a specific runtime element.

There are tools in Svelte that break this expectation to a degree, but they are a bit annoying to use, which makes it an active decision on the part of the developer. The API hints at the way we want you to do things because we feel that this will give the better experience.

Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.

Does a China-based company selling goods over a website only drafted in Chinese need to comply with the GDPR just because it’s possible, from a practical point of view, that some EU-based Chinese persons might purchase something from it? In principle we’d say no, unless it can be proven, that the company is doing relevant business with EU-based customers, or is addressing them expressly (for instance, by informing that “delivery to the EU” or “payment from an EU bank account” are possible etc.).

these active behaviors may include continued browsing, clicking, scrolling the page or some method that requires the user to actively proceed; this is somewhat left up to your discretion. Some website/app owners may favor a click-to-consent method over scrolling/continued-browsing methods as the former is less likely to be performed by user error.

Rather than using NFS for this task, use explicit data duplication, via one of the long-established mechanisms designed for this purpose.

just ask the question directly, and the person will respond asynchronously. If you truly need to have a synchronous communication, then start by asking for that explicitly, while mentioning the subject. e.g., "I'm having trouble understanding issue #x, can we talk about it quickly?"