373 Matching Annotations
  1. Last 7 days
    1. Restart from scratch. Create a new program, adding in only what is needed to see the problem. Use simple, descriptive names for functions and variables – don’t copy the names you’re using in your existing code.
    2. Divide and conquer. If you’re not sure what the source of the problem is, start removing code a bit at a time until the problem disappears – then add the last part back.
    1. But many of these systems continue to re-request the same DTDs from our site thousands of times over, even after we have been serving them nothing but 503 errors for hours or days. Why are these systems bothering to request these resources at all if they don’t care about the response?
    1. Could you please explain why it is a vulnerability for an attacker to know the user names on a system? Currently External Identity Providers are wildly popular, meaning that user names are personal emails.My amazon account is my email address, my Azure account is my email address and both sites manage highly valuable information that could take a whole company out of business... and yet, they show no concern on hiding user names...

      Good question: Why do the big players like Azure not seem to worry? Microsoft, Amazon, Google, etc. too probably. In fact, any email provider. So once someone knows your email address, you are (more) vulnerable to someone trying to hack your account. Makes me wonder if the severity of this problem is overrated.

      Irony: He (using his full real name) posts:

      1. Information about which account ("my Azure account is my email address"), and
      2. How high-value of a target he would be ("both sites manage highly valuable information that could take a whole company out of business...")

      thus making himself more of a target. (I hope he does not get targetted though.)

    1. One of Svelte's advantages, for me, is that I can test out ideas with relatively few lines of code. the #with feature could save me from adding a separate component for the content of an #each loop. I get frustrated when I have to create a new file, move the content of the #each clause, import it as a component, and add attributes and create exports for that, and implement events to send messages back, and event handlers, when I just wanted to test a small feature.
    1. Returns a Promise<?Object> that resolves with no value on success or resolves with an Object of submission errors on failure. The reason it resolves with errors is to leave rejection for when there is a server or communications error.
  2. Oct 2020
    1. You can think of this as a single speaker talking at a microphone in a room full of people. Their message (the subject) is being delivered to many (multicast) people (the observers) at once.
    1. One of the significant differences between the two is that a call to a partially applied function returns the result right away, not another function down the currying chain; this distinction can be illustrated clearly for functions whose arity is greater than two.
    2. As such, curry is more suitably defined as an operation which, in many theoretical cases, is often applied recursively, but which is theoretically indistinguishable (when considered as an operation) from a partial application.
    1. JavaScript is, of course, a dynamic language that allows you to add and remove objects and their members at any point in time. For many, this is precisely why they enjoy the language: there are very few constraints imposed by the language.
    2. Once again, this isn’t good or bad, it’s just the most efficient way to create something that is similar to something else
    3. This isn’t to say that multiplying code is good or bad – it’s a characteristic of all code regardless of quality.
    4. For years, I’ve shared with friends and clients what I call the bunny theory of code. The theory is that code multiplies when you’re not looking, not unlike bunnies that tend to multiply when you’re not looking.
    1. Not all application state belongs inside your application's component hierarchy. Sometimes, you'll have values that need to be accessed by multiple unrelated components, or by a regular JavaScript module.
    2. A store is simply an object with a subscribe method that allows interested parties to be notified whenever the store value changes. In App.svelte, count is a store, and we're setting count_value in the count.subscribe callback.
    1. Just like elements can have children... <div> <p>I'm a child of the div</p> </div>...so can components. Before a component can accept children, though, it needs to know where to put them. We do this with the <slot> element.
    1. mixing the turing complete of javascript with the markup of HTML eliminates the readability of JSX so that it is actually harder to parse than a solution like hyperscript
    2. andrewdeandrade commented on Jul 31, 2015

      locked issues that I would comment on if I could: Can't react to comment because locked. Want to thumb up.

    3. Of all the compile-to-languages, the one that strikes me as having the least merit is JSX. It's basically a ton of added complexity for the sake of what boils down to syntax. There are no real gains in terms of language semantics in JSX.
    4. Supporting JSX out of the box is the engineering equivalent of Mozilla supporting DRM out of the box in FireFox.
    5. I agree that "it feels gross" is a bad reason. "not paving a bad cowpath" is a much better reason.
    1. const { getByRole } = render(html`<input bind:value=${text} />`)
    2. render(html`<${Button} on:click=${() => (clicked += 1)}>Click Me!<//>`)

      Compared to https://github.com/kenoxa/svelte-jsx#api, this alows on:click instead of on_click.

      So maybe this syntax allows for fewer workarounds overall?

    1. debt ... which is not a straight bad thing but something that could provide some "short term financing" get us to survive the project (how many of us could afford to buy a house without taking out the mortgage?).
    2. Right, and if most uses of an FTP service use new FtpService() the one that sets an alternate port will stand out (service.SetPort(12345))
    1. trusktr herman willems • 2 years ago Haha. Maybe React should focus on a template-string syntax and follow standards (and provide options for pre-compiling in Webpack, etc).

      Well anywho, there's other projects now like hyperHTML, lit-html, etc, plus some really fast ones: https://www.stefankrause.ne...

      React seems a little old now (and the new Hooks API is also resource heavy).

      • Share ›  Michael Calkins trusktr • 4 years ago • edited That's a micro optimization. There isn't a big enough difference to matter unless you are building a game or something extraordinarily odd.

      • Share › −  trusktr Michael Calkins • 2 years ago True, it matters if you're re-rendering the template at 60fps (f.e. for animations, or for games). If you're just changing views one time (f.e. a URL route change), then 100ms won't hurt at all.

    1. Because the code in question predates the introduction of the guideline and there is no other reason to be modifying that code.
    1. This would be like an executable proposal. I understand that it's beyond the original intent of having canonical patterns on the Svelte site, but it would facilitate the community to express their own patterns. Now that we have markdown preprocessors , the documentation itself can be an app.
    2. I'm suggesting that the cookbook apps be self-contained & forkable. 3rd parties could host their own cookbook recipes, possibly using a forked cookbook from an already established pattern.
    1. This seems crucial, for example for #if inside #each {#each boxes as box} {@const b = box?.a?.b} {#if b} <p>{b}</p> {/if} {/each}
    2. About the argument against it, "{@const will make code less consistent ": I think the same is true now, since people can come up with very different ways of dealing with the "computed value inside each loop/if function" problem. Some extract components, some use functions, some will prepare the array differently beforehand.
    3. This is exactly why I'm in favor of @const. Helpers are fine, except when they're not and turn into boilerplate.
    4. Right, because those are the only 3 instances where new "scopes" are created, which means you're seeing data for (probably) the first time.

      good point: means you're seeing data for (probably) the first time.

    5. I like this, mostly because it allows me to write small components without creating another separate sub-component for holding the value simple computation. I get annoyed every time I need to create a component just to hold a variable, or even move the computation away from the relevant location. It reminds me of the days where variables in C had to be declared at the top of the function.
    1. My experience is that components count increase very fast in Svelte, much faster than in Ractive.
    2. Could I get your intuition for why that rule of thumb applies to svelte components but not Javascript functions? I tend to make heavy use of let x = e when writing normal Javascript, as I do in most other languages (though unlambda is a notable exception). How is svelte different?
    1. Data fetching, setting up a subscription, and manually changing the DOM in React components are all examples of side effects.
    1. Any variable referenced on the lines marked with $: is marked as a dependency of the derived variable.
    2. It's possible to run a function whenever some reactive state changes using the useEffect hook. In the example we log the length of the todoList whenever it changes. The first argument to useEffect is the function we want to run, and the second is a list of reactive values to track - whenever one of these values changes the effect will run again.
    1. Putting a browserlist in the project will send a false signal to users. Svelte is only a lib, not an application. The consumer / implementer will have to decide what level of support he wants, according to its constraints/userbase and adjust its build process and polyfills implementation.
    1. strict-origin: Only send the origin of the document as the referrer when the protocol security level stays the same (e.g. HTTPS→HTTPS), but don't send it to a less secure destination (e.g. HTTPS→HTTP).
  3. Sep 2020
    1. Why the obfuscation of remaining to r and callbacks to c? This is fine for function-local variables but in this instance makes the code significantly harder to reason about? There is no notion of what c and r mean.
    1. From npm@5.2.0, npm ships with npx package which lets you run commands from a local node_modules/.bin or from a central cache.
    2. By default, npx will check whether <command> exists in $PATH, or in the local project binaries, and execute that. Calling npx <command> when <command> isn't already in your $PATH will automatically install a package with that name from the NPM registry for you, and invoke it. When it's done, the installed package won’t be anywhere in your globals, so you won’t have to worry about pollution in the long-term. You can prevent this behaviour by providing --no-install option.
    3. A lot of instructions I read say things like npm install niftycommand and then niftycommand. But this will never work unless you have ./node_modules/.bin in your path, will it?
    1. using modulesOnly behaves exactly as expected when it warns you that the listed npm libraries do not use the ES6 format and are in fact ignored. This option is meant as a way to determine if you still have commonjs libraries in your dependencies that require special treatment via rollup-plugin-commonjs. Your code will probably not work since the listed dependencies will be missing. You should remove modulesOnly and instead add rollup-plugin-commonjs.
    1. The difference between default and named affects how other people can consume your bundle. If you use default, a CommonJS user could do this, for example:

      include the following content

    2. In other words for those tools, you cannot create a package interface where const lib = require("your-lib") yields the same as import lib from "your-lib". With named export mode however, const {lib} = require("your-lib") will be equivalent to import {lib} from "your-lib".
    1. globals are assumed to have their field value on the window object and can be referenced inside the bundle by their field name globals: { name: 'Value', }, assumes that some other script tag or whatever establishes window.Value and the emitted umd bundle for example, calls the factory like factory(global.Value). So globals is just stuff to bring into the factory on the globals object. It doesn't even make it "global" inside the bundle. Basically, the resolver does not check the globals object during the loading process. The resolver needs to be told how to link these globals and that's what the external option is for. external: ['name'], Then you can reference it like import myName from 'name'; myName();
    2. we've learned why you might want to use external but not globals: libraries. We've started to factor some of our client-side JS as libraries to share between projects. These libraries import $ from 'jquery'. However they don't want to presume how that import might be "fulfilled". In most projects it's fulfilled from a global i.e. a script loaded from a CDN. However in one project it's fulfilled from a local copy of jQuery for reasons I won't get into. So when these libraries bundle themselves for distribution, as ES6 modules, they mark 'jquery' as an external and not as a global. This leaves the import statements in the bundle. (Warning: Don't bundle as an IIFE or UMD, or Rollup will guess at fulfilling the import from a global, as @Rich-Harris mentions above.)
    1. Luckily, there is absolutely no good reason not to use strict mode for everything — so the solution to this problem is to lobby the authors of those modules to update them.
    1. While there is some precedence in other frameworks for using as, the word doesn't fit well. Since you are adding functionality to elements I like the word add better (and it only has 1 more character).
    2. <slot ref:img data-visible="{{visible}}" /> In the above everything on <slot> is lost since slot is a space in the HTML, not an actual element. How could we translate this to zero or ten elements inside the slot?

      But I think this is a solved problem with current Svelte: just pass the lets to the slot content, and the slot content can decide how to pass those let props on to any or all of its child elements as it sees fit...

    3. enhancers
    1. Is there a good way to do this given the compiler won't know at build time what events are needed? Should I make a wrapper that does addEventListener myself with a bind:this? Would be nice if Svelte could handle dynamic events though.
    1. Yes, they do but none of them allow arbitrary javascript anywhere in the template it is finely controlled. This deviates from that, in fact that is it's defining feature.
    1. We should also allow passing unrecognised props to the rendered component. eg: tabindex might be required on some instances of a component, and not all. Why should developers have to add tabindex support to their components just that it may potentially be used

      Glad to hear this is solved now: $restProps

    2. The language should work for developers, not the other way around.
    1. Adding my 2 cents to the discussion. Adding a class prop to a component doesn't necessarily mean it should apply the style to the root element, but it makes sense that it should apply it the main element visually. Let's take a modal component as an example.
    2. You're not trying to pass a class to a dom element. You're passing a class to a component. It's up to the component to define what that means for the components use case. In most cases it would be passed to a dom element.
    3. That is, if I remove class={className} from the Child component, and/or remove the class/className prop entirely, then the class:active syntax doesn't have any effect since nothing is rendering the class prop anywhere.
    1. I don’t want my source to be human-readable, not for protective reasons, but because I care about web performance more. I want my website to arrive at light speed on a tiny spec of magical network packet dust and blossom into a complete website. Or do whatever computer science deems is the absolute fastest way to send website data between computers. I’m much more worried about the state of web performance than I am about web education. But even if I was very worried about web education, I don’t think it’s the network’s job to deliver teachability
    1. if the idea of using a template language makes you shudder — your fears are misplaced, but that's a topic for another day
    1. For example, you might want to use the browser’s knowledge of the user’s current time zone to group a collection of elements by date.
  4. Aug 2020
    1. But it's easy to imagine that the caption was incorrect for too long because those who know the language, know where the mistake is, and those who don't, think that it's the correct way to spell it.

      those who know the language, know where the mistake is, In other words, they can easily spot the mistake and no better than to repeat it themselves, but either are powerless or too lazy to actually fix it on SE.

      and those who don't, think that it's the correct way to spell it. So those who should no better are inadvertently perpetuating the mistake and teaching others that it is an acceptable/correct usage.

    2. Unless I just loginned, I agree it's "log in".
    1. I think the conjugation is particularly helpful to see why it should be two separate words: "log in" -> "logging in" -> "logged in"
    2. You can also think about each one with the way we stress the different syllables slightly when we're speaking: "log in to host.com" sounds like "log + in + to host.com" (each word is pretty much evenly stressed) "log into host.com" sounds like "log + INto host.com" (the stress is on "in") "login to host.com" sounds like "LOGin + to host.com" (the stress is on "log")

      I wouldn't have thought about using the way we pronounce it to make a point about grammar, but somehow it seems to help slightly to make the point.

    3. Perhaps someone should give an example of when 'into' is ever correct. "Turn into bed" is definitely incorrect, unless one is morphing into the form of a bed. But what about "he fell into the hole", "she went into the house", or "Star Trek Into Darkness"?
    1. I used to be a staunch defender of proper reply styles, even for casual emails. Insert your replies below the relevant paragraph and trim the exchange to be just about the matters of discussion.
    1. For example, the word dog describes both the species Canis familiaris and male individuals of Canis familiaris, so it is possible to say "That dog isn't a dog, it's a bitch" ("That hypernym Z isn't a hyponym Z, it's a hyponym Y").
  5. Jul 2020
    1. It would be nice if the tests weren't so implementation specific, but rather tested the essence of the functionality. I tried to make them less brittle but failed. To that end, re-writing all the tests in rspec would be (IMHO) a brilliant improvement and pave the way for better tests in the future and more flexibility in implementation.
    1. if British Army gunners are doing a countdown before making something go bang, they actually leave out Five in case anyone mishears it as “Fire”.
    1. See https://choosealicense.com/ for tl;dr Please, please add a license. The fact none is listed makes using this software a legal quagmire. Currently it is not legal to use this code or its derivatives in any useful software. I may be mistaken but hopefully this is not the intended effect. Currently no license is mentioned anywhere, what makes this code fully copyrighted, like any other creative work. It limits usefulness of this project - and I hope that it is unintentional. For example it seems that it would solve my problem of profiling hilariously slow rspec tests (2036.33 seconds ./spec/word_processor_spec.rb:43), in current situation I would be unable to legally publish project that would use this solution. Obviously, please do not release it under any license if you are not the author (that would be even worse legal quagmire)
    1. Once a test is in quarantine, there are 3 choices: Should the test be fixed (i.e. get rid of its flakiness)? Should the test be moved to a lower level of testing? Should the test be removed entirely (e.g. because there’s already a lower-level test, or it’s duplicating another same-level test, or it’s testing too much etc.)?
    2. Quarantined tests are run on the CI in dedicated jobs that are allowed to fail
    1. I could not find any way to do this with the standard library.

      https://twitter.com/olivierlacan/status/1084964879289778176 / https://hyp.is/aIYDgMVKEequYL8_dgzChQ/twitter.com/olivierlacan/status/1084930269533085696:

      It’s even worse that there’s no alternative method that does the unsurprising thing IMO.

    2. So why isn't there an easy way to remove an element from such an array in a way that respects both the order and number (count) of each element? Why do all methods for removing elements from an array assume that you always want to remove all matching elements from the receiver, with no option to do otherwise?
  6. Jun 2020
    1. For example, if error messages in two narrowly defined classes behave in the same way, the classes can be easily combined. But if some messages in a broad class behave differently, every object in the class must be examined before the class can be split. This illustrates the principle that "splits can be lumped more easily than lumps can be split".
    1. Don’t apply caching if the process is expected to react to changes during the caching period. i.e. Don’t cache when mixing reads and writes.
    2. An example candidate for caching might be a nightly billing task which aggregates billing data for the past month. That kind of task is likely not expecting last minute updates while it runs. It assumes that the state of the world remains constant while processing.
    1. In this case, we notice that comment.post and post should belong to the same database object. But, is Rails smart enough to know that the comment should be removed from both of the associations? Or are comment.post and post different representations of the same database row?