this has now become unsustainable and we want to take this tradeoff to best serve the needs of the community

You can find some benefits and limitations of each kind of space organization below.

Generally speaking: The more independence a technology gives you, the higher its barrier for adoption.

Netflix, together with competitors such as Hulu and Amazon Prime Video, havechanged the way people watch television. Cable television subscriptions peaked in2012 before beginning a gradual decline, and disc sales have dropped faster.5

As Internet connections grew faster, more users shifted to purchasing software viadownloads rather than on disc. Software companies eventually moved away entirelyfrom the model of selling major releases every few years

The Internet of the early 1990s was growing so rapidly that even experts found it hardto stay on top of its expanding collection of tools, protocols, file transfer sites, telnetservices, and newsgroups. It began to feel like a large library that had no card catalog

All the portals suffered from the classic business mistake ofveering from their core mission

bandwidth was at a premium, andmany Webmasters felt the Wanderer ate up too many processingand bandwidth cycles as it indexed a site's contents.

Overriding the ActiveStorage controllers to add authentication or customize behavior is a bit tedious because it requires either: using custom routes, which means losing the nice url helpers provided by active storage copy pasting the routes in the application routes.rb, which is not very DRY.

In short: storing the token in HttpOnly cookies mitigates XSS being used to get the token, but opens you up to CSRF, while the reverse is true for storing the token in localStorage.

Therefore, since each method had both an attack vector they opened up to and shut down, I perceived either choice as being equal.

The issue is kind of regression/trade-off for keep bundles get loaded same as the declaration order. The only thing this part added is the new BundleBind! command. Sure we should try fix issue by not introduce new feature/concept as possible as we can, but when the concept/complexity is just add a simple command without any argments to the configuration, and the benefit is clean, simple and efficient implementation, IMHO it is worth. That's why I finally chose this solution.

It is about balancing the twin needs of writing good software, and writing any software at all.

It’s a practical set of advice for trading a moderate increase in development cost for a much larger reduction in maintenance costs.

That said, I wish more people would talk both sides. Yes, every dependency has a cost. BUT the alternatives aren't cost free either. For all the ranting against micropackages, I'm not seeing a good pro/con discussion.

And trust us, we’ve been playing with different APIs for two years and this was the easiest and fastest outcome.

I don't think seeing it in Rails PRs naturally means we should do it blankly. Put it another way, what's the justification in those PRs for doing it?

This column and last month's article are about design. Design, by nature, is a series of trade-offs. Every choice has a good and bad side, and you make your choice in the context of overall criteria defined by necessity. Good and bad are not absolutes, however. A good decision in one context might be bad in another.

If you don't understand both sides of an issue, you cannot make an intelligent choice; in fact, if you don't understand all the ramifications of your actions, you're not designing at all. You're stumbling in the dark.

My point is that you should not program blindly. You must understand the havoc a feature or idiom can wreak. In doing so, you're in a much better position to decide whether you should use that feature or idiom. Your choices should be both informed and pragmatic.

Space: Suppose we had infinite memory, then cache all the data; but we don't so we have to decide what to cache that is meaningful to have the cache implemented (is a ??K cache size enough for your use case? Should you add more?) - It's the balance with the resources available.

You have to guess when the data is not likely to be needed in memory. It can't be too short that the cache is useless, and too long that you'll get a memory leak.

After considering the value we place, and the tradeoffs we make, when it comes to knowing anything of significance, I think it becomes much easier to understand why cache invalidation is one of the hard problems in computer science

Progress is made of compromises, this implies that we have to consider not only disadvantages, but also the advantages. Advantages do very clearly outweigh disadvantages. This doesn’t mean it perfect, or that work shouldn’t continue to minimize and reduce the disadvantages, but just considering disadvantages is not the correct way.

Snap gets rid of dependency mess. Good. Snap offers in one place FOSS and proprietary app’s. Here I am suspicious. It may be an advantage for a commercial app-store and for some users. But this advantage may lead to loss of comfort and flexibility for the many users that rely first on FOSS.

As you already noticed, the extension does not go in an manipulate the hrefs/urls in the DOM itself. While it may seem scary to you that an extension may manipulate a URL you're navigating to in-flight, I think it's far scarier to imagine an extension reading and manipulating all of the HTML on all of the pages you go to (bank accounts, utilities, crypto, etc) in order to provide a smidgeon of privacy for the small % of times you happen to click a link with some UTM params.

The main point — each framework/library/instrument has some kind of flaw, something it handles a little worse than others. And Svelte is no exception.

but that might break everything for folks who actually do want to set values to undefined inside component code, so that might not be viable.

Don't sacrifice clarity for brevity when creating a minimal example.

A style guide is about consistency. Consistency with this style guide is important. Consistency within a project is more important. Consistency within one module or function is the most important.

Yes, you cannot fully express a modern app through templates without sacrificing flexibility and code reusability.

It might seem like a small thing but for me it is more than a valid reason to add an extra of 0.15–0.25 seconds to my app’s time-to-interactive.

I guess when making decisions about the stack of the compiler, they made a tradeoff — how high the overhead is vs the benefits the community gets in exchange.

But is overhead always bad? I believe no — otherwise Svelte maintainers would have to write their compiler in Rust or C, because garbage collector is a single biggest overhead of JavaScript.

However, in practice I do not think these tradeoffs are enough to justify logic-less templates.

One way around this is simply linking to each SVG with an <img> tag, instead of embedding the actual SVG in the DOM. This way, the virtual DOM only needs to track one node per image, instead of hundreds for each SVG. Inline SVG [above] vs linked SVG. But in doing so we’ve crippled our ability to manipulate our SVGs. No longer can we add stroke, move shapes, remove nodes or change fill. In short, if you want :hover to change the fill color, you’re back in the stone age.

You know the trade-off. Use the img tag to display an SVG, and you get clean markup — at the cost of styling the SVG using its properties like fill, stroke, SVG filters and more.

The trade-offs that came with microservices caused more issues than they fixed

This is exactly the approach that Chef has chosen. They built Omnibus, an automation system which spawns an army of VMs for building platform-specific packages. It works, but it's heavyweight and a big hassle. You need a big build machine for that if you want to have reasonable build time. And be prepared to make 20 cups of coffee.

Although it can minimize the overhead of third-party tags, it also makes it trivial for anyone with credentials to add costly tags.

But this new, risk-score based system comes with a serious trade-off: users’ privacy.

I will need to find a workaround for one of my private extensions that controls devices in my home network, and its source code cannot be uploaded to Mozilla because of my and my family's privacy.

We must consider introducing sensible default options in Firefox, while also educating users and allowing them to override certain features, instead of placing marginal security benefits above user liberties and free choice.

There will be those within organisations that won't be too keen on the approaches above due to the friction it presents to some users.

This has a usability impact. From a purely "secure all the things" standpoint, you should absolutely take the above approach but there will inevitably be organisations that are reluctant to potentially lose the registration as a result of pushing back

As such, they're not in clear text and whilst I appreciate that will mean some use cases aren't feasible, protecting the individuals still using these passwords is the first priority.

One of the drawbacks of waiting until someone signs in again to check their password is that a user may simply stay signed in for a long time without signing out. I suppose that could be an argument in favor of limiting the maximum duration of a session or remember-me token, but as far as user experience, I always find it annoying when I was signed in and a website arbitrarily signs me out without telling me why.

There's a tradeoff to be made between the false positive rate, the number of passwords checked, and the amount of disk/network bandwidth used.

IDEs and standard *nix tools like sed can help, but you typically have to make a trade-off between introducing errors and introducing tedium.

I have concluded that all these systems are cumbersome and onerous in some ways, more concerned with design than functionality, and more concerned with ease-of-use than speed and efficiency.

The chosen approach pushes a lot of complexity out of the core. As a result it might take more code to achieve certain functionalities. This is the price of flexibility. And that's the primary design goal of Reactabular.

first target the patients at highest risk of relapse;

Sure. If I have a lot of tabs open, sometimes trading the crash, but otherwise it's perfectly great.

pretty shitty one