20 Matching Annotations
  1. Jul 2020
    1. One way around this is simply linking to each SVG with an <img> tag, instead of embedding the actual SVG in the DOM. This way, the virtual DOM only needs to track one node per image, instead of hundreds for each SVG. Inline SVG [above] vs linked SVG. But in doing so we’ve crippled our ability to manipulate our SVGs. No longer can we add stroke, move shapes, remove nodes or change fill. In short, if you want :hover to change the fill color, you’re back in the stone age.
    1. You know the trade-off. Use the img tag to display an SVG, and you get clean markup — at the cost of styling the SVG using its properties like fill, stroke, SVG filters and more.
  2. May 2020
    1. This is exactly the approach that Chef has chosen. They built Omnibus, an automation system which spawns an army of VMs for building platform-specific packages. It works, but it's heavyweight and a big hassle. You need a big build machine for that if you want to have reasonable build time. And be prepared to make 20 cups of coffee.
    1. I will need to find a workaround for one of my private extensions that controls devices in my home network, and its source code cannot be uploaded to Mozilla because of my and my family's privacy.
    2. We must consider introducing sensible default options in Firefox, while also educating users and allowing them to override certain features, instead of placing marginal security benefits above user liberties and free choice.
  3. Apr 2020
    1. There will be those within organisations that won't be too keen on the approaches above due to the friction it presents to some users.
    2. This has a usability impact. From a purely "secure all the things" standpoint, you should absolutely take the above approach but there will inevitably be organisations that are reluctant to potentially lose the registration as a result of pushing back
    3. As such, they're not in clear text and whilst I appreciate that will mean some use cases aren't feasible, protecting the individuals still using these passwords is the first priority.
    1. One of the drawbacks of waiting until someone signs in again to check their password is that a user may simply stay signed in for a long time without signing out. I suppose that could be an argument in favor of limiting the maximum duration of a session or remember-me token, but as far as user experience, I always find it annoying when I was signed in and a website arbitrarily signs me out without telling me why.
    1. There's a tradeoff to be made between the false positive rate, the number of passwords checked, and the amount of disk/network bandwidth used.
    1. IDEs and standard *nix tools like sed can help, but you typically have to make a trade-off between introducing errors and introducing tedium.
  4. Dec 2019
  5. Nov 2019
    1. The chosen approach pushes a lot of complexity out of the core. As a result it might take more code to achieve certain functionalities. This is the price of flexibility. And that's the primary design goal of Reactabular.
  6. May 2019
    1. first target the patients at highest risk of relapse;

      Clinical trials will most certainly first include those patients with the highest risk of relapse. However, long term, everything will depend on the risk/ benefit trade off: if an effective, simple, well-tolerated and cost-effective treatment was available (let's imagine a single short low-dose PD1 for any early Melanoma patient) that prevented progression for most patients would be very different from a highly toxic, expensive treatment that doesn't work for everyone (think Ipi 10mg/kg adjuvant)- so everything is in the trade-off

  7. Jan 2019
    1. Sure. If I have a lot of tabs open, sometimes trading the crash, but otherwise it's perfectly great.
    2. pretty shitty one

    Tags

    Annotators