What ever you do, don't use a for loop: # Don't do this for file in $(find . -name "*.txt") do …code using "$file" done Three reasons: For the for loop to even start, the find must run to completion. If a file name has any whitespace (including space, tab or newline) in it, it will be treated as two separate names. Although now unlikely, you can overrun your command line buffer. Imagine if your command line buffer holds 32KB, and your for loop returns 40KB of text. That last 8KB will be dropped right off your for loop and you'll never know it.

$0 can be set to an arbitrary value by the caller. On the flip side, $BASH_SOURCE can be empty, if no named file is involved; e.g.: echo 'echo "[$BASH_SOURCE]"' | bash

hile this warning is helpful, it could be more precise, because you won't necessarily get the first element: It is specifically the element at index 0 that is returned, so if the first element has a higher index - which is possible in Bash - you'll get the empty string; try 'a[1]='hi'; echo "$a"'.

Pre and post commands with matching names will be run for those as well (e.g. premyscript, myscript, postmyscript)

Since npm@1.1.71, the npm CLI has run the prepublish script for both npm publish and npm install, because it's a convenient way to prepare a package for use (some common use cases are described in the section below). It has also turned out to be, in practice, very confusing. As of npm@4.0.0, a new event has been introduced, prepare, that preserves this existing behavior. A new event, prepublishOnly has been added as a transitional strategy to allow users to avoid the confusing behavior of existing npm versions and only run on npm publish (for instance, running the tests one last time to ensure they're in good shape).

Should I ever change my stance on this, I will immediately update this post.

This option wasn’t offered by the library, but that doesn’t have to stop us. Isn’t that fun?

Here’s a quick blog post about a specific thing (making FactoryBot.lint more verbose) but actually, secretly, about a more general thing (taking advantage of Ruby’s flexibility to bend the universe to your will). Let’s start with the specific thing and then come back around to the general thing.

Steer, of course, can also be a noun that refers to male cattle. This meaning is unrelated to the expression steer clear.

As this stands, the specs could pass w/o the formatter.output == new_formatter.output check.

Brilliant. Ignore Critics. Do watch it!

Oh I see whats happening, we actually have specs for this but they're not correct

The amount of time wasted on this is ridiculous. Thanks. This is about the only thing that worked. Why in the world this wouldn't "just work" by defining the default url options in Rails config/environments/test.rb is beyond me.

The goal of this project is to have a single gem that contains all the helper methods needed to resize and process images. Currently, existing attachment gems (like Paperclip, CarrierWave, Refile, Dragonfly, ActiveStorage, and others) implement their own custom image helper methods. But why? That's not very DRY, is it? Let's be honest. Image processing is a dark, mysterious art. So we want to combine every great idea from all of these separate gems into a single awesome library that is constantly updated with best-practice thinking about how to resize and process images.

It is sublimely annoying to have to configure the exact same parameters in config/environments, spec/spec_helper.rb and again here... all in marginally different ways (with 'http://' or without, with port number or port specified separately). Even Capybara.configure syntax can't seem to stay consistent to itself between versions...

It really only takes one head scratching issue to suck up all the time it saves you over a year, and in my experience these head scratchers happen much more often than once a year. So in that sense it's not worth it, and the first time I run into an issue with it, I disable it completely.

It feels like « removing spring » is one of those unchallenged truths like « always remove Turbolinks » or « never use fixtures ». It also feels like a confirmation bias when it goes wrong.

I may had to turn it off and on again a few times as debugging technique when I had no other ideas on what to do.

Thanks for your making your first contribution to Cucumber, and welcome to the Cucumber committers team! You can now push directly to this repo and all other repos under the cucumber organization! In return for this generous offer we hope you will: Continue to use branches and pull requests. When someone on the core team approves a pull request (yours or someone else's), you're welcome to merge it yourself. Commit to setting a good example by following and upholding our code of conduct in your interactions with other collaborators and users. Join the community Slack channel to meet the rest of the team and make yourself at home. Don't feel obliged to help, just do what you can if you have the time and the energy. Ask if you need anything. We're looking for feedback about how to make the project more welcoming, so please tell us!

A more conservative workaround is find the gems that are causing issues and list them on the top of your Gemfile.

A good way to debug what is causing these is put this at the top of your Gemfile:

to deepen and mature your coding practice

delegate :name, :to => :department, :prefix => true, :allow_nil => true

How much do we really need constants, anyway?

These directives are inherited from the previous configuration level if and only if there are no proxy_set_header directives defined on the current level.

By default, this function reads template files in /etc/nginx/templates/*.template and outputs the result of executing envsubst to /etc/nginx/conf.d.

It is "guaranteed" as long as you are on the default network. 172.17.0.1 is no magic trick, but simply the gateway of the network bridge, which happens to be the host. All containers will be connected to bridge unless specified otherwise.

For example I use docker on windows, using docker-toolbox (OG) so that it has less conflicts with the rest of my setup and I don't need HyperV.

Even with OverloadedRecordDot, Haskell’s records are still bad, they’re just not awful.

You are context switching between new features and old commits that still need polishing.

If the code review process is not planned right, it could have more cost than value.

Defects found in peer review are not an acceptable rubric by which to evaluate team members. Reports pulled from peer code reviews should never be used in performance reports. If personal metrics become a basis for compensation or promotion, developers will become hostile toward the process and naturally focus on improving personal metrics rather than writing better overall code.

raise StandardError.new "No authentication is configured for ActiveStorage"

# ActiveStorage defaults to security via obscurity approach to serving links # If this is acceptable for your use case then this authenticable test can be # removed. If not then code should be added to only serve files appropriately. # https://edgeguides.rubyonrails.org/active_storage_overview.html#proxy-mode def authenticated? raise StandardError.new "No authentication is configured for ActiveStorage" end

I'm thinking it might be worth a separate issue. I'm not sure though, so for now mentioning it here.

Interestingly, Rails doesn't see this in their test suite because they set this value during setup:

Stop autoclosing of PRs While the idea of cleaning up the the PRs list by nudging reviewers with the stale message and closing PRs that didn't got a review in time cloud work for the maintainers, in practice it discourages contributors to submit contributions. Keeping PRs open and not providing feedback also doesn't help with contributors motivation, so while I'm disabling this feature of the bot we still need to come up with a process that will help us to keep the number of PRs in check, but celebrate the work contributors already did instead of ignoring it, or dismissing in the form of a "stale" alerts, and automatically closing PRs.

I don't understand why it should be so hard to keep issues open / reopen them. That's just going to cause people to open a duplicate issue/PR — or (if they notice in time) cause people to add extra "not stale" noise when the bot warns it's about to be closed. Wouldn't it be preferable to keep the discussion together in one place instead of spreading across duplicate issues? (Similarly, moving the meta conversation about an issue out to a completely separate system (Discord) seems like the wrong direction, because it wouldn't be visible to/discoverable by those arriving at the closed issue.) I get how it's useful to have stale issues not cluttering the list. But if interes/activity later picks up again, then "stale" is no longer accurate and its status should be automatically updated to reflect its newfound freshness... like it did back here:

ActiveSupport.on_load :active_storage_blob do def accessible_to?(accessor) attachments.includes(:record).any? { |attachment| attachment.accessible_to?(accessor) } || attachments.none? end end ActiveSupport.on_load :active_storage_attachment do def accessible_to?(accessor) record.try(:accessible_to?, accessor) end end ActiveSupport.on_load :action_text_rich_text do def accessible_to?(accessor) record.try(:accessible_to?, accessor) end end module ActiveStorage::Authorize extend ActiveSupport::Concern included do before_action :require_authorization end private def require_authorization head :forbidden unless authorized? end def authorized? @blob.accessible_to?(Current.identity) end end Rails.application.config.to_prepare do ActiveStorage::Blobs::RedirectController.include ActiveStorage::Authorize ActiveStorage::Blobs::ProxyController.include ActiveStorage::Authorize ActiveStorage::Representations::RedirectController.include ActiveStorage::Authorize ActiveStorage::Representations::ProxyController.include ActiveStorage::Authorize end

I'm partial to the solution originally proposed. It follows a pattern already established in Rails. For example, using an application-specific ApplicationStorageController which inherits from ActiveStorage::BaseController is very similar to the ApplicationRecord which inherits from ActiveRecord::Base or ApplicationJob which inherits from ActiveJob::Base.

I think this is important, and I'd love to help making ActiveStorage a more secure place.

it should be normal for production apps to add authentication and authorization to their ActiveStorage controllers. Unfortunately, there are 2 possible ways to achieve it currently: Not drawing ActiveStorage routes and do everything by yourself Override/monkey patch ActiveStorage controllers None of them is ideal because in the end you can't benefit from Rails upgrades (bug fixes, etc) so the intention of this PR is to let people define a parent controller (inspired by Devise, maybe @carlosantoniodasilva can tell us his experience on this feature) so that people can add authentication and authorization in a single place and still benefit from the default controllers.

Create a new controller to override the original: app/controllers/active_storage/blobs_controller.rb

Overriding the ActiveStorage controllers to add authentication or customize behavior is a bit tedious because it requires either: using custom routes, which means losing the nice url helpers provided by active storage copy pasting the routes in the application routes.rb, which is not very DRY.

This was a surprise to me, since we generally authenticate the record quite well, but then go on to do something like record.file.url in our view, generating a URL that is permanent and unauthenticated.

Overall, there appears to be no MIME type image/jpg. Yet, in practice, nearly all software handles image files named "*.jpg" just fine.

commented

It really slows down your test suite accessing the disk.So yes, in principle it slows down your tests. There is a "school of testing" where developer should isolate the layer responsible for retrieving state and just set some state in memory and test functionality (as if Repository pattern). The thing is Rails is a tightly coupled with implementation logic of state retrieval on core level and prefers "school of testing" in which you couple logic with state retrial to some degree.Good example of this is how models are tested in Rails. You could just build entire test suite calling `FactoryBot.build` and never ever use `FactoryBot.create` and stub method all around and your tests will be lighting fast (like 5s to run your entire test suite). This is highly unproductive to achieve and I failed many times trying to achieve that because I was spending more time maintaining my tests then writing something productive for business.Or you can took more pragmatic route and save database record where is too difficult to just 'build' the factory (e.g. Controller tests, association tests etc)Same I would say for saving the file to the Disk. Yes you are right You could just "not save the file to disk" and save few milliseconds. But at the same time you will in future stumble upon scenarios where your tests are not passing because the file is not there (e.g. file processing validations) Is it really worth it ? I never worked on a project where saving file to a disk would slow down tests significantly enough that would be an issue (and I work for company where core business is related to file uploading) Especially now that we have SSD drives in every laptop/server it's blazing fast so at best you would save 1 seconds for entire test suite (given you call FactoryBot traits to set/store file where it make sense. Not when every time you build an object.)

# Internal: This is how much Honeybadger cares about Rails developers. :)

# Some Rails projects include ActionDispatch::TestProcess globally for the # use of `fixture_file_upload` in tests. This is a bad practice because it # includes other methods -- such as #session -- which override existing # methods on *all objects*.

# This ensures that the pid namespace is shared between the host # and the container. It's not necessary to be able to run spring # commands, but it is necessary for "spring status" and "spring stop" # to work properly. pid: host

If you don't use an intermediate variable, you need to protect the / characters in the directory to remove so that they aren't treated as the end of the search text.

If the path in question is at the beginning of the PATH variable, you need to match the colon at the end. This is an annoying caveat which complicates easy generic manipulations of PATH variables.

I am ScaredDon't be :).

I'm fully serious: If your accounts and data are important, then just don't make such mistakes. Being careful is completely possible.

I can't reverse it, but maybe somebody who understands how Chrome does the decryption can. The ability is there, its not that Chrome can't decrypt them, it is that Chrome won't decrypt them due to false "security".And if Chrome actually, genuinely can no longer decrypt passwords after they have been restored from backup, then that is a shockingly bad bug in their password manager.

If your security locks you out of your own home just because you changed your trousers, that would be shockingly bad security.If your security permanently locks you out of your accounts because you restored your Chrome settings from backup, how is that any better?

So the correct command to use is findmnt, which is itself part of the util-linux package and, according to the manual: is able to search in /etc/fstab, /etc/mtab or /proc/self/mountinfo

Rails 3 seems is ignoring my rescue_from handler so I cannot test my redirect below.

All seem focused on rendering the 404 page manually. However, I wanted to make rescue_from work. My solution is the catch-all route and raising the exception manually.

Data protection authorities have found that the U.S. legal system does not guarantee the same standards of protection as the EU. The situation stems from a set of U.S. laws that allow government organizations to request access to consumers’ personal data from US-based services, regardless of where the data centers or servers are located. In light of this, NOYB filed 101 complaints with European DPAs to find that transferring European users’ data to the U.S. was unlawful. The decisions, which have noted the illegitimacy of the transfers, focus on the analysis of additional technical, contractual and organizational measures.

This thread is locked.

Users often forget to save their recovery codes when enabling 2FA. If you added an SSH key to your GitLab account, you can generate a new set of recovery codes with SSH:

A custom component might be interesting for you if your views look something like this: <%= simple_form_for @blog do |f| %> <div class="row"> <div class="span1 number"> 1 </div> <div class="span8"> <%= f.input :title %> </div> </div> <div class="row"> <div class="span1 number"> 2 </div> <div class="span8"> <%= f.input :body, as: :text %> </div> </div> <% end %> A cleaner method to create your views would be: <%= simple_form_for @blog, wrapper: :with_numbers do |f| %> <%= f.input :title, number: 1 %> <%= f.input :body, as: :text, number: 2 %> <% end %>

The problem isn’t Linux, it’s the defective by design DRM.The studios demand ridiculous DRM that does nothing to actually stop piracy.

Valve long ago proved that piracy is a service issue. Make it more convenient to pay for something, and people pay. Just look at what they did to bring AAA games to Linux!Apple, Amazon, and others proved it as well when they removed DRM (or never had it in the first place) on digital music purchases! People still paid for music downloads! They figured out how to keep people paying by making subscriptions to pretty much all music cheap and convenient. The service is more convenient than piracy, and you have a useful option for anything you want more permanent than a subscription.

Linux users flood developers on projects in github. On Opensource projects were you can actually somehow talk to the developers as an end user. Or maybe on Twitter if a developer of a proprietary software is somehow known and you can contact him on social media.But Developers dont talk to first level customer support of a proprietary software like Adobe InDesign or a service like Netflix,But this is were these companies get their data. And they base their decisions on this data.

Linux users flood developers with bugs and requests because we actually know how to debug our systems. The creators then tend to get annoyed at the flood, because even if they resolved them all, it would be spending a lot of energy for less than 1% of their userbase.

there should be more Linux desktop community solidarity

The main problem of the Linux community is that it is divided. I know this division represents freedom of choice but when your rivals are successful, you must inspect them carefully. And both rivals here (MacOS and Windows) get their power from the "less is more approach".This division in Linux communities make people turn into their communities when they have problems and never be heard as a big, unified voice.When something goes wrong with other OSes, people start complaining in many forums and support sites, some of them writing to multiple places and others support them by saying "yeah, I have that problem, too".In the Linux world, the answers to such forums come as "don't use that shitty distro" or "use that command and circumvent the problem".Long story short" average Linux user doesn't know that they are:still customers and have all the rights to demand from companiesthey can get together and act up louder.Imagine such an organizing that most of the Linux users manage to get together and writing to Netflix. Maybe not all of them use Netflix but the number of the Linux users are greater than Netflix members. What a domination it would be!But instead we turn into our communities and act like a survival tribe who has to solve all their problems themselves .

Big Software companies like Adobe or Netflix do two things that are relevant for us and currently go wrong:They analyse the systems their customers use. They don't see their Linux users because we tend to either not use the product at all under Linux (just boot windows, just use a firertv stick and so one) or we use emulators or other tools that basically hide that we actually run Linux. --> The result is that they don't know how many we actually are. They think we are irrelevant because thats what the statistics tell them (they are completely driven by numbers).They analyze the feature requests and complains they get from their customers. The problem is: Linux users don't complain that much or try to request better linux support. We usually somehow work around the issues. --> The result is that these companies to neither get feature requests for better Linux support nor bug reports from linux users (cause its not expected to work anyways).

It simplify things alot. Valves needs to constantly push updates so it makes perfect sense to pick Arch.

Mine you at the time Valve was trying to get developers to make Linux ports of the games so targeting Debian made some sense in terms of platform stability, this didn't work out well and developers did no such thing. Valve then moved to making WINE work better through spending dev time adding patches and making the Proton later on top of it.Valve likely moved to an Arch base to get bleeding edge support for new hardware and for performance enhancements that come along with it as they were no longer shackled trying to get developers to make native Linux ports.

manjaro maintaining a slightly different update cycle and overall behavior than upstream arch (I know this is a point of contention, but that's not the point here)

Compare that to bugfixes coming to a Ubuntu LTS or 6 month and you might not get it before the version is End Of Life making collaborating difficult & fruitless.Arch is where developers are so it makes sense from the massive array of software available in the AUR & repos too.Its like a software flee market, occasionally AUR software isn't up to the bar or theoretically there COULD be a bad actor once every few years otherwise its something truly special.

Bug triage is so much easier & faster on Arch. Everyone is on the same latest version and engaging developers usually lead to fixes that users can consume right away or within a week.

Other distros require glibc 2.28+ (ldd --version to check)

The linux-based open-source mobile operating system Android is not only the most popular mobile operating system in the world, it’s also on the way to becoming a proprietary operating system. How is that?

A free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries.

Additionally, GrapheneOS has only been developed for Google’s Pixel line of phones. Some people are a little hesitant to use a Google phone to de-google their lives.

The main flaw with Lineage is the phone’s bootloader must remain unlocked

Our Camera app provides the system media intents used by other apps to capture images / record videos via the OS provided camera implementation. These intents can only be provided by a system app since Android 11, so the quality of the system camera is quite important.

No, GrapheneOS will remain a non-profit open source project / organization. It will remain an independent organization not strongly associated with any specific company. We partner with a variety of companies and other organizations, and we're interested in more partnerships in the future. Keeping it as an non-profit avoids the conflicts of interest created by a profit-based model. It allows us to focus on improving privacy/security without struggling to build a viable business model that's not in conflict with the success of the open source project.

Using the network-provided DNS servers is the best way to blend in with other users. Network and web sites can fingerprint and track users based on a non-default DNS configuration.

Network and web sites can fingerprint and track users based on a non-default DNS configuration.

If Factorio and Civilization do a kid.

So why do we continue to perpetuate the myth of conventional current flow (CCF) when we have known for a century that current in most electrical and electronic circuits is electron flow (EF)?

alter column object type jsonb using object::jsonb;

What's wrong with a simple, feel good movie?

As has been mentioned this is a take on the Prince and the Pauper story that may not appeal to those who are into art films and like to sit around discussing and dissecting a film's philosophical nuances. If, on the other hand, you simply like a fun story, gorgeous sets, and yes, the occasional over-the-top scene, this can be a thoroughly enjoyable tale of a man who is willing to put the woman he loves ahead of himself.

There are too many people giving this 7+ stars and even 10 stars (unusual to see on IMDb) to believe the legitimacy of the number of 1-star "worst movie ever" reviews. Such paradox is simply difficult to accept as valid.

I almost didn't watch this movie due to the repetitive negative reviews here on IMDb. Usually I find reviews here fairly spot-on. But in this case I am convinced we are living in a generation of viewers who have been raised on so much schlock, sex, violence, blood and foul language that they wouldn't recognize a prime movie if it whacked them with a hammer. Either that or we have a set of the most bogus witch-hunt reviews ever.

Please, feel free to consider the negative reviews as suspect (at the very least)-- and give this film a try. The best and most valid review is your own.

I know this bug is labeled invalid and I know the devs don't want to address the issue further...but if anyone reads this I'd really like to know if there is some way *advanced* FF users can enable cross-origin downloads. I mean, c'mon, the case against allowing cross-origin downloads is built on the premise that users could unknowingly download a file from a site containing their own personal information (e.g., gmail.com) and save it using a misleading name (e.g. "30off.coupon.txt") AND THEN proceed to another malicious page where they directly go and upload that same file they just downloaded. I mean c'mon. Seriously?? Anyone who's gonna fall for that deserves to lose their personal information. I'm all for browser security, but I think a simple preference in about:config to enable cross-origin a@download is in order. Please consider. Thank you.

The Bugzilla issues don't seem to rule-out the possibility of using CORS for cross-origin download attribute support in the future, but right now using CORS headers does not do anything for the download attribute. It's possible that if other browsers start supporting the attribute, a consensus may yet be reached.

This actually is possible with JavaScript, though browser support would be spotty. You can use XHR2 to download the file from the server to the browser as a Blob, create a URL to the Blob, create an anchor with its href property and set it to that URL, set the download property to whatever filename you want it to be, and then click the link. This works in Google Chrome, but I haven't verified support in other browsers. window.URL = window.URL || window.webkitURL; var xhr = new XMLHttpRequest(), a = document.createElement('a'), file; xhr.open('GET', 'someFile', true); xhr.responseType = 'blob'; xhr.onload = function () { file = new Blob([xhr.response], { type : 'application/octet-stream' }); a.href = window.URL.createObjectURL(file); a.download = 'someName.gif'; // Set to whatever file name you want // Now just click the link you created // Note that you may have to append the a element to the body somewhere // for this to work in Firefox a.click(); }; xhr.send();

The intent of this specification and related tools is to expand the reach of development containers, allow the usage of containers by themselves or different orchestration technologies, and allow any tool to manage and create them.

The focus of the dev container specification is to describe how to enrich a container for the purposes of development, rather than acting as a multi-container orchestrator format.

and they've been focused on using Docker or Docker Compose

Context

A development container allows you to use a container as a full-featured development environment. It can be used to run an application, to separate tools, libraries, or runtimes needed for working with a codebase, and to aid in continuous integration and testing.

A GitHub Action and an Azure DevOps Task are available for running a repository's dev container in continuous integration (CI) builds. This allows you to reuse the same setup that you are using for local development to also build and test your code in CI.

Our development container teams across Microsoft and GitHub continue active development on the new Dev Container Specification, and this iteration had several exciting highlights.

Many believe that companies should give more time to employees to contribute to open source, with 79% agreeing or strongly agreeing that companies should give time during work hours to contribute.

time is listed as the biggest barrier to contributing to open source projects

while just 20% have been paid for their contributions to open source, 53% agree or strongly agree that individuals should be paid for open source contributions

At this point, you’ll want to mow your grass 3-5 times. This amounts to roughly once per week. Do this before walking on it.

Add in another two or so weeks for the grass to grow tall enough for its first mowing, at which point you have no choice but to walk over the area.

all duplicate rows are removed from the result set (one row is kept from each group of duplicates)

these two SELECT clauses are NOT equivalent, so be careful: SELECT DISTINCT(event_id, start_time) FROM ... SELECT DISTINCT event_id, start_time FROM ...

Logically, if you just want a distinct list of event_id values, what order they occur in should be irrelevant. If order does matter, then you should add the start_time to the SELECT list so that there is context for the order.

The ORDER BY clause can only be applied after the DISTINCT has been applied. Since only the fields in the SELECT statement are taken into consideration for the DISTINCT operations, those are the only fields may be used in the ORDER BY.

an alternative to Matthew's answer is using an aggregate function like MIN or MAX for the sorting: SELECT event_id FROM Rsvp GROUP BY event_id ORDER BY MIN(start_time)

I just went through a small example in my head which helped me understand why Postgres has this seemingly odd restriction on SELECT DISTINCT / ORDER BY columns.

I know this is a rather old question, but

Needing to use ruby2_keywords explicitly for delegation is unfortunate, I wish there would be a more natural way to express delegation in Ruby 2.7. Unfortunately there is not.

I once proposed to enable ruby2_keywords by default to preserve compatibility, but this was rejected.

Remove the commit from step 2. We will merge ignoring the failure. Remove the commit from the other, check it passes with the other commit now on main. Merge the other. We will trigger builds for the main branch of affected repositories to check if everything is in order. Steps 5-8 should happen continuously (e.g. one after another but within a short timespan) so that we don't leave a broken main around. It is important to triage that build process and revert if necessary.

With first-class keyword arguments in the language, we don’t have to write the boilerplate code to extract hash options. Unnecessary boilerplate code increases the opportunity for typos and bugs.

Confusingly, if the police suspect you of a crime, you can be described as a “suspicious person” and if you constantly suspect others of crimes, you can also be called “suspicious.”

It never makes sense to say “I am suspect that. . . .”

It detects bots/spiders and serves them a clean page

The shared context worked though thanks! RSpec.shared_context "perform_enqueued_jobs" do around(:each) { |example| perform_enqueued_jobs { example.run } } end RSpec.configure do |config| config.include_context "perform_enqueued_jobs" end

sew

Where around hooks shine is when you want to run an example within a block. For instance, if your database library offers a transaction method that receives a block, you can use an around to cleanly open and close the transaction around the example.