TehPers

We’re postponing the announced billing change for self-hosted GitHub Actions to take time to re-evaluate our approach.

How would age verification even work here? Would it work?

Depends on the exact wording of the law, but an attempt can be made. It would be a horrible waste of everyone’s time as well as require significant time investment from instance admins though.

The whole concept is idiotic, especially since even the most complex age verification schemes can be bypassed by using an adult to verify on behalf of a child (and most can even be bypassed with video game screenshots). You end up with the same system, functionally a checkbox asking if you’re old enough, but with all the added invasiveness and potential risk.

We had a Tacoma growing up and it was honestly a great car. Wasn’t too big to park, could fit a good amount in the bed, and had enough seats for five, though the second row was for the shorter passengers. It’s also still being driven today. We had a small car for commuting as well, and the Tacoma mostly functioned as a second vehicle (for when two people need one, helped when I got a license) plus for whenever we went to Costco.

This. People either want a giant diesel-guzzling truck, or they want a small efficient truck as their second vehicle for moving things around. Nobody’s looking for a giant EV truck, especially at that price.

All they had to do was make an EV Tacoma (size-wise). Instead, they made an EV F-150.

GPA scales make no sense here, but usually the top varies somewhere between 4.0 and 5.0.

At the university I went to, I believe it went to 4.0 with honors, but I only knew one person who got remotely close to that. Honors was a separate process where they make you miserable in your last two years for no discernable benefit.

open to any feedback, always willing to learn

A common pattern with executable Python scripts is to:

• Add a shebang at the top (#!/usr/bin/env python3) to make it easier to execute
• Check if __name__ == "__main__" before running any of the script so the functions can be imported into another script without running all the code at the bottom

and then the company suffered a collapse and everyone got laid off.

This feels like the ending to most stories these days. My friend’s company shoved AI down his throat, and then the company suffered a collapse and everyone got laid off.

This depends on how the tool is used still. For someone seeking a diagnosis, the tool would be incredible. For someone who wants to use it to discriminate, the tool would be terrible.

Like most tools, the tool itself isn’t morally right or wrong. It’s the use of the tool that is.

It also wouldn’t work well because it’s impossible to diagnose someone with Autism solely from their face. They’d have much better luck making a tool for something like Down syndrome, but even still it would be very fallible.

Autism is widely called “invisible” for a reason lol.

Do humans also go insane when you ask them if there is a seahorse emoji? If so, I have a fun idea for one of those prank videos.

Because Apple has no 1st amendment responsibilities. The government does.

The number of times I’ve been attacked over tone growing up tells me that I either had abusive parents, or and that how you say stuff matters a lot. Intonation can also turn a statement into a question or even make it sarcastic. Words come with baggage beyond their meaning, and using a word with negative connotations can turn a compliment into an insult.

6000 MT/s 28-36-36-96

Any website using CSR only can’t have a RCE because the code runs on the client. Any code capable of RSC that runs server and client side may be vulnerable.

From what I’ve seen, the exploit is a special request from a client that functionally lets you exec anything you want (via Function’s constructor). If your server is unpatched and recognizes the request, it may be (likely is) vulnerable.

I’m sure we’ll get more details over time and tools to manually check if a site is compromised.

Got 64GB DDR5 earlier this year. I went to check the price of the kit recently and it’s up to $800. Shit’s insane.

I’m not the one recommending it lol.

If I had to guess, it’s to improve page performance by prerendering as much as possible, but I find it overkill and prefer to just prerender as much of the page as I can at build time and do CSR for the rest, though this doesn’t work if you have dynamic routes or some kind of server-side logic (good for blogs and such though).

I think their point was that CSR-only sites would be unaffected, which should be true. Exploiting it on a static site, for example, couldn’t be RCE because the untrusted code is only being executed on the client side (and therefore is not remote).

Now, most people use, or at least are recommended to use, SSR/RSC these days. Many frameworks make SSR enabled by default. But using raw React with no Next.js, react-router, etc. to create a client-side only site does likely protect you from this vulnerability.

I think it also doesn’t help that only 4XX (client error) and 5XX (server error) are defined as error status codes, and 4XX errors don’t even necessarily indicate that anything happened that shouldn’t happen (need to reauth, need to wait a bit, post no longer exists, etc).

Trying to think of what 6XX would stand for, and we already have “Service Unavailable” and “Bad Gateway”/“Gateway Timeout”, so I guess 6XX would be “incompetence errors”. 600 is “Bad Implementation”, 601 is “Service Hosted On Azure”, 602 is “Inference Failure” (for AI stuff), and I guess 666 is “Cloudflare Outage”.

No, and your hostility is out of place. Do you have something against GN?

This is the actual answer with respect to Cloudflare. Their config system was fucked in November. It’s still fucked in December. React’s massive CVE just forced them to use it again.

More generally, the issue is a matter of companies forcefully accelerating feature development at the cost of stability, likely due to AI. This is how the company I’m at is like anyway.