Why would you disagree with the parent post and then fail to provide the title of the book in your own response? Just give the name of the book, please.
dawwww poor hn user's are afraid of their VC's
Imagine disliking an analysis which favors smaller users. Before i ever commented on a single HN post, I was told repeatedly how cynical, negative, and sarcastic HN was. Hm.
Reminds me of Vercel's Rauch talking about his aggressive 'any UX mistake is our fault, never the user's' model for evaluating UIX.
(It is/was Guillermo who says that, right?)
This should be all of Information Technology’s take. Your computers get hacked - IT’s fault. Users complain about how hard your software is or that it breaks all the time - IT’s fault.
The fact users deal with almost everything being objectively not very good if not outright bad is a testament to people adapting to bad circumstances more than anything.
Does it solve anything? I don't see this as a GitHub problem, it's a "we built a dependency management system with untrusted publishers" problem.
GitLab's `include` feature has the same concern. They do offer an integrity check, but it's not any more capable than hash pinning to a commit.
Fundamentally, if you offer a way to extend your product with externally-provided components, and you can't control the external publishers, then you've left the door open to 'these issues'.
Boy i wish that principle held up in real medicine and other parts of life; "rep and skills" may in some ways equal power, but that false equivalency is how problematic behavior is excused in unfit individuals.
I also prefer to manage version management myself directly, even with llm-gen'd CICD elements, so preferring jj hasn't been nearly as costly for me specifically :D
reply