Skip Navigation

User banner

RonSijm

@ RonSijm @programming.dev

Posts
5
Comments
86
Joined
3 yr. ago

  • LinkedIn checks for 2953 browser extensions

    Jump

  • Yea, well that was my first though, but then I though - why would chrome even allow any website to just arbitrary check which extensions you have installed.

    So I checked the scripts and at this line the script is showing

     
        
async function fetchExtensionInfo(extensionId) {
  return new Promise((resolve) => {
    const url = `https://chromewebstore.google.com/detail/$%7BextensionId%7D`;

    So I thought maybe they were calling the chromewebstore foreach plugin, and if you have an extension already installed, you get a different response than when you don't - or something.

    But I suppose I'm wrong and for some reason a site can just ask the browser internally which plugins are installed

  • LinkedIn checks for 2953 browser extensions

    Jump

  • Uhm, doesn't really sound like this could be true. Maybe I'm missing something?

    You'd see 2953 get requests in your network tab, right?

    And the article says:

    LinkedIn silently probes for 2,953 Chrome extensions on every page load.

    Surely it would be drastically noticeable if for every page load they do 3k get requests to the chrome store

  • Authentication in microservices

    Jump

  • However, what is stopping a malicious actor from bypassing the API gateway and communicating directly to the micro services ? Do we solve this problem using a firewall, so only trusted traffic reaches the micro services ?

    Kind of - sort of

    With this kind of setup, usually you'd put all your micro services inside a VPC. The micro services wouldn't even be directly accessible from the internet. So it wouldn't really be a "firewall" - but a nat gateway.

    Though conceptually a little bit the same. The API gateway is kind of acting as a firewall

  • My code is self-documenting

    Jump

  • It's ChatGPT that's commenting this, isn't it?

  • Coming soon: Simpler pricing and a better experience for GitHub Actions - GitHub Changelog (Adds self-hosted runner cost)

    Jump

  • To be fair, it's not that crazy - your agents are generating a lot of data that Azure DevOps is storing. And they're doing a bunch of other things like release management and showing test results over time, etc etc

    I'm using Azure DevOps practically free - (unless I build way too much and run out of free credits for the month)

    But since so many things in Azure DevOps are already free.. If you're going to start substituting the paid features like extra build agents with your own "free self hosted agents" then where are they getting any money from?

  • what's the coolest thing you have ever programmed?

    Jump

  • Trump Plan Would Force Tourists to Share Years of Social Media Posts Before Entering US

    Jump

  • Yes, but it includes your chat and voice chat history in the CoD, League, Dota and Counter Strike lobbies.... 😉

  • Diptyx is an open source, dual-screen eReader (crowdfunding)

    Jump

  • Pretty cool. I tried to google it, and I couldn't actually find the source for it. Just a bunch of articles about it and a reddit thread.

    I'm curious what it's written in

  • Diptyx is an open source, dual-screen eReader (crowdfunding)

    Jump

  • If it's "open source hardware" wouldn't it be pretty easy to put it different screens?

    Like it also only had a 2 GB SD card.. I'd guess most people would upgrade that

  • Would you use a service that automatically identifies refactoring opportunities in your code?

    Jump

  • Are there existing tools you love (or hate) that do something similar?

    This sounds similar to "Static code analysis" tools. Especially now that these code analysis tools are getting AI integrations.

    For example we use coderabbit.ai. That does a code review on PRs in github, and reviews these sort of things. Especially the simpler things that you've mentioned like poor naming conventions, violations of language-specific best practices, and readability issues. I'm not sure if it will automatically come up with "large refactoring opportunities" by default - but maybe you can custom-prompt configure it to try, I guess

    (Comment) Why have a separate webpage if such of helper can be built into IDE/editor?

    Coderabbit also has IDE extensions: https://www.coderabbit.ai/ide - I think the separate webpage exists for org level configurations and overviews. These "best practices" are probably defined on a team level to ensure everyone uses the same code-style and things like that

    I'm not sure if "just a website to copypaste code and get reviews" is really a good idea. Maybe for juniors that want to review one class or method or something. But usually code is spread across multiple files, and structural refactor opportunities are on a larger scale then just a couple files

  • How Ruby Went Off the Rails

    Jump

  • On September 19, Ruby Central, a nonprofit organization that manages RubyGems.org, a platform for sharing Ruby code and libraries, asserted control over several GitHub repositories for Ruby Gems as well as other critical Ruby open source projects that the rest of the Ruby development community relies on.

    Uhm, so how does this happen? If some people create Ruby Gems and host them under their own github account, how would Ruby Central suddenly assert control over them?

  • Isn't brave supposed to be "private"?

    Jump

  • I've seem so many ads for Brave Browser... If it's supposed to be private and anonymous and a free browser - where are they getting all this money for all those ads?

  • Dutch privacy watchdog urges LinkedIn users to opt out of AI data training by Nov. 3

    Jump

  • Just spreading the word from: https://programming.dev/post/37913329/19530188

    Assuming you need to keep your account for work, here are the direct links:

    1. Go to this page and turn it off: https://www.linkedin.com/mypreferences/d/settings/data-for-ai-improvement
    2. Submit this form: https://www.linkedin.com/help/linkedin/ask/TS-DPRO

    In addition:

  • Infallible Code

    Jump

  • You don't get it. This was made in GameMaker Studio 1.4, which doesn't support a modulo operator. You know nothing about this specific framework. I have 8 years of experience and hacked governments. There's no reason to update it now, because it runs on a smart fridge at maximum capacity.

  • Github has started charging me on the free tier?

    Jump

  • Since you're getting downvoted, maybe you want to explain why using Github free is "pointing a loaded gun at your foot"?

    I'm using github for a bunch of my public repos as a free backup service... Why would I want to use a self hosted or way more obscure git forge? Seems riskier than just dumping it on github

  • “Higher-Order Vibes” Are Killing the Vibe Coding Industry

    Jump

  • Documentation? Maintainable? Test cases? You're too attached to old paradigms in a new vibe based world.

    Why do you need any of those? If you need any new features, you just re-engineer your prompt and ask the AI to rebuild it from scratch...

  • using AWS

    Jump

  • Can someone explain how you accidentally rack up such a bill?

    For example: You can deploy your Python script as a Lambda. Imagine somewhere in the Python script you'd call your own lambda - twice. You basically turned your lambda into a Fork Bomb that will spawn infinite lambdas

  • using AWS

    Jump

  • A lot of the times this comes down to a user error.

    For example, very similar to your case, I knew someone that enabled Cloudtrail, and configured some things to have Cloudtrail logs dumped on S3. Guess what? Dumping things on S3 also creates a Cloudtrail that gets logged to S3 that Cloudtrail logs. Etc

    Doing things like that and creating a loop can get you massive bills

  • Ubisoft open sourced Chroma, their colourblind simulation tool

    Jump

  • Probably the best thing Ubisoft released since assassin's creed black flag

  • Why do AI company logos look like buttholes?

    Jump

  • They were streets ahead in their logo design...

  • Programmer Humor @programming.dev
    RonSijm @programming.dev

    Oopsie, Visual Studio License expired, so the build server stopped working

  • Software Gore @lemmy.world
    RonSijm @programming.dev

    Load-testing the database - I don't think it likes it

  • Programmer Humor @programming.dev
    RonSijm @programming.dev

    Whatever 'Clean Code' you write now, it'll be shit eventually and in need of a complete rewrite

  • Programming @programming.dev
    RonSijm @programming.dev

    Codingame - Summer Challenge 2024 - Olymbits - Bot Programming Challenge

    www.codingame.com /contests/summer-challenge-2024-olymbits
  • Reddit @lemmy.world
    RonSijm @programming.dev

    Banned from Reddit after posting John Oliver