A PHP developer who, in his spare time, plays tabletop and videogames; if the weathers nice I climb rocks, but mostly fall off of indoor bouldering ones.
My wife and I were in this A&E 3 days later. She'd new lower body numbness appear some months into a broken back recovery. 101 said go straight there, this is a no fuck around situation.
We get there and are advised it's a 12 hour wait, the place is rammed, ambulances are queuing and the corridors are full of gurneys and paramedics.
My wife at this point is in tears. The broken back means sitting for an hour on a shit waiting room chair is hard work. 12 literally can't happen.
So we leave. What else can we do.
The situation was fucking awful, but I don't blame the staff. I felt genuinely bad for all of them - there was just a complete lack of hope on any of their faces.
Written by someone who apparently has no understanding of virtual memory. Chrome may claim 500MB per tab but I'll eat my hat if the majority of that isn't shared between tabs and paged out.
If I'm misunderstanding then how the fuck is chrome with it's 35+ open tabs functioning on my 16GB M1 machine (with a full other application load including IDE's and docker (with 8GB allocated)
The two main problems appear to still be ongoing PRs/issues; magazine/community sidebar content doesn't update and doesn't federate out at all to lemmy, and moderation actions don't federate at all (any of the various types) - which is particularly problematic.
I watched something very similar to this hit at least 40mph (65kph) down my 30mph (50kph) limit road the other day. The guy did not have a helmet on and was in a light jacket and jeans with trainers.
It was as you said, a motorcycle with pedals - only ridden by more of an idiot than the people who ride around during summer on 600cc bikes wearing shorts and t-shirts (cause at least they have a crash helmet on)
Docker will have only exposed container ports if you told it to.
If you used -p 8080:80 (cli) or - 8080:80 (docker-compose) then docker will have dutifully NAT'd those ports through your firewall. You can either not do either of those if it's a port you don't want exposed or as @moonpiedumplings@programming.dev says below you can ensure it's only mapped to localhost (or an otherwise non-public) IP.
Sure, I get it, this stuff should be accessible for all. Easy to use with sane defaults and all that. But at the end of the day anyone wanting to using this stuff is exposing potential/actual vulnerabilites to the internet (via the OS, the software stack, the configuration, ... ad nauseum), and the management and ultimate responsibility for that falls on their shoulders.
If they're not doing the absolute minimum of R'ingTFM for something as complex as Docker then what else has been missed?
People expect, that, like most other services, docker binds to ports/addresses behind the firewall
Unless you tell it otherwise that's exactly what it does. If you don't bind ports good luck accessing your NAT'd 172.17.0.x:3001 service from the internet. Podman has the exact same functionality.
Let's be honest, this is only their outlook until the courts make their decision. They'll sell if that doesn't go in their favour.