• mac@infosec.pub
      link
      fedilink
      arrow-up
      147
      ·
      8 months ago

      I thought it was poking fun at the tutorial saying instead of learning to code, import a library from someone who knows how to code.

      • lowleveldata@programming.dev
        link
        fedilink
        arrow-up
        43
        ·
        8 months ago

        That’s what libraries are for. I’m no security expert and the sensible thing to do is using a library instead of taking a class.

          • unique_hemp@discuss.tchncs.de
            link
            fedilink
            arrow-up
            4
            ·
            8 months ago

            Love the part where he claims that if your users are authenticated, it’s not untrusted input. I mean, surely you trust all of your users to run any code on your server, right?

          • Gabu@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            8 months ago

            Impressive and unsurprising. As soon as you start getting complex libraries with multiple dependencies it becomes nearly impossible to review everything. At one time I had an interest in contributing to some AI libraries, but they’re a mess as soon as you go looking for points of improvement.

      • billwashere@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        8 months ago

        Which is funny because when I first started my CS degree in the late 80s (get off my lawn) we used to make fun of the beginning Java classes because it seems 90% of coding was to import the right library.

    • Otter@lemmy.ca
      link
      fedilink
      English
      arrow-up
      30
      ·
      8 months ago
      from Lemmy import Upvote
      from Fediverse import Posts
      from ActivityPub import Submit
      
      target_post = 'https://lemmy.ca/post/18691085'
      num_votes = 8
      
      post = Posts.open(target_post)
      
      package = Upvote(post, num_votes)
      
      package.Submit(target_post)
      

      or something