TehPers

This is neat! It might be useful to turn this into more of a CLI utility by having a mode for accepting some Gregorian date via stdin or CLI option, and outputting a parseable format for the Symmetry454 date via stdout. I’d recommend looking at the argparse module if you’re interested, though there are some third party packages that can make it even easier to parse program arguments.

They take something like “please sort your imports. We agreed to use isort last week” as a personal attack.

I would take this personally as well, to be honest. Using isort over Ruff? Blasphemy.

Is that little Bobby Tables? I guess he’d be grown up now, but he’ll always be little to me.

Your second point has been a focus area for them for years, and we’ve seen it improve with async fn in trait, async closures, etc. Hopefully we see that continue to improve over time.

The third point has a solution in the works already (at least for crates.io). The accepted (I believe) proposal is that crates themselves act as “namespaces” and you can publish crates like bevy::render or hyper::utils that get loaded under some parent module by the compiler. Publishing crates with names containing :: would be constrained to those who maintain the parent crate (so bevy or hyper in that case).

So he’s going to use ICE to assist the TSA and speed up security checkpoints at airports…?

I’m confused. Is that his threat? ICE is definitely underqualified for the job and is almost certainly going to discriminate on appearance and ID doc, but TSA already does that.

Oh this is an actual quote. I guess I’m not surprised.

Now then, let’s turn this around:

“Charlie Kirk just died. Good, I’m glad he’s dead. He can no longer hurt innocent people!”

Seems like a double standard to me to praise one person’s death while criticizing those who praise another’s.

We have #5, but some (non-breaking) feedback can still be deferred to a future follow up issue.

This is usually my preferred option, but usually i differentiate between blocking and non-blocking feedback in my reviews. Non-blocking is some improvement that can be made, but is not necessary, like cleaning up some (tangentially-related) code. Blocking is anything that is logically incorrect, unreadable, uses deprecated features unnecessarily, etc.

Adding context does two things:

• Add additional messages to the error for debugging purposes
• Attach data to the error for the callers

For the former, I prefer all lowercase, very concise, and with the intent to describe what beebboop was doing when it failed (in your example). More practically, what produced the error could be writing to the filesystem, and the additional context could be that the filesystem was being written to because it was saving a config file.

For the latter, this is actually a lot different. anyhow lets you downcast its errors into any of its contexts. You can use this to create aggregated errors, test for specific contexts, or attach useful details to the error which might help with recovering from it.

Yes, it’s necessary. Even if everyone writes perfect, bug-free code, people learn from code reviews.

Windows 11 is getting a few nice changes. The problem is I’m on Linux now. I’m not going back unless it becomes better than Linux by enough to make me bother switching again.

The error returns a stack trace like this because if you return Err(anyhow::Error) from your main function, it debug prints the error when it exits.

As you mentioned, it’s very convenient during logging! The Display impl shows much less information, so usually you want the Debug info of anyhow::Error during logging.

Are people praising him? I’ll admit I haven’t looked much, but very little would redeem that man for me. He’d have to solve world hunger or reverse climate change or something for me to reconsider my opinion of him.

There’s a saying about broken clocks that applies here. Carlson is broken, so naturally he’d be right twice per day.

The list of countries that could be is shockingly long. In this case, it seems likely to be Singapore, at least based on the post.

Well, to no surprise, Slay the Spire 2. Still in early access, and still an amazing game. The balance is a bit all over the place, but that’s expected with it in EA. Compared to the first game, it’s a direct improvement (save for the balance). The new characters are a lot of fun to play and bring new, interesting mechanics to the game. Heck, Defect has some new content as well, including a status build of all things.

Otherwise, modded Terraria on a server I’m hosting with some friends. The new update is really good, but even 1.4.4 (which tModLoader is still on) has some awesome mods. Honestly, I’m excited for when tModLoader releases for the new update, though I know that will take some time.

As someone with fat fingers and autocorrect disabled, I wish I had 22 wpm with high accuracy.

And before you suggest autocorrect, I use a lot of acronyms and jargon that autocorrect often fails at. It gets annoying enough that I’d rather just type stuff out myself.

I’ve mentioned the long-term effects I see at work in several places, but all I can say is be very careful how you use it. The parts of our codebase that are almost entirely AI written are unreadable garbage and a complete clusterfuck of coding paradigms. It’s bad enough that I’ve said straight to my manager’s face that I’d be embarassed to ship this to production (and yes I await my pink slip).

As a tool, it can help explain code, it can help find places where things are being done, and it can even suggest ways to clean up code. However, those are all things you’ll also learn over time as you gather more and more experience, and it acts more as a crutch here because you spend less time learning the code you’re working with as a result.

I recommend maintaining exceptional skepticism with all code it generates. Claude is very good at producing pretty code. That code is often deceptive, and I’ve seen even Opus hallucinate fields, generate useless tests, and misuse language/library features to solve a task.

If you’re interested in more DDoS-style attacks, Cloudflare has an article that goes over the topic as a whole as well as in-depth topics for different common attacks. They also have reports that cover the kinds of DDoS attacks they’ve seen through their servers. You’ll notice they mention SYN floods as one of the attacks they commonly see. Amplification attacks have also risen in popularity, generally speaking, where the request gets amplified by vulnerable DNS/NTP/etc servers.

OWASP is an excellent learning resource as well, and covers many different topics in-depth around web security.

Okay wow, let’s break this down…

1. Unrelated to your question, but I’d recommend FastAPI over Flask. But anyway…
2. CSRF protections should not be disabled unless you need to. For local debugging, it can be fine, but there’s no real reason not to keep it enabled. “It’s annoying” is rarely a good reason to disable a protection.
3. Now, to answer your question finally: based on the flask-wtf docs, the call to CSRFProtect(app) enables protections globally. Consider removing that call if you want to disable CSRF protection. Alternatively, @csrf.exempt can disable protection on a view, and setting WTF_CSRF_CHECK_DEFAULT to False disables it by default on all views (and you can selectively enable it per-view).
4. Also, while you’re at it, make sure you’re using up-to-date versions of Flask and flask-wtf. If not, check the docs for the specific versions you’re using.

Pros: leadership wants to do your job. Chill out, let them do it, then laugh at them when it fails. You’ll at least have a relaxing job up until they either fire you in their idiotic confidence or beg you for help.

Cons:

it’s managed to blow up and nuke production

You know, I remember reading a similar story about AWS recently…

Cook time: 1 minute

Ingredients:

• 1 Banana
• 1 Muffin

Directions: Peel the banana monkey style (from the bottom, not from the stem). Use your finger to put a hole through the center of the muffin. Insert the banana into the muffin. Enjoy warm.