I'm not particularly worried about Bitwarden going belly up because it has already have such a well-established open-source replacement. The worst-case scenario is that Bitwarden make the clients incompatible with Vaultwarden, and like how OP already mentioned in the post, somebody in the community will fork them as soon as this happen.

To be fair plopping a `div` everywhere started way before Tailwind. I blame React and the mess that is CSS in JS for this.

https://en.wikipedia.org/wiki/Elder_Futhark

[0]: https://en.wikipedia.org/wiki/Elder_Futhark

[1]: https://en.wikipedia.org/wiki/Younger_Futhark

Github: https://github.com/antran22/typst-cv-builder

Comments URL: https://news.ycombinator.com/item?id=41492142

Points: 1

# Comments: 0

Then I found this issue, where essentially they left a huge backdoor open with Remote Debugger: https://github.com/zen-browser/desktop/pull/927. The guy claims that it was due to ignorance, but seeing this really shakes up my paranoia. Luckily I haven't typed any credential into the app. From a security-minded user's perspective, this is not a good sign. I hope that they would really put privacy & security forward, get some 3rd party security audits.

Comments URL: https://news.ycombinator.com/item?id=40597784

Points: 1

# Comments: 0

So thank you, Apple, for not running in this arm race. Not every race is worth participating.

Comparing to session IDs, you have no way to know if an unique id is bogus or not. You have to check from a list, be it a cache or a database. This limits the scalability of the solution. I'm not an expert, but AFAIK JWT verifier can be stationed on the edge of the application network, and I have not checked this but I suspect they can even make a hardware solution for those kind of activity. That's definitely a big reduction of attack surface in terms of DDOS.

IMO JWT doesn't have that many moving parts. Encryption parameters are handled by libraries according to tested standards. The only real thing you need to do is to keep your private key safe.

Comments URL: https://news.ycombinator.com/item?id=37918463

Points: 3

# Comments: 0

- Amplication: Last I checked, they allow defining data structure & endpoints etc. before exporting to Nest.js Boilerplate with niceties. They sync to a separate branch on GitHub, so you can use it alongside writing actual logic into the boilerplate, and merge new changes from Amplication to the main branch. - Draftbit (React Native based Mobile App builder). The builder is not very great, they lack a bunch of features. They make up for this by allowing the developer to add custom JS code very easily. You can write your own Custom React element inside the editor, and with a little massaging things can fall into place. I'm not saying this approach should be abused, though. The team told us once that some of their big clients are mobile dev agencies that mostly just use the platform to Storyboard & bootstrap some UI before doing the actual logic in their own code. - FlutterFlow (Mobile App builder). I'm biased because I'm still in the progress of helping a client fixing their mess on FlutterFlow. FlutterFlow's code output is really spaghetti. The developer UX on the builder is horrible, so in the end I still opt to eject and deal with the spaghetti code.

I'm looking to investigate using Windmill as a website builder for some small internal system. Few questions: - Is it possible to setup custom path for flows (to hack it into a REST API) - How can we go and make authenticated flow

Hell, you can run a few thousand simulators for every scenario you can think of during descent, including lost of burner, propellant leak, etc, and then during the actual descent a chip get burnt because of a stray cosmic ray. There will still be somebody on HN call you out for cutting corner.

Context: I'm a Vietnamese and worked on one of the Vinfast subproject at one point. I like how Vinfast is going in Vietnam, trying to spearhead EV adoption in our country. I honestly hope they grow to be bigger than Tesla. But the product is not there yet.

One of my past team used another lightweight Jira alternative, and even though the software does it best to keep things light, agile, PMs read the burn up chart as religiously as the Bible, then make their strategic decision based on the most optimistic estimation of the chart.

Agile is great at its core, but business people ruined it. And we have craps like Agile Expert.