My parents were less impressed, when after a few years the screen was moved and the wall was scratched everywhere.

The only issue here is that it's not technically monotonic - both commit and author date are changeable:

    $ git init
    Initialized empty Git repository in /tmp/kk/.git/
    $ echo a > a; git add .; git commit -m a
    $ echo b > b; git add .; git commit --date="Wed Feb 16 14:00 2011 +0100" -m b
    $ echo c > c; git add .; GIT_COMMITTER_DATE="Wed Feb 16 14:00 2011 +0100" git commit -m c
    $ git lg
    * 523aa1a - (2024-11-28) c - user (HEAD -> master)
    * cbdbbbe - (2011-02-16) b - user
    * 1055e1e - (2024-11-28) a - user
    $ git show --no-patch --format=%ci HEAD
    2011-02-16 14:00:00 +0100

That would be a huge mess, IMO. Of course for non-libraries semver is fairly pointless, but for libraries it describes a contract and that contract works well in practice. But maybe there is a better way - hence my question.

Time is sequential, but this means that just building an older version is now a production breaking incident. That's weird to me, but I'm not a CD person.

Oh, you added a bar() method to Frobinator? Shame, this other project depends on the fact that Frobinator only has one public method. And that project distinguishes Frobinators and Barinators by checking bar() method existence.

And you fixed a bug where username returned from API had a space appended at the end? But my frontend developers used that for layout and now my site is broken.

Written partially in cheek, but it's true that every change is breaking for someone if you have enough users.

[1]See https://www.hyrumslaw.com, Wikipedia entry, recent discussion on HN, and of course that one xkcd.

* microbenchmarks comparing speed of doing stupid things (like adding 10000 integers or sorting a list with bubblesort 1000 times)

* 'real world'-ish benchmarks comparing idiomatic solutions in two languages doing the same thing

In both cases it doesn't matter (much) how big a standard library is. If you want to compare two languages doing something complex, you need to have -standard or not- implementation of that something for both languages.

But maybe I (and possibly others) have missed your point?

Explanation: I did, and within a few days bots started sending me spam using that form. I just added a trivial captcha (hardcoded '2+3=' question), but if my scale was bigger that would be untenable. Think also of PM spam, autoregistering accounts to abuse free tiers, etc.

I care about fixing security vulnerabilities in my OS projects, but I care more about my sanity, my family, getting enough money to survive, and a few other things. Unless you pay me I don't care about your problems with my free (as in a beer) software.

And that's a good thing btw - I tried to ask for donations once, got the equivalent of a few cups of coffee per month, and... burned out almost immediately. I started to feel responsible for that project, staying up late to fix reported minor bugs, and it turns out watching Github issues 365 days a year for a few dollars monthly is not a great business strategy.

>Your account meets this criteria, and you will need to enroll in 2FA within 45 days, by November 8th, 2024 at 00:00 (UTC). After this date, your access to GitHub.com will be limited until you enroll in 2FA. Enrolling is easy, and we support several options, starting with TOTP apps and text messages (SMS) and then adding on passkeys and the GitHub Mobile app.

I think the exact deadline depends on the organisation. I know that I only enabled 2FA for my throwaway work account (we don't use github at work, and I didn't want to comment using my personal one) last week.

>Where the only official workflow is "Use GitHub Actions".

Well you can do it manually with other solutions... as long as they are one of the four trusted publishers (see "Producing attestations manually does not bypass (...) restrictions on (...) Trusted Publishers":

https://docs.pypi.org/trusted-publishers/adding-a-publisher/...

This means that you literally can't do it manually, you have to rely on one of:

* Github

* Google Cloud

* ActiveState (I'm not familiar with it)

* Github.com (not just github, only that one instance)

Really surprising development, IMO.

I mean, the author is probably not a programming language design specialist, but I feel that's overly harsh - they hopefully learned a bit when working on this toy project.

Using Kubernetes where it's not needed is just that - wasting your time and making your life harder.

Before you say that I just need to research more: I know Docker swarm mode, I run my personal server on Kubernetes using Traefik and Let's Encrypt, I professionally work with Kubernetes (both as an admin and working on Kubernetes security, which is tough to get right), most services in my dayjob run on Kubernetes, and I was the person who introduced CI/CD pipelines there some years ago.

I still claim that there are production usecases that are better served by docker-compose.

It's hard for me to explain the difference, but (as an educated and relatively eloquent person) I would really hesitate (as in, physically struggle with my throat) to curse in my language aloud in a public place. Saying them among my friends or family would be seen as between mildly offensive and absolutely unacceptable. When hearing someone curse in public, I instinctively assume they're uneducated or intoxicated.

Meanwhile, i can freely swear in English among the same people (and online, and in most situations abroad). My mother, who I have never heard curse in my language, says "shit" like it was "oh darn". I see English swear words everywhere online. They really don't feel like a taboo to me.