How do you avoid this pitfall?

If you have investments outside of an ISA (tax free investment wrapper) then same story - you need to report disposals and dividends for tax purposes.

That's before we get into side hustles/self employment and investment properties, etc.

Prior and post that I'd always used git but I'll always have a bit of a soft spot for mercurial, especially as our forge usage at the time predated strict guardrails and controls - we did code review, but it was your responsibility to tag the appropriate people and wait for them to respond, if you felt it was necessary to merge prior to that you could - but better be ready to defend that decision.

Using a cloud provider read replica might not (as I think that might use block level replication) - but then you're paying for an extra dev database host for the privilege

> The source database can't have any active connections during cloning.

I wouldn't mind some lock contention, but having to kill all connections seemed a bit harsh

Would this have caught the cache poisoning? Unsure, though it at least means I'm intentionally authorising and monitoring each publish for anything unexpected.

https://docs.github.com/en/actions/deployment/targeting-diff...

Although I do feel like I've seen too many instances of a 404 being used for an empty collection where it would make more sense to return `[]` and treat it as an expected (successful) state.

It was really helpful that they had coordinated with WAF providers like cloud flare ahead of disclosure to put rules in place though.

Tbh I think it still works, but only because the new allowance will likely get used very quickly within a billing cycle - I'm expecting this change to increase our orgs bill significantly based on how many API credits with open router I consume in a weekend using a single agent in a pairing style.

The pooling will only be useful if you have a bunch of infrequent/low usage users that you still want to have licenses.

I was also having a play with a demo model of the latest one in a store and the page turn speed is much much better, which is tempting me to upgrade though I'd prefer to run the current one into the ground first.

Obviously it involves trust that it isn't actually "we say it's e2ee but actually we also MiTM every conversation"

It was enraging - I'm trying to provide references to explain the motivation of my changes, all my prose is nicely formated, but the bulleted list of references I've provided is rejecting my commit.

I generally think it's in the category of a social problem not a technical problem - communicate the expectations but don't dogmatically enforce them

I've found this to work quite well, and the SSL whilst somewhat meaningless from a security pov since the traffic was already encrypted by wire guard, makes the web browser happy so still worthwhile.

I looked at a random repo today, and used some of its (MIT licensed) code as a starting point.

It was an expo plugin for managing android key stores, I didn't need most of what it did, and I went a different direction in the remaining bits - but it still helped me do that quickly. That won't show up in any stats the author can see, but I appreciate their contribution

I still hope to get back to that and try to get it to a state where it can be merged, but I need to figure out how to test the MDM parts of it properly, and ideally get a bit of guidance from the tailscale team on how it should work/is my implementation on the right track (think I had some open questions around the UI as well)