E.g. the jwt auth example has some major problems since the verification rules aren't fully specified in the spec. The jwt-token verified rule only checks that the string isn't empty, but it doesn't actually verify that it is correctly parsed, non-expired, and signed by a trusted key. The authenticated-user rule doesn't check that the user-id actually came from the jwt. If you hand-wrote your constructor, you would ensure these things. Similarly, all the other constructors allow passing in whatever values you like instead of checking the connections of the real objects.

By calling the constructor for these types, you are making an assertion about the relationship of the parameter values. If AI is calling the constructor, then it's able to make it's own assertions and derive whatever result it wants. That seems backwards. AI should use the result of tenant-access to deduce that a user is a member of tenant, but if they can directly call `(tenant-access user-id tenant-id true)`, then they can "prove" tenant-access for anything. In the past, we have named the constructors for these types `TenantAccess.newUnverified`, and then heavily scrutinized all callers (typically just jwt-parsers and specific database lookups). You can then use `TenantAccess.{userId,tenantId}` without scrutiny elsewhere.

If you don't drop any spans from a trace, you can completely disambiguate a collision since the trace will have two distinct root spans. If you are missing spans, you might have a break in the parent-child links.

Even with infinite retention, your analysis will bucket by time somehow, so a collision might have no effect if the collision doesn't happen at a proximate time. If you are manually looking at traces, it will be very obvious there is a collision unless they happen at the same time.

Also, birthday paradox only expresses probability that there is a collision somewhere, but if you are filtering or looking at single spans, then the probabiliy that you actually see a collision is greatly reduced.

I think for basically all systems, an additional 64-bits has insignificant additional cost, so you may as well prevent collisions, but I think it could be a reasonable tradeoff if it mattered.

I wonder if this phrase has different connotations among other English readers? A lot of these comments are fairly early for US timezones.

I had hoped that something like Linux Pressure Stall Information (PSI) would become more useful for low-memory scenarios. E.g. you could put critical processes in a cgroup that could rate-limit swap-outs/evictions so that it was always responsive. There are some cgroup knobs that affect reclamation, but you need a really good guess about how much memory something needs, which makes it hard to use.

https://docs.kernel.org/accounting/psi.html

> a Linux kernel facility that lets userspace code detect whether it was preempted or migrated during a critical section and restart it if so. PostgreSQL's spinlock paths would use rseq to detect preemption and retry, avoiding the scenario where a preempted lock holder stalls all waiting backends.

The real proposal is about time-slice extension, which is a feature that uses the abi for rseq but otherwise has nothing to do with retrying critical sections. While a process holds a s_lock, it would set a request bit. If the kernel tries to preempt that thread while the request bit is set, it instead extends the time slice once and returns control back to the thread. It's further explained here: https://docs.kernel.org/userspace-api/rseq.html

Code review has value, but I don't think we are always honest about the costs. At most places I've worked, there has been an informal understanding that code should be reviewed within 24 hours or so, but there is a world of difference between getting a review within 2 hours and 23 hours.

If you have to go back and forth a second time, it's so much more likely that the approval comes much later due to straddling end-of-day in someone's timezone.

Tangentially, if you are designing policies for code review at your org, try to think both about minimum requirements (e.g. PRs should get a first look within 24 hours) and typical requirements (e.g. most PRs should get reviewed within 2-3 hours). What typically happens is what determines overall velocity for your org, so it's much more important than whatever strict SLA policy you have. These are also fixable problems if you have targeted conversations with people. E.g. "I noticed X, Y, Z times, you had unreviewed PRs at the end of the day. Can you set aside some time to review code before EOD? Or try installing PR reminder?"

I've also struggled with getting LLMs to keep spec.md files succinct. They seem incapable of simplifing documents while doing another task (e.g. "update this doc with xyz and simply the surrounding content") and really need to be specifically tasked at simplifying/summarizing. If you want something human readable, you probably just need to write it yourself. Editing LLM output is so painful, and it also helps to keep yourself in the loop if you actually write and understand something.

Does "own" try to sign working copy snapshot commits too? That would greatly increase the number and frequency of signatures.

You can end up in this state with btrfs if you start with a single device (defaults to data=single,metadata=dup), and then add additional devices without changing the data/metadata profiles. Or you can choose this config explicitly.

I really wish the btrfs-progs had a --this-config-is-bad-but-continue-anyway flag since there are so many bad configurations possible (raid5/raid6, raid0/single/dup). The rescue tools are also bad and are about as likely to make the problem worse as fix it.

* Fortnight revenue was $5.5B in 2018 and $3.8B in 2019

* Employee counts in those years: 1063 and 1932

* Average "People" cost per employee: $141K, $142K (CPI adjusted is $182K in 2026).

* Average "Production & Hosting" cost per employee: $189K, $150K (CPI $248K, $194K)

* Platform royalty expenses were 25% of total game revenue

* Slightly under half their Operating Expenses were people

* Fortnight was >90% of revenue

I have a strong guess that "People" costs doesn't include all salaries, and that many employees are categorized under "Production & Hosting", although I expect that also includes other costs. I'll guess 75% is people, which makes total CPI adjusted average cost per employee somewhere around $320K-$370K, but I'll say $320K.

This means 5000 employees cost around $1.6B and cutting 1000 saved around $320M/year in addition to $500M of other costs.

Most estimates of Fortnight revenue claim it's roughly flat or falling between 2020 and 2025 fluctuating between $3B and $6B.

Unless Unreal Engine or EGS revenue took off, it's kind of weird to quadruple headcount while keeping revenue basically flat or falling. If fortnight only makes $2B next year, then they would be underwater on just royalties and salaries.

https://s3.documentcloud.org/documents/20696836/epic-apple-t...

I think your test had 10 980 Pros, which were probably around $120 each at the time (~$1200 total). SSDs are wildly more expensive now, but even if you spend $500 each, it's nowhere close to EBS.

It's apples vs oranges, but sometimes you just want fruit.

I also applaud them for not selling the data (as promised in the ToS). There was always a strong commitment to that from day 1, but I'm glad to see that wasn't an option when times got harder. Calendar data sometimes has really sensitive stuff in it, and it would have been a massive betrayal to do anything but delete it after a shutdown.

If you are interested in a more detailed piece about a company struggling in this space, I recommend Rise's shutdown announcement last year. We read this at Clockwise and unfortunately felt it in our bones. There is an ironic Clockwise callout in the piece if you can spot it.

https://www.risecalendar.com/blog/sunsetting-rise

I'm obviously not part of the decision, but I'm sorry the shutoff for users is so soon. Also, please don't revoke your Clockwise app authorization before the shutoff, since that will prevent Clockwise from cleaning up your calendar. If you want to cleanly turn off Clockwise before the shutoff, you can go through the normal deactivation process at https://www.getclockwise.com/uninstall.

It's a huge bummer for me too to have worked on something for years and then to have it suddenly vanish one day.

If you are looking to start a new company in this space, I'll gladly offer my services to talk you out of it. If any die-hard users want to make a self-hosted tool, I'm happy to give some tips from my experience. I know at least one large company has an internal tool like Clockwise's autopilot/flexible meetings.

(Also, if you live in the house for 2 years and then sell it, you can exclude $250K-$500K in gains, but that has nothing to do with inheritance).

There are also some loopholes where capital gains taxes deferred until after death just don't get paid at all. This is the "step-up basis" where your inheritors get to reset the basis of capital assets and neither you nor they has to pay taxes on the capital gain.

https://github.com/JGRennison/OpenTTD-patches