![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://lemmy.ml/pictrs/image/q98XK4sKtw.png)
Hmm, I see. The perfectionist in me would want to shed that processor load though ^^
Hmm, I see. The perfectionist in me would want to shed that processor load though ^^
Without any judgement: why are your servers running X11? Just because you dislike SSH’ing to them?
Review is done before code gets into main, but that’s inefficient for most of the non-mission critical projects out there. A better approach is to optimistically merge most changes as soon as not-rocket-science allows it, and then later review the code in situ, in the main branch.
Assuming you have a project with continuous delivery, that is an absolute foot gun. Optimistically merge the change and then realize in situ that you forgot the WHERE
part of your SQL command (or analog statement of the query builder)? No fucking thanks.
Yep, it’s a repost of this one.
One could even think this OP is an alt account.
There are some good points in it but the list feels poorly written as it contains very general tips which feel like fluff to increase the article length like:
Protect the client-side against attacks.
Or just wrong stuff like:
Validate all server-side input data.
If you can trust someone, it’s the server. You should validate data coming from the client on the server side.
Some things even contradict each other like
Implement strong authentication, such as two-factor authentication (2FA).
And
Use secure authentication mechanisms such as OAuth.
Assuming your app is an OAuth client, you have no say in how the identity provider identifies the user.
Good point, but even better than
Monitor file and source code integrity.
is having the application source code read-only, ideally owned by another user to avoid the confused deputy problem.
If all of those servers are yours (which they likely are, since you get ssh access), you can use one key for all. Using different keys would make one compromised key less problematic. But if someone was able to copy one file of your system, they can copy multiple files.
That resolves keeping track of things as well 😄
Ducking Medium again. No I don’t want an account with you. The article can’t be that interesting.
You forgot the package hollywood.
I think they come with ublock itself and are called “annoyance filters” or something like that.
What is this? Did you ask chatgpt to write an essay about Minecraft?
I use the cookiebro extension for that. Allows whitelisting domains or single cookies and can clean up all others with a few clicks.
I would recommend key based authentication for SSH connections. For the normal connection, the key pair is enough, if you want admin (root) access, you would use the command sudo which in turn requires a password. For creating a default admin account: Linux does this for you, it’s called root. You should create a personal user to work with in daily business and add it to the sudoers group (permits using the sudo command)
That’s the garbage in part of the GIGO process.
I finally made a full backup of my system. I guess be happy about that.
I’m a sucker for jetbrains Mono when I need a monospaced font. It just looks nice to me.
If the package comes from the repo, you can uninstall it by the same name you used to install it. If it came from a .deb file (in case of debian), you can find out how the package calls itself and use that name to uninstall. Usually the package name is quite identical to the file name. And dpkg -L
shows you which files came from the package and where they were installed.
I’m fine with config files, as long as they are where you expect them (~/.config/tool or ~/.tool). What I dislike is yet another funny config syntax because the dev couldn’t settle on an established standard. Command line syntax is ok, if you give me sensible completions.
Not a recommendation per se, but you can use any backup software as long as you can edit your live iso. For example puting the restic binary into /opt
I guess that’s the life of an ad owner. Just like the dude handing out free samples in the mall. Most of the people don’t buy the sampled product and effectively waste the dude’s money (out his employer’s money).
I use an adblocker, so you’re safe from me clicking your links :P
That goes into the work profile of my android phone and that profile of switched off after clocking out. Simple as that, I don’t have to carry two phones and get my peace after hours. And my company respects my free time which also helps s lot.