Well thanks for mention it, I really feel the same. Stuff just does not open instant and perceived slowness on macOS is real. Just try simple stuff… Modern Windows just flies most of the time in comparison. Opening a file dialog in finder is a common scenario yet it is so slow and the system seems to appear limited by simple stuff like that. M1 surely improves things but the UI generally seems to prefer animation over raw speed.
I really don‘t know what the reason is but I feel that a lot of people simply ignore this. I use all 3 major systems and I cannot overlook it anymore.
Additionally, Docker is another real issue mentioned for the reasons already. Too bad that it is so common now and its slowness is a growing pain. I feel that WSL (WSLg) on Windows is huge, no comparison to run a traditional VM for the most part if you are not macOS only. Never thought I have to write this…
How to limit the danger of losing everything if it fails? Isn‘t that just the issue if you invest everything you have or stop too late (kill the business early enough if it does not work)? Am I missing something?
I was doing the opposite of the previous commenter. There's of course a lot of options in the middle. The previous commenter just presented it like it's easy to just become your own boss. My point was that it isn't and yours does the same, just in a less depressing fashion.
Not a node dev myself but why not simply reference dependencies with fixed version? According to semver (that is probably what most node projects use anyway), you are free to use latest minor and patch revisions and leave the major fixed. Shouldn‘t this prevent most compatibility problems?
> why not simply reference dependencies with fixed version?
This is the second best strategy, but:
- node makes it kind of annoying to do this, because unless you do a clean build every time (which is much slower) `package-lock.json` will get largely ignored.
- I have seen multiple projects break with semver. Just because people are supposed to avoid breaking changes in minor releases doesn't mean they actually do.
- Even if you're downloading the same version, there are scenarios where natively compiled binaries can bite you. I've run into issues where node-gyp just wouldn't work unless I downloaded a completely separate compile toolchain onto Windows and restarted the computer. If you can avoid that and have all of your dependencies be pure Javascript, you will eventually save yourself a lot of horrible dev-ops work when the "quick" install on a new VM turns into an hour long process of watching Visual Studio tools download (tools that to GP's point may not be available or compatible 10 years from now).
- And finally, sometimes you want to do work across multiple branches without an internet connection, and vendoring your dependencies allows you to check out a branch and know you have the correct dependencies even if you don't have a connection to run `npm install` with.
Ok I see; thank your for the explanation. So out of interest, I did some research and found that approx. 30% of packages depend on native implementations further down... so this seems to be a huge problem...
Additionally I looked at the sqlite3 package and not too surprisingly it uses node-gyp as well. So even checking in node_modules might cause the problems you described.
Out of interest: which backend language do you recommend to reduce such problems...?
I use Node. I don't think Node is wildly better than anything else, but I'm used to it and it's good enough, at least for now. I'm unaware of any back-end language that forces dependencies to stay in the same language, but something probably exists somewhere.
I agree that node-gyp is a problem. It's possible to avoid, but can take some work (particularly when you start dealing with databases that basically have to be in compiled languages). The one saving grace is that if you have a set hardware that you're running on, you can sometimes vendor node-gyp dependencies. Unfortunately, that comes with some weird edge cases, and sometimes your dependencies break because your OS changes. I don't recommend it, but I understand that sometimes it's unavoidable.
I am hopeful that native WASM will solve some of these problems, but I don't know how realistic that hope is.
As sad as the incident is: I am glad he is still committed to Android after being a team member and therefore equipped with a deep understanding about the platform and architecture itself.
DPG seems to be a cool idea but what happens if a website has password requirements like at most/least an uppercase character, a number, no longer than x chars...
As I understand it, you have no control of the output it generates...
I think this is a pretty basic capability of most decent DPMs. LessPass for example gives you a counter option to increment and spit out a completely different password for X month update.
But then it's no longer stateless. So you've lost the primary benefit, while losing the ability to store any other associated secret information in the vault.
Cool seems to work well. My only complaint: there is not much information about who is behind this project and how encryption works...
Leading to: what happens if the website is not reachable or goes offline?
I heard about it from a friend of a friend, from my understanding it's just started up, and they're still getting things rolling. Would try contacting them via e-mail or the like if unsure, however, I use it offline on my android, can add it to homescreen and it apparently doesn't need a connection. If they can get the things you mentioned in order, may be an interesting alternative.
I did look at the sources tab, to check out why my laptop was using so much cpu during the decryption phase, and there are some argon2 webworkers that pop up, so some combo of that, and it clearly seems deterministic, since both my phone and laptop produce matching passes, when all params match.
Oh cool you are right. It seems to work in airplane mode. Now the only thing left is the initial load if you switch devices while it has been taken down...
I try to find out more about the project and its story. Thank you
Last month I tried to use Reed Solomon ECC in order to do error correction. I stopped using it, the moment I understand that error correction does not necessarily mean "error detection". If one does not exactly know the number of possible errors within encoded data, RS-ECC may "correct" to a wrong result (if the data contains more errors than the ECC is able to correct). So checksums might be the better approach (in certain scenarios) if data integrity has the highest priority... I wish, Reed-Solomon would handle that.
I really don‘t know what the reason is but I feel that a lot of people simply ignore this. I use all 3 major systems and I cannot overlook it anymore.
Additionally, Docker is another real issue mentioned for the reasons already. Too bad that it is so common now and its slowness is a growing pain. I feel that WSL (WSLg) on Windows is huge, no comparison to run a traditional VM for the most part if you are not macOS only. Never thought I have to write this…