Current complete rules prevent this

Once all those blocking creatures are assigned lethal damage, any excess damage is assigned

Genuinely curious how this applies to Trample then. Are we able to, say, give Torbran trample, kill a 3/3 blocker with a single damage, and reserve a point of damage to do three to the player?

This doesn’t paper over deprecating the Rust plugin and stealing contributions. I used to be a huge JetBrains fan and now I pull this out every time. Anything but.

He reads like an academic. This is a really interesting perspective; I’ve never thought anything of his writing because it’s what I’m used to from normal journals. There is a style, good or bad, that comes from this stuff.

My degree is in combinatorics. All of the fancy words you’re not a fan of are core ideas (the Petersen graph is really neat). I view The Art… as an academic work for academics who aren’t necessarily excited about the real world (which is my approach to combinatorics). If you’re not one of those people, you’re not interested in becoming one of those people, or you don’t work/research something that needs incredible optimization, you can safely skip it. Once you go into heavy proofs, the utility is very debatable.

While I’m all for opening up codebases after release and seeking contributions from constituents, the landing page has some terrible ideas.

Similar applications don’t have to be programmed from scratch every time.

Unless there are very solid guidelines that offer a lot of flexibility to do the opposite and code things from scratch every now and then, you get very pervasive legacy antipatterns. I have struggled to effect positive software change as an SRE at massive enterprises because of this idea. Conway’s Law does a good job describing how this stratifies code. I have also spent more than year trying to get disparate acquisitions on the same tech stack with ballooning requirements as everyone tries to get their interests in. I left that one without any real movement.

Major projects can share expertise and costs.

This goes against lean principles that see the best outcomes and exponentially increases the waterfall slog most government projects are. The more stakeholders the more scope creep. Your platform team can be shared; you don’t want your stream-aligned teams to get stuck in this mire. They need to be delivering the minimum viable solution for their project.

Assuming the software is just released with an open license and the public can contribute, hell yeah. I have contributed to so many projects that I actively use in my day job and there’s plenty of shitty government software I’d love to poke at. The two things I called out require a serious amount of executive buy-in for developer tools and experience which turns into a project itself. In the private world most companies chicken out when they realize they’ve got serious cost centers just making development easier, even if their product is serious software development. I worked for a major US consultancy that talked this big game and dropped everyone the second they were on the bench. In the public sector? Fuck. It’s hard enough to get people to understand attack surfaces much less the improvements a smooth DevX with a great pipeline can provide.

Unhinged was not an option for my introduction. Survey ruined.

I have heard the same rhetoric about IDEs, autocomplete (Intellisense, Jedi, etc.), DevOps, and frameworks. The kernel of truth across all of them is the separation between a dev and good dev. It is getting easier and easier to have something built for you using AI in your IDE in a framework that abstracts all the things away dumped into a prebuilt pipeline that deploys your artifacts for you. A dev can do that. A good dev understands the tools and knows when to dig into things.

I have yet to see a decrease in the number of good devs I meet even though IDEs slowly replaced text editors (and editors became strong enough to become IDEs). Frameworks have enabled more good devs to focus on business logic. DevOps provides solid guard rails for everything.

I don’t know if there’s an increase in the number of superficial devs. I haven’t interviewed junior dev candidates in awhile. I do know the market is flooded right now so I’d argue there might be other factors.

Also overall I do agree with the idea that letting copilot do everything for you means you don’t understand anything. Shit was the same way when cookbooks were common.

$2/mo is pretty close to what Reddit premium was back before they turned the Reddit silver meme into a real thing! That’s a great amount to donate. Don’t sell yourself short.

A single character, per your definition, is not blatant malicious code. Stop moving the goalposts.

It’s clear you don’t understand the space and you don’t seem to have any interest in acting in good faith based on your other comments so good luck.

I mean anything is a good fit for future, science fiction AI if we imagine hard enough.

What you describe as “blatant malicious code” is probably only things like very specific C&C domains or instruction sets. We already have very efficient string matching tools for those, though, and they don’t burn power at an atrocious rate.

You’ve given us an example so PoC||GTFO. Major code AI tools like Copilot struggle to explain test files with a variety of styles, skips, and comments, so I think you have your work cut out for you.

Underworld die an episode on this (use the YouTube link to find your platform of choice per the creators). There’s a lot of controversy around the whole thing and there’s a chance this is being done to save face. There’s basically no plausible explanation for a major cartel leader being kidnapped in this way so insiders think it was arranged by the parties. Mexico calling it kidnapping is an interesting escalation.

Yeah! At scale that really falls apart. I have lots of conversations with lots of people across timezones so waiting for the intersection of everyone actively blocks work.

Asynchronous communication is exactly that. If you are not listening when your manager says “don’t Slack after work” that’s on you. I sure fucking don’t and I make that very clear.

I manage a workforce across time zones and, as someone with ADHD, it’s usually best for me to fire off messages as things arise. If I read the summary, I’m not allowed to Slack/email after hours, which creates a huge burden for a remote workforce. I think that summary is incorrect and it’s more that I can’t force people to respond or even read those messages outside their work hours. I completely support this and I regularly bother my team when they respond to stuff after their day has ended. I call this out every quarter as we update our team working agreement. I don’t have any notifications set up for work comms period and have made it very clear the only way to get in touch with me is a phone call.

That’s not how that works.

There is literally no way to opt out of Google’s data collection if you are going to use their products. Using another frontend shifts the data profile but it still exists and provides value to them. It’s reasonable to say it’s a bad thing. It’s unreasonable to say there are no other ways. I grew up in a public library and I can still get most of the information I need from a public library without Google products (things I can’t get usually come through inter-library loan or direct connections with subject matter experts at, say, a maker space). This seems to be less of “I’m against invasive corporations” and more of a “I don’t like the solutions available to avoid invasive corporations.”

If you care about that you don’t use YouTube at all or support creators that do. Even using 3rd party apps or services feeds into that. This feels like a serious non sequitur on any thread about any Google product.

I pay for YouTube Family. I consume a lot of YouTube and I want to support the creators I watch. At its current price point, YouTube Family is reasonable. Several households in my family get ad-free YouTube for what is a reasonably low price point for each household.

If the price goes up much (eg if I were paying the single price of $11 per household), the creators I really enjoy continue to get pushed out or change content because of shitty ad rules, or they pull the whole “must be in the same household” bullshit I would drop it in a heartbeat just like I’ve dropped most streaming providers. Streaming has become cable and YouTube has been shooting itself in the foot by forcibly changing content for advertisers. I come to the platform for content, not advertisers.

I think it’s because Taskmaster has its own streaming whatever there. No one in the US carries it so I watch it all through the official YouTube channel.

Granted this is a clip show so I’m not sure why it’s restricted period.

Other answers have only called out rotating the secret which is how you fix this specific failure. After you’ve rotated, delete the key from the repo because secrets don’t belong in repos. Next look at something like git-secrets or gitleaks to use as a local pre-commit hook to help prevent future failures. You’re human and you’re going to make mistakes; plan for them.

Another good habit to be in is to only access secrets from environment variables. I personally use direnv whose configuration file is globally ignored via the core.excludesfile.

You can add other strategies for good defense-in-depth such as a pre-receive hook checking for secrets to ensure no one can push them (eg they didn’t install hooks).