Reminds me of 2048 making a slightly worse clone of Threes and then releasing it for free.
Reminds me of 2048 making a slightly worse clone of Threes and then releasing it for free.
Mesa is usually pretty quick to update, it’s just that stable distros won’t update mesa all that quickly. I assume most of them have some way to install a newer mesa from a community repo or something.
Docker is lighter and easier to manage than a VM. I run a collection of services as docker compose services inside a NixOS host VM. It’s easy to start, stop, monitor, update etc. even from a different computer (via ssh or docker contexts). It’s great.
deleted by creator
It’s just as easy to run in a Docker container and I would recommend this anyway.
What platforms would you like your app to run on? Then, which UI framework supporting those platforms would you like to use? Then, look at the framework’s documentation to find a sample starter project that you can run as an app, and modify it from there
I do not know what that means
If only we were still having the conversation.
That’s… not the point either. The point is that “reporting false positives isn’t a bad thing” is only true up to a point. The discussion is then “is this before or after that point.” Which, given the context of the bug, isn’t really a given. But I don’t want to have that discussion with you anymore because you’re annoying.
“What if the boy who cried wolf got lucky and didn’t get eaten in the end”? Seems to have missed the point of the parable a bit.
4 hours a night on weekdays, 8 on weekends? That’s a hell of a maintenance routine
I didn’t say the CVE was valid. I explained why it was a mistake. I didn’t say “disclosing security bugs” is, in general, a bad thing, I said raising undue alarm about a specific class of bugs is bad. It’s not a matter of “less or more information,” because as I said, a CVE is not a bug report. It is not simply “acknowledgment of information.” If you think my argument has no merit and there is no reason why “more information” could be worse, you’re free to talk to someone who gives a shit.
C# tells you the call site/method name and line number right at the top. It’s only really annoying when you have aggregate exceptions, which sometimes occur because someone async’d wrong
Uh, no. But thanks for guessing. It’s frivolous because it violates several principles of responsible disclosure. Yes, the scope of impact is relevant; the availability of methods of remediation is relevant; and the development/patch lifecycle is relevant. The feature being off-by-default and labeled experimental are indirect references to the scope of impact and availability of remediation, and the latter is an indirect reference to the state of development lifecycle. Per the developer(s)’ words, this is a bug that had limited risk and was scheduled to be fixed as part of the normal development schedule. Escalating every such bug, of which the vast majority go without a CVE, would quickly drown out notices that people actually care about. A CVE is not a bug report.
It’s not worthy of a CVE and whether it applies to me is irrelevant. I didn’t say a CVE is a black mark. Frivolous reporting of CVEs damages trust in the usefulness of the system in identifying critical vulnerabilities. This is a known issue related to resumé padding by newcomers to the cybersecurity industry.
To a point. Ever heard of the boy who cried wolf?
Frivolous CVEs aren’t a good thing for security. This bug was a possible DOS (not e.g. a privilege escalation) in a disabled-by-default experimental feature. It wasn’t a security issue and should have been fixed with a patch instead of raising a false alarm and damaging trust.
Yeah but survival is the worst part about minecraft.
Still not enough, or at least pi is not known to have this property. You need the number to be “normal” (or a slightly weaker property) which turns out to be hard to prove about most numbers.