Is the MVC requirement a lib development dependency to cover MVC use cases, or can I only use it in MVC projects?

Looks like WebApplicationFactory is in the MVC namespace, so I assume this is only for MVC [integration] testing?

Not updating with audit would work if every direct and transient dependency provided security updates for every version. But they don’t. Often, security updates are for the most recent version or versions, and if you’re far behind, you now have to audit a lot more.

Transient dependencies are an audit problem, too. To audit something, you have to essentially audit recursively. Many libs use many other libs of varied authors.

Our systems are too open, too vulnerable. A build or check being able to access all resources is a fundamental systematic vulnerability.

.net runtime after 10 months of using and measuring where LLMs (including latest Claude models) shine reported a mindboggling success rate peaking at 75% (sic!) for changes of 1-50 LOC size - and it’s for an agentic model (so you give it a prompt, context, etc, and it can run the codebase, compile it, add tests, reason, repeat from any step, etc etc).

I assume this is from https://devblogs.microsoft.com/dotnet/ten-months-with-cca-in-dotnet-runtime/?

Given the nature of Steam and previous executed data extraction, I’m scared installing and running niche/indie games now. Windows lacks

A unified GUI framework hasn’t happened yet, not between OSes, nor really within each OS ecosystem. I’m not hopeful about leaps in native interoperability in that regard.

Web tech interoperability is so established and widely used, packaging and running those natively seems much more viable than any hope for supposed native long term efforts.

Not everything will be covered by web tech. But for many things, it’s already viable, and exploring native integration of these web technologies is interesting.

I don’t find it super easy to read. Even white on white is somewhat readable, but the black tree part on the left is particularly hard to read. Certainly not scan-readable / fast, like I would be able to read normal text.

Seems you don’t know how anything on Linux

What makes you think that is what they think? They referenced other people. They didn’t make any claims themselves or made any indications that they agree with those “flipping out” (who misunderstand).

I read it as the opposite. They know and criticize those who don’t and flip out because of that.

Git push to Forgejo -> automated build, package, and deploy pipeline -> use secured credentials to upload via scp or ssh or sftp

Alternatives to copy-upload or upload-package and then extract via command is stuff like rsync (reduce redundant, unchanged file uploads) or a simple receiver service (for example REST endpoint that receives a package with an identifier key and secret key, that it extracts to a configured target folder).

What solutions are simplest or easiest depend on the target environment, and how much of it you control. If you host the website on Forgejo itself it’s as simple as pushing the static files into the corresponding pages branch.

It falls back exactly the way I think.

This article talks about flashes, and proceeds to say fallbacks should be defined. It explains how fallbacks work, but fails to describe what actually leads to the flashes, how fallbacks get replaced, and fails to say anything about solving that flashing issue they talk about.

Defining a more similar fallback font may reduce the issue visually, which is not mentioned either, and either way is not a solution for the flashing.

Dunno why one would expect lower precedence CSS rules be integrated into more specific CSS rules without explicit “inherit”. That’s not how CSS works. Dunno if that’s a common enough misunderstanding to warrant a “not the way you think it is” title.

deleted by creator

Interesting, clever technical workaround for (potentially) real user benefit. But still, they should never do that. Working around safeguards and system component borders for user convenience is a very bad idea and practice.

So, assuming good faith, they used two Telegram bots for some service functionality

these two bots are used to resolve username from user id, eg tg://user?id=25

Obviously, that should never happen silently. But these findings don’t necessarily mean data has been compromised [beyond the scope of the app itself].

I get they may be very frustrated and annoyed at the negative blowback after their FOSS efforts, but dismissing concerns isn’t a good way to respond.

How does Pretext work?

1. Segment the text; Normalize whitespace, apply Unicode line-break rules, and split the string into measurable units using the browser’s own text segmentation.
2. Measure with Canvas; Feed each segment through Canvas measureText() to get real glyph advance widths from the font engine. Results are cached.
3. Pretext.js uses pure arithmetic; Given a container width, compute line breaks by summing segment widths. Multiply line count by line-height. Return height. No DOM, ever.

Unfortunately, that doesn’t really explain the final integration. And it seems I misunderstood/-assumed at first.

Looking at the example at the top right, it renders numerous div elements?

So, presumably, you lose text wrap behavior and clean markup like <p> for a paragraph? I also can’t select text from it in a normal or consistent way.

This example isn’t very convincing either.

Seems like a cool visual gimmick more than practically useful and accessible for primary content.

I work for a small ~30-person company with various customers, including some very big names. We’re very deliberate about where tools like those could help us, where it’s worth the exploration and investment. We want to be innovative and have the expertise, but at the same time, be reasonable and sound. We’re also very conscious of data sharing and safeguards, in part out of necessity, because we can’t just share our customers’ code or data with third parties.

Excitement, commitment, use, and hopes of using AI tools differ between colleagues. What we can use and how differs between projects.

So yes, there are definitely other kinds of companies and environments out there.

What’s the advantage of AlpineJs vs baseline web technologies?

Scrolling through the simple intro examples, I would have implemented those with standard JS and DOM APIs just fine.

Claude can’t be copyrighted because it’s a product of an LLM

You claim Claude itself was coded by an LLM (exclusively)?

then you should be updating your resume

through patching?

A code leak doesn’t give a code and product use license. Any project and product use based on the leaked code is less stable and safe than other solid projects under clear terms. OpenCode is not obsolete.

So… did it have any impact?

March 30, 2026 @ 10:45 AM EST: Martin Woodward, Vice President of Developer Relations at GitHub, confimed that Copilot was injecting product tips into pull requests but that the feature has been disabled following feedback.

They posted an update to the article about this recent update. After feedback, they decided to disable this feature.

Not even labeled as an ad/sponsored content/influenced “tip”/suggestion.