Comments

This profile is from a federated server and may be incomplete. Browse more on the original instance.

docAvid, to programmer_humor in Guthib

And it has a whole set of options based on common ls options. Classic and brilliant.

docAvid, to programmer_humor in TypeScript is Quantum Ready

Weird. Booleanish isn’t a built-in, I’m pretty sure. I’d like to see the definition.

docAvid, (edited ) to programmer_humor in no.. just no

I mean, that’s just a bad library interface. With a halfway decent interface, you can do something like


<span style="color:#323232;">query('insert into foo (status, name) values (:status, :name)', ent)
</span>

No orm required. With tagged templates in JS, you can do


<span style="color:#323232;">q`insert into foo (status, name) values (${ent.status}, ${ent.name})`
</span>

Even wrap it in a function with destructuring to get rid of ent:


<span style="color:#323232;">const addFoo = (q, {status, name}) =>
</span><span style="color:#323232;">    q`insert into foo (status, name) values (${status}, ${name})`
</span>

Typescript can add type safety on top of that, of course. And there’s the option to prepare a query once and execute it multiple times.

Honestly, the idea of manipulating XML queries, if you mean anything more fancy than the equivalent of parameter injection, sounds over-complicated, but I’d love to see a more concrete example of what you mean by that.

docAvid, to programmer_humor in no.. just no

Postgres has the having clause. If it didn’t, that wouldn’t work, as you can’t use aggregates in a where. If you have to make do without having, for some reason, you can use a subquery, something like select * from (select someCalculatedValue(someInput) as lol) as stuff where lol > 42, which is very verbose, but doesn’t cause the sync problem.

Also, I don’t think they were saying the capability having gives is bad, but that a new query language should be designed such that you get that capability without it.

docAvid, to programmer_humor in Multifactor auth done right

This has some real “crimson eleven delight petrichor” vibes.

docAvid, to programmer_humor in It's that time of the year again!

Cut to Mrs Claus baking a spice cake:

She’s all alone, all alone, in her time of spice

docAvid, to programmer_humor in what's the difference?

But it’s a categorical error. The analogy is about “git”, not “git repositories” or “DVCS repositories”.

docAvid, to programmer_humor in It's that time of the year again!

I’m not sure how including a final semicolon can protect against an injection attack. In fact, the “Bobby Tables” attack specifically adds in a semicolon, to be able to start a new command. If inputs are sanitized, or much better, passed as parameters rather than string concatenated, you should be fine - nothing can be injected, regardless of the semicolon. If you concatenate untrusted strings straight into your query, an injection can be crafted to take advantage, with or without a semicolon.

docAvid, to programmer_humor in Bill is a pro grammer

Bold of you to assume they were using source control under that manager…

docAvid, to programmer_humor in Bill is a pro grammer

But an irreplaceable liability.

docAvid, to programmer_humor in Bill is a pro grammer

But an irreplaceable liability.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #