A bit of a bizarre post since to_sgid has existed forever to generate signed global ids. Global IDs are probably one the most powerful and underrated features of Rails but regular global ids are only supposed to be used internally (e.g. job params) and never sent to the client.
If there’s a gotcha it’s that _signed_ global ids are only signed, not encrypted, and very few people seem to know about the optimised method (globalid::Locator.locate_many) for loading a batch of global ids
With manual coding, the big dopamine hit comes at the end of a task - that's your internal feeling of reward for completing something.
I would think this could contrast with agentic coding, where the AI keeps generating code, and then you iterate on this process to get the AI to fix its mistakes. With normal human code review, it takes longer to get revisions and can feel like a slog. But with AI that's a much tighter loop, so maybe developers feel extra productive from all these dopamine hits from each interaction with the agent.
When manually coding and in flow state I'd think it's a more consistent level of arousal, less spiky. Probably varies by person and coding style though, which might also explain why some people love TDD and others can't stand it?
I'd love to see some more detailed write-up on how to switch to Warpbuild for different tech stacks. I tried a few months ago when the instructions were basically just to change the runs-on type but IIRC it failed with an error around setting up ruby (and caching it?) and there were no clear instructions on how to proceed.
Any such error is a bug. We do have tons of ruby users running 1000s of jobs each hour but maybe we are hitting a corner case with you, I'm sorry that that happened and I'll look into it.
Switching from github actions default runners is exactly a one line change.
Migrating from `actions-runner-controller` with k8s or self-managed VMs could be different based on specific customizations in place. However, we have import flows for the former to directly import the custom containers used in k8s, and an AMI import is coming soon.
There shouldn't be any stack specific behavior, except with caches. We have introduced fast custom caching actions including stack specific instructions in docs [1].
I worked on agent-based systems >20 years ago, including large research projects and standardisation/interoperability work.
Ultimately, that effort failed but I don’t see any awareness of that considerable volume of work reflected in today’s use of the word “agent”. If nothing else, there was a lot of work on the use-cases and human factors.
It’s just a bit disheartening to know that so much work, by hundreds of researchers (at least), over 10+ years, has just slipped into irrelevance
It was opined on HN the other day, but operations research (aka data science), the annals of human process mapping (aka process automation), and control theory (outside ME/hardware) all suffer similarly.
A field retitles itself, and suddenly no one is aware of the still-applicable research from before the name change.
Which is probably more broadly to say that no modern courses teach surveys of previous material.
I've been using https://www.tinycert.org/ for years which basically lets you create your own certificate authority and issue certs (which obviously aren't trusted by everyone but can be trusted by you/your team). It's ideal for generating SSL certs for ephemeral apps e.g. review apps on Heroku since it can all be done using an API
I'm an American on Eastern time and I work pretty routinely with people in other US time zones. I get this pretty much all the time. I think people think that putting the "Standard" in makes it sound more "official".
There is very little understanding in the US that "Daylight" time stops being "Standard" time. (because why should it? why have two/three time zones when you only need one?)
Problem is that there aren't any widely-accepted acronyms for time zones in the United States that don't include the current daylight savings time status. Eastern is way longer than EDT.
A lot of people complained that GDPR was too onerous on small firms and that they should be exempt. According to LinkedIn https://ie.linkedin.com/company/exactis-llc Exactis has just 10 employees (obviously some error possible. Call it 15-20?)
Now do you think small firms can’t hold large quantities of damaging data?
notably in the UK the size of a company is determined not just on employee numbers, but on turnover as well. For example in UK Government guidance on lodging company accounts with Companies House[0] it says:
"There are thresholds for turnover, balance sheet total (meaning the total of the fixed and current assets) and the average number of employees, which determine whether your company is a micro-entity, small or medium-sized."
That sounds a lot like "I told you so" tone when I still disagree with you. But in case you're here to talk about it and not just to assert your version of the truth, no, I don't think anyone ever claimed that small corps are a loophole. Then big corps would just delegate it to a shell company and be done with it. European law is, to the best of my knowledge, fairly reasonable: if you do something wrong regarding privacy either because you didn't know (like, you tried to follow GDPR but missed something) or do a small thing, you won't get ridiculous fines. But if you're a 10 person company working with huge amounts of personal data and you were grossly negligent, then of course they'll look at that differently from a 10 man company that produces pencils for retailers and incorrectly stored customer's delivery addresses.
Courts will always base their decisions on case law, and I suspect that you can reasonably expect a certain kind of GDPR case law to arise, given what the standing case law is already.
> Common law gives judges an active role in developing rules; civil law is based on fixed codes and statutes.
This is a dramatic and misleading oversimplification. Under civil law systems, judges still do have great leeway with interpreting and applying regulations. And under common law, it's not really true that judges have an active role in developing rules - they have the ability to interpret them in the contexts of cases which come up, but they don't legislate. The closest thing that they can do (aside from overturning provisions) is to introduce limitations or tests on existing law that is challenged, but even then they're mostly only allowed to do that to the extent that they are using the tests to connect the law back to the Constitution or other existing legislation.
Case law is not binding in civil law (at least not to the same degree as it is under common law), but does definitely play a significant role.
Furthermore, it's flat-out wrong to say that "case law is not binding in the EU". The Republic of Ireland and the UK both use common law, under which case law is binding. Not only are UK court decisions are enforceable across the entire EU, but UK law is actually the jurisdiction for a lot of contracts and agreements within the EU, similar to how New York is the chosen jurisdiction for a lot of contracts or even international treaties that are enforced worldwide, whether or not the parties are based in New York.
Even if you're referring specifically to legislation passed by the European Parliament itself, it's still not really correct to say that case law isn't binding. The European Parliament is an international body held together by international treaties, and while EU courts might have decided to use civil law in interpreting legislation passed by the European Pariament itself, that doesn't mean that case law does not come into play, either in countries with common law systems or even in countries with civil law systems. It's way more complicated than that.
This is, incidentally, one of the problems that Brexit is currently introducing: it's unclear whether parties that have elected to govern their contracts under UK law will continue to be able to do so with the expectation of enforceability.
There is no doctrine of stare decisis in EU courts. Case law is not binding. Further complicated by the huge number of courts that might hear a case, dependent on the DPA.
tl;dr: a non-profit got fined 75K€ because their website leaked 42,562 private documents from their users. Anyone could modify numbers in the URL and read other users' documents. The documents included passports, tax information, identity documents, and more.
Oof, I can see why then. On the other hand, if you're not storing people's passports... is this really something you should be worried about? And shouldn't somebody who's intentionally storing thousands of passports be required to implement basic security practices?
The "you won't get big fines if you try your best" thing isn't in the law. I believe you that it is probably true, but it relies on the reasonableness of all current and future regulators. I don't like that.
The law only says regulators should think about your intentions when assessing penalties (among many other factors).
Is there anything stopping a regulator from deciding an unintentional violation is "only" a company-destroying 5M euro fine instead of the full 10M? In fact, couldn't it still be a 10M fine? Or should I expect to be let off with a warning? Seems like I'm depending on the good will of the regulators of every single EU member state...
I do not think it's impossible to write a law that says fines for minor and unintentional violations are limited by statue.
That's what makes me nervous about interpretation of GDPR. The EU has 28 member states. Let's say each one of them has a 90% probability of their regulators being reasonable at any given time. Does that mean the chances of the regulators on the whole being reasonable are 0.9^28? (In other words, about 5%?)
As an outsider, I would love to hear that that's not how it works. Do the member states have any checks on each other's enforcement?
I think the root of the argument about small firms was not about employee count, but that small firms typically do not have the resources to comply. But what is Exactis’ annual profit? Maybe they did have the financial resources.
If you don’t have the resources to be a good steward of a dataset, you don’t have the resources to gather and store that data in the first place, even if it may seem easy to do so.
If there’s a gotcha it’s that _signed_ global ids are only signed, not encrypted, and very few people seem to know about the optimised method (globalid::Locator.locate_many) for loading a batch of global ids
reply