Creating a sticky header is an easy task with position: sticky. But what about a sticky header that sticks for real?

I don’t get it. Sticky is sticky. What is “sticks for real”? The example looks no more sticky than normal sticky. Except is has a different shape.

Please add cross-references when you post the same post to two communities at the same time. That way, people can find the other comments and discussion.

Open core, closed extensions. Not really clear how that significantly improves the situation. I doubt they’ll diverge the two code bases(?).

The vault symbolism is pretty bad. A software product is much different to a vault, and a sister-vault-product you publish the blueprint for anyway.

At the same time, we still care deeply about open source. That’s why we are releasing a version of our codebase to the community under the MIT license as Cal.diy.

While our production codebase has significantly diverged, including major rewrites of core systems like authentication and data handling, we want to ensure there is still a truly open version available for developers, hobbyists, and anyone who wants to explore and experiment.

Huh? I don’t get it. So the open product is an older, worse/different version/codebase? And they can do that without impacting their product risk because it’s different?

Cascadia Code is a Microsoft font (their most recent coding font). Because the name is protected, Nerd Fonts forks the name.

54 extensions steal Google account identity via OAuth2

It’s embarrassing the Chrome extension store/infrastructure does not catch these

I wonder what upsides those “web client” extensions bring for platforms you could just open “clients” as websites for (telegram, tiktok listed). Not need to install an extension.

[email protected]

I knew - bait title

The (A)GPLv3 makes it clear that it permits all licensees to remove any additional terms that are “further restrictions” under the (A)GPLv3. It states, “[i]f the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term.”

Interesting, and quite clear.

The whole response is very good, reasonable, and direct.

I’m interested to see what OnlyOffice will do. Maybe they’ll relicense their whole product, leading to a community fork under AGPL.

Cooperation and sharing performs significantly better for collective gains. This applies to all kinds of concepts. Science, public infrastructure, common goods, common resources, governance, trade agreements, EU, medicine, software…

Where it becomes problematic is when parties reap gains without participating. Using science to develop products and gain further knowledge without sharing them, using public infrastructure without paying taxes, using common infrastructure and frameworks without committing to them, nationalism, monopolies on medicine, proprietary software and platforms that are not cooperative…

Much of our transformation and development speed and gains in the last century has been in a framework of cooperation. In the current global politics, we can see and imagine what rejecting cooperation could lead to and where it could lead us to.

FOSS is great for the same reasons as other forms of cooperation: Collective gains.

Unfortunately, we have not solved the issue of beneficiaries that don’t actively participate and contribute yet.

In patent law, you publish your findings and get a timespan of authoritative use and control but at the same time commit to it being publicly accessible and at some point usable. Some software licenses attempt to do the same.

In music licensing, there’s frameworks for collective licensing.

Some frameworks use centralized/government regulation and prosecution to ensure play-fair systems. (To varying degrees and success, obviously.)

I get where you’re coming from, but I disagree [with disliking the software freedom]. The upsides and collective gains of software freedom are undeniable. Where we need to do and establish more, and some things are happening in some places, is to ensure a positive collaborative environment overall.

I use Cascadia Code / the NerdFonts extension Caskaydia Code.

Primarily I look for readability, distinguishability. Ligatures are nice, I came to like them. Eligibility on different font sizes and weight/bold and italic, and colors - they must remain very readable and distinguishable.

I’m using the same font (family) for coding and terminal/console.

Connected strokes in italic style, vivify your code.

That’s cool and interesting (you can see it in action and toggle-compare on the linked website)

I wonder how distracting it would be in code, though. If it is, their configurability allows skipping that feature though, which is great.

Is the MVC requirement a lib development dependency to cover MVC use cases, or can I only use it in MVC projects?

Looks like WebApplicationFactory is in the MVC namespace, so I assume this is only for MVC [integration] testing?

Not updating with audit would work if every direct and transient dependency provided security updates for every version. But they don’t. Often, security updates are for the most recent version or versions, and if you’re far behind, you now have to audit a lot more.

Transient dependencies are an audit problem, too. To audit something, you have to essentially audit recursively. Many libs use many other libs of varied authors.

Our systems are too open, too vulnerable. A build or check being able to access all resources is a fundamental systematic vulnerability.

.net runtime after 10 months of using and measuring where LLMs (including latest Claude models) shine reported a mindboggling success rate peaking at 75% (sic!) for changes of 1-50 LOC size - and it’s for an agentic model (so you give it a prompt, context, etc, and it can run the codebase, compile it, add tests, reason, repeat from any step, etc etc).

I assume this is from https://devblogs.microsoft.com/dotnet/ten-months-with-cca-in-dotnet-runtime/?

Half the cs world does…

What’s the basis for this claim? I’m doubtful, but don’t have wide data for this.

They’re bash/shell- and bin-dependent commands rather than Git commands. I use Nushell.
Transformed to Nushell commands:

• The 20 most-changed files in the last year:
  git log --format=format: --name-only --since="1 year ago" | lines | str trim | where (is-not-empty) | uniq --count | sort-by count --reverse | take 20
• Who Built This:
  git shortlog -sn --no-merges
git shortlog -sn --no-merges --since="6 months ago"
• Where Do Bugs Cluster:
  git log -i -E --grep="fix|bug|broken" --name-only --format='' | lines | str trim | where (is-not-empty) | uniq --count | sort-by count --reverse | take 20
• Is This Project Accelerating or Dying:
  git log --format='%ad' --date=format:'%Y-%m' | lines | str trim | where (is-not-empty) | uniq --count
• How Often Is the Team Firefighting:
  git log --oneline --since="1 year ago" | find --ignore-case --regex 'revert|hotfix|emergency|rollback'

/edit: Looks like the lines have whitespace or sth. Replaced lines --skip-empty with lines | str trim | where (is-not-empty).

def "gits most-changed-files" [] { git log --format=format: --name-only --since="1 year ago" | lines | str trim | where (is-not-empty) | uniq --count | sort-by count --reverse | take 20 }
def "gits who" [] { git shortlog -sn --no-merges }
def "gits who6m" [] { git shortlog -sn --no-merges --since="6 months ago" }
def "gits fixes" [] { git log -i -E --grep="fix|bug|broken" --name-only --format='' | lines | str trim | where (is-not-empty) | uniq --count | sort-by count --reverse | take 20 }
def "gits aliveness" [] { git log --format='%ad' --date=format:'%Y-%m' | lines | str trim | where (is-not-empty) | uniq --count }
def "gits firefighting" [] { git log --oneline --since="1 year ago" | find --ignore-case --regex 'revert|hotfix|emergency|rollback' }

Given the nature of Steam and previous executed data extraction, I’m scared installing and running niche/indie games now. Windows lacks

A unified GUI framework hasn’t happened yet, not between OSes, nor really within each OS ecosystem. I’m not hopeful about leaps in native interoperability in that regard.

Web tech interoperability is so established and widely used, packaging and running those natively seems much more viable than any hope for supposed native long term efforts.

Not everything will be covered by web tech. But for many things, it’s already viable, and exploring native integration of these web technologies is interesting.

Will they ever fix the text contrast on that website/blog? :( Bad accessibility, bad readability.

I don’t find it super easy to read. Even white on white is somewhat readable, but the black tree part on the left is particularly hard to read. Certainly not scan-readable / fast, like I would be able to read normal text.