Skip Navigation

Kissaki

@ Kissaki @programming.dev

Posts
224
Comments
1464
Joined
3 yr. ago

  • Your Engineers Aren't Lazy, Your Codebase Is Punishing Them

    Jump

  • “You want the four year sabotage and effort instead of the one to two month long effort?”

  • Your Engineers Aren't Lazy, Your Codebase Is Punishing Them

    Jump

  • Instead of deadlines, let's call them lifelines.

  • Your Engineers Aren't Lazy, Your Codebase Is Punishing Them

    Jump

  • Isn't it for the team to find out and decide whether they reached "gold plating" yet? That statement doesn't sound like a rejection or reason for rejection to me.

  • Your Engineers Aren't Lazy, Your Codebase Is Punishing Them

    Jump

  • Retrospectives are great for finding and sharing a consensus on these kinds of issues. The team can weigh their options. Known limitations are much better than unknown ones. And often, some bandaids and workarounds are possible to diminish negative effects, at least to a degree.

    I've definitely had things we had to wait for, or are still waiting for. At least we don't usually get outright rejections.

  • Is it bad form to patch a dependency?

    Jump

  • then you should be updating your resume

    through patching?

  • Do forks of Claude Code make OpenCode completely obsolete?

    Jump

  • A code leak doesn't give a code and product use license. Any project and product use based on the leaked code is less stable and safe than other solid projects under clear terms. OpenCode is not obsolete.

  • If not Github, where would you host your projects?

    Jump

  • Codeberg, and because I already have a VPS (server), I'd check for Forgejo packages (I would only use them if security updates automatically update/install).

  • Agentic slop PRs

    Jump

  • So… did it have any impact?

  • Claude code source code has been leaked via a map file in their npm registry

    Jump

  • Why have supply chain attacks have become a daily occurrence?

    Jump
    • Huge growth in tooling and systems making use of "community" dependencies
    • Fewer safeguards and security guarantees and concerns on these platforms
    • Easy entry into these platforms and systems
    • Huge potential scale-effect through global software development tooling
    • Huge additional potential scale effect through developer and development systems - crossing into other such platforms through local credentials, immediate access to internal tooling, platforms, and systems, and potential to attack other downstream systems and platforms
    • Public knowledge about the attack vectors, attack successes and reporting, and continued opportunity, occurrence, and personal successes, investment, and knowledge

  • Copilot is now injecting ads into GitHub pull requests. It's a disaster.

    Jump

  • March 30, 2026 @ 10:45 AM EST: Martin Woodward, Vice President of Developer Relations at GitHub, confimed that Copilot was injecting product tips into pull requests but that the feature has been disabled following feedback.

    They posted an update to the article about this recent update. After feedback, they decided to disable this feature.

  • Copilot is now injecting ads into GitHub pull requests. It's a disaster.

    Jump

  • Not even labeled as an ad/sponsored content/influenced "tip"/suggestion.

  • Working on products people hate

    Jump

  • This post argues something that would never come to my mind. Of course software that annoys users has developers and development too. Of course its development also requires balancing user requests and convenience vs business and technical capability (and priority). Of course you can't directly conclude to [technical] engineering quality from its perception, behavior, or irritation.

    What's left after these nothing-burgers?

    Looking back, I’m glad that people have strongly disliked some of the software I’ve built[…]. If I’d happened to work on popular applications for my whole career, I’d probably believe that that was because of my sheer talent.

    Wtf? They think they wouldn't be able to recognize that it's not solely on them or their superiority that their software is popular?

    I… don't get it. Maybe I just don't get what this is supposed to be about.

  • AV1’s open, royalty-free promise in question as Dolby sues Snapchat over codec

    Jump

  • This is so sad, and bad, and tragic :(

    These central standards should be a common good. Pay out the patents with a fair price and move them into the public good. I imagine they already made more than enough money through these patents through HEVC.

  • AV1’s open, royalty-free promise in question as Dolby sues Snapchat over codec

    Jump

  • but the article itself doesn’t mention what patents AV1 would have broken

    The article does mention and links them

    Dolby is accusing Snap of infringing upon four of its patents: U.S. Patent No. 10,855,99 “Inter-plane prediction”; U.S. Patent No. 9,924,193 “Picture coding supporting block merging and skip mode”; U.S. Patent No. 9,596,469 “Sample array coding for low-delay”; and U.S. Patent No. 10,404,272 “Entropy encoding and decoding scheme.”

  • Martin Fowler: ORM Hate

    Jump

  • If you don't use the parameter functionality of prepared statements, yeah. That also means you don't use a prepared statement, you construct varying sql strings and prepare varying "prepared" statements.

  • Your thoughts on Code Reviews

    Jump

  • 5 with reasonable acceptance and use, even advocacy, for up to 1. I don't see a difference between 4 and 5, though.

    Reviews should be the norm. Even for simple changes, a simple code change should be simple to review and approve, too. At the same time, some formatting changes or small or minimal changes with high confidence can be pushed to main without review - that'd be just wasted time and effort on the reviewer's side. High urgency can also warrant an immediate push to main, or live hotfixing on prod if possible, with a corresponding PR still open.

  • Could online age verification be done in a way that protects privacy and autonomy?

    Jump

  • What do you mean by government suppression? The government suppressing entities, or you as the authorizing individual?

    EU has eIDAS, and Germany has an existing working system. A certified publisher and you with your NFC phone can confirm your age above x without disclosing any other information about your identity. It runs with sophisticated cryptographic negotiation between the three parties. For you as an end user, obviously the government already knows of your existence beforehand and can serve as an authorative entity. The two other parties can then verify their validity to each other through the mutually trusted entity without revealing unnecessary information to any of the parties. Practically, the requesting entity must be certified by the state to confirm their validity and reasonable necessity of what kind of data they plan to request, and the user use their moile phone NFC and an app to read their identity document, and give explicit consent to specific data sharing.

    I'm not too familiar with the specifics of what the state can see in this system. It seemed plausible to me that they may not even see that you're authenticating with a specific party or that and what you're sharing. Cryptography ftw.

  • The Mermaid community is officially open

    Jump

  • Requires an account to even look at the Mermaid source of a diagram. :/

  • Jenkins @programming.dev
    Kissaki @programming.dev

    Automating Jenkins on Android with Infrastructure as Code - Jenkins Blog

    www.jenkins.io /blog/2025/10/31/automating-jenkins-on-android/
  • .NET @programming.dev
    Kissaki @programming.dev

    How Copilot Studio uses .NET and WebAssembly for performance and innovation - .NET Blog

    devblogs.microsoft.com /dotnet/copilot-studio-dotnet-wasm/
  • .NET @programming.dev
    Kissaki @programming.dev

    dotnet 10 releases in four days

  • .NET @programming.dev
    Kissaki @programming.dev

    Announcing Sponsorship on NuGet.org - .NET Blog

    devblogs.microsoft.com /dotnet/announcing-sponsorship-on-nugetdotorg-for-maintainer-appreciation/
  • Programming @programming.dev
    Kissaki @programming.dev

    GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog

    www.koi.ai /blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace
  • VS Code @programming.dev
    Kissaki @programming.dev

    GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog

    www.koi.ai /blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace
  • Visual Studio @programming.dev
    Kissaki @programming.dev

    Modernizing Visual Studio Extension Compatibility: Effortless Migration for Extension Developers and Users - Visual Studio Blog

    devblogs.microsoft.com /visualstudio/modernizing-visual-studio-extension-compatibility-effortless-migration-for-extension-developers-and-users/
  • Jenkins @programming.dev
    Kissaki @programming.dev

    GSoC 2025 Final Term: Build Retooling of jenkins.io

    www.jenkins.io /blog/2025/10/19/birajit-saikia-gsoc-finalterm-update-blog-post/
  • .NET @programming.dev
    Kissaki @programming.dev

    Announcing the .NET Security Group - .NET Blog

    devblogs.microsoft.com /dotnet/announcing-dotnet-security-group/
  • .NET @programming.dev
    Kissaki @programming.dev

    .NET and .NET Framework October 2025 servicing releases updates - .NET Blog

    devblogs.microsoft.com /dotnet/dotnet-and-dotnet-framework-october-2025-servicing-updates/
  • Game Development @programming.dev
    Kissaki @programming.dev

    Bloodthief Took Me 2.5 Years To Make - Blargis (YouTube, 25min)

  • Web Development @programming.dev
    Kissaki @programming.dev

    Bun 1.3 release

    bun.sh /blog/bun-v1.3
  • .NET @programming.dev
    Kissaki @programming.dev

    Preparing for the .NET 10 GC (DATAS) - .NET Blog

    devblogs.microsoft.com /dotnet/preparing-for-dotnet-10-gc/
  • DevOps @programming.dev
    Kissaki @programming.dev

    how AWS S3 serves 1 petabyte per second on top of slow HDDs

    bigdata.2minutestreaming.com /p/how-aws-s3-scales-with-tens-of-millions-of-hard-drives
  • Web Development @programming.dev
    Kissaki @programming.dev

    Web Platform Tests - Interop Project - Web Interoperability Report

    wpt.fyi /interop-2025
  • Programming @programming.dev
    Kissaki @programming.dev

    Pijul - DVCS, based on the theory of patches, inspired by darcs

    pijul.org
  • Version Control Systems @programming.dev
    Kissaki @programming.dev

    Pijul - DVCS, based on the theory of patches, inspired by darcs

    pijul.org
  • Web Development @programming.dev
    Kissaki @programming.dev

    Wasm 3.0 Completed - WebAssembly

    webassembly.org /news/2025-09-17-wasm-3.0/
  • Programming @programming.dev
    Kissaki @programming.dev

    Wasm 3.0 Completed - WebAssembly

    webassembly.org /news/2025-09-17-wasm-3.0/
  • Web Development @programming.dev
    Kissaki @programming.dev

    REACT-VFX - WebGL effects for React - Crazy Visuals on the Website

    amagi.dev /react-vfx/