On a user level I agree, on a technical level I disagree.
Reason for disagreement is that the preview is generated once with the access rights for the user posting that link (with the permission Slacks Google Docs integration got from the posting user). For performance reason it would be quite costly to generate a preview for every viewing user since access rights could be different for every user. Also access rights can change every time, so it would be necessary to recheck permissions regularly to decide if the preview should be renewed (removed/added/changed). This also would mean users need to wait longer for the preview to generate.
So every user posting a link on Slack (or any platform which generates previews with a special integration) should be aware of that fact
Every time someone says "for performance reasons" as a justification for wontfixing a security issue a million badguys rub their hands with glee.
If you can't do previews in a way that respects access permissions you shouldn't do them at all. This isn't a feature that is essential whereas security really is.
Moreover you really can't possibly have a security scheme that relies on every user being aware of something. Someone will either not know or will know but forget or make a mistake. Systems should be robust enough to accomodate usage by actual humans.
On Firefox (my main browser for all non-dev related things) I just use the main screen with the shortcuts - some of them sticky, most are just often visited pages gathered by the browser itself
Buy a pair of good running shoes and sport clothing and start running. Maybe a tracking device if you don't own one to track you progress. Also maybe do some weight/bodyweight training. Save the rest of the money. Or buy a bike.
- Dash (https://kapeli.com/dash) for browsing documentation locally (often faster than searching the web when you know what you are looking for), alternative: https://devdocs.io (works in browser), Zeal (https://zealdocs.org, for Windows & Linux)
- Sublime Merge for solving merge conflicts and committing individual lines (I'm for command line when working with Git, but `git add -p` is often frustrating, with Sublime Merge it's very easy once you got used to the tool)
I think this only works if you're doing a clean yearn install. If you have a yarn.lock file already generated, chances are every package is pointing to registry.yarnpkg.com instead.
