This.. AND… dev machines should be isolated environments via something like GitHub Codespaces, local docker containers or Google’s IDX.
You also shouldn’t be able to push code directly to anywhere other than a centralized repository. All the build stuff should happen in a dedicated and independent process.
From a security point of view you need to accept that the idea of running into a malicious package as a direct or indirect dependency is not only not zero but fairly realistic and you should try to limit the blast radius as much as possible for when that does happen.
I don’t know why you’re trying to make this some kind of gotcha. What I said was absolutely 100% standard security advice. You’re just making yourself look silly here.
But unless I’m missing something here it’s not some equal far left / far right issue.
It’s an issue with what seems to be exclusively far right parties who are getting caught one after another as a part of this ongoing investigation of operating on behalf of Russia where they are finding very clear money trails and communication records proving it.
So in that context, mentioning where specifically in the political spectrum this is happening is actually very relevant.
It doesn't matter if it's just one end of the spectrum. By pointing this out, you either are or appear to be riding the issue on behalf of the other end. This causes them to close ranks and dismiss it as partisanship.
Besides, Russia has changed its backing preferences over time. Just look at the frivolous moral gymnastics Oliver Stone has been performing from around Putin's arm.
It actually matters a great deal if it’s one end of the spectrum. That’s very much central to the larger issue.
There is nothing about the last ten years that would lead a most people to come to the conclusion that if only we didn’t mention where the problem was specifically that it would become a bipartisan thing that everyone would take seriously.
The ID group in the European Parliament has expelled the German AfD. The AfD tried to get them to only expel their top candidate Maximilian Krah instead, and has banned him from appearing at campaign events.
Looks less like closing ranks and more like passing the buck.
If only Teams was developed by the largest stakeholder in the Windows native app ecosystem. It would be a perfect chance to show off native UI tooling that would make other companies want to develop for that platform. Oh well...
While somewhat true, to its credit Teams is using basically the same UI stack for its web-based product (teams.microsoft.com) and its "native" desktop app, so there's a win there.
Also, the Teams desktop app has moved from Electron to Edge WebView2 - which is a Microsoft product.
Just finished reading the Wikipedia article in full and it actually seems fairly sensible given how quickly this had to come together.
Draws boundaries in what seems like sensible places (potential for social harm, amount of compute involved in training etc).
It tries to get out of the way entirely of a bunch of non controversial use cases.
Honestly I don’t hate it at first glance. The biggest thing I think people will get upset with is like GDPR this doesn’t just target EU based companies but companies who want EU users.
The EU doesn't have the legal authority to legislate when it comes to national security matters - the member states themselves retain exclusive control.
I think the arbitrary amount of compute involved in training cutoff is the only problem. Plays into the whole imaginary agi Terminator scenario. I'm glad the rest of the act seems to be targeting specific use cases that do in fact need regulations like social scoring etc.
This isn’t true in Flutter. They literally bake into the CLI with each release which will automatically identify and upgrade any parts in your application using old APIs without any intervention required. It’s literally the opposite of what you’re describing here.
What you described is Google breaking your code constantly but also giving you a tool to automatically fix the code they broke, so it fits well within the general philosophy of not taking breaking changes seriously.
It sounds like the tool might make the specific case of flutter version upgrades easier though, if the tool works well, so that's nice. Most Google software doesn't come with similar tools.
There is nothing about that that allows you to come to a good faith conclusion of “doesn’t take breaking changes seriously” when they literally do all of the work for you.
I don’t think that premise of “native UI for anything that needs polish” is true these days.
Canonical the company behind Ubuntu have said for some time now that all future app UIs of theirs would be done in Flutter starting with the very first thing people see the installation process.
Google just rewrote Google Earth’s UI in Flutter.
BMW are doing all of their in-car entertainment systems in Flutter.
Are any of those better than the alternative, or just cheaper?
I suppose if the alternative is “this only exists on one platform” or “this doesn’t exist at all” then maybe, but I find it a bit sad how keen we are as a profession to accept compromise and mediocrity to save developer time and expense.
2/3 of those examples had no requirements for cross platform and still chose it anyways. Additionally all 3 of those examples decided to take what they already had with native and decided to rewrite it because of the benefits.
I’m saying the “gap” between Flutter and native in this case is much much much smaller than you seem to think it is. Quite a bit has changed there in the past year or two.
That isn’t my opinion but that was the result of many major and very competent teams coming to that conclusion and putting their money where their mouth is in order to substantiate the claim.
Two of the examples mention are platform providers. If they standardize on flutter as their native UI, that’s fine and they are following my suggestion. If they port a BMW app from my dashboard to iOS / Android, I’m 99% sure you’ll see the issues I mentioned.
Google earth is fine, but doesn’t feel native. I think that’s fine for some apps (games mostly).
Welcome screen was a popover on iPhone (only available on iPads, should be a sheet on iPhone), with rounded non standard button and non standard horizontal lines.
“Signed in as” toast wasn’t designed for iOS rounded bottom and “swipe up” bar leaving ugly stripe.
Sheet easing is off, and FPS stutter.
No swipe from left to go back support.
Non standard animations all over. Visible FPS issues (on newest HW)
I could go on and on. Feels like an android app running in an emulator.
You asked how it doesn’t feel native. Using a design system from a different platform, and not complying with the interface guidelines of the current platform, is a big part of not feeling native.
And the frame drops and lack of system gestures, and lack of standard nav stack are major infractions on usability outside of design.
> Interestingly, the core idea presented here is nothing new. In truth, this is how every templating language that outputs HTML has worked since at least the early 2000s (likely even older).
It’s kind of hard to explain what an odd track the React crowd especially are on and how much complexity it has introduced that it’s now playing catch with with web development techniques that were more than *a quarter of a century old*
reply