So you don't need self signed certs for HTTPS on local if you want to, for example, have a backend API and a frontend SPA running at the same time talking to eachother on your machine (authentication for example requires a secure context if doing OAuth2).
> if you want to, for example, have a backend API and a frontend SPA running at the same time talking to eachother on your machine
Won't `localhost:3000` and `localhost:3001` also both be secure contexts? Just starting a random vite project, which opens `locahost:3000`, `window.isSecureContext` returns true.
This is used for scenarios where you don't want to hardcode port numbers, like when running multiple projects on your machine at the same time.
Usually you'd have a reverse proxy running on port 80 that forwards traffic to the appropoiate service, and an entry in /etc/hosts for each domain, or a catch all in dnsmasq.
Example: a docker compose setup using traefik as a reverse proxy can have all internal services running on the same port (eg. 3000) but have a different domain. The reverse proxy will then forward traffic based on Host. As long as the host is set up properly, you could have any number of backends and frontends started like this, via docker compose scaling, or by starting the services of another project. Ports won't conflict with eachother as they're only exposed internally.
Now, wether you have a use for such a setup or not is up to you.
they are all aiming to implement the same html spec
2. there is no official standard
there literally is
> A context is considered secure when it meets certain minimum standards of authentication and confidentiality defined in the Secure Contexts specification
Secure contexts, not a part of the html spec, are described in the w3c candidate recommendation, which I can assume you are calling the official standard, which states:
>5.1. Incomplete Isolation > >The secure context definition in this document does not completely isolate a "secure" view on an origin from a "non-secure" view on the same origin. Exfiltration will still be possible via increasingly esoteric mechanisms such as the contents of localStorage/sessionStorage, storage events, BroadcastChannel, and others.
>5.2. localhost > >Section 6.3 of [RFC6761] lays out the resolution of localhost. and names falling within .localhost. as special, and suggests that local resolvers SHOULD/MAY treat them specially. For better or worse, resolvers often ignore these suggestions, and will send localhost to the network for resolution in a number of circumstances. > >Given that uncertainty, user agents MAY treat localhost names as having potentially trustworthy origins if and only if they also adhere to the localhost name resolution rules spelled out in [let-localhost-be-localhost] (which boil down to ensuring that localhost never resolves to a non-loopback address).
>6. Privacy Considerations > >The secure context definition in this document does not in itself have any privacy impact. It does, however, enable other features which do have interesting privacy implications to lock themselves into contexts which ensures that specific guarantees can be made regarding integrity, authenticity, and confidentiality. > >From a privacy perspective, specification authors are encouraged to consider requiring secure contexts for the features they define.
This does not qualify as the "this" in my original comment.
Notably, assuming conformance to this standard, a browser might still not treat localhost domains as trustworthy if it has reason to believe they can be resolved remotely. However, I'm not sure in what environments this is likely to be the case, especially with browsers implementing their own DNS over HTTPS.
1. I can't write an email from an alias. For example I can't send an email from something+yourservice@example.pro. This is possible from Thunderbird using their bridge, but not from their email app on Android. I can reply to an email and it will preserve the alias, but I can't write one from scratch.
2. Emails are not downloaded locally on Android so I can't access them when internet is not available.
These 2 have been consistent issues for me over the 3 years I've used them, and when I've contacted their customer support about it I was told they have no intention of fixing them.
I use Proton on Android and I can write a new email using one of my aliases. Maybe it was fixed recently.
Regarding n° 2, I think it will never be fixed, given the nature of the service itself, in which all emails are stored encrypted, and the encryption keys are in the server.
The optimal way to use linkedin is to add as many people as possible from as many companies as possible that you're interested in. This way, when you want to apply for a job at any such company you have people already working there whom you can message directly and ask for a recommendation.
Just don't forget to unfollow everyone you connect with as well... there's only so many times a man ca read stories of how the dog was the CEO all along...
I don't use copilot but Claude integrated in Spacemacs through gptel.
On difficult things (new conceprs I don't already know): -100% efficiency. I just end up reading the manual/code and figure out things by myself.
On day to day things: +20% efficiency, mainly because it's a faster search/reminder.
On simple things (like boilerplate): +300% efficiency. It eliminates the tedious, boring bits for me so I have more time and brainpower to focus on the first category.
How I reached these numbers? gut feeling.
How I get consistent results? I add project files as context and then write as detailed prompt as I possibly and reasonably can (this does take time). Rubbish in => rubbish out, so it's important to prompt well. I've found out that I need multiple successive prompts to get good results with refinments, rewriting in place always gave me poor results.
Overall, it's a boost but since nowadays I tend to spend my time in the first category mainly, I don't end up getting that much out of it. The 10% people claim seems right to me.
I guess I'm more motivated to do the boring bits as I'm not the one actually doing them, just reviewing, and they fly by faster, but how do you even quantify that? enjoyment points?
Personally I preffer to use minitest and use dependency injection rather than the magic "allow to_receive and_return" parts of rspec. This makes my code more reusable.
But don't get me wrong, I won't refuse using rspec if it's already set up for a project, just wish it wasn't the go to default. I do believe the ruby + rails code people write would be better architected and more reusable with minitest + D.I. rather than rspec.
I could never warm to MiniTest, even though I want to as it's in the standard lib and I dislike unnecessary dependencies.
I've not checked recently but last time I used it didn't provide colour output without plugins and didn't include verifying doubles or spies out of the box.
There were a lot of other decisions required to make Minitest plesant in non-rails projects.
You can still use dependency injection with Rspec, it's just a nicer experience IMHO.
A note on one of the changes: "New package EditorConfig. This package provides support for the EditorConfig standard..."
Honestly the only reason to use this, and don't get me wrong, it's a huge reason, is to ensure windows users don't add CRLFs in their commits, and mess up diffs. Set `end_of_line = lf` and you're done.
`charset = utf-8` and `trim_trailing_whitespace = true` are also nice, but not as disruptive as `end_of_line`.
The other (indentation related) functionality should honestly be handled by language specific linters instead, as they can be syntax aware and allow for better control. I always disable those in practice.
Merely as an observation, if you care about crlf in _commits_, then you almost certainly want https://git-scm.com/book/en/v2/Customizing-Git-Git-Configura... and not that cited EditorConfig setting. The reason is that while on a system that _uses_ crlf if you were to open those lf-only files in any text editor, it'll run the lines together into a jumble
> The reason is that while on a system that _uses_ crlf if you were to open those lf-only files in any text editor, it'll run the lines together into a jumble
This isn’t true. Windows is the only major contemporary platform to use CRLF, and nowadays all major Windows text editors, especially those likely to be used by developers, can read files with LF-only line endings without jumbling all the lines together. 20 years ago, it was a different story, but that was then and this is now.
I'll get myslef one of these as well when I cash in my invoice for last month's work.