I don’t really understand the point of sandboxing if you’re going to give it access to all your accounts (which it needs to do anything useful). It reminds me of https://xkcd.com/1200/
Yeah I have been planning to give it its own accounts on my self hosted services.
I think the big challenge here is that I'd like my agent to be able to read my emails, but... Most of my accounts have Auth fallbacks via email :/
So really what I want is some sort of galaxy brained proxy where it can ask me for access to certain subsets of my inbox. No idea how to set that up though.
it'll be interesting to see if people start writing worse as a form of countersignalling. deliberately making spleling mistakes, not caring about capital letters, or punctuation or grammar or proper writing techniques and making really long run-on sentences that don't go anywhere but hey at least the person reading it will know its written by a human right
That’s fair, but GitHub themselves do it with GitHub Actions. Versioning of all official actions is done with git tags, which has always made me uncomfortable.
That makes sense, so does doing releases by using tags, why would that make you uncomfortable?
What doesn't make sense, is creating a completely new language/framework/package manager and decide to place the package registry burden on someone else.
Are you confusing tags with branches? Git tags for all intents and purposes are immutable. If you have a tag in your local repository that was pulled down from another remote, and the remote changes the tag and you update your local repository, it'll reject the incoming tag.
It's true they're both refs inside git, but git literally treats them as "shouldn't move", unlike branches. They're not immutable in the technical sense, so I guess you're technically right. But they're not used the same way as branches, and the tooling won't like that either.
That's irrelevant in the context of GitHub Actions: CI runners clone the repo fresh every run. If someone gets write access to a widely used action, they can force push all tags to point to a malicious commit.
> Pinning an action to a full-length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
If you're in (for example) a CI context and do a git checkout @tag, there's no guarantee that you'll get the same content as the last time you fetched that tag.
> At one point I had the misfortune to be the target audience for a particular stomach churning ear wax removal add.
So isn’t it possible that your friend had the same misfortune? I assume you were similar ages, same gender, same rough geolocation, likely similar interests. It wouldn’t be surprising that you’d both see the same targeted ad campaign.
Have you considered it was just proximity? The overlords know you were in proximity with your friend. It is not unreasonable to assume you share interests and would respond to the same ads.
There was a fun hacker news post a while back [0] about a website that had generated every solvable-without-backtracking 5x5 nonogram. I found it very addictive, and the creator has since released it as a paid mobile app. Highly recommended for commutes!
I really didn’t expect to get a new favourite game of all time in my 30s, surely the nostalgia factor was too strong, but Outer Wilds was exactly that for me.
reply