No, WinGet does not generally protect against this. While PRs to update package versions are verified in some way before going live, the necessary throughput can only be achieved with shallow checks. A determined actor could easily get a malicious update in, once they control the original source.
Other than that, WinGet is mostly just "run setup.exe". It is not a package manager. It's basically MajorGeeks as a mediocre CLI.
Dunno what they’re trying to build, but I encourage everyone to try what they already have built. It helps me work on multiple changesets in parallel. This often just happens, for example you work on something and discover a bug in something else that needs to be fixed. In GitButler, I can just create another branch, drag the changes in there, push and done.
Also, if you ever worked with Perforce, you might be familiar with changelists. It’s kind of like that.
Now, GitButler is by no means perfect. There are many rough edges. It tends to get stuck in unexpected states and sometimes it isn’t easy to rectify this.
It also cannot split changes in a single file, which is a bummer, because that’s something I encounter routinely. But I understand this complicates the existing model tremendously.
No. There is a disconnect between domain insiders and those that are not. This is not specific to any one domain. It's also not about age.
Some insiders know about this disconnect and fewer still can bridge it easily.
Those that cannot even sense this disconnect, they're a bit of a pain in certain situations. You know, like talking to project stakeholders or customers.
Maybe, but LLMs solve but one issue (maybe two). Take me, for example. I am highly proficient regarding software development in most aspects. Except for that tiny problem: I wouldn't even know what to build. And at least for me, LLMs could not help with that.
The whole side project or even private project thing doesn't just hinge on being able to produce software. There's a lot more.
Well, yes, DuckDuckGo is not Google. You have to accept that. Not just surface-level, but for real.
What made this easy for me is that Google is also no longer Google. Ever since it started basically ignoring my actual search query, I stopped using it. I used to be very good at using Google, too.
DuckDuckGo is quite bad at times, yes. But then, so is Google. If I need to find something I cannot put into search terms, LLMs are helpful. From my trial experience I would say Kagi is also a capable search machine, for some niches.
Yeah, same. I use an extended keyboard layout on my PC. I'm so used to it I have to actively decide against using proper quotes and dashes and whatnot. I don't bother on mobile, though.
Every time someone states they stop reading when they encounter proper typography, I feel attacked.
Other than that, WinGet is mostly just "run setup.exe". It is not a package manager. It's basically MajorGeeks as a mediocre CLI.
reply