refusal to allow useful endpoints that aren’t sufficiently restful

And there are good reasons for that, GraphQL-like endpoints seem great to use, but are often a bad idea. The more freedom is given through an API, the less guarantees one can deliver. Security, scalability, and maintainability all become more difficult for APIs with endpoints that attempt to do several things at once.

But most importantly, REST doesn’t tell you exactly how to build your endpoints, as long as they’re stateless, cacheable, and refer to system resources with enough context to allow their direct manipulation.

These are good principles for older and modern web apps, that hasn’t changed. In fact, one can argue that the larger and more complex the system the more important it is to simplify its endpoints. And you can build pretty complex systems while following these criteria.

And what’s inherently new in modern applications? We’re transferring state and operating on resources just like we used to do. Most web apps are variations of CRUD.

context, for the unaware

https://en.wikipedia.org/wiki/1995_Greater_Pittsburgh_bank_robberies

you’d rather have no responses following a standard rather than only some doing that? No, thanks.

returning a 400 never prevented me from adding more info to the response

you must find it really annoying to learn Spanish, German, Portuguese, Italian, and a bunch of other languages that have gendered nouns.

or “oh yup, just need to give it a kick”

used OpenSearch in a recent project, but the number of annoyances with it are through the roof. From SSL certs setup to bad defaults in settings, and the fact it does type inference for indices requiring you to manually recreate the index, and the docker container that takes 30s to start every time…

If you can use mongo, just use that. Or pick something other than OpenSearch if that’s overkill for you.

but from the floor, yummy

That’s my point, checking a few boxes in the settings is the bare minimum if you care about it, so idk what’s the value in comparing defaults.

And privacy is often a tradeoff, if a browser doesn’t have the strictest by default, it’s probably because the ones who forked it didn’t consider it a good tradeoff.

That only seems relevant if one uses the defaults, and if you care about privacy you probably don’t, so idk what’s the goal of this little experiment other than just curiosity.

It’d be a whole lot more useful if it was “here’s the connections these browsers made after enabling all privacy-preserving settings they offer”.

I’ll fix it in an hour. When I get to it in a couple of weeks.

yeah, it’s unfortunate the general population has no awareness of how insecure email is

Distros may not update software versions when backporting some things, meaning they add a suffix they control to the version e.g. 2.4.57-ubuntu1.2 whatever, but the version reported by the software itself might still be 2.4.57.

It depends on the release process. I was also confused once I was asking myself why the repo was reporting a CVE as fixed when it still showed the old version.

This is the way I see it too. Treat “POSIX-compliant” as an adjective and negate it.

who would have thunk

I also have no idea if my place has PVC or galvanized steel plumbing; or its designed electrical load. Why should users care about the DBMS.

yeah, it’s absolutely madness that some companies expect people to go through 3 to 6 rounds to receive a “we’ll let you know”

Navigating on a 6" screen is pretty annoying after getting used to the larger one.

some people really seem to think that shitting on the ones who actually do the job solves anything