gotcha   800

« earlier    

Enabling C++11 And Later In CMake
Projects will also probably want to set the following too:

set(CMAKE_CXX_EXTENSIONS OFF)
On some platforms, this results in linking to a different library (e.g. -std=c++11 rather than -std=gnu++11). The default behavior is for C++ extensions to be enabled (credit to ajneu in the comments for pointing out this particular variable and its effects). It is important to be consistent in whether or not extensions are enabled when linking targets, as mixing different settings can result in trying to mix standard library implementations (dangerous at best).
gnustd  cmake  standard  c++  std  gotcha 
9 weeks ago by legumbre
Border Patrol Agents Attempted to Delete Racist Posts
The scrubbing began quickly. At 10:55 a.m., ProPublica published a story reporting the existence of a secret, invitation-only Facebook group for current and former Border Patrol agents that featured vulgar, violent, and misogynistic content directed at migrants and lawmakers.

A little over two hours later, Rep. Bennie G. Thompson, chair of the House Committee on Homeland Security, called for active-duty agents responsible for the posts to lose their jobs. Minutes after that, U.S. Customs and Border Protection, the agency that oversees the Border Patrol, said in a tweet that the inspector general’s office at the Department of Homeland Security was “immediately informed” of the “disturbing social media activity,” and an internal investigation has been launched.

Back in the “I’m 10-15” Facebook group, evidence that might inform such an investigation was quickly disappearing. The name of the group — radio lingo Border Patrol agents use when they take a migrant into custody — was changed to “America First X 2,” and the group was archived.
2019-07  immigration  bigotry  racism  government  gotcha 
july 2019 by Weaverbird
meta/LPAR
So in conclusion:

Use TIMESTAMP WITH TIME ZONE so that you get a time zone in your retrieved values, and don’t worry because one isn’t being stored.
Use timezone=UTC in the connection URL so that the time zone you get in your retrieved values is the one you want, UTC.
Convert the time.Time values to whatever time zone you want for display purposes.
golang  timezone  database  utc  gmt  postgres  gotcha 
april 2019 by hellsten
Share node_modules binary between containers in docker-compose - Server Fault
Volumes are shared only at runtime, not in build time.

Every RUN instruction works in build time, at this moment the volumes are not available.
docker  gotcha  volumes 
april 2019 by hellsten
Lightweight Docker Images in 5 Steps - Semaphore
Being a compiled language, Elixir has a nice property that the resulting compiled binaries are self-contained, and can pretty much run on any Linux distribution. This is when the alpine image becomes an awesome candidate.

The base image is only 5 MB, and if you compile your Elixir application, you can achieve images that are only around 25 MB in size. This is awesome comparing to the 1.5 GB beast from the beginning of our Docker journey.

With Go, which we also use occasionally, we could go even further and build an image FROM scratch, and achieve 5 MB-sized images.
docker  elixir  ruby  go  gotcha 
april 2019 by hellsten
Docker and the PID 1 zombie reaping problem
Let's look at a concrete example. Suppose that your container contains a web server that runs a CGI script that's written in bash. The CGI script calls grep. Then the web server decides that the CGI script is taking too long and kills the script, but grep is not affected and keeps running. When grep finishes, it becomes a zombie and is adopted by the PID 1 (the web server). The web server doesn't know about grep, so it doesn't reap it, and the grep zombie stays in the system.

Every time a process exits even though it has child processes, it's expecting the init process to perform the cleanup later on.

So how does this relate to Docker? Well, we see that a lot of people run only one process in their container, and they think that when they run this single process, they're done. But most likely, this process is not written to behave like a proper init process. That is, instead of properly reaping adopted processes, it's probably expecting another init process to do that job, and rightly so.


When building Docker containers, you should be aware of the PID 1 zombie reaping problem. That problem can cause unexpected and obscure-looking issues when you least expect it. This article explains the PID 1 problem, explains how you can solve it, and presents a pre-built solution that you can use: Baseimage-docker.

Consider Nginx as an example, which daemonizes into the background by default. This works as follows. First, Nginx creates a child process. Second, the original Nginx process exits. Third, the Nginx child process is adopted by the init process.

Orphaned process adoption

You may see where I am going. The operating system kernel automatically handles adoption, so this means that the kernel expects the init process to have a special responsibility: the operating system expects the init process to reap adopted children too.

This is a very important responsibility in Unix systems. It is such a fundamental responsibility that many many pieces of software are written to make use of this. Pretty much all daemon software expect that daemonized child processes are adopted and reaped by init.
docker  gotcha  pid  devops  unix  linux  daemon  init  zombie  reaping 
april 2019 by hellsten
Attention, Filmmakers: Your Website Sucks! | IndieWire
Focused on #indie #film websites but hooks into overall marketing & #distribution strategy #kudos
independent  film  marketing  distribution  audience  plan  strategy  website  email  list  gotcha  pitfall  design  reference  exceptional  howto  guide  social  media  goal  personality  user  experience  global  rights  management  19eyz  Business 
april 2019 by csrollyson
Refused to execute inline script because it violates the following Content Security Policy · Issue #430 · turbolinks/turbolinks
I have a similar issue when requesting a .js.erb template after a Turbolinks visit.

I use rails-ujs (5.2.1) and turbolinks (5.2.0) and I have the csp_meta_tag set in my layout head.

What I understand of the problem, is that after a Turbolinks visit, the csp-nonce meta tag isn't updated in the DOM. Then, if a request to a .js.erb template is made, the js code will be injected inside an inline script by the rails-ujs library but with an outdated csp-nonce content.

A solution is to avoid to regenerate a csp nonce when it is a turbolinks request (what you did in your second solution). Then the csp-nonce content in the DOM and the one used server side stay synchronized.

Your first solution works, because setting "data-turbolinks-track": :reload and nonce: true together force a page reload on every turbolinks visit (as the javascript tag changed with the nonce). Which update the csp-nonce content but break the Turbolinks "magic".

However, it feels like a better solution would be to update the csp meta tag after a turbolink visit, but I have no solution for this yet.
rails  ujs  csp  gotcha 
march 2019 by hellsten
security - How can bcrypt have built-in salts? - Stack Overflow
Stored in the database, a bcrypt "hash" might look something like this:

$2a$10$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa

This is actually three fields, delimited by "$":

2a identifies the bcrypt algorithm version that was used.
10 is the cost factor; 210 iterations of the key derivation function are used (which is not enough, by the way. I'd recommend a cost of 12 or more.)
vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa is the salt and the cipher...
bcrypt  authentication  gotcha  algorithms 
january 2019 by hellsten
Building the Topic Exchange tutorial with STOMP – Google Grupper
SEND
destination:/exchange/topic_logs/kern.critical
...

and for subscribing:

SUBSCRIBE
destination:/exchange/topic_logs/#

or
destination:/exchange/topic_logs/kern.*

or
destination:/exchange/topic_logs/*.critical

or (multiple)
destination:/exchange/topic_logs/kern.* *.critical
stomp  rabbimq  routing-key  multiple  api  gotcha 
january 2019 by hellsten
Message order and delivery guarantees in Elixir/Erlang
Same applies to the inter-node communication. Order in which messages sent between two processes is preserved, but message flow may be interrupted at any given moment and skip any number of messages in between.
two-generals  erlang  at-least-once  messaging  message-queues  architecture  gotcha 
december 2018 by hellsten

« earlier    

related tags

$_server  $_server['php_self']  1209paa  19eyz  2017-06-12  2017-06-13  2017-06-15  2017-06-17  2018-08-06  2019-07  __eq__  __hash__  absolute  advice  algorithms  annoyance  annoyances  ansible  antipattern  api  app  architecture  argument  array  arrays  article  ascii  asp.net  async  at-least-once  attrs  audience  authentication  available  await  axis  azure-cosmosdb  azure  bash  bcrypt  benefits  best  bestpractice  bestpractices  bigotry  blank  blog  bool  bug  business  butwhy  buy  byte  c++  calendar  caveat  celery  cgi.fix_pathinfo  chaining  check  clever  click  cloudcomputing  cmake  code  colonial-era  comicstrip  command  commandline  compare  comparison  compatibility  concurrency  condo  conf  configuration  context  convention  copying  csp  daemon  database  datetime  datrkpattern  dba.stackexchange  dbapi  deb  debconf  debian  delaying  design  development  devops  distribution  django  docker-compose  docker  documentation  elder  elixir  email  empty  encoding  entityframework  equality  erlang  error  errormessage  esoteric  etherpad  everyoneisfired  example  exceptional  existent  experience  explained  explanation  faq  fastcgi  file  fileio  film  filter  find  fix  float  fuckina  function  functions  gender  git  glob  global  gmt  gnustd  go  goal  golang  gotchas  government  groovy  guidance  guide  hash  helpful  history  historyexpansion  house  howto  httpoison  immigration  import  important  independent  india  ini  init  intellij  internet  is  isnan  issue  jasmine  java  javascript  joke  js  language  laravel  laravel5.5  laravel5  lateral  library  linux  list  load-balancing  locale  locking  locks  lumen  lumen5.5  macos  macosx  management  manager  map  marketing  math  media  message-queues  messaging  method  microservices  migration  mock  models  modules  mstest  multiple  multithreading  mutabledefaultarguments  mutex  mysql  mysql5.7  myths  nan  newbie  nginx  non  none  not  notation  null  numpy  objects  octonation  openness  osx  package  packages  pandas  password  paths  pdf  performance  performancetuning  perl  personality  pgpool  php-fpm  php.ini  php  pid  pitfall  plan  postgres  postgresql  prediction  procon  prog  programming  protip  psycopg2  python  python2.7  python3  query  queue  quickstart  quoting  rabbimq  racism  rails  react  reactjs  read-later  realestate  reaping  receiver  reference  refresh  relative  reload  repost  restart  retirement  rights  root  ror  routing-key  ruby  rubyonrails  samba  scalability  scm  script  scripting  security  selec_for_update  serializable  server  set  setting  shell  shellcheck  social  solution  sql  ssl  stackexchange  stackoverflow  standard  standards  statements  stats  std  stomp  strategy  stream  swift  syntax  task  terraform  testing  time  timezone  tips-and-tricks  tips  tolearn  tooling  toread  totry  tounderstand  troubleshoot  troubleshooting  tutorial  two-generals  typeglob  ujs  unicode  unicorn  unittesting  unix  unused  update  useful  user  utc  utf-8  value  values  variables  volumes  vstest  vue  web-development  webapi  webcomic  webdev  website  weirdness  where  wildcard  workaround  wtf  xargs  zombie 

Copy this bookmark:



description:


tags: