I started getting messages every week from a carbon black scan blocking access to some npm’s package.json.

IT just white listed files named package.json.

My answer is usually “I don’t care how well it runs on your windows machine. Our deployments are on Linux”.

I’m a old developer that has done a lot of admin over the years out of necessity.

A user

IT is an administrative function and is really part of operations.

Software development is generally a creative position and is a profit center. If you work somewhere where you develop internal apps, you may have a different perspective.

It goes both ways. At my old job, they took away local admin. But for some reason they configured visual studio to run as admin. So, I just wrote a little program that opens the shell. Whenever I needed admin, I just ran that program from Visual Studio.

By your logic it would be a positive for your code to have errors/warnings. And on the latter, that would appropriate if there was a test that determined if you are free from all known diseases (or at least those that it can detect).

That’s why I said false negative. The medical test is testing for the presence of a disease. So if they find the disease is considered a positive test (it found what it was looking for). For static analysis on code, its the opposite. Its testing if your code is free of issues that it can detect. If it finds no issues, then the test was positive. If does find issues, the test failed and each issue is a negative that contributed to the test failing.

Warnings and errors are negatives not positive. So if it generates a warning that is OK, it’s a false negative.

My experience is exactly the opposite. I don’t work for a FAANG but I’ve been around the block a bit. Its always the junior devs that try and add new warnings etc to the code base. I always require warnings to be cleaned up even if that means disabling specific instances (but not the whole rule) because the rule is flagging a false negative.

A homebuilt rack mounted server running Fedora and sendmail. I’ve been using/configuring sendmail since the 80’s and we didn’t have fancy .mc preprocessing back then.

The outgoing relay is a paid service by Hostinger which resells titan.email. I just set the configuration in the relay to use the same credentials I set up in my SMTP/IMAP connections in tbird.

I set up my outgoing email to relay through an external server. I used to have comcast business class but when I sold my house, my only option at my condo is the comcast provided by the HOA (Comcast communities) which is residential. So lots of sites refuse to accept email send directly from my server. Comcast has a relay but it has crazy low rate limiting which is a pain when we need to send emails to all players.

I love my NUCs but haven’t really paid attention to what has happened since Intel sold that line to ASUS.

I did that few years ago when I re-ripped all my CDs and vinyl to flac.

I hace so many websites that require 2FA and don’t support authenticator apps.

What do you 8f a website requires phone number for 2FA?