| ▲ | naikrovek 4 days ago | |
> The solution is to not use email. and use what? instant message? few things lack legitimacy more than an instant message asking you to do something. Links in email are much more of a problem than email itself. So tempting to click. It's right there, you don't have to dig through bookmarks, you don't have to remember anything, just click. A link is seductive. the actual solution is to avoid dependencies whenever possible, so that you can review them when they change. You depend on them. You ARE reviewing them, right? Fewer things to depend on is better than more, and NPM is very much an ecosystem where one is encouraged to depend on others as much as possible. | ||
| ▲ | rollcat 3 days ago | parent | next [-] | |
> the actual solution is to avoid dependencies whenever possible, so that you can review them when they change. If you're publishing your software: you can't "not" depend on some essential service like source hosting or library index. > You ARE reviewing them, right? Werkzeug is 20kloc and is considered "bare bones" of Python's server-side HTTP. If you're going to write a complex Python web app using raw WSGI, you're just going to repeat their every mistake. While at it: review Python itself, GCC, glibc, maybe Linux, your CPU? Society depends on trust. | ||
| ▲ | notmyjob 3 days ago | parent | prev [-] | |
Depends what you use it for. I don’t think email is a single thing in that regard. For example I’ve used it as a backup method for important files and also as 2 factor. Those are wholly different things that warrant different solutions. The majority of email volume is not person to person communication but part of some corporation/spammers/scammers business model who at best, like my bank, is using it to shift liability away from themselves onto consumers and at worst is attempting to defraud me of all I own. It’s still useful in business, maybe, but pretty sure teams/slack/… will win eventually. | ||