That is basically what this does, but more reliably.

…is terrible.

It’s for closed source software obviously.

Probably NPM packages. I once saw a guy who was super proud that they “maintained” something insane like 500 NPM packages. They had custom tooling to make it possible.

Of course it was all less than worthless.

Yeah I do wonder if we need an easier way to declare these things because programmers are lazy and even in Rust I wouldn’t always bother.

You can kind of do it in Typescript with strings:

function create_user(role: "admin" | "normal")

But of course the downside is they are strings at runtime. I’m sure it’s possible though.

Rust doesn’t need this as much because it has enums so you can just do create_user(user, Role::Admin, Notify::None).

Or just “slopping” maybe? “Stop slopping up code.”

Yeah Ruby sucks but that was an interesting read, and the way they used Serde to decode Ruby values is a very clever trick!

Oh so… there actually aren’t “so many other good tools out there that don’t pull this kind of shit [have bugs]”…

Do you know of an alternative to VSCode that has no bugs? That would be amazing!

Tbh while DST (or just “testing” as hardware people would call it) is very obviously a great idea, I’m not sure it would have helped here - in order to detect these TOCTOU bugs you would need stimulus that triggers it and some kind of checker/model that has the correct behaviour.

That’s totally possible but it’s pretty hardcore testing for a software project and it’s difficult to imagine doing that without realising that you have a TOCTOU issue just by inspection.

Sooo evil, making a great editor available completely for free that you don’t have to use at all. How dare they? Practically Hitler!

The entitlement is off the scale…

the researchers guided mythos to the vulnerabilities, not the other way around

I don’t think that’s true, based on what I read.

What kind of vectors?

Without further information, right-open is usually the best choice.

Feeling the pressure from Jujutsu.

JavaScript isn’t even close to the worst language to ever exist.

I suspect just asking would work. The number of people that will use AI to make sloppy PRs is going to be a lot higher than the number that will bare-faced lie about having used AI.

RSSI just means Received Signal Strength Indicator. Any radio system can provide it - it’s not specific to BLE.

Bluetooth classic can provide RSSI too. Maybe the OS doesn’t expose currently it but that’s why I was suggesting modifying the OS. The only difficulty might be if the drivers are closed source, but worth a look I reckon!

adding RSSI might only work on newer devices, since classic pebbles are just Bluetooth and Bluetooth le

I don’t follow. It’s extremely unlikely that the actual hardware doesn’t give you RSSI.

Yeah I could have told you this wasn’t going to work. You need latency measurements accurate to the order of a nanosecond. There are way too many things in-between that have variance on the order of microseconds or more, especially thread scheduling.

You need hardware support for something like this to work, as in WiFi RTT.

Isn’t PebbleOS open source? I’d probably make a patch to add RSSI support to the OS.