If there's a query parameter that you have a legitimate use for, like `q` for searching, obviously you should configure your web server to let it through.

Even in that case, you might want to block unexpected values as early as possible in your stack. For example, if you have a legitimate use for a certain set of `utm_source` values, but someone sends you bobby tables, you probably shouldn't log it blindly.

Ditto for the Referer header -- there's a lot of spam, and some of those strings might even be dangerous. You can't trust any of them anymore.

Don't worry, every country seems to be moving toward a future in which you need to present government ID to use any online service whatsoever.

This will solve the problem of automated signups ... until AI models start getting valid government IDs, too. /s

Nope, properties must be an object (dictionary or null). Which means each property can only appear once.

The spec doesn't say what type the value of a property can be, though. Examples in the RFC show strings, floats, and a nested object. So you could probably put a list in there as well if you want to store multiple values under the same key, provided that your decoder knows what to do with such values. (GeoJSON is often converted to and from WKB/WKT, and unorthodox values may be lost in the conversion.)

Semver doesn't help if you just declare all older versions EOL.

What you're looking for are Debian stable packages. :p

What's the smallest unit of functionality to which your principle applies?

For example, each comment on HN has a line on top that contains buttons like "parent", "prev", "next", "flag", "favorite", etc. depending on context. Suppose I might one day want to remove the "flag" functionality. Should each button be its own file? What about the "comment header" template file that references each of those button files?

I think that if you continue along the logical progression of the parent poster, then maybe the smaller units of functionality would be represented by simple ranges of lines of text. Given that, deleting a single button would ideally mean a single contiguous deletion from a file, versus deleting many disparate lines.

The `comment_header` template would iterate over the files in `comment_header.d/*`, which would, admittedly, need forced sorted naming:

100_parent.template

150_context.template

200_prev_next.template

300_flag.template

350_favorite.template

Looks odd with the numbering, no?

But then you get the added benefit of being able to refer to them by numbers, just "100" or "300" without having to glue humanlang inflection, declension, punctuation onto identifiers that happen to be words...

Some places where you can see this pattern: BASIC's explicit line numbering; non-systemd init systems.

Maybe the buttons shouldn't be their own files, but the backend functionality certainly could be. I don't do this, but I like the idea.

If that's the tradeoff they're willing to make, who are you to say that they're doing it wrong?

Not every app needs 24/7 availability. The vast majority of websites out there will not suffer any serious consequences from a few hours of downtime (scheduled or otherwise) every now and then. If the cost savings outweigh the risk, it can be a perfectly reasonable business decision.

A more interesting question would be what kind of backup and recovery strategy they have, and which aspects of it (if any) they had to change when they moved to Hetzner.

Tney gave it a sexy name and set up a website about it (a github repo, at any rate), instead of just talking about it in a mailing list and getting a CVE like a proper bearded security researcher.

It’s getting warm above the equator, they may have shaved for the season.

That 1 second of loading time probably has more to do with heavy frontends and third-party scripts, than the backend server's capacity.

$100 is peanuts to most businesses, of course. But even so, I'd rather spend it on fixing an actual bottleneck.

Yup, distillation never produces a pure product. Cask-strength whiskeys contain quite a lot of water, even though nobody is stupid enough to distill at 100C. Even an industrial column still can't go over 96% ABV.

There is always some amount of vapor pressure, even below the boiling point of a substance. Otherwise, neither water nor alcohol would evaporate by themselves at room temperature! The temperature we call the "boiling point" is just the temperature at which the vapor pressure equals the ambient pressure.

If ethanol and methanol were readily distinguishable by taste, much fewer people would have died or gone blind drinking moonshine.

Whatever subtle differences exist between them are probably unnoticeable to people who are already drunk, not to mention drinking cocktails with all sorts of other flavors mixed in.