• Björn Tantau@swg-empire.de
    link
    fedilink
    arrow-up
    167
    arrow-down
    5
    ·
    8 months ago

    It’s kind of funny because it looks like it is nonsense dreamt up by a non-programmer. But it actually works.

    • mac@infosec.pub
      link
      fedilink
      arrow-up
      147
      arrow-down
      1
      ·
      8 months ago

      I thought it was poking fun at the tutorial saying instead of learning to code, import a library from someone who knows how to code.

      • lowleveldata@programming.dev
        link
        fedilink
        arrow-up
        43
        arrow-down
        2
        ·
        8 months ago

        That’s what libraries are for. I’m no security expert and the sensible thing to do is using a library instead of taking a class.

          • gears
            link
            fedilink
            arrow-up
            7
            ·
            8 months ago

            Jesus that was one hell of a thread

          • unique_hemp@discuss.tchncs.de
            link
            fedilink
            arrow-up
            4
            ·
            8 months ago

            Love the part where he claims that if your users are authenticated, it’s not untrusted input. I mean, surely you trust all of your users to run any code on your server, right?

          • Gabu@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            8 months ago

            Impressive and unsurprising. As soon as you start getting complex libraries with multiple dependencies it becomes nearly impossible to review everything. At one time I had an interest in contributing to some AI libraries, but they’re a mess as soon as you go looking for points of improvement.

      • billwashere@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        8 months ago

        Which is funny because when I first started my CS degree in the late 80s (get off my lawn) we used to make fun of the beginning Java classes because it seems 90% of coding was to import the right library.

      • mac@infosec.pub
        link
        fedilink
        arrow-up
        16
        ·
        8 months ago

        “I also sampled everything in the medicine cabinet”

        This made me smile.

      • RobertoOberto
        link
        fedilink
        arrow-up
        3
        ·
        8 months ago

        From the hovertext: “I wrote 20 short programs in Python yesterday. It was wonderful. Perl, I’m leaving you.

        After years of a dozen other languages, I finally tried Perl the other day.

        Never again, if I can help it.

    • Otter@lemmy.ca
      link
      fedilink
      English
      arrow-up
      30
      ·
      8 months ago
      from Lemmy import Upvote
      from Fediverse import Posts
      from ActivityPub import Submit
      
      target_post = 'https://lemmy.ca/post/18691085'
      num_votes = 8
      
      post = Posts.open(target_post)
      
      package = Upvote(post, num_votes)
      
      package.Submit(target_post)
      

      or something