tmcdonald's comments

Ollama has a num_ctx parameter that controls the context window length - it defaults to 2048. At a guess you will need to set that.

Hey Justin - this is probably one of my favourite talks!

https://testdouble.com/insights/the-selfish-programmer

Was lucky to be at the conference when you gave it and it's stuck in my head since. When I'm struggling for motivation or my side projects seem to be just too big I give it another watch.

v4 will compile with libsass by default. You can set the TWBS_SASS environment variable to use the Ruby compiler if desired.

Dota 2 has been the most popular game on Steam for a while now, and with the gradual rollout of beta keys the number playing has been steadily climbing - you can see a graph of the number of players on steamgraph[1].

[1]: http://steamgraph.net/index.php?action=graph&jstime=1&appid=...

I've had 4 emails in the past month providing information about the phishing emails from my department, JCR and IT services, and despite that a number of accounts still got compromised.

Couldn't agree more about education never actually fixing the problem.

Both of them have applied for .search.

> The .search gTLD provides Google with the opportunity to differentiate its Google Search products and services by linking them to a unique gTLD. Google will be able to quickly distinguish new products and services it develops and⁄or acquires by offering them in the proposed gTLD.

> The mission of the .SEARCH registry is to provide a unique and dedicated platform for Amazon while simultaneously protecting the integrity of its brand and reputation.

> A .SEARCH registry will:

> • Provide Amazon with additional controls over its technical architecture, offering a stable and secure foundation for online communication and interaction.

> • Provide Amazon a further platform for innovation.

> • Enable Amazon to protect its intellectual property rights.

Basically, only for their own commercial gains. The other two applicants want .search to be a place for consolidation of search related domains, which seems like an absolute pipe dream.

It was specifically mentioned a couple of times in the post-launch press conference.

In general I wait until the new version is merged into master, and I use GitHub's compare view to see all the changes between the latest version and the previous one, which I keep open on one screen and go through each file updating the bits that have changed. For the Javascripts I just copy the whole folder over, since I don't fiddle with those.

The main exception to this was for 2.0, which had a separate branch for a while so that people could still use bootstrap-sass while updating their application to the new syntax. When 2.0 was merged into master, since it had been under such heavy development I reconverted the entire codebase.

There are a few quirks with the conversion from Less to SCSS, but these tend to be few and far between, and are usually down to me missing a variable somewhere. The main one is the use of namespaced mixins[1]. SCSS doesn't support this, so I have to prefix/suffix the namespace to each mixin within the namespace. Aside from that, and method names/variable notation, there (appears to be, can't speak authoritatively since I haven't really used Less) little difference between the two.

[1]: http://lesscss.org/#-namespaces

It's using my bootstrap-sass gem. [1]

[1]: https://github.com/thomas-mcdonald/bootstrap-sass

I thought that he added his public key to the Rails user through his own account settings, which wouldn't give him access to the Rails web admin.

I'm not sure all the things you list as being possible are true.

  - Every GitHub Repository could be access by anyone as if they had full administrator privileges.
  - This means that anyone could commit to master. 
  - This means that anyone could reopen and close issues in issue tracker. 
  - Even the *entire* history of a project could be wiped out. Gone forever.

As I understand it from his explanation[1] he added his public key to the Rails user, which has permissions to push/pull to the repository. This doesn't mean he had web administrative access, just Git access, since you cannot log in to the web service using your private key. I hope that's the case, at least.

[1]: http://homakov.blogspot.com/2012/03/how-to.html

I think this is related to an issue he opened on Rails[1] which would suggest that GitHub isn't protecting against malicious mass assignment.

By default, if you have an new, create or update_attributes (and more, I imagine) call which changes various attributes based on a hash from parameters (eg params[:post], where you have params[:post][:title], params[:post][:body] etc) Rails allows mass assignment of every attribute on that model, since attr_accessible is not called.

There is a method you can call in the model called attr_accessible that restricts the columns that can be updated through mass assignment, while still allowing for manual assignment of other columns.

An example of this might be a post's user_id, which you would usually want to set to the current user while not allowing mass assignment. Without specifying attr_accessible it would mean that if a malicious user added params[:post][:user_id] to their POST/PUT, the Rails application would update the user_id as per the params value. If attr_accessible had been called, defining the columns that the developer wanted to be mass assigned (say post and title), it would mean that the user_id would not be mass assigned and Rails would log that this was the case.

attr_accessible therefore acts as a whitelist for columns that can be mass assigned. It just so happens that the Rails default is to have no whitelist and allow all columns to be mass assigned, despite the fact that the sensible option is to always have a call to attr_accessible in your models.

[1]: https://github.com/rails/rails/issues/5228

I'd recommend not travelling through Manchester Airport then, which have backscatter machines in place and do not allow for opt-out (although this is as-per DfT guidelines). They do only test a random sample, however.

    The Department for Transport has full confidence in the independent assessment 
    undertaken by the Health Protection Agency. We are confident with their assessment
    that the dose from being scanned is far below the allowed levels in the UK and
    does not constitute any unacceptable risks to health

New Relic has a series of videos on scaling Rails, several of which are about caching. They're a couple of years old but most of the concepts and method calls are still valid.

http://railslab.newrelic.com/scaling-rails

Much appreciated - it's nice to hear and see others using it. There's a few commits to catch up with on the 2.0-wip branch, hopefully I'll get some updates done and pushed today.

As someone who went through the Oxford interview process this year (and rather surprisingly received an offer) I do wonder exactly what she was expecting when she applied to Oxford. For me part of the attraction (aside from the academical reputation) was the history and, it has to be said, rather grand buildings.

It's also worth pointing out that this was sent on December 10th, before any replies from the university, meaning that she didn't actually have an offer to reject, it was technically a withdrawal of her application, and probably only preempted a rejection letter from the university.

Personally, while I didn't enjoy the interview experience as a whole (much of the conversation was awkward, and having to wait 12 hours while you 'might' get called for another interview is incredibly stressful) I really enjoyed the interviews I had - the opportunity to discuss aspects of CS/Maths with experts in the field, particularly talking about areas that interest me is something I've not really had chance to experience through the UK education system - although I can't say I had any of my interviews in 'grand formal settings', just the tutors offices.

For those interested in the full text of the 'letter', it can be found here [1], as kindly posted to the 2012 Oxford Applicants group on FB by one of her friends who did get an offer.

[1]: http://img248.imageshack.us/img248/5766/ellylawoxfordemailco...

Yeah, I spent a couple of hours porting the Bootstrap 2.0-wip branch to SASS yesterday (so bootstrap-sass is half ready when it's released) and I was surprised to see 'Bootstrap 2.0' posted on HN, seeing as I've seen 'a few weeks' quoted as the release date.

bootstrap.io isn't actually running the most up-to-date documentation: it's missing the new style dropdowns, as well as the JS builder and a few plugins (typeahead, carousel etc).

I believe that the critical ASP.NET framework update that Microsoft pushed just before the new year was to fix this issue as well, amongst a few others.

http://technet.microsoft.com/en-us/security/bulletin/ms11-10...

I have a Desire Z (since June) and what I would call low usage: perhaps a few texts per day, generally no calls & always on (but hardly ever used) wifi. I find I have to charge my phone nightly or the battery will last for a full day & then die halfway through the second.

To add to that, I have found the camera to be exceptionally poor, and the hardware keyboard will occasionally trigger shortcuts rather than inputting the text.

I was under the impression that attempts had been made to hide any effects of :visited styles on the accessible DOM to stop this from working. There's a particularly good article on Mozilla's attempts [1], and the relevant bug on Bugzilla. [2]

[1]: http://dbaron.org/mozilla/visited-privacy

[2]: https://bugzilla.mozilla.org/show_bug.cgi?id=147777