Website design: why are version managers always mentioned after installation instructions?

As much as I want to put this in StackOverflow, I think this particular question fits better here.

I hope this doesn't sound too mean, but this is something that has always bothered me.

I've always wondered why designers / developers of programming language websites don't just put version managers right next to the initial setup and installation instructions in their documentation instead of a long time later, and sometimes they're quite hidden in the side notes.

Most people (I suppose at least) follow the installation procedures line by line. That being the case, and the fact that you usually have to install the version managers first if you need them; Wouldn't it be more logical to inform version administrators about the same point in the documentation as the language installation instructions?

In fact, Ruby is the only language I have installed that started the installation section with something like:

"some language" Installation options:

  • Standalone Installation Instructions
  • Virtual machine installation
  • Installation with a version manager

Then, as stupid as it may seem, I have begun to wonder if there is no reason for this. Obviously, I'm not trying to apologize to anyone for not thinking about version management in advance, however, considering that I almost always forget about version management when I get to a new language, I guess at least it's common Do that Error.

So, is this one of those common misconception things worldwide? Is this even a bad design or am I just crying? Or is there a legitimate reasoning behind this, and if so, what? It seems too common a practice to be just by accident. I mean, who writes the installation procedures, then adds version management instructions at the end and doesn't think, "hey, maybe I should put this on top." ?

Encryption: How do biometric password managers work?

Many password managers for mobile devices offer the option of unlocking the password vault with a fingerprint instead of a password. If you never enter your master password, how is it possible to decrypt the data? There seems to be a way to decrypt the database without actually entering the master password.

Agile – Control managers – Software engineering stack exchange

I just left a project.

I am an expert in JavaScrip, I have experience and I have studied the patterns of Robert Martin, Eric Evans, Robert Martin and GoF and I have applied them to JavaScript. I have been doing this for over 15 years. I am very good at it.

The project manager was not a JavaScript expert or an OOP expert.

The difference was a problem for him, but he made it my problem. I would complete the tasks and he would not like the style of the code that matched the company's style guidelines (google), for which I provided a link to the relevant page of the very long style guide document.

He would say things like "the comments of the JS document do not go well," which he would ask to see the generated document, which he would ignore. He ignored this because JSDoc was not generated. He was inventing things to try to make him create the code to his liking. The problem with that is that doing so made the code larger and introduced variables and properties in the wrong scope.

Sometimes he followed me. Once he followed me into the kitchen, where I would go to reboot or build or something to drink coffee that I would drink at my desk. There is really nothing exciting about my 90-second excursion for a cup of coffee (or for a drip, stretching and rubbing my eyes), but it showed what I wanted to control.

He blocked code revisions to rewrite after rewriting until his fussy peculiarities with greater complexity and loss of clarity had been fulfilled. I would always patiently explain that in Critique, staying late to work almost every day to resolve the differences. But I almost always ignored my comments.

The last list of changes (a "branch" of CitC for code review) that I presented had a clear and emotionless explanation, which effectively said "if we do this, the code is less secure because the decorated instance is exposed and that is not is clear, it also adds complexity and reduces clarity in the test code. "

Apparently, that was what finally made me say goodbye, although there were many other parts of his anal-retentive restlessness where he would be triggered.

He did not know any agile principle as SRP and would prove it with virtually everything he said and wrote. Yes. He got angry when I deleted the code that was not necessary and was throwing errors and ordered me to re-insert it, he said. There is no discussion about the merits of doing things your way. He got very physically angry.

I even offered to teach him boxing in the park, which I could clearly use. He also rejected it.

He had also expressed anger the day before, taking me to his desk to show me the comment without responding. The comment was in a CL and was written by me. He was angry because he had not been answered. When I pointed out that the comment was mine and that he should respond to it, he erased it angrily without reading it, as always, treating my words as useless.

When he said "maybe someday someone is going to need that," I told him it sounds like a speculative generality. He was defensive and angry with a bruised ego. Very difficult to deal with this young and arrogant man.

I didn't want to be fired. I asked the recruitment agency if it was possible to change the projects, since that manager was blocking all my progress on that project.

It was a loss for the project, which I know well and to which I dedicated myself. The only thing he achieves is that Chris "wins" the stupid office battle for control that began.

How can I avoid being intimidated by the project manager?

Problem with file managers (nautilus and nemo) in Debian Buster

File manager applications, such as Nautilus and Nemo, do not work as expected on my Debian-buster machine. Nautilus disappears quickly after clicking. How can it be fixed?

sudo apt-get -y install nemo
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 libgl1-mesa-glx : Depends: libglx-mesa0 but it is not going to be installed
 libglx0 : Depends: libglx-mesa0 but it is not going to be installed
 libkf5coreaddons5 : Breaks: libkf5auth5 (< 5.54) but 5.28.0-2+deb9u1 is to be installed
                     Breaks: libkf5globalaccel-bin (< 5.54) but 5.28.0-1 is to be installed
 libkf5crash5 : Breaks: libkf5globalaccel-bin (< 5.54) but 5.28.0-1 is to be installed
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.

Convince "agile" product managers of the value of planning

He became a technology leader of a startup a few months ago. The software development is in Product in the organization chart.

Even by startup standards, the code base I inherited is poor. Example: It took the development team three weeks to update the static text in the footer of the site and even then gave up after 80% of the pages. The update of the & # 39; reusable component & # 39; The footer breaks some of the templates, they can't say why, even though they have been working with the code for months. The original contractors, of course, have left and left no documents.

I bought to clean things, write things and reduce technology debt, but, of course, First We need to build a new medium-sized feature, which will involve the entire stack. We know that this is a step towards other bigger features. The code base seems to be full of abandoned, half-finished features, so I gained the acceptance of one of the developers to spend five days exploring the code and proposing different approaches, instead of thinking about the first idea in the head of someone.

On day three of five, the product manager asked the developer for progress. Short answer, here are some ideas that could Do it, but you have no idea what is good yet, since the code is a disaster, there was a disruption of the site on day two to try, and it needs more time. That night, the manager discarded the peak and replaced it with a "prototype," based on one of the ideas. In doing so, they, the product manager, made several technical decisions on the spot, putting me in the position of technology leader. From this and other incidents, I am pretty sure that the "prototype" will end quickly live, after a quick "Do you think so?" test in the Macbook of the developer.

I get the whole "agile start" issue. I have a relaxed attitude to risk and need to get something, anything, in the hands of users last week. I don't care if they pull me out of range.

But … they told me explicitly "We are a startup, we are not in this investigation ****" – "Research" was spoken as if it were a bad word. I also appreciate more why the code base is the way it is.

The old hands will see that this seems a case of product being poor because he processes they are poor; possibly of the org culture be poor. Located in the trenches, this seems the worst case of "agile means inventing on the fly, learning from our mistakes is for losers." that I've seen

How can I convince the manager that there is value in some planning and forecasting? Or, perhaps, it should be convincing myself That this is what this agile start "should" be?

(WP-Client Add-in) How do you give all managers access to all circles?

I am building a client portal website using WordPress and the WP-Client add-in

This is how I want it to work:

  • Our company has several employees that need access to the portal.
    Your administrator level will be WPC Manager .
  • Our company works with several legal organizations. Each one of these
    the organizations will be a Circle in WP-Client
  • Each organization has multiple customers of its own. These clients
    will be created as a Client within WP-Client

So I need every WPC Administrator to automatically access all circles as soon as they are created. At this time, I have to log in as a site administrator and manually grant access to each WPC Administrator.

Does anyone know how to do this? Thank you!

Why is the SharePoint administrator part of predefined groups such as Approvers, Designer, Hierchay Managers? How to stop it?

I used the SharePoint administrator account (for example, spadmin) to create a collection of SharePoint sites.

I found there are three (3) Approvers, Designers, Herbal Managers Groups created and the spadmin has been added to it.

Why is this account added automatically? How to prevent it from being added when creating new site collections?

I understand that, every time a new SP group is created, the account that creates the group will be added automatically.

How do I add more conference chair managers in easychair?

I am the "first president" of a conference, and I would like to add another president to handle other areas of administration, such as updating our license. How do I add another chair? It does not seem as easy as adding another CFP administrator.

Graphic user interface design: ERP system for personnel managers: complex information tree management

I am recreating an internal ERP tool to manage the user license, sales and customer information for a 3D CAD desktop software. Therefore, something similar to a management portal for Autodesk employees to manage user licenses for the different products they have (Maya, 3dsmax, AutoCAD, etc.). We have a legacy dongle security hardware that must be maintained for older users, but we will also implement the cloud so that we can transition from an old business model to a new one.

A simple case is that the user has problems assigning a license to someone on their computer.

Note 1: 90% of the user base has 3 licenses in a team of 4 people. While we have a few companies with 100 or more licenses.

Note 2: The dongle assignment does not give permission for the user to use software, it is used for technical support and it decides if that license is entitled to support or if the dongle was stolen.

Note 3: The license will be implemented in the cloud, but I still do not have information about it. What will be displayed will also be included in that screen.

Note4: There is a multitude of products under a dongle hardware and also my company will have a cloud license (in development). The hard part is that, since we have users and inherited data, I can not simplify the data structure and these fields because we can not change the current hardware of the dongle in the market, since they do not have bidirectional communication with the database and the dongle I need to work with what I have so that the impact is minimal when implementing the new system.

Mitigating the single point of failure problem introduced by password managers

I understand the purpose of password managers and the fact that there seems to be compensation to accept, but hey, I think that compensation is unacceptable and I wonder if there is a way to avoid it. A password manager introduces a single point of failure, and that single point of failure is also quite fragile: it is the user's machine. And we know that once the machine is compromised, you can no longer trust it, and the damage can potentially affect all the data on that machine, so why should we accept to store? everyone Of our credentials at such a fragile point of failure? I bet the NSA does not have password managers that allow access to thousands of passwords from a single computer, right? There must be some alternative methods to manage the passwords or at least mitigate in some way the only point of failure they introduce.

Many people not only need to store their own passwords, but also the passwords of other people, such as customer passwords (for work), or the passwords of some family members (to provide assistance, etc.). Some accounts are accessed daily, some must only be accessed from time to time and there may be accounts in your password manager that you do not even remember having had. So, why should we accept to put everyone is at risk? Only one infection is needed and hundreds of accounts can be compromised. All accounts: not only your accounts, but also those of others. It is a recipe for a great disaster.

You might think that once your machine is compromised, it will be damaged anyway, so avoiding the single point of failure is not as important as it may seem, but think about it: for the sake of discussion, consider the differences between storing all your passwords in a password manager on your computer and storing them on paper. Ignore the fact that the sheet of paper presents other threats and only concentrate on the consequences if your computer becomes infected. If your machine gets infected and uses a password manager that contains all your passwords, the attacker can get them all. But if your machine gets infected and you're just writing passwords on a piece of paper, what can the attacker steal? Only the passwords that you type between the time of infection and when you discover the infection. Therefore, only some of the passwords will be stolen, not all. Therefore, it seems possible to mitigate the problems related to this single point of failure.

I tried to think of some solutions. I'm not sure if 2FA could really help in case the local machine is compromised, so I'm not sure if online password managers can help more than locals in this regard. I'm afraid not. A possible solution could be to use several databases in the password manager, with different passwords, so that even if a master password is stolen (and the corresponding database), the passwords contained in the other databases will be secure . The different databases could group the passwords according to the frequency of use, the date of the last use or the importance (the PayPal account in a database different from StackExchange) or the property (the accounts of the clients are maintained separated from mine). However, it is not clear which is the best way to group passwords, and soon it becomes quite cumbersome, which leads to remembering several secure master passwords. Another solution might involve some type of obfuscation (made to measure) added to the security by design already provided by the password manager, which I guess would work against most infections (non-targeted attacks). For example, the combination of obfuscation with multiple databases could be done by generating the password for each database with something like master_password_for_DB = hash (DB_name + supermaster_password), so you do not have to remember many master passwords. Of course, this only works because of the darkness, that is, if nobody but me knows the method. Another solution could be to store everything in a separate device configured specifically for managing passwords (like a phone with connectivity turned off), but that's also going to present some pretty big problems: write a secure master password every time it is done on the device Laptop is more difficult, and there is no way to copy it and paste it into the computer, so you will probably have to read it (a security weakness) and write it down (a nuisance).

Seriously, I do not think I have other ideas at this time.