Basic hygiene security hygiene pretty much removes ransomware as a threat.
I cant tell if you’re being flippant, or naive. There is nothing that removes any category of malware as a threat.
Sure, properly isolated backups that run often will mitigate most of the risks from ransomware, but it’s quite a reach to claim that it’s pretty much removed as a threat. Especially since you would still need to cleanup and restore.
My perspective on the rationale for splitting short/long help is that optimizing for the reader's time is a reasonable thing to do. Often I just need a refresher of what options are available. But sometimes I need a deeper understanding of what each option controls and how. (Yes I understand that this should be in man pages). There needs to be a reasonable way to control the verbosity of the help output from the command line however.
I agree with your point that most flags should generally treat short versions as exact aliases to long flags, but I just think that a convention that treats -h and --help as concise vs long is 100% reasonable. The distinction is often breadth vs depth.
That would be a perfectly reasonable convention, except it's already a convention that they do the same thing.
Having them be different could cause someone to look at -h, and not even know about --help. Or if someone writes a script parsing the output of -h for some reason, someone else might come along and change it to --help expecting it to be the same thing.
The rust crate clap which is one of the more well known crates for command line parsing gets about 2M downloads a day and has this convention built in.
This convention existed before clap came into being, but I don't recall when I first saw it. I have been using the command line for just shy of 40 years across various operating systems.
100% agree, not sure where this idea came from but I'm not a fan.
You can just make a `--help-all` (or whatever word you want to use), imo the `--help-all` command doesn't need a short equivalent because it's not something you'd frequently use.
The project authors probably don't even know what libraries their project requires, because many of them are transitive dependencies. There is zero chance that they have checked those libraries for supply chain attacks.
This is the best reason for letting users install from npm directly instead of bundling dependencies with the project.
I was really saying that if there is a compromised version that gets removed from NPM, then the projects using it do not need to be updated, unless of course they had the compromised version pinned.
Though plenty of orgs centralize dependencies with something like artifactory, and run scans.
That cannot work. Nor should it work. However can we make things so that users don't need to care in the first place?
Note that the above probably isn't 100% answerable. However it needs to be the goal. A few people need to care and take care of this for everyone. Few needs to be a large enough to not get overwhelmed by the side of the job.
3. "Turn down the arrogance no one gives a shit what you used to be able to do." I will take this to heart and try to do better. I do appreciate your taking the time to address my issue.
Am I being too pedantic if I point out that it is quite possible for code to be compatible with GPL-2.0 and other licenses at the same time? Or is this a term that is well understood?
Not a lawyer, but as I understand it the license is a matter of copyright, and the copyright only applies to the design files. So as long as you're making that keyboard for yourself then you should be good to do anything you want with the keyboard, because it is no longer using the license at that point.
Now, what is interesting is if someone were to blatantly violate the license and start manufacturing commercial keyboards. I believe their only recourse would be to revoke their license of the design files, and then it would be copyright infringement. The thing is, I don't know how copyright law would handle any damages.
I don't know if making a physical product could be a violation of copyright, regardless of if you had a license to use the design in the first place. I could definitely imagine a company trying to enforce this, and a judge throwing it out because it should have been handled with patents.
> Not a lawyer, but as I understand it the license is a matter of copyright, and the copyright only applies to the design files. So as long as you're making that keyboard for yourself then you should be good to do anything you want with the keyboard, because it is no longer using the license at that point.
What if I take the design, print it, include the thing in a staged photo, and sell prints of the photo?
What if I skip the printing and use the design files as a basis for a rendered photo or animation?
What if I print the design, then use a 3D scanner to recreate a file from the physical artifact?
You're asking some pretty niche copyright questions that even a lawyer would have to spend time searching for case law for. It may be more expedient to look for that case law yourself.
Copyright law forbids the creation of derivative works (excepting any region-specific fair-use rules) so you're only allowed to create them under the rights granted to you in the terms of the license - thus under this particular license you can't make commercial use of derivative works.
But is a physical item a derivative work of it's technical specifications?
If the design files qualify for copyright protections, then modifications to them would clearly be derivative works.
I don't think it is clear if the keyboard itself would be a derivative work, as it almost certainly can't be protected by copyright. This is what patents are for.
The design files don't qualify for copyright protections, they describe the design which (maybe) qualifies for copyright protections.[0]
The artistic design of a specific keyboard can certainly be copyrighted, but not the functional nature of it.
[0]The exact wording might be protected, but not the factual information contained. Sports scores, or say measurements of a keyboard, are not copyrightable items as they are just facts, though their presentation might be.
> What if I take the design, print it, include the thing in a staged photo, and sell prints of the photo?
This is probably acceptable
> What if I skip the printing and use the design files as a basis for a rendered photo or animation?
This is probably NOT acceptable
> What if I print the design, then use a 3D scanner to recreate a file from the physical artifact?
If you used that for personal things yes that would be acceptable. I do not think that would give you the right to then sell that as a product neither digitally nor phsically
What if I'm a sculptor and I design and produce a statue? Shouldn't I still have the copyright to the statue, no matter what kind of machine I used to do the actual sculpting?
What if I print the design, then use a 3D scanner to recreate a file from the physical artifact?
Hmm, without patents it would definitely be fine to scan an existing one and recreate it. I think this would be fine too, but any time you are clearly going out of your way to skirt the law is a red flag. The thing is, I don't even think technical designs are copyrightable outside of their aesthetic value.
What if I take the design, print it, include the thing in a staged photo, and sell prints of the photo?
What if I skip the printing and use the design files as a basis for a rendered photo or animation?
If it is indeed covered by copyright, then these would likely be violations, though I guess it depends on how prominent it is in the staged photo.
But we pay ungodly amounts of money to services, why can't they bake in limitations? I'm a 100% sure we're not the only ones wondering why MCPs have to be all or nothing.
I cant tell if you’re being flippant, or naive. There is nothing that removes any category of malware as a threat.
Sure, properly isolated backups that run often will mitigate most of the risks from ransomware, but it’s quite a reach to claim that it’s pretty much removed as a threat. Especially since you would still need to cleanup and restore.