How to handle bloat that comes with derivative ScriptableObjects?

I have ScriptableObjects with special code functions that all are slightly different in their interaction, all derived from one main ScriptableObject. This has lead to making the ScriptableObject script and then having to use the CreateAssetMenu attribute and then making the actual instance in the inspector. It creates a situation where I have two files bloating up the project, once I get many different derived ScriptableObjects it gets quite chaotic. How would I solve this?

The future of 3D holograms comes into focus

Smartphone-based augmented reality (AR) and the AR headset explosion will bring 3D holograms into our lives everywhere. Meanwhile, though, the real AR hologram revolution is being ignored.
A hologram is a 3D virtual object that is not actually there, but looks as if it were, either floating in the air or standing on a nearby desk or table.
The holo in the Microsoft HoloLens headset is a reference to holograms. And when we think of these future AR holograms, we think of headsets, goggles such as HoloLens or smartphones running applications created with Apple ARKit or Google ARCore.
Technology is increasingly becoming ubiquitous, and companies are racing to win market domination. A competitor to the HoloLens, the Lightware headset from secretive Magic Leap, has been in the news lately, after six years of development at a cost of $2 billion, for two reasons.
The first is that the company unveiled the Creator Edition of the headset in December. Now we know what it looks like: something right off the cover of a vintage sci-fi novel.
The second reason is rampant speculation that Apple might buy Magic Leap to accelerate its own AR goggle development, speculation driven by Apple analyst Gene Munster.

In other 3D hologram fan headset headlines, Dell this week announced that it will start selling, on Feb. 15, the $1,495 Meta 2 developer kits, which include the Meta 2 AR headset, for business deployments. The company said the Meta 2 is supported by several business-class Dell Precision Workstation PCs.

What are holograms good for, anyway?
Think of 3D holographic desk fan displays as the next step in making digital content more human-compatible.
Humans see the world in 3D. Our computer and phone screens show us a 2D version of the world. It’s artificial.
If I look at a concept car design on my laptop, people on the other side of the room see only the back of my laptop lid. That is artificial, too.

A hologram projected in the middle of the room could show a 3D concept car for all to see, as if it were a physical object actually there.
The biggest applications for holograms are for enterprises, such as what I described above — 3D presentations for conference rooms and meetings.
And while we’re deploying holograms in the conference room, we might as well beam live remote meeting participants into the meeting — holographic telepresence.
Holograms will also dramatically improve training, design and visualization in enterprises. The ability to look at, zoom in on and manipulate 3D versions of in-progress designs radically enhances the design process.

And, of course, in the marketing department, holograms will thrill customers with experiential marketing campaigns and customer experience interactions.
We’re already seeing applications for all these emerging for smartphone, tablet and headset AR. But the real benefits come when holograms are liberated from such devices.

The definition of the LED conformal screen, that is, what shape the building is, what shape the LED screen will be made into. It belongs to the creative folding LED creative screen series, which is characterized by a dot-shaped array. It has the characteristics of transparency, flexibility and lightness. Not only that, its screen can be bent, folded, rolled, suspended and so on.
The emergence of LED conformal screens has broken the large screen splicing system that can only be spliced into a cold rectangular shape. It is a creative LED solution that can be freely spliced into various shapes to display some highly creative content, which can not only attract the attention of the audience for the first time to achieve better publicity effects but also better expand the application scope of large-screen splicing. At present, LEDYARD LED bendable LED conference screens have been used in many areas at home and abroad, including building advertising lighting, real-life 3D art, spherical screens, sailing screens, curved screens and so on.

The initial LED screen was only used for displaying and advertising. With the increasing demand in the market, regular shapes (like squares) could no longer satisfy the customers. Flexible LED screens came into being. LED flexible screen, as the name implies, is soft and can be bent arbitrarily within a certain range without affecting the display, while ordinary LED displays are hard and cannot be bent.

If it can bend, LED column screen can be made into various shapes, such as common spherical, rhombic, cylindrical, triangular, tree-shaped, streamer-shaped and other shapes. We know that the LED screens can be seamlessly spliced, so of course, there is no gap in the LED mesh. The shape is perfect!

How to catch the search query when the user comes from a search engine to the web site?

Is it possible to transfer a search query to the url or to catch it somehow in order to show more relevant similar products on the landing page ? For ex.

  • if the search query is "red tiles" we would like to show other variants of red tiles
  • if the search query is "Versace tiles" we would like to show other variants from the same brand

I want to use the output of Solve and/or Reduce in next steps. But the output comes in the form of a rule [duplicate]

In a program I want to use the output of Solve and/or Reduce in next steps. But the output comes in the form of a rule, where what I want is the numerical solution. Here is an example. Say I write s=Solve[x+2==5,x]. In the next step I want to use this solution, so I write: y=2 s +3. This returns {{3+2(x->3)}}. This is a very basic need, but hours combing through the documentation leads nowhere.

Sentinel’s last function. What comes first, the attack or the reaction?

Quick question of the order between enemy actions and friendly reactions.

Sentinel

• Whenever you hit a creature with an opportunity attack, its speed drops to 0 for the rest of the turn. This stops any movement they may have been taking.

• Creatures within your reach provoke opportunity attacks even if they took the Disengage action.

When a creature within your reach makes an attack against a target other than you (and that target doesn’t have this feat), you can use your reaction to make a melee weapon attack against the attacking creature.

Does this happen before the enemy’s attack goes through? So the player have a chance to kill the attacking creature before he attacks the players party member? Or does the enemy’s attack connect first, giving the player an opportunity to attack the enemy?

How do I make sure access token comes from authenticated user?

My problem boils down to the use of Okta’s access tokens to secure api endpoint.

I followed this okta guide to set up a react single-page application with their wiget.

When I log into the site I get a access token to use with my api.

I tried to access my api with the access token following this guide

On the api side Okta recommended to verify the access token. When I use their OktaJwtVerifier to verify the token I get faced with a question. How does this verifier know that I gave them the token from a authorized state and not from someone hijacking the token?

The verifier supposedly asserts that

  • Signature is valid
  • Access token is not expired
  • The aud claim matches any expected aud claim passed to verifyAccessToken().
  • The iss claim matches the issuer the verifier is constructed with.
  • Any custom claim assertions that you add are confirmed

But the validator does not know where the token came from.

I noticed that the access token gets saved into localStorage.

Does this not open up for a impersination attack on the access token? Suppose someone got access to the localStorage and used the access token on my api without authenticating. I tested if this would work and it did.

How can I prevent someone from stealing and using my access token without authenticating ???

Applying “principle of least privilege” when it comes to execs and owners of the company – should they automatically get all permissions if requested?

As an administrator of certain systems in a company I understand and adhere to the “principle of least privilege” — which I’m assuming I don’t need to repeat its definition here, so let’s just say people here get given access to systems only in accordance with what they need for their role and no more. I follow that principle and check carefully whether they can have read-only access in order to carry out the role and if so I give read access only, etc.

I had a request from an executive-level (C-suite) person (“Jack”, let’s say) who is actually one of the five co-owners of the company, to get blanket “sysadmin” level access to a particular system. (I am confident the request has come from Jack himself and isn’t a hacking or phishing attempt, as I verified it with Jack directly.)

Jack is far too important and involved with strategic stuff to need to carry out any day-to-day work with this system, especially anything that would need sysadmin level access, but occasionally wants to get involved in “poking around” in there, as he is technical by background.

I get the sense that he doesn’t like the idea that he is “walled off” from some system although he owns part of the company.

I’m not asking about the interpersonal aspects about this, just the info-sec ones.

Is it accepted info-sec practice to give an owner of the company “sysadmin” access and by doing bypass the “principle of least privilege”? — since, after all, Jack (partly) owns the company so it’s all his stuff anyway!

Or should that still apply, and even the CEO shouldn’t have write-access to a system when they don’t need it as part of their job function?

Can a spell be readied to trigger when its intended target comes into view?

Can I ready witch bolt, for instance, with the condition of attacking “the first goblin to come out of the cave” if I cannot see the goblin at the time of my (Ready) action? To be perfectly clear: at the time of the Ready action, the goblin is around a corner, in darkness: not targetable by witch bolt.

On the one hand: the Ready action states that (PHB p.193)

when you ready a spell, you cast it as normal but hold its energy….”

Part of casting a spell is targeting (inferred from “Targeting” as a sub-heading under “Casting a Spell”, PHB pp.202-204).

You can’t target something that you can’t see, so it would seem that since you can’t target the goblin at the time of the Ready action you can’t cast the spell in the first place.

On the other hand: isn’t this use of “Ready” the same as the “I’ll attack the first goblin to come out of the cave” that is the classic use-case for Ready? Picking a target is part of the Attack action, after all.