Do we still need a Remember Me button on websites? Or can we rely on modern browsers to handle this?

I recently had a discussion at work about whether to include a “Remember Me” option on our website. Altough I was initially in favour of the idea, I later realised that most browsers already provide such functionality. So I was wondering if it’s still necessary to include this option in 2018. What do you think?

How do you test a function which is composed of other functions that rely on a db connection?

I have written this function which checks if a user already exists in the application:

async function ValidateUserExists(username, email){ if(!username || !email) throw new Error('Invalid number of args passed. Please pass username and email'); let taken_valid_username = null; let taken_valid_email = null; if(username){     taken_valid_username = await UsernameExists(username); } if(email){     taken_valid_email = await EmailExists(email); }  if(taken_valid_username) return taken_valid_username; if(taken_valid_email) return taken_valid_email;  return null; 

}

I have integration tests that prove UsernameExists() and EmailExists() work correctly.

It’s main purpose is to see if a user already exists in the database. I can’t just mock something here because both UsernameExists() and EmailExists() are designed to reach into the database and see if a user actually does exist.

I have a lot of functions like this as I’m building an app whose main purpose is to manipulate a database, meaning I have A LOT of integration testing happening.

So far the test I’ve written looks like this:

it('should see if a user already exists on an existent email', async ()=>{     const test = await CreateDummyUser();     const user = await ValidateUserExists(test.username, test.email);     //expect user properties here     await DestroyDummyUser(test); }) 

Is there any approach to mocking/stubbing anyone has taken to attack composite functions like this? Is it sufficient enough that the functions is composed of pass?

Can DDD entity rely upon infrastructure library?

Suppose I want this on my User entity:

user.createNewSecurityToken(); 

That means:

public void createNewSecurityToken() {   var buffer = new byte[32];   new RNGCryptoServiceProvider().GetBytes(buffer);  // <--- here's the issue   this.Token = Convert.ToBase64String(buffer); } 

This is not a DI dependency, just a class from the infrastructure. But does that “break” DDD?

The alternative is this:

user.setSecurityToken(token);   // pass it in (probably from a domain service) 

But that leads to anemic entities.

Which is the preferred DDD approach, and what considerations should I take into account when faced with this sort of design decision?

Should you rely on implicit type contracts for function returns types, or always make it explicit?

Say you’re using an external library, that includes type declarations, and it has a function like:

function foo(x: number) : string {    //implementation } 

Somewhere in our code we’re calling this with:

function ourFunction() {     return foo();  } 

or with the return type explicit :

function ourFunction() : string {     return foo();  } 

Typescript is smart enough to infer that the return type of this function is string.

So I don’t have to declare the return type of ourFunction, but I can.

The question is – should I?

The way I’m thinking about this is – that if I make the return type explicit, then I later change the implementation of the function – if I accidentally change the return type in the process, that’s going to make me immediately aware of the problem.

On the otherhand – with the code I’m currently writing, I’m basically just copy pasting the return types from that external function that I’m calling.

Are there any general principles that help with making this decision?

Why do we still have programming languages that rely on indentation / white space? [on hold]

A long time ago when starting learning programming I remember a teacher saying that compiler do not care about whitespace and they are useful to make code readable for human beings. It made perfect sense back then, but I only knew some Pascal and C++.

Many years later, after diving in many other languages I began wondering what is the rational of having programming languages that rely on indentation / white space, as there are quite a few disadvantages:

  1. Stange errors like this one (unindent does not match any oute indentation level)
  2. Minifying still requires extra whitespace – example
  3. Many other reasons as indicated in this Quora post:

    • lack of white space indentation across operating systems / text editors
    • whitespace might be introduced while doing code merge
    • possible errors while copy-pasting
    • all modern IDEs automatically indent code

Question: Why do we still have programming languages that rely on indentation / white space?

Does Bitcoin security rely on the assumption of nearly continuous transactions? [duplicate]

This question already has an answer here:

  • What happens if there are no transactions in a block? 3 answers

So for an attacker not to overcome good nodes, I believe we rely on the fact that blocks are always being produced, making the attacker essentially outpaced. But in the extreme and ridiculously unlikely case that no Bitcoin transactions occur within a certain sufficiently large time window, could an attacker gain control of the chain and do damage? If not, why?

Can I rely on this github repository files?

I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I’ve already analyzed that in VirusTotal without any issues, but I don’t have expertise to decompile and read the output, and I’ve previously executed the binary provided without thinking about the risks.

Thanks!

Rely only on status or provide response explicitly? – SOA –

I am developing a set of SOA services where the backends (mainly stored procedures in the DB) sometimes return only status code as response (ex: an operation to cancel a ticket, the SP for this operation returns status = 000 in case of success , otherwise failure), now my question is : Design wise, Is it correct to propagate the same behavior to the frontend (I have already have a status field in every service which tells the status of the call, so I can use it) , or is it better to define a boolean for example to tell if the booking was cancelled or not.

My main concern is that If I use the status field, the technical errors (like connectivity and authenticity and so on) will be mixed with business errors (like failure to cancel booking due to time constraint for example) … both will be represented in the same field “status”

How to include external javascript files that rely on jquery but did not wrap in closure

Hello I am including an external javascript file using

drupal_add_js('https://wwww.sample.com/js/sample.js', 'external'); 

But this file is using jquery but didnt wrap it with

(function($  ){   //some code here })(jQuery); 

I am getting this error

Uncaught TypeError: Cannot read property ‘ajax’ of undefined

Thanks in advance.