The 4% rule is considered safe for a 30 year retirement period. So at 50 you might want to withdraw a little less.

Somehow this code lacks the magic I‘m used from rails:

    class BooksController < ApplicationController
    def show
        @book = Book.find(params[:id])
        add_breadcrumb("Home", path: root_path)
        add_breadcrumb("Books", path: books_path)
        add_breadcrumb(@book.title)
      end
    end

Only the title is specific to the show method. Home should be set by the application controller and Books by the books controller code.

I think it depends on how you look at things.

Here is what I like about this code:

1. It is explicit

2. Breadcrumbs are information that this action needs to set. You can set them in the views or in the controller via these helpers. But no matter where you put the data it is custom data that you as developer set and it is specific to this controller.

The information about how to navigate from homepage to this show method is something that either: you can use meta-programming to try to get it if you would for example scope controllers based on paths (not sure it is a good idea) or you have to provided as Rails cannot know if your controllers/views are in the top namespace.

Layer8 DID the thing though, skimmed through the code and thought about security issues.

The requested feature is more like list-unsubscribe headers for mailing lists[1]. Instead of categorizing the mail as spam (blocking) you send a clean unsubscribe back to the sender.

[1] https://www.twilio.com/en-us/blog/insights/list-unsubscribe

Yes, you could use union. But then you have to pad the columns of the other tables with NULLs to arrive at the same output and carefully count. And we all hate counting.

You might even split them so that k out of n trusted people are needed to restore them.

For example https://shamir.securitytools.io/

Yes, I think that's a good idea for high-value secrets. In a family situation it would be a great way to limit elder abuse (unless all your children hate you).

A naive approach could still leak information through side channels. E.g. if you search regularly for foobar, the answer might suddenly get slower if foobar appears more in the document base.

Depending on the context it could be relevant.

But we're talking about access control, so in this case "filtering for foobar" means "filtering for stuff I'm allowed to see", and the whole point is that you can never turn that filter off to get a point of comparison.

If Joe's search is faster than Sally's because Sally has higher permissions, that's hardly a revelation.

That's nothing specific to LLM-enhanced search features though, right? Any search feature will have that side channel risk

Maybe thought provoking. But sad to read ai garbage. It’s easy to imagine a better world. But you also need to provide a way to reach it. For example a lot of things are wrong with docker. But it enables us to run yesterday’s software in the cloud. Tomorrow’s software is not written yet.

The better world looks like a pretty close approximation of the BEAM VM.

Spock in the Wrath of Khan:

“As a matter of cosmic history, it has always been easier to destroy than to create.”

It’s like putting

curl -sSL https://example.com/install.sh | sh

In your action. For sure happens.

Yes; I would also consider that a bad idea. Two wrongs don't make a right (and a different wrong doesn't justify a broken policy elsewhere).

Being able to filter or disable network access (aside from what github requires on their side to interact with actions) would definitely be useful, but AFAIK that's only an option for self-hosted runners and enterprise accounts.

Yep, I agree completely. It's unfortunate that self-hosted runners are otherwise so difficult to secure, since controlled ingress/egress is otherwise an extremely strong motivation for using them.