I can't believe you're accusing someone of plagiarism because they had a similar idea that "claude code would be safer if it couldn't do destructive git calls". They also added much more protection, implemented it as a plugin, wrote thorough docs and have shipped many updates since.
This article makes ME feel like I'm going insane. Have you even read the React docs?
The article you linked about "patterns" in React is explicitly referencing patterns that are 7+ years out of date. Hooks were built to REPLACE those patterns, and they did a phenomenal job.
90% of this article is immediately invalidated by introducing a simple, 20loc "useQuery" hook (or, god forbid, looking at ANY of the libraries that provide similar. Shoutout React Query)
I really wish we could get more valid critique of React from people who actually understand the framework, instead of this drivel from devs who spend more time complaining in blog posts than reading the docs.
When I saw the setState in useEffect, I immediately knew why the person hates react. That's a horrible antipattern used by people who refuse to read the few articles about useEffect and when to use it.
I agree about that specific patterns post being a bad example... but if you google for "react patterns" you won't be starved for examples of more terrible drivel. That's just what's out there, people repeat it ad nauseam. So _good luck_ to anyone who really does want to learn the right thing. From that standpoint, that article is as good or bad as most others out there (old man shakes fist at dev.to).
Even the venerable libraries like useQuery introduce as many surprises as they do benefits. The complexity cost of understanding what is going on under those 20 LOC is quite high – you need to understand "stable values" (which is only relevant to React components), re-renders and how they're triggered, maybe need to understand how graphql fragments are collated into one query document... maybe need to know when useRef is the right way to memoize over useMemo.
I agree with the author, that it feels insane. I would even add to the insanity the lack of quality when searching for help, and the weird rabbit holes that GPT can send you down if you don't already know what "good" looks like.
Hey y'all, I made the most prominent fork of this extension "Material Theme (But I Won't Sue You)"
The maintainer went off the deep end last year. He pulled the (originally apache 2) source offline, then started threatening to sue people for hosting alternative versions, including them in other IDEs, etc. Genuine lunatic.
Out of an abundance of precaution, I've taken the following action on my fork:
1. I have the VS Code team auditing it as we speak, and I've given them full permission to immediately pull it from the marketplace & force uninstall it from users if they find ANYTHING malicious.
2. I have audited the code base thoroughly (nothing seemed malicious)
3. I have removed ALL code related to changelogs, analytics, Open Collective and html rendering.
The only thing that seemed slightly concerning was the html + sanity loader for changelogs, so I gutted it entirely. Two PRs removed almost all the deps and over 7,000loc (mostly package-lock)
To me it seems ridiculous, that a theme could even accumulate such things as analytics and even lots of dependencies. A theme is usually something self-contained. And even more ridiculous, that anyone can, as you write, "force uninstall" anything from my machine. So glad I am not a VS Code user. It seems all the typical corporate BS is happening with its marketplace and plugins.
It is, but that's the reality of today - auto-updates, "evergreen" releases. This was popularised by Chrome, and IMO fixed a LOT of headaches and allowed for much faster and more agile release cycles - the reality before was that a company like Microsoft would have to provide support for older versions of their software for X years and deal with the fallout of security issues with remaining older versions. (Web) developers had to be careful about adopting newer features because X% of their user base would still be on older versions of the runtime, leading to the invention of transpilers and the start of what is still a very complicated system in web front-end world.
I don’t think went that hard though? I was just pointing out the discrepancy between what they said and what they mean. Not everyone might know that the marketplace doesn’t need you permission to remove your extensions.
They don't need it. They offered to "notify me before any action is taken" and I politely declined - explicitly telling them to IMMEDIATELY take it down if they find anything at all
Never beating the insecurity allegations are you? I don’t know what I did to trigger you but this whole conversation is really sad. The “Reddit level insult” projection is extra sad since I come to this site over Reddit to get away from people like you.
In my personal life I have a lot of health issues (mostly autoimmune diseases) that cause me a lot of pain through out the day. It’s inescapable too so its really hard to cope. Sometimes it’s tolerable other times I’m in a black hole of pain and suffering. But it’s actually heart warming to know despite all my struggles that I’ll never be even half as lonely and miserable as you.
I did a thorough combing of the code base when I forked. Just did another audit and still not seeing anything suspicious. Gutting all of the opencollective and changelog code to be 1000% sure.
The only potential risk was the use of sanity to render a changelog. I didn't want to risk it, so I gutted that and a ton of other stuff. Just published a new, stripped down version.
