canpolat

Note that with OAuth nothing much will change - the app will still have access to the JWT token which is used to impersonate you.

The user will have the option to revoke access for your application.

That's the main reason I don't use any apps. I don't think there is a real need to suspect the official UI. If one doesn't trust the instance admins, then they should rather migrate.

In case of an application running on a server, there is no reliable way to make sure that the source being shared is the source that is deployed. As I said, I don't think you have any ulterior motives. I'm only trying to raise awareness around a specific problem with Lemmy. Perhaps I should create a separate post about this in relevant communities, if it hasn't been done already.

I agree that this is a feature Lemmy lacks and would be great to have in the core. And thank you for taking the time to create it. However, asking for username and password is a security problem. I'm not attributing any ill intent to your work, but something like this can very well be used to harvest account credentials. So I would advise people to not use solutions like this.

Unfortunately Lemmy doesn't provide a better way to implement this kind of add-ons. Hopefully one day it will have a better Auth system. Until then, I think I will stick to the official UI and hope that this will come to core :)

I think the developer basically killed the project. I'm not sure Moq can recover from this. I recommend everyone to move to NSubstitute as soon as possible. I suspect most of the migration can be done via Find/Replace.

I have had Pluralsight for many years now and I agree with you. In some cases they have excellent courses, but I sometimes find the content outdated. I plan to explore O'Reily's platform next year. They seem to have a different set of resources and are comparable in price.

I don't think Git has built-in support for that, but there seems to be some syntax/language aware diff tools that can be configured as the difftool.

We are publishing libraries (mostly client libraries). There are lots of legacy stuff. It's safer to own the whole feed instead of pushing it to nuget.org and hoping for the best :)

I also use Azure Devops + GitHub - What kind of integration are you looking for?

Not really "looking for" it but what I meant was "pushing to GitHub packages from Azure Pipelines."

If you’re using Azure as the build server, you can also publish your Nugets into a private feed in Azure

That's what we do at the moment for private feeds.

If you are not using Azure Devops, GitHub Packages (as suggested by @nibblebit@programming.dev) can be worth looking into. They have a generous free tier.

Have you tried Github packages yet?

No. Thank you for the suggestion. We use Azure Devops, but I would expect it to have good integration with GitHub. But creating a public project in Azure Devops may make more sense (so that all packages are in one place).

[...] but what prevents you to use nuget.org?

The only thing is possible name collisions. I didn't start looking into this, but it is a possibility. Otherwise I think we will end up doing this.

Strange. Thanks for checking.