When should you backup your computer? Simple, when the data you have isn't replaceable or it's not cost/time effective to replace lost data. With recent news of a hospital paying out ransomware, its a good time to think about backup. Not just data, but recovery.
I tend to have multiple local backups as well as a cloud strategy. For local, one of my methods is to have a bare metal backup, which is a complete disk image. This provides the capability of a complete recovery to the state in time that the backup was made. Most of the data is in the cloud, which provides recent information. I only need to perform a bare metal every few months or when I install a major software package. One of the tools I like to use is Active@ Disk Image.
(This is not a paid endorsement, just sharing the love of a great product)
So I decided to expand my learning a bit with npm and just as I start diving into it, lo and behold, one of the major tenants of Open Source has been abused, "Trust". An individual unpublished a bunch of their popular modules, which promptly broke a many developer builds. Not only did this cause an uproar, but also some serious discussions about the inherent security issues of the current npm community process.
Right now it's very easy for a npm newcomer to just run "npm install some_package" that was previously a trusted source, but is now compromised and end up with nefarious code that could seriously affect their system. If you work with github at all, you might download a project that has many npm module dependencies, enough that going through a serious code review before you try to launch it would take a considerable amount of time.
IMHO, here's what I think needs to happen, assuming it can be communicated effectively with enough advanced warning. Admittedly, I'm very new to npm, so some of my suggestions may not be perfectly tuned, so please forgive me.
On npmjs.com, make it easy to flag a module that has an issue. You have to be a member to flag and set a threshold on the number of flags before it's deactivated and sent for review. Additionally add a new parameter to the npm config that enables the npm install to ignore flagged modules with a level threshold setting. Typical warning messages would occur on install of a flagged module.
Consider changing --ignore-scripts to --enable-scripts with a configuration setting that can be changed to the old behavior.
Breakup the main repo into multiple repos consisting of;
Core modules that are provided by the npm team. Other npm modules could be added to the core only through a vetting process after submission by the author. Once submitted and included, all rights transfer over to the npm team.
Move all other modules to a developer repo, also owned by the npm team. A developer would need to specifically add that repo to their configuration.
Right out of high school, I was trained as a meat cutter, working in a grocery chain in California. This was the type of meat cutting where sides of beef hung on hooks. We would then break the beef down into the various cuts of meat that make summer BBQ's so enjoyable. Meat cutters call it breaking, chef's call it fabricating. I learned an incredible amount during my time there and gained a deeper understanding of the farm to plate process. The training was the start of a life long interest/hobby in food processing, especially "From Scratch" techniques.
A lot of folks often say why not just buy it at the store, it's cheaper. As true as that may be, it's the learning process that's important. I'll try to cook/make/fabricate anything at least once, or a few times to perfect it. Often that will continue on, and in some cases, might be the end of that particular avenue of food exploration.
Below is an interesting video on how to make Hot Dogs. It might turn some people off, but it's nothing more than a very fine blended meat product. Most deli meats follow a similar type of process such as Braunschweiger and Bologna, just to name a few. A bit coarser grind and you have salami and bratwurst. Ever had a Gyro? That meat spinning on the spit is a blend of beef and lamb.
If you're concerned about the quality of ingredients used, you can always make it yourself and learn something in the process.
After a long hiatus, I've relaunched the "Inside Out Outside In" blog. This blog will be my primary place to post information related to my profession as a software developer, but will also include a wide range of other internet related technologies. I'll also throw in a smattering of things I find amusing or possibly upsetting enough that I just need to rant about it.
I've been developing software since 1979. My first computer was an "Exidy Sorcerer", followed by numerous Apple computers and a few Windows and Linux systems. I've worked for Apple Computer, Intelligent Environments, Allaire, Macromedia, and Abbott Labs.