Toots from 2025-12-23#
“Yes, you can always find software defects in the wake of an incident. The problem with attribu…#
“Yes, you can always find software defects in the wake of an incident. The problem with attributing an incident to a software defect is that modern software systems running in production are absolutely riddled with defects.”
https://surfingcomplexity.blog/2025/12/20/why-i-dont-like-correction-of-error/
Mastodon Source 🐘#
“The question isn’t “how do we eliminate complexity?” It’s “where do we put the compl…#
“The question isn’t “how do we eliminate complexity?” It’s “where do we put the complexity to minimize time to business value?””
https://rosesecurity.dev/2025/11/14/kiss-versus-dry-iac.html
Mastodon Source 🐘#
“We utilized survival analysis to find the relative hazard risk of pinning to result in outdate…#
“We utilized survival analysis to find the relative hazard risk of pinning to result in outdated and vulnerable dependencies in comparison to the rest of the version constraint types. Our study shows that floating-major is the least likely to result in outdated and floating-minor is the most likely to result in vulnerable dependencies. We recommend that developers avoid pinning and use a hybrid strategy with floating and lockfiles.”
https://arxiv.org/abs/2510.08609