> Did you ever accidentally commit something that contains a secret that can't be in the repository?
What do I need to do on top of a git force push, and some well documented remote reflog/gc cleanup, which I can’t find with a single search/LLM request? Are we there, where we don’t have enough developers who can do this without feeling it as a burden? Or are we there where this level of basic logic is not needed to implement anything production ready?
> What do I need to do on top of a git force push, and some well documented remote reflog/gc cleanup, which I can’t find with a single search/LLM request?
This is a self-defeating argument. You're essentially saying we shouldn't improve something because it can be done with a handful of commands (you already know btw) and prompting an LLM.
> Are we there, where we don’t have enough developers who can do this without feeling it as a burden?
The no true scotman.
> Or are we there where this level of basic logic is not needed to implement anything production ready?
Not sure how this fits in with the rest honestly.
It was never about whether it was possible. It was about how it's being done. Juniors (and even seniors) accidentally check in secrets. Arguing that there shouldn't be a simpler way to remove an enormous security flaw feels a bit disingenuous.
If you want to create (or use) another git client that makes removing a secret easy for you and your team you are free to do so.
> It was never about whether it was possible. It was about how it's being done.
That's what I was saying originally, no need to change the infrastructure but you can change how you interact with it.
> Arguing that there shouldn't be a simpler way to remove an enormous security flaw feels a bit disingenuous.
First of all, skill issue educate your employees. Secondly, this is a well considered and a huge part of why git is preferred over older systems like SVN or SCCS especially in an open source context where you are distributing your code through unknown channels and where the publisher might have moved on.
Perhaps Git is not the best VCS for your situation. But I think that if you try other options you will run into bigger problems, there is a reason git became the standard in the industry.
> First of all, skill issue educate your employees. Secondly, this is a well considered and a huge part of why git is preferred over older systems like SVN or SCCS especially in an open source context where you are distributing your code through unknown channels and where the publisher might have moved on.
If you're entire argument rests on people being perfect, it's a trash argument.
Implying that accidents don't happen when you have skills is absurd.
No, I’m saying that you can do this without replacing git. You can make it simpler even without replacing git. Aka you just did a strawman, if you are really into these. Also you answered to me in an authoritative way, when even according to you, you don’t understand my comment. You can figure out a logical fallacy name for this. And also of course a nice fallacy fallacy.
Btw, I’m also saying that who cannot find how it can be solved right now with git, those shouldn’t be allowed anywhere near a repo with write permission, no matter whether you use git or not. At least until now, this level of minimal logical skill was a requirement to be able to code. And btw regardless the tool, the flow will be the exact same: ask a search engine or ml model, and run those. The flow is like this for decades at this point. So those minimal logical skills will be needed anyway.
The problem mainly is that when they don’t even know that they shouldn’t push secrets. You won’t be able to help this either any tooling. At least not on git level.
> Also you answered to me in an authoritative way, when even according to you, you don’t understand my comment.
No, I didn't understand what referring to production-ready code has anything to do with making mistakes in source control.
> And also of course a nice fallacy fallacy.
You keep using words you don't understand.
> The problem mainly is that when they don’t even know that they shouldn’t push secrets. You won’t be able to help this either any tooling. At least not on git level.
You're not actually suggesting you become immune to making mistake after a certain level of experience, are you? That would be insane.
There was a long time when somebody answered me with far right tactics. In this space, they are rarer, for obvious proven reasons. And before you would come, that you are not far right, I didn’t say that, and you cannot prove or disprove it anyway. Even on HN, the Overton window is moved towards far right, as almost everywhere, so value of self claim is not larger than zero, and since large part of society intentionally uses it to make muddy waters, it’s value on the internet is even negative.
> That's not what a strawman is.
Let’s see Wikipedia.
> A straw man fallacy (sometimes written as strawman) is the informal fallacy of refuting an argument different from the one actually under discussion, while not recognizing or acknowledging the distinction.
Let’s see the relevant part of your comment:
> You're essentially saying we shouldn't improve something because it can be done with a handful of commands
Once again
> an argument different from the one actually under discussion
And once more
> You're essentially saying
So the exact thing for which I used, because I didn’t say that essentially. But luckily for us, you just proved that you intentionally misrepresented my comment, and you intentionally argued against something which is not there. Btw, for which you just proved again that you use fallacy fallacy, and intentionally.
I yet to see a case when somebody says, “you’re essentially saying”, and it’s not strawman.
Let’s move on…
> you don’t understand my comment
And immediately after that, you said that:
> I didn't understand
I know, that from your viewpoint this can be difficult, but maybe, you don’t understand something, because you don’t understand something. Maybe you didn’t understand a single sentence from my original comment, and that’s why you don’t understand even the connections between them. Maybe you didn’t understand the general meaning of my comment, and thus you picked something which your mind cannot comprehend, why it’s there, because you didn’t understand even the basics. You “essentially said” that you didn’t understand my comment in general, by doing a strawman with “essentially saying”, but as you proved it was intentional, so I have no idea about your real thoughts.
It’s possible that the general meaning of my comment is fine, but there is an error in the specifics. Maybe, even the general meaning is problematic. One for sure, we will never know, because you still haven’t asked anything, thus revealing that you don’t even want to know. You proved again btw, that it’s intentional, because you still haven’t attacked its general meaning.
> You're not actually suggesting
As we could see from the definition, this is a strawman. And your first question, so here is the answer: no, and my comment is completely rational regardless of the answer. In other words, if the answer would be yes, my comment rationality wouldn’t have changed even a bit. And since, it’s obvious that the answer is no for everybody, and it’s orthogonal to my comment, thus this is a strawman. The point obviously wasn’t to get an answer.
There are two options at this point:
- your arguments are not in good faith
- you do this because you lack skills and/or knowledge
In both cases, any further discussion is pointless.
If it’s the later one, I recommend to learn more, before you ever feel the urge to use any fallacy’s name again. You’re not there yet, but I’m glad that you are interested in avoiding them. A better way of thinking isn’t to avoid specific logical fallacies, but all of them even those which don’t have names. Also using their names won’t ever lead to real discussions in any environments. They can be effectively used only to avoid them for people who cannot think without logical problems as a principle.
If the former, which you proved almost once per sentence, then I hope we will return to positive sum game once, which corrects this behavior with acceptable tools, and you’ll learn from them. Until then, you will continuously make the same mistakes unfortunately, regardless of what I say. I could have proved my points with Lean, and you would still not change a single bit.
What do I need to do on top of a git force push, and some well documented remote reflog/gc cleanup, which I can’t find with a single search/LLM request? Are we there, where we don’t have enough developers who can do this without feeling it as a burden? Or are we there where this level of basic logic is not needed to implement anything production ready?