This looks super cool, I’ve played around with making custom API clients/executers in multiple teams now and am glad to see something that I might actually use instead of re-rolling my own each time.
One thing I’ve previously found very useful is the ability to select multiple ‘environments’ at once (I’ve previously split this in to e.g. environment+session or environment+user before). The ability to merge a set of variables together lets you define variables for _where_ I’m calling (local, staging, etc), but also who/what I’m calling (specific users, types of profiles/packages (how does this api behave if I switch between a free vs paid licence), etc).
Also echoing another comment, the blog linked gives me a 404 page now. Additionally, the GitHub for this projects seems have a ton of blank issues saying “help yapi made me too productive”? Rather odd, I probably won’t be running this project directly anytime soon…
The EV cert system is truly terrible on Windows. Worst of all, getting an EV cert isn’t even enough to remove the scary warnings popping up for users! For that you still need to convince windows defender that you’re not a bad actor by getting installs on a large number of devices, which of course is a chicken-and-egg problem for software with a small number of users.
At least paying your dues to Apple guarantees a smooth user experience.
No, this information is wrong (unless it’s changed in the last 7 years). EV code signing certs are instantly trusted by Windows Defender.
Source: We tried a non-EV code signing certificate for our product used by only dozens of users at the time, never stopped showing scary warnings. When we got an EV, no more issues.
Not true for us. We EV cert sign (the more expensive one) and my CEO ( the only one left that uses Windows) had this very problem. Apparently the first time a newly signed binary is run it can take up to 15 minutes for defender to allow it. First time I saw this, it was really annoying and confusing.
They did change it, I think after some debacle with Nvidia pushing an update. They seem to want devs to submit their files via their portal now to get rid of the screen: https://www.microsoft.com/en-us/wdsi/filesubmission
I've never submitted our installers to there (or anywhere). I'm often the very first to install new builds (particularly our nightlies) and never had a delay or anything.
Wow. I haven't written software for Windows in over a decade. I always thought Apple was alone in its invasive treatment of developers on their platform. Windows used to be "just post the exe on your web site, and you're good to go." I guess Microsoft has finally managed to aggressively insert themselves into the distribution process there, too. Sad to see.
> Windows used to be "just post the exe on your web site, and you're good to go."
That's also one of the main reasons why Windows was such a malware-ridden hellspace. Microsoft went the Apple route to security and it worked out.
At least Microsoft doesn't require you to dismiss the popup, open the system settings, click the "run anyway" button, and enter a password to run an unsigned executable. Just clicking "more details -> run anyway" still exists on the SmartScreen popup, even if they've hidden it well.
Despite Microsoft's best attempts, macOS still beats Windows when it comes to terribleness for running an executable.
I just wish these companies could solve the malware problem in a way that doesn't always involve inserting themselves as gatekeepers over what the user runs or doesn't run on the user's computer. I don't want any kind of ongoing relationship with my OS vendor once I buy their product, let alone have them decide for me what I can and cannot run.
I get that if you're distributing software to the wider public, you have to make sure these scary alerts don't pop up regardless of platform. But as a savvy user, I think the situation is still better on Windows. As far as I've seen there's still always a (small) link in these popups (I think it's SmartScreen?) to run anyway - no need to dig into settings before even trying to run it.
Are you sure? I had not used Windows for years and assumed "Run Anyway" would work. Last month, I tested running an unsigned (self-signed) .MSIX on a different Windows machine. It's a 9-step process to get through the warnings: https://www.advancedinstaller.com/install-test-certificate-f...
Perhaps .exe is easier, but I wouldn't subject the wider public (or even power users) to that.
So yeah, Azure Trusted Signing or EV certificate is the way to go on Windows.
Honestly whilst the docs make the review process sound complicated, I went through it a few months ago and it ended up being super simple. Just follow the instructions to create the new formulae PR (and look at other recent ones) and then you’re all done. Updates are handled by a bot they run automatically when you make a new GitHub release, so you don’t even need to interact with the homebrew repo after setup.
You do have a naming conflict though unfortunately so I’m not sure how you would deal with that.
I think these are just the package managers that it supports parsing dependencies for. The actual script seems to just be a single python file.
It does seem like the repo is missing some files though; make is mentioned in the README but no makefile and no list of python dependencies for the script that I can see.
Yeah to be fair I need to clean it up, was stuck in the testing diff strategies and making it work and just wanted to get feedback asap before moving on to the next step (didn't want to spend too much time on something and turns out I was wrong about something badly) - next step is to get it all cleaned up.
Yes correct, sorry forgot to reply to this chain. I've confirmed it works correctly on MacOS, Linux, and Windows under WSL (with the artefacts from the latest release). However, running directly under Windows has this issue where the terminal becomes unresponsive, and also only outputs a single line. I'm tracking the issue here: https://github.com/JustAman62/undercut-f1/issues/14 if anyone wants to know when Windows support is working.
Ah, so unfortunately the delay is only applied to new data coming in. When you start a live session, we only get the current state and new data coming from the F1 feed, so we can't delay back to a point before you started listening to the feed. You also can't "rewind" the session, so any data that has been shown won't be removed, only new data will be added (after the delay you've set).
Currently the delay is designed for a minute or two's worth of delay for a live TV feed, or for replaying old sessions. I don't currently have a good way to support a long delay during a live session, without you starting the app before the session starts, and applying the 25 minute delay immediately so that all the data is queued up to be displayed in 25 minutes time.
I have compiled as self-contained, however I missed some configs to make sure that all native binaries were included in the final executable. I've made a new release recently (https://github.com/JustAman62/undercut-f1/releases/tag/v3.0....) which should resolve this issue.
One thing I’ve previously found very useful is the ability to select multiple ‘environments’ at once (I’ve previously split this in to e.g. environment+session or environment+user before). The ability to merge a set of variables together lets you define variables for _where_ I’m calling (local, staging, etc), but also who/what I’m calling (specific users, types of profiles/packages (how does this api behave if I switch between a free vs paid licence), etc).
Also echoing another comment, the blog linked gives me a 404 page now. Additionally, the GitHub for this projects seems have a ton of blank issues saying “help yapi made me too productive”? Rather odd, I probably won’t be running this project directly anytime soon…