Najaaf Saleem

Thanks for your critique, Janet. We actually tried a couple of episodes where House (Hugh Laurie) (please put the brackets in the right place) gets it right first time, but they were only 6 minutes long. NBC weren’t happy. Then we tried some where House never gets it right and the patient dies. The audience wasn’t happy. One could apply your trenchant analysis to other art forms: JS Bach wrote 30 Goldberg variations on the same chord structure; Frida Kahlo painted 50 portraits of herself; Henry Moore, what?? The point is, or was, variations on a theme; if all you see is hospital, medical blah blah, then it wasn’t meant for you. Nonetheless, I look forward to your first novel!

Fork your dependencies, trim them to only your use case, never update unless it breaks for your users. I’ve been vocal about this for 10+ years. I’ve always said that updating is way riskier than latent bugs (which can be tracked and CVEs monitored). If you are updating a dependency, it’s on you to analyze every single commit in the full transitive set of dependencies. If you dont see anything compelling, dont update! I remember at HashiCorp once in awhile an engineer would try to update a dep or replace a DIY lib with an external one and id always ask “show me the commit we need.” Dont update for the sake of it. Feeling pretty swell about this mentality with all the supply chain attacks happening.

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.