Joel @cincodenada@cybre.space

That said, these kinds of things are helpful for imposter syndrome things because they remind me that oh yeah, you have learned a thing or two in the last decade of building things, hurrah!

And also yes, everyone needs to learn sometime, but if you're actively recommending sanitization to someone who is asking about escaping, you are making the web a less secure place, please read up and stop doing that. It's not a failure to not know, the internet is terrible and complicated, but if you're a web person please do take the opportunity to learn and grow!

Here are a couple good posts that cover things pretty well:
https://benhoyt.com/writings/dont-sanitize-do-escape/
https://blog.presidentbeef.com/blog/2020/01/14/injection-prevention-sanitizing-vs-escaping/

I am currently asking questions on Github about HTML escaping in Javascript (in the context of a specific framework), which is apparently a mistake because I've had multiple people tell me "oh just use dompurify" and NO

I specifically said escaping!! I know about sanitization, I use it when I need to, but here I do not need to render HTML at all, stop recommending an inherently less safe option to people who just want to not render any HTML!

(I'm not particularly looking for recommendations here, `stringify-entities` and `html-escaper` both seem perfectly fine for my uses, but I guess if you have a different favorite knock yourself out)

(For those following along at home, "Wüste" actually means desert, which makes a lot more sense and is still disappointing)

So I just randomly happened upon a picture of a German edition of #Dune, and discovered the German title is "Der Wüstenplanet", which I _know_ doesn't mean "the worst planet" but now I really really want it to.

At least I can console myself with the fact that it _is_ one letter away from "the sausage planet" which is also pretty great.

Huh, on that note I should probably update my profile picture now that my hair is literally a foot longer 😅

Current gender: using the beveled corner of a Mini SIM to Micro SIM adapter as a cuticle pusher

You know how they have those toothbrushes for kids that play a song for two minutes? I want one of those but with a two-minute podcast instead.

It looks like the Telegraph already has a twice-daily two-minute news briefing podcast, even! It looks pretty UK-focused but I'll take what I can get.

I do have some extra ESP32-based boards laying around, but I don't need another project!

Yesterday was the kind of day at work where I started this morning with `man perlop` as the last command run in my terminal.

A pipeline of linter -> awk -> bash while read -> perl? Why not!

This is at work where it's all Node, but I'm excited to check out Miette next time I'm dabbling in Rust again

Inspired by @zkat's work on Miette, today at work I made my error messages a little more verbose than I would have otherwise, and the first time I tried to run it, it immediately paid off.

Specifically, I had it spell out where it was looking for a file, which made it obvious that I was generating a PascalCase name when searching for my camelCase files.

Good errors are good!!

Some mailing list I'm on has been inviting me to an online event thing titled "Transitioning in Tech", and since one of the lists I'm on is Out in Tech (an org for queer folks in tech) I just assumed it was from them and was about navigating a gender transition at a tech company, which seemed like useful content that is not, like, quite where I'm at but still might be useful.

Today I actually clicked into it and it turns out it's just from some bullshit job board and is about career transitions.