However you like, REST doesn’t dictate anything there. Just be consistent and use hypermedia.

JSON APIs almost never follow REST because they almost never use JSON as hypertext. Worse, no complete stable hypertext JSON standard exists. There’s JSON-HAL, but it lacks a way to represent resource templates (think HTML’s <form>).

Therefore, with JSON APIs ignoring one of the most basic idea behind REST, why would anyone expect them to follow another idea of REST - consistency?

REST is a deceptively simple concept. Any time you build an HTML website a human can navigate without consulting documentation, you’re doing it better than vast majority of swagger documented corporate APIs.

JSON API almost always means “not REST”. In other words, it works as intended.

I can’t muster any sarcasm out of sheer disappointment. You win this time…

I’d probably add that for something like nextcloud granted scopes can be an „orthogonal”–for the lack of a better word–subset of requested scopes.

The set of requestable scopes has to be defined by the system itself, not its specific configuration. E.g. „files:manage”, „talk:manage”, „mail:read” are all general capabilities the system offers.

However, as a user I can have a local configuration that adds granularity to the grants I issue. E.g.: „files:manage in specific folders” or „mail:read for specific domains or groups only” are user trust statements that fit into the capability matrix but add an additional and preferably invisible layer of access control.

It’s a fairly rare feature in the wild and is a potential UX pitfall, but it can be useful as an advanced option on the grant page, or as a separate access control for issued grants.

https://oauth.net/articles/authentication/

That aside, why is nextcloud asking for scopes from remote API in the diagram? What is drawn on the diagram has little to do with OAuth scopes, but rather looks like an attempt to wrap ACL repository access into a new vocabulary.

Scopes issued by the OAuth authorization server can be hidden entirely. The issuer doesn’t hold any obligation to share them with authorized party since they are dedicated for internal use and can be propagated via invisible or opaque means.

I really can’t figure out what’s going on with that diagram.

As a Ruby fan having a blast with Elixir, where the hell is anything BEAM related?

The compass is truly political.

Yeah, had to dive in myself.

The answer is no, they can’t. You need to pass /dev/kvm and /dev/net/tun in a composefile for a reason.

There’s no „windows in docker”, but rather „handy windows vm orchestrator with nice UI in a container”. A bit of a mouthful.

My viewing history can legally drink in US in a year. What do you mean „guess”?

Googling at least until fairly recently meant „I consulted an index of Internet”. It is a means to get to the bit of information.

Asking ChatGPT is like asking a well-behaved parrot in the library and believing every word it says instead of reading the actual book the librarian would point you towards.

Live action at that

• ssh to remote, forwarding some remote port to your local ssh port (-R)
• ssh from remote through the exposed port, starting socks proxy in the process (-D)
• use socks proxy explicitly or find some tool that can route the traffic into it

Similar approach can be used to establish VPN tunnel with no encryption (ssh already provides that), routing everything but your ssh connection through it.

• ssh to remote, reverse forwarding your VPN-over-tcp server’s listening port
• establish vpn connection on remote, route everything but your ssh connection through the newly established interface

It will be wasteful, but it will work.

Why did you mention git twice?

If the average user

Proceeds to describe a task average users never perform.

And no, you having been a smart child doesn’t excuse you being an obtuse adult.

It’s all about being comfortable with not knowing when you need to act. Believing that you can learn everything upfront is pure hubris, and once you hurt yourself enough times, you just drop the pretense.

In other words, life is Bayesian, not frequentist.

It’s not about business optimization, it’s about not having to defer to someone’s knowledge from the position of power.

AI bubble makes so much sense when you start looking at it this way.

I can often implement 80% of a new feature without ever running the code.

I really love how they then go and invent their own TDD acronym to justify this. Types are proofs, and they replace a whole category of borderline superficial tests with useful assertions, but claiming that you implement a <random number>% of a feature when you haven’t once verified it is… a reason I regularly cuss at code and remain employable. Keep it up.

Good point.

Gl.iNet is a great value router, but if you want to do anything really interesting, it won’t do.

I have Slate AX chugging along, and have been eyeing teklager boxes to do actual routing, with slate as an access point.

While HTML is hypertext markup language, hypertext is not HTML.

Hypertext doesn’t imply a specific encoding strategy, it implies semantics - data contains links to related data. If you want to encode it in protobufs - you do you, REST explicitly calls for freedom in this regard.

To paraphrase yourself, ranting about HTML as if it was a requirement for REST is ridiculous and misses the point entirely.

PS: HTML is not a protocol.

A cargo cult doesn’t change airplanes by building mock runways - they rather miss the point entirely.