from 29 minutes in. A last-minute adjustment before launch plugged in a thruster backwards; no protocol to check the behaviour prelaunch. They doscovered it when they got to the bottom.
I'm not sure why it's "obviously" good to move from one mechanism to two: as a user I now have to categorise every path to work out which is appropriate.
What I said was less about adding to a function signature than it was about adding to a facade - that is, a system boundary, although the implementation may be the same depending on language. People typically use exceptions pretty badly - a function signature with a baggage-train of internal exceptions that might be thrown by implementation guts is another antipattern that gives the approach a bad rep. Errors have types too (or they should have), and the typical exception constructor has a wrapper capability for good reason.
I think you're spitting the situation on the wrong horn of Jefferson's dilemma. They have the freedom to speak. It comes with the danger of being arrested if that speech meets the requirements of being an exhortation to violence.
That's fine, and for that there are sum types. My own opinion differs - it's a question of taste. Being able to bundle the handling of exceptional situations aside from the straight-line logic (or use RAIi-style cleanup) is notationally convenient.
Yes, you can do the same with monads; use the tools available to you.
Checked exceptions are powerful but misunderstood. Exception types are a useful part of the facade to a module - they express to a caller how it can go wrong even if used correctly.
Runtime exceptions are typically there to express contract-breaking by callers; although as an alternative return mechanism I've seen them used to simplify the inner workings of some frameworks.
I think they get a bad rep because there aren't a ton of good examples of how to use them - even the java classpath had some egregious misuse initially that helped turn people off the key ideas.
Look up the original judgement on the Maya Forstater tribunal. "In a functioning democracy, some beliefs are not worthy of respect," or words to that effect. If you think inciting racist riots shouldn't be criminal, then write to your MP about it.
The defence you posit is the same as a politician chosing words carefully to imply one thing, while technically not lying: for aome reason they think that's a defence, but were a six-year-old try it they'd be straight off to the naughty step.
She lit a fire which was fanned by agents provocateurs from outside the country (ie, Farrage and Yaxley-Lennon). The useful idiots picked it up and rioted with it.
I'd be cautious about the "kill -9" reasoning. It isn't necessarily equivalent to yanking power.
Contents of application memory lost, yes. Contents of unflushed OS buffers, no. Your db will be fsyncing (or moral equivalent thereof) if it's worth the name.
This is an aside; backing up from a volume snapshot is half a reasonable idea. (The other half is ensuring that you can restore from the backup, regularly, automatically, and the third half is ensuring that your automated validation can be relied on.)
Possibly the thing that was intended to be deployed was. What got pushed out was 40kB of all zeroes. Could've been corrupted some way down the CI chain.
You can bet that they have a KPI that says they can deliver a patch in under 15m; that can preclude testing.
Although that would have caught it, what happened here is that 40k of nuls got signed and delivered as config. Which means that unparseable config on the path from CnC to ring0 could cause a crash and was never covered by a test.
It's a hell of a miss, even if you're prepared to accept the argument about testing on the critical path.
(There is an argument that in some cases you want security aystems to fail closed; however that's an extreme case - PoS systems don't fall into that - and you want to opt into that explicitly, not due to a test omission.)
In which case, perhaps unqualified "freedom of speech" isn't all it's cracked up to be.
(I appreciate that Chomsky's opinion resonates more with 1968 than now.)