The author may well have been aware of this. However, since the author didn't retrieve those database IDs or URLs in the first place, they would have had to make further requests to retrieve them, which they wanted to avoid doing.
"I was looking at either backfilling millions of records or migrating our entire database, and neither sounded fun."
I googled the names of the people holding the talk and they're both employed by Microsoft as software engineers, I don't see any reason to doubt what they're presenting. Not the whole start menu is React Native, but parts are.
I was expecting this post to explain why it's an underscore specifically, as opposed to a dollar sign, an asterisk, a caret, a tilde or some other special character.
I can only assume it's a holdover of languages like C where the standard library has some reserved names that start with an underscore.
As another borrowed convention, JS developers of yore (and likely some today still) used an _ prefix to denote “private” function/methods. Quotes as it’s just a convention - today JS supports # for actual private members in class syntax.
That looks like ActionScript 2, so the javascript convention was actually well in place by then. I can't speak confidently about the late 90s, but I wouldn't be surprised if it predated Actionscript 1 as well.
But doesn't it all trace back to C conventions anyways?
movieclip._x or movieclip._alpha (as in position and alpha blending) were accessed by properties with underscore to denote that you were using accessors (getters/setters).
Internally properties like Object.prototype.__proto__ had two underscores to denote they were private.
In AS2 you had:
class Foo extends Bar implements Xyz {
private foo
public function set x (value : Number) : void { ... }
public function get x () : Number { }
AS2 was based on long forgotten ES4 specification [0].
Under the hood it was still, what we would call today, transpiled to ES3 bytecode, as it run basically on the same VM as AS1.
It's crazy to think it took us 10 years to reinvent the wheel with TypeScript.
None of what you say here that is true moves the needle on what you say that isn't true.
Programmers using underscore to denote identifiers for internal use was well-established and in use long before ActionScript even appeared. To claim that it's a "direct descendant" of ActionScript is arbitrary, anachronistic, and odd.
Another weird case: In Google's server-side JS environment Apps Script, function names that end with _ are treated as private functions that cannot be called directly by the user or enumerated.
In the Python world I was in, trailing underscores is used to work around the ban on reserved words. The language grabs some of the best names for itself!
So a variable that really ought to be named `class` you name `class_`.
I do it every day, so I see it from your perspective.
I'm willing to bet there are kids who do not though. Given how many crazy colours my IDE shows everything in, I could definitely believe there are people that go, 'Why bother, aren't those private members blue anyway?', or some such similar train of thought.
Of course if your IDE is little more than notepad, then such things are still important. For me, that's the Arduino IDE. I have to admit I really like writing micro controller code in it, it's a bit like writing code 30 years ago (both the good and bad parts).
Making it a dollar sign would cause countless bugs for people who generate HTML using templating languages whose variables are indicated by dollar sign. From time to time, someone would add target="$blank" to a templates, forgetting that the $ must be escaped to be literal.
They might have to resort to predefining a reserved variable called blank, whose value is "$blank". :)
Similar reasoning applies to most other special characters.
Given how HTML gets generated by preprocessors which use special characters in this manner or that, its best not to come up with new schemes within HTML itself involving special characters.
Carving out a reserved space within an existing namespace is safe.
The _ comes from the W3C in 1995 well before JavaScript was commonly used for templating HTML.
Scripting has used $ for variables for a long time: I think the most relevant history line for $variable is PHP comes from Perl comes from shell scripts. I also remember finding $ ugly on Vax.
There were a huge variety of templating syntaxes for server side and HTML generation was virtually all server side in the 1900s.
Server side languages were very rarely JavaScript before Node in 2009.
JavaScript wasn't used much for HTML generation before Ajax. There were soon after many many client side templating syntaxes.
I'm guessing only Brendan Eich could say why $ was accepted for JavaScript variable names.
Timelines are hard because the foundations were compressed within a decade: JavaScript 1995, PHP 1996, DHTML 1997, Ajax early 2000s, jQuery 2006.
Syntaxes tend to be extremely path dependent, and every developer cribs from everything they use.
A terminal doesn't need SSH integration, but it's convenient if it does, to allow you to easily start and manage connections. Is there something inherently unsafe about such an integration?
First thing I would do is look for a security.txt file or search to see if they operate some kind of bug bounty. Failing that, I would browse their website or search for contact details (or even just a contact form). WHOIS can be useful for this. Ideally you'd want some kind of security contact, or a technical contact, but other times you have to make do with the general contact email/form.
In this specific case, they have a general email address at the bottom of their privacy policy, so that's what I'd use.
I'd send them an email along the lines of "I found a security issue with your website; how would you like me to report it to you?". Then they'll hopefully put me in touch with the right person.
In terms of what I'd expect… If they operate a bug bounty (which they don't in this case) then I'd expect what's on offer. If not, it would depend. I often don't expect anything. There have been businesses I've disclosed security vulnerabilities to that are shady enough that I've refused the reward they offered. Sometimes I don't want anything to do with them.
Suppose there are two students. Each has a 50% chance of drawing the short straw (by picking either 0 or 1). Therefore, there is a 25% chance that neither will draw the short straw, 25% chance that both will draw the short straw, and 50% chance that only one will draw the short straw.
It's the extensible nature of XML that gives it an advantage. You can add custom elements and attributes whilst conforming to the base schema.
Granted, XML isn't the only format where this is possible. You can sort of achieve it with JSON, though XML's namespace system helps deal with name collisions. Adding bank-specific messages wouldn't be possible (or would be difficult) with fixed-column formats, for example, unless they had been specifically designed to be extended.
"I was looking at either backfilling millions of records or migrating our entire database, and neither sounded fun."