Based on how much rubbish is in the App Store, it is shocking to me – but getting that first approval can be really brutal. Took me well over a month last October/November as it kept getting rejected for things that I considered very much outside the purview of App Store review†, and this was for a simple and straight forward client portal for our company. If I didn't know better, I'd think they don't want you building free apps.
†my favourite was that on one of our menu screens the bottom button was slightly obscured by the tab bar at the bottom, so of course that was a failure. I'm not sure when they started this sort of semi-QA type of service, but I suspect no one asked for it.
ok update: mines been pretty decent besides the initial setup. now its getting reviewed and approved almost ever 24 hrs. i feel like it wont be that hard to ship fast on ios either. i just have to do it once a day which sucks but it is what is.
It seems like managed pg improvements aren’t high up on the priority list (there’s a mention of outsourcing it to a third-party like supabase[1]), so I’d just like to +1 this request — for personal projects the snapshots are fine, but I’m starting a new role where I wanted to use fly but without easier backup/restore it’s likely a non-starter.
A small request: it would also be useful if `fly volumes snapshots list vol_123…` included the time they were taken, not just “n days ago”. If I’m having to rollback, it would be good to tell my team & users exactly when I’m rolling back to!
I'm really interested in fly.io after their Postgres post the other day, but I've not seen anywhere what their recommended solution is for ActiveStorage – is it still writing to S3 (or equivalent), or would it be somehow using their volumes? Are there any published examples (blog posts etc)?
Using volumes as some sort of s3 would require you to basically build s3 from scratch, you would still need to create an auth system, a server to handle uploads, a way to manage uploaded content maintaining their content type somehow (maybe using another db), a static server, .etc
Check out Filebase [0]. It's powered by Web3 technologies including decentralized and distributed storage networks, effectively creating one giant "global" S3 region. You could almost think of it as the storage-equivalent to Fly.io. It also works with ActiveStorage out of the box since Filebase has an S3 compatible API.
Wejo (https://wejo.com) | Various Roles | Full-time | UK-based Remote and/or Manchester, UK
We’re shaping the future of mobility. We innovate with transformative volumes of connected car data to create cutting-edge, actionable insights that will transform the way we live, work and travel. We’re looking for creative, inquisitive and driven individuals to join our team.
We do have offices in Manchester and Chester, for occasional in-person meetings (in-person attendance optional).
I opened an account with a UK challenger bank while sat in a bar, and within 5 minutes had paid for a round with Apple Pay (which could be set up before the card arrived). It was pretty damn impressive. It might seem of limited utility, but I did similar when I set up my business account (though admittedly I was buying software licenses rather than beer) and that was genuinely useful. Not that I couldn't have waited, but it was nice to not have to.
As an Apple fan and Xbox game pass subscriber, I'm annoyed and genuinely surprised that Microsoft aren't more on the attack here. I'm sure there's some behind the scenes manoeuvring going on, but it doesn't seem like that's going anywhere, and presumably the public would be on MS's side... is there something I'm missing?
In response to your final question, this[1] document from the UK's ICO has some interesting info. Essentially you're either a Data Controller (that would be your site in this example) or a Data Processor (Fathom, in this case -- probably?!).
"64. The ICO cannot even take action directly against a processor who is entirely responsible for a data breach, for example by failing to deliver the security standards the controller has required it to put into place. However, in these cases the ICO may decide not to take any enforcement action against the controller if it believes it has done all it can to protect the personal data it is responsible for and to ensure the reliability of its processor, for example through a written contract. However, whilst the ICO cannot take action against the processor, the data controller could take its own civil action against its data processor, for example for breach of contract."
Though it goes on to say that in some circumstances, the processor can _become_ a controller, in which case the ICO can go after it.
And even if there was a data breach where myself & Paul were held at gunpoint and told export the database, there's no personal data to do anything with. Not even in our Redis queue! Our database is very boring, anonymous and simple, and we like it that way.
FWIW My bank here in the UK does this (Monzo) and I worked at a startup where we also implemented "magic link" to log in. It also seemed to fit nicely with a pre-account workflow idea that I'd had for one of my projects.
But... ignoring the potential security issue of trusting your email, which (like your post points out) most forgot-password routes do anyway, you then get onto usability.
Turns out some of our users really hated it, and couldn't get their heads around it. Including some key members of our snr. management team. Slack IIRC was originally magic-link only, but then reversed course later, and tbh -- even I find it frustrating when using it with my banking app. It's way slower than just having 1Password fill in the user/pwd details for me – as has been pointed out, it adds a cumbersome second step.
That said, I think it still has a place for places where the user won't necessarily need/want to create a "full account" but you can use it to at least do some email validation. Then if they want an account later, you can simply turn this "shadow" account into a full one by letting the user set a password, as that's really the only difference.
I'm not sure if your "almost ten years ago" is meant to be hyperbolic, or genuine... I can't even remember why, but I know the project I was on 6 years ago definitely needed visual studio to have admin access, and it was all standard C# app stuff (maybe WPF?)
†my favourite was that on one of our menu screens the bottom button was slightly obscured by the tab bar at the bottom, so of course that was a failure. I'm not sure when they started this sort of semi-QA type of service, but I suspect no one asked for it.