Cursed Knowledge

Git can be configured to automatically convert LF to CRLF on checkout and CRLF breaks bash scripts.

Fetch requests in Cloudflare Workers use http by default, even if you explicitly specify https, which can often cause redirect loops.

Some phones will silently strip GPS data from images when apps without location permission try to access them.

PostgreSQL does everything in a transaction, including NOTIFY. This means using the socket.io postgres-adapter writes to WAL every 5 seconds.

npm scripts make a http call to the npm registry each time they run, which means they are a terrible way to execute a health check.

There is a user in the JavaScript community who goes around adding "backwards compatibility" to projects. They do this by adding 50 extra package dependencies to your project, which are maintained by them.

The bcrypt implementation only uses the first 72 bytes of a string. Any characters after that are ignored.

JavaScript date objects are 1 indexed for years and days, but 0 indexed for months.

Prior to Node.js v20.8 using --experimental-vm-modules in a CommonJS project that imported an ES module that imported a CommonJS modules would create a segfault and crash Node.js

PostgresSQL has a limit of 65,535 parameters, so bulk inserts can fail with large datasets.

Some web features like the clipboard API only work in "secure contexts" (ie. https or localhost)

The remove implementation in TypeORM mutates the input, deleting the id property from the original object.