Cursed Knowledge

Original Article ↗ Hacker News Discussion ↗

JavaScript Ecosystem & “Backwards Compatibility” Dependencies

  • Heavy criticism of a prolific JS maintainer who adds many polyfill-style packages to projects, significantly inflating dependency trees.
  • Motivations debated: clout, ideological commitment to backwards compatibility, or even potential groundwork for supply-chain attacks; others note that the ecosystem is already inherently vulnerable regardless of one person.
  • Specific packages like tiny for-each and is-callable are seen as unjustifiable bloat; others argue that older-browser support and polyfills are legitimate goals.
  • Saga described where framework maintainers pushed back on these dependency additions, leading to widespread migration away from the maintainer’s packages and tools to measure their reach.
  • Explanation of the “scheme”: write polyfills, submit PRs insisting on supporting ancient runtimes, then leverage download counts as social proof.

GPS/EXIF Stripping on Phones

  • Some see silent removal of GPS data when an app lacks location permission as a clear win for privacy.
  • Others call it “cursed” because files are secretly modified, photo apps must request continuous location access instead of one-time EXIF reads, and it encourages permission fatigue.
  • Suggested alternatives: per‑app prompts or APIs where apps must explicitly request stripping vs preserving metadata.

Cloudflare Workers & SSL Modes

  • Confusion over Workers’ fetch using HTTP to origin even when HTTPS is specified, leading to redirect loops.
  • Some argue this is expected when “Flexible” SSL (TLS at edge, HTTP to origin) is enabled and was clearly documented.
  • Others note it used to be the default, call it dangerous and misleading, and say it was genuinely hard to debug.

“Cursed Knowledge” Logs & LLMs

  • Strong approval for Immich’s explicit “cursed knowledge” log: documents obscure gotchas alongside fixes, aids future maintainers, and acts as catharsis.
  • Debate on where to store such explanations: commit messages vs source comments/docs.
  • One side stresses current coding assistants largely ignore commit history, so in-repo docs are more “visible” to LLMs; others argue tooling can and should integrate commit history.

Dates, Filesystems, and Other Gotchas

  • Heated discussion over date formats: mm/dd/yyyy labeled “cursed” and ambiguous; broad support for ISO 8601 (YYYY‑MM‑DD) for clarity and sortable order.
  • macOS and Windows filesystem quirks: case‑insensitive but case‑retentive behavior, Unicode normalization, SMB filename mangling, and case‑sensitive APFS causing tool incompatibilities.
  • PostgreSQL parameter limit (65k placeholders) seen as a “cursed” design; alternatives like batching, temp tables, array parameters suggested.
  • Miscellaneous curses: bcrypt’s 72‑byte password limit, Git CRLF conversion breaking scripts, npm scripts doing registry HTTP checks, opt‑out telemetry, invisible Unicode characters, and bizarre DB/JS-in-DB integration patterns.