Comment by roscas
1 day ago
Nice, simple, light and dark theme, a calendar. I would remove the internet checks for your storage.ko-fi.com and it did some calls on pypi.org and files.pythonhosted.org. All it needs should be on the docker by default. But that is just me.
Thanks for the feedback! Appreciated!
----
I had some time to look into this, I think it is partially valid.
The pypi.org and pythonhosted.org calls happen only at docker build time when dependencies are installed, the running container makes no calls there.
The ko-fi badge image (storage.ko-fi.com) is a real runtime outbound request though, every page load fetches it from their CDN.
That's fair criticism and it has an easy fix which is to self-host the image, which I'll do like I do with the rest of things, like fonts.
Thanks again!
I find our standards and norms around network access to be unacceptable. Programs shouldn’t access the Internet without opt in by the user either as a setting or a UI interaction.
We had many years of applications from the dial up error and prior that didn’t assume constant connectivity and we all survived.
Even an OS enforced blend of oauth style initial permission and LittleSnitch where the user is asked what they consent to at first launch would be fine.