continuous integration. like if you agree. boost if you will defend it with your life

@joeyh I remember that many years ago, a Mac NFS client could trick an NFS server to have a basename with a /. I've forgotten the details.

Today, a Linux NFS server can encodce UTF8 filenames in such a way the a Mac ciient won't even show them in Finder. Had that happen recently.

We don't buy info about people, we don't purchase lists or pay to find out "where you went" when you stop giving to Conservancy. Instead we rely on you to tell your friends about us during our fundraiser. Thank you so much for making that possible!

@n8 Sigh. There's too much drama in the small world of software freedom.

All the internal drama is just waste and should just stop.

@setthemfree They have some sandboxing. Even if it was perfect, there's still be big gaping security holes in the sandbox, and that's unacceptable to me.

Oh, I just realized. The same issue exists with, say, Flatpaks, Snaps, AppImages, and any other form of bundling of applications and libraries.

All of that is doable, if tedious. It won't happen in practice, unless there's automation to make it happen. I'm not aware of that automation existing, though CI/CD helps.

One of the reasons why shared libraries are imporant is the easy with which a security fix in a library can be distributed and deployed: you only need to fix it in one place, and upgrade one library. And restart any process using the library.

To achieve the same thing with static linking, one needs to rebuild anything using the library, using the new library version, and upgrade the programs anywhere they're installed.

Vendored libraries additionally require upgrading the vendored version.

i have never once gone to a news site and thought "notifications? heck yeah"

It seems Jeremy Clarkson, the violent buffoon from TV, is the kind of wealthy middle-aged macho man who thinks it's OK to bully teenage girls for speaking out.

Shame on him.

@federicomena There were share libraries, using manually maintained jump tables I believe, with the understanding that you'd collaborate with all other share library maintainers to pick a part of the address space where your library would be loaded, to avoid collisions.

I always found that to be too tedious to be used, and I've been waiting since 1995 for the shlib situation to be sufficiently stable before I start releasing shlib versions of my libraries.

AppImage provides the same application experience we've long decried on proprietary OSes.

No security updates. No confinement. Bundled dependencies the author probably doesn't understand.

Disappointed in how many people are excited by it and forget history.

@adbenitez @ted You can stop @'ing me about this now, thanks. I've had enough of a look to know I don't want to hear more.

@ted @adbenitez It's definitely an interesting concept, but I want to get rid of the broken swamp that is email. Also, doesn't seem to say anything about the license. So I can't say I'm interested.

@federicomena You added a FIXME comment and opened a ticket to fix this later, right? In that case, it's all OK now.

Premature abstraction is the root of all e.. no, that was optimization, wasn't it?

@emacsen I agree that Signal is good in many ways. That does not excuse its use of phone numbers, to me.

Also, a bunch of my friends stopped using Signal because it broke badly: they don't get a notification of a new message.

Scuttlebutt Considered Harmful 

Scuttlebutt Considered Harmful 

Show more

Lars and friends