Containers are over hyped. They are so stupid for home use. People put init systems in containers, then run the entire pile of shit in Docker as root, and talk to me about security and resource isolation. And then all these shit Alpine containers with that MUSL joke. You really can’t take any of it seriously anymore. These people want Windows or a mobile phone.

Flatpack is using OCI so they can publish their shit on any registry. Just another way to pollute an existing ecosystem with garbage nobody really needs. Easing the installation of crap onto your system is not a goal worth pursuing

Removed by mod

Bots

Have you heard about Tor?

Removed by mod

It’s bait

If only you could use ChatGPT during an interview the same way as when you’re employed. Then everyone would finally recognize how outstanding you are

Removed by mod

Operator overloading allows you to redefine what each operator does. It’s essential to achieve a truly fucked up code base

If I were Google, instead of paying Mozilla millions to be the default search in Firefox, I’d give the money directly to the decision makers and influence them to turn Firefox into a piece of garbage filled with VPN offers, cloud integrations, “fair ads”, and “AI” until nobody uses it anymore.

Wait…

OCI

Reddit is free. Other people paying for your free service is a very weak argument to bring up. If Lemmy dies today, nobody but hobbyists and amateurs will care. Just like with LE.

I’ve been there. Not every CA is equal. Those kind of CAs were shit. LE is convenient. There are more options though.

I actually agree. For the majority of sites and/or use cases, it probably is sufficient.

Explaining properly why LE is generally problematic, takes considerable depth of information, that I’m just not able to relay easily right now. But consider this:

LE is mostly a convenience. They save an operator $1 per month per certificate. For everyone with hosting costs beyond $1000, this is laughable savings. People who take TLS seriously often have more demands than “padlock in the browser UI”. If a free service decides they no longer want to use OCSP, that’s an annoying disruption that was entirely not worth the $1 https://www.abetterinternet.org/post/replacing-ocsp-with-crls/

LE has no SLA. You have no guarantee to be able to ever renew your certificate again. A risk not anyone should take.

Who is paying for LE? If you’re not paying, how can you rely on the service to exist tomorrow?

It’s not too long ago that people said “only some sites need HTTPS, HTTP is fine for most”. It never was, and people should not build anything relevant on “free” security today either.

People who have actually relevant use cases with the need for a reliable partner would never use LE. It’s a gimmick for hobbyists and people who suck at their job.

If you have never revoked a certificate, you don’t really know what you’re doing. If you have never run into rate-limiting issues with LE that block a rollout, you don’t know what you’re doing.

LE works until it doesn’t, and then it’s like every other free service on the internet: no guarantees If your setup relies on the goodwill of a single entity handing out shit for free, it’s not a robust setup. If you rely on that entity to keep an OCSP responder alive for free so all your consumers can verify the validity of your certificate, that’s not great. And people do this to save their company $1 a month for the real thing? Even running the shitty certbot in compute has a larger cost. People are so blindly in love with this “free” garbage. The fanboys will never die off

People who used left-pad deserved everything that happened to them. But, very valid point.

There is no honor system. If your code is open for commercial reuse, that’s it. If you have any expectations that are not in line with that, then yes pick a different license.

I guess I agree with you, I’m just phrasing it from a different perspective.

I feel like most people base their decision on license purely on anecdotes of a handful of cases where the outcome was not how they would have wanted it. Yet, most people will never be in that spot, because they don’t have anything that anyone would want to consume.

If I had produced something of value I want to protect, I wouldn’t make it open in the first place. Every piece of your code will be used to feed LLMs, regardless of your license.

It is perfectly fine to slap MIT on your JavaScript widget and let some junior in some shop use it to get their project done. Makes people’s life easier, and you don’t want to sue anyone anyway in case of license violations.

If you’re building a kernel module for a TCP reimplementation which dramatically outperforms the current implementation, yeah, probably a different story

GitHub is a place you can use to easily put a copy of your code online. Many people just want to build a working solution and move on. Building a useful GitHub project, with fancy stuff like releases, is work that isn’t really solving any issues. Many people don’t like doing it. Many people especially don’t want to invest time in proprietary solutions like GitHub. They might not even accept pull requests on GitHub.

Quality assessment though 😄

Possibly relevant: https://en.m.wikipedia.org/wiki/List_of_wealthiest_religious_organizations

That makes sense, but my understanding is, what Google considers Family content is not an add-on to regular content. Your content is not also for children, it is catered towards them. This implies using dedicated Google functionality, special SDKs, and so on, to comply with law. So your product needs to be designed in a very specific way to be eligible. I’m not aware of how Google Play restricts children from installing certain apps, but you can always install an app through a parental supervisor account.

To me, this story seems like a lot of crying over a situation that is not fully explained.