When on God’s green earth would someone want to delete the partition table and not immediately create a new partition?

counterpoint: https://wiki.archlinux.org/title/Btrfs#Partitionless_Btrfs_disk

Btrfs can occupy an entire data storage device, replacing the MBR or GPT partitioning schemes,

I really like this take on it: https://forgejo.org/docs/latest/user/actions/github-actions/#familiarity-instead-of-compatibility

For all of these reasons, Forgejo Actions strives for familiarity instead of compatibility. We want users of GitHub actions to feel familiar using Forgejo Actions, even if there are some small changes here and there. Workflows should work with some minimal changes.

I think the same thing applies to Linux DE’s. Linux is not and never will be a 1 for 1 to windows workflows. If we chase perfect compatibility, we will be perpetually behind on a wild goose chase.

But, doing things like what KDE does, where most of the common keyboard shortcuts are the same, and things like virtual desktops allow for similar workflows with very little adaptation, is very reasonable.

Ah, I see.

A quick search leads me here: https://discourse.nixos.org/t/nix-on-windows/1113/105

which you might have seen before. It is a very long post, but some people mention having achieved what you want.

Multiple options:

~~Use flake-utils: https://github.com/numtide/flake-utils#example~~

Create a helper function: https://ayats.org/blog/no-flake-utils (what I do)

~~flake-parts: https://ayats.org/blog/no-flake-utils#option-a-flake-just-for-yourself , https://github.com/hercules-ci/flake-parts~~

But this is one of the things I find annoying af about nix flakes. Reproducibility is a spectrum, and I think focusing on “purity” over being able to easily ship it to multiple architectures, or not being able to use the GPU is a step too far on that spectrum for the vast majority of usecases. I can understand why scientific computing or anything that needs absolute precision might want it, but most people only just want the same versions of packages installed in their development environment.

EDIT: whoops forget everything I said, you are asking for cross compiliation of a dev env to Windows. Nix doesn’t support Windows. It only supports linux. You can’t make a nix dev shell that works on windows.

How many devices and of how many types do you manage with how many people?

Automatically patch is another solution.

Of course it’s difficult on the tech side. You can do something like failover/high availability, and then auto update one and it fails over if something breaks.

99% of cybersecurity news is what I call “cyberslop” and probably actively harmful to consume.

The vast majority of it is either so trivial that somebody else handled it, and you don’t need to do anything. Like they often overhype a malware that doesn’t do any novel techniques to get onto your systems and has already been added to the antivirus database anyways.

Or it’s so grand in scale that you can’t do anything, like nation states doing nation state things. Interesting yes, but it’s ultimately a waste of my time to consume because it’s not actionable.

Only a tiny fraction of news is actually actionable. It’s usually stuff like cve’s or zero days and the like. I just only really pay attention to those and ignore everything else.

Better, is probably to subscribe to an actual vulnerability feed so you don’t have to go through the news cycle.

I hope we get something that’s not distro specific. Docker/podman work for a lot of stuff, but some apps/services aren’t available via them, and I really would like an alternative to snaps, which often can ship those apps.

Also, these and the fedora one mentioned in the other comment appear to target immutable distros. Snaps work on any distro.

Cuz there are more than just browser caches I would like to nuke.

Cuz bleachbit is more granular, seperating out site data and cookies, enabling me to delete the 1gb alpine docker image downloaded by https://github.com/MercuryWorkshop/anuraOS without logging me out of anything that is using cookies. Firefox doesn’t appear to have that option.

Edit: cuz I use multiple browser profiles, and this can delete cache from all of them at once instead of me having to do it once per profile 2-3 times.

Show is better than tell:

Often, when viewing images, firefox “caches” the image in order to be able to load it faster when visiting that site again. Left unchecked, this cache (of images and other assets) can pretty much infinitely grow. Many other apps also have big caches.

Bleachbit actually is useful. Instead of hunting through your system and accidentally rm -rfing the wrong folder and losing all your precious firefox profile data, it enables you to quickly nuke all caches, freeing up a significant amount of space. I would probably free up 15gb+ if I ran it based on these images.

EDIT: just ran it. I freed up 6gb of space. Not 15gb. Huh. Still, pretty good though, and if you are space starved (I used to use a machine with only 32 gb of storage TOTAL), then it’s useful to keep things slim.

while the production build runs entirely client-side without a backend server. I

This eliminates many, many potential security issues and is an excellent design choice.

In production, movie data is queried using an in-browser SQLite database via WebAssembly, e

Api tokens are also a stolen credential. They are getting stolen via things like unsandboxed malicious packages that search for them.

That is TeamPCP’s main modus operandi, they have an infostealer that tries to nab whatever credentials it can find, and then uses those to spread more.

dbt fusion

Seems to use the Elastic License: https://github.com/dbt-labs/dbt-fusion/blob/main/LICENSES.md

Which is simply not open source in the first place: https://en.wikipedia.org/wiki/Elasticsearch#Licensing_changes

Elasticsearch and Kibana would be relicensed from Apache License 2.0 to a dual license under the Server Side Public License and the Elastic License, neither of which is recognised as an open-source license.[

(although elasticsearch later changed back to the AGPL. As did Redis, and Mongo which also tried similar moves lmao).

It looks like there are a mere 4 Apache 2 (open source license) programs inside, but the other 40+ programs are behind that ELv2 license, so the program can’t really be called open core even (term when some of the program is open source but some features are paid only and not open source).

So no, DBT fusion is not FOSS. DBT Fusion is source available, which is the term used to refer to when you can read the source code but there are legal restrictions on what you can do with it.

it sucks that there seem to be no real non dead movement shooters. I am currently keeping an eye on:

• Quake live: has an active NA pickup games community
• Krunker.io : Mostly dead but many of the more dedicated players are still online, plus they host tournaments. Open source native Linux client.
• Warsow

And there were probably others. But so few.

Moderation, much as the average internet user loves to lambast it, is not an easy task at all.

This is exactly why you should use reddit lemmy as a forum instead of discord. One of the repeated problems I have seen in the emulation on android community, is that there are many entittled children, who harass and troll in these communities. Moderators have to ban them, but the bans are per server. That means that each server has to deal with the same troll who kicks up a fuss, and then ban them. And then they create a new account and repeat. I have seen communities and projects die due to harassment and trolling and it makes me sad.

But on reddit Lemmy, instance bans could be applied to ban problematic users from many communities at once, saving and deduplicating work.

Moderation is a lot of work, but moderating a reddit Lemmy community is ultimately a team sport, rather than an individual one.

some of us really care about ethics outside the scope of just what happens with the source.

And some don’t. There are a ton of corporate open source projects that use slack as their main communication channel. You can try to convince them. But here you’re just kind of preaching to the choir tbh.

What do you think the “F” in “FOSS” is all about?

Read the article I linked. It discusses problems with the term “FOSS”.

Though, you should also take a look at: https://en.wikipedia.org/wiki/The_Cathedral_and_the_Bazaar . Not every project actually wants to receive contributions from the public. Sometimes they only want to just dump the code on the net for people to review or fork.

https://www.gnu.org/philosophy/open-source-misses-the-point.en.html

There is a term to refer to projects like these: Open source. Open source, means to allow for collaborative development. User control of their systems, and/or privacy are not concerns when it comes to open source projects.

I disagree. There are many process failures and areas where security can be improved, independent of trusting a distro maintainer or developers.

For example, 2FA should probably be enforced for the process of publishing packages. It does appear to be enforced for new packages but older packages still have legacy settings. Github now forces 2fa for basically everything, and they applied that even to existing organizations and repos. There is no real reason that NPM (owned by Github) isn’t able to do the same.

Or another example, is sandboxed builds. Many of these packages, like NPM and Rust packages, have build time scripts, which are executed unsandboxed at compile/install time of these programs. That is how these NPM worms have been so pervasive. You don’t have to actually run the javascript package for it to do bad things, just merely installing it.

On the other hand, the build systems that distro’s use, often involve sandboxing the builds to limit the attack surfaces (including limiting network access). Although, Linux distros usually rip out build scripts and build systems in order to replace them with their own, but this also further limits the code you have to audit.

Even better is to sandbox the program itself to further limit harm but that’s not done on Linux distros and is somewhat outside the scope of this discussion.

If you are an NPM developer, I recommend Deno, with it’s built in, on by default sandboxing… that people like to disable. But it’s there and is better than giving random NPM package #245 access to your home directory. You could also use podman or docker but yeah.

One of the biggest difference is package signing, which is often multi party where multiple developers review changes and coordinate uploads.

There are others, like how Debian and Red Hat essentially maintain forks of software which they only apply cherry picked security updates to. This blocked the XZ utils backdoor, for example. Debian Unstable, Arch, and other distros which shipped newer versions of software got the backdoor. But not Debian Stable and Red Hat.

I wrote a long post here, in which I go more in depth: https://programming.dev/post/48171483/23081855

Not linux distro package managers.