|
carry on then posted:he's actively comparing himself lol. also this seems really dirty on github's part thats hosed up i dont care what his reason was, but deleting code used by a bunch of idiots rules and its lovely that github undid it. dont use github
|
# ? Jan 10, 2022 04:40 |
|
|
# ? Mar 28, 2024 10:11 |
|
Kazinsal posted:for real lol if you're gonna be ok with that then you also gotta be okay with the other side of "i am a big corp and want to use this permissively-licensed software for free, oh no what is that man doing to his anus"
|
# ? Jan 10, 2022 04:41 |
|
Shaggar posted:thats hosed up i dont care what his reason was, but deleting code used by a bunch of idiots rules and its lovely that github undid it. dont use github but microsoft owns github shaggar, won't this cause a rip in spacetime if you don't like it or something
|
# ? Jan 10, 2022 04:41 |
|
devops is better
|
# ? Jan 10, 2022 04:42 |
|
shaggar only approves of properly licensed installations of visual sourcesafe
|
# ? Jan 10, 2022 04:46 |
|
cinci zoo sniper posted:any language where it’s not common to import an external dependencies called e.g. “isequal” or “reverse_string” faker.js wasn't the most exciting of packages, but it did do something useful that you won't find in any language's standard library rather than being just a stupid js thing
|
# ? Jan 10, 2022 05:43 |
|
Plorkyeran posted:faker.js wasn't the most exciting of packages, but it did do something useful that you won't find in any language's standard library rather than being just a stupid js thing and now it's a new and unique type of stupid js thing lol. lmao.
|
# ? Jan 10, 2022 05:47 |
|
i like sourcehut in case anyone was wondering almost as much as how
|
# ? Jan 10, 2022 06:37 |
|
what do colors and faker actually do?
|
# ? Jan 10, 2022 07:23 |
|
probably extremely basic things that anyone who knows any amount of javascript could do without relying on yet another package
|
# ? Jan 10, 2022 07:28 |
|
haveblue posted:what do colors and faker actually do? colors gives you symbolic names for different colours. faker generates bogus data for testing your poo poo with
|
# ? Jan 10, 2022 07:54 |
|
Kazinsal posted:for real lol we live in a world where billion dollar companies increasingly ask for free tech support, sometimes from people struggling to pay their bills. yes, it's permissively licensed, but don't act surprised if something is changed that breaks whatever your use case is or the project is abandoned as the author owes you nothing
|
# ? Jan 10, 2022 08:25 |
|
Kazinsal posted:for real lol I see poo poo like this surprisingly often in oss community. Someone does a permissively licenced project, spends x years on it, it takes off, he burns out on supporting users all the time and then goes "wtf, I spent years and have no money from it wtf, why aren't corporations paying me". Turns out people be stupid.
|
# ? Jan 10, 2022 08:26 |
|
people conflate foss and oss, much to oss’ benefit. the foss crowd’s hail mary was the GPL3, to which everyone was like “lmao no”. still good PR to have the hippie “it’s free and open source mannnnn” image floating around when the reality is that whoops 98% of all traffic that’s encrypted is using openssl, a project by Some Dude in their spare time.
|
# ? Jan 10, 2022 08:35 |
|
Phone posted:people conflate foss and oss, much to oss’ benefit. and every time there's something like heartbleed, shellshock or the log4j exploits, everyone freaks out while yelling "HOW IS THIS POSSIBLE!? THESE PROJECTS ARE CRITICAL INFRASTRUCTURE AND NEED SUPPORT!!" then two weeks later all is forgotten and it's back to business as usual
|
# ? Jan 10, 2022 08:51 |
|
the timing is beautiful he started complaining about not getting paid for his open source code a couple months after bombmaking materials were found in his apartment I guess he couldn't find a defense lawyer who'd take bitcoin edit: lmao https://twitter.com/t3dotgg/status/1480359483758895105
|
# ? Jan 10, 2022 09:41 |
Blinkz0rz posted:that's just more exposure. beyond self-hosted as hobbesmaster mentioned, any package manager where the uploaded packages aren't audited would suffer from this exact same issue. it's literally a feature of package managers that a new version can be distributed by the package owner. yeah, i meant “owning half a galaxy via package that allows you to print red text to terminal” under “where this can’t happen”. supply chain attacks are obviously possible in principle in any software distribution environment where authors may change theirs as they please
|
|
# ? Jan 10, 2022 10:37 |
Plorkyeran posted:faker.js wasn't the most exciting of packages, but it did do something useful that you won't find in any language's standard library rather than being just a stupid js thing the other one, however, was a comedy-tier library
|
|
# ? Jan 10, 2022 10:45 |
|
Xarn posted:I see poo poo like this surprisingly often in oss community. Someone does a permissively licenced project, spends x years on it, it takes off, he burns out on supporting users all the time and then goes "wtf, I spent years and have no money from it wtf, why aren't corporations paying me". caused by idiotic open source mysticism implying there are rewards for and inherent goodness in this kind of work, plus of course moron users thinking they are owed anything at all. perfectly valid to intentionally break the thing, the dev owes the users nothing.
|
# ? Jan 10, 2022 11:22 |
|
Main Paineframe posted:the timing is beautiful everyone loves open source project sabotage duck
|
# ? Jan 10, 2022 15:24 |
|
Cybernetic Vermin posted:caused by idiotic open source mysticism implying there are rewards for and inherent goodness in this kind of work, plus of course moron users thinking they are owed anything at all. perfectly valid to intentionally break the thing, the dev owes the users nothing. the rewards are endless idiots slam-pasting useless logs and config data into your issue queue with only "thing broken" as further description of the problem
|
# ? Jan 10, 2022 16:18 |
|
Clark Nova posted:I hope he gets his six figgie contract https://twitter.com/dril/status/831805955402776576?s=20
|
# ? Jan 10, 2022 16:24 |
|
Hed posted:I got some Yubikeys to gently caress around with. Does anyone actually use these widespread at their work? Or smartcards at all? we use them for ssh keys for everyone at my office
|
# ? Jan 10, 2022 17:26 |
|
The built in support for u2f/fido in openssh is really nice now. Hopefully more dumb web stuff will have built in support for it in the future too.
|
# ? Jan 10, 2022 18:42 |
y’all remember the bespoke german contact tracing app that got mentioned itt recently? guess where cops turned in for some location data https://www.washingtonpost.com/world/2022/01/13/german-covid-contact-tracing-app-luca/
|
|
# ? Jan 13, 2022 15:26 |
|
lol. that's a great way to ensure no one uses your app
|
# ? Jan 13, 2022 15:48 |
|
cinci zoo sniper posted:y’all remember the bespoke german contact tracing app that got mentioned itt recently? guess where cops turned in for some location data lol quote:There has been public resistance in Europe against the use of such apps, especially in Germany and Austria, where memories of authoritarian-government excesses from the past century linger. yeah those governments were just a bit excessive id say
|
# ? Jan 13, 2022 15:55 |
yeah it’s a bit low quality conflation
|
|
# ? Jan 13, 2022 16:03 |
|
https://twitter.com/0xdabbad00/status/1481655942303281154
|
# ? Jan 13, 2022 17:32 |
this is uhm…. ehrm, sorry, lemme check what the guidebook says for this situation. hmm, it’s apparently “ungood”
|
|
# ? Jan 13, 2022 17:50 |
|
now torrenting aws_leak_complete.zip (1/572657853287)
|
# ? Jan 13, 2022 17:52 |
|
hmm. seems bad.
|
# ? Jan 13, 2022 17:57 |
|
does this mean that things are lookin up for GCP??? my rsus are curious! (lol no the stock market absolutely does not care about infosec)
|
# ? Jan 13, 2022 18:02 |
|
aws now has much more decentralized availability, number go up
|
# ? Jan 13, 2022 18:39 |
|
haveblue posted:now torrenting aws_leak_complete.zip (1/572657853287)
|
# ? Jan 13, 2022 18:50 |
|
duz posted:maybe people will learn to not just blindly update dependencies, i say about what might be the worst package manager Yeah. We actually use faker at development time. When the new, weird version came out, we looked at it, thought "Hmm, this looks like something weird is going on" and did not upgrade.
|
# ? Jan 13, 2022 20:40 |
|
what's faker do anyway
|
# ? Jan 13, 2022 20:54 |
|
wonder what this white house open source security meeting is going to be like. I would love to hear Oracle's suggestions
|
# ? Jan 13, 2022 21:08 |
|
Jenny Agutter posted:wonder what this white house open source security meeting is going to be like. I would love to hear Oracle's suggestions
|
# ? Jan 13, 2022 21:17 |
|
|
# ? Mar 28, 2024 10:11 |
|
spankmeister posted:what's faker do anyway lorem checksum
|
# ? Jan 13, 2022 21:17 |