Testing is actually mandatory, what’s not mandatory though is to do it before deploying.

what’s feurking

An optional step in the développement process

Emacs? When there’s ed? Talk about bloat…

Personally I’d love to see more wider usage of S/MIME and/or PGP.

I’d rather see less. https://www.latacora.com/blog/2019/07/16/the-pgp-problem/ is a good summary about the issue and they have a shorter follow-up post about why encrypting mail in general is bad at https://www.latacora.com/blog/2020/02/19/stop-using-encrypted/

What I take issue with actalis, is that they don’t just sign your private key but you actually get the private key from them. It then depends on how much you trust the issuer.

By definition, that key can no longer be considered “private”.

Since this affects Linux and others, I’m guessing this is about OpenSSH. But I’m not very certain. Just can’t think of another candidate.

But holy sh, if your software has been running on everything for the last 20 years

This doesn’t sound like glibc as someone in the thread guessed.

A kind of interesting phenomenon. He comes in with his dog, cries that he doesn’t have a place to stay, Jon allows it for as long as needed and then… he just vanishes one day, leaving Odie with Jon, never to contact them again. Did something happen between the two? Was he ever real or a product of Jon’s mind? A wiki states:

According to Davis, Lyman’s original purpose was to be someone who Jon could actually talk to and express other ideas — a role gradually taken over by Garfield, himself.

It doesn’t reveal who gave Lyman that purpose; it could be that it was Jon himself who, over the years, got less attached to reality, so he got done with talking to and interacting with Garfield.

That or it’s just a lazy uninspired comic that only has a minimum level of continuity and doesn’t care to explain why a former choir character suddenly vanishes.

It actually works. I read over it

Edit: interestingly, that link is now gone

deleted by creator

Note: pressing continue doesn’t solve it, the instructions that follow don’t work because my adblock is DNS-based at system level.

They’re afraid of the drag dealers’ wrath

Also wildcard certificates are more difficult to do automated with let’s encrypt.

They are trivial with a non-garbage domain provider.

If you want EV certificates (where the cert company actually calls you up and verifies you’re the company you claim to be) you also need to go the paid route

The process however isn’t as secure as one might think: https://cyberscoop.com/easy-fake-extended-validation-certificates-research-shows/

In my experience trustworthyness of certs is not an issue with LE. I sometimes check websites certs and of I see they’re LE I’m more like “Good for them”

Basically, am LE cert says “we were able to verify that the operator of this service you’re attempting to use controls (parts of) the domain it claims to be part of”. Nothing more or less. Which in most cases is enough so that you can secure the connection. It’s possibly even a stronger guarantee than some sketchy cert providers provided in the past which was like “we were able to verify that someone sent us money”.

For most network share I use /mnt/$server.

I use /mnt/$proto/$server, though that level of organization was probably overkill. Whatever…

I do /volumX for additional hard drives.

A good first approximation.

So where in this setup would you mount a network share? Or am additional hard drive for storage? The latter is neither removable nor temporary. Also /run is quite more than what this makes it seem (e.g. user mounts can be located there), there is practically only one system path for executables (/usr/bin)…

Not saying that the graphic is inherently wrong or bad, but one shouldn’t think it’s the end all be all.

You think bland vegetables are your ally? You merely adopted them. I was born in them, molded by them. I didn’t taste flavored veggies until I was already a man, by then they were nothing to me but delicious!

The only hint at the other topic I see is this:

(not even considering some hostile emails that I recently received from the upstream developer or his public rants on lkml and reddit)

I guess this is about https://www.reddit.com/r/bcachefs/comments/1em2vzf/psa_avoid_debian/, and while I think the title is too broad, the actual message is

If you’re running bcachefs, you’ll want to be on a more modern distro - or building bcachefs-tools yourself.

I don’t consider Kent’s reasoning (also further down the thread) a rant - it might not be the most diplomatic, but he’s not the only one who has problems with Debian’s processes. The xscreensaver developer is another one for similar reasons.

I think, in fairness, bcachefs and Debian currently aren’t a good fit. bcachefs is also in the kernel so users can rest it and report, but it wasn’t meant to be stable; it’s meant to not lose data unrecoverably.

Anyhow, while I think that he’s also not the easiest person on the LKML, I don’t consider him ranting there; and with the author’s and my judgement differing in these points, I’m led to believe that we might also disagree on what qualifies as hostile.

Lastly, while I’m not a big fan of how Rust packaging works, it ensures that the program is built exactly the same on the developer’s and other machines (for users and distributors); it is somewhat ironic to see Debian complain about it, since they do understand the importance of reproducibility.

You must have missed the last half of the post then. Especially the last two paragraphs.

There’s isn’t much more to that issue than that sentence, while all other paragraphs cover the packaging. It’s tangential at best.

The OP is about packaging issues with userspace utilities due to version pinning in Rust. It’s an issue with Rust in general. Kent is not obligated to lock dependencies in any particular fashion. He could loosen the dependencies, but there is no obligation, and Debian has no obligation to package it.

This is different from the thread you linked in which the bcachefs kernel code and the submission process is discussed, and on which there was a thread here as well in the last days. But your criticism, as valid as it is, only applies there, not in a thread about tooling packaging issue.

Which is a completely different issue than what the post is about, hence my question

Submitting something that is generally problematic and yelling about how it will EVENTUALLY be good is a good way to get your shit tossed out.

What are you hinting at regarding this specific news?

Thanks for posting peertube content, it’s time people stop using YouTube

Technically correct, but the settings in there are not service specific. However, if there’s something worthy of reworking it’s probably the Authelia part