Skip Navigation

talkingpumpkin

@ talkingpumpkin @lemmy.world

Posts
14
Comments
267
Joined
3 yr. ago

  • An update on rust-coreutils in Ubuntu

    Jump

  • TLDR:

    Current status for 26.04 LTS

    We shipped rust-coreutils as the default in Ubuntu 25.10 to maximise real-world testing ahead of the LTS. Based on the audit findings and remediation progress, here is where we stand for Ubuntu 26.04 LTS.

    We have included the latest upstream release 0.8.0 in Ubuntu 26.04, which incorporates the bulk of the security fixes.

    cp, mv, and rm continue to be provided by GNU coreutils in 26.04. These utilities have remaining open TOCTOU (time-of-check to time-of-use) issues (8 as of Apr 22, 2026) that need to be resolved before we are confident shipping them.

    Our plan is to address the remaining issues as soon as possible and target Ubuntu 26.10 with 100% rust-coreutils.

  • Looking for a way to have a web interface for shell commands

    Jump

  • Maybe the fr*nch aren't so bad after all

    Jump

  • Maybe someone can get upset by reading that word?

    Must be US people? Because I don't know anyone else who is offended by "fuck" and ok with "f*ck".

  • Alright let's see pictures of your super nice rack-mounted, professionally installed labs. I'll start 🙃

    Jump

  • (OT) what did you use to annotate the picture?

  • Thorough backend course suggestions?

    Jump

  • For the technologies/standards (CORS, websockets, cookies, etc.) I'd recommend reading the wikipedia article and then the relevant RFC/standard (which will surely be linked from wikipedia).

    The server side things you mentioned (sessions, rendering, etc) are functionalities/techniques/patterns that different frameworks implement in different ways, so I'm not sure there's much material that talk about them in general (or much to say about them in general)... you'll probably have to explore them in deep with your framework/s of choice (ie. looking at how the framework implements that functionality rather than just using it).

  • If not Github, where would you host your projects?

    Jump

  • Some alternative self-hosting options (besides full-fledged "forges"):

    If you don't need issues and stuff, you could just use git and back it up (by copying or cloning/updating to some other machine).

    You could deploy soft-serve, which is a self-contained git/ssh server with cool cli (beware: it's not super performant on large repos, so don't host a clone of the linux kernel on it). Since you'll use it via ssh, you don't have to bother with https, certificates, reverse proxies and stuff.

    If you are willing to put some effort into it, the (imho) coolest option would be to use radicle, which is a p2p forge (beware: documentation is not great, and - even if the "core" is solid - the cli tools are very much beta still).

  • The Claude Code Source Leak: 512,000 Lines, a Missing .npmignore, and the Fastest-Growing Repo in GitHub History

    Jump

  • My guess they are not even gonna challenge the "clean room" rewrite legally: the damage is done and it's not really gonna be mitigated if they manage to take down the rewrite.

  • The Claude Code Source Leak: 512,000 Lines, a Missing .npmignore, and the Fastest-Growing Repo in GitHub History

    Jump

  • Anthropic pulled the npm package within hours and issued a statement: the exposure was "a release packaging issue caused by human error, not a security breach."

    I'm sure they chose the words "human error" to also imply the error is not to blame on their LLM, which remains an open question after reading the article (and likely will forever, although at the very least it would seem like the LLM did not detect this mistake).

  • Why Oracle APEX Is Still One of the Most Underrated Tools for Enterprise Apps

    Jump

  • License: Oracle Technical Network License (proprietary)

    No, thanks

  • Deleted

    Permanently Deleted

    Jump

  • I'm currently running tumbleweed on my main, mostly because that's what I happened to install last time I rebuilt my desktop.

    I've been running other distros before, and I must say that (bar a couple bad experiences) I could still be using any of them.

    Tumbleweed is the first rolling distro I've used for a prolonged time (3 or 4 years now?): before I only did two short experiments with void linux (loved it, but I'd rather have systemd) and manjaro (I was still young and stupid).

    I don't think I'll go back to non-rolling: tumbleweed never broke on me (and if it did, it has snapshots) and being rolling there is zero update stress (has the new version come out? what's new? should I update now or wait for for the .1?).

    Next time I install I will probably try nixos (which isn't really rolling - but it's not non-rolling either), which I've been using on servers for a while now and fell in love with (love-hate, that is: the learning curve is steep, the documentation poor, and there are infuriating points - but I feel like it's still more than worth it).

    As you will have noticed I'm not even considering "immutable" distros: honestly, I don't see the point there (they seem like a lot of effort to solve problems I don't have).

  • Deleted

    Permanently Deleted

    Jump

  • Orion for Linux released in Early Beta

    Jump

  • Still, some neckbeards only wanna use software from orgs who are in it “for the love of the game”.

    Nope, that's just you fighting strawmen and labelling people who don't hold your same opinion "neckbeards".

    I would be excited for a new FOSS browser regardless of specific features, and I could be excited for a non-FOSS one if it had particularly promising features that are not provided by any FOSS browser. As far as I can see, Orion does not fall in either category.

    BTW marketing a product for its privacy (or security) without it being open source amounts to having "trust me bro" as a slogan... of course one is free to trust whoever they want to.

  • Orion for Linux released in Early Beta

    Jump

  • It's not FOSS, so I couldn't possibly care less. That said, best of luck to you!

  • Deleted

    Permanently Deleted

    Jump

  • on windows it would be to scan your stuff,make sure its the real site etc

    It's the same on Linux (*), with two big differences:

    1. you'll install most (all?) of your software from the repos of your distro of choice, so most of the times you don't have to worry
    2. linux is inherently more secure than Windows (and AFAIK there are less viruses targeting it, either because they are harder to write or because it's a smaller target), so you are not as likely to catch viruses.

    If you install niche software from app stores (even reputable ones), you'll have to make sure to check it's the real deal (I think both the snap store and flathub had fake cryptowallets?), but if you stick to relatively mainstream software you'll be fine (I mean, it's not like you'll find fake versions of steam or blender on flathub).

    That said, the risk is there just as with Windows (or your phone, or anything else): a good operative system helps, but ultimately you are the real line of defense.

    (*) well, IDK about scanning... generally speaking, if you feel like you have to scan something before opening it, just don't open it :) (yeah I know it's not possible if - eg - you receive files from customers)

  • Deleted

    Permanently Deleted

    Jump

  • i use an hp printer,and need to be able to use it on linux.

    Then research if your specific model has compatibility issues (AFAIK HP stuff generally works well, but... it's up to you to check before buying)

    i expect to be able to use the laptop and not think about the os too much

    That will happen, if you are lucky or if you buy hardware that specifically supports linux.

    Would you expect macos to run on a dell computer? would you expect windows to run on a mac? linux has much broad compatibility but is no different: if it doesn't work on your PC it's not linux's fault.

    my goal of using linux is being far from malware

    Just follow basic hygiene and you'll be fine. Most importantly, don't install malware yourself (chrome is available on linux too and, sadly, it's also widely used).

  • What to selfhost if you have a lot of bandwidth

    Jump

  • I've not looked into it much yet, but https://radicle.xyz/ seems interesting.

    It's kinda a bittorrent-powerd codeberg and it looks like it's worth playing around with (even though it might not get you rid of much bandwidth... IDK how popular it is, but source usually doesn't weigh that much).

  • We Overhauled Our Terms of Service and Privacy Policy - Another VC funded bait and switch

    Jump

  • Thanks for checking and reporting back! (I was too lazy to do that)

  • We Overhauled Our Terms of Service and Privacy Policy - Another VC funded bait and switch

    Jump

  • Doesn't the AGPL just say that you can't keep your changes/improvements private? (honest question: I seem to recall so, but I'm not really sure)

  • Curious about the relationship between Red Hat and Fedora

    Jump

  • I just meant that anything can happen eventually - debian wasn't the happiest example

  • Curious about the relationship between Red Hat and Fedora

    Jump

  • could Red Hat eventually take control of the project?

    Yes, and they could eventually take control of debian too.

    Why bother mitigating such far-fetched risks though?

    The mitigation cost is similar to the remediation one (ie. you'll just have to switch distro either way), and it's also likely to go down as the risk increases (ie. people will fork off fedora far sooner than the risk of it actually doing whatever bad things you fear Red Hat is gonna do to it becomes a practical concern).

    BTW: are you aware the Linux Foundation is an US entity and funded by (among others) most US IT megacorps? (interestingly, amazon/aws is only a silver member - Bezos must really be a cheapskate)

  • Programming @programming.dev
    talkingpumpkin @lemmy.world

    CLI for codeberg/forgejo?

  • Nix / NixOS @programming.dev
    talkingpumpkin @lemmy.world

    Here's a nixos-rebuild wrapper script that formats and colorizes traces

  • Nix / NixOS @programming.dev
    talkingpumpkin @lemmy.world

    (home manager) can i somehow put ~/.local/bin before ~/.nix-profile/bin in my $PATH?

  • Selfhosted @lemmy.world
    talkingpumpkin @lemmy.world

    Private network storage for my users?

  • Europe @feddit.org
    talkingpumpkin @lemmy.world

    Trump says he will meet Putin in Hungary in bid to resolve Ukraine war

    www.euronews.com /2025/10/16/trump-says-he-will-meet-putin-in-hungary-in-bid-to-resolve-ukraine-war
  • Europe @feddit.org
    talkingpumpkin @lemmy.world

    Highlights from Trump’s speech at the UN

    www.whitehouse.gov /articles/2025/09/at-un-president-trump-champions-sovereignty-rejects-globalism/
  • Europe @feddit.org
    talkingpumpkin @lemmy.world

    UK, Canada and Australia recognise Palestinian State

    www.euronews.com /2025/09/21/uk-australia-and-canada-recognise-palestinian-state-in-historic-diplomatic-shift-ahead-of-
  • Europe @feddit.org
    talkingpumpkin @lemmy.world

    NATO at War With Russia, Kremlin Says

    www.newsweek.com /nato-russia-war-putin-ukraine-trump-kremlin-2129891
  • Italy @lemmy.ml
    talkingpumpkin @lemmy.world

    Il surreale caso della traduzione mancante su Almasri che non mancava affatto - Il Post

    www.ilpost.it /2025/08/08/traduzione-almasri-nordio-bartolozzi-giustizia/
  • Selfhosted @lemmy.world
    talkingpumpkin @lemmy.world

    Why mount /etc/timezone and /etc/localtime in containers?

  • Selfhosted @lemmy.world
    talkingpumpkin @lemmy.world

    Simpler alternative to prometheus-alertmanager and/or graphana?

  • Linux @lemmy.ml
    talkingpumpkin @lemmy.world

    Do you know if it's possible to run a second session in a window?

  • Selfhosted @lemmy.world
    talkingpumpkin @lemmy.world
    SOLVED

    Weird (to me) networking issue - can you help?

  • Selfhosted @lemmy.world
    talkingpumpkin @lemmy.world

    Simplest tool to maintain local mirrors of git repos?