seds boosted
Haelwenn /элвэн/ :triskell:
@rysiek And of course that's ignoring the real solution.

Supply chain risk is fucking easy to solve.
Know your dependencies, yourself as much as possible and then with other people you trust to make software repositories.
That's what distros are for, which also means that if you do not trust a software repo you've picked: Leave it.

It's also why I've been avoiding entire software ecosystems where dependencies are managed by stuff like dependabot without any reviewing process going on.
Or ones where librairies can't be packaged by themselves.
0
seds

Rule of thumb: companies that insist in the GPTW should be avoided. They are generally WPTW (Worst place to work)

0
seds boosted
Hacker News

Critique of Techno-Feudal Reason
news.ycombinator.com/item?id=3
#hackernews #tech

0
seds

Another terrible feeling to have: when one of your goals ends up being one of your worst nightmare

0
seds

it hurts to know that I had one expectation and the results were completely different.

0
seds boosted
pauho.net

Bet they don't have *this* emoji on twitter :catjam:

1+
seds

almost 32 years of Python, and they haven't had a chance to get a decent, fast package manager

:disappointed:

0
seds boosted
Hackernews

Open Source Textbook: Introductory Statistics with Randomization and Simulation - openintro.org/book/isrs/

0
seds

Berry, Alice and Muffin, pet family

0
Mastodon

The original server operated by the Mastodon gGmbH non-profit

Trending now

Resources

Developers

What is Mastodon?

mastodon.social

More…

v3.5.2 · Privacy policy