(OT) what did you use to annotate the picture?

For the technologies/standards (CORS, websockets, cookies, etc.) I’d recommend reading the wikipedia article and then the relevant RFC/standard (which will surely be linked from wikipedia).

The server side things you mentioned (sessions, rendering, etc) are functionalities/techniques/patterns that different frameworks implement in different ways, so I’m not sure there’s much material that talk about them in general (or much to say about them in general)… you’ll probably have to explore them in deep with your framework/s of choice (ie. looking at how the framework implements that functionality rather than just using it).

Some alternative self-hosting options (besides full-fledged “forges”):

If you don’t need issues and stuff, you could just use git and back it up (by copying or cloning/updating to some other machine).

You could deploy soft-serve, which is a self-contained git/ssh server with cool cli (beware: it’s not super performant on large repos, so don’t host a clone of the linux kernel on it). Since you’ll use it via ssh, you don’t have to bother with https, certificates, reverse proxies and stuff.

If you are willing to put some effort into it, the (imho) coolest option would be to use radicle, which is a p2p forge (beware: documentation is not great, and - even if the “core” is solid - the cli tools are very much beta still).

My guess they are not even gonna challenge the “clean room” rewrite legally: the damage is done and it’s not really gonna be mitigated if they manage to take down the rewrite.

Anthropic pulled the npm package within hours and issued a statement: the exposure was “a release packaging issue caused by human error, not a security breach.”

I’m sure they chose the words “human error” to also imply the error is not to blame on their LLM, which remains an open question after reading the article (and likely will forever, although at the very least it would seem like the LLM did not detect this mistake).

License: Oracle Technical Network License (proprietary)

No, thanks

I’m currently running tumbleweed on my main, mostly because that’s what I happened to install last time I rebuilt my desktop.

I’ve been running other distros before, and I must say that (bar a couple bad experiences) I could still be using any of them.

Tumbleweed is the first rolling distro I’ve used for a prolonged time (3 or 4 years now?): before I only did two short experiments with void linux (loved it, but I’d rather have systemd) and manjaro (I was still young and stupid).

I don’t think I’ll go back to non-rolling: tumbleweed never broke on me (and if it did, it has snapshots) and being rolling there is zero update stress (has the new version come out? what’s new? should I update now or wait for for the .1?).

Next time I install I will probably try nixos (which isn’t really rolling - but it’s not non-rolling either), which I’ve been using on servers for a while now and fell in love with (love-hate, that is: the learning curve is steep, the documentation poor, and there are infuriating points - but I feel like it’s still more than worth it).

As you will have noticed I’m not even considering “immutable” distros: honestly, I don’t see the point there (they seem like a lot of effort to solve problems I don’t have).

Look into https://www.scuttlebutt.nz/

Still, some neckbeards only wanna use software from orgs who are in it “for the love of the game”.

Nope, that’s just you fighting strawmen and labelling people who don’t hold your same opinion “neckbeards”.

I would be excited for a new FOSS browser regardless of specific features, and I could be excited for a non-FOSS one if it had particularly promising features that are not provided by any FOSS browser. As far as I can see, Orion does not fall in either category.

BTW marketing a product for its privacy (or security) without it being open source amounts to having “trust me bro” as a slogan… of course one is free to trust whoever they want to.

It’s not FOSS, so I couldn’t possibly care less. That said, best of luck to you!

on windows it would be to scan your stuff,make sure its the real site etc

It’s the same on Linux (*), with two big differences:

1. you’ll install most (all?) of your software from the repos of your distro of choice, so most of the times you don’t have to worry
2. linux is inherently more secure than Windows (and AFAIK there are less viruses targeting it, either because they are harder to write or because it’s a smaller target), so you are not as likely to catch viruses.

If you install niche software from app stores (even reputable ones), you’ll have to make sure to check it’s the real deal (I think both the snap store and flathub had fake cryptowallets?), but if you stick to relatively mainstream software you’ll be fine (I mean, it’s not like you’ll find fake versions of steam or blender on flathub).

That said, the risk is there just as with Windows (or your phone, or anything else): a good operative system helps, but ultimately you are the real line of defense.

(*) well, IDK about scanning… generally speaking, if you feel like you have to scan something before opening it, just don’t open it :) (yeah I know it’s not possible if - eg - you receive files from customers)

i use an hp printer,and need to be able to use it on linux.

Then research if your specific model has compatibility issues (AFAIK HP stuff generally works well, but… it’s up to you to check before buying)

i expect to be able to use the laptop and not think about the os too much

That will happen, if you are lucky or if you buy hardware that specifically supports linux.

Would you expect macos to run on a dell computer? would you expect windows to run on a mac? linux has much broad compatibility but is no different: if it doesn’t work on your PC it’s not linux’s fault.

my goal of using linux is being far from malware

Just follow basic hygiene and you’ll be fine. Most importantly, don’t install malware yourself (chrome is available on linux too and, sadly, it’s also widely used).

I’ve not looked into it much yet, but https://radicle.xyz/ seems interesting.

It’s kinda a bittorrent-powerd codeberg and it looks like it’s worth playing around with (even though it might not get you rid of much bandwidth… IDK how popular it is, but source usually doesn’t weigh that much).

Thanks for checking and reporting back! (I was too lazy to do that)

Doesn’t the AGPL just say that you can’t keep your changes/improvements private? (honest question: I seem to recall so, but I’m not really sure)

I just meant that anything can happen eventually - debian wasn’t the happiest example

could Red Hat eventually take control of the project?

Yes, and they could eventually take control of debian too.

Why bother mitigating such far-fetched risks though?

The mitigation cost is similar to the remediation one (ie. you’ll just have to switch distro either way), and it’s also likely to go down as the risk increases (ie. people will fork off fedora far sooner than the risk of it actually doing whatever bad things you fear Red Hat is gonna do to it becomes a practical concern).

BTW: are you aware the Linux Foundation is an US entity and funded by (among others) most US IT megacorps? (interestingly, amazon/aws is only a silver member - Bezos must really be a cheapskate)

…or we could just stop paying attention to him (which we will do when it’s no longrr funny). He can do as he wants :)

…and to think I used to actually be excited about bcachefs (back in the day)

┐(´-｀)┌

OP, you can also use named icons from your theme

[Desktop Entry]
Icon=folder-videos

I think you can use any name from stuff inside /usr/share/icons, but I’m not 100% sure