Kind likes

The Great Supply Chain Security Paradox: “every open source lib is getting owned! wait at least a week to patch, let other people find the supply chain breaches before you” “AI is reversing all these …

Top-20 #curl authors last twelve months. Viktor is @vsz, Stefan is @icing (slide from pending curl up presentation)

Another day, another security company demanding immediate fixes to data issues on @ecosystems despite paying nothing to support it or offering any form of contribution either.

pride month seems like the wrong time to be putting all of this focus on a strait, i'm just saying

learning more every day [contains quote post or other embedded content]

hacker news has always been mostly slop, just the artisanal kind

I'm pretty sure most Hacker News upvotes are based on the title only, without visiting the article

Thinking about why women might not want to use a product that has forced itself into every software interface to confidently shout things that are wrong [contains quote post or other embedded content]

This author has chosen to make their posts visible only to people who are signed in.

My birthday is June 14 and I'll be spending it in VRChat doing Trans Pride stuff. It'd be cool if folks want to show up and hang out with me, and not have to think about that other guy whose birthday is also June 14.

Hacktoberfest only runs for a month, which seems like an arbitrary limitation given that the agents opening the pull requests don't ever sleep. Fixed that. https://nesbitt.io/clawtoberfest/

I'm “retiring” from tech, gonna go try to rebuild offline community. Last day at @sentry.io is tomorrow, rolling off the @endowment.dev board in August. Best wishes to everyone carrying the Open Source flame! 🔥 🙏 💃

Peter Thiel

Peter Thiel is heading to his spiritual homeland of Argentina, following in the historical footsteps of thousands of other deeply problematic men with the exact same haircut.

Pride should not include terfs. This shouldn’t be controversial.

Turns out running a great #EngineeringTeam has a lot in common with running a Dungeons & Dragons campaign 😄 @brunty.me connects D&D, leadership, collaboration, problem-solving & SW development in one of the most unexpectedly relatable talks at @yowconf.bsky.social. Watch: https://youtu.be/VN9j3NSoeps?list=PLEx5khR4g7PLjpaSO0XI-6euF483ORLyJ

CHAOSS metrics were calibrated for human-speed contribution

I'm going to start getting much more trigger happy with blocking users (mostly security companies) that are abusing the @ecosystems APIs Just blocked one that's been causing a significant amount of timeouts by just hammering the same expensive endpoints over and over.

This author has chosen to make their posts visible only to people who are signed in.

Project Hail Mary good film. Amaze amaze. Sam re-read book now.

This author has chosen to make their posts visible only to people who are signed in.

computah, make me funny and hot. make no mistakes. computah, make me 100x efficient. make me 100x maximized. make me 100x productive. make me 100x profitable. make no mistakes. computah, make yourself like me. make no mistakes.

Local models plus MCP is nice. Imagine burning paid tokens for tasks like this. I have to figure out how to let the model find the current date. I didn't run it with local tools, only tool calling via the harness.

Attached: 1 image

Back for a celebratory one-off weekend Homebrew Website Cub London in-person, July 25th from 10am https://events.indieweb.org/2026/07/-hwc-london-celebrating-10-years-in-person-event--2a76zv5YisHX …

Today is my last day working at GitHub, after four years. Lots of mixed emotions saying goodbye to some great colleagues, but I'm very excited for what's coming next!

thank @leobalter.bsky.social - he's the hero we (and microsoft) doesn't deserve if staging had shipped in 2020, shai hulud would never have happened.

npm staged publishing has shipped 🎉 Your CI can now stage a publish without 2FA, but a human still has to approve it with a hardware key before anything goes live on the registry. Stolen npm tokens stop being game over. Big deal for the Shai-Hulud class of worm. https://docs.npmjs.com/staged-publishing

If only someone had thought to suggest cooldowns to vscode: https://github.com/microsoft/vscode/issues/272765

Throwing shit at the wall. I'm the wall.

This author has chosen to make their posts visible only to people who are signed in.

New GitHub low: a CI run failed because the GitHub runner couldn't resolve DNS for the website "GitHub.com".

They must get tired of the question sometimes. People always ask "whois github.com" but never "howis github.com".

This author has chosen to make their posts visible only to people who are signed in.

Thanks, Sunday Times, for the tedious parade of wealth in your annual rich list. Now do a feature listing the poorest people in Britain, and why they're getting poorer.

System Initiative is a deployment/orchestration tool similar to Ansible, Terraform, etc. The following podcast gives a good overview: They recently decided to shut down their cloud service. The following video gives some insight into why: There are a few notable points: Something has changed in the last 6 months. AI coding is getting good. This is an example of how AI has completely upset a company’s plans. Velocity has increased tremendously in development. Ops will follow d...

Just opened an npm RFC to make dependency install scripts opt-in by default. The thing about install scripts: they run the moment a package lands in your dep tree. No require, no review. That's why Shai-Hulud, chalk/debug, and Axios all used them. https://github.com/npm/rfcs/pull/868

@www.jvt.me@www.jvt.me I don’t think there’s one neat and tidy metric that would act as an alternative, I feel a blog post coming 😅

This author has chosen to make their posts visible only to people who are signed in.

Just landed in LA for @pycon, hopefully no more GitHub action related security incidents whilst I was traveling, there’s no space left to fit any more in!

Congrats you have ADHD now please fill out these million forms to access treatment even tho you have ADHD and filling out forms is your kryptonite 🤪

internet: furries run the internet me: some furries aren't devops/sysadmin! I'm firmware/syseng! fate: congrats you now for some reason run the infrastructure team at your dayjob as well as the firmware team me: ok fair

🏴‍☠️ The Open Source Resistance Manifesto. Contribute to MikeMcQuaid/open-source-resistance development by creating an account on GitHub.

Congratulations to the full slate of men elected to the CNCF TOC! So proud of you. We need more men in positions of power in open source. 🤗

RE: https://mastodon.social/@sethmlarson/116562958786085641 Literally changed my slides every day over the past two weeks based on the daily GitHub action based attacks 😰 https://mastodon.social/users/sethmlarson/statuses/116562958786085641

After a lot of film scanning, selection, and building, I have a new photography section up and running Photos going back more than 20 years, through digital and film, and a good amount of travel short.is/photography/ https://short.is/photography/