IndieWeb post types

@shanselman I think my biggest concern now is 'code review now comes with a rousing game of Among Us', but I'm still weighing that concern in a larger context.

Ten years ago today, a new app arrived to strip the "media" out of social media, reducing messaging to two little letters. It burned bright, but not for long.

I recently went through a job search, and I thought it would be good to do a mini retrospective on the whole experience. Overall, it was a better candidate experience than the last time I interviewed so I want to believe that the industry is making progress.

Enhance and enrich your OpenAPI descriptions without creating conflicts in the source code using filters and overlays.

Just did a task that was open since Feb. 20th that will unblock six teammates doing full-time work starting this week. It took 5 minutes 35 seconds to finish. I will, again, learn nothing from this.

Attached: 1 image When you realise that people have been *planning* shitty jokes like this just for one day, for the likes

I really can only shitpost about the #xv debacle because the whole thing just makes me tired and sad. Anyone paying even a tiny bit of attention to the conversation about open source sustainability could have told you this was inevitable. And now we're watching people blame a volunteer trying to step back, and rehashing all the same old tired arguments we've been having literally for decades. It's just so tired and predicable and boring and sad.

so do alice and bob ever fuck or like what

My favorite Ren Faire story: I knew a guy who kept a Starfleet insignia pinned to the inside of his garb. A few times per season, some folks would come to the Faire cosplaying as a Star Trek landing party, investigating a “primitive” world. He would take them aside, show his insignia, and identify himself as a Starfleet officer on a cultural research mission. He’d call them out for breaking the Prime Directive and ruining his research. Then he’d demand to know what ship they’re from, and threaten to get them court martialed if they didn’t change into something less conspicuous.

Anyone who thinks commit signing is the answer to malicious actors, at a time when the web of trust has been killed by a lil green verified box, is foolish. Like sure they verify that someone who can log into a particular GitHub account is the author of a commit, but that… don’t mean shit when the author is malicious 🙃

Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.

You can absolutely push your development cycle to the limit, the fastest programmer with a completely comprehensive suite of tests, sure. Go for it. You will still be fundamentally hamstrung by not-fit-for-purpose tooling (JIRA), overly bureaucratic release processes, and slow deployment mechanisms. Yes, be the most efficient developer you can, work in small increments and iterate effectively, but it's just as important to remove systematic issues that hinder you and your team.

being forced to mute the word “backdoor” is queerphobic

hey does anybody out there have any thoughts about the xz compromise or perhaps have you thought of a way to relate it to some axe you have been grinding for 20 years

The clocks went forward an hour in the UK today, which raises an important question: when they go back in October will there be a compensatory Trans Hour Of Visibility?

If you want many eyes on your open source project, you need to get rid of assholes. Bad community management is a security risk. Assholes bully sole maintainers. Assholes gatekeep and keep maintainer numbers low. Assholes waste time on the mailing list with petty bullshit. If you fundraise, assholes are bullying your grant writers and community managers. Some of the best security contributors don't write a single line of code. They yeet assholes.