I treat warning as todos. Fix them all before I release something. I would only ever disable one if I know for a fact the warning is a false positive.

I would question why you are seeing so many warnings you are not sure about? If you keep on top of them you really shouldn’t have that many. Marking them all as allowed with a Todo comment feels just like you are burying you head in the sand.

I would leave them all there to keep nudging you to investigate and remove them. Hiding them behind a Todo will just mean you will ignore them. And warnings are important, they very likely point to a problem, even if that is just the code could be simpler. It is rare they are true false positives.

Looks like there is going to be a shift to using nftables in arch. The iptables package in core is currently for the legacy interface with an iptables-nft package for the new interface, but the core-testing iptables package is for nft interface and there is now a iptables-legacy package in core-testing.

My guess is they are moving packages that can work with nftables to depend on that instead of iptables which looks like it is shortly going to be using the new nftables interface anyway. Probably as part of migrating to nftables by default. Looks like docker does have experimental support for nftables in version 1.29 and that is when the dependency was added to the PKGBUILD script.

It does not look like nftables or iptables conflict with each other at a package level. And nftables can work with iptables rules.

It is probably worth just migrating to nftables now if you rely on managing iptables yourself.

I don’t fully believe this is purely an AI agent. Not after the moltbot incident raised how many humans where responsible for the posts on it. It just seems to be an attempt to make LLMs seems more autonomous then they actually are. It may have been written by an LLM, but I bet it was directed by a human trying to stir up drama.

You have picked some weird hills to die on there.

for x in list:

This is fine. Many languages now do it. The extra brackets around a for or if dont really add any clarity or make things easier or harder to read. This is the type of thing you just get used to and prefer what you are used to. You get over it quickly.

Why would you provide a way to type parameters but don’t enforce it at runtime?

This is a bit stupid, but really is legacy reasons for it. Since it didnt use to have static type declarations and wants to remain somewhat backwards compatible it needs to ignore them at runtime. But as a JS and PHP developer you should be used to this. Both do the same thing as python here with types (well, TS for JS and the many other attempts at getting types into JS). So it is weird that you are singling out python for this behavior.

Why so many different ways to declare an array-like structure? Tuples, Sets, Dicts, Lists?

DIcts are not array like here. Tuples sets and lists are all common is many languages as well. PHP is a real weird case here given everything, even arrays are effectively a dict - that is a strange language design feature. But Java is way worst for different types of array types in the language.

I’m mainly using it because of interoperability, easy to setup, i

What? I hate setting up python projects. Each one wants to use a different dependency or version manager. Yeah you might have python on most systems but they are all different versions and python is famously terrible at backwards compatibility. It seems every few versions they throw something in the breaks some existing scripts so you really need a version manager for things. Which is more complex setup and management of things. There are far too many different tools to help you with this and fetching dependencies which means if you work on lots of different projects by different people you have a hodge podge of diffing tools you need. It is a complete mess.

Personally I hate python as a language, but you have picked some minor points that IMO dont really matter or that the other languages you use also suffer from. There are far better things to pick from that are far more annoying in the language.

Upgrades is any security or big fix as well. Those tend to be quite safe in point release distros. Upgrading to a new point release version is has all the same problems the rolling release had over the same period all bundle in one messy upgrade (which makes them a huge pain to deal with as they often compound). But between those, the patch upgrades tend to be quite smooth.

I would say the over a longer time period rolling release break in bigger way less often. But they tend to have more but smaller breakages that are easy to trivial to fix.

Less chance of an update breaking things. Lots of small and frequent updates, instead of rare and large update packs/stacks.

I would say a rolling distro update has a higher chance of it breaking something. Each one might bring in a new major version of something that has breaking changes in it. But that breakage is typically easier to fix and less of a problem.

Point release distros tend to bundle up all their breakages between major versions so breaks loads of things at once. And that IMO can be more of a hassle then dealing with them one at a time as they come out.

I tended to find I needed to reinstall point release distros instead of upgrading them as it was less hassle. Which is still more disruptive then fixing small issues over time as the crop up.

It has an LTS kernel. Not a separate version. This does not make everything LTS. This is very different from LTS distros.

It is not just about your pc hardware. I much prefer running the latest software on it as I regularly use features from tools added in the last version of something. I would hate to have to wait 6 months to a year to be able to use new features that make my life easier. That might not be every bit of software I use but enough core things that I would notice.

I was not trying to brush away the differences for GPL 2 vs 3. My point was just that I don’t think a more permissive license on Coreutils would have caused every company to want to steal the code, get everyone using it and force out the GPLed version. But a more restrictive license (say one that infects other binaries on the system) would have meant fewer companies using it and thus fewer distros and everyone else using it.

But for other projects the balance is different and a more permissive license would cause issues. There are some projects that even the GPLv2 or even v3 is too permissive for.

sudo is not GPL3. It is not even GPL2. It is an old license that is just as permissive as the MIT license. It has never had any big problems with that being the case. I don’t think that coreutils being GPL has really done anything to force companies to contribute back to it. It is mostly fixed in its function and does not really have much room for companies taking and modifying it to a point where others will favor the closed version over the open on. And what it provides is fairly trivial functions overall that if someone did want to take part of it then it is not terribly hard to rewrite it from scratch.

GNU Coreutils is not the only implementation of those POSIX features - just the most popular one. FreeBSD has its own, there is busybox, the rust ports and loads of other rewrites of the same functionality to various degrees. None of that really matters though as they dont really add much if any value to what coreutils provides as there is just not that much more value to add to these utilities now.

And it is not like the GPL license of coreutils affects other binaries on the system. So if you dont need to modify it and it does not infect other things there is little point in trying to take it over or use an alternative.

MacOS does not use a later version because they cannot. But also they don’t care enough to even try to maintain their own.

GPL is important on other larger/more complex bits of software. But on coreutils/sudo IMO it does not matter nearly as much as people think it does.

Core Android and ChromOS don’t need to be FOSS because they use the GPL. You can use the Linux kernel without having to make everything that runs on it GPL as well. Things that run on the kernel are not derivative works of the kernel. These projects are FOSS because google at the time thought it would give them an advantage to make the FOSS.

If you add too many restrictions to a license it does not force companies to give their stuff away for free, it just means they wont use your project which can drastically stunt the growth of your project. If Linux had a more restrictive license to start with all that would of happened is no one would have heard of it today as companies would have created something else that they can use.

There is no one size fits all safest option. Details matter and each project needs to read the licenses and decide on which suits their needs best.

MIT is probably the safest option for a company creating a library wrapping their service where there is no real value in others taking that code. Or for simpler libraries that are fairly easy to reproduce so the need to steal the code is low. Or you just don’t care what others do with the code.

GPL is probably safest for some hobbies that does not care about companies and just wants everyone that is using their project to not bake it into a product they distribute. But also means companies likely wont want to use your project if it is a library.

LGPL might be a good option for library code if you want other companies to use and contribute back to some complex library you are using that is hard to reproduce in isolation.

Other licenses are needed if you want to prevent other hosted services from using your project without contributing back.

Different licenses exist for different reasons and it all depends on what you want for your project.

I don’t think there is a good license for that. The ones MongoDB used turned the open source community against them. But that is not really my point. I just mean that some projects using MIT won’t suddenly mean every company will start stealing and closing that software. Some things like coreutils and sudo just don’t have the commercial value to make that worth the effort. So there is no real need to worry about these two projects IMO. Other projects are a different story altogether though. Each project needs to make its own decision on what licence best suits it. The GPL is not the one and only license that is worth using.

Inertia also accounts for time and popularity. The longer something has been around and popular the more inertia it has and the harder it is for something to change it. Back in 1985 things had a lot less inertia then they do today - C and C++ have been gaining it constantly for 30 years since then.

Coreutils has little commercial value to take can create a proprietary fork of. There is little value that can be added to it to make it worthwhile. The same is for sudo - which has had a permissive licence from the start. In all that time no one has cared enough to fork it for profit.

Not saying that is true of every project. But at the same time even GPL software has issues with large companies profiting off it and not contributing back. Since unless you are distributing binaries the GPL does not force you to do anything really. See mongodb and their move to even more restrictive licences.

The GPL is not the only thing that stops companies from taking open software. Nor does it fully protect against that.

Not does everything need to be GPL. It makes sense for some projects and less sense for others. Especially libraries as that basically forces no company from using them for anything. Which is also not what you want from a library.

You can profit from GPL software. The only restriction is if you distribute it you also need to distribute modifications under the GPL.

GPL also does nothing for software as a service since it is never distributed.

GPL even explicitly allows selling GPL software. This is effectively what redhat do. They just need to distribute the source to those that they sell it to.

The US government does not like welfare programs because it gives money to the poor. They would rather give tax reliefs to the rich instead.

There is loads of evidence that welfare programs can save more money then they cost. But that does not funnel money to those in charge.

5 years is optimistic. More likely 10-20 years at least. Established languages have a lot of inertia and it takes a very long time for that to change.

While true and some will do it for that reason, I bet most do it simply because the friction to forking is so low.

Some might have an intention to work on it but then don’t or might start looking at it in detail then give up or get to busy or lose interest.

Others might just click it to save it for later.

And don’t forget all the people that click it by accident.

It’s not like it is a big investment to click the button.

I personally hate global menu bars. They do not work with focus follows mouse. The way menus currently work is fine for me and I would not want to lose that to, IMO, a much worst system. Any global menu implementation would need to be able to be disabled and better to have it off by default. And I would rather see effort in developing other features personally - though mostly as I would never use this feature.