Profile cover photo
Profile photo
arnaud jeansen
arnaud jeansen's interests
View all
arnaud jeansen's posts

Post has attachment

Post has attachment
arnaud jeansen commented on a post on Blogger.
Thanks for the nice tip, I had never heard of ssh-import-id before.
(And I now use it in the more mundane way)

However, I guess that this LXD+ssh-import-id requires the container to be created from a standard ubuntu image.
I tried this with ubuntu-core and this doesn't work... at all. And unless I am mistaken, ssh-import-id is not available as a snap, so that seems like a dead end. :(


Post has attachment

Post has attachment

Post has shared content
In other news: npm loads unsigned packages, Javascript developers load stuff like the eleven lines below as a library, and the npm package repository owners are actors that have no proper resolution process for rights to names of modules or whatever.

What happen?

Azer Koçulu writes modules for nodes and published these through npm. One of the modules is called kik.

Kik is not only a company that sells badly fitting clothing made through child labor in poor countries, but also the name of some messenger application that wishes it were WhatsApp.

Kik set upon Azer the bomb, in the form of their lawyers, asking him to rename or delete the kik module because name rights and trademarks. Azer didn't care.

So they went to npm. npm unpublished the kik module written by Azer.

Azer realizes that npm is actually a private facility with no proper conflict resolution that holds his modules hostage. Azer unpublishes all his modules, over a hundred. Among them stuff like below, which is trivially simple and used by everybody.

About everything breaks, including node.js itself and many other things.

Also, the names of these modules are now free in JS namespace and npm land. Anybody can publish modules named like these and they will be npm'ed and installed instead of Azers code. Yay! No sigs for nobody! Because agile, you know?

The story so far:


Things go boom:

Comment on the no-signature-situation here:

Laurie Voss un-unpublishes the Left-Pad module,

which of course fixes nothing, and is technically a copyright violation if you assume that the source below is complicated enough to count as small coin and sets dangerous precedent. Laurie Voss acknowledges all that in his tweets.

Meanwhile serious developers are sitting at the sidelines, munching popcorn. See also

Post has shared content

Post has shared content

Post has attachment
I usually don't expect this kind of video when researching architectures for work.

Post has shared content
Soon I will be adverse to changes it seems.
How we perceive Technology through Lifetime

Hat der +Kai Spriestersbach letztens auf Facebook geteilt <3

Post has attachment
Wait while more posts are being loaded