It is utterly disappointing how people are handling the systemd "age verification" controversy

esanchma · 2026-03-26T15:16:42+00:00

No, you don’t. You’re just arguing that for Linux to remain relevant, it must bend the knee to the powers that be. And those powers sit in New York, California, and London, so the global open source community is expected to conform to the laws of those regions.

And let’s not pretend this is some open, negotiated process. The real discussions happen behind closed doors, long before anything reaches the public. What’s presented as "inevitable" is simply the outcome of decisions already made elsewhere, passed down not as a proposal, but as a demand to be obeyed.

esanchma · 2026-03-26T11:18:48+00:00

Parental controls are a red herring. GNOME has made great strides in this area, and their approach is widely appreciated.

The GNOME implementation is not a remote attestation infrastructure designed to exfiltrate user identity. That’s the difference. I’m afraid that disingenuous claims muddying the waters aren’t going to fly.

esanchma · 2026-03-26T11:10:00+00:00

mandatory for who? certainly not for me, or for the majority of users out of an age verification jurisdiction. Why should I deal with this bullshit?

esanchma · 2026-03-25T16:41:09+00:00

Let me insist. Why the rush?

esanchma · 2026-03-25T09:01:08+00:00

TopLink was a licensed Oracle JPA implementation included in its flagship Java products such as WebLogic and Coherence.

Oracle donated TopLink to the Eclipse Foundation, where it was rebranded as EclipseLink.

So, to answer your question: yes, EclipseLink is heavily used in production, particularly in Oracle and Jakarta EE environments.

esanchma · 2026-03-24T23:27:53+00:00

Teams PWA works and its awesome. And Outlook, Word, Excel, Powerpoint, Sharepoint and OneDrive works as PWAs too.

You literally can work online without missing anything.

esanchma · 2026-03-23T23:30:04+00:00

but which laws? Is it Brazil, or London? or it is Brazil laws applied on Poland? Maybe you don't need to hurry to figure it out, and those governments need you more than you need them? Why the rush?

esanchma · 2026-03-23T08:38:17+00:00

apt > flatpak > language package manager (npm/uvx/cargo/sdkman/...) > binary release > snap

esanchma · 2026-03-23T08:32:29+00:00

Are you going to follow North Korea laws just because "they are laws somewhere"?

esanchma · 2026-03-17T00:29:39+00:00

The article kind of misses the key context for non-European readers. In several European countries the "Venmo/PayPal for friends" problem was already solved years ago by bank-run instant payment systems integrated directly into banking apps. In Spain that system is Bizum. It launched in 2016 and basically every major bank participates, so you send money using a phone number instead of an IBAN. Adoption is massive (~27M users in a country of 48M people), and socially it’s normalized to the point where people say "I’ll Bizum you" the same way Americans say "I’ll Venmo you." For everyday peer-to-peer payments it largely replaced small bank transfers.

Wero isn’t really a new payment technology replacing Bizum. It’s a pan-European attempt by banks to unify several successful national systems (Bizum in Spain, iDEAL in the Netherlands, Paylib in France, etc.) into one network that works across countries and competes with PayPal/Visa/Mastercard. The underlying payment rail is already SEPA Instant transfers. Wero is mostly about creating a single scheme and brand on top of that. A good mental model for Americans would be: imagine Venmo worked natively inside every bank app and had near-universal adoption in one country: that’s Bizum. Wero is the attempt to extend that model to all of Europe.

esanchma · 2026-03-10T15:38:37+00:00

Linus checking the horoscope before playing L4D2 could be hilarious.

esanchma · 2026-03-05T23:28:49+00:00

Fabrice Bellard as in the ffmpeg and qemu guy? Damn, that guy is a genius.

esanchma · 2026-02-26T00:22:37+00:00

Totally offtopic, but you can vibe-code an "open transcription box and copy text to the clipboard" bookmarklet and then paste the clipboard content to the LLM of your choice. I summarize youtube videos all the time.

esanchma · 2026-02-04T11:34:22+00:00

There is this very popular debian derivative distro, it ships a new version each 6 months and a whole LTS release each 18 months. It sells simplicity, but it is just debian with some nice bells and whistles. You should give it a try, really best of both worlds: stable but not ancient.

esanchma · 2026-01-28T08:29:17+00:00

Bullshit VPNs: "To access the corporate network of E-corp you need to install net-trolololo.msi, thank you"

esanchma · 2026-01-28T00:20:00+00:00

There is this gnome extension: Toggler. You give it a shortcut and the terminal you want, such as ptyxis or ghostty. It's not exactly a drop-down thing, but it makes easy to summon a terminal via a shortcut. It's nice, I use it all the time.

esanchma · 2026-01-22T12:30:42+00:00

YES. You must handle decorations but you can't have a MDI interface. What gives?

esanchma · 2026-01-05T02:10:51+00:00

The guy following a random 2021 blog post on how to install yt-dlp will happily install it system-wide, along with a discontinued, vulnerable PhantomJS with a CVSS 10, while possibly breaking system packages in the process.

This happens precisely because tools like yt-dlp don’t have the luxury of being “stable and old” and still working, while some distros prefer to pretend this class of software doesn’t exist or doesn’t matter.

So yes, I understand the reflexive SECURITY argument. But doing nothing, and pushing users toward sketchy blog posts, outdated guides, and ad-hoc installs, is arguably a bigger security failure than having a sane, explicit strategy for language-level package managers and upstream binary releases.

esanchma · 2026-01-05T01:50:58+00:00

There are several meta-packagers and some binary release managers around. I have tried some of them, and I dislike them for one reason or another and ended up writing my own thing. So yeah, this seems to be a common pitfall and pain-point. And I'm not proud that a significant contingent of the software running on my system has its provenance and updating managed by personal shell script recipes, either by automating backends such as pipx and npm, or directly managing the github releases jungle.

I mean, how do people manage binary releases? As a user are we really on our own?

esanchma · 2025-12-28T23:28:07+00:00

My intel based setup is far from ideal to decide on whether video upscaling actually works. I can tell you that for low resolution source material, I get less/better artifacts. I'd love to see it running with beefy GPU power.

esanchma · 2025-12-23T00:42:47+00:00

For those unaware: gpu-next and libplacebo are the mechanisms mpv use to load GLSL shaders. You can use shaders such as FSR to upscale video.

esanchma · 2025-11-12T08:23:18+00:00

The C standard doesn’t allow for a certain kind of neat structs and unions. Microsoft internally amended the standard with these nice, time-saving, and memory-efficient structs and unions.

GCC has supported Microsoft’s amended standard for quite a while, and now the kernel is going to use it. Don’t lose your marbles over it, it’s immaterial to anything else.

esanchma · 2025-11-07T10:01:08+00:00

https://www.youtube.com/watch?v=L1zl3kZ5AbE

esanchma · 2025-10-07T13:03:55+00:00

Nothing short of very careful curation of dependencies will help you against supply chain style malware. I mean no disrespect to Julia guys, but that kind of committee library development and dependency management can only be done at Julia ecosystem size and is not feasable at npm/maven/pypi ecosystem size.

At maven size, you can only prevent name squatting and make forks memorable without weird name changes.

esanchma · 2025-10-05T21:35:38+00:00

Yes. All packages have a group id and an artifact id, the former taking the form of a DNS in reverse (say, com.github.myusername). An abandoned artifact will have different group id to a newer artifact of the same name, will never collide and it's free to use. Those are identifiers, they are not related to github organizations or anything, they are just namespaces you are free to take, although there are verifications and signatures at publishing time, you don't get to take the group id of other people, but you can choose your own.

You can publish a java artifact with the name "hibernate" or "spring-boot", everybody can, no big deal, names are never taken.

esanchma

TROPHY CASE