Your version is better than OP
Aussie living in the San Francisco Bay Area.
Coding since 1998.
.NET Foundation member. C# fan
https://d.sb/
Mastodon: @dan@d.sb
Your version is better than OP
I’ve seen many a terrible containerized monolithic app.
I’ve seen plenty of self-hosters complain when an app needs multiple containers, to the point where people make unofficial containers containing everything. I used to get downvoted a LOT on Reddit when I commented saying that separating individual systems/daemons into separate containers is the best practice with Docker.
Docker is still useful even for apps that compile to a single executable, as the app may still depend on a particular environment setup, particular libraries being available, etc.
Are there better alternatives for newbs who just wanna self host stuff?
Docker is great for a beginner, and even for an expert too. I’ve been self-hosting for 20 years and love Docker.
Back in “the old days”, we’d use Linux-VServer to containerize stuff. It was a bit like LXC is today. You get a container that shares the same kernel, and have to install an OS inside it. The Docker approach of having an immutable container and all data stored in separate volumes was a game changer. It makes upgrades so much simpler since it can just throw away the container and build a new one.
The main alternative to Docker is Podman. Podman uses the same images/containers as Docker - technically they’re “OCI containers” and both Docker and Podman implement the OCI spec.
Podman’s architecture is different. The main difference with Podman is that it never runs as root, so it’s better for security. With Docker, you can either run it as root or in rootless mode, but the default is running it as root.
Ask the 100,000 people that downloaded Boost, not me.
Ugh. I hate this so much.
Amazon is usually OK if you buy things that are sold by Amazon or sold by the manufacturer (if it’s a well-known brand). The third-party sellers based in China are almost always reselling stuff from Aliexpress/Alibaba with a significant markup.
You can pay just a few dollars to remove the ads from Boost.
California (and a few other states) are trying. The CCPA and CPRA are a good step in the right direction. If you’re a California resident, you can request all the data a business has collected about you, tell them to stop sharing it with business partners, or tell them to completely delete it, similar to the GDPR in Europe.
That CAPTCHA isn’t specific to Temu.
My interpretation of that tagline is that since the prices on Temu are cheap, it means you can shop as if you had a lot of money, without actually spending that much.
US will try its best to block technology, including open source projects.
You can’t block open source projects from anyone. That’s the entire point of open source. For a license to be considered open-source, it must not have any limitations as to who can use it.
Yeah, it really depends on how much you trust the vendor.
Google? Say what you want about the company, but they’ll never intentionally serve malware.
Random company with no track record where we don’t even know who is maintaining the code? Much less trustworthy. The polyfill . io repo is currently owned by a Github user called “polyfillpolyfill” with no identifying information.
Third-party CDNs make less sense these days though. A lot of hosting services have a CDN of some sort. Most sites have some sort of build process, and you usually bundle all your JS and CSS (both your code and third-party code, often as separate bundles) as part of that.
This is part of the Github terms of service:
By setting your repositories to be viewed publicly, you agree to allow others to view and “fork” your repositories (this means that others may make their own copies of Content from your repositories in repositories they control).
with mails that dont correspond to the original authors,
Oh! I didn’t realise this. Do you have an example?
You’d be surprised how much code people blindly reuse without even looking at it, especially in JavaScript. The JS standard library is ridiculously small, so nearly all JS apps import third-party code of some sort. One JS framework can pull in hundreds of third-party modules.
It’s much less of an issue with languages like C# and even PHP, where the first-party libraries are often sufficient for building a small or mid-sized app.
Most licences require derivative works to be under the same or similar licence
Some, but probably not most. This is mostly an issue with “viral” licenses like GPL, which restrict the license of derivative works. Permissive licenses like the MIT license are very common and don’t restrict this.
MIT does say that “all copies or substantial portions of the Software” need to come with the license attached, but code generated by an AI is arguably not a “substantial portion” of the software.
I expect it’s going likely to be used to train some Chinese AI model.
Even if they do that, the license for open source software doesn’t disallow it from being done.
My favourite part is that the developers that currently own it said:
Someone has maliciously defamed us. We have no supply chain risks because all content is statically cached
https://github.com/polyfillpolyfill/polyfill-service/issues/2890#issuecomment-2191461961
Completely missing the point that they are the supply chain risk, and the fact that malicious code was already detected in their system (to the point where Google started blocking ads for sites that loaded polyfill .io scripts.
Yeah, for sure. Same reason a bunch of subscription stuff goes up in price after a year or two.