It isn’t if it was intentional. It was intentional. Otherwise the exploit chain wouldn’t be so convoluted.

Unless you’re running Debian testing you’re safe. If ssh isn’t open to the internet you’re safe. Just make sure everything is up-to-date.

It depends on volume. When you build 100 parts not really. But when you build millions it becomes worth it.

In automotive they fight over every cent.

Hi, I’ve started reading you blog and noticed your mention of activity pub for gitLab. Forgejo is working on exactly that. It’s a fork of gitea.

My guess is that it has that default because they use Rust. Everyone uses rustfmt so everything looks the same and if you always format before a commit you never get massive diffs.

Most rust projects I’ve seen even have a ci job to check the formatting with rustfmt.

What happened there?

Cargo.rs also has no option to unpublish a package. There is however the option to yank a package which disables the inclusion in new projects by the automated dependency resolution. If the version is entered manually it will still be used.

Codeberg is the hosted forgejo instance from codeberg E.V. Codeberg ev also forked gitea 2022 and spearheads the development of forgejo

So you are saying using python to write the server for a federated multimedia messenger is a bad idea.

Let me tell you, I’m shocked😲

It all depends on the library you use. Rust has you covered with toml_edit. It is what is used for all the cargo commands editing the Cargo.toml file.

One of the bullet points for C++ is the increase of the version number in the version header file. Wow much feature.