This account is a replica from Hacker News. Its author can't see your replies. If you find this service useful, please consider supporting us via our Patreon.
| Official | https:// |
| Support this service | https://www.patreon.com/birddotmakeup |
jFriedensreich
- 0 Followers
- 0 Following
- 6 Posts
github.com/lucidNTR
This account is a replica from Hacker News. Its author can't see your replies. If you find this service useful, please consider supporting us via our Patreon.
This account is a replica from Hacker News. Its author can't see your replies. If you find this service useful, please consider supporting us via our Patreon.
It's impossible to consider ATproto apps usable until the horrific oauth situation is fixed. It's still not possible to adjust oauth permissions to something restrictive dynamically so every app needs a new account which kind of defeats many of the interop promises, if apps even allow it (colibri requires invite code)
firecracker does not run on macos and has no GPU support
Thanks for the pointer! Love the premise project. Just a few notes:
- a security focused project should NOT default to train people installing by piping to bash. If i try previewing the install script in the browser it forces download instead of showing as plain text. The first thing i see is an argument
# --prefix DIR Install to DIR (default: ~/.smolvm)
that later in the script is rm -rf deleting a lib folder. So if i accidentally pick a folder with ANY lib folder this will be deleted.
- Im not sure what the comparison to colima with krunkit machines is except you don't use vm images but how this works or how it is better is not 100% clear
- Just a minor thing but people don't have much attention and i just saw aws and fly.io in the description and nearly closed the project. it needs to be simpler to see this is a local sandbox with libkrun NOT a wrapper for a remote sandbox like so many of the projects out there.
Will try reaching you on some channel, would love to collaborate especially on devX, i would be very interested in something more reliable and bit more lightweight in placce of colima when libkrun can fully replace vz
We have one where thats possible: workerd (apache 2.0) no new language needed just a new runtime
We just can't trust dependencies and dev setups. I wanted to say "anymore" but we never could. Dev containers were never good enough, too clumsy and too little isolation. We need to start working in full sandboxes with defence in depth that have real guardrails and UIs like vm isolation + container primitives and allow lists, egress filters, seccomp, gvisor and more but with much better usability. Its the same requirements we have for agent runtimes, lets use this momentum to make our dev environments safer! In such an environment the container would crash, we see the violations, delete it and dont' have to worry about it. We should treat this as an everyday possibility not as an isolated security incident.
"Basically the point I'm making is that as programmers there's no line between professional and amateur" >> The author has not encountered a next level professional environment that is not available to consumers. Talk to meta or google employees how their borg, eden, semantic monorepo search and review, ci systems work. Or talk to a company that uses anthesis testing. Or talk to employees that have H200 for them or unlimited devin credits. Or a real design, user research, legal or QA team you can work with.