Anthropic just legally threatened Opencode to make them drop support: https://web.archive.org/web/20260221041617/https://github.com/anomalyco/opencode-anthropic-auth/pull/15#issuecomment-3930558874

Archive link because they deleted the repo after to comply with demands.

In short, Anthropic only wants you using their official walled-garden clients to access the models trained on our open source code.

They are not a lesser evil. They are just as evil as OpenAI.

Stop giving these assholes money. Rent or buy hardware to self-host with privacy and freedom. It is not that hard, I promise.

AI automated security review company that views human code review as unnecessary, gets hit by supply chain attack that their automation failed to detect. Beautiful.

How many more of these are required before we can seriously talk about Web of Trust, commit signing, and decentralized crowd-sourced FOSS code review?

https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions

Security celebrities have been shitting on the PGP Web Of Trust as an idea we should abandon in favor of centralizing trust on corpos.

Meanwhile the internet is filling with AI bots using fake corpo accounts and no one can tell who is human anymore. Huh.

WoT has never mattered more, and it is time we anchor modern tooling back to the human roots that built the internet.

My fellow [Stageˣ] maintainer Kron, Zoë Finja Emilia makes a strong visual case.

https://kron.fi/en/posts/stagex-web-of-trust/

As the founder of the Stagex Linux distribution and a California resident, my official position on operating system age verification mandates is that I personally will not implement it, and I doubt anyone else will.

Our decentralized and multi-party cryptographic signing design means no single person or entity has the power to make changes to the distribution alone.

But please, California lawmakers, try to make me. I would get off on making you look like idiots in court.

That is all.

Veritasium just dropped a video on ethics of the FOSS movement, right to repair, digital sovereignty, and the idea that closed source software has absolutely no role in supply chain security.

In recent years my teammates and I have shifted our entire careers to FOSS supply chain security engineering in spite of constantly being told our work is a waste of time. We feel seen!

https://yewtu.be/watch?v=aoag03mSuXQ

Shameless plugs @ https://caution.co https://distrust.co and https://stagex.tools

I wonder if there were people that thought Stallman was a bad person for using a proprietary compiler to build the first version of GCC.

I exclusively write FOSS, but sometimes I don't understand the purity tests of the FOSS community.

As long as a PR author fully read the the code, and it was not largely copied from any other project, I don't care what kind of autocomplete magic was used.

FOSS is at too big of a disadvantage to be picky about useful contributions that respect the license.

When you work on OS development, you spend a -lot- of time waiting on compiling experiments. Wasted time.

So, finally broke down on a big workstation upgrade:

So I trained an LLM on myself, and it sounded like a complete idiot so I deleted it immediately.

I am starting to consider that it might be a me problem.