// abandon all hope ye who commit here
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
Edith: damit, Not the first to post this abomination
So, when is the first party cable going to be launched?
The device only hast an adapter shipped with it, which won't help you connect to the PSU 12VHPWR.
Theoretically it is possible to exploit a hardware (or maybe even a very big software) bug inside the JavaScript engine, to execute code as root.
See also this real world example hardware exploit that gives somewhat arbitrary ram read/write access to an attacking website with zero clicks that can grant you root.
Kernel Protection hadn't helped here though, hardware bugs aren't an easy fix.
A bit late but: The Linux kernel can prevent unsigned code from being inserted into it, the signing key is generated by the one building the kernel image and automatically signs all modules that are build with the kernel.
This only happens if lockdown is enabled, which happens automatically if you use secure boot. The distros I use also support secure boot so I have it for example.
I have rss feeds for my main service updates so I know what new features I have, the services mostly run in podman containers and update automatically each Monday. I also have daily backups (timed to run just before the update on monday) in case anything does break.
If it breaks I fix it depending on how much I want/need it, mostly it's a matter of half an hour to fix it and with my current NixOS/Podman system I haven't yet needed to fix anything this year so it breaks infrequently.
Also why are you using Kubernetes on a single host if you want minimal maintenance? XD
My recommendation is to switch to just managing containers, you should just be able to export the volumes out of kubernetes and import them as normal volumes, as long as they're mounted in the right place you keep your data and if it doesn't work just try again. Not like you need to destroy the current system to slowly replace it.
Edit: I also recommend to update and reboot frequently, this stops updates and unstable configurations from piling up.
And so, the problem wasn't the ai/llm, it was the person who said "looks good" without even looking at the generated code, and then the person who read that pull request and said, again without reading the code, "lgtm".
If you have good policies then it doesn't matter how many bad practice's are used, it still won't be merged.
The only overhead is that you have to read all the requests but if it's an internal project then telling everyone to read and understand their code shouldn't be the issue.
One thing that makes a project good is knowing what it does, I've seen quite a few projects where they talk about all the features and technology and how to configure it but not a word about what it actually does, what problems it solves and so on.
I won't self host your program if you don't even tell me what it does, don't make me search and clue together large parts of the documentation just to find if I want it. A simple explanation is enough but somehow I've seen quite a few programs that don't have it.
// abandon all hope ye who commit here (?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])Edith: damit, Not the first to post this abomination