That’s why earthly exists. Now you can run your pipeline on a container with a “familiar syntax” inside another container with a “familiar syntax” inside of a “reproducible, easy-to-use” VM provisioned on top of probably KVM, as Torvalds intended
I used to be a Kagi subscriber because I believed in their image for Orion. Their strong views on privacy, imo, directly conflict with their action to keep the product closed source “because it’d slow them down”, so I ended up unsubscribing. Good to see I unsubbed just in time.
Config files are still editable. Most of them (rpm-ostree, for example) have a mechanism for managing packages, and subsequently rolling back if anything goes wrong or completely resetting, and leave /usr/local writable. For stuff like development and working with compiler toolchains, you should be using a container. I use vscode exported in a distrobox running Fedora 40, for example.
FWIW, gitlab-runner exec and earthly exist for running tests locally, with others things like nektos/act for GHA as a 3rd party solution. I’ll never get used to yaml, though, all my pipelines are mostly shell scripts. Using a markup language as a programming language was definitely one of the decisions of all time.
I’d love to see a complete CAD package that feels more in line with Inventor. Ondsel is definitely getting there, but it’s PDM (like git, but for parametric CAD) is still closed source and not self-hostable. Their git repo is also a bit confusing. Apparently part of their patchset on the “flavor” branch they ship isn’t open to the public? Still, nice to see a (partially) FOSS solution.
It’s funny, because there was research done by UC Riverside which specifically figured out LTS branches receive patches for CVEs significantly later than vendor specific branches. Specifically:
Interestingly, we note that the picked CVE patches appear in distributions 74.2 days earlier than LTS on average;
It all comes down to a delicate balancing act between security and stability. Some top Linux kernel developers and CIQ are coming down on the side of security.
Most tutorials I can find involve enabling the steam cli, then using steamdb to look up the “depots” of previous versions and downloading the old update in chunks, then unpacking and copying the old game files to your install location. Not exactly convenient.
In my particular case, I just didn’t know it was enabled (my modding guide mentioned a way to stop it, but I guess I did it incorrectly). The game hadn’t received updates in half a decade, and I don’t really use Steam for anything else. Apparently, I wasn’t the only one in that boat.
No, fortunately enough. A FO5 written by Obsidian could be released as a bug-free superset of FO4, but includes the whole USA and the moddinglinked people would still be trying to mod FO4.
Hah, those are the load times I used to get on my Xbox One with its dinky HDD. At the very least, The Midnight Ride has been updated to post next-gen, and I now get really small loading times (<5 sec) on my SSD. The game feels less rough around the edges, too. Only took 3 hours to set up :,)
It’s not that they can’t, it’s that people are getting blindsided by updates to a game which supposedly hasn’t received updates for over half a decade, and downgrading on Steam is a surprisingly huge PITA. The Midnight Ride recommends patching, fwiw.
I wouldn’t place too much faith in the vetting process. As of right now, there are 2,034 members of the packager group of Fedora. None of them are required to have 2FA (or any real account security past a password), and the minimum requirements to join the group aren’t very high (contribute a package, pick up an unmaintained one, etc). Any of those 2,034 people can push malware to Fedora, and within a week, it’d be in stable repos.
Most of these distros are volunteer efforts. They don’t have the manpower to ensure the software supply chain remains secure.
(Note that this metric includes comments and blank lines, to which Linux would count at 46M lines. Counts with blank lines and comments removed are also in those links)
Even if a package was completely vetted, line-by-line, before it made it into a repo, would the maintainer need to get every update, too? Every PR? Imagine the maintenance burden. This code QA and maintainer burden discussion was the crux of one of the most popular discussions on the Fedora devel list.
Graphical environments are just programs just like any other.
They are in Fedora, too. It’s just that installing one DE overtop another can cause config file clashes (ie installing Plasma alongside GNOME means GTK apps will have a minimize button when logged into GNOME)
That’s why earthly exists. Now you can run your pipeline on a container with a “familiar syntax” inside another container with a “familiar syntax” inside of a “reproducible, easy-to-use” VM provisioned on top of probably KVM, as Torvalds intended