I think the technologies are pretty bubble based. We are 80/15/5 Mac/Linux/Windows and it's been 15 years since I worked on a software team that's thats mostly windows. But I talk to them from time to time. But if anything Mac feels underrepresented compared to my bubble.
I admit I'm probably biased in favor of believing the survey is representative. I work on one of the databases.
Speaking of databases, I don't work on SQL Server but can see the appeal. It implements a huge array of features and it's documentation is pretty good. Folks have told me it's a lovely database to use.
I downloaded google lense a while back to identify a mushroom. It was pretty and I was curious. After installing and taking the picture it replied.... "Mushroom."
The second image said false widow's death wish or something metal as hell.
I used gerrit and zuul a while back at a place that really didn't want to use GitHub. It worked pretty well but it took a lot of care and maintenance to keep it all ticking along for a bunch of us.
It has a few features I loved that GitHub took years to catch up to. Not sure there's a moral to this story.
When someone is having a computer problem I ask them to restart first. Not because I think they don't know to do it, but just in case. Some people don't know. Sometimes people forget. Obvious advice is useful sometimes.
I dunno about stdx as a solution. It's just not a big enough list.
At work we build a big java thing and we:
Manually import all dependencies, including transitive dependencies.
Bless them by committing their hash to our repo. I think the cargo lock file does something similar.
Audit the dependencies by hand. Sometimes that's reading them all and sometimes thats less. Honestly, it's often less. A few times it's being members of the upstream community.
Don't allow running as root
Drop all permissions we don't need with seccomp including reading a bunch of stuff
Sandbox each thread based on what's on the stack. Untrusted code can do less stuff.
It's still not enough. But it helps.
Maybe a web of trust for audited dependencies would help. This version of this repo under this hash. I could see stdx stuff being covered by the rust core folks and I'm sure some folks would pay for bigger webs. We pay employees to audit dependencies. Sharing that cost via a trusted third party or foundation or something feels eminently corporate. Maybe even possible.
Amazon is certainly interesting for open source. They've caused me and my friends a fair bit of trouble but they have made some real contributions. I feel like they only do it when they have to though. They are quite happy to take others work and give nothing back.
They just feel very disingenuous. Opportunistic. A bit sleezy. But some of my favorite open source hackers work there and do good work. It's hard.
I really thought the idea was, "You like mecha? You like kids piloting mecha? This is how it'd go down." I loved it so much. Shinji's a broken, abused shell child. He lives with a broken human who drowns her sorrows in drink. His father is just evil. He'd have to be to let his kid pilot the mecha.
The only real father figure we ever see for shinji is a spy. Who gets killed. He's in love with a girl that hates him. Because he's broken. But he has no one else. Except those friends at school who I think they take away. Don't remember. And that angel who he has to kill or something. Damn, it's been like 25 years. I have no idea what happened. But in my memory it's terrible. Wonderful stuff.
Thanks. I remember one of these had people being excited about it and I felt bad that I couldn't try it. But Linux is hard and we are all so grumpy. I get it.
It's cute. Maybe my favorite use of ai I've seen in a while.
I wish it looked at contributions instead of just the profile page. Much more accurate roasting.