I don’t see any cycle here, qemu-deskyop needs qemu-base and that’s it.
I think you meant that qemu-desktop is orphan.
I don’t see any cycle here, qemu-deskyop needs qemu-base and that’s it.
I think you meant that qemu-desktop is orphan.
knowing nothing about the situation is indeed the problem. if only this process was more transparent…
Are we implying that we should tap every phone call?
We can say a lot of very bad stuff over the phone too. Should we have a way to prevent this?
yes bare git works just fine. if you ever want a web GUI and/or issues and Pull Request you want such a tool.
A web GUI can be very nice to share your repository publicly. You can also use codeberg.org if you can’t or don’t want to self host.
PS : I’m kinda shocked (not that much) by the downvotes or your legitimate and polite comment. Still looking for better communities/system.
COSMIC is built from GNOME shell, it is 100% a GNOME desktop and not from scratch.
I had the idea that moderation is instance based in Lemmy, mods only moderate people on their instance.
I must be missing something (I can see the community is not from lemmy.world but the guy is)
OK I got it, you are completely out of the loop here.
You do not grasp the idea of NoScript and other JS filtering extension. This is not about server code, your all arguments is baseless here.
By the way JS refered to Javascript and not NodeJS.
Anyway I got you whole company/business talk about “keeping the service available, secure, performant” and “GDPR […] bankrupting fine”… yeah lemmy.world.
Thanks for your answer.
First I don’t even grasp what a “service owner” is.
Second, for JS front-end openness there are already a bunch of app (web, android) that are open-source and secured. Everything has dependencies nowadays, this doesn’t prevent good security. Think all the python app and their dependencies, rust, android… even c\c++ packages are built with dependencies and security updates are necessary (bash had security issues).
I think with JS scripts it’s actually even easier to have good security because the app is ran in our web browser so the only possible attacker is the website we are visiting itself. If they are malicious then the close-sourced JS script is even worse. Unless you count 3rd party scripts embedded that bad dev uses in their website without even thinking about trusting them. That is also awful in both open or close source environment.
So even having imperfect security (which happens regardless to openness), who is the attacker here? I would rather run js script on my end if the code can be checked.
I believe you missed the point, I am not in defense of Security through obscurity
(https://en.wikipedia.org/wiki/Security_through_obscurity), quiet the opposite.
The point: “[…] risk for the service owner as it gives an easily parsable way for an attacker to check […]” is well known and not the discussion here. You can choose close source for ‘security’ this is opensource community so I am wondering about such a tool.
There’s no “open source” centralized website. You can’t know what the server is effectively running unless you have access to it. To me this makes no sense.
The irony
And C++, just checked the wiki and the 2 example of openssh’s heartbleed and sudo, both in C. Not C++. As expected.
I’m not sure why people keep pushing that myth on C++. It’s been a decade we have smart pointers. There’s no memory management to be done ever.
Using the old ‘new’ is like typing ‘unsafe’ in rust. Even arrays/vectors have safe accessor.
Am I missing something?
Are we codeberg yet?
They won’t go to jail, period. No company owners never go to jail, kinda ever. This phrase is out of proportion. At worse they would have a fine.
Also still in the blog everything is words and very opaque like " We do this not only through technology and advocacy (Proton has contributed over $500,000 toward defending these values around the world)" : like where, what, when?
“There was no legal possibility to resist or fight this particular request.” : I doubt very much unless Switzerland is a dictatorship in disguise.
“Switzerland generally will not assist prosecutions from countries without fair justice systems.” : clearly not.
You can search it online : I don’t know any good media so here’s the first result on DuckDuckGo https://www.theverge.com/2021/9/6/22659861/protonmail-swiss-court-order-french-climate-activist-arrest-identification
It is a nice PR but for me I am not impressed. Rolex is also a non profit organization in Switzerland and and mostly help hiding there finance.
Correct me if I am wrong but all I see is words and promises. I would trust them if they release the yearly finance transparently.
For now the only act I can judge them on is their collaboration with police to give ecologist activists IP.
Justin Pot is no expert but expert on writing.
The current version has a critical security vulnerability (https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/) but to fix it the new version compiled against libclan version 27 but Google decided to remove it from Android so the building pipeline needs to be adjusted.
There’s a long discussion: https://gitlab.com/relan/fennecbuild/-/merge_requests/63 , about building the newer version
In the meanwhile the app is a security hazard.