Just give up hope. It’s really not worth it.

I loved Pop!_OS as it made Debian/Ubuntu extremely usable as a daily driver. Finally I got fed up with outdated package bullremoved coming from different angles and went to Rocky. Wish I did it sooner.

Appreciate System76, but they’ve dropped the ball hard and I don’t think it’s recoverable

If I were to fully elaborate, I’d be typing for hours, so I’ll sum up:

• pip - default behavior is to install to system-wide site packages. In a venv, it will try to upgrade/uninstall system packages without notice/consent unless you specify --require-virtualenv. Multiple things can removed up your ENV to make the python binaries point to system-wide, while your terminal will still show you as in a venv. Also why TF would package metadata files need to be executable? Bad practice, -1/10
• nix - they acknowledged years ago that they should probably have some kind of package signing and perhaps an SBOM or similar mechanism, but then did nothing to implement it and just said “oh well, guess we’re vulnerable to supply chain attacks, best not to think about it”
• brew - installing packages parallel to your system packages manager, without containers. My chief complaint here is that brew is a secondary package manager that people might treat as a “set and forget” for some packages, rarely updating them. So what happens when a standard library used by a brew package is vuln? A naive Linux user might update their system packages but totally forget to update brew. And when updating brew, you can easily hit max_open_file_descriptors because kitchen sink

From there, it’s all extremely nit-picky and paranoid-fueled-- basically, none of the package managers I mentioned are conducive, in my eyes at least, to a secure and intuitive compute environment.

Unfortunately, there’s not much I can do about it except bang pots and pans and throw maintainers under buses when the issue that has been present for years rears it’s ugly head. Because they are the only ones who can change this, and pressure is the only thing that might motivate them to.

Nix is already beyond removeded because they actively dismiss the need for appropriate security measures to prevent supply chain attacks. There were multiple discussions about this over the years that appear to have succumbed to neglect.

I wouldn’t trust nix, just like I don’t trust pip, brew, or a whole plethora of other package managers and repositories. They are just too neglectful

Yeah and that makes sense. But I still choose to die on the hill of tabs or nothing. That’s just how anal I am about my code.

And I realize there are niche scenarios where tabs don’t make sense, but I could care less about those. Afaik, even assemblers support tabs. If you have tabs, I feel it is almost sacrilegious not to use them for indentation.

Yeah I liked him better then /s

I will fight tooth and nail with anyone who agrees with this decision. Not because Torvalds did it, but because removed you use tabs you goddamn neanderthals

I created a GitLab account long before they implemented this, but never used it. Went to post an issue related to self-hosted GitLab on their issue tracker, and it told me my account was banned. I wrote an email to support and they essentially said “an automated system identified your account as a bot and banned you during an account clean up some years ago to cut back on malicious users”. I informed them that this was not at all reasonable, as I’ve never even posted anything on any GitLab account, and that I would be advising my organization to never pay for any GitLab product or service unless legal writes up the contract terms, because I have no faith in them as a vendor.

Seriously, removed GitLab. And if anyone from that org wants to discuss this with me, they can pipe their email to /dev/null