Hacker News: stasge

New comment by stasge in "I am building a cloud"

stasge — Fri, 24 Apr 2026 01:00:59 +0000

The problem is not Kubernetes but how it's treated. From its inception I've been seeing two anti-patterns: treating it as a platform (and being frustrated for Kubernetes not meeting expectations) and treating it as a product or part of a product (investing heavily into its customization and making it a dependency). Neither is practical unless you are building a platform and it is your product. Otherwise it should be viewed as an OS and treated as a commodity. You create a single big VM with MicroK8s per project (zero-ops vanilla Kubernetes) and make no dependency on how exactly Kubernetes is setup. This way you can run the same setup locally and in a data center. If ever needed your app could be moved to any cloud as long as that cloud meets basic prerequisites (like presence of persistent storage or load balancer). The best part is Kubernetes (unlike traditional OS) is API driven and your apps could be nicely packaged and managed using Terraform/OpenTofu or similar tooling.

New comment by stasge in "I program on the subway"

stasge — Mon, 22 Dec 2025 06:20:40 +0000

My commute to work is quite long but there is no "sitting" in Tokyo's trains in mornings/evenings so I program on a smartphone. Yes, it's not impossible but it takes time to get used to it.

New comment by stasge in "Malicious versions of Nx and some supporting plugins were published"

stasge — Tue, 02 Sep 2025 00:34:08 +0000

There is a low hanging fruit in making GitHub Actions more secure (anyone from GitHub here?):

  - Forbid (or at least warn about) shell interpolation in composite actions and guide to using environment variables instead
  - Warn unless all external actions are pinned by git commit (with customizable exceptions)
  - Warn unless all used docker images are pinned by digests

New comment by stasge in "GitHub MCP exploited: Accessing private repositories via MCP"

stasge — Wed, 28 May 2025 02:49:24 +0000

Time for a new term "Synthocial Engineering"?

New comment by stasge in "The Pain That Is GitHub Actions"

stasge — Fri, 21 Mar 2025 02:15:26 +0000

While I agree that GitHub Actions could be more "secure and safe" by default most gaps are easy enough to fill. With https://github.com/marketplace/actions/check-actions you can ensure timeouts, permissions and version pinning. With https://registry.terraform.io/modules/giner/repo/github you can manage all repos together with workflows.

New comment by stasge in "Google helped destroy adoption of RSS feeds (2023)"

stasge — Sun, 25 Feb 2024 01:27:15 +0000

Unfortunately Mozilla has greatly contributed to this. At the time when Firefox had a good user share Mozilla instead of promoting RSS has decided to remove RSS/Atom feed icon from the address bar because of their telemetry showing rare usage. While it is still possible to install the icon as well as live bookmarks as add-on to do that one needs to know of their existence.

New comment by stasge in "Ask HN: Why did Python win?"

stasge — Wed, 30 Aug 2023 01:45:14 +0000

Reading the comments makes me wonder why where perception of Ruby that it is complex or hard to learn is coming from. Let's talk about just language without external libraries, package management or context of specific software.

I'm using both Ruby and Python for tooling (so there is neither Web nor ML context. Neither meta-programming). When it comes to Ruby I learn one thing and safely extrapolate, i.e. you don't need to learn all of the language to be able to use it. With Python I've had to come to the docs many times to understand how a particular thing works and I keep finding ways to shoot in my foot. This includes very basic stuff like variable scoping (global, class, instance or local) or type non-obvious type conversion (in Ruby only nil and false are treated as false in conditional expressions, while in Python this includes empty string, empty list, empty dictionary and so on).

When it comes to readability in Ruby it is natural to do data processing by "pipelining", e.g. you don't need to do f1(f2(f3(f4(data)))) (which is often the case in Python) and instead you can do data.f1.f2.f3.f4 which is easier to read. Classes, objects, inheritance work and feel a lot more obvious. Ruby allows to be concise without sacrificing (for example "a = 5 if seta == true"). Overall Ruby allows to write more readable code than Python.

New comment by stasge in "Until further notice, think twice before using Google to download software"

stasge — Fri, 03 Feb 2023 23:51:36 +0000

Personalization could be a reason of getting bad results. I'm always using https://google.com/ncr in private mode and I don't think I've noticed any degradation in search quality so far.