Hacker News: watusername

New comment by watusername in "LittleSnitch for Linux"

watusername — Thu, 09 Apr 2026 14:28:36 +0000

For Linux desktop users. A bit of tongue-in-cheek but that's pretty much the argument that I've heard in some circles ("it works for us and not going away anytime soon - why waste time convincing others?").

New comment by watusername in "My Google Workspace account suspension"

watusername — Sun, 05 Apr 2026 17:20:09 +0000

Instead of Keycloak, I would recommend giving Kanidm a try: It's much more lightweight and covers most of what you usually need (one notable exception being SAML).

https://github.com/kanidm/kanidm

New comment by watusername in "Put the zip code first"

watusername — Sun, 08 Mar 2026 00:59:02 +0000

None of which reflect well on the author. The "We're very proud of you." is exceedingly condescending.

New comment by watusername in "Mecha Comet – Open Modular Linux Handheld Computer"

watusername — Thu, 29 Jan 2026 13:35:23 +0000

Buyers beware: 4-core A53 is genuinely unusable (original Pinebook/PinePhone specs), A55 is better but I still wouldn’t recommend buying. You may expect performance similar to 15+ years old desktops.

New comment by watusername in "“One Student One Chip” Course Homepage"

watusername — Tue, 18 Nov 2025 00:34:10 +0000

Without a proper proxy setup, access to GitHub is often painfully slow from mainline China.

But the choice of Baidu Pan is indeed questionable: You need a Chinese phone number in order to sign up, which is out of reach for many expats living overseas. I don't get why they can’t just mirror it on a university server.

New comment by watusername in "Toybox: All-in-one Linux command line"

watusername — Mon, 06 Oct 2025 00:51:38 +0000

> I think... it builds a busybox system based on desired commands (similar to a dockerfile, but using a REPL?).

I am now very curious how you arrived at this conclusion. Did you make use of any LLM? If so, which model and what prompt did you use?

New comment by watusername in "Man still alive six months after pig kidney transplant"

watusername — Sun, 28 Sep 2025 13:14:48 +0000

I assume that you are being sarcastic and referencing The Island movie?

New comment by watusername in "Apple A19 SoC die shot"

watusername — Wed, 24 Sep 2025 02:48:00 +0000

What’s wrong with Substack?

New comment by watusername in "Apple: SSH and FileVault"

watusername — Fri, 19 Sep 2025 13:55:32 +0000

IIRC macOS upgrades will automatically store a FileVault token (basically `fdesetup authrestart`) before restarting, so the disk is automatically unlocked. It's not a Tahoe-specific thing.

New comment by watusername in "This blog is running on a recycled Google Pixel 5 (2024)"

watusername — Wed, 03 Sep 2025 00:43:50 +0000

Title needs "(2024)". It's been over a year and whether the blog is still running on a recycled Pixel 5 is unclear.

New comment by watusername in "Mosh Mobile Shell"

watusername — Thu, 28 Aug 2025 17:19:56 +0000

mosh is neat, but I've mostly switched back to good'ol SSH over Tailscale due to various rendering bugs caused by client-server mismatches as well as the lack of port forwarding.

Basically mosh attempts to synchronize the state of the terminal which is made up of character cells. It sounds simple until you realize that unicode and fancy escape sequences exist, and the behavior of the client and the server must match otherwise you get weird misalignments that are difficult to debug:

- Unicode 9+ changed character width computation a lot, but macOS `wcwidth` still follows the old algorithm. Let's patch it: https://github.com/mobile-shell/mosh/pull/1289

- There is no support for strike-through and dimmed styles. Let's patch it: https://github.com/mobile-shell/mosh/pull/1059

- What about underline/undercurl? Let's patch it: https://github.com/jdrouhard/mosh/commit/aff5e1c3db9f061deb2...

- Some emojis don't take up two cells as expected? Again, let's patch it: https://github.com/jdrouhard/mosh/commit/b31161ab311c7b6e306...

- ...

You really need those patches to have a good experience, and popular mosh clients like Blink on iOS incorporate them in their builds. However, things look wonky if you don't use the corresponding server builds, and you don't want to dig through layers of abstractions to find out why selecting lines in a specific file in neovim causes everything to become a jumbled mess every so often.

There is no end in sight for those patched to be merged upstream, no end in sight for distros to ship new versions, and no end in sight for protocol changes to make state synchronization more resilient. So, back to SSH we go...

Edit: Fixed wrong link for underline/undercurl patch

New comment by watusername in "SSL certificate requirements are becoming obnoxious"

watusername — Tue, 26 Aug 2025 14:18:05 +0000

To be frank, the whole post reads like "I hate change" with no convincing argument otherwise. The author even acknowledges the very lenient ramp-up from CAB _and_ the myriad of available tooling, yet still throws his hands up.

> I am responsible for approving SSL certificates for my company. [...] I review and approve each cert. What started out as a quarterly or semi-monthly task has become a monthly-to-weekly task depending on when our certs are expiring.

I don't get the security need for manually approving renewals, and the author makes no attempt to justify this either. It may make sense for some manual process to be in place for initial issuances, as certificates are permanently added to a publicly-available ledger. And to take a step back, do you need public certs to begin with? Can you not have an internal CA? Again, the author makes no attempt to justify this, or demonstrate understanding in the post.

> email-based validation may as well not exist when we need to update a certificate for test.lab.corp.example.com because there is no webmaster@test.lab.corp.example.com.

I know that this is an example, but as a developer it would be a pain to have to go through a manual, multi-day process for my `test.lab.corp.example.com` to work. And the rest of the post seems to imply that this is actually the case at OP's org.

> Which resource-starved team will manage the client and the infrastructure it needs? It will need time to undergo code review and/or supplier review if it’s sold by a company. There will be a requirement for secrets management. There will be a need for monitoring and alerting. It’s not as painless as the certificate approval workflow I have now.

There are additional costs and new processes to be made, yes, but even from a non-technical POV this appears to be a good time to lead and take ownership.

> Any platforms that offer or include certificate management bundled with the actual services we pay for will win our business by default. [...] What is obvious to me is that my stakeholders and I are hurrying to offload certificate management to our vendors and platforms and not to our CA.

That's okay. If you hate change and don't want to take ownership, pay someone else to take ownership.

New comment by watusername in "Jujutsu and Radicle"

watusername — Thu, 14 Aug 2025 15:52:57 +0000

From git's perspective, jj bookmarks are just regular git branches, so you can just do `jj git push` and open a PR as usual.

However, unlike git, jj bookmarks are pinned to change IDs instead of immutable commit SHA-1s. This means that stacked PRs just work: Change something in the pr-1 bookmark, and all dependent bookmarks (pr-2, pr-3, ...) are automatically updated. A `jj git push --tracked` later and everything is pushed.

New comment by watusername in "Window Activation"

watusername — Fri, 08 Aug 2025 18:49:32 +0000

Only the invoked app knows whether it needs the focus in the first place. Maybe the link you clicked is supposed to initiate some background processing that does not demand your focus at all.

New comment by watusername in "Ditching GitHub (2024)"

watusername — Thu, 07 Aug 2025 18:31:56 +0000

One issue that comes with leaving GitHub is a higher barrier to contributing. The author appears to see this as a nice filter, but it may not make sense for you. With a self-hosted forge, a new contributor will need to:

a) Sign up for an account in your forge: Do contributors really want another account? Does your captcha/email verification actually work (I've encountered ones that don't)? There are also forges that require you to ask for an account which is another hurdle.

b) Send an email: Configuring `git send-email` is alien to many contributors and may not even be doable in some corporate environments (OAuth2 with no app passwords allowed). Diverging from this is error-prone and against social norms which the contributor may not even be aware of (until they get flamed in the mailing list). You are also giving up automated CI which is a big part of the contributor feedback loop.

To be clear, going independent does indeed work for small personal projects (do not care much about contributions) as well as established ones (large incentive for new contributors to jump over hoops), and I'm fully aware that a lot of HNers do not see the need for those "niceties" provided by GitHub. But I feel that people often underestimate the barriers that they are putting up.

New comment by watusername in "Yes, the Book of PF, Fourth Edition Is Coming Soon"

watusername — Sat, 26 Jul 2025 18:32:44 +0000

Judging from the comments here, it should be called "the book of nft" for comedic effect :)

Add AI coding assistant configuration to Linux kernel

watusername — Sat, 26 Jul 2025 07:26:13 +0000

Article URL: https://lore.kernel.org/workflows/20250725175358.1989323-1-sashal@kernel.org/

Comments URL: https://news.ycombinator.com/item?id=44692128

Points: 3

# Comments: 0

New comment by watusername in "You can now disable all AI features in Zed"

watusername — Thu, 24 Jul 2025 13:53:18 +0000

You go to https://code.visualstudio.com and it will appear that AI integration is the whole point too. How a thing is currently marketed != How people have been using it.

New comment by watusername in "Zig's New Async I/O"

watusername — Mon, 14 Jul 2025 00:19:52 +0000

Other commenters have already provided examples for other languages, and it's the same for Rust: async functions are just regular functions that return an impl Future type. As a sync function, you can call a bunch of async functions and return the futures to your caller to handle, or you can block your current thread with the block_on function typically available through a handle (similar to the Io object here) provided by your favorite async runtime [0].

In other words, you don't need such an Io object upfront: You need it when you want to actually drive its execution and get the result. From this perspective, the Zig approach is actually less flexible than Rust.

[0]: https://docs.rs/tokio/latest/tokio/runtime/struct.Handle.htm...

New comment by watusername in "Let me pay for Firefox"

watusername — Sun, 13 Jul 2025 21:37:38 +0000

The point is that people want to fund the development of the actual browser engine which is more important than the customization scripts that those forks maintain. The engine is what people are worried about.