KexPilot

joined 2 years ago
sorted by: new top controversial old
1
Copyleft in the EU (lemmy.world)
 

Hello!

As some of you might be aware, copyright law and precendence in the EU show a bit of a difference in the FOSS license landscape compared to for example the US. Particularly, I am talking about linking in the context of derivative work. I tried to do some research here, but I didn't manage to find any conclusive articles or discussions on the matter.

As both dynamic and static linking in the EU is generally considered as a question of interoperability rather than derivative work, linking-wise virality of licenses like GPL are basically void over here. The EUPL license (my license of choice) as per my understanding even explicitly claims that "derivative work" is a definition out of scope of the license text due to this. I today read about additional possible AGPL violations uncovered from BambuLab regarding not opensourcing a .so library that the software uses. This made me wonder: what stops someone from taking a copyleft project in the EU, and adding all their heavy modifications basically as callouts to a proprietary dynamic library? Do I only have to publish the modified source full of single line callouts, without the library source?

Very dumb question about app notifications in c/homeassistant@lemmy.world
[–] KexPilot@lemmy.world 6 points 1 month ago* (last edited 1 month ago) (1 children)

It might be not this simple in case of notification providers, the notifications are somehow sent in the name of the app I guess. And don't forget: in general, this principle is true for most of your apps that send notifications. I.e. if you are getting Signal or Facebook notifications, it uses the same principle.

Btw, google is not the only notification service for android. Check up on Unified Push, there are many alternatives to do this, and there are some apps that support these alternatives in their non-play-store builds.

Very dumb question about app notifications in c/homeassistant@lemmy.world
[–] KexPilot@lemmy.world 17 points 1 month ago* (last edited 1 month ago) (3 children)

In general, notifications on Android don't go through apps, that would require apps to run all the time and consume too much battery. They instead are going through a notification provider (google in the default case). This is why your notifications arrive, but you have no other connections to your HA.

Edit for clarification: HA uploads it to google servers (which of course doesn't need port forwarding) and your phone then polls them from google.

Linux Kernel Rust Code Sees Its First CVE Vulnerability in c/technology@lemmy.world
[–] KexPilot@lemmy.world 4 points 5 months ago* (last edited 5 months ago)

No. The issue is that an assumption they make in the unsafe block does not actually always hold true. They changed the safe rust code to strenghten the (incorrect) assumption they made in the first place, because that is way easier than rearchitecting the unsafe part. I.e. if the unsafe part was somehow to be written safely, the mitigation they introduced now would not result in any difference in behaviour, it would be correct behaviour both before and after.

Tldr: the problem lies in the unsafe part

Between Forgejo, Gitea, Gitlab etc., which do you prefer and why? in c/nostupidquestions@lemmy.world
[–] KexPilot@lemmy.world 9 points 8 months ago* (last edited 8 months ago)

It's my turn to do the obligatory mention of SourceHut :)

It is in alpha, but it is really promising. It is going all-in on email based git workflows (which was the original way of doing it before the github-style PR based workflow). I love the style and it's minimalism - but don't let that fool you, it has many features that you might not see at first glance. Imagine if cgit or gitweb was extended into a software forge with built-in support for email patches, mailing lists, issue tracking and CI.

If you are the type of person who attracts garbage issue tickets and often has to reject low-effort PRs on your projects, it forces a really good minimum entrance bar. Of course this comes at the cost of visibility of your projects, less networking effect, so I would suggest to not use it if you want easy visibility and 3rd party contribution on your projects.