I have detected bloat, you YAML merchant you! Reject complexity! Return to native packages!
Lmao
this post was submitted on 31 Mar 2025
89 points (96.8% liked)
Linux
52706 readers
461 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
There must be a tool that allows you to build packages for multiple systems in multiple formats (deb, rpm, nix, flatpak, snap, etc.). Does that not exist? After 20 years of these systems existing, somebody must've tried...
Also, it's clear that once again, open source needs some kind of funding model, because it's a little crazy that a project like this can get so popular so fast, the dev flooded with praise, thanks, and issues but not money to maintain and develop it.
Long time ago I've tried making a makefile which packages as tarball, deb, rpm and appimage.
It's just a goofy attempt.
makefile which packages as tarball, deb, rpm and appimage.
Packaging an RPM in a makefile? That's inside-out.
Problem is that distro1 has req-lib2.5.3 while distro2 has req-lib2.7.8, but your project was developed on distro3 with req-lib2.9.5 so you have to deal with every distro having different lib versions and compatibility issues that come with it, not just different packaging formats.
And different names too. Debian and Fedora have different packages names, so req-lib on debian becomes req-devel on Fedora.
And since Arch is rolling release it's python-lib, not python3-lib. :)
a tool that allows you to build packages for multiple systems in multiple formats (deb, rpm, nix, flatpak, snap, etc.).
Given flatpaks and snaps are toxic, the other ones - deb, rpm, pkg - can be packaged relatively easily. It's all a separate effort with files and meta-info that doesn't often intersect, but it's manageable. It lends itself incredibly well to the trivial 'automation' that gitlab, forgejo and other major git suites provide.
Source: did this for the entirety I built and maintained a software suite for linux and unix, for like 15 years. I built some code, I packaged it. Because anything less isn't really ISO27002.
TL;DR - the 'tool' is a simple script and your brain. the biggest hurdle is the unknown itself and, once you get to it, the work can be pretty straightforward.
Suse's open build system does this. It's just very enterprisy to me, so I haven't really used it myself
Anubis without JavaScript is what I'm waiting for. I know that the Darknet forum Dread has a PoW system that doesn't use JS (or maybe it does something else entirely and I completely missed it)
How would that work? And how easy would it be to circumvent? Anubis probably forces spinning up a browser or something that supports a JS runtime (again probably a browser), so it's not as easily scriptable as just callling an HTTP endpoint. I'm curious how you would implement a system without JS.
Honestly I have no idea how PoW works at all. I'm just happy to see the innovation in this space. With that said, people have raised the idea of using TOR's PoW mechanism, or in my case, Dread's PoW. I believe both of them work without JavaScript
I would then encourage you to look up how those work and what proof of work actually is. Proof of work requires some work to be done by the client. If you want regular people to browse the internet normally and "do work", that means JavaScript, otherwise it requires them to install an extra binary like TOR or something, which would lock out most of real users. I imagine that's not the goal of site operators.
Maybe the solution is for browsers to include POW functionality natively.
We see dumb shit like "you need to enable DRM yadayada." We could have a similar thing for "you need to enable POW."
It might be pretty difficult to implement the work part of proof of work without JS in a practical way. Of the three languages available on the web, HTML, CSS & JS (+ WebAssembly, which requires a bit of JS IIRC & would probably not be available) JS is the only one that allows you to perform the work in a sane way. (It might be possible to use CSS magic with remote resources, but that has its own problems if it's even possible.)
It would be possible to use a dedicated program or another website to perform the work, but it would be far from seamless to users.
I don't know how PoW works but do you think that TOR and Dread's PoW can be reused?
In proof of work, the client performs (relatively) slow & expensive calculations to prove that it's not spam. If you tried to make too many connections, the work would add up, preventing you from affecting the availability of the service.
For PoW to work, the server needs to generate a challenge, then the client needs to solve it and return the answer. JavaScript can do this without any input from the user.
For JavaScriptless PoW, you need to find a way to perform those slow calculations without access to a programming language.
Like I said in my previous comment, solving the challenge can happen outside of the page, after which the user could paste the answer to a normal HTML form, for example. This allows PoW to work without JS, but requires user interaction & eternal tools.
I don't know about Dread, but Tor has built-in PoW now. Since Tor runs outside of the document/tab, unlike JS, it can do a lot more. Tor's PoW happens invisibly between the network request & response, making it unobtrusive & bypassing JS entirely.