There's a store near us the sells a giant metal T-Rex and I want it. But it's a couple thousand dollars. I'm sure it's worth it. But I can't.

Yeah! Like that!

Usually I use glob patterns for test selection.

But I did use reges yesterday to find something else. A java security file definition.

I dunno about stdx as a solution. It's just not a big enough list.

At work we build a big java thing and we:

• Manually import all dependencies, including transitive dependencies.
• Bless them by committing their hash to our repo. I think the cargo lock file does something similar.
• Audit the dependencies by hand. Sometimes that's reading them all and sometimes thats less. Honestly, it's often less. A few times it's being members of the upstream community.
• Don't allow running as root
• Drop all permissions we don't need with seccomp including reading a bunch of stuff
• Sandbox each thread based on what's on the stack. Untrusted code can do less stuff.

It's still not enough. But it helps.

Maybe a web of trust for audited dependencies would help. This version of this repo under this hash. I could see stdx stuff being covered by the rust core folks and I'm sure some folks would pay for bigger webs. We pay employees to audit dependencies. Sharing that cost via a trusted third party or foundation or something feels eminently corporate. Maybe even possible.

I really thought the idea was, "You like mecha? You like kids piloting mecha? This is how it'd go down." I loved it so much. Shinji's a broken, abused shell child. He lives with a broken human who drowns her sorrows in drink. His father is just evil. He'd have to be to let his kid pilot the mecha.

The only real father figure we ever see for shinji is a spy. Who gets killed. He's in love with a girl that hates him. Because he's broken. But he has no one else. Except those friends at school who I think they take away. Don't remember. And that angel who he has to kill or something. Damn, it's been like 25 years. I have no idea what happened. But in my memory it's terrible. Wonderful stuff.

We knew spooks were all up in the phone network. They'd show up and ask installers to run them some cables and configure ports in a certain way. I was friends with folks who were friends with the installers.

A while ago I read a book where a town got nuked. Only it was just a rumor spread on Facebook. Town is fine. But tons of people believed it. Set up road blocks and stuff. For years.

edit: I thought, "there is no way people would do that." Oh well.

I used to work for them. It was weird and wonderful and I miss it and I don't. Lots of mission driven folks working hard to keep things going getting very little respect. But a lot of respect. But sometimes none.

Iirc a lot of their budget is spent doing charity stuff. Encouraging contributions for tiny languages. Trying not to cave to Russia or the US or France. Trying to make it less of a boys club. Trying to get local organizations going.

I remember once they sent an email that said "if the French government asks you to delete this page please just delete it. It's not worth going to jail. Someone outside of France will revert the delete."

I wasn't qualified for the work. No one was. But it was honest work.

It's not my favorite but it's fine.

It really does drive people away. I'm not good enough for the kernel, but there's a project I could contribute to as part of my job but I don't because there are mean folks there. My first contribution there was met with cursing.

Although it was his first day in charge, Sliney had an over-25-year background in air traffic and management in the FAA.

I'm reasonably sure compilers can shift the if out. I believe it's called "loop invariant code motion". Won't work in call cases, but in the variable case it should.