Tootfinder

Subtooting since people in the original thread wanted it to be over, but selfishly tagging @… and @… whose opinions I value...
I think that saying "we are not a supply chain" is exactly what open-source maintainers should be doing right now in response to "open source supply chain security" threads.
I can't claim to be an expert and don't maintain any important FOSS stuff, but I do release almost all of my code under open licenses, and I do use many open source libraries, and I have felt the pain of needing to replace an unmaintained library.
There's a certain small-to-mid-scale class of program, including many open-source libraries, which can be built/maintained by a single person, and which to my mind best operate on a "snake growth" model: incremental changes/fixes, punctuated by periodic "skin-shedding" phases where make rewrites or version updates happen. These projects aren't immortal either: as the whole tech landscape around them changes, they become unnecessary and/or people lose interest, so they go unmaintained and eventually break. Each time one of their dependencies breaks (or has a skin-shedding moment) there's a higher probability that they break or shed too, as maintenance needs shoot up at these junctures. Unless you're a company trying to make money from a single long-lived app, it's actually okay that software churns like this, and if you're a company trying to make money, your priorities absolutely should not factor into any decisions people making FOSS software make: we're trying (and to a huge extent succeeding) to make a better world (and/or just have fun with our own hobbies share that fun with others) that leaves behind the corrosive & planet-destroying plague which is capitalism, and you're trying to personally enrich yourself by embracing that plague. The fact that capitalism is *evil* is not an incidental thing in this discussion.
To make an imperfect analogy, imagine that the peasants of some domain have set up a really-free-market, where they provide each other with free stuff to help each other survive, sometimes doing some barter perhaps but mostly just everyone bringing their surplus. Now imagine the lord of the domain, who is the source of these peasants' immiseration, goes to this market secretly & takes some berries, which he uses as one ingredient in delicious tarts that he then sells for profit. But then the berry-bringer stops showing up to the free market, or starts bringing a different kind of fruit, or even ends up bringing rotten berries by accident. And the lord complains "I have a supply chain problem!" Like, fuck off dude! Your problem is that you *didn't* want to build a supply chain and instead thought you would build your profit-focused business in other people's free stuff. If you were paying the berry-picker, you'd have a supply chain problem, but you weren't, so you really have an "I want more free stuff" problem when you can't be arsed to give away your own stuff for free.
There can be all sorts of problems in the really-free-market, like maybe not enough people bring socks, so the peasants who can't afford socks are going barefoot, and having foot problems, and the peasants put their heads together and see if they can convince someone to start bringing socks, and maybe they can't and things are a bit sad, but the really-free-market was never supposed to solve everyone's problems 100% when they're all still being squeezed dry by their taxes: until they are able to get free of the lord & start building a lovely anarchist society, the really-free-market is a best-effort kind of deal that aims to make things better, and sometimes will fall short. When it becomes the main way goods in society are distributed, and when the people who contribute aren't constantly drained by the feudal yoke, at that point the availability of particular goods is a real problem that needs to be solved, but at that point, it's also much easier to solve. And at *no* point does someone coming into the market to take stuff only to turn around and sell it deserve anything from the market or those contributing to it. They are not a supply chain. They're trying to help each other out, but even then they're doing so freely and without obligation. They might discuss amongst themselves how to better coordinate their mutual aid, but they're not going to end up forcing anyone to bring anything or even expecting that a certain person contribute a certain amount, since the whole point is that the thing is voluntary & free, and they've all got changing life circumstances that affect their contributions. Celebrate whatever shows up at the market, express your desire for things that would be useful, but don't impose a burden on anyone else to bring a specific thing, because otherwise it's fair for them to oppose such a burden on you, and now you two are doing your own barter thing that's outside the parameters of the really-free-market.

As I'm learning Dutch, I'm reminded that the idea that there are people who believe that the bible is to be taken literally. The idea that a several hundred year old translation of a collection of texts in multiple languages, that were themselves translated multiple times between languages, before the whole thing was translated to Latin, then being translated to English, could somehow perfectly reflect the original text... Yeah, it's only possible to believe that if you have no idea how languages work and have never learned another language.
Like, just from linguistic drift alone if the bible were written in King James English you're losing *so* much context. But Hebrew, Aramaic, and Greek translated to Latin, then to English, then to English again?
There are so many things that erg can't be translated, even as a beginner. Dutch and English are two of the closest languages that exist, they're both Germanic languages and they're the closest to each other (other than Friesian). You can't really be much closer, and yet, there are so many things you can't mutually represent. Hebrew and Latin, Aramaic and Latin, Latin and English, Greek and English, these aren't even the same families at all... They're extremely distant. There's absolutely no way to represent concepts from one to another without another book's worth of explanation.
And that ignores all the cultural context, which is mostly lost and a library and decade of education to get the stuff that we *do* know.
Only monolingual Americans could come up with an idea so incredibly asinine.

Goodbye John, it was good to know you.
https://www.eff.org/deeplinks/2025/05/memoriam-john-l-young-cryptome-co-founder

In Memoriam: John L. Young, Cryptome Co-Founder
John L. Young, who died March 28 at age 89 in New York City, was among the first people to see the need for an online library of official secrets, a place where the public could find out things that governments and corporations didn’t want them to know. He made real the idea – revolutionary in its...

I'm having a short burst of efficiency, which is very unlike me after work. The only thing I can't be arsed to do is sort out breakfast to take to work in the morning, but I have things I can fling together at the last minute.
Among other things I've just reserved a Devla Murphy book from the library, after listening to Great Lives about her today. After that I'll be casting about for another book as I've nearly finished Nikki Erlick's The Measure, thought-provo…

Why Senior Developers Google Basic Syntax
https://faun.pub/why-senior-developers-google-basic-syntax-fa56445e355f

Good Morning #Canada
OTD in 1946, the Canadian Library Association (CLA) was founded in Hamilton, Ontario, in 1946 and incorporated on November 26, 1947. The CLA represented #Library workers and advocated for funding and improvements. Due to declining membership, it was replaced by the Canadian Federation of Library Associations. Here are 6 of Canada’s most beautiful libraries.
#CanadaIsAwesome #ReadABook
https://travel.destinationcanada.com/en-us/things-to-do/most-beautiful-libraries-canada

The Python library "YFinance" decided to force an upgrade. They did this by making the old version report a rate-limit error on every request.
Confusing.
Would have been better if they reported a "old version not supported" error or something instead. So that wasted some time.
That upgrade had dependencies which have dependencies upon a newer version of Python, so needed a whole OS upgrade really.
Which failed. Bricking the Rasp PI it was running on.
Oh well, complete rebuild of the whole machine and software it runs from scratch then.
That took all day yesterday. At the end I notice that the touch-screen doesn't touch. Needs drivers.
The drivers haven't been upgraded in six years. They brick the machine again when trying to install them on Debian Trixie.
Luckily, I kept good notes and could rebuild it all again much faster with no mistakes and knowing what to do and all the required custom software changes already made and saved.
So now I spent a whole day on annoying upgrade work because a single Python library decided to break the old version, and my Rasp Pi has no touch-screen. Which isn't ideal for a machine mostly operating as a fancy light switch for all the LED strips in the house.
This happens all the time in software. Millions of man hours wasted, so much hardware dumped because the drivers get abandoned.

In other news: Microsoft abandons Windows 10 any day now. Good luck to everyone faced with doing that lap on the upgrade treadmill.
I still have more work to do to bring up this RaspPi's software to where it was, but it'll have to wait, other things to do. At least it's back to sending me the nightly finance report and controlling the LED strips. If without a touch screen now.
#software #upgradeTredmil #python #microsoft