I'm having the first Radicle CI office hour this Friday at 08:00 UTC at meet.ffmuc.net/radiclecioffice…

If Radicle CI, distributed CI, or just Radicle, or just CI, interests you, feel free to join.

#Radicle #RadicleCI #OfficeHour

Jitsi Meet

Join a WebRTC video conference powered by the Jitsi Videobridge

^{meet.ffmuc.net}

@bagder Essentially, #curl commit 0ae0abbe72514a75c10bfc4108d9f254f594c086 broke updating #HardenedBSD packages for certain users who use HardenedBSD behind a fully Tor-ified network (a network that uses transparent Tor proxying).

Those users were unable to update their HardenedBSD systems since the package manager uses libcurl behind-the-scenes. Some of these users live in malicious environments (malicious to human life), with actively-exploited applications.

So, this prohibition had a real negative impact, putting our users in harm's way.

If curl had a way to bypass the prohibition, we would've been able to keep our users safe.

This is why I mention #Radicle: they, too, do not support the .onion TLD by default, but can be configured to provide that support.

Radicle has three options:

1. Default: No support, .onion domain lookups will fail.
2. SOCKS support where .onion lookups succeed.
3. Explicit transparent proxying support, so .onion lookups succeed

curl is missing that third option.

I wonder if #curl could follow the wonderful example from the #Radicle project on how to properly support #Tor onion service endpoints.

daniel.haxx.se/blog/2025/05/16…

#TorProject #libcurl #HumanRights

Leeks and leaks

On the completely impossible situation of blocking the Tor .onion TLD to avoid leaks, but at the same time not block it to make users able to do what they want.

^{daniel.haxx.se}

In a move that surprises absolutely noone, GitHub now requires users to login in order to browse public repositories (including open source projects). After a few (~10) requests, you get blocked (I can confirm). In order to fight AI scrapers, I guess.

So, GitHub decided to blanket-limit access to open source projects as a defense against the very scourge that they(r parent company) unleashed on the world.

I won't be hypocrite: it's a bit embarrassing, but undeniably satisfying to say "told you so". I moved away from GitHub long ago and I moved all my stuff to Codeberg instead. And so happy I did!

Next step: radicle.xyz maybe?

github.com/orgs/community/disc…

#github #microsoft #openai #codeberg #ai #ml #llm #enshittification #foss #floss #opensource #radicle