More

arianvanp · 2026-05-24T08:57:49 1779613069

Was inspiring to meet you at NixCon. Thanks for all your energy and advocacy! You'll always be welcome in our open source community.

arianvanp · 2026-05-22T09:15:04 1779441304

A more general metric that is useful to watch for is pressure stall information for CPU, IO and Memory.

https://docs.kernel.org/accounting/psi.html

I made a Prometheus exporter for it:

https://github.com/arianvp/cgroup-exporter

JeremyTheo · 2026-05-22T09:35:36 1779442536

arianvanp · 2026-05-20T07:12:22 1779261142

Ah yeh Zed. The editor that downloads random binaries for LSPs unprompted without asking me. That's not gonna end badly.

The only way I found out is because I run NixOS and it downloaded a dynamically linked binary that failed to start up and it spat out an error

arianvanp · 2026-05-12T07:40:20 1778571620

Why do we do all these efforts making our build systems hermetic and we end up just using a global mutable cache across branches where the caller picks the key? Failure of industry as a whole. Actually insane.

arianvanp · 2026-05-09T10:32:05 1778322725

The irony of this being a Twitter post with pictures of html rendering instead of an interactive html page is not lost on me.

Arguing for html on a platform with less rich semantics than markdown is just ultimately funny

bonsai_spool · 2026-05-09T13:48:08 1778334488

https://thariqs.github.io/html-effectiveness/

I guess it’s both

danieldisu · 2026-05-09T11:15:16 1778325316

Don't get me started on the "templating" for Twitter Articles, it doesn't even support markdown...

arianvanp · 2026-04-29T08:39:59 1777451999

Working on the foundation of this (getting Wire deployed at and certified by the BSI) was my first job out of college 7 years ago and how I ended up in Berlin. And once you end up in Berlin you can never leave, it seems.

I was actually on site at the Bundeskanzleramt and they had requirements of being able to install the entire server stack airgapped. We ended up building quite a cool delivery method based on Nix to ship the whole closure of the system and the containers inside and spin up a Kubernetes cluster with it. I'm wondering if it is still being used.

Amazing to see it's still going strong :)

raihansaputra · 2026-04-29T08:53:23 1777452803

What was the media for updates? Send them a CD or a flashdisk and they plug it in? I assume the PVC backing etc they handle on their own?

arianvanp · 2026-04-29T09:27:32 1777454852

Yes, updates were delivered using a flash drive.

> PVC backing

Yeh. But wire's storage is based on Cassandra which handles replication of storage. So you could deploy it on local nvme drives as well using a local storage CSI.

That's also how the wire.com cloud is/was run. Large Cassandra cluster on top of EC2 Instance Store as opposed to EBS.

rrr_oh_man · 2026-04-29T08:46:33 1777452393

  > first job out of college 7 years ago
  > Amazing to see it's still going strong

Yup, sounds like a government project...

looperhacks · 2026-04-29T09:08:22 1777453702

The earliest doc I can find quickly shows that the BSI already recommended Wire in 2021 (at least; couldn't find anything earlier). The actual authorization seemed to have happened some time in 2024, but it's possible that just nobody asked for the formal approval before that.

What I'm saying is - just because the BSI authorizes something, doesn't mean that it has to reach the Bundestag ;)

arianvanp · 2026-04-28T20:32:46 1777408366

And yet GitHub has felt the most dead it ever did. Less quality contributions. Less feeling of community. All the open source projects are struggling.

They dont have a service usage problem they have a slop problem. Ban the slop and the platform will thrive

gavmor · 2026-04-28T23:05:21 1777417521

Is it September already?

Rapzid · 2026-04-29T01:16:44 1777425404

Wake me up when...

arianvanp · 2026-04-23T19:03:45 1776971025

The chainguard folks built sigstore :)

eranation · 2026-04-24T03:30:02 1777001402

Yep yep, hence the ask, expected for containers, wondering if also for build from source.

arianvanp · 2026-04-23T08:44:49 1776933889

That's not true. Both AWS' as well as GCP's workload identity tokens are not bound to the VM. If you leak the credentials they're valid until they expire. on AWS the expiry is 6 hours (non-configurable). Even if your IAM role has a shorter expiration, the credentials assumed by the VM will always be valid for 6 hours.

ithkuil · 2026-04-23T13:30:47 1776951047

That entirely depends on the location of the proxy and the extra conditions you can express. E.g. you could bind it to a source IP and have the proxy check that, or use some overlay network (like tailscale does)

My point was that you don't literally have to run the proxy on localhost in order to scope the request.

arianvanp · 2026-04-20T22:58:03 1776725883

Just a heads up: I know it's cool to generate ASCII art with Claude code these Days but for some reason checks the output? Non of the diagrams in the article look correct to me. They all have spacing issues?

wonger_ · 2026-04-21T00:08:56 1776730136

You're probably seeing an Android bug. The default Android monospace font borks the spacing of box-drawing characters. It's been like that for several years. EDIT the same thing might happen on some niche Linux distros

slopinthebag · 2026-04-21T00:10:46 1776730246

No I see it on a non-android device too. But it's not as egregious as most vibe-coded ascii diagrams to be fair.

wonger_ · 2026-04-21T00:12:47 1776730367

Ah my bad! Didn't scroll down far enough. Shame. Maybe the fi ligature messed up their spacing.

harshreality · 2026-04-21T06:08:59 1776751739

Were they generated by D2? I tested naive generation without extra hints/layout settings, and its ascii charts leave a lot to be desired (including worse artifacts than that, like creating too-narrow charts and text overwriting other text that's too close). SVG output might have been much better.