HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jamietanna

no profile record

Submissions

Composer's Dependency Policies

nesbitt.io
3 points·by jamietanna·2 months ago·0 comments

Chaoss Metrics in 2026

nesbitt.io
1 points·by jamietanna·2 months ago·0 comments

I hate the recent open-source rise

jvt.me
16 points·by jamietanna·2 months ago·27 comments

A GitHub for Maintainers

nesbitt.io
2 points·by jamietanna·2 months ago·0 comments

Package managers need to cool down

nesbitt.io
5 points·by jamietanna·4 months ago·1 comments

How and why I attribute LLM-derived code

jvt.me
2 points·by jamietanna·5 months ago·0 comments

[untitled]

1 points·by jamietanna·6 months ago·0 comments

Quit social media by posting more

posseparty.com
3 points·by jamietanna·7 months ago·0 comments

Documentation done right: A developer's guide

github.blog
4 points·by jamietanna·8 months ago·0 comments

Worries about Open Source in the age of LLMs

jvt.me
5 points·by jamietanna·8 months ago·0 comments

Building a more secure NPM ecosystem with Mend Renovate

mend.io
1 points·by jamietanna·8 months ago·0 comments

Renovate 42 Is Coming

github.com
2 points·by jamietanna·8 months ago·0 comments

comments

jamietanna
·last month·discuss
That was a few days ago: https://news.ycombinator.com/item?id=48313577
jamietanna
·2 months ago·discuss
*11.x
jamietanna
·2 months ago·discuss
I personally prefer Free Software (FSF-approved) or Open Source (OSI-approved) licenses, but I also agree that there is a place for other licenses. It's better that there's space for kinda-open, rather than it being open vs completely closed repositories.

I've previously worked at a company using an "open source" license (Elastic, with the ELv2) and have enjoyed having to explain the difference to folks between what it meant to be "open source" vs "Open Source", and the fact that a lot of folks generally don't understand the difference and some of the nuance. Mentioning the BuSL was because it's something a lot more folks may be aware of, i.e. given Hashicorp's recent relicense (as with other companies in recent years)

Sustainability is hard, and having different ways to describe this is good! But it's a lot harder when people don't understand why something calling itself "open source" when it's "but you can't run it if you're a company" is bad
jamietanna
·2 months ago·discuss
I must say, I'm honoured this commenter is so angry about this post, they've read through many of my blog posts, and gone through microsites like my Manual of Me[0], to pull this quote to attempt to criticise me

[0]: https://manual.jvt.me/
jamietanna
·2 months ago·discuss
Hah, yes very true!

If you've not read up on the background between the two - I'd very much recommend it (and sorry if I'm re-explaining something you understand)

With Free Software, it's "free as in freedom", not "free as in gratis". Free Software is generally a bit more strongly biased towards the users of a piece of software, but as businesses started to use it they were a bit unhappy with that, so Open Source came to reduce that a little bit, making it easier for companies to use it, without as many strong protections for a user

See also [1]

[0]: https://www.gnu.org/philosophy/free-sw.en.html [1]: https://www.gnu.org/philosophy/open-source-misses-the-point....
jamietanna
·2 months ago·discuss
I think using `open source`, and clarifying that it includes non-OSI-approved licenses could work.

Alternatively, "source available" is a term that's been used to imply the source is there, but it's not "open source" (which led to the Fair Source folks working on their own naming for it, so as some folks have negative views of "source available")
jamietanna
·2 months ago·discuss
Nice! I've been doing similar, but prefer using Co-authored-by, especially as it allows for cases where there may be multiple models in play
jamietanna
·2 months ago·discuss
As I've written elsewhere in the thread, having worked at a large Enterprise in collaboration with Legal, if there isn't tracking of what AI contributions you have, it's harder to be protected legally by ie Microsoft's indemnity clause if you're sued
jamietanna
·2 months ago·discuss
Agreed they could be clearer on this

IMO (and I am biased because I have written about this before in https://news.ycombinator.com/item?id=47164481) but I believe it's to make sure they're legally covering their users, and making sure users of AI tools do at least have some attribution for AI-derived contributions
jamietanna
·2 months ago·discuss
Was wondering why a few of my sites aren't CSSing, as they use https://classless.de
jamietanna
·2 months ago·discuss
Both Renovate and Dependabot will raise PRs for a security fix, regardless of minimumReleaseAge/cooldown config
jamietanna
·2 months ago·discuss
Ooh thanks!
jamietanna
·2 months ago·discuss
Was wondering if there was a list of known opt outs as we are looking at a default opt out in Renovate[0] - we'll also look to set `DO_NOT_TRACK`

[0]: https://github.com/renovatebot/renovate/discussions/42932
jamietanna
·3 months ago·discuss
Glad to hear you're enjoying Renovate - I'm biased, but I agree that the SHA pinning PR updates are a very nice feature

We recently found (in Renovate) some edge cases with how tags work in GitHub Actions which was fun (https://news.ycombinator.com/item?id=47892740) and there's a few things in there Dependabot doesn't seem to support too
jamietanna
·3 months ago·discuss
And GitLab, too!
jamietanna
·3 months ago·discuss
https://news.ycombinator.com/item?id=47853799 for the curious
jamietanna
·3 months ago·discuss
> The Wayback Machine has not archived that URL.

Might have been taken down?
jamietanna
·3 months ago·discuss
Very much looking forward to getting this on Renovate - we require squash-merge via Merge Queue (with no per-PR override available in GitHub, despite asking) and so when I've got multiple changes, it's a lot of wrangling and rebasing

If this works as smoothly as it sounds, that'll significantly reduce the overhead!
jamietanna
·3 months ago·discuss
Eh, there are some very good reasons[0] that you would do better to track your usage of LLM derived code (primarily for legal reasons)

[0]: https://www.jvt.me/posts/2026/02/25/llm-attribute/
jamietanna
·3 months ago·discuss
Yep, we had to do this recently with Renovate, where we had too many releases, and new publishing hit a size limit on the registry, so we needed support to help us unpublish a load of old releases