I think that https://blessed.rs does a pretty good job of providing recommendations for things that probably can't be crammed into the standard library, but which you'll almost certainly end up needing at one point or another. I honestly like that system a lot, it makes it so that the only packages you need to worry much about are usually doing something rather specific.
It lets you track what packages you "trust". Then you can choose to transitively trust the packages trusted by entities you trust.
This lets you have a policy like "importing a new 3rd party package requires a signoff from our dependency tzar. But, packages that Google claim to have carefully reviewed are fine".
You can also export varying definitions of "trust". E.g. Google exports statements like:
- "this package has unsafe code, one of our unsafe experts audited it and thinks it looks OK"
- "this package doesn't do any crypto"
- "this is a crypto library, one of our crypto experts audited it and thinks it looks ok"
Basically it's a slightly more formal and detailed version of blessed.rs where you can easily identify all the "it's not stdlib, but, it's kinda stdlib" stuff and make it easily available to your team without going full YOLO mode.
It can also give you a "semi-YOLO" approach, it supports rationales like "this package is owned by a tokio maintainer, those folks know what they're doing, it's probably fine". I think this is a nice balance for personal projects.
The joke is that Microsoft was truthfully able to say "the individual responsible is no longer with the company", a phrase which normally implies that someone has been fired as a direct consequence of the event, without actually firing anyone. The statement was true because the individual responsible had finished their internship, and hadn't yet been brought back as a full-time employee.
I agree about the title, but I do think it was absolutely a joke or case of diplomatic dexterity:
> The manager of this component replied, completely truthfully, “the individual responsible for this regrettable act is no longer with the company.”
Doesn't really sound like inadvertent or convenient HR/PR team handling, 'manager of this component'. How big would MS have been at the time (Windows 3.1, early 90s) anyway?
Sounds very much to me like they thought it was hilarious, and were thrilled to be able to say they were no longer there on a technicality!
Without a CLA or equivalent mechanism they would need to get the agreement of every contributor to change licences. Once a project gets large enough the sheer number of people involved usually makes this impossible
0-BSD doesn't have any conditions at all. 2-BSD does.
The MIT → AGPL example isn't very illustrative. The requirements under AGPL are a strict superset of the requirements under MIT. Going MIT → 0-BSD is a bit trickier, because distribution under 0-BSD doesn't meet the requirements of MIT.
> In his statement, Mr. Mackoff described distinct conversations he had with each employee, provided the supervisor’s name, and submitted the diagram he drew while trying to explain to the employees how to count the 10 calendar days. As Mr. Mackoff’s witness statement includes so much detail, and as Air Canada has produced no contrary statement, I accept that Air Canada refused to transport both Mr. and Mrs. Mackoff on February 15, 2022 and so breached its contract with them.
I don't necessarily know that you can conclude from a few memes that people are actually out there doing this, I see it more as venting frustration. They're certainly advocating for it, though.
The vandals in question call themselves "Tyre Extinguishers". Search for that phrase in that subreddit, and you'll see it's full of people defending them.
