Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
I'd love to support you in this cause.
I don't see a reason why they should not allow this. Unless their architecture is modelled in a shitty way. -
@Floydimus Oh its most definitely a stupid management decision at microsoft tO sAvE mOneY
Should be if your account is dormant for 6 months, it's deleted. Multiple warning emails, that's how (respectful, non FAANG) services usually do it. -
So they prevented you from giving your account the name of another account which doesn't exist anymore but once hosted the release repo of an important package that is deprecated for a long time but can still be found as dependency in some high-profile projects which did not care to update yet?
Wonder what reason they could have for that... -
Alt-Tab5413yoh no! fuck. :(
I was about to request exactly this and man I'd even be happy to pay a fee for the service... darn this sounds like stupid lazyness. -
sariel84473y@Oktokolo sounds to me that sourcing our deps from the source is a bad idea then. Maybe we should instead use a package manager with signatures and trust keys....
I wonder if such a system exists?/s -
sariel84473y@Oktokolo Linux package managers like apt, dnf, apk are more of what I was thinking about.
-
Ugh the deleted account they for some reason got rid of included that, heres a point stop trying to 'clean up' after me !!! assholes !
-
@sariel Well, their domain names are security relevant too. The keys their package managers use are as correct as the initial key in the iso image, the user downloaded from a website only identified by the domain name. Maybe the user even verified the ISO's fingerprint - using information from the same site of course...
Identifiers are important because trust on first use is pretty common. Well-known identifiers changing ownership can be a severe security issue.
A less permanent version of what Github does should be done everywhere: Keep abandoned names locked away for some time to avoid impersonation attacks in the (often surprisingly long) timeframe between a project's death and its users realizing that.
Related Rants
Yeah well fuck right off then. I'm just going to build a bot to auto signup for every possible username combination left in the latin alphabet. Then after the media bullshit dies down they'll be changing this policy.
👺
rant
stupid
fix it
github
squatting