More

dgellow · 2026-04-03T17:39:18 1775237958

Flag then move to the next one

dgellow · 2026-04-03T14:04:58 1775225098

All those discussions about career suicide. Are you all that afraid to do what you think is right because you could get fired?

What Axel does by coming public with his named attached is remarkable. He gains a lot of respect in my book. Even if it is one sided and details are missing

CobrastanJorji · 2026-04-03T17:57:25 1775239045

The career suicide wasn't escalating (although probably that was job suicide). The career suicide is venting and airing all of your former employee's dirty laundry. Unless your former employer is doing something deeply unethical, writing hit pieces against them after you leave is going to make you less attractive to future employers. Before this article, employers would see "experienced and available cloud engineer." After this, employers would see "backstabber who was probably fired for being a pain."

But also, this is Hacker News. Many of us work for companies that are largely making the world worse in exchange for large salaries. Many of us have, probably unconsciously, built our lives around not doing what we think is right in exchange for not getting fired.

axelriet · 2026-04-03T19:07:27 1775243247

You have all the right words but some are in the wrong order.

dgellow · 2026-04-03T13:56:12 1775224572

If your reaction is emblematic of the way people reacted to his points internally that does give more credibility to his side of the story IMHO

dgellow · 2026-04-03T12:55:48 1775220948

Saving you all a click. “The Document Foundation”, which seems to be the entity governing libreoffice?

dgellow · 2026-04-03T12:52:46 1775220766

Actually there is an option to restrict to only OIDC publishing. It is a bit hidden and relies on a different form for reasons I really cannot understand. Npm UX is just so bad.

Point 4 from https://npmdigest.com/guides/npm-trusted-publishing#ux-probl...

(I wrote that guide page for myself because I always get annoyed when dealing with npm OIDC)

dgellow · 2026-04-03T12:49:17 1775220557

npm process to setup OIDC is way too frustrating. There is just so much friction. You need the package to first exists in the registry, meaning you have to first create an API token and push something. And only then can you enable OIDC for that specific package. After adding the repo + workflow names, you have to save. Then finally toggle the “only allow OIDC publishing”.

Before each action you need to enter your 2fa code.

I got so frustrated with npm end of last year that I wrote a whole guide covering that issue: https://npmdigest.com/guides/npm-trusted-publishing

dgellow · 2026-04-02T20:07:18 1775160438

I mean, in that case, cannot you do the same by just using sonnet instead of opus?

dgellow · 2026-04-02T15:39:09 1775144349

And connected to the network!

dgellow · 2026-04-02T10:52:32 1775127152

When you’re that large and established it’s very hard to die. I expect IBM to exist in some form pretty much forever

dgellow · 2026-04-02T10:49:21 1775126961

Oh that’s interesting. I think that matches perfectly with an experience I had with a micro saas I run. I first thought people discovered it organically because it started with just a few signups throughout the weekend, then eventually escalated to multiple an hour. None of the accounts were active but email addresses didn’t look too odd and they weren’t bouncing. I eventually added a captcha that seems to have been effective, but that was a surprising experience because there is nothing you can use that saas for anything nefarious as far as I’m aware