Well, this has certainly caused quite a bit of drama from all sides.

I'm curious about the earlier audit of libolm which happened many years back (and by a reputable company), it feels like it should've found any potentially exploitable issues after all - including timing attacks.

That goddamn Doctor Benny's box gets me every time, the fact that they even remixed the theme to match is just glorious.

GitLab has been working on support for ActivityPub/ForgeFed federation as well, currently only implemented for releases though.

And it's still entirely unrelated to my point, since SUSE will remain the trademark in question regardless of what's actually contained in OpenSUSE.

But yes, the free/open-source spins of things tend to have somewhat differing content compared to the commercial offering, usually for licensing or support reasons.
E.g. CentOS (when it still was a real thing)/AlmaLinux/etc supporting hardware that regular RHEL has dropped support for, while also not distributing core RedHat components like the subscription manager.

Not at all what my point was. There's indeed plenty of Open-something (or Libre-something) projects under the sun, but no free/open spins of commercial projects named simply "Open<Trademarked company name / commercial offering>".

To be fair, OpenSUSE is the only project with a name like that, so it makes some sense that they'd want it changed.
There's no OpenRedHat, no OpenNovell, no OpenLinspire, etc.

Mercurial does have a few things going for it, though for most use-cases it's behind Git in almost all metrics.

I really do like the fact that it keeps a commit number counter, it's a lot easier to know if "commit 405572" is newer than "commit 405488" after all, instead of Git's "commit ea43f56" vs "commit ab446f1". (Though Git does have the describe format, which helps somewhat in this regard. E.g. "0.95b-4204-g1e97859fb" being the 4204th commit after tag 0.95b)

Well, one available case you can look at is Uru: Live / Myst Online, currently running under the name Myst Online: Uru Live: Again.

They open-sourced their Dirt/Headspin/Plasma engine, which required stripping out - among other things - the PhysX code from it.

Well, Flatpak always builds the aliases, so as long as the <installation>/exports/bin folder is in $PATH there's no need to symlink.

If you're talking specifically about having symlinks with some arbitrary name that you prefer, then that's something you'll have to do yourself, the Flatpak applications only provide their canonical name after all.
You could probably do something like that with inotify and a simple script though, just point it at the exports/bin folders for the installations that you care about, and set up your own mapping between canonical names and whatever names you prefer.

In regards to sandboxing, it only gets as far in the way as you ask it to. For applications that you're not planning on putting on FlatHub anyway you can be just as open as you want to be, i.e. just adding / - or host as it's called - as read-write to the app. (OpenMW still does that as we had some issues with the data extraction for original Morrowind install media)

If you do want to sandbox though, users are able to poke just as many holes as they want - or add their own restrictions atop whatever sandboxing you set up for the application. Flatpak itself has the flatpak override tool for this, or there's graphical UIs like flatseal and the KDE control center module..

Well, if you have any form of build script, makefile, or CI, then you can easily shove that into a flatpak-builder manifest and push the build repo anywhere you want. The default OSTree repository format can be served from any old webserver or S3 bucket after all.

I've done this for personal projects many times, since it's a ridiculously easy way to get scalable distribution and automatic updates in place.

The majority of AppImages I've seen have been dynamically linked, yes. But it's also used for packaging assets.

As long as your application is statically linked, I don't see any issue with that.

Well, Flatpak installs aliases, so as long as your distribution - or yourself - add the <installation>/exports/bin path to $PATH, then you'll be able to use the application IDs to launch them.

And if you want to have the Flatpak available under a different name than its ID, you can always symlink the exported bin to whatever name you'd personally prefer.
I've got Blender set up that way myself, with the org.blender.Blender bin symlinked to /usr/local/bin/blender, so that some older applications that expect to be able to simply interop with it are able to.

Ah, I had one of those wireless sticks from Netgear as well, probably a different model but still a royal pain to get it working.
Luckily ndiswrapper has become a thing of the past nowadays.

Ended up getting a Kobo Elipsa 2E myself a while back, and it's been a real pleasure to use. There's no stupid device-level DRM on it to try and prevent me from actually using it for my reading, and the onboard storage is just a simple microSD so it's really easy to upgrade if I want to fit even more books.

KOReader has been a real treat to run on it, letting me sync books from my home NAS over WebDav, push books directly to it over scp, I've even been poking at a plugin to have it automatically sync books off of a local reading tracker I've written.

Seems to work with my personal setup at least, with two libraries - the default on ~/.local/share/steam, and one on /mnt/storage/steam - and Stardew Valley installed in the secondary storage library

You're lucky to not have to deal with some of this hardware then, because it really feels like there are manufacturers who are determined to rediscover as many solved problems as they possibly can.

Got to spend way too much time last year with a certain piece of HPC hardware that can sometimes finish booting, and then sit idle at the login prompt for almost half a minute before the onboard NIC finally decides to appear on the PCI bus.
The most 'amusing' part is that it does have the onboard NIC functional during boot, since it's a netbooted system. It just seems to go into some kind of hard reset when handing over to the OS.

Of course, that's really nothing compared to a couple of multi-socket storage servers we have, which sometime drop half the PCI bus on the floor when under certain kinds of load, requiring them to be unplugged from power entirely before the bus can be used again.

The predictable interface naming has solved a few issues at work, mainly in regards to when we have to work with expensive piece-of-shit (enterprise) systems, since they sometimes explode if your server changes interface names.
Normally wouldn't be an issue, but a bunch of our hardware - multiple vendors and all - initialize the onboard NIC pretty late, which causes them to switch position almost every other boot.

I've personally stopped caring about interface names nowadays though, I just use automation to shove NetworkManager onto the machine and use it to get a properly managed connection instead, so it can deal with all the stupid things that the hardware does.

Factorio is great, I'm also a fan of X4.