@bagder Well, at least for podman users, we can ensure an official shortname matches wherever you want to go: https://github.com/containers/shortnames 😉

And have you looked at where to move the official images for curl yet? I've been using quay.io for my personal images and it's quite nice. 😀

@bagder what is the likelihood docker itself relies on curl? I would assume 100%…

@bagder @simonlbn I've gone through two weeks of toots but cannot find the context of this statement...

@bagder i thought you meant about the fact that without curl, docker things will break. instead, it's much worse. it's kind of like a bait and switch.

either way, both outcomes are bad for the docker registry, so docker might have to make an exception for the popular images (while allowing less popular images to die).

@bagder 💯

@bagder What's this about? I know about the Docker change, but what do you mean with victim users?

@bagder pretty sure I read on The Other Site that namespaces will be retained so squatting can’t happen.

@bagder Totally agree with not giving in.
The linked FAQ states that namespaces will not be released: https://news.ycombinator.com/item?id=35154025

@bagder Funny, I have been asked why I don't like docker.. This bs that they are pulling is 1 example.

@bagder 💯

@bagder on the one hand I can understand that running such a platform „for free“ is hard. On the other hand they already charge users for using the platform. By also charging the „content providers“ (and hence scaring them away) they will also loose the users in the long run. Why pay if your favourite images are not available any more?

Not to mention all the other issues (e.g. bad actors claiming previously well known account names etc). This seems like giant footgun.

@bagder non-technical person here. What prevents projects and orgs from moving their images to a repository that is genuinely supportive of open-source? Are there no such repo that offer similar services as Docker?

@bagder Do you have the resources to beat Docker in court? No?

I argue that you need a revenue model to cover the costs while you rebuild around another tool.

@bagder i created + ran freepository for 17 yrs - lots of paid accounts but TONS of free ones.

i never did anything like this + even when i sunsetted the service, i gave everyone six months notice + the ability to download full repos.

not everyone who provides a free service behaves this way.

@bagder *nodds in agreement*

Every good #hoster will #chache shit and use at least an inhouse #CDN to save on external traffic.

To the point that hosters have caching proxies for packages of distros preconfigured in their images.

@bagder that's right, they need to tend their own walled garden.

Kinda like with Elon threatening to allow impersonators on his site if you don't give him money lol

@bagder
despite all the clusterfuckery of dockers decision, the way I read it namespaces are not released, so squatting of your image names will be impossible, even when your organization is deleted.
Still a scumbag move.

@bagder it means, we should ban all docker images...

@bagder no, this should not be the case.

@bagder this can become the biggest industrial catastrophe..

But I read on github that they will forbid squating... (I don't really trust them..)

I recomend people to forbid their registry and ask their package maintainer to use a different one.

@bagder a bit off-topic, but I just realized: people are running curl in Docker. A single binary command line application. And not a few, but causing 5000000000 downloads. What is going on in IT?

@bagder there's going to be a lot of squatting of Docker names soon. Docker images may become the main vector for delivering malware. And it's all on them, all self-inflicted.

I *WANT* people to do a docker pull of curl and install malware instead. I want it with all of my heart because I want people to figure out that Docker is an unreliable company that builds an unreliable product, and that those who slap the FOSS community after relying on them to grow deserve to get nothing but shitware.

@bagder Apparently, Docker's CTO commented informally on Twitter that they will shut down accounts that do not pay up, and not allow anyone else to take over the name....

Hopefully they keep their word.

@bagder on some free software project, we asked to become part of Docker-Sponsored Open Source program yesterday, and where accepted early this morning. You should probably do the same, if nothing but to protect the namespace

@bagder apparently, accounts/organization names are not made available to new registers. I suppose it will mitigate the risk of squatting?

(source: https://twitter.com/justincormack/status/1635706522419200004)

Ok so I didn't follow the story, so Docker company ask for fees now for namespace on docker hub if I understand well.

@bagder #selfHostingIsTheNewSexy

@bagder I still think the galaxy brain solution in most cases is going to be drop Docker, drop containers with their overhead, and use Nix or Guix if you want reproducible, shareable builds.

@bagder TIL that asking open source developers to pay for the services they use is extortion.

🤦‍♂️

@bagder Someone recommended cancelling the org. and then immediately squat it yourself with a private throwaway.

@bagder wait, why would curl ever pay docker? It's on docker for having a successful ecosystem.

@bagder
Have you evaluated #podman? I'm quite ignorant on the issue but AFAIK it should be a drop in replacement for #docker
@valhalla

@bagder docker images of curl? For what?