It's not just for security, it's also for maintainability. Frankly being able to reflect across package boundaries has always seemed like a misfeature for maintainability to me. The code you have that is broken by Java 9 was already badly behaved, the JVM was just lenient about it.
pro tip: don't bother with SDKMAN. use https://mise.jdx.dev to install Java, it can also install a bunch of other languages and tools. it's most likely the last tool version manager you'll ever need.
I found the documentation confusing and as so often with general-approach tools too overwhelming for what I'm trying to do. sdkman works fine for what I need it for and usually you only need one instance of gradle and maven installed.
And sdkman is written in rust and only needs curl, zip and unzip, no JVM.
I meant for focused on compilation speed to apply only to lower level languages. And when I say lower level I don’t really include D because it has a garbage collector (I know it’s optional but much of the standard library uses it I believe).
That a language has a garbage collector is completely orthogonal to whether it has type inference ... what the heck does it matter what "much of the standard library uses" to this issue? It's pure sophism. Even C now has type inference. The plain fact is that the claim is wrong.
The x axis is orthogonal to the y axis, so I can’t be interested in the area where x < 1 and y = 5?
> what the heck does it matter what "much of the standard library uses" to this issue?
It matters in that most people looking for a low level manually memory managed language won’t likely choose D, so for the purposes of “is this relatively novel among lower level, memory managed languages” D doesn’t fit my criteria.
> Even C now has type inference. The plain fact is that the claim is wrong.
chezmoi is a great tool, and I admire this project taking a strong stand. However I can’t help but feel that policies like this are essentially unenforceable as stated: there’s no way to prove an LLM wasn’t used to generate code. In many cases it may be obvious, but not all.
Some people post vulnerability disclosures or pull requests which are obviously fake and generated by LLM. One example: https://hackerone.com/reports/2298307
These people are collaborating in bad faith and basically just wasting project time and resources. I think banning them is very legitimate and useful. It does not matter if you manage to "catch" exactly 100% of all such cases or not.
I’m aware of the context, but as someone who frequently uses LLMs productively I find bans on all usage to be misguided. If in practice the rule is “if we can tell it’s AI generated, we’ll ban you” then why not just say that?
Moreover, in the case of high-quality contributions made with the assistance of LLMs, I’d rather know which model was used and what the prompt was.
Nonetheless I still understand and respect rejecting these tools, as I said in my first comment.
I don't think rules like that are meant to be 100% perfectly enforced. It's essentially a policy you can point to when banning somebody, and the a locus of disagreement. If you get banned for alleged AI use, you have to argue that you didn't use AI. It doesn't matter to the project if you were helpful and kind, the policy is no AI.
What are you talking about? The OP says "If you use ... banned without recourse" and the "more information" link manages to have even less information.
> I've heard this argument, but it also doesn't pass the sniff test in 2025.
I mean, it's at least partially true. I used to play BioShock Infinite on my MacBook in high school, there was a full port. Unfortunately it's 32 bit and doesn't run anymore and there hasn't been a remaster yet.
Yeah this thing has actual support for stacked PRs which Github has somehow failed to do for decades. If I ever need some self hosting thing I'll definitely check this out.
My only hesitation is that I'd want it for private use in a company, and it isn't clear to me how to avoid connecting your Tangled instance to the rest of the public network.
Having started with Mise, and now being primarily a Nix user — Mise still has the edge for what it does. It supports pinning exact versions of many more languages than devenv does. When devenv doesn't support pinning the version you need, it's straight back to the pain and complexity of overlays and overrides and so on.
reply