frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Apple Photos App Corrupts Images

https://tenderlovemaking.com/2025/09/17/apple-photos-app-corrupts-images/
68•pattyj•39m ago•10 comments

Oh no, not again a meditation on NPM supply chain attacks

https://tane.dev/2025/09/oh-no-not-again...-a-meditation-on-npm-supply-chain-attacks/
74•theycameback•1h ago•53 comments

GNU Midnight Commander

https://midnight-commander.org/
331•pykello•7h ago•182 comments

Alibaba's New AI Chip Unveiled: Key Specifications Comparable to H20

https://news.futunn.com/en/post/62202518/alibaba-s-new-ai-chip-unveiled-key-specifications-compar...
36•dworks•2h ago•21 comments

Determination of the fifth Busy Beaver value

https://arxiv.org/abs/2509.12337
28•marvinborner•1h ago•0 comments

Notion API importer, with Databases to Bases conversion bounty

https://github.com/obsidianmd/obsidian-importer/issues/421
123•twapi•6h ago•31 comments

Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised

https://socket.dev/blog/ongoing-supply-chain-attack-targets-crowdstrike-npm-packages
1065•jamesberthoty•1d ago•870 comments

EU Chat Control: Germany's position has been reverted to UNDECIDED

https://mastodon.social/@chatcontrol/115215006562371435
104•doener•1h ago•49 comments

The Asus Gaming Laptop ACPI Firmware Bug: A Deep Technical Investigation

https://github.com/Zephkek/Asus-ROG-Aml-Deep-Dive
245•signa11•7h ago•109 comments

Why We're Building Stategraph: Terraform State as a Distributed Systems Problem

https://stategraph.dev/blog/why-stategraph/
23•lawnchair•3h ago•24 comments

PureVPN IPv6 Leak

https://anagogistis.com/posts/purevpn-ipv6-leak/
12•todsacerdoti•1h ago•0 comments

Things you can do with a Software Defined Radio (2024)

https://blinry.org/50-things-with-sdr/
830•mihau•21h ago•136 comments

Murex – An intuitive and content aware shell for a modern command line

https://murex.rocks/
53•modinfo•5h ago•20 comments

Doom crash after 2.5 years of real-world runtime confirmed on real hardware

https://lenowo.org/viewtopic.php?t=31
298•minki_the_avali•14h ago•84 comments

Tabby – A Terminal for the Modern Age

https://github.com/Eugeny/tabby
37•modinfo•4h ago•39 comments

How to make the Framework Desktop run even quieter

https://noctua.at/en/how-to-make-the-framework-desktop-run-even-quieter
287•lwhsiao•17h ago•96 comments

I got the highest score on ARC-AGI again swapping Python for English

https://jeremyberman.substack.com/p/how-i-got-the-highest-score-on-arc-agi-again
104•freediver•9h ago•33 comments

Denmark close to wiping out cancer-causing HPV strains after vaccine roll-out

https://www.gavi.org/vaccineswork/denmark-close-wiping-out-leading-cancer-causing-hpv-strains-aft...
796•slu•17h ago•304 comments

DataTables CDN Outage – post incident review

https://datatables.net/blog/2025/july-29-outage
18•cristoperb•16h ago•8 comments

Normal-order syntax-rules and proving the fix-point of call/cc

https://okmij.org/ftp/Scheme/callcc-calc-page.html
30•Bogdanp•3d ago•0 comments

Algebraic Types are not Scary

https://blog.aiono.dev/posts/algebraic-types-are-not-scary,-actually.html
11•Bogdanp•2d ago•3 comments

A dumb introduction to z3

https://asibahi.github.io/thoughts/a-gentle-introduction-to-z3/
215•kfl•2d ago•30 comments

AMD Open Source Driver for Vulkan project is discontinued

https://github.com/GPUOpen-Drivers/AMDVLK/discussions/416
98•haunter•11h ago•25 comments

Samsung 870 QVO 4TB SATA SSD-s: how are they doing after 4 years of use?

https://ounapuu.ee/posts/2025/09/15/samsung-870-qvo/
45•furkansahin•2d ago•16 comments

Waymo has received our pilot permit allowing for commercial operations at SFO

https://waymo.com/blog/#short-all-systems-go-at-sfo-waymo-has-received-our-pilot-permit
645•ChrisArchitect•19h ago•653 comments

In Praise of Idleness (1932)

https://harpers.org/archive/1932/10/in-praise-of-idleness/
74•awanderingmind•5h ago•10 comments

I built my own phone because innovation is sad rn [video]

https://www.youtube.com/watch?v=qy_9w_c2ub0
263•Timothee•2d ago•47 comments

About the security content of iOS 15.8.5 and iPadOS 15.8.5

https://support.apple.com/en-us/125142
323•jerlam•11h ago•140 comments

Bertrand Russell to Oswald Mosley (1962)

https://lettersofnote.com/2016/02/02/every-ounce-of-my-energy/
236•giraffe_lady•19h ago•115 comments

CubeSats are fascinating learning tools for space

https://www.jeffgeerling.com/blog/2025/cubesats-are-fascinating-learning-tools-space
54•calcifer•3d ago•3 comments
Open in hackernews

Why We're Building Stategraph: Terraform State as a Distributed Systems Problem

https://stategraph.dev/blog/why-stategraph/
23•lawnchair•3h ago

Comments

eschatology•1h ago
Hmm

I don’t see the state file as a complete downside. It is very simple and very easy to understand. It makes it easy to tell or predict what terraform will do given the current state and desired state.

Its simpleness makes troubleshooting easier: the state files are easy to read and manipulate or repair in the event of a drift, mismatch, or botched provider update.

With the solution proposed it feels like the state becomes a black box I shouldn’t put my hands in. I wonder how the troubleshooting scenarios change with it.

Personally, I haven’t ran into the scaling issue described; at any given time there is usually only one entity working with the state file. We do use terragrunt for larger systems but it is manageable. ~1000 engineer org.

lawnchair•39m ago
You are right that the simplicity of the state file is a strength and we do not want to lose that. One of our goals with Stategraph is to make state just as easy to inspect through both the command line and the UI.

Not every Terraform setup runs into scaling pain. The trouble tends to show up in larger repos with thousands of resources where teams share big chunks of infra. That is where global locks and full refreshes become a bottleneck and where we think graph semantics help.

pst•1h ago
This is awesome. Having a single state for all resources in an environment is critical for keeping all the moving pieces in check and a core design aspect of Kubestack. But the growing state files quickly become a bottleneck. I'm definitely giving this a good test drive. Very excited.
sausagefeet•1h ago
Thank you, that is great to hear! We're pushing pretty hard to get a pre-alpha out to get some foundations testable by the community.
tuananh•1h ago
can it be a sqlite db in s3 with locking implemented with s3?
sausagefeet•1h ago
Hello, Stategraph developer here, the answer is: probably not. That doesn't resolve the core issue of state being managed as a big blob.
sausagefeet•1h ago
Hey! One of the Stategraph developers here and can answer any questions. The major motivation is just how small scale Terraform/Tofu start to breakdown and creates work for users when they have to refactor for performance issues that shouldn't exist. So we want a drop in solution that just dissolves those issues without the user having to do anything.
giveita•1h ago
Not an expert, but doesn't microservices help with this. Each microservice has its own YAMLesque resource descriptor (TF, cloudformation, whatever) and is managed independently. My team can add a SQS or S3 without locking your team.

I might be wrong regarding more sophisticated infra though.

sausagefeet•1h ago
Not necessarily. The guidance is to split your TF code across multiple states which might feel like it make sense but for your microservices to communicate that beed to share some base infrastructure, such as networking, so where does that live? Putting dependencies in their own state means that you lose the ability to understand how changing them impacts all of your infrastructure because you have this information black hole at the boundary of their state.

With Stategraph, you'll get all the benefits and isolation of separate state files, but when you changed resources, you'll get meaningful plans around all of the infrastructure they impact, not just the statically defined boundaries of a state file.

lawnchair•1h ago
Author here. You are right that splitting by microservice reduces overlap. The problem is shared resources never go away such as VPCs IAM or databases so contention shows up there.

Splitting state files is the common workaround but that only creates new problems like cross state dependencies and orchestration glue. The real issue is the storage model which is a single JSON blob with a global lock. Treating state as a graph with proper concurrency control avoids contention while keeping a cohesive view of infrastructure.

spinningarrow•1h ago
Do you have an example you can share?

We have about 30 services with each managing their own terraform state. We also have a shared infra repo managing some top level items. We haven’t run into any issues (with any regularity at least) that I can think of but I’m wondering if this could be a good tool for us as we grow and things become even more complex?

lawnchair•54m ago
The pain really shows up when teams manage large sets of infrastructure in one place with thousands of resources. Even a small change forces a global refresh and a global lock, so you end up waiting on operations that have nothing to do with your change. Splitting reduces contention but fragments your view of the system. We want state to behave like the dependency graph it already is.
mystifyingpoi•9m ago
It is the usual DRY/WET concern. Having microservices be completely independent and relying only on shared message broker or service discovery has its benefits, but the cost is generally duplication of things. Things like "whitelist this inbound IP for all services" or "configure telemetry endpoint" often end up in making N changes to N separate repos, and it becomes hell if you have to talk to N teams.
arccy•1h ago
so kind of like crossplane where each resource is managed individually?
dwroberts•1h ago
If you use a tool like Atmos (https://atmos.tools/) you kind of fix this issue already for free - because it takes the place of the root module, it actually manages the state of each sub module separately (they each have their own individual state file rather than being converged into one).
lawnchair•1h ago
I don't think it fixes it. Atmos makes splitting and managing multiple states easier, but it still splits the graph. It doesn't change the underlying execution model.
angio•48m ago
How does this compare with Pulumi? AFAIK they also don't have a state file and relay on an external database to store state. Is your locking granularity better?
lawnchair•44m ago
I don't know enough about Pulumi to make a fair comparison on locking granularity. Pulumi's model is pretty different from Terraform/OpenTofu in general and state management is only one part of that. We're focused on optimizing the Terraform execution model and making the state layer match the graph semantics it already uses.
cyberpunk•42m ago
I mean take this with a grain of salt and purely anecdotal; but everywhere I've heard of who chose pulumi over tf are no long using pulumi. I'd love to hear some opposing experiences to that though!
cedws•20m ago
I was in a platform team using Pulumi (TypeScript) for a while. An issue I observed is that the team members with weaker programming skills were contributing not so great changes, and parts of the codebase diverged in style. The Output type also took some time for us to get our heads round and it felt awkward to work with, we were having to chain a lot of calls and had callback hell sometimes.

We were all experienced with Go but at the time the Go SDK was very awkward, although I think some of that has been resolved with generics now. TF is less expressive but I think that’s actually better for 99% of cases.

johanneskanybal•39m ago
I think that’s the article but tl;dr that’s only part of the problem and already widly adopted with mutexes in say dynamo or whatever flavor you chose. This is about not having global locks or 10 arbitary random locks per subdomain but rather figuring out the exact resources affected and locking only those.

Sounds very neat if you’re an big enough org.

sylens•30m ago
It's an interesting proposal because they correctly call out that segmenting state files by workspace/environment in a very judicious way causes its own issues as you approach scale or have to work across environments. There is an entire industry of tools and services that help to streamline this process for you, but it still feels very hacky.

I'm curious if this will be compatible with tools like Spacelift or Env Zero, or if they are going to build their own runner/agent to compete in that space.

lawnchair•28m ago
We are already in that space [0] though that's not the focus of this post. Working with teams at scale on orchestration is what pushed us to look deeper at state itself and eventually create this project.

0: https://terrateam.io

anonymousDan•18m ago
Are there any statistics/analyses for the popularity of these different configuration management languages/frameworks (Terraform, Pullumi etc) in cloud settings? Trying to figure out which one(s) are worth learning.