I think the login-redirect system is just broken for ADFS, it feels like it adds all the SSO-logout URLs for all systems you’re logged into to the redirect queue when it times your session out.
Which means you’ll have to log in enough times to exhaust that queue before it finally reaches the actual system you’re trying to log into.

But that’s just an assumption.

Added an edit with the filter line

I actually recently added the Microsoft logout page to µblocks domain filter at work, since it would every now and then trigger a logout the very first page load after I’d log in to the email there.

This has also somehow caused a bunch of other AD-connected systems to suddenly behave a lot better when it comes to session termination.

Edit: Since people were asking for it, this is what you need to add to the “My filters” tab in your UBO config;

||login.microsoftonline.com/common/oauth2/v2.0/logout^$document

This will prevent any requests from redirecting you to log out, timeouts etc will still invalidate your session.

They actually did a study on it after rolling back to Windows, and it turned out to not have failed due to technical difficulties at all.
If I recall correctly they stated that something like 80-90% of all issues reported during the period were due to badly designed processes - processes which were the same as in Windows, and the number of technical issues actually dropped.

Certainly, the fact that Microsoft promised to build a fancy new HQ in the city if they switched back to Windows can’t have had anything to do with the choice to roll back…

Well, there’s the ALFIS project

And it’s still entirely unrelated to my point, since SUSE will remain the trademark in question regardless of what’s actually contained in OpenSUSE.

But yes, the free/open-source spins of things tend to have somewhat differing content compared to the commercial offering, usually for licensing or support reasons.
E.g. CentOS (when it still was a real thing)/AlmaLinux/etc supporting hardware that regular RHEL has dropped support for, while also not distributing core RedHat components like the subscription manager.

Not at all what my point was. There’s indeed plenty of Open-something (or Libre-something) projects under the sun, but no free/open spins of commercial projects named simply “Open<Trademarked company name / commercial offering>”.

To be fair, OpenSUSE is the only project with a name like that, so it makes some sense that they’d want it changed.
There’s no OpenRedHat, no OpenNovell, no OpenLinspire, etc.

It’s somewhat amusing how Itanium managed to completely miss the mark, and just how short its heyday was.

It’s also somewhat amusing that I’m still today helping host a pair of HPE Itanium blades - and two two-node DEC Alpha servers - for OpenVMS development.

To quote Microsoft themselves on the feature;

“No content moderation” is the most important part here, it will happily steal any and all corporate secrets it can see, since Microsoft haven’t given it a way not to.

Go has a heavy focus on simplicity and ease-of-use by hiding away complexity through abstractions, something that makes it an excellent language for getting to the minimum-viable-product point. Which I definitely applaud it for, it can be a true joy to code an initial implementation in it.

The issue with hiding complexity like such is when you reach the limit of the provided abstractions, something that will inevitably happen when your project reaches a certain size. For many languages (like C/C++, Ruby, Python, etc) there’s an option to - at that point - skip the abstractions and instead code directly against the underlying layers, but Go doesn’t actually have that option.
One result of this is that many enterprise-sized Go projects have had to - in pure desperation - hire the people who designed Go in the first place, just to get the necessary expertice to be able to continue development.

Here’s one example in the form of a blog - with some examples of where hidden complexity can cause issues in the longer term; https://fasterthanli.me/articles/i-want-off-mr-golangs-wild-ride

Go really does do well in the zero-to-hero case, that’s for certain. Unfortunately it doesn’t fare nearly as well in terms of ease when it comes to continued development.

Well, things like the fact that snap is supposed to be a distro-agnostic packaging method despite being only truly supported on Ubuntu is annoying. The fact that its locked to the Canonical store is annoying. The fact that it requires a system daemon to function is annoying.

My main gripes with it stem from my job though, since at the university where I work snap has been an absolute travesty;
It overflows the mount table on multi-user systems.
It slows down startup a ridiculous amount even if barely any snaps are installed.
It can’t run user applications if your home drive is mounted over NFS with safe mount options.
It has no way to disable automatic updates during change critical times - like exams.

There’s plenty more issues we’ve had with it, but those are the main ones that keep causing us issues.
Notably Flatpak doesn’t have any of the listed issues, and it also supports both shared installations as well as internal repos, where we can put licensed or bulky software for courses - something which snap can’t support due to the centralized store design.

To be fair, having to interact with MS Teams with any part of your body is painful.

I’m currently sitting with an Aura 15 Gen 2, and I’m definitely happy with it.
I do wish they’d get their firmware onto LVFS, but that’s about my main complaint.

This looks really odd in relation to other fediverse software; Why /magic and required to be on the root of the domain? Why hard-require routing the domain part of the user ID when .well-known/webfinger exists? Why is there a X-Open-Web-Auth header which the spec only describes as “its purpose is unclear from the code”?
So many questions.

I definitely like the idea of distributed sign-in, Solid did a decent work of that many years ago after all. This particular proposal just looks rather odd.

I personally use ~/.bin for my own symlinks, though I also use the user-specific installation instead of the system-wide one.
I wouldn’t guarantee that any automation handles ~/.local/bin or ~/.bin either, that would depend entirely on the distribution. In my case I’ve added both to PATH manually.

Flatpak already creates executable wrappers for all applications as part of regular installs, though they’re by default named as the full package name.

For when inkscape has been installed into the system-wide Flatpak installation, you could simply symlink it like; ln -s /var/lib/flatpak/exports/bin/org.inkscape.Inkscape /usr/local/bin/inkscape

For the user-local installation, the exported runnable is in ~/.local/share/flatpak/exports/bin instead.

The official binhost project has been an experimental thing until now, I’ve personally been using it for the year on multiple machines, but it’s not been something that you can just enable. And it’s definitely not been something that’s come pre-prepared in the stage 3.

Flatpak uses OSTree - a git-like system for storing and transferring binary data (commonly referred to as ‘blobs’), and that system works by addressing such blobs by hashes of their content, using Linux hardlinks (multiple inodes all referring to the same disk blocks) to refer to the same data everywhere it’s used.

So basically, whenever Flatpak tells OSTree to download something, it will only ever store only copy of that same object (.so-file, binary, font, etc), regardless of how many times it’s used by applications across the install.
Note that this only happens internally in the OSTree repo - i.e. /var/lib/flatpak or ~/.local/share/flatpak, so if you have multiple separate Flatpak installations on your system then they can’t automagically de-duplicate data between each other.