It’s a bad comic

That little dribble of water isn’t going to be anywhere near enough water to germinate a seed.

But flowers don’t come from water…

I don’t disagree, but I still enjoy the dream.

As far as I was concerned, Brother Day was the only reason to keep watching the show. I’ll probably pick it back up at some point.

Are they? I think I fizzled out in either season 2 or 3. I really liked season 1 though.

Just the goth look without the rest is the dream.

It’s also important to keep on mind that the burden of proof is on something to prove it is safe, not that something is unsafe. It happening to human cells in mice would have me assume it happens to human cells in humans until proven otherwise (that’s the null hypothesis in this situation). But also I don’t have a tattoo or any interest in getting one so I’m not too bothered by this.

That includes H1B visas right?

Okay, you’re missing out on one of the best new self hosted services because of a knee jerk reaction in that case.

Stop saying “one of the first steps”. We’re several steps in with military in blue cities already.

He’s been propped up by others for his entire life. I wouldn’t expect anything different.

I think he’s smart enough to know what he is saying is bullshit, but he doesn’t have empathy so he keeps saying it to get the money. He really seems like a grifter more than a believer to me.

Yep, exactly. That’s DOGE efficiency.

Also, the methodology was awful. Offer buyouts for people to leave. That means the people who are the best at their job and most confident in finding a new job left.

I’ve seen it first hand. I work as a consultant in public sector. Every where we go now the teams are crippled because people took the buyouts and left. Network teams that were 7 people reduced to 2 that are barely keeping things together. I’m sure NetApp, IBM, Microsoft, etc… love selling all these consulting hours now.

With buildah you can take it even farther and build a container “from scratch.” So, no packages at all. Then use your package manager to install the bare minimum to get things done.

Yes, but then you’re on that specific version of nginx. A lot of containers are built using a multi stage build process where the first stage uses a container with build tooling to build the application, then a second stage installs the result. So your end image doesn’t have the build tooling and no way to update. That’s intentional for security reasons. Images are meant to be immutable.

Back into an OCI image? I don’t know if lxc can do that, but podman can. I think it is podman save that allows you to save your current container as an image. Or, even better would be to use buildah. With buildah your expected workflow is to kind of run a container, run a script against that container, then save it at the end. In fact I’m specifically thinking of images I’ve created with buildah as being almost completely useless with this LXC technique. I’ve used the RHEL UBI micro image before and it doesn’t even have a package manager. You actually mount the container to the host and use the host’s package manager to install what is needed and then unmount it to save. It makes a super slim image with as little attack surface as possible.

Right, but these containers are usually not designed to be updated like that. It totally defeats the nature of the OCI image and delivering something that has been tested to work. I’m sure there is a use case for this, but it seems more like a gimmick than a useful feature.