Login
You're viewing the post.lurk.org public feed.
  • Jun 28, 2026, 9:04 PM

    Unexpected consequence of the AI era*: Various tools with network calls that normally would run so quickly there is no need for a progress bar or status indicator now hang for minutes at a time trying to reach network with no sign of whether the tool has locked up

    * Here "AI" means "various commercial entities are performing a DDOS on every website, but there are no legal consequences, because if you call something 'AI' it becomes legal, like doing it through a hole in a sheet"

    pnpm printing dozens of "warn" messages saying that an attempt to download from npm had failed
    💬 4🔄 18⭐ 0

Replies

  • Jun 28, 2026, 9:05 PM

    (Note; my guess that npm is here failing to download, or downloading slowly, because of an "AI" DOS is a guess; it's worth noting that the server is run by is Microsoft, so it's also possible the network services are failing because the systems administrators are making use of "AI" in performing their tasks. In either case, this is explicitly the world that Microsoft was trying to build.)

    💬 1🔄 0⭐ 0
  • Jun 28, 2026, 9:10 PM

    Most of the logic of the post-2005 Internet is based around a core assumption that CDNs are cheap, plentiful, and come with no downsides. We threw away lots of technologies that could have relieved drain on servers because we assumed redundant downloads are actually better than the added complexity of averting redundant downloads. Most of the logic of the post-2005 Internet is now broken

    💬 3🔄 40⭐ 113
  • Jun 29, 2026, 4:36 AM

    incidentally, in an exciting new experience, my `npm install` ultimately failed because the npm install script was unable to find `make`. Of course I don't have fucking `make`! It's a thin VPS slice I run fucking node apps on!

    💬 1🔄 0⭐ 12
  • Jun 28, 2026, 9:43 PM

    @mcc octoshape kind of sucked but I sometimes wonder if you could do better now on top of webrtc

    💬 0🔄 0⭐ 0
  • Jun 28, 2026, 10:15 PM

    @mcc this reminds me of a conversation I had with Donald Stufft years ago, who was principal maintainer of pypi for a while. Nice person.
    So pypi was really unreliable for years, had lots of downtime, and that was fine because everyone who used python sl in production would run their own mirrors and caching proxies. There was a whole ecosystem of different pypi clones: I think I evaluated at least five of them once.
    Then they got some funding and some donated CDN resource so pypi started being reliable and downstream consumers stopped bothering to cache its contents aggressively.
    The conversation I had with dstufft was me lamenting that orgs were no longer feeling the need to cache pypi now that it worked more often, and him agreeing.

    💬 0🔄 5⭐ 10
  • 💬 0🔄 0⭐ 1
  • Jun 28, 2026, 9:06 PM

    @mcc I believe that's an npm problem, because so far I've not seen bun, pnpm or yarn have this issue. Only npm manages to not be able to download packages from its own registry

    💬 2🔄 0⭐ 0
  • 💬 1🔄 0⭐ 0
  • Jun 28, 2026, 9:12 PM

    @mcc oh I misread that, my bad.

    The two of them failing seems to very similar in looks then because npm failing to get packages looks exactly the same, down to the update banner

    💬 1🔄 0⭐ 0
  • 💬 1🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • Jun 28, 2026, 9:27 PM

    @mcc The worst part is that it is not every website. It is targeted.

    It’s every website that is part of the non-oligarchic web. Non-tech businesses have none of that traffic. I’ve still got dozens of sites in shared hosting at work that I barely need to monitor, while the machine I nurse for the ASF SpamAssassin project has been pounded into catatonia repeatedly, necessitating extreme measures.

    💬 1🔄 2⭐ 0
  • Jun 28, 2026, 9:50 PM

    @grumpybozo @mcc it seems to be every website that hosts source control that has version history. my personal gitea server gets hammered constantly and what they're looking for is commits, not the current source tree

    💬 0🔄 0⭐ 0
  • 💬 0🔄 2⭐ 0