Great that you used AI to build something useful, but it’s still weird to me when someone says “I built this”. Maybe the more correct way to say this is “I spec’d this”

Can you take the time to write your methods? I’d be interested in reading it

What does this protect you from that you’re exposed to by running a well-crafted rootless container on a system with SELinux or similar?

Generally kernel level attacks and neighbor performance impacts on the security side.

On the functional side without a kernel per guest you can't allow kernel access for stuff like eBPF, networking, nested virtualization and lots of important features.

Here is a good blog from docker explaining how even the best container is not as safe as a MicroVM https://www.docker.com/blog/containers-are-not-vms/

theoretically you can get to fairly complete security via containers + a gVisor setup but at the expense of a ton of syscall performance and disabling lots of features (which is a 100% valid approach for many usecases).

Well, isn’t division just substractive addition?

Seriously. The hypocrisy is staggering!

I met a traveller from an antique land, Who said: “Two vast and trunkless legs of stone Stand in the desert. Near them, on the sand, Half sunk, a shattered visage lies, whose frown, And wrinkled lip, and sneer of cold command, Tell that its sculptor well those passions read Which yet survive, stamped on these lifeless things, The hand that mocked them and the heart that fed; And on the pedestal these words appear: "My name is Ozymandias, king of kings: Look on my works, ye Mighty, and despair!" Nothing beside remains. Round the decay Of that colossal wreck, boundless and bare, The lone and level sands stretch far away.

- Percy Bysshe Shelley

I take that more as a rumination on the futility of vanity and self-aggrandizing rather than "ruling the world " which in the modern day comes down to politics. Yes, there is considerable overlap with ego, but there's more to that topic than pure self-worship.

I agree with your overall sentiment, but there are a few areas that the public clouds excel at despite this: geoscale and startups.

The seller should be banned under the Namecheap TOS. Furthermore, Namecheap should offer this buyer assistance and credit towards a future purchase of a domain as a good will gesture.

Your level-headed and reasonable position clearly indicates you are not Namecheap management material.

Where is the tldr? Anyone familiar…what does this do and why do we care about it being standards based?

This is a “standard” SDK for feature flags, allowing you to avoid vendor lock-in.

i.e., using feature flag SaaS ABC but want to try out XYZ? if you’re using ABC’s own DDK, refactor your codebase.

I appreciate that you can use the OpenFeature SDK with environment variables, and move into a SaaS (or custom) solution when you’re ready.

and the use of "we" to somehow give the impression that this person speaks for everyone