The only thing you should keep an eye on is probably the license? But I’m not the right person to discuss about licensing :/

It is normal practice to keep the same copyright notice and add your name to it, e.g for this project I forked in 2021: https://code.alienscience.org/alienscience/dnsclientx/src/branch/master/LICENSE

I think that Kreya is worth a mention:

• It has more complete OAuth2 support than Insomnia.
• Saves to human readable files.
• Usable free tier.
• Cheap Pro tier pricing.

If you deploy with Docker you need to attach to the external interface – I bound to localhost in a Docker container once and its painful enough to debug that it is something I never forget.

I expect that upload_handle() would need to change to 0.0.0.0 rather than axum to bind to localhost.

I bought my Fairphone for similar reasons to you.

I had a second hand mid-range Samsung for about 6 months and then the USB port got destroyed. I was unable to replace the USB port so the phone is useless.

I bought a Fairphone 5 thinking that, if anything similar happened, I would NOT need to replace the phone and would save money in the long term.

Kids not dying in cobalt mines is also a bonus: https://www.npr.org/sections/goatsandsoda/2023/02/01/1152893248/red-cobalt-congo-drc-mining-siddharth-kara

Despite using Tokio underneath, I think that Actix does NOT do work stealing and uses mostly separate threads:

• https://actix.rs/docs/server/#multi-threading
• https://docs.rs/actix-rt/latest/actix_rt/

Given this architecture, I think the article might inaccurate when it says that Actix handlers must be Send + Sync. See also: https://www.reddit.com/r/rust/comments/14cbe1u/why_does_actixwebs_handler_not_require_send/

Actix is a bit weird, but it has been around, and used in production, for a relatively long time.

Just to add to this point. I have been running a separate namespace for CI and it is possible to limit total CPU and memory use for each namespace. This saved me from having to run a VM. Everything (even junk) goes onto k8s isolated by separate namespaces.

If limits and namespaces like this are interesting to you, the k8s resources to read up on are ResourceQuota and LimitRange.

The person that found this is a hero.

Whenever I see slightly weird behaviour, there is a temptation to just move on because there isn’t enough time, running software is complicated, and there is something else I want to do. I will try to change my attitude in future in case it uncovers a backdoor like this – it would be educational too.

For a fun comparison, a reasonable 1TB USB Stick costs slightly less than 1TB of AWS egress.

The manifest of my Kubernetes cluster is managed in a Git repository and is automatically deployed via a GitOps tool named Flux CD. When I push changes to the repository, such as adding a new application or upgrading Docker images, the deployment occurs within a few minutes.

This is the way.

Although I use Flux ImageUpdateAutomation instead of Renovate Bot. Did you consider using Flux to do auto updates? Are there any downsides that made you choose Renovate Bot instead?

I don’t know if it is ideal for a research paper, but we have been using semgrep with Rust. Semgrep allows you to write your own linter rules to enforce code standards. I have found some basic rules on the internet (e.g no unwrap()) but we have mostly had to write our own rules because there are only a few for Rust.

I think it would be a helpful project to write a Semgrep rule set that Rust developers could use. Maybe the “research” part would be looking at rulesets for other languages.

I don’t think the survey was advertised? For me it popped up when I was writing something in the Rust Playground.