the newag's narrative is generally bull; and the folks from the dragon sector do have legal representation.
also reverse engineering with the goal to make things interoperable is explicitly allowed by polish author's law (we do follow the continental copyright conventions in poland, so it's not entirely the same as what the common law countries understand as copyright)
i mean we did have situations where the puppet agent was leaking memory so badly it smothered the systems it was running on; we had resigned ourselves to simply run the bloody thing from cron.
so i went and tested things, and it seems that oh-my-zsh adds roughtly 200ms to my shell startup, which is not worth optimizing away considering its usefulness. i'm not starting or restarting zsh frequently enough to care for 0.2s – bash is what i'm using for non-interactive shell scripting.
the real slog, as it happens, is the teleport autologger, which takes at least half a sec even for a status check. all other tests, including vpn checks, take less than 0.1s.
(which taught me that (a) hyperfine can be useful, and (b) that stopping using tools that provide affordances is the wrong first reaction. now i'm going to spend half a day to find a not entirely unelegant way to handle teleport session validity without running teleport commands.)
funnily enough i never thought about recommending awk, because it was so obvious to me that it's incredibly useful.
(i just realised that i learned awk almost thirty years ago, and that for most people it might be just that slightly dusty thing that's lying there, unused)
i actually quite like ansible; the alternatives aren't much better (and i did use all of them, starting from the unlamented cfengine), they just suck differently.
…and people mostly know at least a bit about ansible (i might start moving some parts of the machinery to saltstack, which i hate the least these days, but it's owned by vmware, and vmware is now being manhandled by broadcom.)
also, i'm not really prejudiced against go tools – as long as they're maintained by someone else and easily installable in binary form.
regarding gopass; i wouldn't use it just for myself, just like i wouldn't use pass – they're of no use for me personally; gopass manages the integration with git in a very easy way, knows to push changes automatically when secrets are created or updated and is extremely easy to set up as a secret storage for a small group of users: you just need to generate some throwaway gpg keys and you're all set. and it does have a nice ansible lookup support, which means i can autogenerate secrets on first use, regenerate them automatically when needed, and never bother to know them unless it's really necessary.
as for desk, it's a nice way to delineate, say, workspaces, i.e. set up separate shell environments for interactive work. not for everyone, but i already write too much glue code in bash. so when i start work, i just run “desk work”, and it starts the right vpn, autologs me into teleport, and adds the required ssh keys to the agent. (unfortunately it cannot yet trigger the time accounting system, but if our hr annoys me badly enough once more time, i'll work on that too.)
i keep updating links to the original media coverage on in this mastodon thread; this now reached the parliamentary group of the left coalition, also there are new details in the oko.press article, including statement from their legal team. (in polish, google translate-able).
i wonder if they realise how thick with internal jargon their language is, and how highly ritualised.