Do what?

There are reasons this hasn’t been done before.

There are a lot of things you’re not considering. You’d need to potentially re-partition a live mounted window disk(s) to create space for a Linux partition which will fail spectacularly. Or install over a running Windows system which will also fail very quickly.

Also - there are many tools that make it easy to create a live USB drive that one can boot from to get a taste of Linux in a way that is non-destructive and optionally install Linux.

I think I’d happily describe the multiple clipboard situation in Linux as a dumpster fire…

It’s awkwardly ‘solved’ by clipboard managers merging clipboards but it’s still wonky. Even for somebody who has been using Linux as a desktop for many years I occasionally find myself annoyed by it.

At this point I think I’d prefer “copy” to be an affirmative action rather than something that is done automatically. It makes pasting over existing text much easier.

You have the pi. Install Linux and find out? It takes like 10 mins… Otherwise it really depends on what you want to do and your expectations.

I’ve got a raspberry pi 1 (didn’t even have on-board wifi) that I just fired up the other day. It’s pretty slow but if you just wanted to do some simple python development it might be fine (depending on your patience for installing dependencies).

Section 1 says you’re using freedns.afraid.org though.

Aye - that’s another reasonable use of the phrase.

Ugh really? I haven’t seen that myself but that’s frustrating.

Non-containerized applications. Not in a container. It’s not complicated. Running “on bare metal” sounds cool but it’s a wildly inaccurate description. Containerized applications run on the system natively just like non-containerized applications. So if one of them runs “on bare metal” then then others do as well.

But historically “on bare metal” is used for embedded or micro-controllers where you don’t have an OS.

• Users will stop referring to non-containerized applications as “running on bare metal”

What “other technology” is going to make sure your API doesn’t have SQL injection and bad authentication vulnerabilities?

You know what? Rather than over-complicate things you can probably just check that filenames only contain a small set of white-listed chars. [a-zA-z-._] (and != ‘…’ or ‘.’) or something.

And one other nit-pick if you’re up for more code-review - your authentication logic should probably be inverted:

if !ok || user != session.config.username ||
				pass != session.config.password

I’d change that to be something like

if ok && user == session.config.username && pass == session.config.password {
   // do login
} else {
   // not auth
}

There’s a whole category of security errors where an exception in logic like that causes the code to skip the “you’re not allowed” logic and go right to the “you’re allowed!” block. It’s more of an issue with languages that support exceptions but it’s still considered a best practice generally (it’s also typically easier to read).

“Security” is not just “ssl”…

Ah - I missed that other parms were keys. Still - best practice is to sanitize all user inputs. Try throwing lots of file-path-like args at it to see what it does. it’s a historically tricky problem so there should be some libraries that help with it.

Happy 2026! And happy hacking!

You try using “…/…/…/…/…/etc/passwd” as the filename in your requests? I don’t see anywhere where ‘…’ is escaped or removed from file strings. Sending untrusted filenames directly to file operations without scrubbing and sanity checking is very dangerous and potentially allows a malicious user to read and overwrite any files the application has permissions for.

I think you should make it more clear in your docs that this is wildly insecure and should be restricted to “tinkering” usage only.

That said it seems like a fun project to write.

It’s not a pain, it’s just a different process than what you’re used to

That’s exactly how people defend something that is a pain.

There is no such thing.

Containers are just separated from the rest of your system by cgroups. You can even see the executable running in containers with ps and top. They’re native binaries running on the same kernel as the rest of your system.

It “shines”? It’s the same thing.

Neat

Distrobox is not a feature of immutable distros. It runs just fine on Debian. As does flatpak.