I don’t think one currently exists, but it would be an interesting project. There are plenty of trackers for CVEs but in terms of project ethics, acquisitions, etc., there’s a space for it.

The two main problems I can see are:

1. How do you define ‘negative’? An open source application being acquired is often a bad thing, but not always. An acquisition by FUTO is more likely to be viewed positively than an acquisition by Microsoft, but either can be interpreted positively or negatively depending on the person.

2. Community involvement is absolutely critical. If I were running a service like this (for example), I would only really be keeping up on the services I use and care about. I would need others to submit info and then verify it.

I hope eventually we get an ARM-powered Framework.

Bought a Framework shortly after Linus Techmin joined forces with them. Was stolen out of my partner’s car a few months later and just haven’t been able to justify (or afford) a replacement.

Gas fees, fees to convert to fiat, electricity bills for miners / initial investment for stakers… No matter how you frame it, there are still associated fees. Might as well use the standard we have at the moment.

Pardon me, but would this not interfere with partners’ ability to host services via 99% of Linux-based servers?

Does HTMX count for Web 1.0?

This reminded me that I wanted to look into open source alternatives to Bionic Reader…

I use GrapheneOS. It is unable to access the Internet entirely.

I use it alongside SwiftKey (with Internet access disabled). It’s a godsend in Termux.

May I ask why? Using alternative sources from the vendors themselves usually isn’t any less secure than using the official F-Droid repos. It’s a common thing on Linux.