←back to thread

A New Future for Icanhazip

(major.io)
980 points nkcmr | 1 comments | 06 Jun 21 19:21 UTC | HN request time: 0.261s | source
Show context
OskarS ◴[06 Jun 21 20:02 UTC] No.27415822[source]
I’ve seen packages that do ”internet-detection” by calling out to icanhazip.com, and I just thought that was so irresposnible. What if your package got popular, how much money are you costing the hoster? For services like this, people just don’t consider the fact that there’s someone on the other side.
replies(3): >>27416037 #>>27416043 #>>27416090 #
ljm ◴[06 Jun 21 20:30 UTC] No.27416037[source]
I feel the same about dependency steps in CI, without a cache or any similar structure. Package repos like Rubygems, NPM and PyPi get utterly rinsed by the continual downloading and redownloading of stuff the client should have already stored.
replies(3): >>27416407 #>>27417810 #>>27417948 #
1. SilverRed ◴[07 Jun 21 01:11 UTC] No.27417948[source]
Nothing is going to change until the hosters make it a pain to abuse. Rubygems could require an api key to download from and rate limit that key.

Sure you could attempt to generate a bunch of keys and cycle them but it would be easier to just cache your gems.