Another option is https://roda.jeremyevans.net/, which I've found is the sweet spot in smaller projects, but can still scale up. The plugin system works really well to extend and the routing tree is really easy to work with.
Roda is hands-down my favorite framework and my go-to no matter the size of the app. It's super lightweight, crazy fast, and a great alternative to Rails, without all the extra bloat. You still get everything you need to build solid apps, just in a much leaner package.
We recently moved a legacy Rails 2.3 app over to the latest Roda, and paired it with Vite, Stimulus, and Tailwind on the frontend...and honestly, we couldn't be happier with how it turned out!
> As explained in NSD’s Data Security Program Implementation and Enforcement Policy Through July 8, 2025, NSD will not prioritize civil enforcement actions against any person for violations of the Data Security Program that occur from April 8 through July 8, 2025, so long as the person is engaging in good faith efforts to comply with or come into compliance with the Data Security Program during that time. These efforts include engaging in compliance activities described in that policy, such as amending or renegotiating existing contracts, conducting internal reviews of data flows, deploying the CISA security requirements, and so on.
> At the end of this 90-day period, individuals, and entities should be in full compliance with the DSP. This policy does not limit NSD’s lawful authority and discretion to pursue civil enforcement if entities and individuals did not engage in good faith efforts to comply with, or come into compliance with, the Data Security Program.
The same July 8th deadline here doesn't feel like a coincidence. But the provisions of that executive order wouldn't apply here unless they have been quietly selling user data. Do we have any evidence of this?
The provisions will apply to Glitch parent company Fastly, to my reading, and so would apply to subsidiary Glitch. Same logic applies to Pocket and parent company Mozilla.
The implication that Mozilla, a privacy focused company, would have been selling user data in any form is deeply concerning. I'm inclined to withhold judgment until I've seen evidence of this, because that would be a significant scandal given their mission.
Well, I'm not implying that Mozilla did it, but rather that Pocket might have done it, or been unable to prove that they didn't if they were audited. The fact that Pocket was owned by Mozilla during the relevant period is not really up for debate, but whether they were aware of anything that did or didn't happen there is unknown, but they have a reasonable expectation for knowing such things as the corporate owner of Pocket.
I mean, it's kind of curious that the Pocket server source code never got fully released, even though Pocket was promised to be open sourced by Mozilla when they bought it. Now, Mozilla is ending Pocket, without ever delivering on their obligation to their users and donors. I don't mean to cast aspersions here, but this is not a good look for Mozilla, as their hand was forced, if our reading is correct, and this upcoming enforcement deadline is the reason behind Mozilla ending Pocket. Would they have closed Pocket on their own if they didn't have a reason? What was their stated reason?
Mozilla Firefox collects user data and shares it automatically:
> Looking at about:networking I can see connections to pocket (despite me disabling pocket in about:config) as well as connections to "firefox.settings.services.mozilla.com".
> And after research, it appears some of these are hard-coded into the source code on purpose for "security reasons" which is ridiculous.
> Mind you, my browser is hardened to it's best.. just felt like sharing this for anyone unaware that even if you harden Firefox, even if you go the extra 10 miles and edit about:config, it will still spy on you!
Hey Kyle, your work on the Hacker Newsletter is awesome. Thanks for that and for the kind words regarding The Gaming Pub. I hope I grow the newsletter to be as big as yours in someday.
Very rare in the PNW (or at least Washington) and Alaska. Thankful for that as the chances of a fire starting from them seems high. Last summer we only had one lighting "storm" which had a total two lighting strikes and one of them started a fire.
