Open-Source on Danilo Falcão da Silva

Anthropic's Third-Party Claude Crackdown: How It Hit OpenCode, Zed, and the Wider Tooling Ecosystem

Sun, 24 May 2026 22:00:00 -0300

On January 9, 2026, at roughly 02:20 UTC, Anthropic flipped a switch on their servers and broke thousands of developer workflows overnight. No blog post, no advance notice, no migration path. Third-party coding tools — OpenCode, Cline, RooCode, OpenClaw, and others — that had been using Claude subscription OAuth tokens suddenly got a single error: “This credential is only authorized for use with Claude Code and cannot be used for other API requests.”

AI Bug Reports: The Real Vulnerability Is That We Weren't Looking Hard Enough

Sat, 23 May 2026 10:00:00 -0300

On May 18, 2026, Linus Torvalds called the Linux kernel security mailing list “almost entirely unmanageable.” The reason: a flood of AI-generated bug reports. The reaction was predictable — ban AI, blame researchers, declare the tools aren’t ready.

I wrote about the maintenance crisis last week and I think that framing misses the deeper story. The problem is not that AI is generating too many reports. The problem is that the code was more broken than we thought, and for twenty years nobody had the tools to look at it properly.

Age Verification Laws Are Coming for Your OS. Linux Doesn't Care.

Wed, 20 May 2026 21:40:00 -0300

For most of 2025 the age-verification conversation was about porn sites. By the end of the year it had moved up the stack. By 2026 it is at the operating system, and that is where the story gets interesting for anyone who cares about how Linux is built.

Nine US states put age-verification laws in force during 2025 alone: South Carolina (Jan 1), Florida (Jan 1), Tennessee (Jan 13), Georgia (Jul 1), Wyoming (Jul 1), North Dakota (Aug 1), Arizona (Sep 26), Ohio (Sep 30), and Missouri (Nov 30). Roughly half the country now mandates some form of age gate for adult content, social media, or both.

Hermes Agent vs OpenClaw: Why I Run Hermes Every Day

Wed, 20 May 2026 14:30:00 -0300

There are two open-source autonomous agents in 2026 worth a serious DevOps engineer’s time, and they have made opposite architectural bets. I tried both. I run Hermes Agent every day. This is the analysis of why — not a both-sides post, not a head-to-head benchmark, but a direct argument that one of these two architectures is right for infrastructure work and the other one isn’t.

The headline: agent-first beats gateway-first when the work rewards familiarity. Most infrastructure work does. The rest of this post is the why.

AI Bug Reports Are Drowning Open Source — And the Fix Isn't 'Stop Using AI'

Wed, 20 May 2026 10:00:00 -0300

On May 18, 2026, Linus Torvalds said the Linux kernel security mailing list had become “almost entirely unmanageable” because of duplicate AI-generated bug reports. Two months earlier, longtime stable maintainer Willy Tarreau had already shared the numbers: a list that received two to three reports per week in 2024 was getting five to ten reports per day by March 2026. In January, Daniel Stenberg shut down the curl bug bounty after the valid-report rate on HackerOne dropped from above 15% to below 5%, with twenty submissions in 21 days — seven of them in one 16-hour window — and zero real vulnerabilities among them.

Ollama in 2026: The Boring Choice for Open-Source LLMs (And Why That's the Whole Point)

Mon, 18 May 2026 17:30:00 -0300

There’s a particular kind of project I love: the one that takes something new and weird and turns it into something you barely have to think about. Docker did this for containers. Hugo did it for static sites. In 2026, Ollama is doing it for open-source language models.

You install one binary. You type ollama pull <model>. You type ollama run <model>. Your application talks to localhost:11434 over an OpenAI-compatible HTTP API. That’s the whole user manual. The fact that this is now boring — that nobody has to argue about it on Hacker News anymore — is the point of this post.