You can't build tcc from Nixpkgs if you are in the UK(github.com)

167 pointsby RGBCube3 days ago9 comments

rwmj3 days ago
I think the headline should more accurately be that repo.or.cz has a UK geo-block. I'm unclear why it has one, since it's highly unlikely either that the site contains anything that is covered by the OSA, nor that even if it did, the people running the site should care.
- __float3 days ago
  It's a bit hard to find, but going to the service's Mastodon account eventually leads one to https://repo.or.cz/uk-blocked.html
  - RGBCube3 days ago
    The linked GitHub isssue links to that page, too.
- ruuda3 days ago
  It says so at https://repo.or.cz/uk-blocked.html:
  > UK's Online Safety Act 2023 would require us to do a prohibitively complicated risk assessment for our service. We're talking reading through thousands of pages of legal guidelines.
  > We're a volunteer operation and would likely be held responsible as individuals. There is talk of fines up to 18 million GBP which would ruin any single one of us, should they get creative about how to actually enforce this.
  > Our impression is that this law is deliberately vague, deliberately drastic in its enforcement provisions, and specifically aimed against websites of all sizes, including hobby projects. In other words, this seems to us to be largely indistinguishable from an attempt to basically break the internet for all UK citizens.
  > If we could afford to just hope for the best, we'd love to.
  The way I understand this is that it's not feasible for them to assess how the legislation impacts them, so they would rather stay safe than risk having their lives destroyed.
  - stuaxo3 days ago
    Its such a ridiculous law and this outcome is entirely predictable, but bring this up with the proponents of it and they stick their head in the sand, to the point where I think they are perfectly happy with the UK not having a working Internet.
    corobo3 days ago
    I think we might need a bit of pain if we're going to dislodge this silly thing.
    For what it's worth I salute anyone blocking, whether through an excess of caution or just as a middle finger.
    mytailorisrich3 days ago
    [flagged]
    chris_wot3 days ago
    The reaction is entirely reasonable. The only way they can reasonably ensure they protect themselves is to ensure nobody in the UK can access their site.
    mytailorisrich3 days ago
    That is very obviously not true... and a little unhinged.
    fragmede3 days ago
    I'm not deep into this subject, so what's obvious to you isn't so obvious to me. Would you mind explaining a bit more on what's so obvious and why it's particularly unhinged?
    kmeisthax3 days ago
    [dead]
    zwaps3 days ago
    The reaction is utterly sound. What issue do you have with these very clearly laid out and logical reasons?
    salawat3 days ago
    Fuck around, find out. When governments start throwing around threats, is it any surprise the goodwill dries up?
  - fsckboy3 days ago
    >which would ruin any single one of us, should they get creative about how to actually enforce this
    actually, it would ruin all of them collectively should "they" get creative enforcing it.
- bitdivision3 days ago
  It hosts user uploaded content I would guess, so presumably the OSA could apply to them.
- TeeMassive3 days ago
  Censorship causes self-censorship born out of caution.
  Would you pay their legal fees if they are sued? It's easy to say when you don't have your future on the line.
- subscribed3 days ago
  They specifically listed their reasons in the geoblock message. As a someone impacted by this I applaud their decision. I also hope more high-profile cases like Wikipedia[1] will surface and expose the utter idiocy of the deliberately vague language of the language and the "guidance".
  [1] https://wikimediafoundation.org/news/2025/09/12/wikimedia-fo...
rich66man3 days ago
Similar stuff happens often with Russian IP addresses, you just gotta deal with it I guess
- WesolyKubeczek3 days ago
  One reason is DDoS attacks come overwhelmingly from those IPs. Plug them in your firewall, and it’s calm all of a sudden.
  - stek292 days ago
    https://krebsonsecurity.com/2025/10/ddos-botnet-aisuru-blank...
  - viraptor3 days ago
    It doesn't matter what you do at the firewall level. It's too late. If anyone wants to volume DDoS you, they'll send traffic regardless just to overload your connection.
  - betaby3 days ago
    https://blog.cloudflare.com/ddos-threat-report-for-2024-q4/
RGBCube3 days ago
This won't affect most users as they will be using the cache.nixos.org substituter and haven't modified any package that pulls repo.or.cz repositories, but it's still amusing.
mongol3 days ago
What is repo.or.cz? It sounds like the domain name is saying something but I don't understand.
- 0x4573 days ago
  It is a super simple git repo hosting/mirror based in EU. https://repo.or.cz
- AceJohnny23 days ago
  It's one of the older Git hosts, predating Github.
- netsharc3 days ago
  Probably someone preferred the 3-level domain system (like UK's .co.uk, .gov.uk, e.g. bbc.co.uk) in .cz, and made .or.cz. This is probably before the time people thought "Oh we can make the domains be words, like 'del.icio.us', that'd be cute!"...
- tasn3 days ago
  Maybe Orcs?
mindslight3 days ago
Is this supposed to be a big deal? I use NixOS as a source distribution (nix.settings.substituters = lib.mkForce [ ]) and I get failures when fetching sources pretty regularly. Sometimes the URLs are missing, sometimes the hashes have changed. My usual fix is to fetch the source from cache.nixos.org with nix copy.
I'd say the right answer is to move/add a content addressed model/system for obtaining sources.
- charcircuit3 days ago
  >I'd say the right answer is to move/add a content addressed model/system for obtaining sources.
  Isn't that almost what the nix file already is while being legal. Having a cache of all build files is not legal to do.
  - baobun3 days ago
    Not really. Content-addressed implies that if the content changes, so does its address, such that returning a different result for the same address is a hard protocol violation.
    Having a content hash as (part of) the address is common way to this.
    IPFS multihash is a well-known example. As opposed to HTTP.
andrewchambers3 days ago
Was playing around with the idea of p2p source hosting in package trees like nix and did a little weekend package prototype here of my own here:
https://github.com/magnet-linux/magnet-linux
Not really ready for prime time, but I think I have some interesting ideas there at least.
- TeeMassive3 days ago
  You should focus on the p2p part of code and object distribution. While nix is not perfect, people are not going to learn and adopt yet another package manager.
  A distributed git object cache is what is really needed at the moment.
- RGBCube3 days ago
  I'm actually working on my own OS agnostic package collection + system management software, and I've found https://radicle.xyz great for this. All repos depended on by the official package collection t will be on the radicle network.
tensorlibb3 days ago
[dead]
exasperaited3 days ago
[flagged]
- mastax3 days ago
  If you're willing to insure them for 18M GBP of liability perhaps they'll reconsider.
  - mytailorisrich3 days ago
    18M liability for what?
    Can we please stop repeating this nonsense.
  - exasperaited3 days ago
    It's almost certainly a) imaginary and b) performative. Like;
    > After this, I know I will think twice about visiting the UK
    Reallllyyy? Over a bit of porn blocking? Do we not think maybe this is just for show? What do they imagine is going to happen at the border -- their iPhone gets frisked for Page Three nudes?
    More to the point, are they banning Texas? Indiana? Oklahoma? Georgia? North Dakota? France?
    Or are they just hyperventilating about the latest thing from Britain? Perhaps they think unless Tommy Robinson saves us no-one can.
    themafia3 days ago
    > their iPhone gets frisked
    You've apparently not crossed international borders that often.
    > just hyperventilating about the latest thing from Britain?
    They've simply decided doing business with the UK is no longer worth the risk. This is no more "hyperventilating" than the people who passed this law in the first place, who are "hyperventilating" over pornography sites when there's no evidence they're a significant social problem.
    unionpivo3 days ago
    it's not just porn blocking. That's just what is in newspapers. Porn blocking is only small part.
    Essentially, you have to preform risk assessment if your site contains any child inappropriate content (according to new law that is defined kind of vague ), you have to age verify all the visitors from UK or risk getting fines.
    Since service allows for user upload, this means that their site could protentional qualify. And even if it does not, you need a lawyer to go through everything, to make sure you don't. Sure the chances their site get targeted is small, but not zero.
    dundarious3 days ago
    Suggest you read up on that law a bit more, they're not responding to targeting of porn, nothing of the sort.
    exasperaited3 days ago
    I have read up on the law. They have no reason to worry and even if they did, given the extent of non-compliance in the porn industry, they are so far down the pecking order that this reaction looks like what it is: activist narcissism.
    dundarious3 days ago
    Fair enough, don't share your confidence, nor the service's reticence to visit in person (at least over this issue).
    i5heu3 days ago
    If it is only imaginary then it should be no problem for you to write them a contract to take on all legal and panelty costs linked with it for.. lets say 50$?
whatshisface3 days ago
The UK should make exceptions for its legal firewall for scientific and economic access.
- rwmj3 days ago
  So I think this law is stupid. But it's also popular, for the reason "something should be done, this is something, so this should be done". I doubt that exceptions are going to be made until the effects are felt strongly by everyone. Geoblocking a .cz site used by a tiny number of developers is not having any effect.
  - hnlmorg3 days ago
    Is it popular? I’m a parent and none of my parent friends like it.
    I suspect this law isn’t popular. Just the messaging of doing nothing is more unpopular. So it gets spun as this is popular.
    https://youtu.be/ahgjEjJkZks?si=mGE0k5QT3aXycHtU
    daveoc643 days ago
    Polling has shown it is quite popular:
    https://yougov.co.uk/technology/articles/52693-how-have-brit...
    themafia3 days ago
    When you phrase the question in such a way where people presume it will only target pornographic sites.
    If you asked them would they support the law if it happens to accidentally block useful sites that have ZERO pornography on them, I'm very sure, the results would be very different.
    hnlmorg3 days ago
    Polling for the question “websites that may contain pornographic material”
    Which is my point. The OSA isn’t popular as a broad piece of legislation, but the “think of the children” aspect that something needs to be done to restrict access to pornography is popular.
    Watch the YouTube link I sent to better understand my point.
    Personally, I think even the pornography aspect is stupid. If the government couldn’t stop me accessing porn when I was a kid back before the web was invented, then they’re shit out of luck stopping kids these days. The problem isn’t the law, the problem is parents want a way to diminish their own responsibility. It’s the same tired bullshit we see time and time again of blaming everyone else rather than making ourselves accountable.
  - exasperaited3 days ago
    Except the UK didn't geoblock anything. This is just someone virtue-signalling about internet freedom from a country that has its own problems it should be addressing.
  - o11c3 days ago
    And as always, the answer to "something should be done, but not this" is "then suggest something else that actually addresses the problem".
    The internet is full of dishonest "we've tried nothing and we're all out of ideas."
    chris_wot3 days ago
    “Something should be done, so let’s do something stupid and harmful, and all you critics have nothing to add so our stupid thing that causes harm is what you must accept”.
    That’s some incredible logic.
    o11c3 days ago
    I never once said we had to settle for this solution. I absolutely said that there is a real problem, and the people in the best position to make a real solution have absolutely no desire to do anything about it.
    Remember that previous status quo was "I'd rather make money off of child abuse, because nobody is stopping us". This is the end result of self-regulation, so show me something better.
    chris_wot2 days ago
    Yes, but implicit in your statement was that the awful solution should be implemented if you don’t have a better solution.
    I don’t have a better solution. But I don’t need to accept a detrimental “solution” needs to be implemented. Nor am I obligated to find the better solution.
    andrewaylett2 days ago
    If this is the best we can do, we shouldn't have done anything.
    I like an idea I first saw in Debian's general resolution process: all votes have a "further discussion" option, and often a "retain the status quo" option, and the voting system lets people use them effectively.
    In the UK parliament (as in many contexts) a vote against something could mean that the person doesn't think there's a problem to be fixed, or it could mean that they don't think this is the right fix -- and that could be because it's too extreme or because it's not extreme enough. That's supposed to be addressed by the committee stages, or by amendments, but it's really hard to divine actual preference from a series of yes/no votes.
    saghm3 days ago
    It's not logically inconsistent for someone to think that one proposal is worse than the status quo without having an alternative that's better than the status quo. Maybe the reason that nothing has been done yet is because every "solution" that's been proposed including this one, are worse than the problem it's supposed to solve.
    The internet is also full of bad takes like "the ends justify the means" and "the solution to this problem is obvious and no one has done it because they're evil/stupid/lazy".
    debugnik3 days ago
    > then suggest something else that actually addresses the problem
    As opposed to the original suggestion that doesn't actually address the problem? How is proposing that in the first place more honest than calling it out?
- driverdan3 days ago
  The UK shouldn't have stupid ID requirement laws at all.
  - tripplyons3 days ago
    I agree, but I sadly believe these requirements will spread to other countries, including the US. The US Supreme Court recently ruled that Texas' ID law is somehow constitutional.
    exasperaited3 days ago
    What do you mean "spread to"? The USA passed a dozen such bills into state law before this actually came into effect. That states compete to ignore each other's laws doesn't change a thing.
    tripplyons3 days ago
    For the US, I'm referring to federal laws or more laws in more states.
    As for other countries, the EU just delayed the vote for "Chat Control" as recently as yesterday!
    bigstrat20033 days ago
    "Constitutional" doesn't mean it's a good law, just that it is not prohibited for the state to make such a law. I personally don't like the law but I have a hard time seeing how it would be unconstitutional.
    sterlind3 days ago
    it should be unconstitutional because it's clearly a content-based restriction of speech, meaning that regulating it entails strict scrutiny. strict scrutiny requires Texas to use the least burdensome means possible to satisfy the state's legitimate interest in preventing minors from accessing obscene content - probably a home network filter appliance parents can opt into. this is what they held in Paxton v. NetChoice (iirc.)
    instead, the Court contorted themselves into holding that adults have accessing content obscene to minors without furnishing their ID isn't protected speech. porn still is protected speech, but proving your age isn't protected speech. as a result, the law is content-neutral, not content-based.. somehow.
    it was a low point for the Court - clear activist justices legislating morality from the bench.
    tripplyons3 days ago
    Previously, these kinds of laws violated the 1st Amendment, but the changes in the composition of Supreme Court justices have led to different rulings.
    hnlmorg3 days ago
    I felt the GP was making that same point.
  - ChocolateGod3 days ago
    A lot of the groups pushing these laws actually have good motives (e.g. child abuse charities) but it's clear the current law and implementations are not the solution.
- freedomben3 days ago
  That would either create a gigantic loophole that makes the safety act toothless, or it would create a giant bureacracy of people who review and approve applications. Either outcome is sub-optimal.
  The real answer is to repeal this nonsense (IMHO as a non-UK citizen)
  - noir_lord3 days ago
    Agreed, as a UK citizen.
    It as always a stupid idea, see recent discord leak of ID’s.