You can't build tcc from Nixpkgs if you are in the UK (opens in new tab)

(github.com)

169 pointsRGBCube5mo ago67 comments

67 comments

rwmj5mo ago

I think the headline should more accurately be that repo.or.cz has a UK geo-block. I'm unclear why it has one, since it's highly unlikely either that the site contains anything that is covered by the OSA, nor that even if it did, the people running the site should care.

__float5mo ago

It's a bit hard to find, but going to the service's Mastodon account eventually leads one to https://repo.or.cz/uk-blocked.html

RGBCubeOP5mo ago

The linked GitHub isssue links to that page, too.

ruuda5mo ago

It says so at https://repo.or.cz/uk-blocked.html:

> UK's Online Safety Act 2023 would require us to do a prohibitively complicated risk assessment for our service. We're talking reading through thousands of pages of legal guidelines.

> We're a volunteer operation and would likely be held responsible as individuals. There is talk of fines up to 18 million GBP which would ruin any single one of us, should they get creative about how to actually enforce this.

> Our impression is that this law is deliberately vague, deliberately drastic in its enforcement provisions, and specifically aimed against websites of all sizes, including hobby projects. In other words, this seems to us to be largely indistinguishable from an attempt to basically break the internet for all UK citizens.

> If we could afford to just hope for the best, we'd love to.

The way I understand this is that it's not feasible for them to assess how the legislation impacts them, so they would rather stay safe than risk having their lives destroyed.

stuaxo5mo ago

Its such a ridiculous law and this outcome is entirely predictable, but bring this up with the proponents of it and they stick their head in the sand, to the point where I think they are perfectly happy with the UK not having a working Internet.

2 more replies

fsckboy5mo ago

>which would ruin any single one of us, should they get creative about how to actually enforce this

actually, it would ruin all of them collectively should "they" get creative enforcing it.

bitdivision5mo ago

It hosts user uploaded content I would guess, so presumably the OSA could apply to them.

TeeMassive5mo ago

Censorship causes self-censorship born out of caution.

Would you pay their legal fees if they are sued? It's easy to say when you don't have your future on the line.

subscribed5mo ago

They specifically listed their reasons in the geoblock message. As a someone impacted by this I applaud their decision. I also hope more high-profile cases like Wikipedia[1] will surface and expose the utter idiocy of the deliberately vague language of the language and the "guidance".

[1] https://wikimediafoundation.org/news/2025/09/12/wikimedia-fo...

rich66man5mo ago

Similar stuff happens often with Russian IP addresses, you just gotta deal with it I guess

WesolyKubeczek5mo ago

One reason is DDoS attacks come overwhelmingly from those IPs. Plug them in your firewall, and it’s calm all of a sudden.

stek295mo ago

https://krebsonsecurity.com/2025/10/ddos-botnet-aisuru-blank...

viraptor5mo ago

It doesn't matter what you do at the firewall level. It's too late. If anyone wants to volume DDoS you, they'll send traffic regardless just to overload your connection.

betaby5mo ago

https://blog.cloudflare.com/ddos-threat-report-for-2024-q4/

RGBCubeOP5mo ago

This won't affect most users as they will be using the cache.nixos.org substituter and haven't modified any package that pulls repo.or.cz repositories, but it's still amusing.

mindslight5mo ago

Is this supposed to be a big deal? I use NixOS as a source distribution (nix.settings.substituters = lib.mkForce [ ]) and I get failures when fetching sources pretty regularly. Sometimes the URLs are missing, sometimes the hashes have changed. My usual fix is to fetch the source from cache.nixos.org with nix copy.

I'd say the right answer is to move/add a content addressed model/system for obtaining sources.

charcircuit5mo ago

>I'd say the right answer is to move/add a content addressed model/system for obtaining sources.

Isn't that almost what the nix file already is while being legal. Having a cache of all build files is not legal to do.

baobun5mo ago

Not really. Content-addressed implies that if the content changes, so does its address, such that returning a different result for the same address is a hard protocol violation.

Having a content hash as (part of) the address is common way to this.

IPFS multihash is a well-known example. As opposed to HTTP.

mongol5mo ago

What is repo.or.cz? It sounds like the domain name is saying something but I don't understand.

0x4575mo ago

It is a super simple git repo hosting/mirror based in EU. https://repo.or.cz

AceJohnny25mo ago

It's one of the older Git hosts, predating Github.

netsharc5mo ago

Probably someone preferred the 3-level domain system (like UK's .co.uk, .gov.uk, e.g. bbc.co.uk) in .cz, and made .or.cz. This is probably before the time people thought "Oh we can make the domains be words, like 'del.icio.us', that'd be cute!"...

tasn5mo ago

Maybe Orcs?

andrewchambers5mo ago

Was playing around with the idea of p2p source hosting in package trees like nix and did a little weekend package prototype here of my own here:

https://github.com/magnet-linux/magnet-linux

Not really ready for prime time, but I think I have some interesting ideas there at least.

TeeMassive5mo ago

You should focus on the p2p part of code and object distribution. While nix is not perfect, people are not going to learn and adopt yet another package manager.

A distributed git object cache is what is really needed at the moment.

RGBCubeOP5mo ago

I'm actually working on my own OS agnostic package collection + system management software, and I've found https://radicle.xyz great for this. All repos depended on by the official package collection t will be on the radicle network.

whatshisface5mo ago

The UK should make exceptions for its legal firewall for scientific and economic access.

rwmj5mo ago

So I think this law is stupid. But it's also popular, for the reason "something should be done, this is something, so this should be done". I doubt that exceptions are going to be made until the effects are felt strongly by everyone. Geoblocking a .cz site used by a tiny number of developers is not having any effect.

hnlmorg5mo ago

Is it popular? I’m a parent and none of my parent friends like it.

I suspect this law isn’t popular. Just the messaging of doing nothing is more unpopular. So it gets spun as this is popular.

https://youtu.be/ahgjEjJkZks?si=mGE0k5QT3aXycHtU

1 more reply

exasperaited5mo ago

Except the UK didn't geoblock anything. This is just someone virtue-signalling about internet freedom from a country that has its own problems it should be addressing.

o11c5mo ago

And as always, the answer to "something should be done, but not this" is "then suggest something else that actually addresses the problem".

The internet is full of dishonest "we've tried nothing and we're all out of ideas."

4 more replies

driverdan5mo ago

The UK shouldn't have stupid ID requirement laws at all.

tripplyons5mo ago

I agree, but I sadly believe these requirements will spread to other countries, including the US. The US Supreme Court recently ruled that Texas' ID law is somehow constitutional.

2 more replies

ChocolateGod5mo ago

A lot of the groups pushing these laws actually have good motives (e.g. child abuse charities) but it's clear the current law and implementations are not the solution.

freedomben5mo ago

That would either create a gigantic loophole that makes the safety act toothless, or it would create a giant bureacracy of people who review and approve applications. Either outcome is sub-optimal.

The real answer is to repeal this nonsense (IMHO as a non-UK citizen)

noir_lord5mo ago

Agreed, as a UK citizen.

It as always a stupid idea, see recent discord leak of ID’s.

j / k navigate · click thread line to collapse

67 comments

rwmj5mo ago

__float5mo ago

It's a bit hard to find, but going to the service's Mastodon account eventually leads one to https://repo.or.cz/uk-blocked.html

RGBCubeOP5mo ago

The linked GitHub isssue links to that page, too.

ruuda5mo ago

It says so at https://repo.or.cz/uk-blocked.html:

> UK's Online Safety Act 2023 would require us to do a prohibitively complicated risk assessment for our service. We're talking reading through thousands of pages of legal guidelines.

> If we could afford to just hope for the best, we'd love to.

The way I understand this is that it's not feasible for them to assess how the legislation impacts them, so they would rather stay safe than risk having their lives destroyed.

stuaxo5mo ago

2 more replies

fsckboy5mo ago

>which would ruin any single one of us, should they get creative about how to actually enforce this

actually, it would ruin all of them collectively should "they" get creative enforcing it.

bitdivision5mo ago

It hosts user uploaded content I would guess, so presumably the OSA could apply to them.

TeeMassive5mo ago

Censorship causes self-censorship born out of caution.

Would you pay their legal fees if they are sued? It's easy to say when you don't have your future on the line.

subscribed5mo ago

[1] https://wikimediafoundation.org/news/2025/09/12/wikimedia-fo...

rich66man5mo ago

Similar stuff happens often with Russian IP addresses, you just gotta deal with it I guess

WesolyKubeczek5mo ago

One reason is DDoS attacks come overwhelmingly from those IPs. Plug them in your firewall, and it’s calm all of a sudden.

stek295mo ago

https://krebsonsecurity.com/2025/10/ddos-botnet-aisuru-blank...

viraptor5mo ago

It doesn't matter what you do at the firewall level. It's too late. If anyone wants to volume DDoS you, they'll send traffic regardless just to overload your connection.

betaby5mo ago

https://blog.cloudflare.com/ddos-threat-report-for-2024-q4/

RGBCubeOP5mo ago

This won't affect most users as they will be using the cache.nixos.org substituter and haven't modified any package that pulls repo.or.cz repositories, but it's still amusing.

mindslight5mo ago

I'd say the right answer is to move/add a content addressed model/system for obtaining sources.

charcircuit5mo ago

>I'd say the right answer is to move/add a content addressed model/system for obtaining sources.

Isn't that almost what the nix file already is while being legal. Having a cache of all build files is not legal to do.

baobun5mo ago

Not really. Content-addressed implies that if the content changes, so does its address, such that returning a different result for the same address is a hard protocol violation.

Having a content hash as (part of) the address is common way to this.

IPFS multihash is a well-known example. As opposed to HTTP.

mongol5mo ago

What is repo.or.cz? It sounds like the domain name is saying something but I don't understand.

0x4575mo ago

It is a super simple git repo hosting/mirror based in EU. https://repo.or.cz

AceJohnny25mo ago

It's one of the older Git hosts, predating Github.

netsharc5mo ago

tasn5mo ago

Maybe Orcs?

andrewchambers5mo ago

Was playing around with the idea of p2p source hosting in package trees like nix and did a little weekend package prototype here of my own here:

https://github.com/magnet-linux/magnet-linux

Not really ready for prime time, but I think I have some interesting ideas there at least.

TeeMassive5mo ago

You should focus on the p2p part of code and object distribution. While nix is not perfect, people are not going to learn and adopt yet another package manager.

A distributed git object cache is what is really needed at the moment.

RGBCubeOP5mo ago

whatshisface5mo ago

The UK should make exceptions for its legal firewall for scientific and economic access.

rwmj5mo ago

hnlmorg5mo ago

Is it popular? I’m a parent and none of my parent friends like it.

I suspect this law isn’t popular. Just the messaging of doing nothing is more unpopular. So it gets spun as this is popular.

https://youtu.be/ahgjEjJkZks?si=mGE0k5QT3aXycHtU

1 more reply

exasperaited5mo ago

Except the UK didn't geoblock anything. This is just someone virtue-signalling about internet freedom from a country that has its own problems it should be addressing.

o11c5mo ago

And as always, the answer to "something should be done, but not this" is "then suggest something else that actually addresses the problem".

The internet is full of dishonest "we've tried nothing and we're all out of ideas."

4 more replies

driverdan5mo ago

The UK shouldn't have stupid ID requirement laws at all.

tripplyons5mo ago

I agree, but I sadly believe these requirements will spread to other countries, including the US. The US Supreme Court recently ruled that Texas' ID law is somehow constitutional.

2 more replies

ChocolateGod5mo ago

A lot of the groups pushing these laws actually have good motives (e.g. child abuse charities) but it's clear the current law and implementations are not the solution.

freedomben5mo ago

That would either create a gigantic loophole that makes the safety act toothless, or it would create a giant bureacracy of people who review and approve applications. Either outcome is sub-optimal.

The real answer is to repeal this nonsense (IMHO as a non-UK citizen)

noir_lord5mo ago

Agreed, as a UK citizen.

It as always a stupid idea, see recent discord leak of ID’s.

j / k navigate · click thread line to collapse