I am more concerned about their, umm, gallant approach to security. Not only that OpenCode is permissive by default in what it is allowed to do, but that it apparently tries to pull its config from the web (provider-based URL) by default [1]. There is also this open GitHub issue [2], which I find quite concerning (worst case, it's an RCE vulnerability).
It also sends all of your prompts to Grok's free tier by default, and the free tier trains on your submitted information, X AI can do whatever they want with that, including building ad profiles, etc.
You need to set an explicit "small model" in OpenCode to disable that.
This. I work on projects that warrant a self hosted model to ensure nothing is leaked to the cloud. Imagine my surprise when I discovered that even though the only configured model is local, all my prompts are sent to the cloud to... generate a session title. Fortunately caught during testing phase.
If you're using software someone else wrote, you'd have to repeat this testing phase any time an update is installed, right?
(I do mean this as a general principle, but also it was pointed out elsewhere in the thread that this is a particularly "high velocity" project as far as unexpected changes go.)
I’m curious if there’s a reason you’re not just coding in a container without access to the internet, or some similar setup? If I was worried about things in my dev chain accessing any cloud service, I’d be worried about IDE plugins, libraries included in imports, etc. and probably not want internet access at all.
Yeah — you can develop in a container that’s configured to only allow local access. Your machine is connected to the Internet as usual, so you can access any docs you want or whatever, but the actual execution environment running on your machine can’t. This is pretty easy to set up in Docker, for example. It’s also useful because you can have the same exact dev environment no matter what machine you’re on, OS you’re running, etc.
The small_model option configures a separate model for lightweight tasks like title generation. By default, OpenCode tries to use a cheaper model if one is available from your provider, otherwise it falls back to your main model.
I would expect that if you set a local model it would just use the same model. Or if for example you set GPT as main model, it would use something else from OpenAI. I see no mentions of Grok as default
i ran it through mitmproxy, i am using pinned version 1.2.20, 6 march 2026, set up with local chat completions.
on that version, it does not fall back to the main model. it silently calls opencode zen and uses gpt-5-nano, which is listed as having 30 day retention plus openai policy, which is plain text human review by openai AND 3rd party contractors.
They're talking about before it's configured by the user. It defaults to 'free' models so that the user can ask a question immediately on startup. Once you configure a provider, the default models aren't used.
It depends. For a lot of hardware it's actually easier to get working on linux, because the driver is just part of the kernel and you don't have to do anything special, including manually installing drivers, to get it working.
There are some cases where hardware support on Linux is suboptimal, such as Nvidia cards and many fingerprint readers, but things are a LOT better now than they used to be. Most consumer laptops and desktops will run linux just fine.
In 2022 we got new zen 5 amd cpus almost when they came out, windows did not recognize a bunch of stuff and had to find and download individual drivers. In linux (ubuntu) everything worked out of the box, except only that the LTS release did not support the kernel that supported the new mobos yet and had to install the rolling release instead.
I liked the apple II, and the TRS 80 as I rather like basic. And then I didn’t hate DOS, and then I actively hated the graphical shell of Windows 3, but could not afford a Macintosh -so suffered through it where I had to, but mainly used DOS. Then I discovered UNIX, and did almost all of my work on a timeshare - in the early 90s!
Then Windows 95 came out and I actively hated it, but did think it was amazingly pretty - somehow this was the impetus for me to get a pc again, which I put Windows NT on. Which was profitable for freelance gigs in college. Soon after that, I dual booted it to Linux and spent most of my time in Slackware.
After that, I graduated and had enough money to buy a second rig, which I installed OS/2 warp on - which was good for side gigs. And I really liked. A lot. But my day job required that I have a Windows NT box to shell into the Solaris servers as we ran. Then I got a better class of employer and the next several let me run a Linux box to connect to our solaris (or Aix) servers.
Next my girlfriend at the time got a PowerBook G4 and installed OS X on it. It was obviously amazing. Windows XP came out, and it was once again so much worse than Windows NT - and crashed so much more - which was odd as it was based on Windows NT. (yes 98 was before this but it was really bad). Anyhow, right about here the Linux box I was running at home, died. And it was obvious that I was not going to buy an XP box, so I bought my first Mac.
And it’s been the same for the last 25 years - every time I look at a Windows box it’s horrible. I pretty much always have a Linux box headless somewhere in the house, and one rented in the cloud, and a Mac for interacting with the world.
And like the parent I actively dislike windows. And that’s interesting because I’ve liked most other operating systems I’ve used in my life, including MS-DOS. Modern windows is uniquely bad.
I use windows and absolutely hate the mac UI. Having the current window title bar always at the top of the screen doesn't make any sense when you have a very big monitor. It only made sense with the tiny monitors available when the mac UI was originally created.
Yeah, that is an annoyance for me too but for a different reason. I have set the menu bar to be only in the internal display (to avoid issues with my OLED external monitor) so when I have a window in the external monitor, I have to move the mouse to the internal monitor screen space if I want to open something that is in the app's title bar.
On the other hand, it is actually useful that there is mostly a specific place you find settings etc, as in windows/linux it tends to vary depending on the app where to find those (is there a bar on top of the window? Is there a button to expand a menu somewhere? Something else? Who knows).
No, it is still configurable. You can specify in your opencode.json config that it should be able to run everything. I think they just argued that it shouldn't be the default. Which I agree with.
No, the problem is that when logging in, the provider's website can provide an authentication shell command that OpenCode will send to the shell sight unseen, even if it is "rm -rf /home". This "feature" is completely unnecessary for the agent to function as an agent, or even for authentication. It's not about it being the default, it's about it being there at all and being designed that way.
There is the Parliament's legislative train website [1]. However, it only tracks actual legislative steps, not the intra-Council negotiations, so the proposal's page appears to be have been largely inactive since 2024 [2].
> The shell, perl and python are likely for scripting and not used during runtime.
Some git subcommands are implemented in these. git filter-branch is a shell script, git cvsimport is a Perl script, and git p4 (perforce interop) is a Python script. There are not too many left these days (git add -p/-i also used to call a Perl script), but they exist.
I'm sure you are aware, reading between the lines of what you said, why, but for some others who aren't aware of the history of git; it was originally about 50% C and 50% Perl, the performance critical parts were written in C and then various git commands were written in Perl. Over time almost all the Perl was removed because there were less Perl monks than C devs.
Now it would seem the logic is reversed; even though there are less Rust devs than C devs, Rust is going to replace C. Maybe now that git is large enough and entrenched enough such a move can be forced through.
> it was originally about 50% C and 50% Perl, the performance critical parts were written in C and then various git commands were written in Perl.
IIRC, it was mostly shell, not Perl, and looking at the proportion is misleading: the low-level commands (the "plumbing") like git-cat-file or git-commit-tree were all in C, while the more user-friendly commands (the "porcelain") like git-log or git-commit were all shell scripts calling the low-level commands. Yes, even things we consider fundamental today like "git commit" were shell scripts.
> The EU does not so as time passes the EU's power keeps creeping up.
Actually, the EU has the same concept of enumerated powers (called "competences" in the case of the EU). They are listed in articles 2-6 TFEU [1]. You may argue over whether the EU has too many competences or (in some areas) too little, but it's the same principle. The EU cannot legislate outside areas where power has been expressly conferred to it by the treaties.
This is in fact one point of contention over the "chat control" legislation. It is supposed to be enacted under the "internal market" competence, but similar to the US commerce clause, there is a legal debate over whether that competence is actually sufficient to enable such legislation or whether it is legal cover for encroachment on competences reserved to the member states.
This would of course be up to the ECJ to decide, just as the US Suprement Court would have to decide if any given US federal legislation is covered by the commerce clause.
In addition, there is the Charter of Fundamental Rights, and the ECJ could also strike down EU legislation (as it has done before) if it violates the rights protected by the Charter.
One key tool of power creep are those very treaties. Let's do one more treaty and had things in the small prints. Of course the member states drafted and agreed to those and that's why pressure should be on governments to stop hand over the keys to Brussels.
That's in addition to the constant Commission push for more power and they often overstep their role... We're seeing clearly on issues like Ukraine and, lately Israel.
> Of course the member states drafted and agreed to those and that's why pressure should be on governments to stop hand over the keys to Brussels.
What specific example are you thinking of where additional power was handed to Brussels through an amendment of the treaties?
> That's in addition to the constant Commission push for more power...
If you are worried about the executive trying to expand its power (and something that should be kept in check), may I suggest that the US is not actually a great example right now for how to avoid that?
What you are proposing would amount replacing the current bicameral legislature (with the European Parliament as the lower house and the Council of the EU as the upper house) with a unicameral legislature. That would actually make it easier for bad laws to be passed, especially as the supermajority required in the Council is currently the biggest obstacle for this kind of legislation.
I'll also note that nothing here is per se undemocratic. Both the Parliament and the Council are made up of elected members. The members of the Council (as members of the national governments) are indirectly elected, but elected all the same. Direct election is not a requirement for a democracy (see election of the US president or the US Senate prior to the 17th amendment or the Senate of Canada right now).
That does not mean that there isn't plenty of valid criticism of the EU's current structure, but claiming that it is not "actually democratic" falls far short of a meaningful critique.
Democratic or undemocratic are always subjective terms. For me personally, the level of indirection is a problem. This problem was known since the inception and the reason why the subsidiarity principle was underlined. Sadly, that doesn't seem to apply for important issues like chat control. Imagine accountability on a communal level. We wouldn't even see this crap.
You cannot just add 100 layers of indirection and call it as democratic as direct representatives of your smallest communal voting unit. Any mandate in more indirect position should become weaker if the only metric is indeed democracy.
I agree. Additionally systems where it's really vote for parties and not for people from your region results in elected officials being more loyal to the party than to the people. It would be significantly better if every region voted for their representatives. As it is if you don't belong to a party that gets 5% (or w/e it in your country) you will not be representing your voters even if you win in your area. Who runs in a given region is often decided by a centralized party leadership anyway. The people not only don't get to vote on issues but they can't even elect someone to represent them - just a party official designated to a given region.
Proportionality is always approximate, and you can have proportionality without party votes by having multimember districts with a system like STV, with the degree of proportionality dependent on district size.
Now, with what I think of as probably the ideal manageable district sizes for voters (5-7 members) that is fairly chunky proportionality, so you might still want to do MMP to reduce underrepresentation of geographically diffuse minority positions.
OTOH, there are places which have STV (usually for a whole body elected at large, but you could do the same thing in districts for a larger body) with 20+ seats in a single constituency, and if you go that big per district, MMP is less necessary.
It is not democratic, as long as the President of the Commission is practically chosen by the European Council and the Parliament only can say yes or no.
And as shown in the last two terms of Von der Leyen, saying no doesn't actually do anything, because the same candidate can be proposed again.
They have their own neighbourhood and rarely mix with the rest of the population. Their Dunbar number (the max. amount of meaningful interpersonal connections that a person can maintain) is fully reached within that inner circle of European power.
Ironically, we managed to re-create a Forbidden City full of mandarins and eunuchs, or a new Versailles, only now they wear modern suits.
Scaling power institutions is always tricky, and this is the main risk.
Good point. At this point I would not be averse to mandating baroque fashion for everyone involved with the EU in that quarter. Also, the yearly trek to Strasbourg shall be made by horse drawn coach (that'll put an end to that wasteful travesty at least).
Eventually it gets on your nerves how much worse the city has to be to cater to the Institutions.
There's something about non-taxed coddled elites eating oysters and drinking champagne at 9AM on a Sunday that makes you a bit of a cynic.
And then, of course, all your friends works for the research companies that get paid a fortune to provide advice to the Eurocrats. But well, your friend has a Bachelor's in Marketing and she's being considered an expert on Soil Research because… eh, the agency is getting paid.
The Bubble is there and you'll be exposed to it. It's not a good Bubble. It's mostly young MBAs and Political Science majors that think they know how to fix everything.
(And some very talented people, of course. It's not all bad.)
It is undemocratic. Voting for only 720 people in the entire EU apparatus once every 5 years, whilst they are part of across-borders parties is not democracy but oligarchy with the illusion of choice.
Elected officials, elected judges and binding referenda would make it democratic.
We did not elect EU leaders. They keep secrets (COVID vaccin deals), they exempt themselves from ChatControl, they are obliged to store their communications yet internally recommend Signal with disappearing messages. Whats democratic about it?
The council is composed of representatives of each state. That means you did not vote for 26 out of the 27 members, and most states don't have special elections for European Council members* -- which means that most of them have not been elected into their Council position.
* the Council of composed of ministers and heads of government. Ministerial posts are distributed among the winning party members in pretty much every country, and only presidential systems have a direct election for their head of government. In constitutional monarchies, the head of government is commonly assigned to the largest party leader, but it's not a directly electable position.
The parliament seats are also apportioned by state. I don't find that a bad idea, living in a small country, and I don't see why the council seats being divided by country is a worse idea than the system in the parliament.
It's federalistic. It's a bit drastic - but I guess no one could imagine one state having 66 times the population as another in 1789. Other federal states compensate for that - for example, in the German Bundesrat, each state gets 3 to 6 seats according to population.
A problem for the US is that /both/ chambers of parliament are skewed that way.
The House is neither proportional (structurally represents parties roughly in proportion to their vote share) nor, what I expect you mean, divided into districts of equal population. The size difference between the smallest and largest districts—RI district 2 and Montana’s at large district—is 1:2 in population. It’s less unequal than the Senate, but its still not equal representation.
And, despite certain bills having to originate in the House, the Senate is more powerful since all Congressional powers either require both houses in concert or the Senate alone (except for electing the President when there is an electoral tie, which the House does but with a voting rule of one-vote-per-state-delegation which gives it the same undemocratic weighting as the Senate has normally.)
> The size difference between the smallest and largest districts—RI district 2 and Montana’s at large district—is 1:2 in population.
Come again? MT and RI have the same approximate population (1.1M) and the same number of representatives (2). I’m talking about the state level here.
> all Congressional powers either require both houses in concert
Right, they act as checks and balances upon one another. Equal-sized representation to give smaller states a way to avoid being steamrolled by the will of the largest states — why would states want to stay in a union where they have no hope of representation? Methinks if Alabama and Mississippi kept everything about themselves politically the same yet were both the size of California and New York you’d probably be of a different mind about the importance of the senate.
> What you are proposing would amount replacing the current bicameral legislature with a unicameral legislature.
Note they wrote "Start by removing...", not "Finish with".
You could remove Council of the EU and then create another "upper house". But its personnel would have to be nominated differently. Perhaps directly elected? But that would be tough.
Re the direct vs indirect election, note that in some countries governments do not have to consist of MPs. Like currently in France, you have a directly elected president who then nominates whoever to be his head of government and ignore the parliament for a while. And that government has a say in the Council. And at that point it's good to answer the question, at which level of indirection can we say there is a deficit of democracy?
Also note that it's quite unusual for a democracy that the 'lower house' (EP) does not have legislative initiative, can't propose laws. Is that a deficit of democracy yet?
Of course I understand it's all because national governments do not want create another centre of power, but the issues are very real.
You are not only being far too generous in your rationalization for how the EU is democratic and representative but are making category mistakes.
The founders of America were very much not fans of democracy beyond a loose similarity through representation of the will of the people, which is precisely why they had indirect elections of the US Senate and President that actually gave rural areas more power to balance and prevent power concentration in urban areas and the federal government. The federal government, what you think of as the USA, was never supposed to be this powerful.
It always baffles me that even in this programming, systems, networks, etc. focused community it seems that the majority of people have approaching zero ability to think through systems’ effects in a systematic manner.
Sure, call the EU democratic if you want to bend every characteristic, squint, ignore, stretch, and rationalize to the point of exhaustion; but no matter what, representative of the will let alone the interest of the people, the EU is not in any way. It is actually obviously and clearly a hostile and even an existential enemy of the various peoples and cultures of Europe.
Your category mistakes are made in things like calling the council the upper chamber. If you can ascribe that role to anything at all in the EU, you can squint hard and say that would be the Commission, but I even loathe saying that because it is also just so wrong because the EU is such a perversion of all systems associated with democracy. It’s basically all just a kabuki theater to give the illusion of authority through process. That is quite literally what it was designed for to defraud the people of control over their own government, as in the self-governance.
The council is a political body of coordination, it quite literally has no direct role on the legislative process and it also is largely comprised of people who are elected by several layers of abstraction and also basically just rubber stamp “laws” that went through the kabuki theater of fake democratic process.
It varies, but just take Germany as an example since there seem to beer many Germans here; Merz is the representative from Germany, he was not elected by the people, he was elected by representatives in the German lower chamber, which is comprised of people who are also not directly elected as Germany is a system of party politics where the best brown-nosers are elected among the party apparatchiks to represents the party in order of brown-nosing based on party election results. The people did not elect those representatives in the lower chamber.
For any Americans reading this, it would be like when you vote for your House Representative, you don’t actually vote for anyone who Is directly accountable to you as a person in the district, you vote either Democrat, Republican, {fill in the party} and then the party decides who it wants to send to the House after the election.
But it gets worse. That “election” of Merz was accomplished by an “alliance” of parties that include major losers of the last election and also excludes the major winners of that election in direct opposition of the will of the people, regardless of what you personally think of the parties or the electorate. So imagine if your party made major electoral advances, but it was still excluded from the government. And that’s just not even EU fake democracy, that’s just lower level German representative democracy veneer.
What you are trying to sell as democracy here, let alone representation of the will of the people, is basically nothing but the EU being democratic homeopathy, only it’s actually lethal and existential poison wrapped in delicious food… if I can extend and mix metaphors here.
America has its own problems and the current perversion of the government is a direct antithesis to what the founders created or at least tried to create; but at least for the time being in America, regardless of how perverted and polluted this subsystem has also become, Americans still can elect their representatives directly in the form of US House members that are directly accountable to the electorate.
The American system is many levels flatter than basically everything in the EU, not even to mention the several layers of abstraction from democracy on the country level, and ignoring the state level.
In effect, even though my EU friends seem to not want to believe their lying eyes because then it would make it true to them, the EU is an elaborate bait and switch to deliberately, methodically, and systematically disposed and depose the people of self-governance. It is why and how Europe is being at the same time dismantled and destroyed at its core, while at the same time being all polished and nice looking wrapped in all kinds of marketing propaganda/PR. It’s basically like a garbage construction mega-McMansion built on destroying several pristine, unique ecosystems that cause the extinction of thousands of species, but the conical owners who built it through loan fraud are extremely proud of their gaudy palace of decadence and self-destruction.
I don't know what's ideal but it should be more direct and more local.
If the goal of democracy is to implement will of the people the current system fails miserably as the loyalty of party officials is to the party not to the people (it's more important for them to have good position in the party than among local voters).
In Poland for example you can't get to EU parliament if you are not chosen by centralized party committee to run. You can't get in as an independent because your party needs to get 5% of the votes in the whole country. This means we not only can't vote on issues but we can't even choose people to represent us unless they get a nod from the party. Guess whose interests they are going to defend once in power.
This makes power completely detached from the voters. The only politics is inside the party. This is not democracy by any reasonable measure.
Some levels up your question, there's a big post comparing an extremely narrow part of the US system with an extremely narrow selection of parts of the of the EU system.
You have a very valid point in that if you narrow it enough the argument loses weight.
Aside from the often cited nullability issue, here is an (incomplete) list of important things that Kotlin still does better than Java:
- First class, fully functional closures.
- Non-abstract classes and methods are final by default.
- Named parameters.
- Easy to write iterators via sequence { ... }
- First class support for unsigned types.
The same argument would apply to any non-compacting allocator, because the worst case memory blowup due to external fragmentation is huge. But such cases are extremely rarely observed in practice, so people use e.g. standard malloc()/free() implementations or non-compacting garbage collectors without being concerned about that.
In addition, there are plenty of cases where memory usage is unbounded or excessive, not because of allocator behavior, but because of programming mistakes. In fact, memory can sometimes blow up just because of large user inputs and very few systems are prepared for properly handling OOM conditions that happen legitimately.
Case in point: Both CRuby and Apple's JavaScriptCore have garbage collectors that use conservative stack scanning and are widely used in production systems without the world ending.
That said, you're probably not going to use conservative stack scanning because of collection speed alone. There are other trade-offs between conservative stack scanning and precise stack scanning that weigh more heavily.
I'll add the caveat that I would be very cautious about using a conservative GC on 32-bit systems, but on 64-bit systems this is about as much of a concern as memory fragmentation.
> But such cases are extremely rarely observed in practice
After long years of finding problems and trying to encourage, pressure, bribe, cajole and finally yell at people about said problems, my professional opinion is that people aren’t very observant, and either do not see problems or pretend not to see them.
They just reboot the process every 48 hours and walk away.
And sadly continuous deployment is making this worse. The collective We have problems that only show up on three or four day weekends, right when you don’t want to be on call.
As somebody who uses and likes both Kotlin and Python (and quite a few other languages), I'd be cautious with using a subjective term such as "more expressive", too, but I can possibly shed some light on where such feelings come from.
Personally, I see Kotlin as the closest thing to a statically typed Smalltalk that we have among major languages, and that's a major draw.
A key part here is that Kotlin closures are fully-featured equivalents of Smalltalk blocks (up to and including even non-local returns [1]), whereas in many other languages that falls short. Java does not allow mutation of local variables and Python restricts lambdas to normal expressions.
I find code whose behavior can be parameterized by code to be an essential feature of modern-day programming and this should be as frictionless as possible.
This is also a situation where syntax matters, and while it isn't quite as nice as Smalltalk, Kotlin's syntax (esp. with trailing closures) make such code as readable as possible in a brace-style language with minimal additional syntactic noise.
In a similar vein, the functionality of Smalltalk's cascades is offered through scope functions [2], especially `.run {}`.
But ultimately, fully-featured closures (and the fact that they are widely used in the standard library) power a lot of the things that people seem to like about Kotlin.
That does not mean that there aren't downsides. The limitations of running on the JVM are one (e.g. while Kotlin has workarounds for the JVM's type erasure, they're still workarounds), and then Gradle is arguably Kotlin's weakest point (which apparently even JetBrains are seeing, given their investment in Amper).
That said, personally I'd say Kotlin's static typing and performance would be the primary reasons for me to reach for Kotlin over Python, not necessarily expressiveness. Type annotations in Python + mypy etc. just aren't the same experience, and writing performance-sensitive code in Python can be very tricky/hacky when you can't delegate the hot paths to numpy or other existing C/C++/Rust libraries.
Conversely, Python often has a leg up when it comes to fast prototyping and scripting, even with Kotlin Worksheets in IntelliJ IDEA and with kscript.
[1] Which, to be clear, are a nice-to-have thing, not essential, but still impressive that even that was covered, when previously Ruby was the only major language I know of that did it.
sequence { for (x in 0..<10) for (y in 0..<10) yield(x*y) }.toList()
Now, technically, Kotlin doesn't have list comprehensions, only the equivalent of generator expressions in Python, so you have to tack an extra `.toList()` on at the end if you want a list, but you can write pretty much any for comprehension in Python in a similar way in Kotlin.
On the other hand, you're not limited to for loops/ifs inside such a generator, but can use fairly arbitrary control flow.
What happens under the hood is that a `sequence {}` call creates an instance of `SequenceScope`, which has `yield()` and `yieldAll()` methods. When executing the block, `this` will reference that particular instance and `yield()` is essentially `this.yield()` and will call the method on the scope instance.
The actual functionality is then provided by the coroutine system, though a lot of the heavy lifting is done by the optimizer to eliminate all or most of the runtime overhead.
[1] https://opencode.ai/docs/config/#precedence-order
[2] https://github.com/anomalyco/opencode/issues/10939