I am really interested to give it a try since I am a big fan of nushell but also really enjoyed LISP through clojure.
Nushell is great because it is really "battery included" in the sense that it ships with most of what you will ever need: http client (no need for curl), export/import of most formats (yaml, toml, csv, msgpack, sqlite, xml), etc. That really avoids the library or tool shopping problem.
You can copy the 50MB nushell binary on almost anything and your script will work.
This is why this is really a "modern shell" as it includes what you need in 2026, not 1979.
This is also why I use nushell rather than python or lua for most scripts.
I am not familiar with the Scheme ecosystem but see you are implementing a lot within your shell (http client, sqlite support) what is great. But does that mean I can produce a Schemesh binary that will include Chez Scheme and run my script on any Linux or FreeBSD host?
Anyway I think what you are doing is really great !
> I am not familiar with the Scheme ecosystem but see you are implementing a lot within your shell (http client, sqlite support) what is great.
Yes. Initially, I wanted to integrate http client, sqlite client etc. directly in the main shell executable.
This turned out to be impractical, because it introduces compile-time dependencies on external libraries, and because any bug, vulnerability or crash in the C code would bring down the whole shell.
My current solution is to have separate C programs (currently `http` and `parse_sqlite`) that are not compiled by default: you need to run `make utils` to build them.
> But does that mean I can produce a Schemesh binary that will include Chez Scheme and run my script on any Linux or FreeBSD host?
Yes, exactly. Schemesh is a C program that includes both Chez Scheme REPL and shell features.
I would have loved to be in the meeting where they were wondering how to replace the highly costly and complex influence tool that was USAID, and then someone said:
Fining people and corporations as a way to project power is being overused in the EU and the UK.
As most people have once been fined unfairly they will empathize with any target.
The real problem is when the first one says "I'm not paying", then you have to seize bank accounts or project physical force.
But it get dangerous when enough people do not have much on their bank account and are getting really angry.
Simply because if you were to ban this type of platform you wouldn't need Musk to "move it towards the far right" because you would already be the very definition of a totalitarian regime.
But whatever zombie government France is running can't "ban" X anyway because it would get them one step closer to the guillotine. Like in the UK or Germany it is a tinderbox cruising on a 10-20% approval rating.
If "French prosecutor" want to find a child abuse case they can check the Macron couple Wikipedia pages.
> if you were to ban this type of platform you wouldn't need Musk to "move it towards the far right" because you would already be the very definition of a totalitarian regime
Paradox of tolerance. (The American right being Exhibit A for why trying to let sunlight disinfect a corpse doesn’t work.)
> The VM must be publicly accessible on TCP ports 80 and 443, and UDP port 3478.
> A public domain name that resolves to the VM’s public IP address.
Since it already uses DNS it's disappointing that it hardcodes ports instead of using SRV records. IMO anything that can use SRV records should. It makes for a more robust internet.
For someone who want to setup a private network between host/devices, I feel the dilemma is always:
1. Trust a third party like Tailscale by giving them the key to your kingdom, but everything is incredibly easy and secure.
2. Self-host but need at least one host with a fixed IP address and an open port on the Internet. What requires a set of security skills and constant monitoring. That includes headscale, selhosted netbird, zerotier or a private yggdrasil mesh.
You can conceal that open port with some form of port knocking. Though this does reinforce your "easy" point.
Also, if it's an UDP port, then using a protocol that expects first client packet to be pre-authenticated and not emitting any response otherwise gets you pretty damn close to having this port closed.
I looked into it but it seems that port knocking and Single Packet AuthZ literally open the firewall and expose the port when used.
Meaning it is great to reveal the SSH port when needed, do your business quickly and close it back when you are done. But my guess is those overlay networks need to port available all the time, so...
When I look at these zero trust solutions need 80/443 for what seems some type of bootstrapping
Better it happens using the same approach wireguard takes (udp/stateless). Though I'm not sure if there's more than just bootstrap taking place, maybe constant routing updates etc
Why do you think thats against the principles of zero trust? Wireguard is a wire transport, it has no control plane... I think what you are alluding to is the centralised control plane which makes it possible to operate at scale (and much more).
You could use a solution that allows you to have E2E with private sovereign keys on the endpoint, as well as bring your own IdP/PKI, so the provider does not have your keys. Would that be good enough?
Nushell is great because it is really "battery included" in the sense that it ships with most of what you will ever need: http client (no need for curl), export/import of most formats (yaml, toml, csv, msgpack, sqlite, xml), etc. That really avoids the library or tool shopping problem. You can copy the 50MB nushell binary on almost anything and your script will work.
This is why this is really a "modern shell" as it includes what you need in 2026, not 1979.
This is also why I use nushell rather than python or lua for most scripts.
I am not familiar with the Scheme ecosystem but see you are implementing a lot within your shell (http client, sqlite support) what is great. But does that mean I can produce a Schemesh binary that will include Chez Scheme and run my script on any Linux or FreeBSD host?
Anyway I think what you are doing is really great !
reply