1.

I have modules disabled in my kernel (on Gentoo), so I’m probably safe. :)

1. 17

I’m probably not the only one with the opinion that rewrites in Rust may generally a good idea, but Rust’s compile times are unacceptable. I know there are efforts to improve that, but Rust’s compile times are so abysmally slow that it really affects me as a Gentoo user. Another point is that Rust is not standardized and a one-implementation-language, which also discourages me from looking deeper into Haskell and others. I’m not saying that I generally reject single-implementation languages, as this would disregard any new languages, but a language implementation should be possible without too much work (say within two man-months). Neither Haskell nor Rust satisfy this condition and contraptions like Cargo make it even worse, because implementing Rust would also mean to more or less implement the entire Cargo-ecosystem.

Contrary to that, C compiles really fast, is an industry standard and has dozens of implementations. Another thing we should note is that the original C-codebase is a mature one. While Rust’s great ownership and type system may save you from general memory-handling- and type-errors, it won’t save you from intrinsic logic errors. However, I don’t weigh that point that much because this is an argument that could be given against any new codebase.

What really matters to me is the increase in the diversity of git-implementations, which is a really good thing.

1. 20

but a language implementation should be possible without too much work (say within two man-months)

Why is that a requirement? I don’t understand your position, we shouldn’t have complex, interesting or experimental languages only because a person couldn’t write an implementation by himself in 2 months? We should discard all the advances rust and haskell provide because they require a complex compiler?

1.

I’m not saying that we should discard those advances, because there is no mutual exclusion. I’m pretty certain one could work up a pure functional programming language based on linear type theory that provides the same benefits and is possible to implement in a reasonable amount of time.

A good comparison is the web: 10-15 years ago, it was possible for a person to implement a basic web browser in a reasonable amount of time. Nowadays, it is impossible to follow all new web standards and you need an army of developers to keep up, which is why more and more groups give up on this endeavour (look at Opera and Microsoft as the most recent examples). We are now in a state where almost 90% of browsers are based on Webkit, which turns the web into a one-implementation-domain. I’m glad Mozilla is holding up there, but who knows for how long?

The thing is the following: If you make the choice of a language as a developer, you “invest” into the ecosystem and if the ecosystem for some reason breaks apart/dies/changes into a direction you don’t agree with, you are forced to put additional work into it.

This additional work can be a lot if you’re talking about proprietary ecosystems, meaning more or less you are forced to rewrite your programs. Rust satisfies the necessary condition of a qualified ecosystem, because it’s open source, but open source systems can also shut you out when the ABI/API isn’t stable, and the danger is especially given with the “loose” crate system that may provide high flexibility, but also means a lot of technical debt when you have to continually push your code to the newest specs to be able to use your dependencies. However, this is again a question of the ecosystem, and I’d prefer to only refer to the Rust compiler here.

Anyway, I think the Rust community needs to address this and work up a standard for the Rust language. On my behalf, I won’t be investing my time into this ecosystem until this is addressed in some way. Anything else is just building a castle on sand.

1.

A good comparison is the web: 10-15 years ago, it was possible for a person to implement a basic web browser in a reasonable amount of time. Nowadays, it is impossible to follow all new web standards and you need an army of developers to keep up, which is why more and more groups give up on this endeavour (look at Opera and Microsoft as the most recent examples). We are now in a state where almost 90% of browsers are based on Webkit, which turns the web into a one-implementation-domain. I’m glad Mozilla is holding up there, but who knows for how long?

There is a good argument by Drew DeVault that it is impossible to reimplement a web browser for the modern web

1.

I know Blink was forked from webkit but all these years later don’t you think it’s a little reductive to treat them as the same? If I’m not mistaken Blink sends nothing upstream to webkit and by now the codebases are fairly divergent.

2. 6

I feel ya - on OpenBSD compile times are orders of magnitude slower than on Linux! For example ncspot takes ~2 minutes to build on Linux and 37 minutes on OpenBSD (with most features disabled)!!

1.

37 minutes on OpenBSD

For reals? This is terrifying.

1.

Excuse my ignorance – mind pointing me to some kind of article/document explaining why this is the case?

1.

There isn’t one. People (semarie@ - who maintains the rust port on OpenBSD being one) have looked into it with things like the RUSTC_BOOTSTRAP=1 and RUSTFLAGS='-Ztime-passes -Ztime-llvm-passes' env vars. These point to most of the time being spent in LLVM. But no one has tracked down the issue fully AFAIK.

2. 5

Another point is that Rust is not standardized and a one-implementation-language

This is something that gives me pause when considering Rust. If the core Rust team does something that makes it impossible for me to continue using Rust (e.g. changes licenses to something incompatible with what I’m using it for), I don’t have anywhere to go and at best am stuck on an older version.

One of the solutions to the above problem is a fork, but without a standard, the fork and the original can vary and no one is “right” and I lose the ability to write code portable between the two versions.

Obviously, this isn’t a problem unique to Rust - most languages aren’t standardized and having a plethora of implementations can cause its own problems too - but the fact that there are large parts of Rust that are undefined and unstandardized (the ABI, the aliasing rules, etc) gives me pause from using it in mission-critical stuff.

(I’m still learning Rust and I’m planning on using it for my next big thing if I get good enough at it in time, though given the time constraints it’s looking like I’ll be using C because my Rust won’t be good enough yet.)

1.

As much as I understand your point about the slowness of compile time in Rust, I think it is a matter of time to see them shrink.

On the standard point, Haskell have a standard : Haskell 2010 . GHC is the only implementation now but it have a lot of plugins to the compiler that are not in the standard. The new standard Haskell 2020 is on his way. Implementing the standard Haskell (not with all the GHC add-ons) is do-able but the language will way more simple and with flaws.

1.

The thing is, as you said: You can’t compile a lot of code by implementing Haskell 2010 (or 2020 for that matter) when you also don’t ship the “proprietary” extensions.

1.

It is the same when you abuse GCC or Clang extensions in your codebase. The main difference with Haskell is that you, almost, only have GHC available and the community put their efforts in it and create a ecosystem of extensions.

As for C, your could write standard-compliant code that an hypothetical other compiler may compile. I am pretty sure if we only had one main compiler for C for so long that Haskell have had GHC, the situation would have been similar : lots of language extension outside the standard existing solely in the compiler.

1.

If I remember correctly 10 years ago hugs was still working and maybe even nhc :)

1.

Yep :) and yhc never landed after forking nhc. UHC and JHC seem dead. My main point is mainly that the existence of a standard does not assure the the multiplication of implementations and the cross-cIompilation between compilers/interpreters/jit/etc. It is a simplification around it and really depends on the community around those languages. If you look at Common Lisp with a set in the stone standard and a lot of compilers that can pin-point easily what is gonna work or not. Or Scheme with a fairly easy standard but you will quickly run out of the possibility to swap between interpreters if you focus on some specific stuffs.

After that, everyone have their checklist about what a programming language must or must not provide for them to learn and use.

2.

But this is exactly the case: There’s lots and lots of code out there that uses GNU extensions (from gcc). For a very long time, gcc was the only real compiler around and it lead to this problem. Some extensions are so persistent that clang had no other choice but to implement them.

1.

But does those extensions ever reached the standard? It as asked candidly as I do not know a lot of the evolution of C, compilers and standard that much.

1.

Interesting read and I completely agree. I mentioned this issue yesterday about Rust and the ongoing discussion might’ve sparked this submission.

Still, the conflict between simplicity (leading to many extensions, like with Haskell) and broadness (leading to complex standards, like with Matrix) seems to be a tough balance to make.

1. 3

Javascript protest shenanigans aside.

Why would you not just use an C enum for this instead?

1. 3

enums are typed down to integer types. C compilers do not show any warning for different typedefs, and not even assignment for different types. Only comparison of different types, or alike.

but for a struct, different struct names are considered as different types. The compiler will bug you out, this is what is desired: structs are a way to declare to the compiler that you actually mind very much how that variable is typed.

1. 4

You can use enum-typed variables (including return-values) in C, and the compiler warns you when you mix different enums. This is especially handy when you are working with FSMs. I understand the C-criticisms, but enum-mismatching is none of it if you are using enums right and not just store them in ints.

1. 1

I actually like enums and use them a lot ! :)

I learned something today…

1. 2

I’m glad to hear that! I actually also found out about it a few years ago while working with FSMs and it helped me tremendously.

1. 1

One obvious use-case I see is returning an enum mylib_errno, and switching on that… or s/errno/state-machine-step/, or oneshot get_state() instead of zillion as big is_state_1(), is_state_2(), …

2. 3

There’s this obscure language I like that’s actually a backwards compatible superset of C, so you can compile your C code with it and use some of its new features as you see fit. One of them is called “enum classes” and it solves this problem perfectly.

1. 3

Is that the one you’re not allowed to talk about because it’s not C or Rust?

I hear it’s okay for some stuff, not sure if anything critical has been written in it.

1. 5

I worked with Blender for a few years around 12 years ago, starting with Blender 2.45 until 2.53. It was a great time and I am really impressed how far it has come. The Open Source community really needs a video editor project comparable to Blender, and we might be able to really satisfy the full stack of creative work.

1. 3

Does it have to be a separate project? Blender already contains a pretty good video editor.

1. 6

Just like all the other GNU projects, GnuTLS has a horrible coding style and tends to be bloated with macros and overall unnecessary complexity. It’s no wonder that such serious problems remain unseen, not only due to the fact that the code is harder to read and inspect, but mostly because fewer people want to work on such messy codebases.

Still, the diversity of TLS-implementations is a valuable good, but I prefer putting my bets on projects like BearSSL and LibreSSL than some messy legacy GNU-incarnation.

1. 3

BearSSL is very nice. LIbreSSL is an essential project (like stopping a dumpster fire).

I like https://github.com/ARMmbed/mbedtls as well, which is supported by quite a few projects, like https://umurmur.net/.

1. 22

I worked for many years at a company that made high-end security-related network devices. We had been our own little startup, then we were acquired by a bigger company, and then we were acquired by an enormous company, in the span of around four years.

When we had been a startup, we did most of our manufacturing in the US (using generally imported parts, of course). When we were bought by the bigger company, that continued. When we were bought by the enormous company, our manufacturing was moved to China.

The first problem was QA. Customers were getting boxes with the motherboards not screwed in. They were getting boxes without drives in them. They were getting boxes that were more-or-less empty cases. They were getting boxes without RAM or rack rails or no software installed on them. It was so bad that, at one point, we had to ship all of the hardware from China to our offices here first, manually check them, and then ship them on to the customer. It was absurd and absolutely not worth whatever savings we were getting from having moved the manufacturing overseas.

But the biggest thing was the absolute disregard for intellectual property or even basic decency. We noticed 6-8 months later that systems that looked a hell of a lot like ours were being sold throughout Asia, in markets that we didn’t really have a sales presence in. The software was the same. The documentation was the same, even down to the same typos. I had written the compiler that turned our security-related signatures into executable code, and I modified it to insert a bunch of chaff and obfuscated non-working code and, sure enough…that showed up in these products.

We confronted the Chinese factory owners about this and they screamed in our faces the equivalent of “how dare you claim we were dishonest!” even when we showed them to their faces how the products were essentially identical. I wasn’t at that meeting but a friend of mine was there and told me the story when he got back to the US.

The management at Enormous Company didn’t care. It was more important to them to keep the manufacturing base in China and just eat the cost of counterfeit products. The board and executives got their million-dollar bonuses and I got to watch as my hard work was stolen while being condescendingly told that it was unavoidable. It really jaded me.

1. 2

Thanks for sharing this story. I can’t wait for manufacturing to re-nationalize, as it will not only raise the quality of products, but also decrease international interdependencies.

1. 2

Thanks a lot for sharing this real life story!

Are there any network equipment brands you would recommend for SOHO?

1. 1

Counterfeiting of even complex electronics does appear to be rife. Checking eBay for products as diverse as Dell H200 SAS HBAs and Intel i350 network adapters shows many “OEM” products sold by Chinese sellers - these are almost certainly all counterfeits. Discussion on the ServeTheHome forums suggests that these may be made in the same factories as the legitimate products, just after hours when the “regular” manufacturing run is complete. In isolation it’s hard to spot a fake - they very often have the same holograms, branding, etc as the originals.

1. 3

The fundamental problem is that current neural networks lack a way to express uncertainty about their answers, which would help refining the output, and there’s current research going on in this regard. However, there’s no denying that we’ll be there in 10 years given how primitive chatbots used to be 10 years ago.

1. 7

LibreOffice is such a big bloated project that it’s probably hard to find people interested in maintaining/developing it. It is by far the ebuild with the longest compilation time on Gentoo (even surpassing Firefox and Chromium), and even though I found a small GUI-bug last week, I’m not tempted to submit a bug for it, as I don’t feel up to debug it or even write a patch for it, and I hate submitting bugs without doing my homework.

Considering the topic at hand, open source development can work this way, and the Document Foundation should look into paid support contracts to support their work.

1. 6

(fellow Gentoo user here) Honestly, I find Chromium’s build time exceeds that of LibreOffice.

1. 3

I’m also not a big fan of this, @adamretter. As others said, this just convolutes the established UUID/ACID into something that would not be as easily findable with a search engine for questionable technological gain. Your format’s inaccessibility only makes it, as you said, usable for machines, but if you’re talking about machine-curated records, they would most likely be compressed, and a compression algorithm might have more effect on data length than such an URL-shortening-method.

1. 1

This just adds bloat to this protocol and the mentioned performance-benefits are marginal compared to the fact that most websites have become Megabyte-Behemoths. This fastly-blog-website is 5.73MB! And it’s not images; 5.11MB are just CSS and Javascript.

1. 6

Lobsters, please don’t become Hackernews. People who want to talk about polarizing political subjects can head off to Twitter. Meanwhile, the rest of us can bond over our excitement about how computers work.

1. 6

I came here because I wanted a place that isn’t HN to have interesting discussions with smart people. I wish lobesters would allow more non-programming content. On HN you’ll get banned for writing anything that makes YC, YC companies, or VCs in general look bad because they don’t want that showing up on their own website.

1. 2

Exactly! I couldn’t agree more.

1. 1

I don’t think they have to be exclusive; it’s not like you need to participate in this thread.

Technical discussion spilling over in to politics would be problematic, but that’s not what’s going on here. I don’t see how an occasional thread about tech intersecting with politic takes away anything from your preference for more technical content. It’s perfectly reasonable for not wanting to engage in that, in which case you can just ignore it.

1. 6

It’s probably only because Rust is so unreadable that they didn’t find anything. /s

On a serious note, no matter what you think about Rust, more diversity in the realm of TLS libraries is a good thing. Just like BearSSL, rustls offers a way to escape the factual OpenSSL-monoculture.

1. 2

It’s probably only because Rust is so unreadable that they didn’t find anything. /s

I see the /s, but is that a common criticism? I genuinely do not know how Rust is perceived other than the hype/enthusiasm.

1. 3

Speaking from experience, there’s technically nothing wrong with Rust’s syntax. In fact, there’s lots of great stuff about it, like types that remain human-readable even when they’re complex (nested arrays and function pointers are easy). Greppable fn keyword for function definitions is very handy too.

However, Rust tries to look like C, but has syntax details significantly different from C. I suspect it gives an “uncanny valley” impression to users coming from C-family languages. Rust doesn’t need as many round parens, but requires more braces: if true {}. Rust has generics, which sometimes sprinkle the code with lots of <T>. This might affect overall aesthetics of the code, but I don’t find anything that would be objectively unreadable about that.

1. 1

Ive seen many say it’s hard to learn but don’t see much of that claim. All the changes going on in the Rust ecosystem, esp libraries, suggests folks can read the code fine. Suggests, not proves.

1. 20

This is a really good idea and I’ve adapted this in all of my projects. Now, what should I do with my diploma that says “Master of Science”? /s

On a serious note, I don’t see how that would even effect anything. As many have elaborated really well below, this looks more like virtue signaling than real action. Nevertheless, we can also see that this sparks up useless debates and even further opens up the gaps in society, which nobody wants. Let’s work together in other areas to make world a better place and not follow the academic self-sufficient theory that language was any part of the problem.

1. 11

Not everything is UTF-8, but it should be.

1. 3

Do you think should file paths on Unix systems be UTF-8 instead of simply being encoding-agnostic byte sequences terminated by 0x00 and delimited by 0x2F? I can see it both ways personally. As it stands, file paths are not text, but they’re nearly always treated as text. All text definitely should be UTF-8, but are file paths text? Should they be text?

1. 28

Paths consist of segments of file names. File names should be names. Names should be text. Text represented as a sequence of bytes must have a specified encoding, otherwise it’s not text. Now the only question left is: which encoding should we use? Let’s just go with UTF-8 for compatibility with other software.

I would actually put further restrictions on that:

• file names should consist of printable characters — what good is a name if the characters it’s made of cannot be displayed?
• file names shouldn’t be allowed to span multiple lines — multiline file names will only cause confusion and will often be harder to parse (not just for humans, but also for CLI programs)

As it is now in Unix, file names aren’t for humans. And neither are they for scripts. They’re for… file systems.

1. 6

I agree with you about those restrictions. In some sense, Windows has succeeded in this area, where Unix has failed. In Unix:

• File names can begin with a hyphen, which creates ambiguity over whether it is a command-line flag or an actual file (prompting the convention of -- separating flags from file arguments).
• File names can contain newlines, which creates almost unsolvable problems with most Unix tools.

In Windows, however (source):

• File names cannot contain forward slashes, and thus cannot be confused with command-line flags (which begin with a slash).
• File names cannot contain line feeds or carriage returns. All characters in the range 0-31 are forbidden.
• File names cannot contain double quotation marks, which means you can very easily parse quoted file names.

Of course, both allow spaces in file names, which creates problems on both systems. If only shell/DOS used commas or something to separate command-line arguments instead of spaces…

1. 1

Windows also doesn’t allow files named NUL, PRN, or CON. :D

2. 5

There is a long essay by David A. Wheeler about problems that are caused by weird filenames and what we might do to fix them. Including suggestions on possible restrictions that operating systems might impose on valid filenames. Prohibiting control characters (including newline) is one of the items on the list. Scroll down to the very bottom to see it.

1. 2

Ideally you want to bring reasonable naming capabilities to folks from the world of non-latin character sets. That’s a really good driver to go beyond existing C-Strings and other “Os String” encodings.

But when you say “UTF-8, but printable”, it’s not UTF-8 anymore. Also, what’s a “line”? 80 characters? 80 bytes? Everything that doesn’t contain a newline? Mh. Allowing UTF-8 will bring some issues with Right-To-Left override characters and files named “txt.lol.exe” on certain operating systems.

It’s tough, isn’t it? :-)

1. 7

Also, what’s a “line”? 80 characters? 80 bytes?

Anything that doesn’t contain a newline. The point is that filenames with newlines in them break shell tools, GUI tools don’t allow you to create filenames with newlines in them anyway, and very few tools other than GNU ls have a reasonable way to present them.

Lots of stuff doesn’t allow you to include the ASCII control plane. Windows already bans the control plane from file names. DNS host names aren’t allowed to contain control characters (bare “numbers and letters and hyphen” names certainly don’t, and since domain registrars use a whitelist for extended characters, I doubt you could register a punycode domain with control characters either). The URL standard requires control plane characters to be percent encoded.

1. 1

\r\n or \n? ;) You get my point?

1. 3
1. If it includes \r\n, then it includes \n.

2. If the goal is to avoid breaking your platform’s own default shell, then the answer should be “whatever that shell uses.”

3. 3

“Is” and “ought”, however, remain dangerous things to confuse.

1. 2

Really nice article, @karjudev, but I noticed one small issue/error: The formula for the page rank z_i is malformed in that the sum-index is not under the sigma but right next to it instead.

1. 2

Thank you for your appreciation! Actually the formula is well formed in LaTeX: z_i = \sum_{j \in \mathcal{I}_i} P_{ij} z_j. This could be a issue with KaTex on Dev.to that renders badly apexes and subscripts.

1. 14

While suckless as a way to build software is definitely interesting (and a lot of the benefits of suckless come from disregarding edge cases, internationalization and accessibility), I’d argue that suckless as a project is something one should handle really carefully.

They’re doing literal torch hikes through southern Germany at their conferences, fighting online against “cultural marxism”, and their mail server has the hostname “Wolfsschanze” (see: https://twitter.com/pid_eins/status/1113738766471057408)

I recommend reading this thread (with a suckless.org developer with enabled hat speaking officially) and looking at this photo from one of their conferences.

1. 19

The topic pops up here and there, and one should always consider that Lennart Poettering used this bait to easily escape from a discussion about his software that I personally think should take place. Suckless is not directly a coherent group and more of a group of like-minded individuals, so I’m careful to speak “for” the project even though I’m first chair of the legal entity suckless.org e.V..

What I can say is that we are probably one of the very very few software projects left that do not politicize. We have members from all political spectrums, but make it work, because we only discuss software and nothing else. Those disagreeing with us or unaccustomed to non-political software projects try to put us into a corner, but it makes no sense when it is used to disregard the suckless philosophy itself, which is non-political.

Torch hikes are nothing unusual in Germany and there was no political intent behind it. Though I do understand now that it might send a different message worldwide, I expect more cultural sensibility from every observer before “calling us out” for allegedly re-enacting nazism or celebrating a Charlottesville march, which is a ridiculous assessment.

1. 23

One should always consider that Lennart Poettering used this bait to easily escape from a discussion about his software that I personally think should take place.

Perhaps, but I don’t think calling out getting emails from a wolfsschanze host is that unreasonable to be honest; as I mentioned in my other post I’m not going to attach far-fetched conclusions to it but I do find it in pretty bad taste. At any rate, to ask it plainly, what’s the deal that?

1. 3

There is no such thing as “non-political”, because we live in a society with power imbalances. Therefore not taking an explicit political stance, translates to implicitly supporting the status quo, whatever that status quo is in a given society at a given time. You’ll find that people in underrepresented demographics will largely avoid your project as a result, regardless of the political views among members of your project.

If supporting the status quo is what you intend to do, then that is one thing. But please stop presenting it as “non-political”, because that is simply not the reality of it. It only looks non-political if you yourself are in a position where the status quo benefits you. Which I am also - so this is not a personal accusation, to be clear. But it is something you need to be aware of.

1. 17

not taking an explicit political stance, translates to implicitly supporting the status quo

No no no, I cannot agree with that. Let’s take an example. I’m working on a crypto library, that on many aspects is very close to the Suckless ideals: it’s in C, it’s small, it’s easy to integrate into other projects… One of the motivations for it was to fight unnecessary complexity. A fairly political goal if you ask me: if software becomes as simple as I think it can (and should) be, the changes could be felt throughout the global economy itself.

My project also has an implicit endorsement of the status quo: it is written in English, and I have no intention to translate the documentation, or even the web site to other languages. Not even French, my native language. Sorry, you need to learn English to use my project. That’s kind of an implicit endorsement of US hegemony. Not that I’m very happy about that, but not fighting that fight does make me reinforce the ubiquity of the English language.

But there’s no way my project can have a stance on everything. Its stance on many many subjects is really neutral. It does not fight nor reinforce the status quo. Veganism? Patriarchy? White supremacy? I hardly have a community to speak of, there’s just not enough people to warrant something like a code of conduct. That does not mean my project implicitly rejects vegan transgender black women. In fact, I do hope they’ll feel as welcome as anyone else. And right now, I believe being nice to whoever contacts me is enough.

1. 8

I couldn’t have put it better, thanks for sharing your thoughts. I always like to consider the example of Chemistry: In the 19th and 20th century, German scientists were leading in chemistry and most papers were published in German. Chemistry students were more or less forced to learn German to understand these papers, and German became the lingua franca of Chemistry, which has changed to English though.

In computer science, English is the lingua franca. I don’t think it’s exclusionary to only offer software documentation and code comments in English.

2. 7

That is a good point and I understand what you mean with that. For our conferences, we actually offer those who are unable to attend due to financial reasons to pay their travel expenses and accomodation for them, which was greatly appreciated especially by younger programmers who often don’t have the means to fund such a travel.

Apart from income differences, that might be a deciding factor being unable to attend a conference and meeting like-minded people, I see no other factors that might hinder someone from joining us. You basically only need an internet connection and a computer. The computer doesn’t even need to be that fast, unlike if you, for instance, intended to work with deep learning software.

And if you still criticize the conferences for being exclusionary in some way: Most communication takes place on a mailing list and IRC, many people use pseudonyms. Factors like race, country of residence, gender are thus irrelevant and even non-determinable, if you choose to, and the development on mailing lists and IRC is the main way development happens and there’s no need to do anything else to partake or make submissions.

So, again, I know what you mean, but suckless is not an example for a project supported by the status quo. Most people disregard suckless as too extreme in terms of software philosophy and conclude that we would also be extreme in other areas of life, but suckless, for me, is software zen, and everyone is welcome to adopt this philosophy.

1. 5

Factors like race, country of residence, gender are thus irrelevant and even non-determinable, if you choose to, and the development on mailing lists and IRC is the main way development happens and there’s no need to do anything else to partake or make submissions.

This is a common point of view among those in privileged demographics. However, it is also a misunderstanding of how underrepresented people in demographics actually choose where to hang around and contribute, and why.

Imagine for a moment that you are someone in a demographic who’s frequently a target of harassment. The exact demographic doesn’t matter much - maybe you’re black, or you’re a woman, or you’re transsexual, or whatever else. But for the sake of the example, imagine that you are a woman.

Now, there are two different communities for you to choose from:

1. A community that says “we don’t police member’s politics, this is purely a tech project”.
2. A community that says “we actively welcome women”.

Where are you going to feel safer? In the second community - because there, it’s clear that if someone finds out you’re a woman, them harassing you over it isn’t going to be tolerated and the harasser is going to be thrown out.

In the first community, you just kind of have to stay quiet about your identity, have everyone assume that you’re a guy, and hope that no-one finds out the truth. If they do - maybe there’s some persistent stalker following you around and posting about you in every community you join - you can basically predict ahead of time that harassment and other discriminatory behaviour is not going to be acted upon, because “people’s own politics are not policed”.

In a way, there are parallels here to how gay people are “tolerated” in many countries. It’s “fine so long as you don’t bother me with it”, which effectively means that you cannot speak about it publicly or have a public relationship with someone of the same sex, because then the cover falls away and you are no longer “okay”, because your identity can no longer be ignored. Harassment (and often violence) promptly follows.

“Don’t ask, don’t tell” policies like this don’t make for healthy, diverse environments. They make for environments in which the status quo is preserved, and where the only way to be vaguely safe as a minority is to never tell anyone that you don’t fit into that status quo. This is not inclusive, and it absolutely does support the status quo. Those who fall outside of it will silently move on to healthier communities.

I would like it if “who you are doesn’t matter, it’s about the project” were the reality, I really would. But that just isn’t how things work by default in a society with power imbalances, and the only way to get there is by actively enforcing it - and that means taking a political stance, one that disavows discriminatory behaviour and harassment.

1. 12

Now, there are two different communities for you to choose from:

1. A community that says “we don’t police member’s politics, this is purely a tech project”.
2. A community that says “we actively welcome women”. Where are you going to feel safer?

I don’t know how the suckless community is, but I am convinced that, if I had a dime for every company, group or project that claimed to “actively welcome women” or “promote equal opportunity for everyone” or “have a zero tolerance” towards discrimination, sexual harassment or any other one of the multitude of abhorrent behaviours that plague our industry – and then turned out to be cesspools of prejudice and discrimination, I would be so outrageously rich that even thinking about it is embarrassing.

(FWIW, in addition to witnessing it enough times that it’s part of why I seriously contemplated switching careers at one point, I have some first-hand experience with some of that: my most useful skill, career-wise, has been an impeccable accent. Slightly Irish-sounding (which lots of folks in the US seem to fetishize for some reason), which I developed purely by accident (I’m from nowhere near Ireland, I’ve never been there, and I am not a native English speaker) and is extremely embarrassing every time I’m talking to someone who has a real Irish accent. I certainly had it easier than my black or hispanic colleagues – most Western managers of various importance in the corporate hierarchy could immediately identify them as worthy of contempt, whereas in my case it could take weeks before they realized I’m not a white expat, just some Eastern European programmer.

Edit: in case anyone’s wondering – the reason why I can be so light-hearted about it is that, for better or for worse, this experience has been largely confined to the workplace, after-work drinks, conferences and the like. I got to live with it for like 40 hours a week at most, and never really got a taste of it before well into adulthood. I always had alternatives and always had refuge – I could always put up with it on my own terms, which most people can’t)

Coming from a culture whose closet is not devoid of skeletons in this department, either, I certainly agree that the mere act of not discussing race, or gender, or ethnicity is in itself a privilege that not everyone has. And that it’s up to every one of us to actively fight discrimination, and to make the world safer and more inclusive for those whose voices are silenced by intolerance. But I don’t think it’s reasonable to ask people to integrate that in every single thing they do. Even activists don’t fight the good fight 24/7, I don’t think it’s unreasonable that some people choose to do it only to a limited extent, or in a possibly misguided way, as part of their hobby project.

1. 9

I might’ve been a bit unclear. A don’t-ask-don’t-tell approach can be taken by members, if they prefer (many communities don’t provide that luxury and e.g. require clear-name-contributions), but doesn’t have to be. We just don’t care about genders or other aspects other than your coding skills. I see that you have a different opinion on this, which is cool, but the suckless philosophy does not extend beyond software aspects and I personally (not speaking for the group) don’t see a reason to extend that.

1. 5
1. A community that says “we don’t police member’s politics, this is purely a tech project”.
2. A community that says “we actively welcome women”.

The two may not be mutually exclusive. Although there’s certainly a huge overlap, there’s a difference between advocating the revocation of women’s right to vote, and actually harassing women in a particular group, be it an open source project or a chess club.

A president of a chess club, or a maintainer of an open source project, can hardly be expected to be aware of the political views of the members, no matter how extreme. He could pry, but that would be uncomfortable for many people, and ultimately exclusionary. We could do it anyway, and define the range of acceptable political opinions, and exclude the outliers. We could exclude traditionalists, or we could exclude gay marriage supporters. We could exclude white supremacists, or we could exclude black panthers sympathisers.

In my opinion this would be neither ideal nor possible. As long as people stay courteous and focus on working towards whatever common goal the group has, we could actually have, say, gay and homophobic people working together. So we probably want to define a range of acceptable behaviours instead. For instance, revealing your sexual preferences is generally acceptable (unless maybe you’re too loud about this), and revealing your contempt for people who don’t share that preference is generally not.

That’s what codes of conduct ultimately do: they don’t talk about the politics one might have outside of the group, they define a range of acceptable behaviours within the group. Yes, that range will tend to filter out people with some particular political opinions. Few white supremacists will follow a black maintainer. But I would think real hard before I make that filter explicit.

I’ve seen it done, and it’s not pretty. I’ve heard of someone being disinvited from some conference because of their political beliefs, even though they (allegedly) never let them seep through or ever behaved inappropriately. I have also heard of someone being fired over their sexual practices (at the behest of SJW, ironically). And at the same time, some people who seem to engage in genuinely harmful behaviour (such as straight up sexual harassment) are not excluded. My suspicion? Enforcement goes after the easy targets, instead of going after the important ones.

1. -5

we could actually have, say, gay and homophobic people working together.

Honestly, this free speech absolutism is whack and that’s why I’m out.

You don’t know what the fuck you’re allowing. I do - you’re allowing someone who literally spreads hate to walk into work, meekly get some shit done, then go home to post on the internet how trans people are all pedophiles and should be killed.

Fact is, you can’t divorce your life from politics because where many of us stand, all minorities, live under the continuous threat that we’ll be murdered, denied service, beaten and reviled all because some free speech absolutist like you envisions a future where racists and their victims can work side by side.

My community just had their 12th death. Death because people like you continually give deference to allow our killers to bask in their hate speech until one of them spots us and brutally kills us.

You enable this. I’m so happy (not) to be the sacrificial lamb for your perverse ideology.

1. 2

we could actually have, say, gay and homophobic people working together.

Honestly, this free speech absolutism is whack and that’s why I’m out.

Who said anything about free speech? I never said hate speech should be allowed. Actually, I do believe we free speech should have limits (though I’m not sure exactly what those should be), and people who cross those limits should be punished.

The question is who should punish them, and how. Forums can (and most probably should) ban hate speech however they can. Police and Judges could intervene whenever appropriate. The worst offenders could be sent to jail.

Wholesale ostracism though? Exclusion from all groups, not just wherever they spread their filth? That’s a death sentence: no job, no home, no shelter. Are you prepared to follow through all the way? (Not a rhetorical question: sometimes, killing your enemy is the right thing to do. But this question is so fraught with self serving cognitive biases that one must be very careful about it.)

Then there are false positives. The guy who was fired over his sexuality? He practised BDSM. One way of putting it is that he liked to whip bound women. When he was outed, there was an SJW outcry about him being some twisted archetype of patriarchy that should be removed from any public position.

I don’t know the guy, I haven’t investigated, so I cannot presume. I’m not even certain this story is even true. But I guess this may have been a huge misunderstanding. See, done properly, BDSM is very careful about safe words, physical and psychological safety… everyone is supposed to enjoy this, including (perhaps even primarily) the bound and gagged “victim”. Being a good dom typically requires empathy and respect for their sub. Pretty far from the simplistic image of the misogynistic man taking pleasure from the suffering of women.

Going back to gays and homophobic working together, that probably requires that they are mutually unaware of their position. It’s when they do become aware of their position that we have a problem, and the group may have to make a choice. My first step would be something like “you don’t like them being gay? deal with it or get the fuck out”. If it’s just gay people being uncomfortable, we may need to know why. If it’s because the other dude displayed an homophobic attitude within the group, that’s pretty obvious grounds for exclusion. If it’s because gay people learned of his views outside the group, this is more delicate, and I honestly have no right answer.

The problem is made even harder because actual bullying, embarrassment, and other inappropriate behaviour within a group, are often hard to see for anyone but the victim. Hence the temptation to rely on more visible, but less reliable, external signs.

For instance, let’s imagine: religious people and atheists working together in the same group. One atheist have written in their blog about how religion is stupid, unfounded, and how religious people are either critically misinformed, or just plain delude themselves. Oh and by the way if there is a God, it’s morals are highly questionable at best. So there we go: no personal insult, but a harsh criticism and a good dose of blasphemy.

Should we exclude this atheist from a chess club because some religious people in that club feel uncomfortable being next to someone who has written a blasphemous pamphlet? Should we exclude the religious people from the club because wearing a cross, a star, or a scarf makes the atheist uncomfortable? Depending on who you ask, you’ll have very different answers.

2. 4

On the other hand, I don’t think it’s realistic to expect every project to look in depth at difficult social problems and form some sort of consensus on how to best deal with it.

You’ll find that people in underrepresented demographics will largely avoid your project as a result

Why would that be the case?

1. -4

On the other hand, I don’t think it’s realistic to expect every project to look in depth at difficult social problems and form some sort of consensus on how to best deal with it.

I think that’s entirely reasonable. This is pretty much the basis of community management in general. It doesn’t even need to be done by the core developers, but someone in the community needs to do it, if you want a healthy community.

Why would that be the case?

Because they know that their safety is not assured in communities that refuse to take an active stance against bigotry of various kinds. I’ve gone into more detail about this in this other subthread.

1. 4

Because they know that their safety is not assured in communities that refuse to take an active stance against bigotry of various kinds.

But there is a difference between belief and action. If someone is actually doing something bad within the project then obviously that’s an issue. If someone just believes something you disagree with (whether you label it bigoted or not) then refusing to work with them in a non-political atmosphere just makes you seem like a bit of a dick, IMO.

2. -4

There’s no such thing as “non-political” software projects because any political actor can decide that the way your software project run things is bad and should be made to change. And if you resist this, you find yourself in a political conflict, even if you didn’t want to be.

1. 1

Why would you care what a political actor thinks about your free software project? Do you mean an actual national politician? Why would they be concerned with a free software project?

1. 1

No, anyone trying to argue that a software project should change their practices for political reasons is a political actor with respect to software, not just national politicians. Tech industry activists are political actors. joepie91 in this thread is a political actor. I’m a political actor too, for trying to prevent other political actors from carrying out their will.

3. -1

What are you doing to keep this kind of toxic behaviour from forming inside of the suckless communities you participate in?

You have not denied that these people exist in your community. How are they not a problem for you?

1. 3

Calling people toxic, I think, is the wrong approach. What matters is how people behave in the context of the community. I couldn’t care less about their private political/social/other endeavours as long as it doesn’t affect their actions within the community.

I don’t know why there is such a push to politicize software projects, from the inside and outside. It may make something look more homogenous on the outside, but I believe it mostly creates social stress and shifts the focus on issues that shouldn’t be a problem in the first place. But this is just my opinion, and I don’t think there’s a true or false answer to that. It heavily depends on your Weltanschauung.

1. 1

I’m sorry, my first approach was a bit antagonistic and too political because I tried to keep my questions short.

People sometimes express their political ideologies in behavioural ways, which might cause exclusion and secularity in the communities that they take part in. I haven’t been much in contact with the suckless community, although I have used and I respect the software and the philosophy, but I have seen communities suffer this. I have no prejudice, but toxic (extreme, hateful) ideologies do lead to toxic behaviour, especially in like-minded groups where it can be cultured. This is why people feel the need to keep them from spreading to their own group.

Have you noticed any exclusive or secular behaviour in the suckless communities that you take part in? If yes, what have you been doing to counter it?

1. 2

Have you noticed any exclusive or secular behaviour in the suckless communities that you take part in? If yes, what have you been doing to counter it?

No, I’ve never seen such secular behaviour like that. The conferences we organize have always been very harmonic and there was never such a push or even a culturation. Thanks though for elaborating what you meant, and I have to say that I’ve seen this problem occuring within other communities. I am and will be very careful that this won’t happen within our community.

4. 20

I was subscribed to the suckless mailing list for a long time (though no longer, simply out of disinterest), and never had the impression I was dealing with a group of extremists (other than a rather extreme take on software). I don’t recall any political discussion off-hand, and would certainly have unsubscribed if people started ranting about “cultural Marxism” and the like.

I read the Lobsters thread you linked and there are many things I personally don’t agree with, but I also find it’s a lot more nuanced than what you’re suggesting (specifically, there was a lot of confusion what was even intended with “Cultural Marxism”). I saw that on HN you (or someone else?) linked to an old tweet of yours that screenshotted just the initial “Cultural Marxism” mention of FRIGN, and I think that’s unfairly out of context. That’s not a defence of the contents if his posts, only a defence of treating people with fairly and with kindness.

I find putting the picture of the torches next to literal Nazis and the “Unite the Right” rally incredibly tasteless and offensive. Note the suckless event happened before the Charlottesville march (not that it really matters). [edit: incorrect, see follow-up]. I’ve done torch hikes – they’re actually used to celebrate the end of Nazi occupation in my home town every year and participated regularly. I’ve also done them with scouts just for the fun of it. Maybe some day someone will dig up a picture of that too and put it next to a bunch of Nazis to prove a point… I’m very disappointed anyone would try to make a point like that, here or elsewhere. This part of your post in particular is really bad in many ways IMHO; it’s really not acceptable to just sling around grave insinuations like that based on a friggin’ contextless photo of what is almost certainly just a harmless social event.

The mail server belongs to an individual (@FRIGN here). I agree it’s in very bad taste, offensive, and that Poettering was completely right in calling that out, but it’s hardly proof that “they’re a bunch of Nazis”. I find the jump from “edgy hostname” to “literal neo-Nazis” a bit of a leap.

I doubted for a long time if I should post this reply as it has the potential to spark a long heated discussion, but I find public casual comparisons to Nazis in particular serious enough to warrant something of a rebuttal.

1. 6

Note the suckless event happened before the Charlottesville march (not that it really matters).

I just want to comment on this one factual point, according to the suckless website this event happened in September 2017, just a couple of weeks after Charlottesville.

https://suckless.org/conferences/2017/

I do think the proximity in time to the Unite the Right rally is important, especially given the insistence that they were just enacting a German cultural practice.

1. 6

Oops, I checked the website and I misread that date as being on “2017-01-03”, instead of “2017-09-(01-03)”. How silly 😅🤦‍♂️

I’m not sure it matters all that much though; it still seems incredibly tenuous at best. This happened on the other side of the world and I’m not sure if the entire world should tip-toe around sensitive topics in the United States. Were these people even aware of Charlottesville? And to what degree? Me, personally, I mostly stopped following US news since the 2016 election as I find it emotionally draining and serving little purpose as it’s not in my power to do something about anyway.

Either way, I’d sure like to see some more evidence exactly because I take it serious: you just don’t go around insinuating people of such serious things with such slim “surely it can’t be coincidence…” type of stuff.

1. 30

I was at the torch hike and hadn’t even heard of the Charlottesville marches then. When I heard the accusation that we in some way celebrated it, which would make no sense in the context of a software conference, I first had to look up what they were.

The thing is, Americans tend to overestimate the importance of domestic events like the Charlottesville marches and think that nothing happens in the whole world and, e.g., we Germans are just sitting at home and waiting for something to happen in the USA to witness it.

The truth, and I think everyone would agree that this also makes much more sense, is that torch hikes are perfectly normal in Germany. I have an understanding for this cultural misunderstanding, and I’ve been guilty of those, as well, but it doesn’t help when one continues to spread this nonsense that this torch hike was some political event every time suckless is discussed here.

To give an example for how normal torch hikes in Germany are, there is a so-called Sommertagszug in the Kurpfalz which also involves torch hikes at night. They are also offered by tourist organizations, e.g. Breitbach Klamm.

1. 8

What’s with the mail server host name though? Do you think that’s fine?

1. 2

It bothers me that he is actively ignoring this question and by saying nothing, he is saying enough.

2. 2

As an American, thanks for sharing your perspective. It makes me wonder if the Internet, and particularly social media, make it too easy to carelessly make connections between things that should remain disconnected. Maybe Facebook’s stated mission of making the world more connected (whether or not that’s their real mission) isn’t a totally good thing.

1. 5

It definitely comes at a cost. Still, as I could see from my own experience, after a few years one gets more careful with culture-relative judgements. There are still many things Americans do that I don’t quite understand or find interesting.

To give an example, I found out a few years ago that the German “mhm” (i.e. the expression to acknowledge you are listening to someone while he speaks) is often interpreted by Americans as a “huh?”. You could imagine how much confusion that caused.

Cultural differences are valuable, though, and I would not want to miss them, even if they become troublesome. I can imagine an American coming to Germany to experience a torch hike and liking it.

1. 0

To give an example, I found out a few years ago that the German “mhm” (i.e. the expression to acknowledge you are listening to someone while he speaks) is often interpreted by Americans as a “huh?”. You could imagine how much confusion that caused.

I have never in my life seen or heard “mhm” interpreted as “huh?”, and while I’m just one American and this is anecdotal I’ve lived in three fairly distinct regions of the USA.

1. -1

German “mhm” is very distinctly different to American “mhm”. I wouldn’t know how to describe it in words, though.

1. 0

It’s it very distinct from the British “mhm”?

2. 1

Going on a torchlit hike at night sounds fun to me in the abstract, and also like the sort of activity that could hardly be unique to any one place, time, or culture. For ages before the invention of electric flashlights, how else were human beings supposed to light their way when walking around at night, wherever in the world they happened to be? I was unaware that some people associated the practice of going on torchlit hikes with specifically the NSDAP (or maybe just going on a torchlit hike while being an ethnic German??) until I saw people mentioning it in the context of suckless. Even if it’s true that the historical Nazis practiced torchlit hikes (which I assume is true, because I think it would be very easy for any group in human history to do so), I don’t think that confers any obligation on people alive today to refrain from it, any more so than Adolf Hitler’s famous vegetarianism confers any obligation on people today not to be vegetarians.

1. 3

I agree. I’m pretty well read on the topic, including having read Shirer’s “Rise and Fall of the Third Reich,” and I hadn’t heard about the association between torchlit hikes and Nazis before it was brought up in the context of suckless either. If I’m actually educated on the topic and still didn’t know about it, how could I really expect others to know about the association?

Personally, a torchlit hike sounds like a blast to me. If the opportunity presented itself to me, I would absolutely participate.

I agree with others in this thread that people are generally way too quick to bring up Nazi associations. I like to think I’m not naive about it either, since there are trolls and Nazis online that like to play these kinds of games. But I personally expect some pretty firm evidence before I’m willing to entertain Nazi accusations seriously. It’s a pretty serious thing to say.

2. 9

As an engineer child of social scientists, I’ve concluded that mental models like that are basically what you get when you take an engineering approach to social systems to its logical conclusion without considering people as, well, people. You end up with very efficient, streamlined, rational systems that place no value upon the people who are crushed in the process. It’s a simple, effective solution to the very complicated problem of human society, and it makes the complicated problem simple by saying “the people on the losing side don’t matter”. You can see this approach working efficiently and effectively all throughout human history, usually in the form of mass graves.

Everything should be made as simple as possible, but no simpler.

1. 3

Because I can’t be sure which comment you’re replying to (AFAIK there’s no “parent” link for comments here), can you please clarify what you mean by “mental models like that”?

1. 4

Sorry, I was talking about mental models such as the ones described by this comment: https://lobste.rs/s/nf3xgg/i_am_leaving_llvm#c_01mpwm . Essentially “we are not going to worry about equity and equality because it is irrelevant to the problem we are actually trying to solve”. Works fine when the problem you are trying to solve is “design a machine that does a particular thing well”, but ignores lots of ugly externalities when it comes down to the social structures and organizations of the people actually doing the design. Like unfettered free-market capitalism, it sounds ideal in theory and that makes it an appealing position. But my observation has been that it works great for the people already powerful enough or lucky enough to be unaffected by those externalities, and does not actually make the world a better place for anyone else.

2. 3

Extremes are rarely good. There should not be an aura of aggressivity around any project.

1. 1

They’re doing literal torch hikes through southern Germany

I have no idea what holding torches might mean in this context. Could you explain, or provide links?

1. 6

It looks like one of those things Nazis ruin for everyone - https://www.theatlantic.com/politics/archive/2017/08/why-they-parade-by-torchlight/537459/. Whether that is intentional on the part of the suckless folks, is not clear to me.

The other top hit I got when googling was a torchlit tourist hike through Partnach Gorge in Garmisch-Partenkirchen. I’ve been to that gorge (not by torchlight) and it’s pretty cool!

1. 23

Very impressive. Does it put images literally everywhere except the one place I want them to go?

1. 7

Admittedly, I never understood this behaviour until I wrote a thesis in LaTeX. Then the figure-floating-behaviour makes total sense.

1. 2

Could you please elaborate more on this?

1. 7

The float behaviour builds on LaTeX’ goal to have a harmonic typesetting result. Not to go to deep, you can give one or more of the “intents” “h” (here), “t” (top of page), “b” (bottom of page), “p” (full page) to a figure, which gives LaTeX the freedom to place the figure at the given positions. Using the intent “H” or even “H!” makes sense in some cases, but really is a misuse of the floating environment.

The idea is that you often end up with multiple figures in one place. LaTeX really watches out that figures don’t float too far away and even considers things when you have a multipage-document, such that e.g. your text is on page N and your two figures are on page N+1. It looks horrible in the editor, but if you look at the final printed out version you realize the motivation. But even if you don’t print it: Using this heuristic prevents too many figures from being in one place. What if you add more content at the front and it shifts half a page? Manually adjusting floats is almost impossible. With floats you just don’t have to worry about that.

I always use [htbp] for my figures for that reason.

1. 2

I always use [htbp] for my figures for that reason.

Oh god thesis writing flashbacks…

2. 2

Not GP but having also written a thesis in LaTeX, it’s pretty sensible. You place your \begin{figure} where it’s relevant and the image will end up positioned probably at the top or bottom of the page where you put that directive. If you have a lot of figures it will set aside entire pages for figures. Alternatively you can override it with various placement specifiers (including “put it right here”).

This avoids the two main problems you get with word processors like MS Word or LibreOffice Writer:

1. If you attach your image to text position you can get strange outcomes like a page with a one line of text, a figure, then the rest of the text below it
2. If you attach your image to page position it can end up several pages away from where it’s actually referenced
2. 3
<img src="cat.jpg"/>[!H]

1. 1

Does it put images literally everywhere except the one place I want them to go?

What do you mean? LaTeX puts images exactly where you put them, always. An image is just like a big character and it strictly follows the flow of your text. Unless you explicitly request a floating environment, LaTeX will never put an image anywhere else as it appears in your source document.

1. 4

I always worried about web browsers & web protocols being compromised in a manner that made ad blocking difficult. But with the recent advances in image recognition technology, some technically inclined people would be able to make something that could detect the image & sound of an ad and block it out in real time. Something no amount of software subversion could stop someone from doing.

I was able to train a neural net to detect nude & semi nude images of women, and remove them automatically. I browsed some fitness forums at the time where people would use explicit images to garner attention, and it was getting pretty tiresome. I got a web server set up that received URLs of the images from a chrome extension, loaded the images in and classified them. Based on the response from the web server, the chrome extension would add the hidden class to those images. It actually worked incredibly well, and it wasn’t hard to accomplish. I think this proves that something more sophisticated would would work - maybe live streaming what is on a computer screen and overlaying black boxes to protect the user from unwanted adverts. I dream of a world where I can put in noise cancelling headphones and augmented reality glasses and get annoying Mega Corp Chocolate Burger advertisements surgically removed from my life.

1. 6

Really interesting approach! Thing is, though, the ad companies are getting more creative by the day. A few years ago, my local tram operator thought about introducing bone-vibration ads on tram windows. The idea was that when those poor people tiredly return from their 9 to 5 jobs they would lean their head against the windows while sitting there and then “be able to experience” (more like “suffer through”) ads this way.

In this regard, noise cancelling headphones are not enough any more.

1. 1

Does this still work if you put a pillow or other thick fabric between your body and the window?

1. 1

1. 12

This is interesting, and I think I agree with many arguments when it comes to the reasons java, OCaml, Haskell, Go, etc. haven’t replaced C. However the author cites rust only briefly (and C++ not at all?) and doesn’t really convince me why rust isn’t the replacement he awaits: almost all you can do in C, you can do in rust (using “unsafe”, but that’s what rust is designed for after all), or in C++; you still have a higherer-level, safer (by default — can still write unsafe code where needed), unmanaged language that can speak the C ABI. Some projects have started replacing their C code with rust in an incremental (librsvg, I think? And of course firefox) because rust can speak the C ABI and use foreign memory like a good citizen of the systems world. Even C compilers are written in C++ these days.

To me that’s more “some were meant for no-gc, C ABI speaking, unsafe-able languages” than “some were meant for C”. :-)

1. 17

Besides Rust, I think Zig, Nim, and D are strong contenders. Nothing against Rust, of course, but I’m not convinced it’s the best C replacement for every use case. It’s good to have options!

Nonetheless, I imagine C will linger on for decades to come, just due to network effects and economics. Legacy codebases, especially low-level ones, often receive little maintenance effort relative to usage, and C code is incredibly widespread.

1. 15

I love Rust, but I think Zig and D (in the ‘better C’ mode and hopefully their new borrow checker) are closer to the simplicity and low-level functionality of C. Rust is a much nicer C++, with simpler (hah!) semantics and more room to improve. C++ is, unfortunately, a Frankenstein monster of a language that requires a 2000 page manual just to describe all the hidden weird things objects are doing behind your back. Every time I have to re-learn move semantics for a tiny project, I want to throw up.

1. 3

i was also wondering, while reading the article, how well ada would fit the author’s use case (i’m not at all familiar with the langauge, i’ve just heard it praised as a safe low-level language)

1. 1

The lot of them! It was kind of a large gap between C and Python/Perl/Ruby/Java.

1. 12

Maybe I’m the archetype of a C-programmer not going for Rust. I appreciate Rust and as a Mathematician, I like the idea of hard guarantees that aren’t a given in C. However, Rust annoys me for three main reasons, and these are deal-breakers for me:

• Compile time: This is not merely the language’s fault, and has more to do with how LLVM is used, but there doesn’t seem to be much push to improve the situation, either. It annoys me as a developer, but it also really annoys me as a Gentoo user when a Firefox compilation takes longer and longer with each subsequent Rust release. Golang is a shining example for how you can actually improve compilation times over C. Admittedly, Rust has more static analysis, but damn is it slow to compile! I like efficiency, who doesn’t? Rust really drops the ball there.
• Standard library/external libraries: By trying to please everyone and not mandating certain solutions, one is constantly referred to this or that library on GitHub that is “usually used” and “recommended”. In other cases, there are two competing implementations. Sure, Rust is a young language, but for that reason alone I would never choose it to build anything serious on top of it, as one needs to be able to rely on interfaces. The Rust developers should stop trying to please everybody and come up with standard interfaces that also get shipped with the standard install.
• Cargo/Package management: This point is really close to the one before it: Cargo is an interesting system, but really ends up becoming a “monosolution” for Rust setups. Call me old-fashioned, but I like package managers (especially Gentoo’s) and Cargo just works around it. When installing a Rust package, you end up having to be connected to the internet and often end up downloading dozens of small crates from some shady GitHub repos. I won’t make the comparison with node.js, given Cargo can be “tagged” to a certain version, but I could imagine a similar scenario to leftpad in the future. Rust really needs a better standard library so you don’t have to pull in so much stuff from other people.

To put it shortly: What I like about C is its simplicity and self-reliance. You don’t need Cargo to babysit it, you don’t need dozens of external crates to do basic stuff and it doesn’t get in the way of the package manager. I actually like Rust’s ownership system, but hate almost anything around it.

1. 16

C doesn’t even have a hash table. It needs more external libraries to do basic stuffs, not less.

1. 5

See, I feel the exact opposite when it comes to Cargo vs. system’s package manager: managing versions of libraries using your system’s package manager is a royal pain in the ass or outright impossible when you have multiple projects requiring different versions of a library. In my experience with C and C++, you’ll end up using CMake or Meson to build exactly the same functionality that Cargo deploys for you, at a much higher cost than just adding one line in a configuration file.

In fact, my biggest gripe with C and C++ is that they still depend on a 3-step build system (preprocessing, compiling, linking) each of which requires you to specify the location of a group of files. I get why having header files was attractive in the 1970s when you counted your computer’s memory in KBs, but it makes writing and maintaining code such a pain in the ass when compared with a modern module system.

The funniest bit is I used to consider all these things as ‘easy to deal with’ when all I did was write C/C++ code 15 years ago. Nowadays, having to switch from Go, Rust or any other language to C for a small project makes me want to cry because I know I’ll spend about 20% of the time managing bullshit that has nothing to do with the code I care about.

1. 9

Build systems in C give a feeling of craftsmanship. It takes a skill to write a Makefile that correctly supports parallel builds, exact dependencies, interruptions and cleanups, etc. And so much work into making it work across platforms, and compilers.

And then Cargo just makes it pointless. It’s like you were king’s best messenger trained to ride the fastest stallions, and Cargo’s like “thanks, but we’ve got e-mail”.

1. 2

LOL, I guess it’s a matter of age. When I first started programming, I’d love all that stuff. I can’t count how many libraries and tools I re-implemented or extended because they didn’t do something exactly the way I wanted it. Or the nights I spent configuring my Linux machine to work just right. Or the CPU time I spent re-encoding all of my MP3 collection to VBR because it’d save 5% of storage.

Now, I learned Cargo for a tiny project and I keep swearing every time I have to start a Python virtualenv because it’s just not easy enough, goddammit!.

2. 2

This is a fair criticism of C, personally I would love to see a set commonly used data structures added to the C standard library. However, currently in the C world you either write your own or use something like glib, neither of these cases require the equivalent of Cargo.

1. 4

However, currently in the C world you either write your own or use something like glib, neither of these cases require the equivalent of Cargo.

Neither does using the Rust standard library, which also has a hash table implementation (and many other useful data structures). You can just use std and compile your project with rustc.

1. 1

We’re talking about dependencies in general, not just hash tables. FRIGN’s point is that the Rust standard library is lacking, so you end up needing crates.

1. 3

But you and FRIGN are complaining about the Rust standard library compared to C. The Rust standard library is much more comprehensive than the C standard library or the C standard library + glib. So, the whole point seems to be void if C is the point of comparison.

If you are comparing to the Java standard library, sure!

1. 1

But you and FRIGN are complaining about the Rust standard library compared to C.

Not really. The point being made is that a typical Rust application has to download a bunch of stuff from Github (crates), where as a typical C application does not.

1. 8

That’s just because it’s convenient and most people don’t really care that it happens. But it’s not inherent to the tooling:

$git clone -b ag/vendor-example https://github.com/BurntSushi/ripgrep$ cd ripgrep
$cargo build --release  Other than the initial clone (obviously), nothing should be talking to GitHub or crates.io. You can even do cargo build --release --offline if you’re paranoid. I set that up in about 3 minutes. All I did was run cargo vendor, setup a .cargo/config to tell it to use the vendor directory, committed everything to a branch and pushed it. Easy peasy. If this were something a lot of people really cared about, you’d see this kind of setup more frequently. But people don’t really care as far as I can tell. where as a typical C application does not When was that last time you built a GNU C application? Last time I tried to build GNU grep, its build tooling downloaded a whole bunch of extra goop. 1. -2 Nice strawman, I said a typical C application, not a typical GNU C application. 1. 5 TIL that a GNU C application is not a “typical” C application. Lol. 1. -1 None of the C code I’ve worked on was written by GNU, and most of the C code out in the real world wasn’t written by GNU either. I find it frankly bizarre that you are seriously trying to suggest that GNU’s practices are somehow representative of all projects written in C. 1. 3 You said “a typical C application.” Now you’re saying “representative” and “what I’ve worked on.” If the implementation of coreutils for one of the most popular operating systems in history doesn’t constitute what’s “typical,” then I don’t know what does. Talk about bizarre. Moreover, you didn’t even bother to respond to the substance of my response, which was to point out that the tooling supports exactly what you want. People just don’t care. Instead, you’ve decided to double down on your own imprecise statement and have continued to shift the goal posts. 1. 0 and most of the C code out in the real world wasn’t written by GNU either. ^ typical I don’t have the time or patience to debate semantics though. As for your other point, see FRIGN’s comment for my response. (It doesn’t matter what’s possible when the reality is random crates get pulled from github repos) 2. 1 C doesn’t even have a hash table. Why do you say “even”? There are many hash table implementations in C, with different compromises. It would be untoward if any of them made its way into the base language. There are other things missing in C which are arguably more fundamental (to me) before hash tables. It is only fair if all of these things are kept out of the language, lest the people whose favorite feature has not been included feel alienated by the changes. 3. 15 but there doesn’t seem to be much push to improve the situation Definitely not true. There are people working on this and there has been quite a bit of progress: $ git clone https://github.com/BurntSushi/ripgrep
$cd ripgrep$ git checkout 0.4.0
$time cargo +1.12.0 build --release real 1:04.05 user 1:51.42 sys 2.282 maxmem 360 MB faults 736$ time cargo +1.43.1 build --release

real    19.065
user    2:34.51
sys     3.101
maxmem  740 MB
faults  0


That’s 30% of what it once was a few years ago. Pretty big improvement from my perspective. The compilation time improvements come from all around too. Whether it’s improving the efficiency of parallelism or micro-optimizing rustc itself: here, here, here, here, here, here or here.

People care.

The Rust developers should stop trying to please everybody and come up with standard interfaces that also get shipped with the standard install.

That’s one of std’s primary objectives. It has tons of interfaces in it.

This criticism is just so weird, given that your alternative is C. I mean, if you want the C experience of “simplicity and self-reliance,” then std alone is probably pretty close to sufficient. And if you want the full POSIX experience, bring in libc and code like its C. (Or maybe use a safe interface that somebody else has thoughtfully designed.)

When installing a Rust package, you end up having to be connected to the internet

You do not, at least, no more than you are with a normal Linux distro package manager. This was a hard requirement. Debian for example requires the ability to use Cargo without connecting to the Internet.

Yup, the way the crates.io model works means the burden of doing due diligence is placed on each person developing a Rust project. But if you’re fine with the spartan nature of C’s standard library, then you should be just fine using a pretty small set of well established crates that aren’t shady. Happy to see counter examples though!

but I could imagine a similar scenario to leftpad in the future.

The leftpad disaster was specifically caused by someone removing their package from the repository. You can’t do that with crates.io. You can “yank” crates, but they remain available. Yanking a crate just prevents new dependents from being published.

Rust really needs a better standard library so you don’t have to pull in so much stuff from other people.

… like C? o_0

1. 10

This point is really close to the one before it: Cargo is an interesting system, but really ends up becoming a “monosolution” for Rust setups. Call me old-fashioned, but I like package managers (especially Gentoo’s) and Cargo just works around it.

C has just been in the luxurious position that its package managers have been the default system package managers. Most Linux package managers are effectively a C package managers. Of course, over time packages for other languages have been added, but they have mostly been second-class citizens.

It is logical that Cargo works around those package managers. Most of them are a mismatch for Rust/Go/node.js packages, because they are centered around distributing C libraries, headers, and binaries.

but I could imagine a similar scenario to leftpad in the future.

Rust et al. certainly have a much higher risk, since anyone can upload anything to crates.io. However, I think it is also an illusion that distribution maintainers are actually vetting code. In many cases maintainers will just bump versions and update hashes. Of course, there is some gatekeeping in that distributions usually only provide packages from better-known projects.

Rust really needs a better standard library so you don’t have to pull in so much stuff from other people.

You mean a large standard library like… C?

1. 3

C has just been in the luxurious position that its package managers have been the default system package managers.

This just isn’t true, if you look at how packages are built for Debian for example you will find that languages such as Python and Perl are just as well supported as C. No, the system package managers are for the most part language agnostic.

1. 5

This just isn’t true, if you look at how packages are built for Debian for example you will find that languages such as Python and Perl are just as well supported as C.

Most distributions only have a small subset of popular packages and usually only a limited number of versions (if multiple at all).

The fact that most Python development happens in virtual environments with pip-installed packages, even on personal machines, shows that most package managers and package sets are severely lacking for Python development.

s/Python/most non-C languages/

No, the system package managers are for the most part language agnostic.

Well if you define language agnostic as can dump files in a global namespace, because that’s typically enough for C libraries, sure. However, that does not work for many other languages, for various reasons, such as: no guaranteed ABI stability (so, any change down the chain of dependencies needs to trigger builds of all dependents, but there is no automated way to detect this, because packages are built in isolation), no strong tradition of ABI stability (various downstream users need different versions of a package), etc.

1. 5

No, most development happens in virtualenv because python packaging is so broken that if you install a package you cannot reliably uninstall it.

If we didn’t have a package manager for each language then the packages maintained by the OS would be more comprehensive, by necessity. Basically having a different packaging system for each programming language was a mistake in my view. I have some hope that Nix will remedy the situation somewhat.

1. 5

No, most development happens in virtualenv because python packaging is so broken that if you install a package you cannot reliably uninstall it.

I have no idea what you mean here. Can’t you use dpkg/APT or rpm/DNF to uninstall a Python package?

If we didn’t have a package manager for each language then the packages maintained by the OS would be more comprehensive, by necessity.

We are going in circles. Why do you think languages have package managers? Technical reasons: the distribution package managers are too limited to handle what languages need. Social/political reasons: having the distributions as gatekeepers slows down the evolution of language ecosystems.

I have some hope that Nix will remedy the situation somewhat.

Nix (and Guix) can handle this, because it is powerful enough to implement the necessary language-specific packaging logic. In fact, Nix’ buildRustCrate is more or less an implementation of Cargo in Nix + shell script. It does not use Cargo. Moreover, Nix can handle a lot of the concerns that I mentioned upthread: it can easily handle multiple different versions of a package and ABI-instability. E.g. if in Nix the derivation of say the Rust compiler is updated, all packages of which Rust is a transitive dependency are rebuilt.

As I said, traditional package managers are built for a C world. Not a Rust, Python, Go, or whatever world.

2. 4

The first problem is a technical one, unless Rust is doing things such that it can’t be compiled efficiently, but the latter two are cultural ones which point up differences in what language designers and implementers are expected to provide then versus now: In short, Rust tries to provide the total system, everything you need to build random Rust code you find online, whereas C doesn’t and never did. Rust is therefore in with JS, as you mention, but also Perl, Python, Ruby, and even Common Lisp now that Quicklisp and ASDF exist.

I was going to “blame” Perl and CPAN for this notion that language implementations should come with package management, but apparently CPAN was made in imitation of CTAN, the Comprehensive TeX Archive Network, so I guess this goes back even further. However, the blame isn’t with the language implementers at all: Packaging stuff is one of those things which has been re-invented so many times it’s bound to be re-invented a few more, simply because nobody can decide on a single way of doing it. Therefore, since language implementers can’t rely on OS package repos to have a rich selection up-to-date library versions, and rightly balk at the idea of making n different OS-specific packages for each version of each library, it’s only natural each language would reinvent that wheel. It makes even more sense when you consider people using old LTS OS releases, which won’t get newer library versions at this point, and consider longstanding practice from the days before OSes tended to have package management at all.

1. 7

Therefore, since language implementers can’t rely on OS package repos to have a rich selection up-to-date library versions, and rightly balk at the idea of making n different OS-specific packages for each version of each library, it’s only natural each language would reinvent that wheel.

This is right on the mark.

Sorry if this is a bit of a tangent, but I think it is not just a failing of package sets – from the distributor’s perspective it is impossible to package every Rust crate and rust crate version manually – but especially of package managers themselves. There is nothing that prevents a powerful package management system to generate package sets from Cargo.lock files. But most package managers were not built for generating package definitions programmatically and most package managers do not allow allow installing multiple package versions in parallel (e.g. ndarray 0.11.0 and ndarray 0.12.0).

Nix shows that this is definitely feasible, e.g. the combo of crate2nix and buildRustCrate can create Nix derivations for every dependency in a Cargo.lock file. It does not use cargo at all, compiles every crate into a separate Nix store path. As a result, Rust crates are not really different from any other package provided through nixpkgs.

I am not that familiar with Guix, but I bet it could do the same.

2. 3

Build times are important, and you’re right, Rust takes a while to compile. Given the choice between waiting for rustc to finish and spending a lot longer debugging a C program after the fact, I choose the former. Or, better yet, use D and get the best of both worlds.

1. 3

rust can be damn fast to compile, most rust library authors just exercise fairly poor taste in my opinion and tend not to care how bad their build times get. sled.rs compiles in 6 seconds on my laptop, and most other embedded databases take a LOT longer (usually minutes), despite sled being Rust and them being C or C++.

rust is a complex tool, and as such, you need to exercise judgement (which, admittedly, is rare, but that’s no different from anything else). you can avoid unnecessary genericism, proc macros, and trivial dependencies to get compile times that are extremely zippy.

1. 2

Thanks for your insights! I’ll keep it in mind the next time I try out Rust.

1. 1

Feel free to reach out if you hit any friction, I’m happy to point folks in the direction they want to go with Rust :)

2. 5

almost all you can do in C, you can do in rust

As an anecdata, I‘ve immediately recognized the snippet with elf header from the article, because I used one of the same tricks (just memcpying a repr(C) struct) for writing elf files in Rust a couple of months ago.

1. 2

I though about using rust to implement a byte-code compiler / vm for a gc’d language project, but I assumed that this would require too much fighting to escape rust’s ownership restrictions. Do you have any insight into how well suited rust is for vm implementation? I haven’t used the language much but I’d love to pick it up if I though I could make it work for my needs.

(I see that there’s a python interpreter written in rust, but I’m having trouble locating its gc implementation)

1. 5

I honestly don’t know, I have never written an interpreter. You probably can fall back on unsafe for some things anyway, and still benefit from the move semantics, sum types, syntax, and friendly error messages. I’m doing a bit of exploring symbolic computations with rust and there are also some design space exploration to be done there.

1. 2

IMO, Rust is just as good as C and C++ for projects like this, if not better thanks to pattern matching and a focus on safety (which goes far beyond the borrow checker). Don’t be afraid to use raw pointers and NonNull pointers when they are appropriate.

1. 2

Also, just saw this GC for Rust on the front page: https://github.com/zesterer/broom/blob/master/README.md

Looks like it’s designed specificly for writing dynamic languages in Rust.

1. 1

Oh cool! This looks super useful

2. 2

I wrote a ST80 VM in rust just to play around; the result was beautifully simple and didn’t require any unsafe code, though it doesn’t currently have any optimization at all. The result was still reasonably snappy, but I suspect that a big part of that is that the code I was running on it was designed in, well, 1980.

1. 2

I recently did a simple lisp interpreter in rust. Eventually decided to re-do it in c because of shared mutation and garbage collection.

1. 2

Rust works well for VM implementation. For GC, you may want to look at https://github.com/zesterer/broom.