1.  

      Yeah. Really should have been auto-merged at submission time, I think… @pushcx can you lend a hand?

    1. -2

      It’s Dendrite based, so I have doubts about the sustainability due to New Vector’s constant changes on Synapse breaking compat with everyone else; another sad manifestation of the perverse incentives preventing Matrix from being a stable and performant alternative.

      1. 20

        Wow, this is some quality FUD. We haven’t broken backwards compatibility ever on the Client Server API - you can spin up a Matrix client written pre-launch in 2014 and it should work fine with a 2020 Matrix server. On the Federation (Server-Server) API, we upgrade the room synchronisation protocol on a semi-regular basis using room versions (https://matrix.org/docs/spec/#id5)… and we’ve still kept backwards compatibility with the earlier room versions.

        For wider context: New Vector (NV) is the company set up by the original Matrix team which sponsors much of the development of the core Matrix project. The accusation here is that New Vector is somehow incentivised to sabotage development of Synapse (the reference Matrix server) to prioritise its own commercial interests at the expense of the wider Matrix network. This is categorically untrue. All work that NV people do on Synapse is donated unilaterally to the Matrix.org Foundation, which is governed incredibly strictly (including by the UK non-profit regulator) to ensure the protocol and reference implementations advance for the benefit of everyone - without ever prioritising any commercial interests, particularly NV (now or in the future). https://matrix.org/foundation spells this out.

        So: a) Synapse doesn’t break compat; b) NV doesn’t prioritise itself when doing Matrix.org development, and if it did, the Foundation would course-correct; c) Dendrite work is mostly funded by NV anyway :/

        1. 4

          This is the impression I got from observing the Matrix project, Dendrite’s progress specifically over Synapse, and third-party implementations. The biggest pain point is how checking off features seems to be prioritized over actual polish and optimizations to the servers themselves.

          1. 6

            I think you are extrapolating incorrectly. Almost all work in Synapse over the last year or so has been around polish & optimisations - and Dendrite dev was on hold in order to focus on Synapse stability & perf. In the last few months we’ve been able to afford to spin up Dendrite dev again, and meanwhile Synapse is (for once) stable. We’re almost at the point of going back to feature dev - but other than E2EE-by-default, there’s been very little feature dev since 2018; it’s all been about stabilising for Matrix 1.0 (in June 2019) and then subsequent polish.

            I think you might be basing your conclusions on where things were at in 2018 or so (when we had indeed been rushing features out the door in order to try to secure long term funding for the project, and to try to keep up with the centralised competition).

          2. 2

            What % of Matrix development is funded/driven by New Vector? It’s cool that they are pushing for this kind of software.

            1. 3

              NV is the startup which the original Matrix team formed in 2017 in order to fund themselves to continue working on Matrix fulltime. Of the core Matrix.org codebase, probably ~90% of it is written by NV employees, all of which is donated to the Matrix.org Foundation, which was set up as an independent custodian of the protocol itself (protecting it from NV and any other commercial players). The wider ecosystem building on Matrix spans hundreds (thousands?) of various projects, projects and contributors.

              So it’s not coincidence that NV drives a lot of Matrix development, given all but one of the team who created Matrix work there :)

          3. 6

            I can’t follow the reason for your criticism without further explanation. What breaking changes did Synapse introduce in the past? Who is “everyone else”? What kind of “perverse incentives” do you mean? Why should this be a problem for Dendrite, which is also developed by New Vector? Any sources?

            1. 0

              New Vector is basically paid to develop features over stabilizing and polishing the low-level details. This made federation somewhat of a moving target, and it means things like performance are moved to the wayside.

            2. 4

              It constantly amazes me that the only thing that a lot of people like to complain more than proprietary software is free and open source software that is done by people other than themselves.

            1. 26

              inheritance is something that makes your code hard to understand. Unlike function, which you can read just line by line, code with inheritance can play “go see another file” golf with you for a long time.

              This isn’t an argument against inheritance, it’s an argument against modularity: Any time you move code out of inline you have the exact same “problem” (to the extent it is a problem) and you can only solve it the same way, with improved tooling of one form or another. ctags, for example, or etags in Emacs.

              1. 31

                Inheritance has this problem to a much larger degree because of class hierarchies. Tracing a method call on a class at the bottom of the tree, requires checking every parent class to see if its overridden anywhere. Plain function calls don’t have that problem. Theres only a single definition.

                1. 7

                  Plain function calls don’t have that problem. Theres only a single definition.

                  Unless we start using higher order functions when the function is passed around as a value. Such abstraction creates the exact same problem, only now it’s called “where does this value originate from”.

                  1. 5

                    Yes, which is why higher order functions are another tool best used sparingly. The best code is the most boring code. The most debuggable code is the code that has the fewest extension points to track down.

                    This is, of course, something to balance against debugging complicated algorithms once and reusing them, but it feels like the pendulum has swung too far in the direction of unwise extensibility.

                    1. 3

                      For extra fun, use higher-order functions with class hierarchies!

                    2. 4

                      The best is python code where the parent class can refer to attributes only created in child classes. There are equivalents, but less confusing, in languages like Java.

                      1. 1

                        Isn’t the example in the linked article doing exactly that?

                        1. 2

                          Okaaaay… what’s self.connect doing? Ah, it raises NotImplementedError. Makes sense, back to SAEngine:

                          Not exactly. :)

                          1. 1

                            Check out Lib/_pyio.py (the Python io implementation) in CPython for lots of this.

                        2. 1

                          The overrides is mostly for modularity and reduce code duplication. Without classes, you might either end up with functions with tons of duplicated code, or tons of functions having a call path to simulate the “class hierarchies”. And yes, it’s going to make the code harder to read in some cases, but it also makes the code much shorter to read.

                          1. 6

                            Without classes, you might either end up with functions with tons of duplicated code

                            Why? There is literally no difference in code re-using between loading code through inheritance vs function calls, apart from possibly needing to pass a state to a function, that could otherwise be held in class instances (aka objects). this is certainly less than class definition boilerplates.

                            or tons of functions having a call path to simulate the “class hierarchies”

                            The call chain is there in both cases. It’s just that in the class-based approach it is hidden and quickly becomes a nightmare to follow. Each time you call a method statically or access a class atribute, you are basically pointing to a point in your code that could be hooked to different points in the hierarchy. This is a problem. People don’t think it is a big deal when they write a simple class and know it well, because the complexity is sneaky. Add another class and all of the sudden you brought in a whole other hierarchy into the picture. Each time you read “this” or “instance.something”, you’re up for am hunt. And each other hierarchy you bring into the picture increases complexity geometrically. Before you know, the project is unmanageable, the ones writing it went on to some green field project, doing a similar mess again for some poor soul to struggle with after them.

                            And yes, it’s going to make the code harder to read in some cases, but it also makes the code much shorter to read

                            It doesn’t really. People fall for this because you can instantiate a class and get a bunch of hidden references that are all available to you at will without you need to explicitly pass them to each method, but you only get this through defining a class, which is way more verbose than just passing the references you need.

                            All that said, what classes do offer in most languages is a scope that allows for fine grain control of data lifecycle. If we remove inheritance, then class members are akin to use global variables in non-OOP languages. But you can create as many scopes as you want. I which languages like python would do this as, for the same reason as OP, I suffer from working with OOP codebases.

                            1. 4

                              You make it sound like inheritance is the only way to reduce code duplication. In my experience that is simply not true, you can always use composition instead. E.g. Haskell doesn’t support inheritance or subtyping and you still get very compact programs without code duplication.

                              1. 5

                                Without classes, you might either end up with functions with tons of duplicated code, or tons of functions having a call path to simulate the “class hierarchies”

                                This is only true in my experience if you’re trying a functional approach with an OO mindset. There are other ways to solve problems, and many of them are far more elegant in languages designed with functional programming as the primary goal.

                            2. 5

                              When you move a bit of code out of your file it’s not going to call back function from the first file. You going to even make sure this is the case, that there is no circular dependency, because it makes (in cases when a language allows to make you one) code harder to read. In case of inheritance, those games with calling everything around is just normal state of things.

                              Of course, example in the article is small and limited, because pulling a monster from somewhere is not going to make it more approachable, but surely you’ve seen this stuff in the wild.

                              1. 4

                                You might do that, in the same way that you might carefully document your invariants in a class that allows inheritance, mark methods private/final as needed, etc. But you also might not do that. It sounds a bit as if you’re comparing well-written code without inheritance to poorly written code with it.

                                Not that there isn’t lots of terrible inheritance based code. And I’d even say inheritance, on balance, makes code harder to reason about. However, I think that the overwhelming issue is your ability to find good abstractions or ways of dividing up functionality–the choice of inheritance vs. composition is secondary.

                                1. 2

                                  It’s just that without inheritance it’s easier to make good abstractions. Inheritance affords you to do wrong thing easily, without any friction - just read a good article about that few weeks ago.

                              2. 4

                                Interesting article from Carmack about inlining everything:

                                http://number-none.com/blow/blog/programming/2014/09/26/carmack-on-inlined-code.html

                                1. 4

                                  This isn’t an argument against inheritance, it’s an argument against modularity: Any time you move code out of inline you have the exact same “problem” (to the extent it is a problem) and you can only solve it the same way, with improved tooling of one form or another. ctags, for example, or etags in Emacs.

                                  Not really, including code via accessing a class or object member forces you to manually go figure out which implementation is used, or where the implementation in a web of nested namespaces. In the case of function, each symbol is non-ambiguous. This is a big deal. If you have types A and B, with A having an attribute of the type B, each of these types containing a 3 level hierarchy, and you call A.b.some_b_method(). That could be defined in 9 different places, and if it is, you need to figure out which that symbol resolves to. This is a real problem.

                                  1. 2

                                    This isn’t an argument against inheritance, it’s an argument against modularity:

                                    Yeah, all code should be in a single file anyway. No more chasing of method definitions across multiple files. You just open the file and it’s all there…

                                    1. 2

                                      Any form of modularity should be there to raise the level of abstraction. ie. Become a building block, that is solid (pun intended) firm and utterly reliable, that you can use to understand the higher layers.

                                      You can peer inside the building block if you need to, but all you need to understand about it, to understand the next level up, is what it does, not how it does it.

                                      Inheritance is there to allow you to know that “all these things IS A that”. ie. I can think of them and treat all of them exactly as I would treat the parent class. (ie. The L in SOLID)

                                      I can utterly rely on the fact that the class invariant for the superclass holds for all subclasses. ie. The subclasses may guarantee other things, but amongst the things they guarantee, is that the super class’s class invariant holds.

                                      I usually write a class invariant check for every class I write.

                                      I then invoke it at the end of the constructor, and the beginning of the destructor, and at the start and end of every public method.

                                      As I become more convinced of the correctness of what I’m doing, I may remove some for efficiency reasons. As I become more paranoid, I will add some.

                                      In subclasses, the class invariant check always invokes the parent classes invariant check!

                                    1. 10

                                      It seems a bit silly to set up a static file tree just for one well-known entry. You can also do something like this straight from the nginx config:

                                      location /.well-known/matrix {
                                        default_type application/json;
                                        return 200 "{ \"m.server\": \"matrix.dangerousdemos.net:443\" }";
                                      }
                                      
                                      1. 3

                                        The path should be /.well-known/matrix/server, just in case anybody tries to use this.

                                        1. 1

                                          Ah, right. My bad!

                                        2. 2

                                          Huh, I didn’t know nginx could be configured to directly return text. Maybe the Matrix person who made the video didn’t know that either.

                                          1. 2

                                            cute :) i didn’t know!

                                            1. 1

                                              Could be. I just realised it’s also possible they didn’t want to complicate the instructions because the default config they tell you to copy already includes support for hosting files.

                                          1. 6

                                            Why not do it like Haskell and not use any brackets at all?

                                            1. 1

                                              Haskell uses () for tupling, so it’s not that they get way without any kind of brackets …

                                              1. 2

                                                Yes and they use [] for lists and {} for records, that’s not the point. Type application just uses spaces, with () used to indicate precedence if necessary: Maybe (Maybe a). I think this is by far the easiest to read.

                                                1. 1

                                                  cf my other reply to you about Type Application

                                              1. 3

                                                I am currently in the process of building my own website and Pollen looks very interesting to me. The markup language is implemented as a Racket DSL which makes it extendable and flexible to use. When I use Markdown, there is always something missing that I need, and in Pollen I can just create my own markup elements. And whatever I need to compute or automate, I can just do that in Racket. Here is an example of custom markup that I defined.

                                                1. 13

                                                  Sorry to toot my own horn, but this is exactly what the project I work on, Couchbase Mobile, does. It’s an extension of the Couchbase server that allows structured data (string ⟶ JSON mappings, basically) to be synchronized between the server and client devices, or directly between clients (P2P). The client-side storage is a full database with queries and indexing, based on SQLite but with a schemaless JSON data model.

                                                  This is a commercial product, but it’s 99% open source (apache2) and we provide a free “community edition” built from the OSS code. The commercial version adds a few features, like at-rest encryption, and tech support.

                                                  Honest;y I’d be working on this stuff even if Couchbase weren’t behind it. Distributed/synced data has been my obsession for over a decade, because it seems the best way to implement services like social networks without corporate control. (Exactly what @tekknolagi wrote about in their comment here!)

                                                  1. 1

                                                    Interesting, especially that there is also a P2P option. I will take a look at this!

                                                    1. 1

                                                      How does it handle partial syncing? So if the database is too large to be completely copied locally?

                                                      1. 1

                                                        The server-side component can filter the database sync, either to enforce access controls or to let clients pull down subsets.

                                                      2. 1

                                                        Last year I built a package manager that used PouchDB internally. The use of replication to avoid concurrent writers was an interesting paradigm shift. Can definitely see more applications for this.

                                                      1. 2

                                                        We’re building Git for Data: https://github.com/liquidata-inc/dolt

                                                        Dolt is a SQL database that stores table data in a Merkle DAG of commits, identical to git. This means you can clone, fork, branch, and merge your databases in a distributed fashion. Merges happen on a row-by-row, cell-by-cell basis. The dolt command line is a clone of git, so there’s no learning curve for people already familiar with git. If you also know SQL, then dolt sql pops you into a SQL shell where you can select or modify the data, create new tables, etc. Or start a mysql compatible server with dolt sql-server. Then when you’re done making updates, you can dolt add .; dolt commit -m "updates". If you also are using DoltHub, then push your changes back to master with dolt push origin master.

                                                        The mashup of SQL and git lets us do some interesting things. For example, I can run queries on a previous commit with SELECT * FROM table AS OF 'HEAD~', or on a branch with SELECT * FROM table AS OF 'branch-name'.

                                                        Anyway, we’re pretty excited about contributing to this space. We have a blog that we’ve been updating several times a week if you’re interested in following along: https://www.dolthub.com/blog/

                                                        1. 1

                                                          Cool, I will check that out!

                                                          1. 1

                                                            Hope you find it useful. Feel free to message me with any questions! We’re also always interested in PRs if you have a contribution you want to make.

                                                        1. 3

                                                          The hard part is of course,“define ‘structured data’”

                                                          1. 2

                                                            I give two examples of ways to structure data in the blog post, relational algebra and algebraic datatypes. Those terms have clear definitions.

                                                          1. 2

                                                            On the other hand there are great decentralized version control systems like Pijul/Git/Fossil and many more that check every requirement that I have, but they are built to work with textual data and are therefore unsuited to be a database backend of a graphical application.

                                                            I read a while back that the text is properly abstracted in Pijul, so could be swapped out, with a bit of effort.

                                                            1. 1

                                                              That’s good to hear, I have to dig into Pijul some more :)

                                                            1. 2

                                                              Is this project somehow related https://github.com/attic-labs/noms ?

                                                              Noms is a decentralized database philosophically descendant from the Git version control system.

                                                              1. 2

                                                                We built a database product that uses noms as its backing store: https://github.com/liquidata-inc/dolt. It’s basically Git for data, with a command line that copies Git’s. See my comment elsewhere in this thread for details.

                                                                1. 1

                                                                  Interesting, thanks for the link!

                                                                1. 13

                                                                  How close is Irmin to what you want?

                                                                  1. 1

                                                                    That looks really good, thanks for the tip!

                                                                    1. 0

                                                                      Hey this looks really cool. Thanks for sharing.

                                                                    1. 21

                                                                      This is why people are interested in CRDTs. Or at least, it’s why I’m interested in CRDTs. There seems to be a lot of activity in this space at the moment. Two projects that come to mind are Automerge/Hypermerge, and OrbitDB. The irritating thing about all of these projects right now is that they pretty much require you to write your application in javascript, which I really don’t want to do. However, I’m contributing to the Rust port of Automerge so hopefully soon we’ll be able to write automerge applications in Rust.

                                                                      1. 4

                                                                        This. I’ve been trying to build something on top of SQLite3 to do this as I need it for Rust. All the projects I come across for this type of thing seem to be geared towards NodeJs type applications.

                                                                        1. 1

                                                                          I have noticed something very similar, I see a lot of Node.js and JS-in-general projects cropping up such as SSB and OrbitJS. Not sure what that means for the ecosystem, actually.

                                                                          1. 1

                                                                            I would say that interactive use is probably the main driver so people have written it in front end-ish languages. I don’t think it means anything about this technology or theory.

                                                                            1. 1

                                                                              I would say your assumptions are reasonable. Thanks for sharing.

                                                                        2. 1

                                                                          That’s a good new keyword for my research, thanks!

                                                                        1. 5

                                                                          This week I started a project to implement a DVCS for relational data and it’s going pretty good, I’m eagerly awaiting working on it on the weekend :) I’m still a little surprised that this seems to not have been done yet, if anybody knows of prior work in this area, hints would be much appreciated.

                                                                          1. 2

                                                                            Sounds fascinating! What is the use case you have in mind?

                                                                            Reminiscent of Clojure’s Datomic in that it would keep all history of mutations.

                                                                            1. 1

                                                                              Reliable, efficient and private synchronization of application data between devices and people, it can be anything really. I saw Datomic before but it seems to be proprietary, right? That would be a no-go for me.

                                                                              1. 2

                                                                                Yep, proprietary, Datomic seems to be another path to revenue for R. Hickey and other clojure folk.

                                                                                Love this idea. Two weeks ago on vacation I fantasized about this concept for personal ‘human-scale’ data - an encrypted (at rest?) syncthing + git storage backend for email, contacts, etc.. My personal org file setup almost achieves this: an encrypted filesystem in a file (cryptomator) synchronized via syncthing. Please post notable progress!

                                                                                1. 1

                                                                                  Yeah I personally like working with Git and use it for all my projects and I thought “why doesn’t my calendar/contacts/nutrition tracking work like this?”. But the problem with Git is that it’s text-based and thus not a good database backend for graphical applications. And with Git it’s not easy to provide a good UI/UX for syncing that regular users can use, especially if there are merge conflicts.

                                                                                  1. 2

                                                                                    What are you imagining for UI/UX? Planning to support mobile? Syncthing drops a “.conflict” file with alternate versions and lets you sort it out.

                                                                                    1. 1

                                                                                      Conflict resolution is the thing I want to make better than in Git or Syncthing. Because I version relational data, there is much more structure to work with when conflicts arise and some conflicts like whitespace/formatting-related problems don’t arise at all. The user will have to choose between two (or more) conflicting data sets, but it will be much easier than fixing a Git merge conflict or dealing with Syncthing’s .conflict-files. Everything will be graphical, so yeah mobile will be supported, too.

                                                                            2. 1

                                                                              https://github.com/39aldo39/DecSync uses the file-system in a conflict way, and therefore can be used with syncthing to sync k/v data between devices. There’s RSS/Contact support right now.

                                                                            1. 2

                                                                              I’m currently building a DVCS for relational data because using git for this usecase seemed infeasable.

                                                                              1. 56

                                                                                I’m not sure why Free Software was thrown into this. I fully agree with the author’s points regarding the severe lack of privacy associated with discord, BUT I disagree that Free Software can only be developed/supported using communication mechanisms that respect privacy.

                                                                                Email is an acceptable choice for Free Software projects, and has been for many decades. Same for IRC. None of those are inherently secure/privacy-friendly.

                                                                                Discord is a terrible choice for Free Software projects because it’s a proprietary walled garden, not because it’s ‘not private’.

                                                                                1. 21

                                                                                  BUT I disagree that Free Software can only be developed/supported using communication mechanisms that respect privacy.

                                                                                  Of course you can develop free software with proprietary tools and services.

                                                                                  It’s just discriminatory and excludes those who need or want to maintain their privacy. I don’t think free software projects should be discriminatory or exclusionary.

                                                                                  Email is an acceptable choice for Free Software projects, and has been for many decades. Same for IRC. None of those are inherently secure/privacy-friendly.

                                                                                  Email and IRC are absolutely privacy-friendly, despite being unencrypted. You can create an entirely anonymous free account and use them, via Tor, just like any other participant and not be excluded.

                                                                                  From the article:

                                                                                  Discord is proprietary, non-free software, held closely by a for-profit company. How you personally feel about this is dependent upon your own philosophical views, but, objectively, it is not very consistent with the ideals of most groups dedicated to free software or open collaboration to produce and improve free software.

                                                                                  It seems to me inappropriate for an organization that believes in free software to choose proprietary and privacy-disrespecting tools when free and private alternatives are readily available and can be hosted very inexpensively.

                                                                                  1. 20

                                                                                    Yes, I read the bit about it being proprietary in the article, but the main points being made in the article are not about it being a poor choice because it’s non-free, but because it’s “not private”.

                                                                                    Anyways, I hope fewer projects choose this path (and slack, which i put squarely in the same boat as discord), and instead choose IRC, matrix, XMPP, and other similar protocols.

                                                                                    1. 6

                                                                                      Well, the main reason it’s discriminatory and exclusionary is because of privacy. Not everyone can give up their privacy, so any project using it is discriminating against all of those people.

                                                                                      Also from the article:

                                                                                      If you have done so in the past, please stop recommending IRC as a replacement for Slack and Discord. It’s absolutely not. IRC is great, but it is not simply “open source Slack” (that’s Mattermost). They are both chat systems, but they are different tools for different jobs. I love IRC, but it’s simply not a useful tool for most groups.

                                                                                      Are there any good matrix implementations yet? I’ve been meaning to run one.

                                                                                      1. 7

                                                                                        If you have done so in the past, please stop recommending IRC as a replacement for Slack and Discord. It’s absolutely not. IRC is great, but it is not simply “open source Slack” (that’s Mattermost). They are both chat systems, but they are different tools for different jobs. I love IRC, but it’s simply not a useful tool for most groups.

                                                                                        Yeah.. I disagree with that bit too. All of the Mesa development happens over IRC, and mailing lists (with some moving to gitlab, e.g. patch review). It works really, really great for that. For a (long) while, Mozilla used it. But I guess it wasn’t ‘hip’ enough so they moved to something else (matrix I think?)

                                                                                        IRC is a very simple protocol, you can implement a client for it very easily, it has been ‘battle tested’ for decades. One of the big missing ‘features’ is accessing the backlog while you are away, and many folks (including myself) use a bouncer on some 24/7 system to fill that gap, but I understand that’s not for everyone.

                                                                                        Are there any good matrix implementations yet? I’ve been meaning to run one.

                                                                                        I’m also interested to know this. ~2yrs ago the (only?) homeserver implementation out there was hard to set up, and didn’t scale well at all (something about it being written in javascript? lol). Maybe that’s different now. I’ve yet to see any widespread adoption of E2EE in matrix, for any channels I’ve seen. People tout E2EE as the major reason to use matrix, but basically no one uses it, AFAIK.

                                                                                        1. 16

                                                                                          Yeah.. I disagree with that bit too. All of the Mesa development happens over IRC, and mailing lists (with some moving to gitlab, e.g. patch review). It works really, really great for that. For a (long) while, Mozilla used it. But I guess it wasn’t ‘hip’ enough so they moved to something else (matrix I think?)

                                                                                          Because it works well for some groups does not mean it works well for most groups.

                                                                                          Mozilla didn’t quit IRC because it wasn’t “hip” enough. They wrote about it when they did it: it wasn’t serving their needs.

                                                                                          For most groups, asynchronous mobile applications with native notifications and multiclient are hard requirements. Unless you pay for irccloud, you’re not getting any of that. IRC’s “very simple protocol” is actually a hindrance for the majority of users: it means that if you can’t maintain a TCP connection, you can’t maintain an active session. The vast majority of people these days only access social networking via mobile devices. That forces them onto a paid bouncer like irccloud, or into a bad UX. There’s a reason that Slack and Discord are so massively popular. IRC advocates entirely fail to understand those reasons.

                                                                                          Use of Discord discriminates against all the users who need privacy.

                                                                                          Use of IRC discriminates against all the users who don’t know screen, znc, and the command line, or users who primarily use mobile phones.

                                                                                          1. 7

                                                                                            Use of Discord discriminates against all the users who need privacy.

                                                                                            But in the context of publicly discussing open source development, I don’t see how you do? So frankly I don’t really see the objection here.

                                                                                            The other day someone on Reddit was complaining about a Google mailing list not being private. The privacy of what? Your public messages sent to a public mailing group?

                                                                                            I’m unconvinced by the “you need a telephone” argument; the fact is that spam and abuse are a serious problem, and it’s a reasonably effective at stopping it. I don’t buy the “complete privacy” argument, and I don’t think that they ask it “just to get more data about you”. That’s ignoring the very real problems people have to deal with.

                                                                                            The “human right” argument seems misplaced. I also have the “human right” to call anyone an asshole here (freedom of speech) or to proselytize my religion (freedom of religion), but that doesn’t mean this platform needs to accept that. Again, the context here is publicly discussing a public project.

                                                                                            In your article you wrote that “you should be able to use your communications tools to mock and ridicule people, if you so wish”. Seriously? If someone comes in a OSS project to “mock and ridicule people” then I’d kick them out faster than you can say “freedom of speech”.

                                                                                            The word “privacy” seems to be subject to quite some inflation these days. I think this is a serious distraction from actual privacy issues.

                                                                                            1. 6

                                                                                              The privacy of what? Your public messages sent to a public mailing group?

                                                                                              the connection between your web identity and your in-real-life identity. The messages are obviously public but you might not want, for example, your boss to know that “coder_742” is you.

                                                                                              1. 2

                                                                                                Do people not just make new email accounts for their “alt” identities? Virtually all online services use email as the primary proof of identity and it is trivial to create a new one. Discord requiring an email and an account are hardly barriers to privacy.

                                                                                                1. 5

                                                                                                  They also require your physical location via your IP. If you use Tor or a VPN to preserve your personal privacy, the things that happen (dozens of captchas, frequent inability to log in, DMing links gets your account auto deleted) are huge barriers to entry.

                                                                                                  1. 1

                                                                                                    Hard disagree. Tor is very frequently used for spam (among other nefarious things), so it’s no surprise that IPs for exit nodes are blacklisted or put under more scrutiny. If you go out of your way to obfuscate your origin and you behave like a spambot, you’re going to get treated like one. These are good things, it makes the network better for the vast majority of people who use the service. That being said, I use Discord through a major VPN provider all the time and have never had any issues with retaining my session or logging in. Captchas are hardly an issue either, they’re just slightly annoying.

                                                                                            2. 4

                                                                                              Use of IRC discriminates against all the users who don’t know screen, znc, and the command line, or users who primarily use mobile phones.

                                                                                              FYI, there are some great IRC clients for Android.

                                                                                              Also, ‘discrimination’ is an intentional action, not accidental. When people set out to create IRC, they didn’t scheme in some dimly lit room and decide “we must prevent users who don’t know screen, znc, and command line from using this. Oh, and fuck mobile users too!”. They simply made a thing that lots and lots of people started using.

                                                                                              1. 12

                                                                                                Also, ‘discrimination’ is an intentional action, not accidental.

                                                                                                Nah, you can absolutely discriminate accidentally. An app demanding only five digit US numeric zip codes or ten digit phone numbers that start with a +1 is discriminating against non-US users even if they didn’t intend to.

                                                                                                They simply made a thing that lots and lots of people started using.

                                                                                                Yeah, in like 1990, for 1990-style programs. Just because there are decent IRC clients for android doesn’t mean IRC’s protocol is good for modern communication. It doesn’t do multi-client, it needs a persistent TCP connection, it doesn’t do multiline or rich text or media, doesn’t have any sort of cryptography, et c. It’s a bad protocol, and it should be left in the past.

                                                                                                1. 10

                                                                                                  You complain a lot, but most of the things you complain about are already solved, or being solved.

                                                                                                  IRC isn’t dead, it’s a living, breathing protocol, improving every day.

                                                                                                  And especially mobile usage isn’t that complicated to do right, especially if you treat IRC the way Matrix treats their protocol between homeservers, and have a separate protocol for clients (like e.g. IRCCloud or our own Quassel/Quasseldroid do: https://quasseldroid.info/).

                                                                                                  It’s being worked on, and it has a major community still using it. Which is a massive improvement over the flavour-of-the-day Slack clone you see elsewhere.

                                                                                                  Now to get into specifics:

                                                                                                  it doesn’t do multiline

                                                                                                  or rich text or media

                                                                                                  it needs a persistent TCP connection

                                                                                                  doesn’t have any sort of cryptography

                                                                                                  1. 14

                                                                                                    IRC isn’t dead, it’s a living, breathing protocol, improving every day.

                                                                                                    As a long time IRC user who has monitored the progress of IRCv3 for years, and talks to many of its former developers, I find this hard to believe. Even with IRCv3 efforts, everything was stillborn and many of those developers are sad at how everything passed them by.

                                                                                                    1. 4

                                                                                                      These are all open issues or PRs for the past couple of years. ‘These are being worked on’ does not make IRC a viable alternative for the required feature set of today.

                                                                                                    2. 3

                                                                                                      it doesn’t do multiline or rich text or media

                                                                                                      Those are definitely features, IMHO. But I can see there’s no way we can agree here :)

                                                                                                      I look forward to something like Matrix (if Matrix doesn’t improve), that is FLOSS, lightweight, secure, federated, and easy for all to use.

                                                                                                2. 4

                                                                                                  The official reference implementation, synapse, has been production-ready for a long time and also scales pretty well nowadays. It can be easily hosted on NixOS, there are Docker images and a Debian repository. I have been running my personal Matrix server for 1-2 years now and I never had problems. Just make sure presence is turned off for better performance.

                                                                                                  E2EE adption has not been as widespread as it should because the UI/UX had been lacking. It’s not that easy to get right for a federated multi-device service. But a few weeks ago that last missing feature to make E2EE usable, cross-signing of devices, got implemented. It is now being integrated and tested and will soon go live. After that all new private rooms will be E2EE by default.

                                                                                                  Much has happened on the Matrix project in the last years, I suggest you give it another try :)

                                                                                                3. 1

                                                                                                  Are there any good matrix implementations yet? I’ve been meaning to run one.

                                                                                                  See my comment below.

                                                                                              2. 8

                                                                                                It’s just discriminatory

                                                                                                I’d say it’s exclusionary, not discriminatory. Discriminatory heavily implies it’s on the basis of an immutable category. But project leaders have to dictate to some extent what software their employees will use, and their employees have the ability to use other tools for private communication.

                                                                                                You may say the bar to entry for those other tools is higher, but whose responsibility is that? The project leader’s? I think regardless of what you believe, your comment holds the wrong people to account—that is, if blame is even an apt paradigm here!

                                                                                                1. 5

                                                                                                  Tools that spy on us are bad tools. If project leaders chose Discord, and Discord’s policies regarding privacy mean that people who need privacy are excluded from participating in that group, then I think it’s reasonable to say that group leaders should not make those sorts of choices.

                                                                                                  It’s just the same as if you had a club meeting at a place with a specific dress code that excludes a cultural form of dress. The people who organized the meeting who chose that venue would be legitimately open to criticism (just as would the venue be) for discriminating against people who dress that way.

                                                                                                  Free software and public benefit groups and projects should not be discriminatory or exclusionary, and they should not make tool choices that perpetuate discrimination.

                                                                                                2. 4

                                                                                                  I care about privacy, but this definition of “exclusive” and “discrimination” is a bit silly. You could say any tool “discriminated against” or “excludes” anyone who doesn’t like it for any reason, and then wag your finger saying, “you don’t want to be discriminatory or exclusive, do you?”. It doesn’t exclude people who care about privacy, we just don’t like it. And as a maintainer, I’d probably elect for the usable tools over those that trade everything for privacy (or more likely, privacy theater).

                                                                                              1. 2

                                                                                                You can save yourself the overhead of Docker by using Nix directly.

                                                                                                cachix use all-hies
                                                                                                nix-env -iA selection --arg selector 'p: { inherit (p) ghc865; }' -f https://github.com/infinisil/all-hies/tarball/master
                                                                                                

                                                                                                This would give you a global accessible HIE installation for GHC 8.6.5. Using nix-shell, you can also setup the appropriate HIE version for each project locally.

                                                                                                1. 1

                                                                                                  Yep, that’s what I had before. I was documenting how to get started (for people new/unfamiliar with Nix), before trying the docker route. I ended up packaging the Nix setup inside my own docker image, and the setup is now near-automatic and takes a fraction of the time!

                                                                                                  1. 1

                                                                                                    What do you think about building the Docker images using Nix?

                                                                                                    1. 1

                                                                                                      I’d love to learn how to do that :) I just followed the instructions on the vscode site, but I’ll happily look at the nix way!

                                                                                                      Does it end up producing a Dockerfile? Because that’s the artifact I need.

                                                                                                      1. 1

                                                                                                        Nix does not produce a Dockerfile, it builds a tarball which can be loaded via docker load

                                                                                                1. 2

                                                                                                  The characterization of DevOps seems very unfair to me. For me, DevOps means “automate all the ops stuff you did by hand before”. That’s great because it saves a ton of boring repetitive work and brings reproducibility and documentation into the process.

                                                                                                  1. 19

                                                                                                    Soundness is definitely a thing that can come up, though in handling tens of thousands of lines I don’t feel like I’ve hit it directly.

                                                                                                    On the other hand, Typescript’s type system is still the most useful typesystem I have ever used. The way unions, “everything is a dictionary”, being able to filter out keys and the like, and everything else work together mean that I can write business logic that handles really dynamic data shapes, and still get guarantees that are basically impossible in other languages without generating loads of wrapper types.

                                                                                                    For example just being able to inline declare a variable of having “type A and type B” is such a great way of allowing for new APIs.

                                                                                                    Ultimately Typescript not seeing typing as a mechanism for implementing the language execution semantics, but really as a checker of code validity, opened it up to really practical advantages.

                                                                                                    1. -2

                                                                                                      On the other hand, Typescript’s type system is still the most useful typesystem I have ever used.

                                                                                                      I have a canary of sorts which I use to guess whether I will appreciate a type system.

                                                                                                      1 == "1"
                                                                                                      

                                                                                                      The correct way to handle this is to issue a type error at compile time (or at least runtime if the language doesn’t have a significant check phase in the compiler). The two ways to fail this are:

                                                                                                      • typecheck, return false (python2, python3, ruby, crystal do this)
                                                                                                      • typecheck, return true (typescript, javascript, php do this)

                                                                                                      I haven’t made final decisions which of these is scarier.

                                                                                                      Interestingly, some of the above languages do fine if we use inequality instead:

                                                                                                      1 >= "1"
                                                                                                      

                                                                                                      Some languages from the top of my head that do this the way I like it: Haskell (and I assume many of the other strongly typed functional languages as well), Common Lisp (at least sbcl, dunno if it’s standard), Rust, Zig, Nim.

                                                                                                      1. 9

                                                                                                        To be fair you should always use === in TypeScript, then it works as expected.

                                                                                                        1. 6

                                                                                                          To be fair you should always use === in TypeScript

                                                                                                          To be even fairer, this is not even a Typescript thing, it’s a Javascript thing? A linter on a JS project will complain about the use of ==, without going near Typescript.

                                                                                                          1. 3

                                                                                                            Throwing my 2-cents in here, PHP is the same. Using === will enforce type checking on the comparison.

                                                                                                            1. 3

                                                                                                              I don’t think it “type checks” per se in PHP, but rather avoids doing an implicit conversion.

                                                                                                              1 == "1" evaluates to true, while 1 === "1" evaluates to false. It won’t error out, like a type checker will typically do for you.

                                                                                                            2. 1

                                                                                                              To be fairest, Typescript actually does this the way I want. See https://lobste.rs/s/qfpbk9/is_typescript_worth_it#c_hs0olb

                                                                                                            3. 2

                                                                                                              Does it error, or does it return false like python, ruby, crystal (and js with ===)?

                                                                                                              1. 2

                                                                                                                It does error at compile time.

                                                                                                                1. 1

                                                                                                                  Yeah, seems like both == and === work as I want in Typescript. See https://lobste.rs/s/qfpbk9/is_typescript_worth_it#c_hs0olb

                                                                                                                  I’m liking Typescript right now.

                                                                                                              2. 1

                                                                                                                Ah, forgot about that. Do ts linters warn about ==?

                                                                                                                1. 2

                                                                                                                  Yeah they do.

                                                                                                              3. 2

                                                                                                                I don’t understand why a typecheck of the integer numeral 1 and a string happening to contain the numeral one returning false is scary.

                                                                                                                I know nearly zero about type theory. Could you please explain?

                                                                                                                1. 6

                                                                                                                  Because it’s a category mistake – it’s a nonsensical question.

                                                                                                                  1. 5

                                                                                                                    Ah I think I see, so that’s what demands that the response be an exception rather than false.

                                                                                                                    It’s not just “Is a number equal to a string?” “No.” it’s “That’s not even a sensical question to ask.”

                                                                                                                    I guess I feel like that’s a bit counter intuitive, since I generally want boolean operators to provide answers in boolean form, but then I don’t know anything about category theory either.

                                                                                                                    sigh clearly I have a lot to learn :)

                                                                                                                    1. 9

                                                                                                                      Well, it depends. Mathematically there’s nothing “wrong” with it, but it raises some uncomfortable questions. Like “what’s the domain of the == function?” Turns out, equality is not a mathematical function! If it was, everything would be in its domain, aka the forbidden Set Of All Sets. There’s a couple ways around this: the type way is to say that == is actually a collection of functions, one for each type. This ends up working out, and makes comparing different types impossible.

                                                                                                                      But there are other formulations! Like there’s nothing wrong with saying int and str always compare false, you just have to be clear what your mathematical axioms are.

                                                                                                                      1. 4

                                                                                                                        I think it might help to look at the Haskell signature for ==:

                                                                                                                        (==) :: a -> a -> Bool

                                                                                                                        It makes it clear that you can only compare two values of the same type.

                                                                                                                        1. 4

                                                                                                                          In Lisps, you typically have = and equal?/equalp. With = you’re asking “are these two things numerically equal”, which is a nonsensical thing to ask about a string and an integer (or a vector and a list, or a character and a boolean, or two other non-number objects). With equal? you’re asking “are these two objects structurally the same thing?”, which makes sense and “false” would be the obvious answer for objects of different types.

                                                                                                                          So presumably in many languages, == is the equal? in the above description, but there’s no separate = predicate.

                                                                                                                          And then there’s eq?/eqp, which asks “are these things the same object?”, which is a question of identity, not equality. That’s similar to what the is operator does in Python, for example. But yeah, this stuff is confusing if you’ve only been exposed to languages that conflate these different ways of comparing because you’re not used to having to make the choice of which kind of comparison to use in different situations.

                                                                                                                          1. 1

                                                                                                                            so that’s what demands that the response be an exception rather than false

                                                                                                                            I think no one wants it to throw an exception, but to simply not compile.

                                                                                                                      2. 2

                                                                                                                        1 == "1" is a classic JS gotcha (double equals is not “check for equality” but “check for equality and if it fails check for toString equality”) and 1 === "1" does what you expect.

                                                                                                                        I have decently used “fancy type” languages like Haskell, Purescript and Rust. Their type systems still make me somewhat unhappy compared to TS for “enterprise apps” (the one thing that I kinda wish that TS had but would bef impossible given soundness and how stuff works is the return type polymorphism).

                                                                                                                        1. 2

                                                                                                                          1 == "1" is a classic JS gotcha

                                                                                                                          I call it a classic maldesign, but ok :)

                                                                                                                          1. 3

                                                                                                                            I mean it’s not good, and there’s a reason you don’t see == anywhere in most codebases.

                                                                                                                            I guess it’s just not an issue that one hits in practice if you’re an experienced practitioner (compare to…. array bounds errors that even experienced C programmers will hit often). It’s a thing you set your linter to notice, and then never do it.

                                                                                                                        2. 1

                                                                                                                          Couldn’t edit this any longer, so will make an errata to my comment and mark it incorrect:

                                                                                                                          Contrary to what I stated, Typescript does this exactly as I think is best, i.e. signal an error at compile time.

                                                                                                                          vegai@Vesas-iMac ~/tmp> cat derp.ts
                                                                                                                          
                                                                                                                          let derp1 = 1 == "1";
                                                                                                                          let derp2 = 1 === "1";
                                                                                                                          
                                                                                                                          
                                                                                                                          vegai@Vesas-iMac ~/tmp> tsc derp.ts
                                                                                                                          derp.ts:2:13 - error TS2367: This condition will always return 'false' since the types 'number' and 'string' have no overlap.
                                                                                                                          
                                                                                                                          2 let derp1 = 1 == "1";
                                                                                                                                        ~~~~~~~~
                                                                                                                          
                                                                                                                          derp.ts:3:13 - error TS2367: This condition will always return 'false' since the types 'number' and 'string' have no overlap.
                                                                                                                          
                                                                                                                          3 let derp2 = 1 === "1";
                                                                                                                                        ~~~~~~~~~
                                                                                                                          
                                                                                                                          
                                                                                                                          Found 2 errors.
                                                                                                                          

                                                                                                                          Don’t even need the strict mode. So apologies to everyone for that bit of bullshitting – I went to check the behaviour in the first typescript playground I found, which for some reason did not behave like this.

                                                                                                                      1. 3

                                                                                                                        It’d be sad to see wire go. Their UI and some features were better than signal for everday users, also they did stuff like opensource their server software and experiment with a rust client. (And I know people were verifying their crypto core.) Really wasted potential, and I’ll have to move part of my family to another client again.

                                                                                                                        1. 5

                                                                                                                          and I’ll have to move part of my family to another client again.

                                                                                                                          any good alternatives?

                                                                                                                          1. 2

                                                                                                                            Out of the box it’d be signal if you want to stay in the same encryption/app scheme (desktop app,mobile clients, uses “the” signal protocol), but I’ll also take a look at matrix/riot.

                                                                                                                            1. 11

                                                                                                                              Signal is effectively yet another walled garden, and moxie insists on keeping it that way. I would avoid it at this point.

                                                                                                                              I recently set up my own XMPP server and successfully migrated friends and family to using it. Some even registered with other servers! We are all using OMEMO. There were a few hiccups but it has gone pretty well, and now we are using a federated protocol that has been around for ~20 years.

                                                                                                                              1. 4

                                                                                                                                I’ve seen some stuff regarding that, but, I’ll be honest: I’ve never tried XMPP and Matrix, I’ve only watched it from the outside. There still seem to be many hiccups, and I’m really keen on having a solution that works and where I don’t have to do the support from long distance when something breaks. In my experience you’ll otherwise loose people over to stuff where it’s “just working” and then you don’t have any saying in that decision anymore. (Friends moving to telegram/whatsapp, or people only being reachable there because all other systems just have a broken push notification system for them and/or won’t get re-installed next time the phone is wiped.)
                                                                                                                                So I’m ok with signals walled garden if it’s working.
                                                                                                                                Because the sad truth is that most people don’t have the time or nerves to get things working again, even though it may seem simple, but you’re also just used to that. It’s why google wins on android, everything else is subtle but annoyingly harder to maintain or set up.

                                                                                                                                1. 3

                                                                                                                                  TLDR: signal just works currently and specifically moxies “walled garden” isn’t that of a problem from my perspective.

                                                                                                                                  1. 6

                                                                                                                                    Wire’s walled garden wasn’t a problem until now. I say it’s only a matter of time for Signal.

                                                                                                                                    1. 6

                                                                                                                                      Wire is a venture-funded for-profit corporation. Signal Foundation is a 501c3 non-profit.

                                                                                                                                    2. 3

                                                                                                                                      I like signal, but I’ve been hesitant to hand out my phone number to “unvetted acquaintances” online, mostly due to the fact that many companies (like banks!) wrongly rely on sms based auth mechanisms. If signal allowed the use of email as a “contact” instead of a phone number, I would find it usable for many additional use-cases.

                                                                                                                                      1. 2

                                                                                                                                        Depending on your use case you might want to check out telegram with correctly set privacy settings, if you’re not talking about sensitive data but want a simple way to contact people without revealing your phone number.

                                                                                                                                        1. 2

                                                                                                                                          I have a dedicated, 2eur/month contract, dumb phone which I use only for these kind of things.

                                                                                                                                2. 2

                                                                                                                                  Depends on what you need.

                                                                                                                                  If you can live with the security of Telegram that is an excellent option ux-wise. Excellent clients for Android, iOS, Linux, Windows and I guess Mac as well (I haven’t tested it but AFAIK it is not just another Electron wrapper.)

                                                                                                                                  It is however not e2e-encrypted though. Client to server is encrypted like gmail and my bank and they seem to care a lot even if some of the things they say or do doesn’t make sense to me.

                                                                                                                                  I use it for a lot of my messaging.

                                                                                                                                  1. 2

                                                                                                                                    It is however not e2e-encrypted though

                                                                                                                                    Secret chats are.

                                                                                                                                    The paranoid crowd likes to dunk on Telegram for not making secret the default/only way to chat, but I like the convenience of non-e2e chats (search all the history on any device without any problems and so on)

                                                                                                                                    1. 1

                                                                                                                                      Good point!

                                                                                                                                  2. 2

                                                                                                                                    I’m still rooting for Matrix because they’re completely open source, federated (I think this is a really important point many overlook) and end-to-end-encryption. The company behind Matrix has a good reputation and even created the Matrix foundation to prevent this kind of corporate takeover of the communication platform. Just be aware that while e2e-encryption was implemented from the start and you can use it today, there are finishing touches being done to the UI right now so that it gets more usable/practical (cross-signing of new devices you log in to). The encryption stuff is a little harder to implement because Matrix is federated but there is a clear plan of how to solve all the issues and I hope they are finished soon :)

                                                                                                                                  3. 2

                                                                                                                                    They couldn’t fix a 100% CPU bug on iOS that has been plaguing anyone who uses it for VOIP calls over the last 2+ years. I lost faith in their talent a long time ago.

                                                                                                                                    1. 2

                                                                                                                                      There are similar outstanding problems on (older?) android devices too. On my old Samsung S4 your UI would hang for up to three seconds upon sending an image or loading high-through chats. Signal catches up in some aspects but still feels much more MVP. (I’ve had huge issues with random message-timers going on/off in bigger groups and messages never getting delivered or only partially, as well as people getting personal notifications about failed message receiving, which never got existed. Stuff that never happened on wire.)

                                                                                                                                      Edit: Also signal really needs a progress-indicator which shows how many more messages to load, I sometime wait for ~800 upon opening the desktop app.