1. 2

      I’m preparing for the classes I’m going to give starting next week: Scala+Spark and Prolog at my alma mater university

      1. 4

        For quite a while there were competing languages for RDBMS, the most famous was QUEL, which was the original language of the father of Postgres: Ingres. More info here: https://www.holistics.io/blog/quel-vs-sql/

        1. 4

          I’d like to work on Prolog for some stuff. For me, it’s a language that is very concise and I feel very confident about the code I make that it is correct even if I write fewer tests. It is not perfect, there are sometimes performance issues, lack of tooling, so for anything serious, I will probably not choose it. My last public work with Prolog is an HTTP Server for Scryer Prolog. It still needs more work but it is already there if you want to try it. Some months ago I also shipped an HTML5 game with some parts written in Tau Prolog.

          1. 1

            What is your experience with Prolog? Do you use any of the advanced CLP features in some of the Prologs?

          1. 25

            From time to time this seems to pop up, and they talked as if it was never tried at big scale. But it’s wrong, it has been already tried. In my country, Spain, every citizen has a digital certificate (request process is tedious, you need a Java program and a going physically to some places) but you can use it at any bureaucratic thing, including paying taxes, buying national debt, request certificates from the judge, … But also you can use it on some banks and even in my university. I, as a user, think that it has some real benefits but also some cons.

            However, in the end, most people don’t like the workflow. Administrations have put login/password systems for the most commonly used services because of the request process, how to secure the certificates, how to move them between computers and so on it’s complicated. Also, the web browser interfaces are bad and scary, and for a lot of the time, some browsers (Firefox looking at you) rejected the certificates as invalid (Chrome and IE did just fine).

            Some other people prefer the electronic ID card, which is similar but you need special hardware, but in the end people reason about that as easier than a pure digital certificate.

            1. 4

              Do you think it would be better with a USB smart-card such as a Yubikey or something similar? IMO any system that expects a user to know how to secure and use a certificate file is a bad system, but it’s a usability problem, not really a technical one.

              1. 7

                That’s basically WebAuthentication.

                1. 1

                  I’m talking like a government issued USB smartcard or hardware token, not the APIs that would use those tokens.

                  1. 2

                    I believe this is what Estonia does with “e-Estonia”; I don’t really know of the details though.

                    1. 2

                      Yes – we get an ID card which is also a smartcard. You use it with something like this, and you can authenticate and sign using two different PINs on it. It uses the normal smartcard APIs so it tends to Just Work in browsers on major operating systems. They recently introduced a smartphone version that you can use alongside, but you need to register first using either the smartcard or visiting a bank.

                2. 3

                  Sweden’s Bank ID makes managing certificates really easy. I use it to authenticate to everything from my bank, the tax authority, my company’s payroll software, and our kid’s school’s attendancy interface.

                  The certificates are handled via my bank. The initial startup requires an personal visit with ID, after that you get a reminder every few years that it’s time to renew.

                  https://www.bankid.com/en/

                  1. 2

                    Same in Luxembourg with https://www.luxtrust.lu/ it works really well and you have the start card version (mostly for corporate) and the 2FA version.

                    1. 1

                      Looks very similar but instead of government-issued, they’re bank-issued :)

                      1. 2

                        Here in Sweden, the traditional issuers of ID cards have been banks. It’s changed now since the rules around passports have tightened, so the government offers a “national ID card” in addition to a passport (which is now accepted as ID - it used not to be up to the standards of ID cards).

                        You do need a bank “partnership” (usually a checking account) but these are easy to get, and free up until you’re starting to earn some money. Our kid got an account, debit card and a Bank ID at 16.

                    2. 1

                      Yes, the electronic ID card I was talking at the end is a SmartCard with password protection, but you need a reader and (another) Java program in the middle. If you forget your password you can go to the police office and they have machines that reset the password. It is not perfect but it feels more natural for regular users.

                    3. 1

                      In Poland it’s other way around - you may use your bank account as some sort of id. It works surprisingly well, some formalities may be done using your bank’s interface.

                      1. 1

                        It may not have worked out that well in Spain, but in Estonia it seems to be working well (from the outside, at least. Any Estonians can feel free to correct me). I don’t like how much information is stored in the ID, but the digital signature and ID verification seems to work well, at least according to Wikipedia https://en.wikipedia.org/wiki/Estonian_identity_card#Uses_for_identification

                        1. 1

                          The identity card of Estonia and the one from Spain are the same model! When a security bug was discovered in Estonia they needed to invalidate a whole bunch of cards here, because they were the same :) However, the physical smartcard and the pure client-side certificate (which the post was talking about) are two related but different systems (which I think complicates more its understanding for the normal citizen). The smartcard flow is not really standard, needs a Java program in the middle.

                      1. 16

                        The year of Prolog! Yes, I’m seriuous, last years we’ve seen flourish a new wave of Prolog environments (Tau, Trealla and Scryer) which this year can reach a production-ready status. At least, that’s what I hope and I’m helping this environments with some patches as well.

                        1. 19

                          year_of(prolog, 2021).

                          1. 5

                            A couple years ago I hacked on a Python type inferencer someone wrote in Prolog. I wasn’t enlightened, despite expecting to be, from a bunch of HN posts like this.

                            https://github.com/andychu/hatlog

                            For example, can someone add good error messages to this? It didn’t really seem practical. I’m sure I am missing something, but there also seemed to be a lot of deficiencies.

                            In fact I think I learned the opposite lesson. I have to dig up the HN post, but I think the point was “Prolog is NOT logic”. It’s not programming and it’s not math.

                            (Someone said the same thing about Project Euler and so forth, and I really liked that criticism. https://lobste.rs/s/bqnhbo/book_review_elements_programming )

                            Related thread but I think there was a pithy blog post too: https://news.ycombinator.com/item?id=18373401 (Prolog Under the Hood)

                            Yeah this is the quote and a bunch of the HN comments backed it up to a degree:

                            Although Prolog’s original intent was to allow programmers to specify programs in a syntax close to logic, that is not how Prolog works. In fact, a conceptual understanding of logic is not that useful for understanding Prolog.

                            I have programmed in many languages, and I at least have a decent understanding of math. In fact I just wrote about the difference between programming and math with regards to parsing here:

                            http://www.oilshell.org/blog/2021/01/comments-parsing.html#what-programmers-dont-understand-about-grammars

                            But I had a bad experience with Prolog. Even if you understand programming and math, you don’t understand Prolog.

                            I’m not a fan of the computational complexity problem either; that makes it unsuitable for production use.

                            1. 2

                              Same. Every time I look at Prolog-ish things I want to be enlightened. It just never clicks. However, I feel like I know what the enlightenment would look like.

                              I don’t fully grok logic programs, so I think of them as incredibly over-powered regexes over arbitrary data instead of regular strings. They can describe the specific shape of hypergraphs and stuff like that. So it makes sense to use it when you have an unwieldy blob of data that can only be understood with unwieldy blobs of logic/description, and you need an easy way to query or calculate information about it.

                              I think the master would say “ah, but what is programming if not pattern matching on data”? And at these words a PhD student is enlightened. It seems to makes sense for both describing the tree of a running program and smaller components like conditionals. It also seems like the Haskell folk back their way into similar spaces. But my brain just can’t quite get there.

                              1. 2

                                Sorry to hear that. For me Prolog is mainly about unification (which is different from most pattern matching I’ve seen because you need to remember the unifications you’ve done before between variables) and backtracking (which was criticized for being slow but in modern systems you can use different strategies for every predicate, the most famous alternative is tabling). For the rest, it should be used as a purely functional language (it is not and lots of tutorials use side effects, but keeping yourself pure you can reason about a lot of things making debugging way easier).

                                I did Prolog at university (which is not very rare in Europe) and we studied the logic parts of Prolog and where they come from, and yes, it’s logic but it’s heavily modified from the “usual way” to perform better and it’s not 100% mathematically equivalent (for example using negation can produce bad results, no occurs check, …) and it uses backward-chaining which is the reverse to what people usually learn. Also lots of people use ! which can be used to improve performance to cut solutions, but it makes the code non-pure and harder to reason about.

                                However what I really liked about Prolog was the libraries that are made using the simple constructs. Bidirectional libraries that are very useful like dcgs (awesome stuff, I did some Advent of Code problems only using this “pattern matching over lists” helpers), findall, clpz, reif, dif, CHR if you want forward-chaining logic is also available in most Prolog systems,…

                                Yes, computational complexity is a problem, having backtrackable data structures will always have a penalty but it’s not unfixable and there are ongoing efforts like the recent hashtable library.

                                Having that said, at the end it’s also a matter of preference. I’ve seen in the repo that you consider Haskell easier. In my case it’s just the opposite, Prolog fits my mind better there are fewer abstractions going on than in Haskell IMO.

                                For some modern Prolog you can checkout my HTTP/1.0 server library made in Prolog: https://github.com/mthom/scryer-prolog/pull/726/files

                                1. 1

                                  FWIW I think I’m more interested in logic programming than Prolog.

                                  I am probably going to play with the Souffle datalog compiler.

                                  And a hybrid approach of ML + SMT + Datalog seems promising for a lot of problems:

                                  https://arxiv.org/abs/2009.08361

                                  Prolog just feels too limited and domain specific. I think I compared it to Forth, which is extremely elegant for some problems, but falls off a cliff for others.

                              2. 5

                                There was even a new stable release of Mercury late last year. It’s, uh, I’m not personally betting on it getting wide scale adoption, but I do personally feel that it’s one of the most aesthetically pleasing bits of technology I’ve ever tried.

                              1. 1

                                I use feedly both in desktop and mobile since the early days (at the beginning you needed a Firefox extension to run it). It’s not perfect (nothing is) but it serves me well and I don’t plan to change. I use the free version (with ads) but it’s the kind of ads I tolerate.

                                1. 2

                                  My personal tip is to use Docker Compose. Some people might disagree here but I think containers make it easier at the end (you do not depend on the host for almost anything). Just be sure you can execute your app in your dev computer using Docker Compose, and build/move the same containers to the servers. You are also free to use whatever service you want. Also, if you use Docker Compose you don’t need to learn/configure systemd, … because it will manage that for you. If you want automatic restarts on app crashes, you might need Swarm, which is very similar to Compose.

                                  Also, prepare a script (I use Ansible, but even Bash could work) for automatic backups of the data (storing it on Azure or Amazon S3 is simple and not expensive, checkout the Cold Storage/Glacier options if they suit you).

                                  1. 3

                                    I don’t know if this applies to AGPL but in GPL is not mandatory to have a GitHub/GitLab or even a tarball with your code. It’s just that if they ask for the code you should make it available for them, but it doesn’t need to be released in public. So if you ask a company to put a link to the source code, that’s not what GPL says.

                                    1. 2

                                      For distribution under the regular gpl you’re correct. If you ship a product, it’s advised to provide a cd or usb with the source code, then you never have to worry or make it public. General best practice is to just make it available online for convince. You can also include a written offer valid at least 3 years from the last release / support date. Then you have to ship a physical medium with the code. That’s how my company does it for the coffee machines, on request you get a usb stick. I’ve included pictures of that in the article.

                                      For the AGPL I’m not sure due to the network aspect. Any case, they never provided the source, not online nor offline.

                                      1. 7

                                        Okay I think I know, it has to be available over the network. Quoting the AGPL :

                                        13. Remote Network Interaction; Use with the GNU General Public License.

                                        Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software. This Corresponding Source shall include the Corresponding Source for any work covered by version 3 of the GNU General Public License that is incorporated pursuant to the following paragraph.

                                        https://www.gnu.org/licenses/agpl-3.0.en.html

                                        1. 3

                                          Thanks for the detailed reply, that’s another aspect of AGPL that it’s different from GPL then (in a good way I think). My intuition that might be similar was wrong. I’ll edit my comment.

                                    1. 2

                                      I’m finishing one of my pet projects! Mapaquiz

                                      1. 6

                                        If you want a really good user interface then give it modes like how Vim has them.

                                        This is the first thing they told me NOT to do when doing GUIs at university. In fact, it is said that Ctrl-C/Ctrl-V is so popular, because it’s modeless. I think there’s actual research that shows that modes in GUIs are bad, for various reasons but it’s been a while since I studied HCI.

                                        1. 3

                                          That’s what I’ve read, too, especially in Jef Raskin’s The Human Interface. I suspect the copy/paste work was from Larry Tesler, who reportedly had “NOMODES” on his license plate?

                                          That all said, I definitely see that all the software I use actually has quite a few modes…and, when trying to make software for people, people tend to like having modes (at some level) to “guide” them around a process. Is that because they don’t want to spend the time learning a new interface as compared to something that is familiar? Or because of a different valuations between long-term efficiency as compared to the initial learning curve? I don’t know. :-)

                                          Out of curiosity, from when you did study HCI, do you have any recommended texts or resources?

                                          1. 3

                                            Maybe the disrepancy here is due to how a broad concept a mode is. I believe the problems are there. Wikipedia has a section about mode errors in user interfaces.

                                            There’s certain kind of behavior that is terrible, but it’s not entirely captured by vilifying modes (well, if we’re precise then it is though).

                                            1. Notification pops up when you’re trying to do something and you click the notification away accidentally, while also messing up whatever you were doing.
                                            2. Something steals the focus while you’re writing a command.
                                            3. A prompt grays off everything else in front of you, the answer causes an irreversible change, but to answer it you’d have to look up something first.

                                            I’d be quite furious if Vim abruptly shifted --INSERT-- to --VISUAL-- when I’m typing text. That has never happened though.

                                            So maybe the rules of good modes can be captured in this way:

                                            1. The mode changes immediately upon an user request of mode change.
                                            2. The mode never changes due to an external action.
                                            3. The mode always displays itself properly.
                                            4. The mode change is an irreversible action in itself.
                                            5. The volatile internal state that is destroyed on exit from the mode is identifiable for the user.

                                            I’d think this may be good enough to be added there into the post. What do you think?

                                          1. 2

                                            Most of them are games, which, even if I could program, I will probably need help in other areas. Pikmin clon, X-COM style game for robbing banks, Theme Hospital like but for a whole town, some small puzzles…

                                            As for software what I really want is to improve Haiku & Scryer Prolog projects.

                                            1. 1

                                              have you tried asset packs like the stuff on kenney.nl to build stuff out with premade assets?

                                              1. 1

                                                I did it once! The end result was nice but almost always you find yourself needing something more, and adding it by yourself ruins the style completely. Also, most of the packs seem to be focused on fantasy RPGs or another cliché, which is OK but I don’t like it very much. For now, the best solution I think is minimalism (not pixel art, more like vectorized art, with just two or three colors in high res figures), which in games is not very popular, but I can defend myself.

                                            1. 2

                                              I’ve used it a lot, self-hosted on AWS and on AKS and one of my colleagues was pretty literate about Kubernetes, so we asked a lot of things to him :).

                                              I think it seems difficult because Kubernetes is, in some way, a different operating system, with different abstractions. Some old tricks can be applied but for most strange cases, is way better to create an operator and speak native Kubernetes. My main pain points with Kubernetes (apart from YAML, which we templatized with Jinja) were not on Kubernetes itself but on how our microservices architecture was designed, making it more difficult to let Kubernetes freely decide lots of things. Your services should be as independent as possible. We also hosted our database in Kubernetes (BIG NO), but now we moved it to a cloud service because managing state in Kubernetes is also a pain point.

                                              Deployments were quite easy and fast. Also, operations were fine. There’s a lot of tooling, each version getting better for monitoring and logs.

                                              1. 2

                                                There are some good points in the article but I feel this doesn’t apply too much for me. I usually have lots of long-lived emails for various reasons:

                                                1. it’s the best place for me to store some documentation that is from a not so common sender. For example documents from my work I don’t store them in email, but a contract from your gym, for example, I store them in email. Search is also pretty good these days to find this stuff.

                                                2. I use some emails as tasks, sometimes because the task is replying to the sender (and can be time-consuming) and sometimes because I just don’t want to move it to Trello because it implies more work and going back to email when I need to do the task.

                                                1. 10

                                                  Almost all Spanish government web apps work with client-side certificates, which are generated by the government itself for every citizen that request them. You use them for taxes, health insurance, driver licenses, etc. I use them just fine BUT most non-technical people think this workflow is complicated, so they eventually added more traditional login systems that rely on User/Password.

                                                  1. 11

                                                    [Spanish citizen here]

                                                    I think all of the technical issues people has with this approach would be solved easily if browser vendors cared enough to make a decent UI to set the certificates up. The process right now is quite cumbersome.

                                                    Also a lot of people looses their certificates and they are annoyed when they need to go in person to obtain a new one, despite this being the absolute safest way to emit certificates.

                                                  1. 5

                                                    I’ve always thought that SPARQL is way better than GraphQL at operating with graphs (simpler, way more composable). However, it’s worse on mappings to a relational database and in doing everything else that GraphQL can do (RPC)

                                                    1. 1

                                                      I’ve experienced similar issues with an email-only login we implented in a small B2B application. First of all, it was not easier that just implement Email/Password with Django (there was no need to add a recovery password option, since the product is very small, people will just send us an email). Second, most emails arrived fine or in spam folder, which is ok, but some companies (10%) never got an email from us. We used SendInBlue because it was easy to implement (just use SMTP). However. even if it worked, it’s somehow strange yet, and not an option for all users.

                                                      1. 1

                                                        there was no need to add a recovery password option, since the product is very small, people will just send us an email

                                                        I’m pretty sure the entire premise behind claiming that email-login is easier is that you’re already implementing the password reset option. If you aren’t implementing password reset by email, then the premise is no longer true.

                                                      1. 4

                                                        You might want to add Aquarius Prolog to the list. Its developer was on Hacker News talking about how parts of it were designed to be closer to the metal for better performance.

                                                        1. 2

                                                          And interestingly, Aquarius Prolog’s lineage includes Peter Von Roy PhD thesis. Thanks for the link!

                                                          1. 1

                                                            So, I waited till I got time to find it. Didn’t find anything. What I was looking for was either he or someone pretending to be him was the one that gave it to me on Hacker News. He had a nice description of what he did, too. It was at bottom of thread.

                                                            Now, all I can find are references to it by silentbicycle and I. Oh well.

                                                            1. 2

                                                              Haha, you’ll have to open source you treasure trove of papers one day ;)

                                                              1. 1

                                                                That and a push-button, verification/testing toolset were going to be my next projects had not I come back to the Lord and COVID hit.I kept that stuff in back of mind. I though of how to get others on it. For papers, the job of checking the copyrights and stuff. I havent forgotten.

                                                                The more disorganized part I had been dumping them into is 8,189 items at 3.2GB of space. That doesnt count the books and slightly-more-organized papers that came before them. That should give you an idea of why Im holding off due to whatever costs might be involved.

                                                                Meanwhile, one drum of alcohol is sometimes going for $1000+ on top of hundreds in shipping. The COVID-related apps and data entry Im attempting cost me 16+hrs for data collection alone. I was blessed with plenty of savings. It could be wiped out by a few supply purchases (esp gone wrong) or one project. So, I gotta hold off on nice, secondary projects till folks don’t need my help on life-critical stuff.

                                                                Hell, high-assurance thinking and Red-Black separation paid off more in my after-work cleaning practices than INFOSEC haha. You could say taint tracking would be another metaphor. Ive occasionally thought about putting it up online but just reminds me how Im not doing enough. Gotta update it in way that’s more miserable…

                                                          2. 2

                                                            Interesting, it’s older than ISO Prolog and does not run on x86

                                                            1. 2

                                                              Aquarius was incredible innovative (they forego the WAM), but at the end of the day and with all the the HW development it was not so influential.

                                                              Aquarius code is available and it’s an interesting read.

                                                            1. 1

                                                              Mine is https://blog.adrianistan.eu. You should read it because it has content that I think is not widely available, but you will enjoy it more if you’re into Prolog, Rust or Python (beginner level is ok). Some things are more technical, some others are more of a curiosity to me and I feel like I need to explain. I also have a section called Teletexto, with my favorite links of the week. It runs on my Raspberry Pi at home, the blog is Rust (Rocket) but the media (photos, videos,…) are served by a Prolog server (strange setup I know).

                                                              It’s in Spanish, but hey, nowadays you can use DeepL :) I was thinking of moving to an English blog but I think it will have less impact on the community if it was just another one, this is considering that Spanish is underrepresented in technical writing.