1. 72

    Ethics are inseparable from technology, since technology enables and inhibits actions, which are subject to ethical consideration; ergo, the creation of technology is an set of actions subject to ethical judgements.

    1. 34

      I’d go even further than that, attempting to exclude “ethics”, broadly construed, has helped to enable a social environment within technology circles that has legitimated a great deal of what people are now rightly reacting to, the surveillance, the effects the brain of using gambling machines as a design template for websites, the unwillingness of corporations to take any responsibility whatsoever for the effects that their products have on society at large, Uber (all of it), and on and on.

      1. 14

        I agree with both of you. On the other hand, I also kinda see the point of wanting a space that’s focused in technical aspects, and understand OP’s fear of ethical/political discourse dominating this forum. And in the other other hand, I also feel that not speaking about the ethics of technologies, and actively discouraging this kind of discussion, is, in and of itself, a way of speaking about it, agreeing with it.

        So, yeah, that’s hard. I got no solutions.

        1. 8

          Regarding the “fear of ethical/political discourse dominating this forum”—I understand, but we wouldn’t have to have all of these discussions if people would just stop being unethical :-) The more discussions we have now on this topic, the fewer we’ll need to have in the future. But if we don’t talk about it then, as you point out, things are only going to get worse.

          1. 13

            I think there’s a bit of a difference between discussing the ethics of a company and aggressively attacking a person.

            The main top comment raises some points and actually encourages discussion, which admittedly doesn’t really happen in that thread. A large portion of the top upvoted comments are people chiming in and (essentially) saying “me too”. The top comment responding to a maintainer is incredibly aggressive towards the maintainer who stepped forward, only tangentially relates to the parent comment, is arguably a personal attack against that person and discourages discussion through the tone. Yet it’s more upvoted than the technical comments below.

            In addition. it’s easy to forget that there are people on the other side of these usernames. It reminds me quite a bit of This is Phil Fish, a case study on how people can associate people with something larger, sometimes in damaging ways. It’s not quite the same, but I see similar parallels in how the community tends to treat employees of certain companies (yes, like Palantir… but Google also comes to mind).

            I’d like to see more comments that encourage discussion, like the most upvoted top-level comment, and less comments saying “me too”, “I agree with this”, or borderline attacking the poster, like the most upvoted response to the maintainer.

            1. 10

              The more discussions we have now on this topic, the fewer we’ll need to have in the future. But if we don’t talk about it then, as you point out, things are only going to get worse.

              That’s an interesting theory. I haven’t seen any evidence to support it on any of the other discussion forums I’ve used, but I suppose it might be true somewhere. I think friendlysock’s take is more accurate: by encouraging (tolerating? normalizing?) aggressive and reflexive positions on non-technical issues, we will get more of them here, not less. And eventually, the “bad money” will drive out the good, just like it does everywhere.

              1. 6

                Indeed - I think we have a plethora of examples of politics taking over, and few (none?) of political discussion settling debate so that everyone can move on.

              2. 8

                The more discussions we have no on this topic, the fewer we’ll need to have in the future.

                I disagree with this in so many ways. We cannot possibly come to some end resolution where everyone agrees on a certain set of ethics, and even if that magically happened, we cannot all agree on the best way to act upon those ethics. Political conversation already permeates way too much of society. I don’t need to see it in a forum for technical discussion. If we’re going to try to think of ways for technology to be abused, we’re not going to produce anything. Further, I think we’re totally dismissing all the great things that same technology has done and can continue to do because it can be abused. If someone wants feedback on their submission, I don’t personally want to see politically-oriented discussion around it in this particular forum.

                If the broader group of folks here wants this to become a political-friendly abyss, I’m fine with stepping away. But I don’t get that feeling right now.

              3. 3

                This is basically my opinion, too.

                (I haven’t posted more in this an the other meta threads this week because I’ve been very busy starting a new job, but as I’m catching up today I’ve really appreciated all the thoughtful discussion exploring these questions that don’t have easy answers.)

            2. 36

              I think you have a point here that is both truth and lacking utility, but may be getting upvotes because hey, who wouldn’t upvote ethics in technology?

              Here are some of the practical issues with supporting debates about “ethics”.

              First, what do we mean by “ethics”?

              Are we just wanting to talk about right and wrong? That’s often a matter of aesthetics. When I was born, it was pretty commonly held that homosexual acts were Evil, that psychoactive drug usage was Corrupt, and that democracy was unquestionably Good. None of those things are unerringly true anymore.

              You might say “But friendlysock, those are matters of morals, as opposed to organized systems of beliefs that are analyzed in the context of practicing agents!”, and I would agree. That being the case, what is the point of having discussions that end up going basically:

              • “You’re immoral!”
              • “No, you’re immoral!”
              • “You both act in clear hypocrisy of your professed morals!”

              That discussion leaves everybody angry, takes up a lot of space, and doesn’t teach anybody anything. Worse, it breaks the operating regime of the site, because people will inevitably just blindly upvote the folks whose aesthetic matches theirs, and downvote or flag those that don’t–or worse, devolve into namecalling.

              Okay, well, what about big-E Ethics?

              So, we skip out on thinly-veiled callout threads and we’re just gonna limit ourselves to talking about big-E Ethics. Academic/philosopher stuff like meta-ethics and normative ethics and subtopics like utilitarianism and virtue ethics and state consequentialism and so forth.

              And those are really fun topics. We have problems with those as the basis for subthreads though:

              • Hardcore philosophy (despite our having a tag by that name, since that usage is looser) is off-topic.
              • Most users (myself included!) are completely underskilled to talk big-E Ethics without a lot of clarifying back-and-forth and education in threads. Even assuming we have the skill to do all of that in a subthread (we don’t) and that we avoid falling back into moralizing (we won’t), such conversations suck all of the air out of the room for the technical discussion. That Palantir thread had us scrolling to the very bottom to get anything involving code or tech.
              • We’re gonna end up having the same discussions over and over again, as the big-E Ethics questions are, rather famously, undecidable.

              Okay, fine, what about professional ethics?

              Sure! If people want to talk about how a given thing violates professional ethics, then I think that is healthy. Here is the ACM Code of Ethics. Use that as a starting point in a subthread.

              Note though that we still don’t have professional organizations in the sense of, say, Professional Engineers. Our profession isn’t organized enough for that. So, talking about “professional” ethics is kinda hard.

              ~

              Overall, I just don’t think that the “ethics” discussions are what people are actually after here. I think people want to callout and shit on other folks, and that they want to show to their friends solidarity in an aesthetic. This damages one of the only good venues for safe technical discussion on the ’net today.

              And I won’t stand for that.

              1. 30

                I would, gently, point out that adjucating morals to aesthetics (the study of beauty, and of which the current post-Romantic admits a separate aesthetic for each individual) is not a stance that is particularly admirable.

                Simply keeping “Lobsters about tech” is a big E ethics decision, with ramifications that ripple out.

                If you want to demand that people treat other people well, that is a stable ethical choice that is supportable and relatively decidable.

                ~

                But to be clear, working for Palantir - or other major enabler of violence & repression that generates widespread sideeye, is both a technical and an ethical choice; pointing this out and pushing back against consuming technical material from such an enabler seems perfectly reasonable.

                We can debate whether working for Palantir is ethical - it probably also enables benefits to LEOs working complex cases and addressing real social harm. Many times on other social media sites, employees of ethically tangled companies will comment and discuss the complexity and reality of working in these environments. There is a very real debate, it’s not an open and shut thing where some group of activists come in and screams.

                I reiterate: technology and ethics are intertwingled. While some contexts are more neutral than others, very few are pure neutral.

                1. 12

                  @pnathan I didn’t want to wade into this muck, but you seem genuine. In my mind is not whether debates about ethics is good or bad, but rather what is lobste.rs for? There are PLENTY of places on this big internet to get on a soapbox and yell about whatever gets your goat. I want a quiet corner where I can just read about technical things. Code, decisions behind code, some PLT, some math and the occasional bit of humor. Perhaps the people here saying, well Kaushik, its time to go away somewhere else because that’s not what lobste.rs is for any more, and I will join the stragglers as we exit out of yet another refuge inundated by the loud and obnoxious soap box crowd.

                  1. 10

                    I’m 100% with you here. I see way too much soap boxing and bickering pretty much everywhere else on the internet. This was a safe haven for technical discussion without the political theater. If it’s going to become that, I’ll be happy to leave and try to form yet another community where we are trying to avoid this kind of stuff.

                    1. -2

                      leave and try to form yet another community where we are trying to avoid this kind of stuff

                      I’ll wager that ethical questions will inevitably follow you there, as they are inextricably part of the human experience, whether or not the primary topic is tech.

                      1. 4

                        I’m not trying to avoid them entirely, I just want a forum for technical discussion. Not everything has to be polluted with other topics and agendas

                        1. 1

                          You might find the more focused discussion you seek in a special-interest forum. General-interest fora will attract general topics of conversation.

                          1. 11

                            Lobsters has been that forum for me until recently.

                            1. 0

                              That’s interesting. I hear many voices in this thread expressing the same. I never saw this website as something like that, I just saw it as a place where some relatively niche computing topics are aggregated.

                              1. 7

                                You’re also relatively new here compared to some of us, so that probably feeds into it. The site has grown quite a bit since I joined.

                                1. 1

                                  I was reading this website for a long while before I got an invitation, but it is fair to say my account history is relatively new. When I started reading, most posts seemed to get an average of 1 or 2 comments. It’s hard for me to reconcile this—some folks are lamenting that recent discussions are not in keeping with the historical tone of the site, but the site has been historically silent on most topics.

                                  1. 5

                                    Try looking at it from a different perspective. Perhaps the absolute level of good quality comments hasn’t moved too much, but perhaps the absolute level of low quality comments has increased. If that’s true, it increases the signal-to-noise ratio and can lead to the “we used to have more good quality content here” observation.

                                    1. 2

                                      I was being very generous with the comment count. Even today, when I posted that comment, half of the front page articles had zero comments. Perhaps the signal level is just too low to begin with. Maybe there’s no consensus on what the signal is.

                    2. 4

                      you seem genuine

                      That’s one of the nicest things someone not my wife has said to me for some time. :) Thank you.

                      My basic thought is that I also want a corner where we can seriously talk about highly technical things, but we should be aware and also talk about the broader ramifications of our work, because we have the technical background to get the implications of our work and be correct about how it works, and to talk about the ethical implications of how a specific capability works/doesn’t work (whereas I have deep suspicions of an arbitrary op-ed columnist whinging about tech and begging for regulation).

                      To ask for a soapbox free zone seems completely ok - to ask for an ethics-free zone is an ethical choice that selects for specific social choices (as non-obvious as that may seem). To be specific: I’m not sure discussing the ethics of a new compiler gets us anywhere, but if its produced by Dr. Evilheart Murder Enterprises, maybe we need to discuss if using it supports D.E.M.E., and if we can redeem the technology from its production in the context of D,E.M.E. I don’t think that this is some lefty social justice agenda I’m asking for…. Maybe I’m wrong.

                    3. 12

                      I acknowledge the intertwingling, abstractly. But it seems you’re not addressing friendlysock’s actual concern. Is an announcement thread by a new user who happens to be the maintainer of an open source project an appropriate place to have the “very real debate” about whether working for that person’s employer is an ethical choice? When a commenter on that post engages in a blatant personal attack and is rewarded with upvotes aplenty, is the “very real debate” being furthered?

                      1. 10

                        I would say so: it’s an opportunity for the software developers of Palatir to make a case that they are acting in an ethical fashion, that the world is complex and they are producing a net good. When I worked for a Famously Bad Reputation company, we were encouraged to defend the company. This would have definitely been a place where the maintainer could have defended themselves - if company policy allowed, of course.

                        One of the interesting bits of social psych is conformity matters. If the general community shuns X group, to the point where its a permanent black mark on the record generating firings/no-hirings and it’s not something anyone is comfortable around at church, marrying family members, etc, then the X group diminishes into the fringe. Whether you are conservative or liberal, you wind up having a conformity and a social order. I’m not personally sure where to draw that line and place the mark, but Palantir is a popular target for placing that mark.

                      2. 8

                        I would, gently, point out that adjucating morals to aesthetics (the study of beauty, and of which the current post-Romantic admits a separate aesthetic for each individual) is not a stance that is particularly admirable.

                        Why not? There’s a huge variation in morality within our own culture, let alone looking across cultures. You can find people that believe that it’s immoral for two people with the same groin-endianness to get married, and others who think that it’s immoral for to accumulate a large amount of money. You have people who think that allowing dictators to abuse their people is immoral, and others who think that intervention is a bigger evil. You have people who think that it’s important to protect the freedom of users with copyleft licenses, and people who think that copyleft immorally restricts commercial use of software. You have fights between which supposedly divinely inspired book written thousands of years ago by uneducated sheep herders/traders/warriors/… is the primary authority on how to live your life. The list goes on, and all of them have people who believe one thing or the other.

                        The shifting scene of prevailing ethical thought really does make it more like aesthetics than people are often comfortable admitting. Yes, it has longer term effects on people’s lives, and yes, it’s got some underlying principles, but it’s certainly not some sort of fixed beacon of truth.

                        Why do you think that there is a universal set of ethics that people subscribe to? And if you don’t, do you really want this site to be either the battleground for deciding this, or a community of yes-men who boringly signal that yes, they are indeed a part of the in-group?

                        There are lots of valid and interesting discussions to have on these topics, but to me, they detract from lobste.rs.

                      3. 2

                        The book that revived virtue ethics as a viable project, MacIntyre’s After Virtue, points out how (and explains why) contemporary ethical debates have a peculiarly shrill and interminable character.

                        1. 2

                          This is a weird use of “aesthetics”. I don’t really know what you’re trying to say.

                          1. 2

                            I read “aesthetics” as, roughly, “something that a group of people has decided to call ‘basic human decency’, with the various external trappings this entails”.

                        2. 21

                          Yet I somehow suspect if I ask “What are the ethical implications of creating a webassembly backend for ocaml?” that I won’t receive quite as many upvotes.

                          1. 6

                            If the answer to the question “What is it built for?” is “for missile guidance systems”, we are in a different territory pretty quickly, though! Nothing technology lives without context.

                            To turn this into something more tangible: when DARPA invested around 10 million for https://c2rust.com/, it definitely raised some eyebrows and sparked a couple of discussions.

                            1. 9

                              ARPA/military were behind the Internet, GPS, Tor, and (via defense contractors) majority of contributions to Linux kernel. Yet, most people discuss them without warnings or ethical debates in threads.

                              It’s just specific things that are also talking points in liberal media.

                              1. 2

                                You are making it seem like these things have not been discussed, which is definitely not the case. Also, we’re not liberal media, we’re a community.

                                1. 2

                                  Most of the statements read like they were pulled out of the liberal media. Pop-culture politics. People that actually care about popular politics here, say inclusion of under-represented groups, would have people from those groups, esp women, in the main teams (eg Rust compiler/libraries), be submitting work from such underrepresented people here to Lobsters instead of white/asian males, linking to write-ups by the same in the comments, and so on. There’s just one or two people doing that consistently off the top of my head.

                                  Inclusive politics here mainly equals writing comments and language policing to such people, not actually highlighting work by or bringing in underrepresented. Aka what they’d do if it really mattered. Same with employers, eco-friendliness, etc where someone could call out an OP in the majority of threads every day about the ethical ramifications of what they’re submitting. They only do on specific, popular, talking points, though.

                                  I make an exception for you since your community work probably does a lot of good in inclusion. A lot of good period. On Lobsters, though, most people voting for prioritizing politics for social justice certainly aren’t boosting minorities or even ethical suppliers. So, I call BS on it really mattering to them past ego value from social signaling, virtue and shaming.

                              2. 9

                                So if somebody builds a webassembly backend for missile guidance and puts it on github, is it ethical to use it for protein folding research? Or is it forever tainted?

                                1. 1

                                  That’s a different question, and yes, it’s an interesting one. It’s also not like things on Github are just there. They still have a maintainer, a hosting organisation, and a leadership.

                              3. 2

                                Thats a cute non-sequitur, given that no one is inserting ethical implications into things like that. Seeing as this thread was sparked by the discussion around the ethical implications of software labor being used to further the work of a surveillance contractor, its not just a worthless message-board retort, its actively muddying the waters around issues that are inseparable from ethical questions.

                              4. 18

                                You’ve got to go about asking these questions in a way that actually enables the OP to respond. Instead, we got a massively passive-aggressive jab at the OP’s company:

                                I guess it may be possible to work at a seedy company and still do good stuff […] Regardless, thanks for releasing this as free software.

                                After which, the top commenter is hailed as a hero, and, to no one’s surprise, the OP didn’t respond.

                                A reword that might have actually elicited a response might have started with “Thanks for releasing this as free software!” rather than the “yeah, your company sucks, but thanks anyway” angle.

                                1. 9

                                  the creation of technology is an set of actions subject to ethical judgements

                                  Assuming that it is true - is it possible to have a small place (e.g. lobste.rs) which is for discussing technology without ethical implications and all the rest of the net for discussing whatever you want (also ethical aspects of technology)? Is this something you can imagine being possible or do you think that such place can’t exist? (this is a serious question)

                                  1. 32

                                    That’s certainly an important question.

                                    I think that it’s certainly possible to mention technology without explicitly mentioning ethics. I also think that engaging in that way is an ethical position. You can separate them at the surface level of discussion, but not in the substance.

                                    That said, I can certainly imagine a community in which technology is discussed but ethics is never explicitly mentioned. I would not want to be part of such a community; I would find it deeply unsettling. I do think that some people might like it, and there are a variety of reasons for that and I wouldn’t want to make assumptions about any particular person’s reasons.

                                    1. 7

                                      I think the problem with ethical discussions on a technical forum is that there’s not really a shared basis for those discussions. We might have a bunch of members from various religions and cultures who subscribe to widely different ideological frameworks and ethical principles. These different backgrounds are likely to be incommensurate, incompatible, and irresolvable.

                                      In that way it’s similar to discussions like “Are static types good or evil?” or the famous editor wars—so called “religious flame wars” which are known to ruin communities if left to fester.

                                      So indeed it is a kind of ethical decision about the norms of the community—whether ethical claims and disagreements ought to be encouraged in comment threads. There are pretty good reasons against.

                                      Let’s say I’m a committed socialist or communist or anarchist. There are many such people who are programmers. Now I have very good reason to enter threads about commercial activity and ask the involved people to justify their clearly immoral participation in the tyrannical, plutocratic, deeply unjust system of capitalism. I would of course encounter a bunch of dirty capitalist apologists trying to argue against my ethical position… and we could go on for a long time… almost certainly to the detriment of the community.

                                      1. 5

                                        “I think the problem with ethical discussions on a technical forum is that there’s not really a shared basis for those discussions. We might have a bunch of members from various religions and cultures who subscribe to widely different ideological frameworks and ethical principles. These different backgrounds are likely to be incommensurate, incompatible, and irresolvable.”

                                        You nailed it. That isn’t hypothetical: it happens in every political thread. The ending, minus rare exceptions, is everyone ends up believing what they already believed with some shunning their opponents in some way. Lobsters doesn’t work for political discussion that’s about actually changing people’s mind.

                                        Of course, many of you are starting with the foundation that people wanting politics want a political discussion. They mostly don’t as evidenced by their comments in such threads. If you’re curious, I just described here the evolution of politics and behavioral patterns on this site from when I first came to where we’re at now. Given the same environment, political discussion is and will continue to be impossible because the dominant group intends for it to be. They want compliance and conversion, not discussion.

                                        1. 3

                                          I don’t necessarily know that changing people’s minds should be the goal, but I also don’t know that it’s impossible. I think you’re describing what happens when everyone reacts defensively. It’s indeed not possible to change someone’s mind if they aren’t willing to open up and have a real conversation, so I wish the world in general would be more open to interacting in ways that aren’t so resistant to real dialogue.

                                          I’m an optimist, and I believe that when people try, they can engage with the goal of at least leaving each other with something to think about.

                                    2. 6

                                      I’ll suggest this (mainly tongue-in-cheek) but it might be a good solution: for every submission provide another link next to ‘reply’ called ‘ethics-reply.’ The links go to two separate discussion areas. That way, people can dip into the tech or ethics discussions as they like.

                                      1. 6

                                        If such a place did exist, I think you’d have trouble finding a lot of people who would want to hang out there. I’ll just jump immediately to the most extreme possible example: if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion? Would you want to spend a lot of time talking to other people who would be happy participating in that discussion?

                                        1. 14

                                          if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion?

                                          I am a jew who was raised by holocaust survivors. My answer is yes. In fact, I think it’s the only way that one could have a discussion about the technology used by the Nazis that wasn’t immediately dragged off topic.

                                          And, honestly, an ethical discussion would either be abhorrent or boring, since a vibrant discussion implies a difference of opinion, and anyone who has significant differences in belief with me on the ethics of systematic mass murder is someone that I don’t expect to have a productive discussion with.

                                          1. 12

                                            Yes to both, to be honest. I did a bit of research for a point the other day, and something occurred to me.

                                            Technology, especially computing, is all about solving problems at scale and efficiently. For the most part of the 19th and 20th centuries, the domains that actually had the scale to justify theoretical work and practical development tended overwhelmingly towards things like military applications (standing armies tending to be some of the largest organized groups around) and demographics/census/taxcollecting work.

                                            For better or worse, note that IBM was really good at tabulating census data, something that the Nazis took advantage of. I personally would be happy talking about techniques for tabulating that data and managing it, in hopes that it could be applied to more positive uses. Similarly, I’d be happy to learn about rocketry from von Braun, even though most of what he learned he learned by dropping explosives on British civilians.

                                            1. 5

                                              Let’s take the specifics. Is Palantir stuff that remarkable to be worth the inevitable fallout in the comments and personal ethical compromises? Is it really that seminal and groundbreaking?

                                              It is a dilemma when we talk about say an SS officer who also happened to run the US Moon programme. But Palantir is adtech’s meaner sibling, what is there that makes it worth picking the turd pile?

                                              1. 9

                                                The drop in the level of technical discussion is the issue, not the company being discussed. I’d prefer to let posts on unethical companies die in silence, rather than make this site a worse place to discuss technology.

                                                1. 2

                                                  Another reason is highlighting the bad gives you less time to create the good. Most people that care can look up a company to see if there’s anything messed up. The bad or at least going with the flow are also the majority. If we’re talking companies, I’d rather people put more effort into highlighting ethical ones with useful tech or products. Basically, anything that can be a fit here on technical grounds with them also mentioning in a comment that the person, company, product, etc is good/beneficial for (reasons here). Maybe they mention some bad examples with it if trying to shame companies. Just optimize to promote more tech and examples of public benefit over just calling out bad companies who are the perpetual default.

                                                  Easy example: Prgmr.com over Digital Ocean, AWS, Google, or Azure if fits use case due to ‘straight-forward offerings, great service, some nice people, and freely hosting an excellent site for deep, technical discussion.” The submission might even be about something else entirely that’s merely hosted on the ethical product/service. Then, they add a quick note about it that barely distracts from the focus on technical content. Just all flows together for the reader.

                                                2. 8

                                                  the inevitable fallout in the comments

                                                  The fallout is not “inevitable” - it is not a force majeure. Actual, specific, individuals CHOOSE to make it about the “ethics”. You’re asking people to appease these individuals.

                                                3. 2

                                                  Would you be also ok to discuss methods of performing deadly medical experiments on people with Nazi concentration camps staff? Would you be ok to advise them how to improve the scale and speed? Would you still want to keep such discussions ethics-free? How about diacussing effectiveness of guns with the Zodiac Killer? Or advising Ted Kaczynski on bombs?

                                                  edit: Please note my intention here is not to seed outrage; I’m sincerely interested in your answer, as I find it hard to imagine setting really no ethics limits, so I’m curious to gauge where would you actually set them? Or would you really want no limits?

                                                  1. 6

                                                    I’ll pick on your first example, because I don’t see benefit in addressing the others (I read you as making the same category of point, with those added for emphasis).

                                                    Would you be also ok to discuss methods of performing deadly medical experiments on people with Nazi concentration camps staff? Would you be ok to advise them how to improve the scale and speed?

                                                    Let me turn that around on you:

                                                    Would you prefer they do them inefficiently, if you knew they were going to do them regardless? Would you prefer that the innocent lives lost in the nominal science of these experiments be done in vain because somebody screwed up their data collection? Would you prefer that, for the same data, they use extra prisoners because they suck at statistical power analysis?

                                                    I don’t support immoral behavior, such as mass murder and torture. I do recognize that whether such things are legally or ethically permissible (again, not morally) is something that transcends individual opinion, and that where those acts fall is a function of the zeitgeist of the times. Sloppy engineering, science, and math will always be sloppy, aesthetics of the time be damned.

                                                    We can’t get to identifying and fixing/discouraging/pillorying that sloppy behavior if we can’t engage with it. We can’t even get close enough to try and reclaim those lost souls if we can’t engage with them on (nominally objective) material civilly.

                                                    1. 6

                                                      Thanks for the interesting reply! So, I think in shortest words I could express what I think about this the following way: I would indeed prefer for them to do this ineffectively - I’d say that is the principle behind sabotage. As far as I know, sabotage works. And that’s indeed what I’d hope to be able to say I’m doing against actions I believe to be significantly unethical. (Though trying to keep my own integrity in means employed to that end.)

                                                      1. 9

                                                        I’m not sure sabotage always works the way one hopes. When you destroy the results of human experimentation, the data is recreated by repeating the experiments on a new set of humans. That seems like a bad outcome for those involved.

                                                        I think the problem is we too often define success as hurting the bad people, and yes sabotage hurts them, but we too should consider the collateral damage of our actions.

                                                        1. 6

                                                          It’s not about hurting bad people. It’s about making their evil work harder and less efficient at actually hurting good people, while also trying to convince evildoers to not do the evil in the first place, and preferably do good instead and thus become good people. If doing evil is easy for them, it won’t make them do less of it, but rather more of it. They will always invent new experiments to do on a new set of humans anyway. Appeasement policy did not work on the onset of WW2. A bully must be stopped, not let continue the bullying. A child doing bad things must be reprimanded and informed/educated about bad consequences of their deeds, not spoiled.

                                                          1. 1

                                                            Well put.

                                                  2. 5

                                                    if someone posted an article about the technology used by the Nazis to organize the Holocaust, but discussing the attendant ethics was strictly forbidden, would you be happy participating in that discussion?

                                                    Interesting example - you are asking if I would be interested in (discussing) e.g. technological aspects of IBM products around Second World War. Yes, this might be very interesting. I can also imagine other Nazi tech related topics that I wouldn’t find interesting (but see no reason for others not to be interested in) and in such cases I would use the hide button. Hopefully such place wouldn’t be all war tech from Nazi Germany or modern day USA ;)

                                                    1. 4

                                                      I would absolutely be hanging out there. That was kind of how this place has been for the most part.

                                                      As to your question about Nazis, yes I would want to discuss the technology, and I’d be happy to discuss it with people in those threads. If it were completely neutral politically, there is the potential to have great technical discussion.

                                                      1. 3

                                                        I think you’d have trouble finding a lot of people who would want to hang out there

                                                        I agree, but that’s not a bad thing, is it? This is not some sort of mass movement.

                                                      2. 0

                                                        s it possible to have a small place (e.g. lobste.rs) which is for discussing technology without ethical implications and all the rest of the net for discussing whatever you want

                                                        No. Even if it were, this would not be it.

                                                        1. 1

                                                          Even if it were, this would not be it.

                                                          How do you know this?

                                                          1. 0

                                                            Because this site is full of intelligent people.

                                                            1. 9

                                                              Ah. You’re implying that “discussing technology without ethical implications” is exclusive to stupid people. Do I understand you correctly?

                                                              1. 2

                                                                I’m chewing on my keyboard right now!

                                                                1. 1

                                                                  Discussing technology without coming up against ethical issues is impossible. I don’t think intelligent people would just skirt around them when they come up.

                                                        2. 5

                                                          Do you have an example of an action that would not be subject to ethical judgements? In trying to understand your claim, but I don’t sufficiently understand the definitions you’re using to determine whether you’ve made a falsifiable statement or not. Will you spend a little time describing the limits of your statement or what empirical observations support it?

                                                          1. 6

                                                            I would argue that there is a class of actions, e.g., selecting one knife over another in the kitchen for cooking, that has neither inherent ethic or no ethical consequence. Now, the ethic selected for consideration will affect whether you consider something to be of consequence. If, e.g., there is an ethical judgment on the Proper Utensils To Use, then that becomes of ethical consequence. Generally, societies consider actions such as killing adult humans to have inherent ethics.

                                                            Suppose we choose gcc or clang - then you are supporting, ever so mildly, one development philosophy & license over another. Those licenses are widely considered to have ethical entailments. The FSF has very strong ethical stances about licensing.

                                                            Now, with respect to empirical observations, I suggest weapons systems: they are an obvious technology which carries ethical implications. Other technology might be: AirBNB (affects housing), Uber (affects taxi operators), factory robots (replaces factory workers). Each of those affects jobs and thus the ability of many members of society to be fed and housed, a clear ethical question.

                                                            I hope those presents samples that adequately points towards the answer you are looking for.

                                                            1. 7

                                                              I would argue that there is a class of actions, e.g., selecting one knife over another in the kitchen for cooking, that has neither inherent ethic or no ethical consequence.

                                                              Interesting. Why do you believe that the methods that knife companies use to exploit their workers and the labor conditions of their employees would not be something to discuss? Do you believe that the environmental implications of importing knives from China rather than buying them locally has no ethical impact? What about the historical implications of Western expansion and influence in Japan, and the resulting western style Gyuto knives supplanting Sujihiki style kitchen knives? In fact, not only are there ethical implications, there are deep historical forces involved in your selection of kitchen knives.

                                                              Of course there are ethical considerations in picking kitchen knives. But you might not want someone to bring them up every time you try to discuss paring potatoes, because they may be considered to be off topic by some.

                                                              1. 4

                                                                Ah, this is the problem with language: I was contemplating grabbing one knife out of my kitchen bin versus another. “Selection” is a polymorphic verb over multiple objects dispatching… and yes, actual purchasing of knives exercises an ethical choice regarding the supply chain and who gets my infinitesimally small dollar choice.

                                                                It’s a bit tiring, as a friend said to me once, there is no ethical consumption under capitalism(even if you disagree with my Lefty friend there, you can get the spirit of the statement) - sometimes you do just need to get the Thing done. One has to care the appropriate amount, and respond in the proportional manner.

                                                                1. 10

                                                                  there is no ethical consumption under capitalism

                                                                  I’d go one step further: There’s no such thing as an unquestionably ethical action. The economic model doesn’t matter – everything is an ethical trade off. With that realization, it becomes clear that ethical debates can be shoehorned in anywhere, which is why a space where discussions on ethics are deemed off topic can be valuable.

                                                                  (Edit) High quality discussion on ethics would be interesting, but quality is subjective, and discussions are prone to turn into flame wars and shaming, especially in today’s internet climate, so I’d rather have them declared off topic, at least in this little corner.

                                                                  1. 8

                                                                    If politics is encouraged in every applicable thread (it is now) and I wanted to join that practice (I don’t), I could be calling folks out in many (sometimes most) threads here each day on ethics around employers, code maintenance, energy use, disposable products causing environmental harm, using tech that’s non-inclusive cuz few understand it or CPU/RAM requirements price out the poor, and so on. It would be ridiculous even when true since it distracts so much from the kinds of technical submissions that brought many people to Lobsters in the first place. Especially those actually building interesting stuff vs just submitting.

                                                                    It’s why I was for either ban on politics or a tag so it would be in specific threads folks could filter. Both got shot down. Here we are.

                                                          2. 6

                                                            You’re absolutely correct.

                                                            Hell, Portland State University’s CS program even has a requirement class “CS 305 Social, Ethical, and Legal Implications of Computing”[0]. I suspect this is not an anomoly..

                                                            1. https://www.pdx.edu/computer-science/cs305
                                                          1. 4

                                                            Swing Dancing (specifically Lindy Hop). There’s a surprisingly large (and very welcoming) scene in Seattle. I started off just taking lessons, eventually turned into a way to lose weight and eventually moved on to helping run events. I’d definitely recommend it if you get a chance to try it out.

                                                            1. 2

                                                              I’ve tried a bunch of different keyboard but seem to have settled on the WhiteFox running QMK (I did the original port based on the TMK version and have since pushed updates for newer revisions). I’ve got one at home and one at work, using the Zilent 67g switches (I find these nice to type on, and not too loud, though they’re a little squishy if you bottom out). Hilariously enough, even though I did the port, I use a fairly stock layout. I’m pretty sure it’s just the matt3o layout.

                                                              I’ve tried the Ergodox Infinity, Minivan, K-Type, CM Novatouch, Pok3r, Red Scarf II+ Ver. D (What a name), CM Quickfire Stealth, and the Zeal60… but I keep coming back to my WhiteFox.

                                                              I’ve got a testbed for my ergodox showcasing some of the weird things you can do with QMK at https://github.com/belak/ergodox-layout but I haven’t used this in a while. I’ve never been a great touch typist.

                                                              1. 2

                                                                We’ve done some work on prezto to improve performance as well. We ended up going with one of the tradeoffs mentioned with completion - only regenerate once a day.

                                                                I’ve also got my own set of utils that I’m slowly porting from prezto (https://github.com/belak/zsh-utils). I’ve found that both OMZ and prezto tend to do a ton of things I don’t want (which obviously slows it down) - there are plenty of instances where I just want a more sane version of the default config.

                                                                If you have suggestions or performance improvement ideas for either prezto or zsh-utils, definitely file an issue, submit a PR, or let me know. I’d be happy to take a look.

                                                                1. 6

                                                                  Besides the negative points discussed above, Atom is effectively the same tool as Sublime Text except it runs slower.

                                                                  I disagree with that statement. Sublime Text is great, I love its speed, but it has a bunch of tiny awkward details that Atom doesn’t have, and Atom has some cool features that Sublime Text doesn’t.

                                                                  From ST one of the things that bothers me the most is that it assumes I want to drag text that I’ve selected, which is false, actually I basically never want to drag text. This assumption means that I can’t select something and then re-select something inside that selection, because it assumes a drag is a text drag, not a selection.

                                                                  Another bit I find Atom does great is the splits, I love its approach. My favorite of any editor.

                                                                  Not that I use it a lot, but the Git support from Atom is great.

                                                                  I can’t figure out how to make ST’s subl command behave like I want. I want it to behave exactly like Atom’s:

                                                                  • subl . opens current dir in a window and nothing more
                                                                  • subl opens new window and nothing more
                                                                  • If a window is opened without a file, it just opens an empty window with no working dir

                                                                  Right now it also opens whatever old window I had open when I last closed ST, and I can’t find how to disable that.

                                                                  Also, to be fair, Atom has Teletype now. I haven’t used it, but it looks cool.

                                                                  I probably missed something, but I think I’ve done enough to show it’s not “the same”.

                                                                  1. 2

                                                                    The ‘drag selected text’ continually confounds me. I can’t imagine anyone finding that useful. The other thing is Eclipse and other IDEs dragging/dropping arbitrary objects in project/navigator views, “oops where’d that folder go?” It’s maddening.

                                                                    1. 3

                                                                      One always cuts and pastes, right? Who drags around a block of text..

                                                                      1. 1

                                                                        Have you tried going to preferences -> settings and addding/changing "drag_text" to false?

                                                                      2. 2

                                                                        The dragging thing is probably OS-specific. I don’t see it on my Ubuntu.

                                                                        1. 1

                                                                          It looks like there’s an undocumented option remember_open_files in ST. That combined with alias subl="subl -n" in your shell should get pretty close to the behavior you’re looking for.

                                                                        1. 23

                                                                          GitHub URLs are pretty badly designed.

                                                                          For example, /contact is their contact page, and /contactt is a user profile.

                                                                          Apparently, there’s a hardcoded list of ”reserved words” in the code, and when someone adds a new feature, they add the word/path segment there and check that it’s not taken by a user.

                                                                          So it could perhaps be the case that they’re adding some feature related to malware?

                                                                          1. 13

                                                                            That could very well be the case – and I’d be totally fine with that. I understand being coded into a corner, and wanting to fix things for the greater good at the expense of a few users.

                                                                            I just can’t figure out why, for the sake of “privacy and security”, they don’t want to tell me.

                                                                            1. 16

                                                                              I think this is absurd behavior on GitHub’s part, and you’re right to be upset by it.

                                                                              Since you do seem curious, I have a guess why they’re being so evasive, and it’s pretty simple: They’re a large organization. The person you’re talking to would probably need to get approval from both legal and PR teams to tell you about their product plan before it’s launched. I have no information on how busy GitHub’s lawyers and PR people are, but I would expect an approval like that to take a few weeks. Based on what they told you about the timeframe, it sounds like they want to launch their feature sooner than that.

                                                                              What I’d really like to know is whether this is a one-off, or whether they’ve done it to other people before. It seems like their URL scheme will require it pretty frequently…

                                                                              1. 7

                                                                                The person you’re talking to would probably need to get approval from both legal and PR teams to tell you about their product plan before it’s launched.

                                                                                Which is why I didn’t single out the support representative that contacted me; they clearly were not in the decision process for any of this, and I don’t want to cause them any undue grief/trouble past my first email reply asking for clarification.

                                                                                To be clear: I don’t really care about the malware username, other than it’s a pretty cool name. I’m more interested in the reason behind why the forced rename.

                                                                                Lots of people (read: salty News of Hacker commenters) say it’s obvious (wanting to reserve the /malware top level URL) and call me dumb for even asking, but no one has given me any evidence other than theories and suppositions. Which is great! I love thinking and hypothesizing.

                                                                                1. 5

                                                                                  I don’t have any documented evidence other than anecdotal, but when I worked at a similar company with an almost identical URL structure this was one of the hardest parts of launching a new top level feature. It turns out recognizable words make for good usernames… so it’s almost impossible to find one that’s still available when working on a new feature. The choice ends up being between picking a horrible URL or displacing one user to make it easier to find.

                                                                                  It’s also worth noting that GitHub has a habit of being very secretive about what they’re working on - it’s almost impossible to get information about known bugs which have been reported before, let alone information about a potential new feature.

                                                                                  I would be willing to bet that this is being done for something we’ll hear about in the next year or two.

                                                                            2. 11

                                                                              We made a team that was just the unicode pi symbol and GitHub assigned us the url /team/team.

                                                                              1. 4

                                                                                That’s a great unicode hack.

                                                                              2. 11

                                                                                The curse of mounting user paths directly to /. When in doubt, always put a namespace route on it.

                                                                                1. 6

                                                                                  That was my thought as well. I would imagine they want it as a landing page for some new feature or product.

                                                                                1. 32

                                                                                  In the Hacker News thread about the new Go package manager people were angry about go, since the npm package manager was obviously superior. I can see the quality of that now.

                                                                                  There’s another Lobster thread right now about how distributions like Debian are obsolete. The idea being that people use stuff like npm now, instead of apt, because apt can’t keep up with modern software development.

                                                                                  Kubernetes official installer is some curl | sudo bash thing instead of providing any kind of package.

                                                                                  In the meantime I will keep using only FreeBSD/OpenBSD/RHEL packages and avoid all these nightmares. Sometimes the old ways are the right ways.

                                                                                  1. 7

                                                                                    “In the Hacker News thread about the new Go package manager people were angry about go, since the npm package manager was obviously superior. I can see the quality of that now.”

                                                                                    I think this misses the point. The relevant claim was that npm has a good general approach to packaging, not that npm is perfectly written. You can be solving the right problem, but writing terribly buggy code, and you can write bulletproof code that solves the wrong problem.

                                                                                    1. 5

                                                                                      npm has a good general approach to packaging

                                                                                      The thing is, their general approach isn’t good.

                                                                                      They only relatively recently decided locking down versions is the Correct Thing to Do. They then screwed this up more than once.

                                                                                      They only relatively recently decided that having a flattened module structure was a good idea (because presumably they never tested in production settings on Windows!).

                                                                                      They decided that letting people do weird things with their package registry is the Correct Thing to Do.

                                                                                      They took on VC funding without actually having a clear business plan (which is probably going to end in tears later, for the whole node community).

                                                                                      On and on and on…

                                                                                      1. 2

                                                                                        Go and the soon-to-be-official dep dependency managment tool manages dependencies just fine.

                                                                                        The Go language has several compilers available. Traditional Linux distro packages together with gcc-go is also an acceptable solution.

                                                                                        1. 4

                                                                                          It seems the soon-to-be-official dep tool is going to be replaced by another approach (currently named vgo).

                                                                                        2. 1

                                                                                          I believe there’s a high correlation between the quality of the software and the quality of the solution. Others might disagree, but that’s been pretty accurate in my experience. I can’t say why, but I suspect it has to do with the same level of care put into both the implementation and in understanding the problem in the first place. I cannot prove any of this, this is just my heuristic.

                                                                                          1. 8

                                                                                            You’re not even responding to their argument.

                                                                                            1. 2

                                                                                              There’s npm registry/ecosystem and then there’s the npm cli tool. The npm registry/ecosystem can be used with other clients than the npm cli client and when discussing npm in general people usually refer to the ecosystem rather than the specific implementation of the npm cli client.

                                                                                              I think npm is good but I’m also skeptical about the npm cli tool. One doesn’t exclude the other. Good thing there’s yarn.

                                                                                              1. 1

                                                                                                I think you’re probably right that there is a correlation. But it would have to be an extremely strong correlation to justify what you’re saying.

                                                                                                In addition, NPM isn’t the only package manager built on similar principles. Cargo takes heavy inspiration from NPM, and I haven’t heard about it having a history of show-stopping bugs. Perhaps I’ve missed the news.

                                                                                            2. 8

                                                                                              The thing to keep in mind is that all of these were (hopefully) done with best intentions. Pretty much all of these had a specific use case… there’s outrage, sure… but they all seem to have a reason for their trade offs.

                                                                                              • People are angry about a proposed go package manager because it throws out a ton of the work that’s been done by the community over the past year… even though it’s fairly well thought out and aims to solve a lot of problems. It’s no secret that package management in go is lacking at best.
                                                                                              • Distributions like Debian are outdated, at least for software dev, but their advantage is that they generally provide a rock solid base to build off of. I don’t want to have to use a version of a python library from years ago because it’s the only version provided by the operating system.
                                                                                              • While I don’t trust curl | sh it is convenient… and it’s hard to argue that point. Providing packages should be better, but then you have to deal with bug reports where people didn’t install the package repositories correctly… and differences in builds between distros… and… and…

                                                                                              It’s easy to look at the entire ecosystem and say “everything is terrible” but when you sit back, we’re still at a pretty good place… there are plenty of good, solid options for development and we’re moving (however slowly) towards safer, more efficient build/dev environments.

                                                                                              But maybe I’m just telling myself all this so I don’t go crazy… jury’s still out on that.

                                                                                              1. 4

                                                                                                Distributions like Debian are outdated, at least for software dev,

                                                                                                That is the sentiment that seems to drive the programming language specific package managers. I think what is driving this is that software often has way too many unnecessary dependencies causing setup of the environment to build the software being hard or taking lots of time.

                                                                                                I don’t want to have to use a version of a python library from years ago because it’s the only version provided by the operating system.

                                                                                                Often it is possible to install libraries at another location and redirect your software to use that though.

                                                                                                It’s easy to look at the entire ecosystem and say “everything is terrible” but when you sit back, we’re still at a pretty good place…

                                                                                                I’m not so sure. I forsee an environment where actually building software is a lost art. Where people directly edit interpreted files in place inside a virtual machine image/flatpak/whatever because they no longer know how to build the software and setup the environment it needs. And then some language specific package manager for distributing these images.

                                                                                                I’m growing more disillusioned the more I read Hacker News and lobste.rs… Help me be happy. :)

                                                                                                1. 1

                                                                                                  So like squeak/smalltalk images then? Whats old is new again I suppose.

                                                                                                  http://squeak.org

                                                                                                  1. 1

                                                                                                    I’m not so sure. I forsee an environment where actually building software is a lost art. Where people directly edit interpreted files in place inside a virtual machine image/flatpak/whatever because they no longer know how to build the software and setup the environment it needs. And then some language specific package manager for distributing these images.

                                                                                                    You could say the same thing about Docker. I think package managers and tools like Docker are a net win for the community. They make it faster for experienced practitioners to setup environments and they make it easier for inexperienced ones as well. Sure, there is a lot you’ve gotta learn to use either responsibly. But I remember having to build redis every time I needed it because it wasn’t in ubuntu’s official package manager when I started using it. And while I certainly appreciate that experience, I love that I can just install it with apt now.

                                                                                                  2. 2

                                                                                                    I don’t want to have to use a version of a python library from years ago because it’s the only version provided by the operating system.

                                                                                                    Speaking of Python specifically, it’s not a big problem there because everyone is expected to work within virtual environments and nobody runs pip install with sudo. And when libraries require building something binary, people do rely on system-provided stable toolchains (compilers and -dev packages for C libraries). And it all kinda works :-)

                                                                                                    1. 4

                                                                                                      I think virtual environments are a best practice that unfortunately isn’t followed everywhere. You definitely shoudn’t run pip install with sudo but I know of a number of companies where part of their deployment is to build a VM image and sudo pip install the dependencies. However it’s the same thing with npm. In theory you should just run as a normal user and have everything installed to node_modules but this clearly isn’t the case, as shown by this issue.

                                                                                                      1. 5

                                                                                                        nobody runs pip install with sudo

                                                                                                        I’m pretty sure there are quite a few devs doing just that.

                                                                                                        1. 2

                                                                                                          Sure, I didn’t count :-) The important point is they have a viable option not to.

                                                                                                        2. 2

                                                                                                          npm works locally by default, without even doing anything to make a virtual environment. Bundler, Cargo, Stack etc. are similar.

                                                                                                          People just do sudo because Reasons™ :(

                                                                                                      2. 4

                                                                                                        It’s worth noting that many of the “curl | bash” installers actually add a package repository and then install the software package. They contain some glue code like automatic OS/distribution detection.

                                                                                                        1. 2

                                                                                                          I’d never known true pain in software development until I tried to make my own .debs and .rpms. Consider that some of these newer packaging systems might have been built because Linux packaging is an ongoing tirefire.

                                                                                                          1. 3

                                                                                                            with fpm https://github.com/jordansissel/fpm it’s not that hard. But yes, using the Debian or Redhat blessed was to package stuff and getting them into the official repos is def. painful.

                                                                                                            1. 1

                                                                                                              I used the gradle plugins with success in the past, but yeah, writing spec files by hand is something else. I am surprised nobody has invented a more user friendly DSL for that yet.

                                                                                                              1. 1

                                                                                                                A lot of difficulties when doing Debian packages come from policy. For your own packages (not targeted to be uploaded in Debian), it’s far easier to build packages if you don’t follow the rules. I like to pretend this is as easy as with fpm, but you get some bonus from it (building in a clean chroot, automatic dependencies, service management like the other packages). I describe this in more details here: https://vincent.bernat.im/en/blog/2016-pragmatic-debian-packaging

                                                                                                              2. 2

                                                                                                                It sucks that you come away from this thinking that all of these alternatives don’t provide benefits.

                                                                                                                I know there’s a huge part of the community that just wants things to work. You don’t write npm for fun, you end up writing stuff like it because you can’t get current tools to work with your workflow.

                                                                                                                I totally agree that there’s a lot of messiness in this newer stuff that people in older structures handle well. So…. we can knowledge share and actually make tools on both ends of the spectrum better! Nothing about Kubernetes requires a curl’d installer, after all.

                                                                                                              1. 2

                                                                                                                Maybe a dumb questions, but in semver what is the point of the third digit? A change is either backwards compatible, or it is not. To me that means only the first two digits do anything useful? What am I missing?

                                                                                                                It seems like the openbsd libc is versioned as major.minor for the same reason.

                                                                                                                1. 9

                                                                                                                  Minor version is backwards compatible. Patch level is both forwards and backwards compatible.

                                                                                                                  1. 2

                                                                                                                    Thanks! I somehow didn’t know this for years until I wrote a blog post airing my ignorance.

                                                                                                                  2. 1

                                                                                                                    PATCH version when you make backwards-compatible bug fixes See: https://semver.org

                                                                                                                    1. 1

                                                                                                                      I still don’t understand what the purpose of the PATCH version is? If minor versions are backwards compatible, what is the point of adding a third version number?

                                                                                                                      1. 3

                                                                                                                        They want a difference between new functionality (that doesn’t break anything) and a bug fix.

                                                                                                                        I.e. if it was only X.Y, then when you add a new function, but don’t break anything.. do you change Y or do you change X? If you change X, then you are saying I broke stuff, so clearly changing X for a new feature is a bad idea. So you change Y, but if you look at just the Y change, you don’t know if it was a bug-fix, or if it was some new function/feature they added. You have to go read the changelog/release notes, etc. to find out.

                                                                                                                        with the 3 levels, you know if a new feature was added or if it was only a bug fix.

                                                                                                                        Clearly just X.Y is enough. But the semver people clearly wanted that differentiation, they wanted to be able to , by looking only at the version #, know if there was a new feature added or not.

                                                                                                                        1. 1

                                                                                                                          To show that there was any change at all.

                                                                                                                          Imagine you don’t use sha1’s or git, this would show that there was a new release.

                                                                                                                          1. 1

                                                                                                                            But why can’t you just increment the minor version in that case? a bug fix is also backwards compatible.

                                                                                                                            1. 5

                                                                                                                              Imagine you have authored a library, and have released two versions of it, 1.2.0 and 1.3.0. You find out there’s a security vulnerability. What do you do?

                                                                                                                              You could release 1.4.0 to fix it. But, maybe you haven’t finished what you planned to be in 1.4.0 yet. Maybe that’s acceptable, maybe not.

                                                                                                                              Some users using 1.2.0 may want the security fix, but also do not want to upgrade to 1.3.0 yet for various reasons. Maybe they only upgrade so often. Maybe they have another library that requires 1.2.0 explicitly, through poor constraints or for some other reason.

                                                                                                                              In this scenario, releasing a 1.2.1 and a 1.3.1, containing the fixes for each release, is an option.

                                                                                                                              1. 2

                                                                                                                                It sort of makes sense but if minor versions were truly backwards compatible I can’t see a reason why you would ever want to hold back. Minor and patch seem to me to be the concept just one has a higher risk level.

                                                                                                                                1. 4

                                                                                                                                  Perhaps a better definition is library minor version changes may expose functionality to end users you did not intend as an application author.

                                                                                                                                  1. 2

                                                                                                                                    I think it’s exactly a risk management decision. More change means more risk, even if it was intended to be benign.

                                                                                                                                    1. 2

                                                                                                                                      Without the patch version it makes it much harder to plan future versions and the features included in those versions. For example, if I define a milestone saying that 1.4.0 will have new feature X, but I have to put a bug fix release out for 1.3.0, it makes more sense that the bug fix is 1.3.1 rather than 1.4.0 so I can continue to refer to the planned version as 1.4.0 and don’t have to change everything which refers to that version.

                                                                                                                            2. 1

                                                                                                                              I remember seeing a talk by Rich Hickey where he criticized the use of semantic versioning as fundamentally flawed. I don’t remember his exact arguments, but have sem ver proponents grappled effectively with them? Should the Go team be wary of adopting sem ver? Have they considered alternatives?

                                                                                                                              1. 3

                                                                                                                                I didn’t watch the talk yet, but my understanding of his argument was “never break backwards compatibility.” This is basically the same as new major versions, but instead requiring you to give a new name for a new major version. I don’t inherently disagree, but it doesn’t really seem like some grand deathblow to the idea of semver to me.

                                                                                                                                1. 2

                                                                                                                                  IME, semver itself is fundamentally flawed because humans are the deciders of the new version number and we are bad at it. I don’t know how many times I’ve gotten into a discussion with someone where they didn’t want to increase the major because they thought high major’s looked bad. Maybe at some point it can be automated, but I’ve had plenty of minor version updates that were not backwards compatible, same for patch versions. Or, what’s happened to me in Rust multiple times, is the minor version of a package incremented but the new feature depends on a newer version of the compiler, so it is backwards breaking in terms of compiling. I like the idea of a versioning scheme that lets you tell the chronology of versions but I’ve found semver to work right up until it doesn’t and it’s always a pain. I advocate pinning all deps in a project.

                                                                                                                                  1. 2

                                                                                                                                    It’s impossible for computers to automate. For one, semver doesn’t define what “breaking” means. For two, the only way that a computer could fully understand if something is breaking or not would be to encode all behavior in the type system. Most languages aren’t equipped to do that.

                                                                                                                                    Elm has tools to do at least a minimal kind of check here. Rust has one too, though not widely as used.

                                                                                                                                    . I advocate pinning all deps in a project.

                                                                                                                                    That’s what lockfiles give you, without the downsides of doing it manually.

                                                                                                                          1. 8

                                                                                                                            Regarding Table of Contents generation, what do you think about hxtoc(1) which is part of the HTML/XML utilities by the w3c?

                                                                                                                            Also, I’ve made a similar experience regarding a joyful discovery of CommonMark recently, but instead of using the parser you mention, I’ve taken up lowdown as my client of choice. I guess this is something it has in common with most C implementations of markdown, but especially when compared to pandoc, it was fast. It took me a fraction on a second to generate a website, instead of a dozen or more. So I guess, I wanted to see, what other clients you’ve looked into, for example discount, as an example of an another popular implementation.

                                                                                                                            1. 5

                                                                                                                              Hm, I’ve actually never heard of hxtoc, lowdown, or discount!

                                                                                                                              I haven’t been using Markdown regularly for very long. I started it using more when I started the Oil blog in late 2016. Before that, I wrote a few longer documents in plain HTML, and some in Markdown.

                                                                                                                              I had heard of pandoc, but never used it. I guess cmark was a natural fit for me because I was using markdown.pl in a bunch of shell scripts. So cmark pretty much drops right in. I know a lot of people use framework-ish static site generators, which include markdown. But I really only need markdown, since all the other functionality on my site is written with custom scripts.

                                                                                                                              So I didn’t really do much research! I just felt that markdown.pl was “old and smelly” and I didn’t want to be a hypocrite :-) A pile of shell scripts is pretty unhygienic and potentially buggy, but that is what I aim to fix with Oil :)

                                                                                                                              That said, a lot of the tools you mention do look like the follow the Unix philosophy, which is nice. I would like to hear more about those types of tools, so feel free to post them to lobste.rs :) Maybe I don’t hear about them because I’m not a BSD user?

                                                                                                                              1. 4

                                                                                                                                I had heard of pandoc, but never used it.

                                                                                                                                It’s a nice tool, and not only for working with Markdown, but tons of other formats too. But Markdown is kind of it’s focus… If you look at it’s manual, you’ll find that it can be very finely tuned to match ones preferences (such as enabling or disabling raw HTML, syntax highlighting, math support, BibLaTeX citations, special list and table formats, etc.). It even has output options that make it resemble other implementations like PHP Markdown Extra, GitHub-Flavored Markdown, MultiMarkdown and also markdown.pl! Furthermore, it’s written by John MacFarlane, who is one of the guys behind CommonMark itself. In fact if you look at the cmark contributers, he seems to be the most active maintainer.

                                                                                                                                I usually use pandoc to generate .epub files or to quickly generate a PDF document (version 2.0 supports multiple backends, besides LaTeX, such as troff/pdfroff and a few html2pdf engines). But as I’ve mentioned, it’s a bit slow, so I tend to not use it for simpler texts, like when I have to generate a static website.

                                                                                                                                I know a lot of people use framework-ish static site generators, which include markdown.

                                                                                                                                Yeah, pesonally I use zodiac which uses AWK and a few shell script wrappers. You get to choose the converter, which pipes some format it, and HTML out. It’s not ideal, but other than writing my own framework, it’s quite ok.

                                                                                                                                Maybe I don’t hear about them because I’m not a BSD user?

                                                                                                                                Nor am I, at least not most of the time. I learned about those HTML/XML utilities because someone mentioned them here on lobste.rs, and I was supprised to see how powerful they are, but just how seemingly nobody knows about them. hxselect to query specific elements in a CSS-fashion, hxclean as an automatic HTML corrector, hxpipe/hxunpipe converts (and reconverts) HTML/XML to a format that can be more easily parsed by AWK/perl scripts – certainly not useless or niche tools.

                                                                                                                                But I do have to admit that a BSD user influenced me on adopting lowdown, and since it fits my use-case, I stick by it. Nevertheless, I might take a look at cmark, since it seems interesting.

                                                                                                                              2. 2

                                                                                                                                Unfortunately, it looks like lowdown is a fork of hoedown which is a fork of sundown which was originally based on the markdown.pl implementation (with some optional extensions), and is most likely not CommonMark compliant. Pandoc is nice because it can convert between different formats, but it also has quite a few inconsistencies.

                                                                                                                                One of the biggest reasons I like CommonMark is because it aims to be an extremely solid, consistent standard that makes markdown more sane. It would be nice to see more websites move towards CommonMark, but that’s probably a long shot.

                                                                                                                                Definitely check out babelmark if you get a chance which lets you test different markdown inputs against a bunch of different parsers. There are a bunch of example divergences on the babelmark FAQ. The sheer variety of outputs for some simple inputs is precisely why CommonMark is useful as a standard.

                                                                                                                                1. 3

                                                                                                                                  Lowdown isn’t CommonMark conformant, although it has some bits in place. The spec for CommonMark is huge.

                                                                                                                                  If you’re a C hacker, it’s easy to dig into the source to add conformancy bit by bit. See the parser in document.c and look for LOWDOWN_COMMONMARK to see where bits are already in place. The original sundown/hoedown parser has been considerably simplified in lowdown, so it’s much easier to get involved. I’d be thrilled to have somebody contribute more there!

                                                                                                                                  In the immediate future, my biggest interest is in going an LCS implementation into the lowdown-diff algorithm. Right now it’s pretty ad hoc.

                                                                                                                                  (Edit: I’m the author of lowdown.)

                                                                                                                                  1. 2

                                                                                                                                    One of the biggest reasons I like CommonMark is because it aims to be an extremely solid, consistent standard that makes markdown more sane. It would be nice to see more websites move towards CommonMark, but that’s probably a long shot.

                                                                                                                                    I guess I can agree with you when it comes to websites like Stackoverflow, Github and Lobsters having Markdown formatting for comments and other text inputs, but I really don’t see the priority when it comes to using a not 100% CommonMark compliant tool for your own static blog generator. I mean, it’s nice, no doubt, as long as you don’t intentionally use uncertain constructs and don’t over-format your texts to make them more complicated than they have to be, I guess that most markdown implementations are find in this regard – speed on the other hand, is a different question.

                                                                                                                                    1. 1

                                                                                                                                      Are you saying that CommonMark should be used for comments on websites, but not for your own blog?

                                                                                                                                      I would say the opposite. For short comments, the ambiguity in Markdown doesn’t seem to be a huge problem, and I am somewhat comfortable with just editing “until it works”. I don’t use very many constructs anyway – links, bold, bullet points, code, and block code are about it.

                                                                                                                                      But blogs are longer documents, and I think they have more lasting value than most Reddit comments. So although it probably wasn’t strictly necessary to switch to cmark, I like having my blog in a format with multiple implementations and a spec.

                                                                                                                                      1. 3

                                                                                                                                        At least in my opinion, its useful everywhere, but more so for comments, because it removes differences in implementations. Often times the people using a static site generator are developers and can at least understand differences between implementations.

                                                                                                                                        That being said, I lost count of how many bugs at Bitbucket were filed against the markdown parser because the library used resolves differences by following what markdown.pl does. I still remember differences in bbcode parsing between different forums - moving to a better standard format like markdown has been a step in the right direction… I think CommonMark is the next step in the right direction.

                                                                                                                                        1. 1

                                                                                                                                          The point has already been brought up, but I just want to stress it again. You will probably have a feeling for how your markup parser works anyway, and you will write according. If your parser is commonmark compliant, that’s nice, but really isn’t the crucial point.

                                                                                                                                          On the other hand, especially if one likes to write longer comments, and uses a bit more than the basic markdown constructs on websites, having a standar to rely on does seem to me to offer an advantage, since you don’t necessary know what parser is running in the background. And if you don’t really use markdown, it doesn’t harm you after all.

                                                                                                                                  1. 3

                                                                                                                                    The duotone themes for atom do something similar to this. They aim to use the main colors for more important portions and muted colors for less important things, like builtins, etc.

                                                                                                                                    I’ve also experimented with this a little bit with https://github.com/belak/emacs-grayscale-theme. Unfortunately, the theming in emacs isn’t quite as flexible as atom, so it’s a bit limited.

                                                                                                                                    1. 1

                                                                                                                                      The workspaces idea is really interesting… it would be cool to see some sort of experimental interface built around it - use a single object store and somehow ensure that proper access controls are in place. I’ve played around with implementing a custom git-receive-pack and git-upload-pack using libgit2, but it’s a pretty large pain (or at least it was a year ago).

                                                                                                                                      One thing worth noting: at least for the storage portion, GitHub almost definitely does something similar to this. If you ever push a commit to a fork, you can access that commit through a URL in the main repo. My guess is that they specifically push the forking model so they can save on storage.

                                                                                                                                      As an example, you can take a look at these commits:

                                                                                                                                      1. 13

                                                                                                                                        Their main website (at least as far as I know) is still at https://geany.org/.

                                                                                                                                        It does seem odd to me that the .sexy domain is being used for any text editors.

                                                                                                                                        See also:

                                                                                                                                        1. 8

                                                                                                                                          Still cringey IMO

                                                                                                                                          1. 2

                                                                                                                                            I always thought the vim.sexy was more of a parody/satire of that style of site from a fan of the editor more than anything else.

                                                                                                                                          1. 3

                                                                                                                                            Bolt is a super useful, simple data store. I’ve written a small wrapper around it called nut to make it simple to store objects (by marshaling them to json, but it may make more sense to store them as gobs or protobufs in the future) rather than just bytes. It’s pretty experimental, but I’ve been using it in personal projects for a while.

                                                                                                                                            https://github.com/belak/nut/

                                                                                                                                            Also, bolt isn’t really being updated any more, but it’s still considered fairly stable. There’s a coreos fork called bbolt which aims to keep updating it.

                                                                                                                                            1. 1

                                                                                                                                              It is also worth mentioning that https://github.com/asdine/storm exists, and does JSON, gob and protobuf encoding. It also gives you a KV string store that handles the copying of bytes.

                                                                                                                                            1. 3

                                                                                                                                              But Zsh does have a visual mode! Don’t rebind v to something else. Pick something else: I use ‘^X^E’.

                                                                                                                                              I’ve seen this bind v to edit-command-line advice before, probably because oh-my-zsh does it. I can only guess that the existence of visual mode simply isn’t obvious because by default it is highlighted in a manner that is indistinguishable from the cursor. My advice is to pick something more obvious and set it in zle_hightlight. Note that much of the zsh documentation talks about the “region” which is emacs terminology.

                                                                                                                                              1. 2

                                                                                                                                                Does Zsh have a visual mode? If so it’s not on by default, or at least by default it’s not mapped to v in command mode. I also could not find any documentation on Zshell visual mode. Can you provide links to any documentation or articles on this? Closest thing I found was a Zshell plugin that implemented this behavior (https://github.com/b4b4r07/zsh-vimode-visual).

                                                                                                                                                1. 2

                                                                                                                                                  Go to http://zsh.sourceforge.net/Doc/Release/Zsh-Line-Editor.html or type man zshzle and search for the word “visual”. There are several references. The feature was added three years ago. In general for vi-mode I would recommend using at least 5.0.8 and preferably 5.1 or newer as a lot of vi/vim related improvements were made around the time of those releases. To verify, run zsh -f and try bindkey -a v and you should find v is bound to visual-mode. There’s also visual-line-mode for V and a visual keymap.

                                                                                                                                                  1. 1

                                                                                                                                                    Wow! How did I miss that?! That’s really nice, and much faster than opening Vim. I will remove my custom mapping and update the blog post accordingly.

                                                                                                                                                  2. 1
                                                                                                                                                    1. 1

                                                                                                                                                      I actually decided against using that vi plugin for some other reasons, so at least in theory v should be mapped to the default command.

                                                                                                                                                1. 1

                                                                                                                                                  We’ve got a few additional hacks in prezto you might be interested in: https://github.com/sorin-ionescu/prezto/blob/master/modules/editor/init.zsh

                                                                                                                                                  I don’t personally use it, but one of our regular contributors has submitted multiple improvements and if you have any other ideas, we’d love to hear them!

                                                                                                                                                  1. 1

                                                                                                                                                    Thanks! I’ll comb through it and see if I can find any other gems. I’m still pretty new to Vi mode so this blog posts pretty much sums up what I’ve learned so far.