1. 7

    One of the most impactful things we can do is learn about nuclear power so we stop being afraid of it, and then advocate for it.

    I happen to be French so my country’s electricity is already mostly nuclear. Thanks to that, we reject on average over 2x less CO2 than our German neighbours.

    1. 2

      “Eject” is what you mean.

      But actually “emit” is the best word.


      Reject is what girls who aren’t in love do to boys who are.

      Eject is what pilots do who are in falling planes.

      Emit is what the sun does with light.

      1. 2

        Yes, I meant emit, thank you. The French language uses either emit (émettre) or reject (rejeter), with a meaning similar to “produce waste”.

        1. 1

          Rejeter, like jeter in the sense of jete <ballet move>?

          1.  

            It’s the same word, but that’s because “jeter” means “to throw”.

    1. 8

      Does this really need to be on a site about technology? If I wrote “What can a software developer do about motorcycle safety?”, an article which explicitly opens with “this essay isn’t about technology”, would that be a good fit for lobsters?

      1. 11

        Motorcycle safety affects motorcyclists. Climate change affects everyone, terminally.

        1. 4

          “What can a software developer do about medicine”, then.

          (to be clear: I disagree with Wilhelm - IMO an article specifically targeting software developers which contains actionable advice is on-topic for the site - but I also think you’re misrepresenting their point).

          1. 3

            Medicine is a professional field that is difficult to impact without expertise. We are not facing extinction-level events due to (in)action in the field of medicine, so leaving the world’s best and brightest to continue their research is probably optimal. Climate change is a process everyone contributes to, in the small by our direct actions, and in the large by the people we choose to represent ourselves in governments.

            There should be a “What can an X do about climate change?”, for all values of X (including “software developer”), because it’s precisely by people not knowing how they, a lowly X, could possibly do to change the course of climate change that we’ll end up destroying life as we know it. This doesn’t apply to motorcycle safety, medicine, etc.

            1. 2

              Let’s try yet another comparison. First aid saves life. Everyone can learn it, and the more people do the more deaths will be averted. Nevertheless, is this website the right place for an article about cardiac massage?

              I am not saying I don’t want to see articles like that on lobste.rs though. Just that it is a valid question.

              1. 1

                First aid does not prevent an extinction-level event, so I fail to see how it is comparable…

          2. 2

            That’s clearly not my point. Lobsters is a computing-focused community centered around link aggregation and discussion, launched on July 3rd, 2012 (from the about page). What is computing-focused in this political article about climate change, which opens with “this essay isn’t about technology”? I don’t have any against fighting climate change, but this is so massively off-topic, so I ask: Is this a good fit for lobste.rs?

            1. 3

              Because most people here are software developers or have something to software development, and this article has to do with software developers? Just because the solution isn’t technical, doesn’t mean the question doesn’t have to be asked from and for our perspective.

              1. 3

                This article has practically nothing to do with software developers. You being a software developer changes nothing, remove any mention of software and the content of the article does not change in meaning or value.

              2. 1

                You’re right — if the article stopped halfway, I’d say it was off-topic. But once you hit the heading “It’s a good to be a software developer” that changes — it describes circumstances that apply to software developers, and reframes the question from “what do we do about climate change” to “what are software developers enabled to do about climate change that don’t apply generally to the broader population”. And I think that’s valuable to have!

                I know it’s a small part of the article, and I don’t think you’re wrong for questioning whether it belongs here, or even that you’re 100% wrong for saying it doesn’t, but I do believe that on balance it does.

                (Indeed, I think it’s really important to have the discussion of whether it belongs because we all want lobste.rs to keep being lobste.rs and not turn into a facsimile of HN/reddit/digg. The +49/-21 off-topic this article gets right now represents there’s maybe even a policy decision that should be made.)

          1. 5

            Lua […] no one really likes it

            I for one do :)

            1. 5

              I am not sure the author of the post really understands SQLAlchemy.

              SQLAlchemy is not an ORM, it is a “database toolkit” that includes an ORM (SQLAlchemy ORM) built on top of a schema-centric layer (SQLAlchemy Core) which is a very thin layer on top of SQL (and lets you execute raw SQL if you really need).

              SQLAlchemy was never designed to do everything through the ORM. It is perfectly fine to use Core for hard things. For instance, Alembic migrations typically don’t use the ORM models.

              1. 22

                I think people rely on JavaScript too much. With sourcehut I’m trying to set a good example, proving that it’s possible (and not that hard!) to build a useful and competitive web application without JavaScript and with minimal bloat. The average sr.ht page is less than 10 KiB with a cold cache. I’ve been writing a little about why this is important, and in the future I plan to start writing about how it’s done.

                In the long term, I hope to move more things out of the web entirely, and I hope that by the time I breathe my last, the web will be obsolete. But it’s going to take a lot of work to get there, and I don’t have the whole plan laid out yet. We’ll just have to see.

                I’ve been thinking about this a lot lately. I really don’t like the web from a technological perspective, both as a user and as a developer. It’s completely outgrown its intended use-case, and with that has brought a ton of compounding issues. The trouble is that the web is usually the lowest-common-denominator platform because it works on many different systems and devices.

                A good website (in the original sense of the word) is a really nice experience, right out of the box. It’s easy for the author to create (especially with a good static site generator), easy for nearly anyone to consume, doesn’t require a lot of resources, and can be made easily compatible with user-provided stylesheets and reader views. The back button works! Scrolling works!

                Where that breaks down is with web applications. Are server-rendered pages better than client-rendered pages? That’s a question that’s asked pretty frequently. You get a lot of nice functionality for free with server-side rendering, like a functioning back button. However, the web was intended to be a completely stateless protocol, and web apps (with things like session cookies) are kind of just a hack on top of that. The experience of using a good web app without JavaScript can be a bit of a pain with many different use cases (for example, upvoting on sites like this: you don’t want to force a page refresh, potentially losing the user’s place on the page). Security is difficult to get right when the server manages state.

                I’ll argue, if we’re trying to avoid the web, that client-side rendering (single-page apps) can be better. They’re more like native programs in that the client manages the state. The backend is simpler (and can be the backend for a mobile app without changing any code). The frontend is way more complex, but it functions similarly to a native app. I’ll concede poorly-built SPA is usually a more painful experience than a poorly-built SSR app, but I think SPAs are the only way to bring the web even close to the standard set by real native programs.

                Of course, the JavaScript ecosystem can be a mess, and it’s often a breath of fresh air to use a site like Sourcehut instead of ten megs of JS. The jury’s still out as to which approach is better for all parties.

                1. 11

                  (for example, upvoting on sites like this: you don’t want to force a page refresh, potentially losing the user’s place on the page)

                  Some of the UI benefits of SPA are really nice tbh. Reddit for example will have a notification icon that doesn’t update unless you refresh the page, which can be annoying. It’s nice when websites can display the current state of things without having to refresh.

                  I can’t find the video, but the desire for eliminating stale UI (like outdated notifications) in Facebook was one of the reasons React was created in the first place. There just doesn’t seem to be a way to do things like that with static, js-free pages.

                  The backend is simpler (and can be the backend for a mobile app without changing any code).

                  I never thought about that before, but to me that’s a really appealing point to having a full-featured frontend design. I’ve noticed some projects with the server-client model where the client-side was using Vue/React, and they were able to easily make an Android app by just porting the server.

                  The jury’s still out as to which approach is better for all parties.

                  I think as always it depends. In my mind there are some obvious choices for obvious usecases. Blogs work great as just static html files with some styling. Anything that really benefits from being dynamic (“reactive” I think is the term webdevs use) confers nice UI/UX benefits to the user with more client-side rendering.

                  I think the average user probably doesn’t care about the stack and the “bloat”, so it’s probably the case that client-side rendering will remain popular anytime it improves the UI/UX, even if it may not be necessary (plus cargo-culting lol). One could take it to an extreme and say that you can have something like Facebook without any javascript, but would people enjoy that? I don’t think so.

                  1. 17

                    But you don’t need to have a SPA to have notifications without refresh. You just need a small dynamic part of the page, which will degrade gracefully when JavaScript is disabled.

                    Claim: Most sites are mostly static content. For example, AirBNB or Grubhub. Those sites could be way faster than they are now if they were architected differently. Only when you check out do you need anything resembling an “app”. The browsing and searching is better done with a “document” model IMO.

                    Ditto for YouTube… I think it used to be more a document model, but now it’s more like an app. And it’s gotten a lot slower, which I don’t think is a coincidence. Netflix is a more obvious example – it’s crazy slow.

                    To address the OP: for Sourcehut/Github, I would say everything except the PR review system could use the document model. Navigating code and adding comments is arguably an app.

                    On the other hand, there are things that are and should be apps: Google Maps, Docs, Sheets.


                    edit: Yeah now that I check, YouTube does the infinite scroll thing, which is slow and annoying IMO (e.g. breaks bookmarking). Ditto for AirBNB.

                    1. 3

                      I’m glad to see some interesting ideas in the comments about achieving the dynamism without the bloat. A bit of Cunningham’s law in effect ;). It’s probably not easy to get such suggestions elsewhere since all I hear about is the hype of all the fancy frontend frameworks and what they can achieve.

                      1. 8

                        Yeah SPA is a pretty new thing that seems to be taking up a lot of space in the conversation. Here’s another way to think about it.

                        There are three ways to manage state in a web app:

                        1. On the server only (what we did in the 90’s)
                        2. On the server and on the client (sometimes called “progressive enhancement”, jQuery)
                        3. On the client only (SPA, React, Elm)

                        As you point out, #1 isn’t viable anymore because users need more features, so we’re left with a choice between #2 and #3.

                        We used to do #2 for a long time, but #3 became popular in the last few years.

                        I get why! #2 is is legitimately harder – you have to decide where to manage your state, and managing state in two places is asking for bugs. It was never clear if those apps should work offline, etc.

                        But somehow #3 doesn’t seem to have worked out in practice. Surprisingly, hitting the network can be faster than rendering in the browser, especially when there’s a tower of abstractions on top of the browser. Unfortunately I don’t have references at the moment (help appreciated from other readers :) )

                        I wonder if we can make a hybrid web framework for #2. I have seen a few efforts in that direction but they don’t seem to be popular.


                        edit: here are some links, not sure if they are the best references:

                        https://news.ycombinator.com/item?id=13315444

                        https://adamsilver.io/articles/the-disadvantages-of-single-page-applications/

                        Oh yeah I think this is what I was thinking of. Especially on Mobile phones, SPA can be slower than hitting the network! The code to render a page is often bigger than the page itself! And it may or may not be amortized depending on the app’s usage pattern.

                        https://medium.com/@addyosmani/the-cost-of-javascript-in-2018-7d8950fbb5d4

                        https://news.ycombinator.com/item?id=17682378

                        https://v8.dev/blog/cost-of-javascript-2019

                        https://news.ycombinator.com/item?id=20317736

                        1. 3

                          A good example of #2 is Ur/Web. Pages are rendered server-side using templates which looks very similar to JSX (but without the custom uppercase components part) and similarly desugars to simple function calls. Then at any point in the page you can add a dyn tag, which takes a function returning a fragment of HTML (using the same language as the server-side part, and in some cases even the same functions!) that will be run every time one of the “signals” it subscribes to is triggered. A signal could be triggered from inside an onclick handler, or even from an even happening on the server. This list of demos does a pretty good job at showing what you can do with it.

                          So most of the page is rendered on the server and will display even with JS off, and only the parts that need to be dynamic will be handled by JS, with almost no plumbing required to pass around the state: you just need to subscribe to a signal inside your dyn tag, and every time the value inside changes it will be re-rendered automatically.

                          1. 2

                            Thanks a lot for all the info, really helpful stuff.

                        2. 5

                          Reddit for example will have a notification icon that doesn’t update unless you refresh the page, which can be annoying. It’s nice when websites can display the current state of things without having to refresh.

                          On the other hand, it can be annoying when things update without a refresh, distracting you from what you were reading. Different strokes for different folks. Luckily it’s possible to fulfill both preferences, by degrading gracefully when JS is disabled.

                          I think the average user probably doesn’t care about the stack and the “bloat”, so it’s probably the case that client-side rendering will remain popular anytime it improves the UI/UX, even if it may not be necessary (plus cargo-culting lol).

                          The average user does care that browsing the web drains their battery, or that they have to upgrade their computer every few years in order to avoid lag on common websites. I agree that we will continue see the expansion of heavy client-side rendering, even in cases where it does not benefit the user, because it benefits the companies that control the web.

                          1. 1

                            Some of the UI benefits of SPA are really nice tbh. Reddit for example will have a notification icon that doesn’t update unless you refresh the page, which can be annoying. It’s nice when websites can display the current state of things without having to refresh.

                            Is this old reddit or new reddit? The new one is sort of SPA and I recall it updating without refresh.

                            1. 3

                              Old reddit definitely has the issue I described, not sure about the newer design. If the new reddit doesn’t have that issue, that aligns with my experience of it being bloated and slow to load.

                          2. 12

                            example, upvoting on sites like this: you don’t want to force a page refresh, potentially losing the user’s place on the page

                            There are lots of ways to do this. Here’s two:

                            1. You can use an iframe for the upvote link, and have the state change just reload the frame.
                            2. If you don’t need feedback, you can also use a button with a target= to a hidden iframe.

                            Security is difficult to get right when the server manages state.

                            I would’ve thought the exact opposite. Can you explain?

                            1. 7

                              In the case where you have lots of buttons like that isn’t loading multiple completely separate doms and then reloading one or more of them somewhat worse than just using a tiny bit of js? I try to use as little as possible but I think that kind of dynamic interaction is the use case js originally was made for.

                              1. 7

                                Worse? Well, iframes are faster (marginally), but yes I’d probably use JavaScript too.

                                I think most NoScript users will download tarballs and run ./configure && make -j6 without checking anything, so I’m not sure why anyone wants to turn off JavaScript anyway, except for maybe because adblockers aren’t perfect.

                                That being said, I use NoScript…

                              2. 4

                                I’m not sure if this would work, but an interesting idea would be to use checkboxes that restyle when checked, and by loading a background image with a query or fragment part, the server is notified of which story is upvoted.

                                1. 2

                                  That’d require using GET, which might be harder to prevent accidental upvotes. Could possibly devise something though.

                              3. 4

                                One thing I really miss with SPA’s (when used as apps), aside from performance, is the slightly more consistent UI/UX/HI that you generally get with desktop apps. Most major OS vendors, and most oss desktop toolkits, at least have some level of uniformity of expectation. Things like: there is a general style for most buttons and menu styles, there are some common effects (fade, transparency), scrolling behavior is more uniform.

                                With SPAs… well, good luck! Not only is it often browser dependent, but matrixed with a myriad JS frameworks, conventions, and render/load performance on top of it. I guess the web is certainly exciting, if nothing else!

                                1. 3

                                  I consider the “indented use-case” argument a bit weak, since for the last 20 years web developers, browser architects and our tech overlords have been working on making it work for applications (and data collection), and to be honest it does so most of the time. They can easily blame the annoyances like pop-ups and cookie-banners on regulations and people who use ad blockers, but from a non technical perspective, it’s a functional system. Of course when you take a look underneath, it’s a mess, and we’re inclined to say that these aren’t real websites, when it’s the incompetence of our operating systems that have created the need to off-load these applications to a higher level of abstraction – something had to do it – and the web was just flexible enough to take on that job.

                                  1. 4

                                    You’re implying it’s Unix’s fault that the web is a mess but no other OS solved the problem either? Perhaps you would say that Plan 9 attempted to solve part of it, but that would only show that the web being what it is today isn’t solely down to lack of OS features.

                                    I’d argue that rather than being a mess due to the incompetence of the OS it’s a mess due to the incremental adoption of different technologies for pragmatic reasons. It seems to be this way sadly, even if Plan 9 was a better Unix from a purely technological standpoint Unix was already so widespread that it wasn’t worth putting the effort in to switch to something marginally better.

                                    1. 7

                                      No, I don’t think Plan 9 would have fixed things. It’s still fundamentally focused on text processing, rather than hypertext and universal linkability between objects and systems – ie the fundamental abstractions of an OS rather than just it’s features. Looking at what the web developed, tells us what needs were unformulated and ultimately ignored by OS development initiatives, or rather set aside for their own in-group goals (Unix was a research OS after all). It’s most unprobable that anyone could have foreseen what developments would take place, and even more that anyone will be able to fix them now.

                                  2. 2

                                    From reading the question of the interviewer I get the feeling that it’s easy for non technical users to create a website using wordpress. Adding many plugins most likely leads to a lot of bloaty JavaScript and CSS.

                                    I would argue that it’s a good thing that non technical users can easily create website but the tooling to create it isn’t ideal. For many users a wysiwyg editor which generates a static html page would be fine but such a tool does not seem to exists or isn’t known.

                                    So I really see this as a tooling/solution problem, which isn’t for users to solve but for developers to create an excellent wordpress alternative.

                                    1. 2

                                      I am not affiliated to this in any way but I know of https://forestry.io/ which looks like what you describe. I find their approach quite interesting.

                                    2. 0

                                      for example, upvoting on sites like this: you don’t want to force a page refresh, potentially losing the user’s place on the page)

                                      If a user clicks a particular upvote button, you should know where on that page it is located, and can use a page anchor in your response to send them back to it.

                                      1. 1

                                        It’s not perfectly seamless, sadly, and it’s possible to set up your reverse proxy incorrectly enough to break applications relying on various http headers to get exactly the right page back.

                                    1. 5

                                      Any good technical summary of how it’s different from IMAP?

                                      Could the same thing be done as an IMAP extension, but they wanted to convert everything to JSON?

                                      1. 4

                                        A few differences with IMAP are mentioned in https://fastmail.blog/2014/12/23/jmap-a-better-way-to-email/

                                        Basically this is strongly inspired by IMAP + what GMail does.

                                        The people behind this know IMAP very well. Chris Newman is a co-author of the spec, and the Fastmail people are maintaining Cyrus which is one of the major IMAP servers.

                                      1. 3

                                        Learning how to brew beer, by actually brewing 20L with professionals. The course was a (very welcome) birthday present from my brother.

                                        1. 9

                                          Congratulations on shipping, how exciting for you!

                                          I would remove the Personal / $3 tier and instead offer a 14 day trial period that does not require a credit card. The $30 Business price is in the ballpark. Consumers don’t buy services, businesses don’t want to bother with anything that costs less than the morning coffee. IMO.

                                          1. 4

                                            And you could easily add a $99/mo Enterprise tier which promises GDPR compliance. It might be exactly the same as your Business tier; all they are buying is the assurance it’s compliant and your willingness to deal with that headache.

                                            1. 2

                                              The entire GDPR doesn’t even apply right now as no personal data is collected at all. This might change in the future (although it’s a good selling point, IMO), but right now I’m not sure what promising “GDPR compliance” would entail?

                                              I would remove the Personal / $3 tier and instead offer a 14 day trial period that does not require a credit card. The $30 Business price is in the ballpark. Consumers don’t buy services, businesses don’t want to bother with anything that costs less than the morning coffee. IMO.

                                              The reason I added that right now there are surprisingly few options outside of Google analytics that are in an acceptable price range for consumers (basically, none). If there was a service like this for $3/month I probably would have paid it, instead of making this. But maybe that’s just me…

                                              I should probably make it a bit clearer that it’s for personal use, only.

                                              1. 6

                                                To be fair, the worrying about what “promising GDPR compliance” is what you’re charging the extra $69 for. It may be nothing, but you took the time to worry about it.

                                                1. 3

                                                  I might be wrong but I believe you’re still required to respond to GDPR queries (e.g. “No, we don’t have any data on you”). Might be straightforward but someone has to respond to that email.

                                              2. 2

                                                As a counterpoint, I think a simple service like this is great for personal users, but if you are a business you might want more features?

                                                1. 1

                                                  It looks like the value proposition is similar to Fathom and Simple Analytics so you can use their pricing as a benchmark as well.

                                                1. 3

                                                  Things of note:

                                                  • Before anyone says “blockchain”: no, blockchains don’t solve e-voting issues, and this system is actually an Ethereum smart contract.

                                                  • The author is a researcher at Loria Nancy (France) which I consider to be one of the best teams in the world on this topic. Among other things he worked on Belenios.

                                                  1. 13

                                                    Federated Gitea (or even better, some sort of open federated git protocol) would be very interesting.

                                                    1. 3

                                                      This really piqued my interest as well. Does anyone know more about the current state of federated gitea and what the future plans are?

                                                      1. 3

                                                        I’m reminded of git-ssb, which at first glance seems to be what you want.

                                                        1. 5

                                                          Another similar project is http://www.radicle.xyz (but I agree, P2P not federated).

                                                          1. 5

                                                            Federation isn’t P2P. They’re similar in some ways, and quite unlike in others.

                                                            1. 1

                                                              Yeah, git-ssb is a neat project! I checked it out a few years ago and I remember having some kind of issue with it. Maybe cross-device identity or something? I suppose I should revisit it.

                                                              1. 1

                                                                SSB in general doesn’t support cross-device identity at all, but leaves the problem of identifying two different public keys as the same “identity” to higher level applications. There are several solutions in the roadmap, but nothing definite for now.

                                                          1. 4

                                                            I don’t use Lisp, but I know Platform.SH and Ori in particular. They’re great people and I am excited they are adding languages like this to the platform, it gives me some hope for first class Lua support someday. :)

                                                            1. 4

                                                              At work: most people are on holiday in France, and as usual I take the opportunity to work on touchy topics without interruption and with low service disruption impact. This time it includes a large DB schema migration, among other things.

                                                              At home: my s.o. is on holiday as well, so I take advantage of the free time to play Fire Emblem Three Houses.

                                                              1. 8

                                                                I use Fastmail, which doesn’t support wrapping. I don’t think it’s a particularly good idea to wrap at 72 chars (it is a display preference so it should be a receiver-side matter), but on lists where that’s the norm I just compose the email in my text editor and use the reflow feature.

                                                                1. 5

                                                                  When you’re in the webmail editor in Fastmail and you’re in plain text mode, you can hit C-m to hard-wrap the email. When I get some time I’ll send a patch to the website to add this info.

                                                                  As for format=flowed they said it wasn’t worth implementing 2 years ago, but things could change.

                                                                  1. 4

                                                                    And thanks to hard wraps, the e-mail will be harder to read on non-standard resolutions like in mobile phones.

                                                                    1. 1

                                                                      I think the vast majority of the email clients mentioned on the website do hard wraps, no? The only alternative to hard wraps is format=flowed AFAIK (tell me if I’m wrong) and, based on Fastmail’s 2 years-old blog post, it sounds like very few clients implement it?

                                                                      1. 1

                                                                        Yes, lots of software does hard wraps, but that doesn’t make it a good thing. I’m often using NeoMutt with Vim, but I specifically disable hard wraps, I’m enabling only soft wraps.

                                                                        1. 1

                                                                          “soft wraps” is when the receiving client does text wrapping, just like any text editor, right? (i.e. the sender didn’t include any line returns in their paragraphs?). I’m confused as to why this isn’t the recommended default? (i.e. make people send email without line returns, and configure their client to do soft wrapping).

                                                                          For example, the author of the plaintext.email website asks people to hard-wrap their emails when sending to sourcehut mailing lists, when it seems to me it would be vastly superior to let receiving clients do soft wrapping on the fly so that it works with any type of display width? Am I missing something?

                                                                          1. 1

                                                                            If you’re missing anything, then I’m missing the same thing as well. I see no reason why the client shouldn’t be able to perform soft wrapping by its own.

                                                                            Using 80x25 terminal? No problem, I’ll wrap the text for you to fit your current terminal. Using variable font width and a mobile phone? No problem, I’ll just wrap the text for you accordingly.

                                                                            I mean, Lobste.rs comment box does soft wraps and there are no problems with that. I.e. I can’t imagine why anyone would want to enable hard wraps in Lobste.rs comment box? Similar to this, I don’t see why anyone would want to enable hard wraps in e-mails as well. If some software doesn’t support soft wrapping, it seems it’s a broken software, because vast majority of e-mail applications DO support soft-wraps.

                                                                            One weak argument could be used that it’s more convenient to read text when it’s placed inside a column instead of spanned across large wide-screen monitor. But then you can just instruct your software to wrap the email to 80 characters and you’re done, no need to include CR/LF inside the e-mail. And if one’s software doesn’t support it, just resize the window and you’re done!

                                                                            As for plaintext.email website, the author has lots of opinions that are directly opposite to mine, so I can’t really explain the rationale for most of the arguments :)

                                                                            1. 1

                                                                              I can’t imagine why anyone would want to enable hard wraps in Lobste.rs comment box?

                                                                              If you read a suitably nested comment thread on mobile, you end up with a word a line, then a few letters on a line. This would be a good reason to not infinitely soft wrap.

                                                                    2. 1

                                                                      I just tried this and it works great, thank you for the information!

                                                                  1. 4

                                                                    The lead author of Lua authored one of the main PEG libraries (http://www.inf.puc-rio.br/~roberto/lpeg/). It is widely used in the community for a lot of things, however the parser of Lua itself is still custom, hand-written C. The reason is mostly performance, I think: storing data as Lua source code used to be very common, and I there are still code bases out there that evaluate 100 MB files regularly.

                                                                    1. 1

                                                                      I personally haven’t heard about many 100 MB Lua scripts, although I did find a parsing related bug with an 80 MB script that caused performance problems.

                                                                      I use LPEG a lot—to the point where I tend to use it over the build in Lua patterns (which are somewhat like regular expressions). I even used it at work for real time processing of SIP messages and we really haven’t had performance issues dealing with millions of calls per day. The killer feature for me? LPEG expressions are composable which makes it easier to write and test grammars.

                                                                    1. 6

                                                                      A blog post by the author of the Janet programming language on the topic of PEGS and how they work:

                                                                      https://bakpakin.com/writing/how-janets-peg-works.html

                                                                      1. 5

                                                                        I think https://leafo.net/guides/parsing-expression-grammars.html is a good introduction as well, more from a user’s point of view.

                                                                      1. 18
                                                                        1. Bellard is as impressive as always.

                                                                        2. Someone found a use-after-free.

                                                                        1. 8

                                                                          A bit of context on the ‘someone’ for those interested: qwertyoruiop is the individual who created (half of) the Yalu jailbreak for iOS 10, and has contributed to many other big jailbreaking releases for both iOS and other platforms (e.g., PS4).

                                                                          1. 2

                                                                            I don’t understand that use after free. Isn´t that a legit use of js? That is: isn’t the interpreter doing what it is supposed to do? Or not?

                                                                            1. 1

                                                                              use after free is using the content of a pointer after the memory of it was released, allowing writing at any part of the process running the javascript interpreter. It means, that it allow going outside of the javascript sandbox and as such allow for a webpage taking full control of your computer. As any important security bug, it is a way for any virus or malware to install itself on a computer.So definitely it is not a legit use of js.

                                                                              1. 1

                                                                                i was asking if the use after free bug is JS or in the interpreter.

                                                                                1. 2

                                                                                  The bug is in the interpreter here. The JS in the link is a proof-of-concept exploit for the bug.

                                                                          2. 1

                                                                            This is a quick reminder that script VMs are hard to develop, especially for complexe PLT such as JavaScript. Never ever run arbitrary code in those kind of interpreter, even if you believed you hardened it by removing privileged functions or I/Os. FWIW, don’t even try to run to run arbitrary code in widely used engine such as spidermonkey or V8 if they are not sandboxed. RCE still get found every now and then.

                                                                          1. 11

                                                                            Might be more useful to discuss which applications really benefit from a GUI, besides a browser. I find a GUI DB client to be indispensable for doing basically anything with a database, for example.

                                                                            1. 1

                                                                              I’ve never used a GUI DB client. Any recommendations?

                                                                              1. 4

                                                                                I’ve been using jetbrains DataGrip for years and it’s been great. My day to day stuff is in vim and I don’t really use anything else from jetbrains but datagrip has been really good.

                                                                                1. 3

                                                                                  Need to chime in here, been using Data Grip (previously know as 0xDBE) since the early alpha around 2013/14 and it’s been a game changer for me, no other DB-IDE comes close in my opinion. However pg-cli is great for quick queries.

                                                                                2. 2
                                                                                  1. 2

                                                                                    For OS X, TablePlus is my current favorite.

                                                                                1. 13

                                                                                  Reading this made realize I don’t see myself in any of the 3 groups. I’m probably closest to a “maker”, however, the author seems to tie that somewhay to UI and “front-end”.

                                                                                  I work on line-of-business systems that tend to be large and complex. In that, I most consider myself a modeler. I’m primarily about modeling systems, real and imagined, into a working program, but not through the lens of a UI (or a relational database model).

                                                                                  Instead, I see functional requirements for a large, complex system being implemented in an object-oriented “domain model”.

                                                                                  Am I just a dinosaur, and lonely group of one, these days?

                                                                                  1. 39

                                                                                    Am I just a dinosaur, and lonely group of one, these days?

                                                                                    I think the author is just wrong. People really like putting things into neat little boxes, but I would guess there are more than 3 types of programmers out there.

                                                                                    1. 15

                                                                                      I’m going to go one further and say these 3 “tribes” are just different ways of thinking that anyone can adopt at any time, or depending on the situation. I could plausibly claim membership of a different tribe every hour of the working day.

                                                                                      1. 7

                                                                                        To me, that flexibility is one of the most rewarding things of the profession: I can inhabit the mindset that best fits the problem I’m currently faced with, and I find my best ideas often by flipping to another perspective.

                                                                                        1. 5

                                                                                          Indeed, in fact the thing that would most likely make me say someone isn’t a “real programmer” is not their membership in the “wrong tribe”, but rather their inability to switch between all three of these modes as appropriate.

                                                                                          1. 2

                                                                                            I think the difficulty lies in that the initial discovery of each tribe is met with the revelation of, “ah, I’ve found the way to build software.” Then you sit with it for a few years and start to see the weak spots.

                                                                                        2. 12

                                                                                          Agreed. This is an arbitrary distinction and many programmers don’t tend to fall neatly into one category or the other. As a Scheme implementor, I believe “camps” 1 and 2 are not mutually exclusive, and in fact there’s a long history of programming language implementation research that tries to bridge the gap between beautiful mathematical constructs and how to make a machine execute it as fast as possible. In fact, this is the most interesting part of PL implementation!

                                                                                          1. 3

                                                                                            not to mention programming language and library design as the user interface you present to other developers.

                                                                                            1. 4

                                                                                              Absolutely, that’s more the “craft” or engineering aspect of programming, which fits better in the third “tribe” from the article. You need to be able to work on and balance all three aspects, really :)

                                                                                          2. 4

                                                                                            I agree with that. Furthermore, categorizing in general throws away information and that may or may not be suitable depending on the context. Perhaps a better approach would be to identify different traits of programmers and treat each of them as a continuous variable. Based on that it would be possible to categorize less arbitrarily (e.g. by finding clusters in the data). This would be a more data-driven approach and one would obviously need a representative dataset for that.

                                                                                          3. 11

                                                                                            No. As an experienced software person, you simply have to divide your time into multiple heads-paces.

                                                                                            Sometimes you can really appreciate something like this:

                                                                                            qs([H|T])->qs([X||X<-T,X<H])++[H]++qs([X||X<-T,X>=H]);qs([])->[].
                                                                                            

                                                                                            Other times, you might just do lists:sort(A++B), and yet still other times you would be like no you really can get away with lists:merge(A,lists:sort(B)).

                                                                                            That’s ok. It doesn’t make you alone, but it can be lonely: Most teams in my experience have just one of you, and even in a large company there are likely to be very few of you.

                                                                                            The article may be written by someone just discovering these different head-spaces exist and jumping to the conclusion that they fit a taxonomy, instead of more like a venn-diagram of considerations that go into implementation and design. That’s unfortunate, but it doesn’t mean there isn’t some good stuff to think about.

                                                                                            1. 5

                                                                                              I think this post would make more sense if it focused less on UI and more on shipping things. This would also avoid the awkwardness of writing “Bret Victor” below this:

                                                                                              How the code interacts with humans is a separate consideration from its implementation. Beautiful code is more important than beautiful UI.

                                                                                              I think I am personally a bit of all three, naturally trending more towards 1 but trying to be more like 3.

                                                                                              1. 3

                                                                                                Yeah, I had a similar feeling when reading this. I have mostly worked on HPC systems which are used for scientific simulations, and my primary concern is helping scientists do that. I write software in the course of building and maintaining those systems, but if I could make “simulate scientific problems” work without writing any software, I’d do that instead.

                                                                                                Or, as a friend of mine put it: computers are just a means, not an end.

                                                                                                1. 1

                                                                                                  Reading this made realize I don’t see myself in any of the 3 groups.

                                                                                                  I’m glad I came to the comments and saw this as the first line of the first comment. I absolutely feel the same way.

                                                                                                1. 2

                                                                                                  User authentication / authorization as a service.

                                                                                                  1. 3

                                                                                                    Table inheritence is too much of magic as far as i know

                                                                                                    1. 1

                                                                                                      posgresql seems agree with me: “Don’t use table inheritance. If you think you want to, use foreign keys instead.” (from another thread:https://wiki.postgresql.org/wiki/Don%27t_Do_This )

                                                                                                      1. 1

                                                                                                        It used to be, because it required a lot of machinery to set up, with triggers and whatnot. Nowadays it’s quite straightforward to set up with native support. The use cases are limited, and you need good support in your framework, which is rare.

                                                                                                        1. 1

                                                                                                          I looked at it last month, for use with SQLAlchemy, but decided against it because of the issue with indices and unique constraints. Moreover I may want to access the same database with other tools in the near future (e.g. Forest) and they may not support it. I went with joined table inheritance instead.