1. 1

    Really excited to see this based on the discussion I’ve been having with some folks on Twitter.

    I’ve used Nom a bunch and am slowly becoming comfortable enough to prefer it to Pest for smallish projects. However, based on the above, I really don’t know how to think of it for language-related applications any more. I have lots of introspection to do and even more consideration to give this topic.

    Either way, kudos to the nom team!

    1. 2

      nom is really good at parsing binary formats. It can have decent error messages too.

      For programming languages, I would start with a PEG parser (one that can still produce decent error messages, such as lpeglabel - there is a nom-based PEG parsing library but I have never used it).

      If the language becomes really popular I suppose I might move to a hand-written parser, but I’d maintain both to make sure the language has a proper grammar, and also because the grammar can often be easier to use in third party tools.

      1. 1

        make sure the language has a proper grammar,

        What a good point!

    1. 7

      I prefer LMDB’s approach (described in this 2012 paper.) I am not an expert on this stuff, although I’ve been building my own B-tree storage manager for a few weeks, so I’m learning rapidly. Durability is hard!

      TL;DR: SQLite either updates the file in place but saves copies of the overwritten pages for rollback, or writes to a temporary log file and periodically flushes it by doing the above. LMDB treats pages as copy-on-write, although once a page has been copied once it can then be overwritten while in the same transaction. It does some very clever free-page management to provide MVCC.

      In practice LMDB is a lot faster than SQLite. There was a proof-of-concept project that replaced SQLite’s b-tree engine with LMDB and sped it up a lot, but sadly it was an old version and wasn’t kept up to date.

      1. 8

        In practice LMDB is a lot faster than SQLite.

        I feel like this needs some qualifications. There are many dimensions to performance (read vs. write, physical media like SSD, NVMe, etc.), and also hard tradeoffs that different projects reconcile in different ways (durability vs. performance).

        I’m not an expert either but these comments give more color on the subtleties:


        Some people say LMDB loses ACID semantics to be fast in certain situations; some people say RockDB (LevelDB fork) is massively faster, etc.

        It’s very easy to make a proof of concept that’s faster (namely because it doesn’t have to work all the time, and because you probably don’t know if it doesn’t work all the time!).

        1. 1

          I think you’re referring to this comment about ACID:

          • LMDB by default provides full ACID semantics, which means that after every key-value write committed, it needs to sync to disk. Apparently if this happens tens of times per second, your system performance will suffer.
          • LMDB provides a super-fast asynchronous mode (MDB_NOSYNC), and this is the one most often benchmarked. Writes are super-fast with this. But a little known fact is that you lose all of ACID[…]

          Yes, just like SQLite, commits are expensive because they provide durability. But the performance of commits (the full disk flush) isn’t nearly as bad with SSDs. If you find it a problem, you can leave a transaction open and just commit-and-reopen periodically; at worst you’ll lose changes in the latest transaction.

          You might also check out libMDBX, a fork of LMDB with a lot of optimizations and improvements. I was working with it last year, because development of LMDB itself seems to have stopped or stalled since 2015.

        2. 6

          The LumoSQL project has benchmarks for most SQLite variants. Apparently the SQLite LSM tree has improved a lot and is now competitive with the LMDB backend.

          1. 2

            The SQLite LSM tree is in limbo, last I heard. It was part of a “SQLite 4 prototype that was abandoned in 2014. It’s not used in SQLite 3, unless there was a recent announcement I’ve missed.

            1. 4

              It was ported as an SQLite 3 extension in 2017, discussed here. There’s a short 2020 mailing list thread on it that suggests it’s still maintained, but not under active development due to little user interest so far.

              1. 2

                Yeah right, I actually meant to say the default KV store.

                By January 2020 the LumoSQL project concluded: Howard’s 2013 performance work is reproducible SQLite’s key-value store improved in performance since 2013, getting close to parity with LMDB by some measures

            2. 2

              Thank you for the link to the LMDB paper!

            1. 1

              I had an access to the Web pretty late. The oldest thing I could still find is some help pages in a French Linux wiki (Lea Linux) I wrote in the early 2000s. Sadly the website did a migration since then so the history is lost, but this one talks about Mandrake 9.1 so it was in 2003.

              It might be possible to find some emails I sent to mailing lists in 2000 / 2001, but I couldn’t.

              As for the oldest website / source code I wrote that’s still online, it’s probably this from 2004. Terrible, terrible code (with variable names in French), but still my “madeleine de Proust” (https://github.com/catwell/iatax).

              1. 78

                It would help if Firefox would actually make a better product that’s not a crappy Chrome clone. The “you need to do something different because [abstract ethical reason X]” doesn’t work with veganism, it doesn’t work with chocolate sourced from dubious sources, it doesn’t work with sweatshop-based clothing, doesn’t work with Free Software, and it sure as hell isn’t going to work here. Okay, some people are going to do it, but not at scale.

                Sometimes I think that Mozilla has been infiltrated by Google people to sabotage it. I have no evidence for this, but observed events don’t contradict it either.

                1. 24

                  It would help if Firefox would actually make a better product that’s not a crappy Chrome clone. The “you need to do something different because [abstract ethical reason X]” doesn’t work with veganism, it doesn’t work with chocolate sourced from dubious sources, it doesn’t work with sweatshop-based clothing, doesn’t work with Free Software, and it sure as hell isn’t going to work here. Okay, some people are going to do it, but not at scale.

                  I agree, but the deck is stacked against Mozilla. They are a relatively small nonprofit largely funded by Google. Structurally, there is no way they can make a product that competes. The problem is simply that there is no institutional counterweight to big tech right now, and the only real solutions are political: antitrust, regulation, maybe creating a publicly-funded institution with a charter to steward the internet in the way Mozilla was supposed to. There’s no solution to the problem merely through better organizational decisions or product design.

                  1. 49

                    I don’t really agree; there’s a lot of stuff they could be doing better, like not pushing out updates that change the colour scheme in such a way that it becomes nigh-impossible to see which tab is active. I don’t really care about “how it looks”, but this is just objectively bad. Maybe if you have some 16k super-HD IPS screen with perfect colour reproduction at full brightness in good office conditions it’s fine, but I just have a shitty ThinkPad screen and the sun in my home half the time (you know, like a normal person). It’s darn near invisible for me, and I have near-perfect eyesight (which not everyone has). I spent some time downgrading Firefox to 88 yesterday just for this – which it also doesn’t easily allow, not if you want to keep your profile anyway – because I couldn’t be arsed to muck about with userChrome.css hacks. Why can’t I just change themes? Or why isn’t there just a setting to change the colour?

                    There’s loads of other things; one small thing I like to do is not have a “x” on tabs to close it. I keep clicking it by accident because I have the motor skills of a 6 year old and it’s rather annoying to keep accidentally closing tabs. It used to be a setting, then it was about:config, then it was a userChrome.css hack, now it’s a userChrome.css hack that you need to explicitly enable in about:config for it to take effect, and in the future I probably need to sacrifice a goat to our Mozilla overlords if I want to change it.

                    I also keep accidentally bookmarking stuff. I press ^D to close terminal windows and sometimes Firefox is focused and oops, new bookmark for you! Want to configure keybinds for Firefox? Firefox say no; you’re not allowed, mere mortal end user; our keybinds are perfect and work for everyone, there must be something wrong with you if you don’t like it! It’s pretty darn hard to hack around this too – more time than I was willing to spend on it anyway – so I just accepted this annoyance as part of my life 🤷

                    “But metrics show only 1% of people use this!” Yeah, maybe; but 1% here and 5% there and 2% somewhere else and before you know it you’ve annoyed half (of not more) of your userbase with a bunch of stuff like that. It’s the difference between software that’s tolerable and software that’s a joy to use. Firefox is tolerable, but not a joy. I’m also fairly sure metrics are biased as especially many power users disable it, so while useful, blindly trusting it is probably not a good idea (I keep it enabled for this reason, to give some “power user” feedback too).

                    Hell, I’m not even a “power user” really; I have maybe 10 tabs open at the most, usually much less (3 right now) and most settings are just the defaults because I don’t really want to spend time mucking about with stuff. I just happen to be a programmer with an interest in UX who cares about a healthy web and knows none of this is hard, just a choice they made.

                    These are all really simple things; not rocket science. As I mentioned a few days ago, Firefox seems have fallen victim to a mistaken and fallacious mindset in their design.

                    Currently Firefox sits in a weird limbo that satisfies no one: “power users” (which are not necessarily programmers and the like, loads of people with other jobs interested in computers and/or use computers many hours every day) are annoyed with Firefox because they keep taking away capabilities, and “simple” users are annoyed because quite frankly, Chrome gives a better experience in many ways (this, I do agree, is not an easy problem to solve, but it does work “good enough” for most). And hey, even “simple” users occasionally want to do “difficult” things like change something that doesn’t work well for them.

                    So sure, while there are some difficult challenges Firefox faces in competing against Google, a lot of it is just simple every-day stuff where they just choose to make what I consider to be a very mediocre product with no real distinguishing features at best. Firefox has an opportunity to differentiate themselves from Chrome by saying “yeah, maybe it’s a bit slower – it’s hard and we’re working on that – but in the meanwhile here’s all this cool stuff you can do with Firefox that you can’t with Chrome!” I don’t think Firefox will ever truly “catch up” to Chrome, and that’s fine, but I do think they can capture and retain a healthy 15%-20% (if not more) with a vision that consists of more than “Chrome is popular, therefore, we need to copy Chrome” and “use us because we’re not Chrome!”

                    1. 21

                      Speaking of key bindings, Ctrl + Q is still “quit without any confirmation”. Someone filed a bug requesting this was changeable (not even default changed), that bug is now 20 years old.

                      It strikes me that this would be a great first issue for a new contributor, except the reason it’s been unfixed for so long is presumably that they don’t want it fixed.

                      1. 9

                        A shortcut to quit isn’t a problem, losing user data when you quit is a problem. Safari has this behaviour too, and I quite often hit command-Q and accidentally quit Safari instead of the thing I thought I was quitting (since someone on the OS X 10.8 team decided that the big visual clues differentiating the active window and others was too ugly and removed it). It doesn’t bother me, because when I restart Safari I get back the same windows, in the same positions, with the same tabs, scrolled to the same position, with the same unsaved form data.

                        I haven’t used Firefox for a while, so I don’t know what happens with Firefox, but if it isn’t in the same position then that’s probably the big thing to fix, since it also impacts experience across any other kind of browser restart (OS reboots, crashes, security updates). If accidentally quitting the browser loses you 5-10 seconds of time, it’s not a problem. If it loses you a load of data then it’s really annoying.

                        1. 4

                          Firefox does this when closing tabs (restoring closed tabs usually restores form content etc.) but not when closing the window.

                          The weird thing is that it does actually have a setting to confirm when quitting, it’s just that it only triggers when you have multiple tabs or windows open and not when there’s just one tab 🤷

                          1. 1

                            The weird thing is that it does actually have a setting to confirm when quitting, it’s just that it only triggers when you have multiple tabs or windows open and not when there’s just one tab

                            Does changing browser.tabs.closeWindowWithLastTab in about:config fix that?

                            1. 1

                              I have it set to false already, I tested it to make sure and it doesn’t make a difference (^W won’t close the tab, as expected, but ^Q with one tab will still just quit).

                          2. 2

                            I quite often hit command-Q and accidentally quit Safari

                            One of the first things I do when setting up a new macOS user for myself is adding alt-command-Q in Preferences → Keyboard → Shortcuts → App Shortcuts for “Quit Safari” in Safari. Saves my sanity every day.

                            1. 1

                              Does this somehow remove the default ⌘Q binding?

                              1. 1

                                Yes, it changes the binding on the OS level, so the shortcut hint in the menu bar is updated to show the change

                                1. 1

                                  It overrides it - Safari’s menu shows ⌥⌘Q against “Quit Safari”.

                                2. 1

                                  You can do this in windows for firefox (or any browser) too with an autohotkey script. You can set it up to catch and handle a keypress combination before it reaches any other application. This will be global of course and will disable and ctrl-q hotkey in all your applications, but if you want to get into detail and write a more complex script you can actually check which application has focus and only block the combination for the browser.

                                3. 2

                                  This sounds like something Chrome gets right - if I hit CMD + Q I get a prompt saying “Hold CMD+Q to Quit” which has prevented me from accidentally quitting lots of times. I assumed this was MacOS behaviour, but I just tested Safari and it quit immediately.

                                4. 6

                                  Disabling this shortcut with browser.quitShortcut.disabled works for me, but I agree that bug should be fixed.

                                  1. 1

                                    Speaking of key bindings, Ctrl + Q is still “quit without any confirmation”.

                                    That was fixed a long time ago, at least on Linux. When I press it, a modal says “You are about to close 5 windows with 24 tabs. Tabs in non-private windows will be restored when you restart.” ESC cancels.

                                    1. 1

                                      That’s strange. I’m using latest Firefox, from Firefox, on Linux, and I don’t ever get a prompt. Another reply suggested a config tweak to try.

                                      1. 1

                                        I had that problem for a while but it went away. I have browser.quitShortcut.disabled as false in about:config. I’m not sure if it’s a default setting or not.

                                        1. 1


                                          It seems that this defaults to false. The fact you have it false, but don’t experience the problem, is counter-intuitive to me. Anyway the other poster’s suggestion was to flip this, so I’ll try that. Thanks!

                                          1. 1

                                            That does seem backwards. Something else must be overriding it. I’m using Ubuntu 20.04, if that matters. I just found an online answer that mentions the setting.

                                  2. 7

                                    On one level, I disagree – I have zero problems with Firefox. My only complaint is that sometimes website that are built to be Chrome-only don’t work sometimes, which isn’t really Firefox’s problem, but the ecosystem’s problem (see my comment above about antitrust, etc). But I will grant you that Firefox’s UX could be better, that there are ways the browser could be improved in general. However, I disagree here:

                                    retain a healthy 15%-20% (if not more)

                                    I don’t think this is possible given the amount of resources Firefox has. No matter how much they improve Firefox, there are two things that are beyond their control:

                                    1. Most users use Google products (gmail, calendar, etc), and without an antitrust case, these features will be seamlessly integrated into Chrome, and not Firefox.
                                    2. Increasingly, websites are simple not targeting Firefox for support, so normal users who want to say, access online banking, are SOL on Firefox. (This happens to me, I still have to use Chrome for some websites)

                                    Even the best product managers and engineers could not reverse Firefox’s design. We need a political solution, unless we want the web to become Google Web (tm).

                                    1. 3

                                      Why can’t I just change themes?

                                      You can. The switcher is at the bottom of the Customize Toolbar… view.

                                      1. 2

                                        Hm, last time I tried this it didn’t do much of anything other than change the colour of the toolbar to something else or a background picture; but maybe it’s improved now. I’ll have a look next time I try mucking about with 89 again; thanks!

                                        1. 3

                                          You might try the Firefox Colors extension, too. It’s a pretty simple custom theme builder.

                                          1. 2

                                            https://color.firefox.com/ to save the trouble of searching.

                                      2. 4

                                        I agree with Firefox’s approach of choosing mainstream users over power-users - that’s the only way they’ll ever have 10% or more of users. Firefox is doing things with theming that I wish other systems would do - they have full “fresco” themes (images?) in their chrome! It looks awesome! I dream about entire DEs and app suites built from the ground up with the same theme of frescoes (but with an different specific fresco for each specific app, perhaps tailored to that app). Super cool!

                                        I don’t like the lack of contrast on the current tab, but “give users the choice to fix this very specific issue or not” tends to be extremely shortsighted - the way to fix it is to fix it. Making it optional means yet another maintenance point on an already underfunded system, and doesn’t necessarily even fix the problem for most users!

                                        More importantly, making ultra-specific optionss like that is usually pushing decisions onto the user as a method of avoiding internal politicking/arguments, and not because pushing to the user is the optimal solution for that specific design aspect.

                                        1. 2

                                          As for the close button, I am like you. You can set browser.tabs.tabClipWidth to 1000. Dunno if it is scheduled to be removed.

                                          As for most of the other grips, adding options and features to cater for the needs of a small portion of users has a maintenance cost. Maybe adding the option is only one line, but then a new feature needs to work with the option enabled and disabled. Removing options is just a way to keep the code lean.

                                          My favorite example in the distribution world is Debian. Debian supports tries to be the universal OS. We are drowning with having to support everything. For examples, supporting many init systems is more work. People will get to you if there is a bug in the init system you don’t use. You spend time on this. At the end, people not liking systemd are still unhappy and switch to Devuan which supports less init systems. I respect Mozilla to keep a tight ship and maintaining only the features they can support.

                                          1. 7

                                            Nobody would say anything if their strategy worked. The core issue is that their strategy obviously doesn’t work.

                                            adding options and features to cater for the needs of a small portion of users

                                            It ’s not even about that.

                                            It’s removing things that worked and users liked by pretending that their preferences are invalid. (And every user belongs to some minority that likes a feature others may be unaware of.)

                                            See the recent debacle of gradually blowing up UI sizes, while removing options to keep them as they were previously.

                                            Somehow the saved cost to support some feature doesn’t seem to free up enough resources to build other things that entice users to stay.

                                            All they do with their condescending arrogance on what their perfectly spherical idea of a standard Firefox user needs … is making people’s lives miserable.

                                            They fired most of the people that worked on things I was excited about, and it seems all that’s left are some PR managers and completely out-of-touch UX “experts”.

                                            1. 4

                                              As for most of the other grips, adding options and features to cater for the needs of a small portion of users has a maintenance cost. Maybe adding the option is only one line, but then a new feature needs to work with the option enabled and disabled. Removing options is just a way to keep the code lean.

                                              It seems to me that having useful features is more important than having “lean code”, especially if this “lean code” is frustrating your users and making them leave.

                                              I know it’s easy to shout stuff from the sidelines, and I’m also aware that there may be complexities I may not be aware of and that I’m mostly ignorant of the exact reasoning behind many decisions (most of us here are really, although I’ve seen a few Mozilla people around), but what I do know is that 1) Firefox as a product has been moving in a certain direction for years, 2) that Firefox has been losing users for years, 3) that I know few people who truly find Firefox an amazing browser that a joy to use, and that in light of that 4) keep doing the same thing you’ve been doing for years is probably not a good idea, and 5) that doing the same thing but doing it harder is probably an even worse idea.

                                              I also don’t think that much of this stuff is all that much effort. I am not intimately familiar with the Firefox codebase, but how can a bunch of settings add an insurmountable maintenance burden? These are not “deep” things that reach in to the Gecko engine, just comparatively basic UI stuff. There are tons of projects with a much more complex UI and many more settings.

                                              Hell, I’d argue that even removing the RSS was also a mistake – they should have improved it instead, especially after Google Reader’s demise there was a huge missed opportunity there – although it’s a maintenance burden trade-off I can understand it better, it also demonstrates a lack of vision to just say “oh, it’s old crufty code, not used by many (not a surprise, it sucked), so let’s just remove it, people can just install an add-on if they really want it”. This is also a contradiction with Firefox’s mantra of “most people use the defaults, and if it’s not used a lot we can just remove it”. Well, if that’s true then you can ship a browser with hardly any features at all, and since most people will use the defaults they will use a browser without any features.

                                              Browsers like Brave and Vivaldi manage to do much of this; Vivaldi has an entire full-blown email client. I’d wager that a significant portion of the people leaving Firefox are actually switching to those browsers, not Chrome as such (but they don’t show up well in stats as they identify as “Chrome”). Mozilla nets $430 million/year; it’s not a true “giant” like Google or Apple, but it’s not small either. Vivaldi has just 55 employees (2021, 35 in 2017); granted, they do less than Mozilla, but it doesn’t require a huge team to do all of this.

                                              And every company has limited resources; it’s not like the Chrome team is a bottomless pit of resources either. A number of people in this thread express the “big Google vs. small non-profit Mozilla”-sentiment here, but it doesn’t seem that clear-cut. I can’t readily find a size for the Chrome team on the ‘net, but I checked out the Chromium source code and let some scripts loose on that: there are ~460 Google people with non-trivial commits in 2020, although quite a bit seems to be for ChromeOS and not the browser part strictly speaking, so my guestimate is more 300 people. A large team? Absolutely. But Mozilla’s $430/million a year can match this with ~$1.5m/year per developer. My last company had ~70 devs on much less revenue (~€10m/year). Basically they have the money to spare to match the Chrome dev team person-for-person. Mozilla does more than just Firefox, but they can still afford to let a lot of devs loose on Gecko/Firefox (I didn’t count the number devs for it, as I got some other stuff I want to do this evening as well).

                                              It’s all a matter of strategy; history is littered with large or even huge companies that went belly up just because they made products that didn’t fit people’s demands. I fear Firefox will be in the same category. Not today or tomorrow, but in five years? I’m not so sure Firefox will still be around to be honest. I hope I’m wrong.

                                              As for your Debian comparison; an init system is a fundamental part of the system; it would be analogous to Firefox supporting different rendering or JS engines. It’s not even close to the same as “an UI to configure key mappings” or “a bunch of settings for stuff you can actually already kind-of do but with hacks that you need to explicitly search for and most users don’t know it exists”, or even a “built-in RSS reader that’s really good and a great replacement for Google Reader”.

                                              1. 2

                                                I agree with most of what you said. Notably the removal of RSS support. I don’t work for Mozilla and I am not a contributor, so I really can’t answer any of your questions.

                                                Another example of maintaining a feature would be Alsa support. It has been removed, this upsets some users, but for me, this is understandable as they don’t want to handle bug reports around this or the code to get in the way of some other features or refactors. Of course, I use Pulseaudio, so I am quite biased.

                                                1. 4

                                                  I think ALSA is a bad example; just use Pulseaudio. It’s long since been the standard, everyone uses it, and this really is an example of “147 people who insist on having an überminimal Linux on Reddit being angry”. It’s the kind of technical detail with no real user-visible changes that almost no one cares about. Lots of effort with basically zero or extremely minimal tangible benefits.

                                                  And ALSA is a not even a good or easy API to start with. I’m pretty sure that the “ALSA purists” never actually tried to write any ALSA code otherwise they wouldn’t be ALSA purists but ALSA haters, as I’m confident there is not a single person that has programmed with ALSA that is not an ALSA hater to some degree.

                                                  Pulseaudio was pretty buggy for a while, and its developer’s attitude surrounding some of this didn’t really help, because clearly if tons of people are having issues then all those people are just “doing it wrong” and is certainly not a reason to fix anything, right? There was a time that I had a keybind to pkill pulseaudio && pulseaudio --start because the damn thing just stopped working so often. The Grand Pulseaudio Rollout was messy, buggy, broke a lot of stuff, and absolutely could have been handled better. But all of that was over a decade ago, and it does actually provide value. Most bugs have been fixed years ago, Poettering hasn’t been significantly involved since 2012, yet … people still hold an irrational hatred towards it 🤷

                                                  1. 1

                                                    ALSA sucks, but PulseAudio is so much worse. It still doesn’t even actually work outside the bare basics. Firefox forced me to put PA on and since then, my mic randomly spews noise and sound between programs running as different user ids is just awful. (I temporarily had that working better though some config changes, then a PA update - hoping to fix the mic bug - broke this… and didn’t fix the mic bug…)

                                                    I don’t understand why any program would use the PA api instead of the alsa ones. All my alsa programs (including several I’ve made my own btw, I love it whenever some internet commentator insists I don’t exist) work equally as well as pulse programs on the PA system… but also work fine on systems where audio actually works well (aka alsa systems). Using the pulse api seems to be nothing but negatives.

                                            2. 1

                                              Not sure if this will help you but I absolutely cannot STAND the default Firefox theme so I use this: https://github.com/ideaweb/firefox-safari-style

                                              I stick with Firefox over Safari purely because it’s devtools are 100x better.

                                            3. 10

                                              There’s also the fact that web browsers are simply too big to reimplement at this point. The best Mozilla can do (barely) is try to keep up with the Google-controlled Web Platform specs, and try to collude with Apple to keep the worst of the worst from being formally standardized (though Chrome will implement them anyway). Their ability to do even that was severely impacted by their layoffs last year. At some point, Apple is going to fold and rebase Safari on Chromium, because maintaining their own browser engine is too unprofitable.

                                              At this point, we need to admit that the web belongs to Google, and use it only to render unto Google what is Google’s. Our own traffic should be on other protocols.

                                              1. 8

                                                For a scrappy nonprofit they don’t seem to have any issues paying their executives millions of dollars.

                                                1. 1

                                                  I mean, I don’t disagree, but we’re still talking several orders of magnitude less compensation than Google’s execs.

                                                  1. 5

                                                    A shit sandwich is a shit sandwich, no matter how low the shit content is.

                                                    (And no, no one is holding a gun to Mozilla’s head forcing them to hire in high-CoL/low-productivity places.)

                                                2. 1

                                                  Product design can’t fix any of these problems because nobody is paying for the product. The more successful it is, the more it costs Mozilla. The only way to pay the rent with free-product-volume is adtech, which means spam and spying.

                                                  1. 4

                                                    Exactly why I think the problem requires a political solution.

                                                3. 8

                                                  I don’t agree this is a vague ethical reason. Problem with those are concerns like deforestation (and destruction of habitats for smaller animals) to ship almond milk across the globe, and sewing as an alternative to poverty and prostitution, etc.

                                                  The browser privacy question is very quantifiable and concrete, the source is in the code, making it a concrete ethical-or-such choice.

                                                  ISTR there even being a study or two where people were asked about willingness to being spied upon, people who had no idea their phones were doing what was asked about, and being disconcerted after the fact. That’s also a concrete way to raise awareness.

                                                  At the end of the day none of this may matter if people sign away their rights willingly in favor of a “better” search-result filter bubble.

                                                  1. 11

                                                    I don’t think they’re vague (not the word I used) but rather abstract; maybe that’s no the best word either but what I mean with it is that it’s a “far from my bed show” as we would say in Dutch. Doing $something_better on these topics has zero or very few immediate tangible benefits, but rather more abstract long-term benefits. And in addition it’s also really hard to feel that you’re really making a difference as a single individual. I agree with you that these are important topics, it’s just that this type of argument is simply not all that effective at really making a meaningful impact. Perhaps it should be, but it’s not, and exactly because it’s important we need to be pragmatic about the best strategy.

                                                    And if you’re given the choice between “cheaper (or better) option X” vs. “more expensive (or inferior) option Y with abstract benefits but no immediate ones”, then I can’t really blame everyone for choosing X either. Life is short, lots of stuff that’s important, and can’t expect everyone to always go out of their way to “do the right thing”, if you can even figure out what the “right thing” is (which is not always easy or black/white).

                                                    1. 1

                                                      My brain somehow auto-conflated the two, sorry!

                                                      I think we agree that the reasoning in these is inoptimal either way.

                                                      Personally I wish these articles weren’t so academic, and maybe not in somewhat niche media, but instead mainstream publications would run “Studies show people do not like to be spied upon yet they are - see the shocking results” clickbaity stuff.

                                                      At least it wouldn’t hurt for a change.

                                                      1. 1

                                                        It probably wasn’t super-clear what exactly was intended with that in the first place so easy enough of a mistake to make 😅

                                                        As for articles, I’ve seen a bunch of them in mainstream Dutch newspapers in the last two years or so; so there is some amount of attention being given to this. But as I expended on in my other lengthier comment, I think the first step really ought to be making a better product. Not only is this by far the easiest to do and within our (the community’s) power to do, I strongly suspect it may actually be enough, or at least go a long way.

                                                        It’s like investing in public transport is better than shaming people for having a car, or affordable meat alternatives is a better alternative than shaming people for eating meat, etc.

                                                  2. 7

                                                    I agree to an extent. Firefox would do well to focus on the user experience front.

                                                    I switched to Firefox way back in the day, not because of vague concerns about the Microsoft hegemony, or even concerns about web standards and how well each browser implemented them. I switched because they introduced the absolutely groundbreaking feature that is tabbed browsing, which gave a strictly better user experience.

                                                    I later switched to Chrome when it became obvious that it was beating Firefox in terms of performance, which is also a factor in user experience.

                                                    What about these days? Firefox has mostly caught up to Chrome on the performance point. But you know what’s been the best user experience improvement I’ve seen lately? Chrome’s tab groups feature. It’s a really simple idea, but it’s significantly improved the way I manage my browser, given that I tend to have a huge number of tabs open.

                                                    These are the kinds of improvements that I’d like to see Firefox creating, in order to lure people back. You can’t guilt me into trying a new browser, you have to tempt me.

                                                    1. 10

                                                      But you know what’s been the best user experience improvement I’ve seen lately? Chrome’s tab groups feature. It’s a really simple idea, but it’s significantly improved the way I manage my browser, given that I tend to have a huge number of tabs open.

                                                      Opera had this over ten years ago (“tab stacking”, added in Opera 11 in 2010). Pretty useful indeed, even with just a limited number of tabs. It even worked better than Chrome groups IMO. Firefox almost-kind-of has this with container tabs, which are a nice feature actually (even though I don’t use it myself), and with a few UX enhancements on that you’ve got tab groups/stacking.

                                                      Opera also introduced tabbed browsing by the way (in 2000 with Opera 4, about two years before Mozilla added it in Phoenix, which later became Firefox). Opera was consistently way ahead of the curve on a lot of things. A big reason it never took off was because for a long time you had to pay for it (until 2005), and after that it suffered from “oh, I don’t want to pay for it”-reputation for years. It also suffered from sites not working; this often (not always) wasn’t even Opera’s fault as frequently this was just a stupid pointless “check” on the website’s part, but those were popular in those days to tell people to not use IE6 and many of them were poor and would either outright block Opera or display a scary message. And being a closed-source proprietary product also meant it never got the love from the FS/OSS crowd and the inertia that gives (not necessarily a huge inertia, but still).

                                                      So Firefox took the world by storm in the IE6 days because it was free and clearly much better than IE6, and when Opera finally made it free years later it was too late to catch up. I suppose the lesson here is that “a good product” isn’t everything or a guarantee for success, otherwise we’d all be using Opera (Presto) now, but it certainly makes it a hell of a lot easier to achieve success.

                                                      Opera had a lot of great stuff. I miss Opera 😢 Vivaldi is close (and built by former Opera devs) but for some reason it’s always pretty slow on my system.

                                                      1. 1

                                                        This is fair and I did remember Opera being ahead of the curve on some things. I don’t remember why I didn’t use it, but it being paid is probably why.

                                                        1. 1

                                                          I agree, I loved the Presto-era Opera and I still use the Blink version as my main browser (and Opera Mobile on Android). It’s still much better than Chrome UX-wise.

                                                        2. 4

                                                          I haven’t used tab groups, but it looks pretty similar to Firefox Containers which was introduced ~4 years ahead of that blog post. I’ll grant that the Chrome version is built-in and looks much more polished and general purpose than the container extension, so the example is still valid.

                                                          I just wanted to bring this up because I see many accusations of Firefox copying Chrome, but I never see the reverse being called out. I think that’s partly because Chrome has the resources to take Mozilla’s ideas and beat them to market on it.

                                                          Disclaimer: I’m a Mozilla employee

                                                        3. 4

                                                          One challenge for people making this kind of argument is that predictions of online-privacy doom and danger often don’t match people’s lived experiences. I’ve been using Google’s sites and products for over 20 years and have yet to observe any real harm coming to me as a result of Google tracking me. I think my experience is typical: it is an occasional minor annoyance to see repetitive ads for something I just bought, and… that’s about the extent of it.

                                                          A lot of privacy advocacy seems to assume that readers/listeners believe it’s an inherently harmful thing for a company to have information about them in a database somewhere. I believe privacy advocates generally believe that, but if they want people to listen to arguments that use that assumption as a starting point, they need to do a much better job offering non-circular arguments about why it’s bad.

                                                          1. 4

                                                            I think it has been a mistake to focus on loss of privacy as the primary data collection harm. To me the bigger issue is that it gives data collectors power over the creators of the data and society as a whole, and drives destabilizing trends like political polarization and economic inequality. In some ways this is a harder sell because people are brainwashed to care only about issues that affect them personally and to respond with individualized acts.

                                                            1. 4

                                                              There is no brainwashing needed for people to act like people.

                                                              1. 1

                                                                do you disagree with something in my comment?

                                                                1. 3

                                                                  In some ways this is a harder sell because people are brainwashed to care only about issues that affect them personally and to respond with individualized acts.

                                                                  I’m not @halfmanhalfdonut but I don’t think that brainwashing is needed to get humans to behave like this. This is just how humans behave.

                                                                  1. 2

                                                                    Yep, this is what I was saying.

                                                                    1. 1

                                                                      things like individualism, solidarity, and collaboration exist on a spectrum, and everybody exhibits each to some degree. so saying humans just are individualistic is tautological, meaningless. everyone has some individualism in them regardless of their upbringing, and that doesn’t contradict anything in my original comment. that’s why I asked if there was some disagreement.

                                                                      to really spell it out, modern mass media and culture condition people to be more individualistic than they otherwise would be. that makes it harder to make an appeal to solidarity and collaboration.


                                                                      1. 1

                                                                        I think you’re only seeing the negative side (to you) of modern mass media and culture. Our media and culture also promote unity, tolerance, respect, acceptance, etc. You’re ignoring that so that you can complain about Google influencing media, but the reality is that the way you are comes from those same systems of conditioning.

                                                                        The fact that you even know anything about income inequality and political polarization are entirely FROM the media. People on the whole are not as politically divided as media has you believe.

                                                                        1. 1

                                                                          sure, I only mentioned this particular negative aspect because it was relevant to the point I was making in my original comment

                                                                        2. 1

                                                                          to really spell it out, modern mass media and culture condition people to be more individualistic than they otherwise would be. that makes it harder to make an appeal to solidarity and collaboration.

                                                                          I think we’re going to have to agree to disagree. I can make a complicated rebuttal here, but it’s off-topic for the site, so cheers!

                                                                          1. 1


                                                            2. 3

                                                              I agree with everything you’ve written in this thread, especially when it comes to the abstractness of pro-Firefox arguments as of late. Judging from the votes it seems I am not alone. It is sad to see Mozilla lose the favor of what used to be its biggest proponents, the “power” users. I truly believe they are digging their own grave – faster and faster it seems, too. It’s unbelievable how little they seem to be able to just back down and admit they were wrong about an idea, if only for a single time.

                                                              1. 2

                                                                Firefox does have many features that Chrome doesn’t have: container tabs, tree style tabs, better privacy and ad-blocking capabilities, some useful dev tools that I don’t think Chrome has (multi-line JS and CSS editors, fonts), isolated profiles, better control over the home screen, reader mode, userChrome.css, etc.

                                                              1. 5

                                                                Who is your VPS provider? Most of them already provide those kinds of metrics.

                                                                Otherwise you can check out things like https://www.monitorix.org (I don’t use it because I don’t need to but I have bookmarked it in case I need to).

                                                                1. 1

                                                                  In this particular case it’s Hetzner Cloud, but it comes with the same problem that everyone else has: they cannot monitor your disk space usage as they do not have OS level access.

                                                                  I thought about using the Hetzner Cloud API too, but it would only tell me about CPU and network.

                                                                  1. 9

                                                                    If you’re just concerned about disk space and can do everything else with your VPS provider, then I’d just write a small shell script to check the df output, email me if it’s >80%, and run it through cron/periodic.

                                                                1. 17

                                                                  Could have? It’s been known since at least 1989 (okay, November of 1988) that gets() was a bad function, but it was probably too late to get it removed from the C89 standard. It was deprecated in 1999 (C99) and removed in 2011 (C11). The code in question was written in 2013! Who ever wrote the code did not bother reading any compiler warnings, or didn’t know C well enough to know that pointers (and arrays) don’t include limits. I find it amazing in this day and age that this went seven years without notice.

                                                                  1. 9

                                                                    I think it has been known since about 1975 that gets() is bad*. Modern language communities no longer take 24 years to officially deprecate an API after it has been recognized as bad, and another 12 years to remove, so maybe that’s progress.

                                                                    *Mike Lesk wrote the Portable I/O Library for C around 1972-1973. Stdio was in use by 1975; it was written as a replacement: much faster, not fully backwards compatible. As far as I can reconstruct, gets() was left in stdio to help migrate code from the old library to stdio (but I’m missing access to some historical documents that would verify this). fgets() used a deliberately different interface, because the buffer overflow problem of gets() was obvious even in 1975. K&R first edition (1978) documents stdio and fgets(), but leaves out gets(), providing source code for a getline() function instead that reads stdin using a safe interface.

                                                                    1. 4

                                                                      Modern language communities don’t have to deal with OS vendors, because they have their own packages and package management, and modern language communities can be that independent because of the Internet. You can see the beginnings of this in how gcc and GNU libc spread to become de-facto standards even at sites where the OS maker didn’t package them, because they were an FTP away.

                                                                    2. 4

                                                                      November of 1988

                                                                      What event are you referring to here?

                                                                      1. 6

                                                                        The Morris Worm was the first malware attacking the internet, using a gets() buffer overflow in fingerd to take control of thousands of Unix systems. Read about it here (Gene Spafford’s Nov 1988 analysis): https://spaf.cerias.purdue.edu/tech-reps/823.pdf

                                                                      2. 2

                                                                        The code in question was written in 2013!

                                                                        Not really, that example was always part of uthash since its first release so it was written by Troy D. Hanson somewhere between 2004 and 2006.

                                                                        Moreover I have no doubt that Troy knew his code wasn’t safe. But it was a simple example in a manual so he probably didn’t care.

                                                                      1. 3

                                                                        At home I use a Filco Majestouch 2 (tenkeyless, brown switches). At work I use something less noisy :)

                                                                        1. 6

                                                                          As someone who uses trackers on a daily basis, I have to say that’s a very solid write-up. Perhaps Jeskola Buzz could have been discussed a bit more, since it was pretty big in the late 90s/early 2000s. There’s also Buzztrax, which continues the legacy on Linux. Other than that, the article is pretty comrehensive though. There were some tracker-like editors before Ultimate Soundtracker, but that’s obviously out of scope for this one.

                                                                          There are a number of reasons why I prefer trackers over any other means of composing computer music.

                                                                          • The keyboard-driven workflow is just so much faster than clicking around with the mouse.
                                                                          • The minimalistic UI helps me focus.
                                                                          • Trackers are ubiquitous on 80s home computers and consoles. That’s great for a chiptune musician like me, because once you know one tracker, you can easily get started on another one. So I can turn most of my 8-bit junk into a musical instrument with very little learning effort.

                                                                          What’s interesting to me is that trackers actually make the music writing process more akin to programming. This becomes especially apparent in Chiptune, where you’re basically writing a list of instructions to be interpreted by the music player.

                                                                          1. 3

                                                                            The keyboard-driven workflow is just so much faster than clicking around with the mouse.

                                                                            What about trackers versus playing a MIDI keyboard? In your opinion, does entering notes in a tracker have advantages over playing them on a MIDI keyboard?

                                                                            1. 2

                                                                              Caveat, I don’t have so much experience with MIDI. For many years I was moving around a lot (aka “my home is where my laptop is”), so I never bothered carrying around a MIDI controller. Nowadays you get these really small controllers, but back in the day these things were clunky. So anyway, I’m not super qualified to answer this.

                                                                              Generally, I think the use-case is different. MIDI shines in 3 situations. a) when you have a fixed setup, eg. one DAW + a standard set of plugins that you always use. If you’re exploring many different tools and platforms, then the overhead from setting up MIDI controls is usually not worth it. b) for adding a live/human feel to an existing basic structure, ie. when you want to be less than 100% consistent/timing accurate. If you actually want to be precise, then you need to be able to play very well (which I’m not), otherwise you’re going to fiddle with correcting quantization errors a lot (unless you use your MIDI controller to enter notes/triggers on a per-step basis, in which case you might just as well use your computer’s keyboard). c) for automating sound parameters. Definitely a huge plus for “normal” computer music, for my use-case (Chiptune) it’s less relevant though.

                                                                              1. 1

                                                                                I’m confused. MIDI keyboards can feed MIDI into trackers.

                                                                                Some of them do bundle a synth, but these are usually called electronic pianos, and can accept MIDI from a tracker.

                                                                              2. 2


                                                                                Thanks for letting me learn about this LGPL’d tracker. Up until now, I only knew MilkyTracker.

                                                                                1. 3

                                                                                  There’s also Radium. Haven’t used it yet, but it looks very promising in terms of bringing trackers to the next level. Back in the day I actually used Neil Sequencer, another Buzz-inspired project. Unfortunately that one is completely dead, I can’t even build it on a current system nowadays.

                                                                                  Last but not least, there’s also Schism Tracker, which is to Impulse Tracker what Milky is to Fasttracker/Protracker. The .it format is more compact than .xm, so it’s often the preferred choice for making size-restricted modules.

                                                                                  1. 1

                                                                                    There’s also Radium.

                                                                                    Which I also didn’t know, looks promising and is Open Source. Thank you!!!

                                                                                    Neil Sequencer

                                                                                    Seems to be GPL, but I can’t find the sources. Probably a temporal issue.

                                                                                    Schism I was aware of.

                                                                                  2. 2

                                                                                    I have a big list of FOSS trackers that I’m trying to package for NixOS here if you’re interested: https://github.com/NixOS/nixpkgs/issues/81815

                                                                                    1. 1

                                                                                      Absolutely! Thank you.

                                                                                  3. 1

                                                                                    I know it’s called “essential guide” but it’s a bit weird to write a history of trackers without mentioning Impulse Tracker and its descendants (Modplug, Cheesetracker, Schizm, etc).

                                                                                    1. 2

                                                                                      Agreed, that’s quite an oversight. At least Modplug’s modern incarnation OpenMPT is mentioned in passing.

                                                                                  1. 1

                                                                                    This is a good introduction to SOLID… and also a good reminder for people like me who often forget what the I stands for (I tend to mistake it for Inversion of Control).

                                                                                    1. 3

                                                                                      Lua and shell script make for amazing glue languages

                                                                                      1. 3

                                                                                        Fun fact: lead (which pipes used to be made from, hence plumbing) is “luaidhe” in Irish

                                                                                        1. 2

                                                                                          Same here. Bash -> Lua -> C, where “->” means “if the left operand isn’t enough…”

                                                                                          1. 2

                                                                                            same, but any more I tend to favor fennel + shell script


                                                                                          1. 12

                                                                                            Things that will keep growing : Rust, Zig, WASM.

                                                                                            Things that will make a comeback : simpler non-SPA JS frameworks with server-side rendering (Stimulus etc), and Rails by ricochet effect. A “simple, ops-less hosting” platform like Heroku or App Engine will emerge, maybe Vercel.

                                                                                            Obviously, on the hardware end: ARM laptops / deskops.

                                                                                            Things that will go down (too much complexity for nothing): Kubernetes (at least used directly).

                                                                                            Things I would like to see grow but I’m not sure: unikernels and/or lightweight VMs instead of containers (à la firecracker).

                                                                                            5G will probably change some things, too.

                                                                                            1. 4

                                                                                              Just to nitpick a bit, because this has been bothering me for a while: Conflict-free replicated datatypes aren’t a solution for conflicts.

                                                                                              Making a CRDT is easy. Whenever you have a conflict you hash both data sets and throw away the one with the lower hash. This may be stupid but it fulfills the criteria for a CRDT.

                                                                                              The conflict between the authors intentions is still there, the only thing that is conflict-free is the state of different copies of the data after all the changes have propagated. The conflict of the changes that where made is semantic in nature and probably has to be resolved at a language level and/or by a human.

                                                                                              Which is probably why Pijul ended up with counter-intuitive behavior by treating text as a graph and using that representation for conflict resolution.

                                                                                              1. 6

                                                                                                I have worked on something similar (filesystem synchronization with a CRDT model) and I agree, people misunderstand CRDTs.

                                                                                                Behind the theory, the idea of CRDTs is that from the user’s point of view they are what we usually consider “data structures” plus rules that define how users can modify then and how the data will be merged in all cases. That means that:

                                                                                                • There is no case in which the system will say “I don’t know what to do” and have to ask for outside help synchronously. Adding something to the data structure that says “ask a human later” is fine.

                                                                                                • The end result will not depend on which device does the merge.

                                                                                                • Most importantly those rules are built into the data structure and exposed to the user (they are part of the API).

                                                                                                Now the problem is to design a CRDT that does what the end user wants, and that’s a lot harder than just making a CRDT “that works”…

                                                                                                1. 6

                                                                                                  Just to nitpick a bit, because this has been bothering me for a while

                                                                                                  You seem to be in agreement with the post. That section of the post just says “here is some related work, it’s called CRDT, and wasn’t enough to solve it”.

                                                                                                  1. 1

                                                                                                    I think the directed graph representation comes from the original paper as explained well for non-mathematicians here.

                                                                                                    1. 2

                                                                                                      It’s inspired by that, but does a lot more. The actual thing used by Pijul is explained in the blog post linked here as well (and your link comes from that person reading Pijul’s source code and asking us questions about it).

                                                                                                  1. 7

                                                                                                    QUIC being hard to parse by router hardware is a feature, not a bug. IIRC (and I may not) this is why encryption was originally introduced in the protocol. I believe that it wasn’t until TLS 1.3 started maturing that it was integrated into QUIC to also provide strong security guarantees, but to be honest I’m really unsure on this point and I’m too lazy to Google at the moment. Maybe someone else can tell us?

                                                                                                    In any case, the reason QUIC being hard to parse by routers is a feature is because it ensures protocol agility. I don’t know the details but there are things that in theory could be done to improve TCP’s performance, but in practice cannot because routers and other middleboxes parse the TCP and then break because they’re not expecting the tweaked protocol. QUIC’s encryption ensures that middleboxes are largely unable to do this, so the protocol can continue evolving into the future.

                                                                                                    1. 2

                                                                                                      Google QUIC used a custom crypto and security protocol. IETF QUIC always used TLS 1.3.

                                                                                                      1. 2

                                                                                                        While there are definitive benfits to it, like improved security from avoiding all attacks that modify packet metadata, it also means you can’t easily implement “sticky sessions” for example, i.e. keeping the client connected to the same server on the whole connection duration. So yeah, it’s always a convinience/security tradeoff isn’t it…

                                                                                                        1. 2

                                                                                                          I am not really a QUIC expert but I don’t really understand the issue here. The Connection ID is in the public header, so what prevents a load balancer from implementing sticky sessions?

                                                                                                          1. 2

                                                                                                            Oh I’m far from an expert too. You’re right, if the router understands QUIC it will be able to route sticky sessions. If it only understands UDP (as is the case with all currently deployed routers) - it won’t be able to, since the source port and even IP can change within a single session. But that’s a “real-world” limitation, not the limitation of the protocol, actually.

                                                                                                            1. 5

                                                                                                              What kind of router are you thinking of?

                                                                                                              A home router that can’t route back UDP to the google chrome application is just going to force google to downgrade to TCP.

                                                                                                              A BGP-peered router has no need to deal with sticky sessions: They don’t even understand UDP.

                                                                                                              A load balancer for the QUIC server is going to understand QUIC.

                                                                                                              A corporate router that wants to filter traffic is just going to block QUIC, mandate trust of a corporate CA and force downgrade to HTTPS. They don’t really give two shits about making things better for Google, and users don’t care about QUIC (i.e. it offers no benefits to users) so they’re not going to complain about not having it.

                                                                                                              1. 2

                                                                                                                You should take a look at QUIC’s preferred address transport parameter (which is similar to MPTCP’s option). This allows the client to stick with a particular server without the load balancing being QUIC aware.

                                                                                                        1. 1

                                                                                                          Company: Inch

                                                                                                          Company site: https://inch.fr

                                                                                                          Position: Senior Full Stack Developer

                                                                                                          Location: Paris, France (onsite, partial remote OK but you must live near Paris and speak French)

                                                                                                          Description: We’re a small company (10 people) making a SaaS CRM & ticketing solution for property managers in the French (and Belgian) market.

                                                                                                          Tech stack: Rails, React, PostgreSQL

                                                                                                          Contact: me (pierre at company domain)

                                                                                                          1. 2

                                                                                                            There are two good approaches to that issue.

                                                                                                            The first one is to check and handle all possible unexpected results, and have tooling to ensure you do it.

                                                                                                            The second one is “let it crash”, famous in Erlang circles. Basically, when an error occurs, log it so you can debug it and panic the process and let a process manager restart it in a known state (“process” does not necessarily mean “OS process” here).

                                                                                                            In general, you would use both: very critical code (think DB transactions, etc) constitutes an “error kernel” which you write with the first approach, and all business code around that uses the second one.

                                                                                                            1. 53

                                                                                                              Super classy comment (in my opinion) from the original author of htop, regarding the fork: https://github.com/hishamhm/htop/issues/992#issuecomment-683286672

                                                                                                              1. 5

                                                                                                                I expected your comment to be sarcastic but hishamhm’s reply really is supportive!

                                                                                                                1. 4

                                                                                                                  Wonderful reply. I can’t imagine what it must be like to write a small utility then have it grow so popular it shapes your whole life.

                                                                                                                  That’s the double edged-FOSS sword I guess. I’m amazed and grateful that there are people out there like Hisham.

                                                                                                                  1. 3

                                                                                                                    It is an entirely valid choice to not let it shape your whole life. Which is what happened here, I guess :-) And I can totally relate.

                                                                                                                  2. 4

                                                                                                                    Hisham is a great person. Like many I have come to know him through the Lua community, and then learned the h in htop meant “Hisham”.

                                                                                                                    He is maintaining a lot of important packages in Lua land, and also has a few other personal projects such as tl and dit. I can understand why he was overwhelmed. :)

                                                                                                                    If you are interested in htop and its “recent” evolutions this talk is worth watching.

                                                                                                                  1. 4

                                                                                                                    I agree with parts of the post, but certainly not this:

                                                                                                                    More often than not automatic updates are not done with the interest of the user in mind.

                                                                                                                    I don’t believe this is true. I don’t have data but I think the main reasons for automatic update are in the interest of the user, the N.1 being security patches (as mentioned elsewhere in the post). Software without at least semi-automatic security updates is one of the main reasons why there is so much malware everywhere and this is clearly not good for users. It’s even worse for hardware. Actually I think most of the “should always” / “should never” bullet points should come with “except for security reasons” (especially the last one, compatibility with plug-ins).

                                                                                                                    Another reason is compatibility, especially in the case of networked software. If you change the client - server (or client - client) protocol without automated updates you can never deprecate anything and in the long run it becomes a maintenance nightmare. This gives an edge to your competitors, especially to Web-based software which (almost) always auto-updates. And being uncompetitive is clearly not good for your users in the long run.

                                                                                                                    All that being said, the choice depends a lot on who the user is. I think most hardware and software for the general public should come with either automatic or semi-automatic updates enabled by default, unless it is distributed through a package repository / store (which is the ideal case). Professional software which is administered by trained people, for instance, is different.

                                                                                                                    For commercial software I think the solution to avoid version explosion is to always limit the duration of user licenses. Even if you want to sell a life-long license, you can structure it so that users have a one-year license for a given version of the software and the right to obtain such a license for the latest version of the software anytime. And then maybe you don’t auto-upgrade, but you tell the user “you must click this upgrade button by this date or you won’t be able to use the software anymore.”

                                                                                                                    That being said, I do agree with a lot of the post, especially the fact that if you stop supporting a version there should be a clear upgrade path, that updates shouldn’t be abused for marketing purpose, etc.

                                                                                                                    1. 10

                                                                                                                      More often than not automatic updates are not done with the interest of the user in mind

                                                                                                                      I think a more accurate claim would be that more often than not, the outwardly-visible changes that come thru automatic updates are not done in the interests of the end user. It’s primarily a matter of perception, and that perception is what drives the lack of trust.

                                                                                                                      Users don’t see the vulnerabilities they were protected against, but they do see the new ads that have begun to show in their start menu.

                                                                                                                      1. 3

                                                                                                                        Yes, that makes sense. Fully automated updates make that even worse because users don’t even notice the security updates.

                                                                                                                    1. 7

                                                                                                                      The several mentions of NGS make me suspect that this is written almost as an advertisement. Consider the article’s conclusion:

                                                                                                                      From my perspective, all languages suck, while NGS aims to suck less than the rest for the intended use cases (tl;dr – for DevOps scripting).

                                                                                                                      NGS itself seems to have commits from Ilya (the author), so it seems like he’s at least a contributor. Combined with other people’s comments about this article’s lack of substance, I’m a little wary.

                                                                                                                      I recently saw another article authored by try NGS people about NGS being better because it has a method that ensures that an array has exactly one element, which was then promptly edited to say “yeah NGS isn’t the only one with this”. Every language looks better than others to their creator. But I don’t think a new language is the solution, especially if it has no groundbreaking features (and I don’t know if NGS has groundbreaking features)

                                                                                                                      1. 3

                                                                                                                        Ilya is NGS’ main author. It’s a rant on his personal blog so he probably supposes the reader already knows this.

                                                                                                                        1. 2

                                                                                                                          I recently saw another article authored by try NGS people about NGS being better because it has a method that ensures that an array has exactly one element, which was then promptly edited to say “yeah NGS isn’t the only one with this”. Every language looks better than others to their creator. But I don’t think a new language is the solution, especially if it has no groundbreaking features (and I don’t know if NGS has groundbreaking features)

                                                                                                                          Do you have any examples of languages that became successful because of a groundbreaking language feature?

                                                                                                                          Most successful languages in the last 30 years have a blend of ideas from earlier languages:

                                                                                                                          • Python - ABC, SETL, Occam
                                                                                                                          • Ruby - Perl, Smalltalk, Lisp
                                                                                                                          • Java - Objective C, C++
                                                                                                                          • JavaScript - Self, C
                                                                                                                          • Go - C, Limbo, Emerald
                                                                                                                          • PHP - Perl
                                                                                                                          • R - S, Scheme
                                                                                                                          • Swift - Objective-C, Rust, Haskell, Ruby, Python, C#, CLU, others
                                                                                                                          • C# - C++, Delphi, Java
                                                                                                                          • PowerShell - Korn shell

                                                                                                                          It seems much more important to have a compelling use case, some degree of luck, and a platform or library that’s easier to use than the incumbent.

                                                                                                                          Corporate backing may have become a requirement; most of these languages were either created in the 1990s or had corporate backing.

                                                                                                                          1. 2

                                                                                                                            groundbreaking language feature

                                                                                                                            In NGS, I am throwing in syntax and features (after deliberation) which are geared towards intended use cases, nothing that I would consider “groundbreaking”, just convenient. Sometimes much more convenient than in other languages.

                                                                                                                            Not many of the features are unique but they fit the niche well. The “chance” of this language is targeting the niche. I have learned to not throw in anything that is “maybe a good idea” (or at least mark that “experimental”).

                                                                                                                            Examples of features specifically targeting the niche:

                                                                                                                            • Syntax for running external commands, syntax for running + parsing the output of external commands
                                                                                                                            • Smart handling of exit codes of external commands
                                                                                                                            • Data manipulation facilities
                                                                                                                            • Simple extensibility
                                                                                                                            • log(), debug(), retry() methods
                                                                                                                            1. 1

                                                                                                                              Have you read Frank Atanassow’s advice on designing a language?

                                                                                                                              He takes a strongly negative attitude towards creating languages but does pose some good questions.

                                                                                                                              1. 2

                                                                                                                                I didn’t see it before. I do think that creation of a new programming language must be justified. If it’s “it would be so cool to have a new language” - either keep your fun/learning project for yourself or at least state the aim explicitly in a prominent place.

                                                                                                                                Unfortunately I can not answer your question fully at the moment because of my current constraints. I’ll try to get to this later. Partial answer is at



                                                                                                                                Note that there is no alternative at which a looked and said: “OK, it’s aligned with my vision so much that doing NGS is not needed anymore”.

                                                                                                                          2. 1

                                                                                                                            Yes, I’m the main author.

                                                                                                                            NGS being better because it has a method that ensures that an array has exactly one element, which was then promptly edited to say “yeah NGS isn’t the only one with this”

                                                                                                                            It’s practically not feasible to go over every existing language to check the claim. “I’m not aware of any language that has this” is my approximation. The mistake was pointed out to me and I promptly updated the post as not to mislead the readers.

                                                                                                                            Everything else is addressed in today’s update of the post.

                                                                                                                          1. 2

                                                                                                                            Happy birthday, Lobste.rs. I still read you every day. Here’s to the next 8 year. :)

                                                                                                                            1. 6

                                                                                                                              German perspective: You’re an engineer after getting a university degree in an engineering program (e.g., bachelor of science in information technology). You’re only allowed to call yourself an engineer after graduating. But then immediately.
                                                                                                                              Depending on school, program that may or may not involve lots of meta/how-to engineer courses.

                                                                                                                              No extra test but also no way for non-academics to become an engineer unless they go to a university. :/

                                                                                                                              1. 5

                                                                                                                                Similar in Sweden. The term “civilingenjör” covers all engineering, not just civil engineers (that degree is called “civilingenjör väg och vatten”) and is a protected term. You’re not allowed to present yourself as such unless you have graduated from an accredited institution (nor are you allowed to purchase the special ring you’re entitled to).

                                                                                                                                1. 3

                                                                                                                                  Similar in France. “Ingénieur” covers all engineering and is also a protected term. But a lot of people are obsessed by degrees here in France and it kinda sucks.

                                                                                                                                  1. 2

                                                                                                                                    Not exactly.

                                                                                                                                    “Ingénieur” (Engineer) is not protected. It is a job title and can be given to you as long as your job corresponds.

                                                                                                                                    The protected constructions are things like “Diplôme d’Ingénieur”, “École d’Ingénieur” and “Ingénieur diplômé” (Engineering Degree, Engineering School and “Engineer with a degree”, respectively). They are regulated by a body called CTI.