1. 14

    I’ve been using Fish since 2015, and it’s been great. Fish not being POSIX compatible hasn’t been an issue in practice, though I don’t do a lot of shell scripting to begin with. If somebody is curious about my Fish configuration, you can find it here.

    1. 4

      For me the lack of sh-compatible syntax has been a real problem, to the point where I switched to bash at work. Fish does have the best user experience I’ve seen, but the need for specific Fish scripts is a problem, in particular with Nix or any tool that you need to load from your profile. There are wrappersz like bass, but they don’t always work and have overhead.

      1. 28

        Just because fish is your interactive shell doesn’t mean that you need to start shell scripts with !/usr/bin/env fish.

        1. 8

          I never understood what people is doing all day in their prompt that needs POSIX compatibility. The syntax to call commands is the same.

          I think it is mostly a meme or a simple matter of running copy pasted scripts from the web and not understanding how interpreter resolution works or that you can manually define it.

          1. 3

            But for stuff like Nix, don’t you have to run the setup scripts in your interactive shell with source or equivalent, so they can set environment variables and such?

            1.  

              In Unix, all child processes of a process will inherit the parent’s environment. You should be able to write all your scripts as POSIX compliant (or bash compliant) and run them from inside fish without an issue, as long as you specify the interpreter like so: bash myscript.sh

              1. 7

                The problem, if I understood it right (I’ve never used things like Nix) is that these are not things you’re supposed to run, but things you’re supposed to source. I.e. you source whatever.sh so that you get the right environment to do everything else. Sort of like the decade-old env.sh hack for closed-source toolchains and the like, which you source so that you can get all the PATH and LD_LIBRARY_PATH hacks only for this interactive session instead of polluting your .profile with them.

          2. 8

            I usually just switch to bash when I need to run a command this way. And honesty I’m more annoyed at commands like these that modify your shell environment and thus force you to use a POSIX-compatible shell, than I am at fish for deliberately trying something different that isn’t POSIX.

            1.  

              Fortunately some commands are designed to output a shell snippet to be used with eval

              eval $(foo) # foo prints 'export VAR=bar'
              

              In that case you can pipe output of foo to Fish’s source

              foo | source
              
            2. 4

              I also had problems with bass. It was too slow to run in my config.fish. However, I switched to https://github.com/oh-my-fish/plugin-foreign-env and it’s worked perfectly for me. And you don’t need oh-my-fish to use it — I installed it with the plugin manager https://github.com/jorgebucaran/fisher.

              1. 2

                Ah, I hadn’t seen this one, if it succeeds to setup Nix then it’s party time!

                1.  

                  Not a fish user, but since you’re a Nix user I would also recommend checking out direnv which has fish support. For nix in direnv specifically I would also recommend something like nix-direnv (and several others) which caches and also gcroots environments so overheads are next to negligible when things remain unchanged.

                2.  

                  That looks good enough to make me want to try fish again. I had not seen it last time I tried fish. Thanks for pointing it out.

            1. 9

              This is nice. Though, you could do some of the same things with XPath. For example, the first two examples could be done using xmllint:

              $ curl -s https://www.rust-lang.org/ | xmllint --html --xpath "//*[@id='get-help']" -
              $ curl -s https://www.rust-lang.org/ | xmllint --html --xpath "//@href" -
              

              Unfortunately xmllint doesn’t support html5, and complains about the <header> and <main> tags in the above example.

              1. 5

                XPath is really powerful, but it’s also really hard to grok (because it was designed for a much more powerful use case). I wonder if something that used the JQuery selector format wouldn’t be more appreciated :)

                  1. 2

                    Hxselect is super handy

                    1. 2

                      This tool is great, and already in Debian. Interesting that you need to give it XML syntax, but it comes with tools hxclean and hxnormalize -x that solve that for you.

                      1. 1

                        Wow! Fantastic, thanks!

                  1. 7

                    Growing up on Linux in the 90s I never thought I’d see open source developers donating their time to enrich Microsoft shareholders.

                    Oh how times have changed …

                    1. 7

                      To be fair, we also thought we’d never see Microsoft become the financial backer for one of the most popular open source development tools (Visual Studio Code) or running their premiere database product on Linux.

                      Man, have times changed! I cringe a bit whenever I remember spelling Microsoft as ‘Micro$oft’, hehe.

                      1. 4

                        I remember the Halloween Documents well enough to wonder, though, whether we’re just in the midst of a particularly well executed “embrace” step, with “extend, and extinguish” to come.

                        WSL in particular causes me to worry.

                        1. 4

                          Edit: comment is targeted more towards the earlier comments.

                          Nothing changed. Microsoft is still M$, they’re a company that reports to its shareholders. Coincidentally, their focus changed and they had to port some systems to keep them relevant. Because despite microsofts earlier efforts, linux simply took over the server part (for the web) and thus they are now running more linux boxes in their own cloud than windows. While also shifting towards a cloud-based and subscription company. Why maintain the biggest repository in the world when you can just use cloud subscriptions and store users.

                          So giving money to the linux foundation is pretty obvious, when they’re basically making money by running linux for people. The same goes for VSCode, they had to adopt after intellij took over and rendered their VS pretty clunky and limited. I could repeat this again for WSL.

                          And no you don’t really have an open source system. VSCode doesn’t allow you to actually deploy a fully functioning Version because you aren’t allowed to use the official extension store and the offical builds ship some proprietary stuff (including pylance).

                          So what did microsoft do ? They adopted the way google does it: Rule the marked with a free-ish system (ignoring anti-trust investigations), while taking the relevant and ease-of-use things for themself. Which is the store and some proprietary parts. It’s the same reason why they made the win11 store completely open to anything. They had to, because their current store is laughable in terms of money and users compared to all the mobile systems. Open-source is something you can then also add to your company badge, it’s hip, you may get some free PR, PRs and if anyone asks: You’re an open company.

                          I wouldn’t even call this a negative view it’s just the reality. And hopefully the open-source microsoft won’t do the third “e” this time. They have all the power for that now.

                          1. 2

                            Fair enough.

                            IMHO, Microsoft has seen the writing on the wall and they realize if they want to be competitive in the cloud space (which they most definitely want to) then the only way forward is loosening their ambitions to become ‘the platform to end all platforms’ and allowing developers to run code developed with their tools on Linux. It’s hard for them to build a case for paying licenses for every piece of software in your stack when huge companies worth billions of dollars were built and run on completely open-source stacks. They’d rather skim some money from running that stack than spend more on marketing and risk obsolescence.

                            That said, who knows!

                      1. 23

                        I enjoyed this quite a bit when I first saw it, and I still do kinda enjoy the original - it was never meant to be taken too seriously of course and it succeeds as a joke - but since then, the word “wat” has become a trigger of rage for me.

                        These things tend to have a reasonable explanation if you take the time to understand why it does what it does. They tend to be predictable consequences of actually generally useful rules, just used in a different way than originally intended and coming out a bit silly. You might laugh but you can also be educated.

                        But you know how often I see people taking the time to try to understand the actual why? Not nearly as often as I see people saying “WAT” and just dismissing things and calling the designers all kinds of unkind things. And that attitude is both useless and annoying.

                        1. 38

                          These things tend to have a reasonable explanation if you take the time to understand why it does what it does. They tend to be predictable consequences of actually generally useful rules, just used in a different way than originally intended and coming out a bit silly.

                          For me the most important takeaway is that rules might make sense by themselves, but you have to consider them in the bigger picture, as part of a whole. When you design something, you must keep this in mind to avoid bringing about a huge mess in the completed system.

                          1. 4

                            Exactly. It is generally underappreciated how incredible hard language design is. The cases Bernhardt points out are genuine design mistakes and not just the unfortunate side effects of otherwise reasonable decisions.

                            That’s why there are very few languages that don’t suffer from ugly corner cases which don’t fit into the whole or turn out to have absurd oddities. Programming languages are different, contrary to the “well, does it really matter?” mindset.

                            1. 3

                              I don’t know. What I always think about JS is that R4RS Scheme existed at the time JS was created and the world would be tremendously better off if they had just used that as the scripting system. Scheme isn’t perfect but it is much more regular and comprehensible than JS.

                              1. 3

                                I think one have to remember the context in which JavaScript was created; I’m guessing the main use case was to show some funny “alert” pop-ups here and there.

                                In that context a lot of the design decisions start to make sense; avoid crashes whenever possible and have a “do what I mean” approach to type coercion.

                                But yeah, I agree; we would’ve all been better off with a Scheme as the substrate for maybe 80% of today’s end-user applications. OTOH, if someone would’ve told Mozilla how successful JS would become we could very well have ended up with some bloated, Java-like design-by-committee monstrosity instead

                              2. 2

                                I don’t think I know a single (nontrivial - thinking about brainfuck/assembly maybe) programming language with no “unexpected behaviour”.

                                But some just have more or less than others. Haskell, for example, has a lot of these unexpected behaviours but you tend not to fall on these corner cases by mistake. While in javascript and Perl, it is more common to see such a “surprise behaviour” in the wild.

                                Another lesson I gather from this talk is that you should try to stick as much as possible in your well-known territory if you want to predict the behaviour of your program. In particular, try not to play too much with “auto coercion of types”. If a function expects a string, I tend not to give it a random object even if when I tried it, it perform string coercion which will most of the time be what I would expect.

                                1. 1

                                  Well, there are several non-trivial languages that try hard not to surprise you. One should also distinguish betweem “unexpected behaviour” and convenience features that turn out to be counterproductive by producing edge-cases. This is a general problem with many dynamically typed languages, especially recent inventions: auto-coercion will remove opportunities for error checking (and run-time checks are what make dynamically typed languages type-safe). By automatic conversion of value types and also by using catch-all values like the pervasive use of maps in (say) Clojure, you effectively end up with untyped data. If a function expects a string, give it a string. The coercion might save some typing in the REPL, but hides bugs in production code.

                              3. 3

                                In javascript, overloading the + operator and the optional semicolon rules I would call unforced errors in the language and those propagate through to a few other places. Visual Basic used & for concatenation, and it was very much a contemporary of JS when it was new, but they surely just copied Java’s design (which I still think is a mistake but less so given the type system).

                                Anyway, the rest of the things shown talk I actually think are pretty useful and not much of a problem when combined. The NaNNaN Batman one is just directly useful - it converts a thing that is not a number to a numeric type, so NaN is a reasonable return, then it converts to string to join them, which is again reasonable.

                                People like to hate on == vs === but…. == is just more useful. In a dynamic, weakly typed language, things get mixed. You prompt for a number from the user and technically it is a string, but you want to compare it with numbers. So that’s pretty useful. Then if you don’t want that, you could coerce or be more specific and they made === as a shortcut for that. This is pretty reasonable. And the [object Object] thing comes from these generally useful conversions.

                                1. 3

                                  == vs ===

                                  It definitely makes sense to have multiple comparison operators. Lisp has = (numeric equality), eq (object identity), eql (union of the previous two), equal (structural equality).

                                  The problem is that js comes from a context (c) in which == is the ‘default’ comparison operator. And since === is just ==, but more, it is difficult to be intentional about which comparison you choose to make.

                                  1. 1

                                    Well, a lot of these things boil down to implicit type coercion and strange results due to mismatched intuitive expectations. It’s also been shown time and again (especially in PHP) that implicit type coercions are lurking security problems, mostly because intuition does not match reality (especially regarding == and the bizarre coercion rules). So perhaps the underlying issue of most of the WATs in here simply is that implicit type coercion should be avoided as much as possible in languages because it results in difficult to predict behaviour in code.

                                    1. 1

                                      Yeah, I perfer a stronger, static type system and that’s my first choice in languages. But if it is dynamically typed… I prefer it weaker, with these implicit coercion. It is absurd to me to get a runtime error when you do like var a = prompt("number"); a - whatever; A compile time error, sure. But a runtime one? What a pain, just make it work.

                                      1. 3

                                        Lots of dynamic languages do this (e.g. Python, Ruby, all Lisp dialects that spring to mind), and IME it’s actually helpful in catching bugs early. And like I said, it prevents security issues due to type confusions.

                                2. 10

                                  Yeah, I think that this talk was well-intentioned enough, but I definitely think that programmers suffer from too much “noping” and too little appreciation for the complexity that goes into real-world designs, and that this talk was a contributor… or maybe just a leading indicator.

                                  1. 6

                                    There was a good talk along these lines a couple of years ago, explaining why javascript behaves the way it does in those scenarios, and then presenting similar ‘WAT’s from other languages and explaining their origins. Taking the attitude of ‘ok this seems bizarre and funny, but let’s not just point and laugh, let’s also figure out why it’s actually fairly sensible in context’.

                                    Sadly I can’t find it now, though I do remember the person who delivered it was associated with ruby (maybe this rings a bell for somebody else).

                                    1. 1

                                      Isn’t the linked talk exactly the talk you’re thinking about? Gary is ‘associated with’ Ruby and does give examples from other languages as well.

                                      1. 2

                                        No. I was thinking of this, linked else-thread.

                                    2. 3

                                      While things might have an explanation, I do strongly prefer systems and languages that stick to the principle of least surprise: if your standard library has a function called ‘max’ that returns the maximum value in an array and a function called ‘min’ that returns the position of the minimum element instead, you are making your language less discoverable and putting a lot of unnecessary cognitive load on the user.

                                      As someone who has been programming for over 20 years and is now a CTO of a small company that uses your average stack of like 5 programming languages on a regular basis I don’t want to learn why anymore, I just want to use the functionality and be productive. My mind is cluttered with useless trivia about inconsistent APIs I learned 20, 15, 10 years ago, the last thing I need is learning more of that.

                                    1. 6

                                      It seems to me that if one is going to go that far off the beaten path (i.e. not just running “docker build”), then it would also be worth looking into Buildah, a flexible image build tool from the same group as Podman. Have you looked into Buildah yet? I haven’t yet used it in anger, but it looks interesting.

                                      1. 6

                                        +1000 for Buildah.

                                        No more dind crap in your CI.

                                        Lets you export your image in OCI format for, among other useful purposes, security scanning before pushing, etc.

                                        Overall much better than Docker’s build. Highly recommend you try it.

                                        1. 3

                                          Added looking into it to my todo list, thanks for the suggestion @mwcampbell and @ricardbejarano.

                                          1. 2

                                            Im intrigued, what do you use for security scanning the image?

                                            1. 4

                                              My (GitLab) CI for building container images is as follows:

                                              • Stage 1: lint Dockerfile with Hadolint.
                                              • Stage 2: perform static Dockerfile analysis with Trivy (in config mode) and TerraScan.
                                              • Stage 3: build with Buildah, export to a directory in the OCI format (buildah push myimage oci:./build, last time I checked, you can’t do this with the Docker CLI), pass that as an artifact for the following stages.
                                              • Stage 4a: look for known vulns within the contents of the image using Trivy (this time in image mode) and Grype.
                                              • Stage 4b: I also use Syft to generate the list of software in the image, along with their version numbers. This has been useful more times than I can remember, for filing bug reports, comparing a working and a broken image, etc.
                                              • Stage 5: if all the above passed, grab the image back into Buildah (buildah pull oci:./build, can’t do this with Docker’s CLI either) and push it to a couple of registries.

                                              The tools in stage 2 pick up most of the “security bad practices”. The tools in stage 4 give me the of known vulnerabilities in the image’s contents, along with their CVE, severity and whether there’s a fix in a newer release or not.

                                              Having two tools in both stages is useful because it increases coverage, as some tools pick up vulns that others don’t.

                                              Scanning before pushing lets me decide whether I want the new, surely vulnerable image over the old (which may or may not be vulnerable as well). I only perform this manual intervention on severities high and critical, though.

                                              1. 1

                                                Thanks for the response. What are your thoughts on https://github.com/quay/clair which seem to replace both Gripe and Trivy?

                                                1. 1

                                                  I haven’t used it, can’t judge.

                                                  Thanks for showing it to me.

                                            2. 1

                                              I’ve never used dind, but have only used Jenkins and GitHub Actions. Is that a common thing?

                                              1. 1

                                                IIRC GitHub Actions already has a Docker daemon accessible from within the CI container. So you’re already using Docker in Whatever on your builds.

                                                There are many problems with running the Docker daemon within the build container, and IMO it’s not “correct”.

                                                A container image is just a filesystem bundle. There’s no reason you need a daemon for building one.

                                            3. 4

                                              I have not looked at it, but my understanding is that Podman’s podman build is a wrapper around Buildah. So as a first pass I assume podman build has similar features. It does actually have at least one feature that docker build doesn’t, namely volume mounts during builds.

                                              1. 2

                                                If I remember correctly, the Buildah documents specify that while yes - podman build is basically a wrapper around Buildah - it doesn’t expose the full functionality of Buildah, trying to be more of a simple wrapper for people coming from Docker. I can’t recall what specific functionality was hidden from the user, but it was listed in the docs.

                                            1. 18

                                              I love reading these Nix success stories and then last night trying to simply install Grub on a system with zfs filesystem being literally impossible with the way my Nixos system was failing to derive something for no discernible reason, with no documentation anywhere and any reportings of that issue completely ignored :D

                                              1. 7

                                                I should just ruin it all and tell my secret. I don’t run NixOS. Plain nixpkgs on an LTS Ubuntu (boomer edition!) all the way.

                                                I use Nix as a development helper, and, on rare occasions, deploy a service by sticking it in a systemd unit file and nix-copy-closure my way to success. Of course, that’s just for my gear. At $DAYJOB it’s the usual k8s circus.

                                                1. 6

                                                  Setting up Linux to boot from ZFS root is tricky even under the best of circumstances. What was the reported issue?

                                                  I’m a huge fan of both NixOS and ZFS, but in the future I might aim for a tmpfs root and use ZFS only for persistent data.

                                                  1. 5

                                                    Nix is one of those technologies I think is amazing, but at the same time is practically unusable because of hard semantics and an inscrutable command line interface. It’s kind of like rust: dipping your toes and getting the tutorial working is easy enough, but the first time you are confronted with a real problem, finding the solution requires so much ancillary knowledge of arcane the minutiae of how the system works, it becomes a waste of time and solving it ‘the way I know’ is easier.

                                                  1. 2

                                                    This is really interesting. If I remember correctly, the deal with JavaScript JITs is also the main reason why there is currently no real versions of Firefox and Chrome on iOS since Apple forbids apps to generate executable code for quite obvious reasons. Browser diversity and security is probably worth loosing a bit of performance.

                                                    Moreover it would be interesting to know which websites are the most affected by this change. If JIT is beneficial for the bloated ones only then that’s one additional reason to drop it.

                                                    1. 3

                                                      probably worth loosing a bit of performance

                                                      I’m not sure what browser vendor is likely to risk the “browser Foo 50 times slower then Safari”.

                                                      1. 6

                                                        But it isn’t 50X worse, their own testing on a performance oriented benchmark shows about a 50% performance regression, and that seems perfectly acceptable for not having to worry about a whole type of memory bugs that could potentially expose private information to attackers. Most JavaScript is used for presentation improvement rather than heavy computation, so most users wouldn’t see a huge degradation in experience. Besides there’s a whole market out there who doesn’t care about performance that much, but cares a lot about security: corporations. It’s cheaper for a company to throw an extra grand to buy a faster laptop that makes up for the lost speed than dealing with a huge data leak.

                                                        1. 3

                                                          I know it’s ok and usable in most cases. But there will be some number crunching micro-benchmark which is 50 times slower, even if not representative. And I expect that’s the one that will make the headlines. Rather than “slightly slower more secure alternative available”, I expect “Chrome and Firefox finally available on iOS, up to 50x slower”.

                                                          Maybe I’m totally wrong. But I honestly think that would stop Google from going with it.

                                                    1. 20

                                                      Even if they didn’t make sense as form elements, it sucks when you have a RESTy API and don’t want to involve JS on the frontend. I’d love to make a link or form’s method DELETE, but instead, I have to implement something dumb like GET /object/3/delete or something.

                                                      1. 9

                                                        I have to implement something dumb like GET /object/3/delete or something.

                                                        Please remember that GETs are defined as safe and idempotent methods. A GET that deletes an object violates this.

                                                        This isn’t a theoretical concern, either. I’ve been professionally burnt by misbehaving middleboxes replaying traffic, web spiders and browsers prefetching endpoints that mutate state… so make your non-read only endpoints accept form POSTs instead.

                                                        1. 6

                                                          I understand what you mean, and I agree it would be helpful to have other methods supported, but using a GET is absolutely the wrong work around. A DELETE or PUT request should be handled by most layers (browsers, proxies/caches, app servers) the same way a POST should - the semantic difference is not relevant for those layers.

                                                          Edit to Add: the only valid reason I can see for a “GET” response to a ‘/delete’ endpoint like that, is to show a prompt to confirm deletion of something (i.e when not relying on JS, or when relying on simple XHR and very little front-end logic to do the confirmation. ie. GET /foo/bar/delete shows a confirmation, which is a form to submit POST /foo/bar/delete.

                                                          1. 5

                                                            One way to get around this is adding a hidden method field to your form and then having your backend look for that. This is what Ruby on Rails does for example.

                                                            It’s kinda silly. I don’t understand the objections against just adding it to the form element.

                                                            1. 6

                                                              Best explanation I’ve seen is “browser vendors are why we can’t have nice things”; same as client TLS certs.

                                                              1. 1

                                                                There is no literal objection. It just hasn’t been figured out yet. I just submitted a top-level comment to explain the issues that would need to be resolved. With Rails, the website is obviously opting in by implementing this convention in frontend and backend explicitly. But that Rails only covers the same-origin case AFAIU.

                                                                1. 2

                                                                  Those weren’t the cited reasons though, which were mostly fairly dismissive. There is a specification, which addresses CORS, but I can’t readily find why that wasn’t implemented.

                                                              2. 2

                                                                For precisely that purpose, I always use the Rails UJS library.

                                                                I use it without Rails. It’s a minimal amount of JavaScript that will save you a lot of time, as it does exactly what you mentioned in your comment.

                                                                1. 2

                                                                  Frameworks like Laravel use a ‘magic’ _method field, which you can use to override the request method.

                                                                  <input type="hidden" name="_method" value="DELETE" />

                                                                  It’s not ideal, but it makes handling it in middleware to rewrite the request okay, without having to mess with other routes.

                                                                  1. 1

                                                                    If what you want is the convenience of calling the right method without the pain of dealing it in JavaScript - as opposed to JS being a hard no - then I couldn’t recommend the htmx library enough. I’ve been using it for a few weeks in a new project and it’s ability to get rid of boilerplate JS code is unsurpassed.

                                                                    1. 2

                                                                      As a Portuguese speaker, that was a delight to read. Grazas!

                                                                      1. 6

                                                                        Funny story: my mother tongue is Spanish, but I lived in Brazil for a long time (7 years). One time I was visiting my family back in my home country and over dinner the TV was on in the background. At some point, I made a comment about the topic the show was covering and asked my dad what he thought about it and he gives me this blank stare and says: ‘huh? What are you talking about?’.

                                                                        Turns out the TV was set on the TV Galicia channel and nobody was paying attention to it because they didn’t understand the language. Gallego being kind of a mix of Spanish and Portuguese, I had been following the content without issue, assuming it was Spanish.

                                                                        It kind of blew my mind that my brain would kind of put it together and I never even notice.

                                                                    1. 15

                                                                      OK, kidding aside… this would actually be an interesting legal theory to test. What if an algorithm could, given an input file, recreate most of the song by finding slices of public license music and creating a list of every single slice used? Better yet, use other copyrighted songs, creating it a nightmare for anyone trying to sue?

                                                                      I’m sure it’s a solved problem - after all media producing companies have been some of the most aggressive pushers of copyright lawfare - but I wonder what the standing on a case like that would look like.

                                                                      1. 5

                                                                        Since in the USA case law is that sampling a single note is infringement, I doubt the legal theory would be as grey as with software.

                                                                        1. 2

                                                                          Wow, is that true? I’m completely ignorant on the laws around music copyright infringement.

                                                                          1. 1

                                                                            What about sampling a single sample? There are 65536 possible levels for each audio sample at CD quality there are more than 65536 songs out there. So any audio could be represented as a series of these samples with no change except attribution

                                                                          2. 4

                                                                            BTW, music these days is mostly made out of fragments of other songs. Check out Amen Break or sample breakdowns like this: https://youtu.be/5AqHSvR9bqs https://youtu.be/AXXUodk-pVo

                                                                            1. 14

                                                                              Dunno about “mostly”. There was a golden age of sampling in the late ‘80s (viz. “Paul’s Boutique” and most early Public Enemy / Bomb Squad stuff) but it was quashed when US copyright law started requiring licensing of any recognizable samples. Plus of course the origins of hip-hop lie in literally looping bits of records, but they could only get away it’s that in live performances.

                                                                              The Amen break (and Funky Drummer, Apache, etc) got sliced up in the early 90s into individual drum hits, and then re-sequenced — that’s where jungle and other breakbeat styles came out of. At that point you can’t really say it’s fragments of songs, so much as a sample library like a piano plugin where the individual notes are samples but the composition is original.

                                                                              1. 4

                                                                                It makes an interesting parallel to Copilot. It is essentially sampling code and re-sequencing it, and sometimes uses bigger, recognizable fragments.

                                                                          1. 4

                                                                            Context: Pop!_OS is made by System76, a small hardware vendor in the US that specializes in linux-first, privacy-friendly machines. (They work hard to add hardware switches on microphones/cameras, etc.). They have laptop offerings, desktop machines and servers, most custom-designed. Pop!_OS is designed, iirc., to provide a good default experience for System76 machines, in particular good UI tooling for system configuration related to their hardware, but also other developer-friendly niceties; they worked on a “tiling desktop” extension for Gnome for example. For laptops they use Clevo machines (Clevo is a Taiwanese manufacturer that sells laptop chassis to companies that then turn them into full laptopts); if you are not in the US you can go through other Clevo adapters (for example Tuxedo in Germany) to get similar, but different, Linux-first machines.

                                                                            Opinion: I don’t understand why System76 decided to create their own Ubuntu spin OS. I want my hardware vendor to be good at hardware, and System76 meets a lot of my requirements. But developing an OS is extremely time-consuming, and I wonder what other important things the System76 folks are not doing because they work on this OS. I don’t care for a new Linux distribution, I care for better upstream tools that all distributions can use, and I don’t see why a hardware vendor would decide to spend energy on software beyond something like “nobody has a decent UI interface to fan configuration parameters, and this hurts our consumers, so here is a tool that can be used by our machines and also many others”.

                                                                            1. 8

                                                                              Few people remember the hardware, they remember the software and sometimes blame their hardware if something goes wrong.

                                                                              I would guess that there are more markets available when you control both software and hardware as Apple does. When someone buys your computer your name and reputation is on the line for their configuration. So, by providing a holistic experience, it’s easier to make sure things “just work”

                                                                              1. 7

                                                                                There have been a bunch of downsides to delegating the laptop hardware, including rocky quality control, and the just plain weird keyboard/trackpad layout used by laptops meant for the Windows world. I hope they can bring their laptop hardware in and own the design soon.

                                                                                But in my experience so far (I’m on my second laptop from System76), the custom OS is what makes any of this possible. They’re constantly tweaking drivers to chase down PC hardware quirks – something they can do because of their Apple-like limited hardware choices – and their desktop has a design that I would characterize as “extremely simple and out of your way”, which is more coherent than anything I ever saw come out of gnome or ubuntu.

                                                                                I think they’re trying to thread the needle between hackers of the lobsters world and “makers” who have non-coding needs that Linux can meet, and that requires ubuntu/gnome to be heavily modified.

                                                                                1. 1

                                                                                  I don’t know much about drivers, but couldn’t “excellent support for our hardware selection” be achieved by targeted contributions to upstream projects, instead of creating a new distribution? If the drivers in the kernel need improvements, surely these improvements could be contributed to the kernel, benefiting users of all distributions? Same thing for improvements to udev, and other “middle system” layers in userspace.

                                                                                  1. 6

                                                                                    It’s hard. While I understand - and to some extent share - your concern about a hardware company ‘wasting time’ with an operating system, look at the difference in experience between MacBook users and Windows laptop users (well, at least while Mac OS releases weren’t a dumpster fire).

                                                                                    My last Windows laptop 10 years ago, despite being a flagship top-of-the-line machine, had a battery life of 3 to 4 hours. If you closed the lid, there was a solid 30% chance the machine would fail to come back from sleep and a 25% chance it wouldn’t even go to sleep and then be super hot to the touch (or completely drained) when I took it out of my backpack. Installing drivers and programs to change the CPU scaler helped, but in general my laptop was only a laptop in the sense that I could carry it around.

                                                                                    Fast forward to my first MacBook pro: whole day battery life. Perfect resume from sleep. Everything ‘just works’: connecting an external monitor, connecting to a wifi network, printing over a network, etc. Subsecond application loading. My only complaint was having to learn a new keyboard layout and I was off to the races.

                                                                                    System76 wants the latter experience, at least for their machines. I can’t blame them.

                                                                                    1. 4

                                                                                      It’s a business risk to tie software support of your product to an upstream’s release schedule and review requirements. Upstream generally doesn’t appreciate having their time and energy demanded to meet an SLA they didn’t agree to.

                                                                                      Providing a supported fork for your customers meets everyone’s needs and gives room for the upstreaming process to happen at a pace and quality the upstream can accept.

                                                                                      1. 1

                                                                                        This is still no argument to support a whole Linux distribution, instead of maintaining a couple forks for key drivers/tools. Besides, the upstreaming schedule for the Linux kernel is in fact rather fast, of the order of a couple of months, so a Linux-first shop would be able (and probably already is) to upstream driver fixes as they develop them.

                                                                                  2. 2

                                                                                    I see the System76 goal as being Apple-like, and the underrated thing about Apple is that the hardware and software are developed in parallel, and as such, the whole system is more likely to function as the user expects.

                                                                                    1. 1

                                                                                      This is not a realistic goal. How many people does Apple have working on its software? 300? How many people does System76 have working on their software? 3?

                                                                                      1. 2

                                                                                        Apple has a lot more than 300 folks working on their software, but System76 can free-ride on the general Linux world. Now, I doubt highly that it’s a realistic goal, but it’s not totally insane.

                                                                                  1. 4

                                                                                    I used many solutions for offline tasks. Both Python frameworks and directly connecting to the broker. I worked with RabbitMQ, Kafka, Redis and PostgreSQL.

                                                                                    I do not quite understand why Redis is highly recommended as a message broker. If you are already having a Redis instance, depending on the requirements, it might be the right choice. But plain Redis requires some work in order to provide a solid task queue backend.

                                                                                    As a background task processing that is backing some web interface, a custom PostgreSQL backed task queue works amazing. Initially, I was a bit skeptical, because of what PostgreSQL is and how it works. Reading an old benchmark page gave me much needed confidence. If you are already using Posters and your task throughput is small enough (you have to judge this yourself) using PostgreSQL as a broker has so many advantages over any other solution.

                                                                                    If PostgreSQL is not enough for you as a task broker, you can tap yourself on the back, because you did a great job on building a popular product! Now take the afternoon to consider switching to another tool that will suite your needs better.

                                                                                    1. 2

                                                                                      I think the reason people recommend Redis is that for most average small websites it’d be replacing something really hard to setup, like RabbitMQ. Setting up a Redis instance is trivial. Most cloud providers I’ve used provide a hosted Redis solution, if you want to setup a highly-available server for some reason. A lot of people are using Redis as a replacement for memcached these days, so for most setups you already have a Redis instance. It’s also trivial - and incredibly light in resources - to reproduce your setup locally for development.

                                                                                      In other words: yes, Postgres might be good, but Redis carved the niche earlier and it’s super convenient and that’s why people recommend it.

                                                                                      1. 1

                                                                                        If you’re going to setup a hosted Redis on your cloud provider, there’s a good chance they provide an actual message broker or queue service already. On AWS there are several.

                                                                                        1. 2

                                                                                          being locked into a proprietary AWS service doesnt sound like a good time to me

                                                                                          1. 1

                                                                                            They’re not all proprietary - you can get managed Kafka (or something that’s API compatible), for example

                                                                                    1. 6

                                                                                      I agree so much about the documentation. It’s hard. It’s not just about making sure that everything is there, unless you’re strictly writing a reference perhaps, but making sure that it is introduced in an order and pace that the intended target audience (which is not you by the way, so who is it?) can be assumed to learn it. And those people cannot read your mind, only what you wrote; if it’s ambiguous they will make the other interpretation.

                                                                                      Conversely, if there is a call for document review for some thing you will be an end user of, or which contains the thing you work on, or any other reason for why you might know of the document review in the first place – put time into it, it will most likely save everyone time in the long run.

                                                                                      1. 6

                                                                                        the intended target audience

                                                                                        This, this, this! There are a lot of books and articles online that talk about writing as following a series of rules (e.g., omit needless words, use the active voice, keep your sentences short, do not end a sentence with a preposition, etc.), but you’ve nailed exactly what writing is about: it’s about the target audience. It’s about writing in a way that they’ll gain value from reading. The rules about language can be useful, but they’re useless if the author failed to understand what his audience needed.

                                                                                        There’s a video online that I quite like. The first time I saw it, I was shook to my core, but I’ve come to realize the wisdom of the advice in it. https://www.youtube.com/watch?v=aFwVf5a3pZM

                                                                                        1. 5

                                                                                          I was just discussing this the other day with my wife (also a software engineer): there’s two things that nobody teaches you:

                                                                                          • How to write good documentation (and more importantly, how to write a simple project specification and keep the conversation going so that most of the high-level items are ironed out before you write the first line of code)
                                                                                          • What, how and why to test your code

                                                                                          Two huge endeavors that improve the quality of the code immensely are never touched on in academia and are not emphasized as part of your job once you enter the industry. I was mind-blown by just bad documentation was when I worked at Google. Another thing I did realize early on is that one’s ability to get promoted was directly correlated with how well they documented their work. You could spend months working on a super important project, but if you were shit at documenting the importance of the project and the progress you were making, the promo committee had 0 visibility into your work.

                                                                                          Honestly, I think there’s a fair market opportunity for creating courses around this and selling them to companies.

                                                                                          1. 1

                                                                                            I think it’s weird that these two are in the same category. You can’t write any non-trivial code (or even much trivial code) without reading documentation on the things that it wants to interoperate with (even if that’s only the core standard library for your language). It’s impossible to be even a junior developer without being exposed to good and bad documentation. I don’t understand how anyone can be exposed to so many exemplars and not learn. Even if you work entirely on your own, you’ve almost certainly come back to a project that you haven’t looked at for a year and either gone ‘I’m so glad I documented this well, it’s really obvious what I was doing’ or ‘I have no idea what I was thinking when I wrote this’.

                                                                                            Writing good documentation is really just a matter of putting yourself in the mind of the person approaching your codebase for the first time (or after a sufficiently long gap that they’ve forgotten). That person is very much likely to be you in a year’s time, so being able to write good documentation depends only on being able to empathise with yourself, which should be easy!

                                                                                            Testing is very different. Tests don’t show their value until a project reaches a certain level of complexity. It’s possible to work on a load of simple self-contained things and not really experience first-hand the benefit of tests. The value of a good test suite is really obvious if you’ve worked on a big project that has one but is far less obvious when you only work without one. I really hated the requirements that the LLVM project had on writing regression tests for every new feature and bug fix when I started working on it but I lost count of the number of times I was saved work by having a bug easily reproduced by a test.

                                                                                            I think the big problem with a lot of academic teaching in software engineering is that they don’t treat it as a social enterprise. Everyone works on their own project (or, occasionally, in small groups) and then the code is thrown away at the end of the year. I taught a compilers course to the Cambridge MPhil group and most of the students had never worked on a project that was >10KLoC before. I like to think that they learned a lot about compilers, but the most valuable transferable skill was probably having to read LLVM API documentation and write things that integrated with a library that was over a million lines of code from a standing start.

                                                                                            I’d love to have a course where every year people had to fix bugs from the previous cohort’s project and then add new features and hand it over to the next cohort and where the grades for each cohort depended on the experiences of the following one (or, ideally, of the next two or three).

                                                                                            1. 1

                                                                                              Yes.

                                                                                              Yes yes Yes yes YES YES YES.

                                                                                              I’ve worked at Sauce Labs for several years helping people debug tests and test frameworks, and have come across just so much bad documentation and testing practise… And been so impressed at the difference when those things are good, instead.

                                                                                              The thing that’s blown my mind as a Big Boy (eg professional dev with experience) is how little of this stuff people can get away with doing, even as a senior. My college degree was run by the engineering school, and I’ve worked in Engineering firms, and that shit does not fly in other industries; You document and test properly even if you don’t want too, or you’re fired.

                                                                                            2. 2

                                                                                              In my experience there are two tricks:

                                                                                              1. Practice.
                                                                                              2. Do it at least twice.

                                                                                              Practice will make anything better. This is why writing a weblog is useful even if no one reads it (or even if you don’t publish it!)

                                                                                              Doing it twice is like code: the first time you usually don’t quite know what you’re doing yet as you don’t fully understand the problem, eventually you come up with something that works but isn’t necessarily the best. So you write it again, sometimes just parts of it, sometimes even from scratch. Because you now know all the things you didn’t know when you wrote the first line it will be better.

                                                                                              I did this today actually; I’ve been working on some tools to extract stuff from Baldur’s Gate (a game), and there’s some documentation out there but it’s all rather meh. While writing the implementation I also wrote quite a bit of documentation for it explaining how it all works. When I continued to work on it today I rewrote a bit of the code, but a lot of the documentation. The gist is still the same, but now that I understand it better the documentation is much better, too.

                                                                                              Often times coming back to it after a few days is very helpful. You’re not longer “immersed” in the material and whatever is unclear tends to stick out.

                                                                                              I don’t think any of this is hard as such, it just requires more time than many people are willing to invest.

                                                                                              1. 3

                                                                                                Talks work like this as well; my talks don’t “emerge” from the notes and slides until I’ve written them once, tried to give them to the wall and decided I hate everything I’ve written and I’m a fraud and a sham.

                                                                                                1. 1

                                                                                                  Even after that, giving them to someone who is willing to give good feedback is incredibly valuable. I got the ‘best presentation’ award at ASPLOS a few years ago. I gave a practice talk to some folks in my department and got two hours of feedback from a 15-minute talk. The final version had almost no relationship to the version that I have as a practice talk, and I gave the practice talk because I thought the talk was basically ready.

                                                                                                  If you learn to dance, the value of feedback becomes apparent really quickly. Folks who start doing tango often get excited and practice a lot with another beginner. After a few weeks, they’ve really entrenched some bad habits and then they need to spend several months unlearning them. Feedback early and often is a really hard habit to get into (nobody likes having their early attempts criticised) but it’s so very valuable.

                                                                                                  1. 1

                                                                                                    Yup, 100%. One thing I love about digital talks during The Virus Times, is the ability to poll the audience at the end to ask for feedback.

                                                                                                    Additionally, how is Tango going?

                                                                                                    1. 1

                                                                                                      Additionally, how is Tango going?

                                                                                                      I injured my back and had to stop for a little bit and then the pandemic happened. Hoping to get back to it this autumn!

                                                                                                2. 2

                                                                                                  “Do it at least twice.” is a great way to put it. Whenever I’m working on something nontrivial, I always get something that works somehow, someway with the explicit plan of rewriting all of the terrible hacks I resorted to because I didn’t understand what I was doing yet.

                                                                                              1. 10

                                                                                                The beliefs of the creator of Urbit are particularly repugnant to me but for some reason every time I see the name I think of the Borges story Tlön, Uqbar, Orbis Tertius. I have no idea why.

                                                                                                1. 9

                                                                                                  Tlon is the name of the company developing Urbit and the name is self-consciously a reference to that Borges story. I’m sure there are other Borges references in Urbit that I’m not familiar enough with the author’s work to pick up on.

                                                                                                  1. 4

                                                                                                    Thank you. I knew there had to be some sort of connection my subconscious made every time I read the damn name.

                                                                                                    Borges is one of my favorite authors. The Garden of Forking Paths, The Library of Babel…all great.

                                                                                                    1. 7

                                                                                                      Borges is a fantastic author… with some problematic history as well. He supported the right-wing juntas that killed thousands during the last dictatorship in Argentina, under the pretense of saving the country from ‘communism’. I wouldn’t be surprised if Urbit’s author is aware of that connection.

                                                                                                      Either way, if you are interested in another Argentine author with similar themes, I couldn’t recommend Julio Cortázar enough. His book Final del Juego is on par with Borges’ Ficciones in terms of mind-bending stories that’ll leave you thinking for a few days.

                                                                                                      1. 10

                                                                                                        As someone fairly far to the left side of the political spectrum (you have nothing to lose but your chains!) I’m aware of his political leanings, and can separate that from his writings (I quite enjoy a lot of Orson Scott Card’s work, but abhor homophobia, in a similar vein).

                                                                                                        I will definitely take your recommendation, thank you. I’ve been meaning to improve my Spanish in part to read Borges as it was written, but my Texan half-Spanish is nowhere close to being able to handle Borges’s Castellano…

                                                                                                        1. 9

                                                                                                          I do not think that Borges’ opposition to Peron’s pro-Nazi totalitarian regime is “problematic”. Just read the history of what was going on and how it affected Borges. Argentina effectively became a one-party state which took control of all mass media, and brutally suppressed dissent. Many critics of the government were imprisoned, tortured and killed. Borges wasn’t imprisoned, but he was fired from his job for criticising the government. Of course Borges wanted Peron out of power, which is why he initially supported the 1976 coup. He didn’t support the subsequent death squads, and it is incorrect to imply that he did. From wikipedia:

                                                                                                          During the 1970s, Borges at first expressed support for Argentina’s military junta, but was scandalized by the junta’s actions during the Dirty War. In protest against their support of the regime, Borges ceased publishing in the newspaper La Nación.

                                                                                                          1. 5

                                                                                                            Luckily left-wing dictatorships don’t have such problematic history.

                                                                                                            Yours, an Eastern European

                                                                                                    1. 1

                                                                                                      Woha! I didn’t know DJGPP was still alive. At some point in my life - before MinGW32 was a thing - I used an unholy combination of DJGPP + some open source implementation of the Windows headers + a tweaked linker (I can’t even remember where I got that from) to write Win32 programs. The surprising thing was that it worked just fine, other than missing a decent IDE.

                                                                                                      1. 3

                                                                                                        Ohhhh, this is good! One of the biggest obstacles I’ve found when trying to understand the Wayland ecosystem (and why it’s taking so long for things to get ported). This is a good start.

                                                                                                        1. 12

                                                                                                          In 1996, I was working for Digital Equipment Corporation, at the time the second largest computer company in the world. Today most people have never heard of it.

                                                                                                          That makes me so sad.

                                                                                                          It’s like the time I went to a punk festival where NOFX was set to play and the younger people in the audience didn’t know who they were. :(

                                                                                                          1. 7

                                                                                                            Almost a decade ago I was lucky enough to see Stone Temple Pilots - way after their prime - at a festival in Sacramento. I was telling some people I met at the festival that I had bought the day pass just see STP and that I was glad I could see them live, as they didn’t do a lot of tours in South America. They were like ‘who’s that again?’.

                                                                                                            Turns out that was their last show with Scott Weiland, so I guess I was double lucky. But it did make me feel pretty old.

                                                                                                          1. 4

                                                                                                            This article doesn’t seem to even touch on one of Ada’s most interesting features (and the reason they taught us this language in my college): Ada has built-in and dead simple concurrency.

                                                                                                            1. 2

                                                                                                              The subtle distinction between ‘abstraction’ and ‘magic’ is a bit like the famous quip about porn: you know when you see it. It’s too subjective and fluffy to be of use. I think a better way to decide if something has gone too far is the Principle of Least Surprise: if an abstraction introduces unexpected side-effects then it’s a bad abstraction.

                                                                                                              1. 1

                                                                                                                I think it’s objective enough, or can be formulated as such. Let me suggest some easily identifiable objective metrics (with relation to the text below):

                                                                                                                • “it works when you run it, but not when you read it”

                                                                                                                  Magic is different. It feels different. When you encounter something magical, it may work, but you aren’t sure why. Worse, you can’t trust it.

                                                                                                                • Abstraction inversion

                                                                                                                  A successful abstraction is presented as a set of tools. There may need to be escape hatches, and a good abstraction includes semantics around them that, if not elegant, are at least usable. The places where “leaks” occur are signposted.

                                                                                                              1. 4

                                                                                                                Are there any well-known open source .NET apps (CLI or GUI) that run on Linux?

                                                                                                                1. 7

                                                                                                                  KeePass.

                                                                                                                  Back when Gnome + Mono was a thing lots of interesting stuff was born, eg. Beagle.

                                                                                                                  Suse was actively developing nice user facing tools in mono at astonishing pace, then C# fell from favour because of politocs, most stuff was half rewritten in C++/Python/JavaScript, usually in lower quality/featureset.

                                                                                                                  Since then I find Gnome worse with every release, but that has not so much to do with .NET support.

                                                                                                                  1. 1

                                                                                                                    I was using keepass on my windows desktop. When my machine started to die I was pleasantly surprised to find my keepass database worked on debian.

                                                                                                                  2. 4

                                                                                                                    There are a few Mono apps from back when the Gnome project was kind of adopting Mono as their standard runtime for apps. Two that come to mind are Tomboy (notes app) and Banshee (music player).

                                                                                                                    1. 4

                                                                                                                      Jellyfin media server (FOSS fork of Emby and alternative to Plex) runs on dotnet.

                                                                                                                      1. 4

                                                                                                                        If anything should work on Linux, it should be F#, but here’s a tweet from yesterday from the author of an F# course bemoaning the difficulty he is having getting his course to seamlessly work.

                                                                                                                        https://twitter.com/kitlovesfsharp/status/1362125496683819012

                                                                                                                        1. 3

                                                                                                                          It works fine for me on Fedora. As the comments suggest, it may be related to snap.

                                                                                                                          Ionode is buggy sometimes, but so is Visual Studiofor F#.Both are steadily getting better.

                                                                                                                        2. 3

                                                                                                                          PowerShell for one, but it’s fairly recent that .NET Core got Linux support, so I doubt there are many large projects around yet. Most likely any really large open source projects in the coming years will come from Microsoft open sourcing their own products.

                                                                                                                          1. 2

                                                                                                                            There may be some, but I have been waiting for a bit more maturity in the .Net Core, .Net 5 (and now .Net 6) ecosystems before diving in. A year ago, I was reading a lot of stories about cross platform issues in core and I had my own painful experience setting up .Net Core with Asp.net.

                                                                                                                            I’m actually quite surprised how quickly there is now a .Net 6 version coming out.