1. 2

    My philosophy: Why bitch about a project from afar when you can bitch about it in dialogue with its maintainers? Make your bitching useful ;)

    1. 6

      Except when the maintainers hold all the cards. It’s primarily Red Hat folks working on Xorg and Wayland, and they don’t want to be working on Xorg much longer, and they’re not going to keep working on Xorg even if Wayland doesn’t work for you. Scratching your itch isn’t their problem, and it doesn’t have to be, because you’ll have to use it eventually with your itch scratched or not when it’s the only game in town. Look how much trouble people have had maintaining a systemd-free distribution. The same thing will happen with Wayland, and I think that’s where a lot of the resistance is coming from.

      1. 4

        The maintainers don’t hold the cards, and Red Hat isn’t the only player. Wayland is an open-source project, and as always, if you contribute then you get to have a say in discussions.

        I originally had no say in Wayland development, but contributed server-side decoration support (a Red Hat employee has merged it, btw) and pluggable desktop components (still wip, but getting there, with adoption from many compositors).

    1. 13

      I must be some kind of dinosaur to the wayland devs. I don’t use a compositor. I avoid sending images down the wire in most my programs (unless there’s a specific need). And I do very much enjoy my separate window manager and other utilities. I even use programs over the network - and got some of mine to jump windows from one display to another on demand (though in practice I usually just use terminal programs that way and pop up new copies of X windows as needed).

      I know I’m in the minority of both users and developers, but X works very well for me. I am not looking forward to the day when my distro update forces all of this to break for no real personal benefit.

      1. 6

        I have two specific beefs with Wayland:

        • it doesn’t work well, if at all, without a GPU. It’s glacial on a 2D framebuffer. If you want to work with a system with as few firmware blobs as possible, you probably can’t use Wayland on it. For that matter, I saw no improvement, and probably slight performance degredation, on my system with a GPU (WX7100). I’m told eventually Wayland will work better on such systems, but X11 works now.

        • I use a custom background program that transparently watches what X window is on top and remaps certain modifier keys automatically. On X11 it “just works,” but it’s currently impossible in Wayland without hacking the window manager, AIUI. I’m on Fedora with GNOME and Mutter is apparently in no hurry to provide such functionality.

        1. 2

          As the Wayland maintainer, I’d be the first to say that nothing forces you to migrate to Wayland. Pick the tools that work best for you.

          1. 4

            I don’t blame the Wayland devs for forcing a switch, that’s on the distros and other programs. (My comment for the wayland devs seeing me as a dinosaur is that every Wayland explanation thing I’ve read or watched describe X in a way pretty alien to the way I actually use it.) For example, I don’t like PulseAudio. It doesn’t work very well even today, and I resisted touching it for years… but then Firefox dropped their support for ALSA and kinda forced my hand.

            For a lot of programs, if upstream does something I hate, I’ll rewrite it myself or fork it or something like that. Even with firefox I considered switching browsers, but it wasn’t really a good solution either. I switched sound systems instead of browsers and PA continues to annoy me. At least my ALSA programs still work though.

            And I fear the same thing is going to happen with wayland in the next several years, and there’s an X server on it too, so that’s good… but my custom window manager won’t run. Possible some day I’ll just write my own compositor but I’d really rather not so not looking forward to it.

            (Additionally, users of my graphics libraries keep asking me for wayland support but at least I can say “sorry, go use a different lib” to them, I doubt I’ll ever move my graphics lib over since normal X clients work fine over there. But we’ll see.)

        1. 3

          Not only I have to agree; I’ll also add that the entire Wayland protocol is built like “we only use unsafe C pointers and callbacks to do stuff”. When the most common operations (like putting up a window and painting something on it) requires an amusing number of event loops, callbacks, ping-pong’s, etc, it means the whole protocol has been somewhat over-engineered.

          1. 5

            The C library uses void * data pointers and callbacks, but the protocol itself has nothing to do with this. For instance there is an implementation of the Wayland protocol in Rust that does things differently.

            The protocol is very simple, in fact. A few resources:

          1. 6

            I just wanted to add, since I didn’t mention it in the article:

            I switched to Sway is not because I was expecting that my life would be made easier in the short term, but because of what I expect it to become in the future — based on the developers’ track record for ethics and good sense.

            Thanks @sircmpwn, @emersion and the rest of the Sway team for all the hard work writing the software I use, which makes it possible for me to complain about it being cantankerous and hard to use :)

            1. 2

              Glad you like it! :)

            1. 15

              Doesn’t really paint sway in a bad picture, but wow does it sound complicated to replicate your X working environment with wayland… Still…

              1. 8

                I think part of it is that many of the Wayland tools aren’t yet packaged for Ubuntu (or are outdated), so you need to compile them from source. Also, you probably took some time to setup your i3 environment as well, similarly setting up Sway will take some time too (you can just copy-paste your i3 config, but you’ll need to do the work for the rest of your tools).

                1. 5

                  But that’s exactly what I meant.

                  I actually don’t use a lot of i3-specific tooling. One i3-addon and dmenu and the bar. So everything that was described is “Linux GUI stuff” for me, like xdotool (I hardly use it) - so X applications and tools. I suppose replacing dmenu would be trivial for me.

                  People get used to doing things if they use Linux for years, and all the work there seemed pretty wayland-specific to me. Of course it was adjusting sway to be like i3, but people who want to do that sort of customization would have done that on another WM on X as well…

                  1. 5

                    If you don’t use many X11-specific tools, then I don’t really understand how switching to Sway would be complicated. You don’t even need to replace dmenu if you don’t want to. Just copy over the config and you’re good to go?

                    Sway is strictly an i3(-gaps) port of i3 to Wayland, so you don’t need to adjust Sway to behave like i3.

                    1. 4

                      Just because I don’t use them doesn’t mean I see why some problems in the article are solved just like I would solve them. Which means I seem to have at least the same basic understanding.

                      And I find the procedure to mimic things quite involved. I didn’t say wayland was bad, just that this seems like a lot of work to replace tools that have always worked.

                      1. 3

                        While it seems to be the case that Ubuntu doesn’t have these tools packaged (yet), there are quite a few already packaged for Arch Linux, and I know that Fedora also has a pretty thorough selection. I had very little trouble switching to Sway and Wayland (earlier this year I think), which was a pleasant surprise. Most of my customisations were more quality of life than strictly necessary. It’s quite usable before you even start customising it.

                2. 3

                  As long as I can run a browser and a terminal on X I won’t switch.

                  1. 3

                    People will argue that you aren’t guaranteed to be able to either of those things… Without tearing, on xorg. Depends à bit on your gpu.

                1. 6

                  The thing I love about i3 is that I can have super-efficient window-management combined with all the niceties of a modern desktop environment like automatically mounting USB drives, and support for my laptop’s screen-brightness and volume keys, a system tray with a volume control slider and quick access to networking and bluetooth settings, etc. etc.

                  It’s neat that the author figured out how to get their “paste the current date” keybind to work, but that’s not what I was hoping to get out of this article. :/

                  1. 4

                    Missing nm-applet (for NetworkManager) was a big blocker for me, when I tried sway on a laptop.

                    1. 3

                      I agree that Sway has a long way to go when it comes to convenience and functional defaults. However, in my experience, support — or lack thereof — for the items you list in the modern desktop niceties category (convenient access to networking, and support for brightness, or laptop specific volume keys) has been pretty similar between Sway and i3. Sway comes in second, but not by much.

                      The main difference, in my experience, is how few programs run on Wayland without tinkering.

                      But maybe I was missing out on a lot i3 features, and therefore didn’t miss them when I switched to Sway. Or maybe the difference in our experience is partly a result of the distro we’re running.

                      1. 4

                        If you’re looking for a fancier way to change volume and brightness with function keys I find wob to be rather good.

                        1. 2

                          i3 itself doesn’t have a lot of those features built-in, but since it’s just an X11 window-manager and it supports most or all of the fancy desktop-environment window hints, it’s not too hard to slot it into a traditional desktop environment that provides all that other stuff.

                          Meanwhile, with Wayland, it seems all the pluggable components of the X11 model are collapsed into the compositor, so I can’t set up environment variables in ~/.profile or launch helpers in ~/.xsession. Maybe I can set up systemd to start things for my user session, if Sway integrates with that, but I’m kind of hoping that somebody will figure that stuff out and publish a blog post before I have to do it myself. :)

                          1. 4

                            Just like with i3, you can start helpers from your Sway config with exec whatever.

                            1. 3

                              The point is more that i3 can be used to replace the wm part of an already functioning DE.

                              1. 3

                                Have you done that? Under which DE did you swap out the WM for i3, and what did you do? I tried with both GNOME and KDE, and really wasn’t happy with the results. I wound up going with kwin-tiling on KDE (which is actually pretty good) and calling it done, after spending a week tinkering off and on with substituting i3 in for both of those.

                                1. 3

                                  I’m a very happy user of i3 + GNOME.

                                  1. 2

                                    Are you using a recent, vanilla version of GNOME? Maybe I’m fighting the fedora packages as opposed to the DE, if so. I had a hard time getting most things in the settings applets to behave, and power management was really funky, whenever mutter wasn’t running. I even went so far as to try GNOME flashback, but getting that installed without breaking system packages got to be too much effort.

                                    1. 3

                                      I’m using GNOME Flashback, which is a system package in Debian.

                                      1. 2

                                        Thanks. That’s probably worth trying again for me. It looks like it is now a system package for Fedora, too, but it wasn’t when I tried.

                                        1. 3

                                          I wrote up how I set things up on Debian, although there’s a bunch of updates at the bottom that really should be folded back into the main text.

                        2. 2

                          automatically mounting USB drives, and support for my laptop’s screen-brightness and volume keys,

                          How have you got that set up?

                          I don’t have automatic mounting of USB drives, and the support for screen and keyboard brightness as well as volume keys comes from bindings I’ve added to my i3 config file that executes brightnessctl for brightness and pactl for volume.

                          1. 3

                            As I mentioned in another comment, I’m using GNOME Flashback to handle all the non-window-management parts of my desktop experience. I wrote up how I set things up.

                            1. 2

                              Thanks, I’ll check it out.

                        1. 7

                          The good intentions are spoilt by the fact that pkg.go.dev fetches the list of modules from proxy.golang.org: a closed-source proxy through which all of your go module fetches are being routed and tracked (oh, you didn’t know? They never told you, after all).

                          It is just incorrect to say that they never told you, the Go 1.13 release notes mentioned this as well as most of the talks about Go modules.

                          Update: clarify what I think is is incorrect.

                          1. 3

                            Wow, I should read those next time more carefully. I got used to the fact that any environment variable with PROXY in its name will always default to being empty.

                            Now, honestly curious, would this (proxy set by default to something) be considered a good system design if it came from Oracle (comparing it to Java), Mozilla (Rust), Microsoft (C#), Facebook (Hack)?

                            1. 3

                              I think the idea is pretty good actually: modules can be hosted anywhere on pretty much any (mainstream) VCS; it’s pretty decentralized. However, you do want some protection against “left-pad” type incidents where popular repos just vanish, and this is where the GOPROXY comes in to play. If the upstream vanishes you’re protected because there’s still a copy in the GOPROXY.

                              On one hand, do we really want some Google-hosted proxy to route all our traffic? What are the potentials for abuse? What type of information does it collect and what’s done with that? But on the other hand, how likely is it that this would happen, and how is this different from npm, rubygems, PyPi, etc?

                              At least you can easily disable GOPROXY if you want and just fetch from the source. It seems to me that this on its own makes it considerably more privacy-friendly (if you’re really worried about this, I’m personally not really) and decentralized than similar systems I’m familiar with.

                            2. 2

                              What is wrong in this statement? The “They never told you” part only?

                              1. 2

                                Yes, I guess should have highlighted that.

                              2. 2

                                Yep, and there’s this [1] excellent talk on why the service exists and how it works.

                                1 https://youtu.be/KqTySYYhPUE

                              1. 16

                                Here is the issue where this all started. Here is the library documentation that had the error, and you can now see it’s fixed and links to git.sr.ht. I feel like I’ve seen Drew harass OSS developers on GitHub far too often.

                                Here is the actual source code that contains the regexps filters for domains. One thing to note here is that it assumes any site beginning with gitlab., gittea., or gogs. is a valid instance of those git services, which is in direct contrast to what Drew tell us. He paints this as a malicious attack on decentralized git instances, when you are free to name your git instance appropriately or submit a change that adds your domain. This seems very standard for the service pkg.go.dev is providing, and I don’t think this flamebait is useful.

                                1. 8

                                  you are free to name your git instance appropriately

                                  s/free/constrained/

                                  This assumption doesn’t hold in practice. See e.g. salsa.debian.org or source.puri.sm.

                                  or submit a change that adds your domain

                                  This doesn’t really fly. If I host a small instance of GitLab/sr.ht/Gitea I don’t want to chase down each programming language specific tooling requiring a special case for my instance, and wait for the changes to propagate in releases etc.

                                  1. 5

                                    The entire thing is that just the source code links don’t work for self-hosted instances; this is not great, but certainly quite a bit different than the entire repo not working as the article makes it out to be. When I pointed this out on HN last night I got handwaving “but Google sucks!” replies first, and a slew personal insults when I pressed the matter.

                                    This is the kind of attitude these things are written with… meh. But hey, “Google bad” confirmation bias makes it get to the front page anyway 🤷‍♂️

                                    There’s is some valid criticism here, as the entire way this works is kinda hacky and confusing; but it worked like that on godoc.org too, which was originally developed outside of Google. It might be a good idea to improve on that, but I can’t blame the devs for continuing on what’s already here, rather than taking the initiative to develop an entire new specification for this. If you feel such a thing is vitally important then maybe create it?

                                    I’ve got a few other gripes with pkg.go.dev as well, but wrapping it all in an article like this isn’t helping anything. Indeed, if anything it’s going to put the developers in the defensive.

                                    I feel like I’ve seen Drew harass OSS developers on GitHub far too often.

                                    Well, that was a fun read 🙃 (that wm4 fella doesn’t seem … very pleasant … either)

                                    1. 1

                                      Thanks for sharing this. I’ve always had a feeling about the way he communicated and expressed himself, but this made it a lot more clear!

                                      1. -5

                                        Thanks, that made me uninstall mpv.

                                        Looking for a new “simple” video player that doesn’t shit into my $HOME now!

                                      1. 24

                                        There is no. winning. against a persistent unsandboxed local attacker. This comes up regularly disguised in different ways, like as reports that setting environment variables can compromise TLS, etc.

                                        If someone has full long-lasting control of the browser (like someone that can use a remote desktop thing to install an off-the-shelf rootkit) nothing will save you. Not 2FA, as they will just wait for you to use it or phish it from a real Google page; not a sync passphrase, as the browser needs it in memory to use the passwords and the attacker can just take it from there; not 1Password, as even if the vault is locked and their memory scrubbing implementation is perfect (which is unlikely), the attacker can just wait for you to type the password.

                                        This is not security nihilism (nothing is perfectly secure, etc.), this is just threat modeling. It’s important not to spend complexity and user tolerance on unwinnable battles.

                                        You could say “but this attacker looks incompetent so maybe it would have stopped them”, but they had access to the victim’s email, presumably they would just have reset any passwords they couldn’t find.

                                        Refreshing sessions still makes sense against opportunistic unsophisticated local attackers, like a domestic partner just sitting at the laptop that was left unlocked, but even then if they use that privilege to install malware it’s game over. (This is way less true on mobile platforms, because other apps can’t take control of the browser or mail app, and something we really should be doing better on at the platform level, but not a winnable battle on desktop at the web service level for now. Also remember this before criticizing an OS for tightening isolation.)

                                        (Disclaimer: I work at Google but have no particular insight into the account security team’s thinking and decisions.)

                                        1. 2

                                          This is way less true on mobile platforms, because other apps can’t take control of the browser or mail app

                                          Agreed. However this doesn’t mitigate the risk completely, for instance an accessibility service on Android can do a lot.

                                          Adding a TLS CA to the system or enabling a nasty VPN service displays something, but I’d guess most users will just ignore it.

                                        1. 4

                                          Wouldn’t it make more sense to have some kind of HTTP header and/or meta tag that turns off javascript, cookies and maybe selected parts of css?

                                          If we could get browser vendors to treat that a bit like the https padlock indicators, some kind of visual indicator that this is “tracking free”

                                          Link tracking will be a harder nut to crack. First we turn off redirects. Only direct links to resources. Then we make a cryptographic proof of the contents of a page - something a bit fuzzy like image watermarking. Finally we demand that site owners publish some kind of list of proofs so we can verify the page is not being individually tailored to the current user.

                                          1. 11

                                            The CSP header already allows this to an extent. You can just add script-src none and no JavaScript can run on your web page.

                                            1. 1

                                              very true. not visible to the user though!

                                            2. 5

                                              Browsers already render both text/html and application/pdf, and hyperlinking works. There is no technical barrier to add, say, text/markdown into mix. Or application/ria (see below), for that matter. We could start by disabling everything which already requires permission, that is, audio/video capture, location, notification, etc. Since application/ria would be compat hazard, it probably should continue to be text/html, and what-ideally-should-be-text/html would be something like text/html-without-ria. This clearly works. The question is one of market, that is, whether there is enough demand for this.

                                              1. 5

                                                Someone probably should implement this as, say, Firefox extension. PDF rendering in Firefox is already done with PDF.js. Do the exact same thing for Markdown by: take GitHub-compatible JS Markdown implementation with GitHub’s default styling. Have “prefer Markdown” preference. When preference is set, send Accept: text/markdown, text/html. Using normal HTTP content negotiation, if server has text/markdown version and sends it, it is rendered just like PDF. Otherwise it works the same, etc. Before server supports arrive, the extension probably could intercept well known URLs and replace content with Markdown, for, say Discourse forums. Sounds like an interesting side project to try.

                                                1. 8

                                                  Browsers already render both text/html and application/pdf, and hyperlinking works. There is no technical barrier to add, say, text/markdown into mix.

                                                  Someone probably should implement this as, say, Firefox extension.

                                                  Historical note: this is how Konqueror (the KDE browser) started. Konqueror was not meant be a browser, but a universal document viewer. Documents would flow though a transport protocol (implemented by a KIO library) and be interpreted by the appropriate component (called KParts) (See https://docs.kde.org/trunk5/en/applications/konqueror/introduction.html)

                                                  In the end Konqueror focused on being mostly a browser, or an ad-hoc shell around KIO::HTTP and KHTML (the parent of WebKit) and Okular (the app + the KPart) took care of all main “document formats” (PDFs, DejaVu, etc).

                                                  1. 2

                                                    Not saying it’s a bad idea, but there are important details to consider. E.g. you’d need to agree on which flavor of Markdown to use, there are… many.

                                                      1. 2

                                                        Eh, that’s why I specified GitHub flavor?

                                                        1. 1

                                                          Oops, my brain seems to have skipped that part when I read your comment, sorry.

                                                          The “variant” addition in RFC 7763 linked by spc476 to indicate which of the various Markdowns you’ve used when writing the content seems like a good idea. No need to make Github the owner of the specification, IMHO.

                                                        2. 1

                                                          What’s wrong with Standard Markdown?

                                                      2. 2

                                                        markdown

                                                        Markdown is a superset of HTML. I’ve seen this notion put forward a few times (e.g., in this thread, which prompted me to submit this article), so it seems like this is a common misconception.

                                                      3. 4

                                                        Why would web authors use it? I can imagine some small reasons (a hosting site might mandate static pages only), but they seem niche.

                                                        Or is your hope that users will configure their browsers to reject pages that don’t have the header? There are already significant improvements on the tracking/advertising/bloat front when you block javascript, but users overwhelmingly don’t do it, because they’d rather have the functionality.

                                                        1. 2

                                                          I think the idea is that it is a way for web authors to verifiably prove to users that the content is tracking free. Markdown renderer would be tracking free unless buggy. (It would be a XSS bug.) The difference with noscript is that script-y sites still transparently work.

                                                          In the invisioned implementation, like HTTPS sites getting padlock, document-only sites will get cute document icon to generate warm fuzzy feeling to users. If icon is as visible as padlock, I think many web authors will use it if it is in fact a document and it can be easily done.

                                                          Note that Markdown renderer could still use JavaScript to provide interactive features: say collapsible sections. It is okay because JavaScript comes from browser, which is a trusted source.

                                                        2. 3

                                                          Another HTTP header that maybe some browsers will support shoddily, and the rest will ignore?

                                                          1. 2

                                                            I found HTTP Accept header to be well supported by all current relevant softwares. That’s why I think separate MIME type is the way to go.

                                                          2. 2

                                                            I think link tracking is essentially impossible to avoid, as are redirects. The web already has a huge problem with dead links and redirects at least make it possible to maintain more of the web over time.

                                                            1. 2
                                                            1. 2

                                                              Also wondering if this flow would be done differently in 2020.

                                                              1. 18

                                                                Worth reading to the end just for the totally evil code snippet.

                                                                It was kind of foreshadowed to be evil when the author named it “skynet.c” I guess.

                                                                1. 4

                                                                  Reminds me of the Java-code we used to see around 2000.

                                                                  With a RuntimeException try-catch at the top and then just print it and continue like nothing happened.

                                                                  How much bad bugs, data corruption and weirdness did that practice cause?

                                                                  1. 1

                                                                    How is that any different from kubernetes and “just restart it”? Its mostly the same practice ultimately, though with a bit more cleanup between failures.

                                                                    1. 2

                                                                      I guess it depends on whether you keep any app state in memory. If you’re just funnelling data to a database maybe not much difference.

                                                                  2. 2

                                                                    Now I start to wonder, how the correct code should look like (as opposed of jumping 10 bytes ahead).

                                                                    Read DWARF to figure out next instruction?

                                                                    Embed a decompiler to decode the faulty opcode length?

                                                                    1. 4

                                                                      Increment the instruction pointer until you end up at a valid instruction (i.e., you don’t get SIGILL), of course ;)

                                                                      1. 6

                                                                        I have code that does this by catching SIGILL too and bumping the instruction pointer along in response to that. https://github.com/RichardBarrell/snippets/blob/master/no_crash_kthxbai.c

                                                                        1. 2

                                                                          Brilliant. I’m simultaneously horrified and amused.

                                                                        2. 1

                                                                          SIGILL

                                                                          That’d be a pretty great nerdcore MC name.

                                                                        3. 1

                                                                          If you want to skip the offending instruction, à la Visual Basics “on error resume next”, you determine instruction length by looking at the code and then increment by that.

                                                                          Figuring out the length requires understanding all the valid instruction formats for your CPU architecture. For some it’s almost trivial, say AVR has 16 bit instructions with very few exceptions for stuff like absolute call. For others, like x86, you need to have a fair bit of logic.

                                                                          I am aware that the “just increment by 1” below are intended as a joke. However I still think it’s instructive to say that incrementing blindly might lead you to start decoding at some point in the middle of an instruction. This might still be a valid instruction, especially for dense instruction set encodings. In fact, jumping into the middle of operands was sometimes used on early microcomputers to achieve compact code.

                                                                        4. 2

                                                                          Here’s a more correct approach: https://git.saucisseroyale.cc/emersion/c-safe

                                                                          1. 1

                                                                            Just don’t compile it with -pg :)

                                                                          1. 4

                                                                            4k monitor only makes sense with 2× / 200% scaling

                                                                            Yep. Can’t stress enough how non-integer scaling is a bad idea.

                                                                            1. 2

                                                                              This is subjective. I use a 27” 4K display at 1.5 and it’s fine. I can’t see pixels from the distance I’m standing away so it looks sharp to me.

                                                                              1. 1

                                                                                Similarly, I can’t stress enough, how much assuming everyone else’s priorities are the same as yours, is a bad idea.

                                                                              1. 5

                                                                                This list is highly opinionated. It seems like some of the issues are listed because of the author’s personal tastes rather than being real issues users will run into (reading for instance the Wayland-related ones, because I know Wayland).

                                                                                1. 3

                                                                                  Years ago, I remember reading some article why Linux wouldn’t succeed, and it was because Ubuntu’s default desktop lacked a refresh option in the context menu. Not everyone shares your same workflow.

                                                                                1. 5

                                                                                  The irony of that entire rant being wrapped at 70 characters is just killing me.

                                                                                  1. 1

                                                                                    English is not code.

                                                                                    1. 5

                                                                                      I understand that. I run a publishing company and write typesetting software (see SILE). And I agree, prose and code have different requirements. Long lines in code make sense in some cases and some languages. I tend to still prefer shorter lines particularly when the language in question facilitates short expressions, but think enforcing a hard wrap makes code unnecessarily messy in some cases.

                                                                                      It was just the irony that got me.

                                                                                  1. 2

                                                                                    Is there someone who can say something about the hardware regarding performance? Did someone maybe have the opportunity to try one?

                                                                                    How does the device handle modern browsing (videos, visualization, badly designed/optimized websites with lots of JS, Slack, Riot, …).

                                                                                    Also looking up the mentioned graphics card and CPU I wonder whether that means that both the one on the i.MX8M and the Vivante GC7000Lite can be used or whether I am misunderstanding something here.

                                                                                    1. 3

                                                                                      i.MX8 == Cortex-A53 == sadness.

                                                                                      Cortex-A72 is the minimum usable desktop CPU core. The A53 is an in-order core. It’s really, really not fast.

                                                                                      1. 2

                                                                                        The i.MX8MQ comes with the Vivante GPU.

                                                                                        1. 1

                                                                                          Thank you. Somehow I didn’t manage to find a hint of that. I always just find that it support OpenGL 3, Vulkan, etc.

                                                                                          Do you know anything regarding its performance for day to day web browsing?

                                                                                      1. 2

                                                                                        https://emersion.fr/blog/ - I write about Wayland, graphics, and systems programming in general.

                                                                                        1. 2

                                                                                          Outside of the context of blogging, Sway and Wayland as a whole saved my laptop from tearing, so bless you for that.

                                                                                          1. 1

                                                                                            <3

                                                                                          2. 1

                                                                                            I think I came across your blog when I was exploring sourcehut

                                                                                          1. 5

                                                                                            Got an IRC bouncer installed on my Pi, so I’ll be hanging out in IRC as much as possible this weekend.

                                                                                            1. 2

                                                                                              On what IRC servers are you hanging out?

                                                                                              1. 2

                                                                                                freenode, rizon, and some private servers :)

                                                                                              2. 1

                                                                                                Do you have a stable IP address? Or is there some way to stay connected with a dynamic IP?

                                                                                                1. 1

                                                                                                  I have a stable IP, which is just my Pi Hole running 24/7.

                                                                                                2. 1

                                                                                                  While at it, you could try soju :)

                                                                                                  1. 1

                                                                                                    Link points to got.sr.ht; should be git.sr.ht.

                                                                                                    1. 1

                                                                                                      Thanks! Typing on a phone is hard.

                                                                                                1. 5

                                                                                                  For those who want a simple API and a native look, there’s libui: https://github.com/andlabs/libui/

                                                                                                  1. 3

                                                                                                    However, straight from the Readme:

                                                                                                    libui is currently mid-alpha software[,] much of what is already there is not feature-complete, some of it will be buggy on certain platforms, and there’s a lot of stuff missing[, including:]

                                                                                                    • trees
                                                                                                    • clipboard support, including drag and drop
                                                                                                    • […]
                                                                                                    1. -2

                                                                                                      Looks interesting, but you should add as a disclaimer that it’s in C.

                                                                                                      1. 14

                                                                                                        “Disclaimer”? Why would I need to add a disclaimer when talking about C projects?

                                                                                                        1. 9

                                                                                                          Being written in C is a benefit because it’s very easy to write C bindings for other languages, and many languages have tools to do so automatically.

                                                                                                          It’s a big part of the reason libraries like SQLite are available everywhere, for almost every language, while libraries like Qt only have one or two custom built language bindings.

                                                                                                          1. 1

                                                                                                            Being written in C is a benefit because it’s very easy to write C bindings for other languages

                                                                                                            That’s only partly true. It’s easy to call C functions from other languages, but every time you invent a new object model in C then you need to manually add a load of bridging for that, whereas if you have a C++ library with C++11 smart pointers for ownership then you get proper memory management and bindings for most OO languages for free. Even wrapping C in C++ to get automatic memory management is non-trivial and requires some manual steps.

                                                                                                            1. 1

                                                                                                              I’m going to disagree.

                                                                                                              I’ve written Common Lisp bindings for several C libraries, and also a few for Python, and all of the “object models” I’ve seen were handled with zero effort on my part. Most of the time the “objects” are opaque pointers and the “methods” are just plain functions that take an opaque pointer as the first parameter.

                                                                                                              The manual memory management is a bummer, but most languages have some way to hide that, and it would be required with a C++ binding, too.

                                                                                                              I’m curious how you’re creating bindings to C++ so easily? How does it handle name mangling? And templates?

                                                                                                              I haven’t had any luck using C++ with Swig or cl-autowrap, and I’d love to find a good solution…

                                                                                                              1. 3

                                                                                                                If the API is very clean and, for example, always takes the object as the first argument then you can usually get things right (expose those functions as methods), but it gets very complex if the object model has any concept of subtyping. With C++, this is exposed in the source code for the binding generator to use and it can insert explicit casts where necessary. With Objective-C, it’s in the source code and also visible for run-time introspection. With C, it’s based entirely in conventions and so you need to encode those in the binding generator.

                                                                                                                If I want to create bindings for the Foo GUI library, can I pass a FooTextField* to a function that accepts a FooWidget*? If this is a C++ or Objective-C API, then this is trivial to determine because FooTextField will be a subclass of FooWidget, or this function may even be a method on FooWidget that is inherited by FooTextField. In a C API, this may be purely a convention. Similarly, on memory management, if I have a C++ API that returns a std::shared_ptr<FooWidget> then most bindings generators need absolutely no code at all to get the memory management right. If it’s a C API that has consistent memory management with acquire and release reference functions, then you can probably handle it automatically, but C APIs make it very easy to have ad-hoc ownership models (e.g. this function returns a pointer to a shared buffer, this returns an interior pointer to some other object, and so on).

                                                                                                                I’ve written a C++ library that has a public API surface defined purely in terms of C++11 smart pointers or primitive types. SWIG can bridge it with almost no code. I’ve also written generic binding systems for GNU Smalltalk and from JavaScript to Objective-C, which work on almost any Objective-C API without any code. I’ve written a binding generator for C to JavaScript, but it was impossible to handle common API idioms.

                                                                                                                To give a trivial example, it’s incredibly common in C libraries to take char* arguments. I need to read the documentation to learn:

                                                                                                                • Is this a NULL-terminated string or a thing with the length somewhere else?
                                                                                                                • Is it something that should map to a string or a buffer in high-level languages?
                                                                                                                • Who owns the memory at the end of the call?
                                                                                                                  • If it’s the callee, how is it freed (what impact does that make on how the caller allocates it)?
                                                                                                                1. 1

                                                                                                                  I agree that there are corner cases where C is more difficult or C++ can be easier, but in general, an arbitrary C library will be easier to bind than an arbitrary C++ library, IME.

                                                                                                                  C++ has all the same difficulties as C, and then a boatload of new ones like move semantics, references, templates, name mangling, unique_ptr, etc.

                                                                                                                  Partly it’s a tooling issue - many languages have tools to generate C bindings automatically, but most of them don’t support C++ - and the reason is that C++ is much more difficult to wrap in general.

                                                                                                                  To highlight what I mean, here are two functions from GDAL, which happens to export both a C and C++ API:

                                                                                                                  CPLErr SetMetadataItem(const char *pszName, const char *pszValue, const char *pszDomain = "")
                                                                                                                  OGRGeometry *GetSpatialFilter()
                                                                                                                  

                                                                                                                  At first glance the raw pointer return value and char* parameters seem to backup your argument about memory management, but in fact those functions are from the C++ API, showing that the issues don’t go away with C++. Fortunately, the GDAL documentation is good, and points out that the OGRGeometry remains owned by the library.

                                                                                                                  1. 1

                                                                                                                    It comes down to good API design. In any language, you can use abstractions that are difficult to bridge because your type system doesn’t express invariants (even in memory-safe languages, things like thread safety are not usually part of the type system). The difference is that the subset of C++ that is most difficult is C. If you have a well-designed C API, you can write a tool that bridges that API to another language relatively easily. If you have a well-designed C++ API you can use a tool that bridges any well-designed C++ API to another language because the conventions that you are building in C are either part of the language or the standard library in C++. Things like std::shared_ptr, std::unique_ptr, std::span need bridging once but after that you can get memory management right for any library that exposes modern C++ APIs.

                                                                                                                    1. 1

                                                                                                                      Limiting the discussion to “well designed” APIs, or APIs where the person creating the binding has direct control over the API, is almost pointless, IMO. In general, the person creating a language binding won’t have any control over the API being wrapped. Even if a C++ API can be easier to wrap, it’s not helpful if 99% of them aren’t in practice.

                                                                                                                      If you have a well-designed C API, you can write a tool that bridges that API to another language relatively easily. If you have a well-designed C++ API you can use a tool that bridges any well-designed C++ API to another language because the conventions that you are building in C are either part of the language or the standard library in C++.

                                                                                                                      With C there’s no need to write a tool because general purpose tools already exist. Swig and cl-autowrap are two examples. What tool are you refering too that generates C++ bindings?

                                                                                                                      1. 1

                                                                                                                        Swig automatically handles memory management and object bridging for C++ APIs that use standard C++ smart pointers.

                                                                                                                        1. 1

                                                                                                                          Some of the time. It has gotten better recently, but even their docs admit it doesn’t handle C++ entirely:

                                                                                                                          Because of its complexity and the fact that C++ can be difficult to integrate with itself let alone other languages, SWIG only provides support for a subset of C++ features.

                                                                                                                          Not to mention that a lot of libraries in the wild don’t use C++ smart pointers because they’re relatively new…

                                                                                                            2. 1

                                                                                                              Exactly, in addition to be usable from D (as @catwell noted in ref bellow), I am assuming libui is usable from Zig and Nim as well.

                                                                                                          1. 2

                                                                                                            I’m not sure if I’m missing it or if it’s not there, but there doesn’t seem to be any way to serve the web interface over https. Don’t see any “ToDo” items either: https://todo.sr.ht/~sircmpwn/koushin?search=https

                                                                                                            Am I looking right past it?

                                                                                                            1. 2

                                                                                                              Yes, koushin assumes a reverse proxy is set up right now.

                                                                                                              1. 1

                                                                                                                It’s likely meant to be served from behind a webserver like NGINX or Apache with a reverse proxy; they would then handle TLS. That’s how I intend to run it.

                                                                                                                1. 1

                                                                                                                  [edit: found an Echo recipe and it looks like Koushin isn’t wired up to call StartAutoTLS]

                                                                                                                  Echo, the underlying web server says it supports “Automatic TLS via Let’s Encrypt”.

                                                                                                                  I’m screwing around with it inside my NAT’ed house network, so any Acme bits aren’t going to work….

                                                                                                                  This Echo recipe indicates that the server needs to be started via e.StartAutoTLS, but cmd/koushin/main.go starts it with e.Start, so it looks like it’s not supposed to be working at the moment.