1. 33

    RSS is an ancient technology from Web 1.0 (“the naïve Web?”)

    I’m sorry, but blogging, as an early social network based on RSS, was the hallmark of what people started to call “Web 2.0”, as opposed to “Web 1.0” which consisted of simply human-readable web sites.

    1. 6

      Yeah, that’s what I thought, too. The RSS was the new stuff. Old stuff were hyperlinks and CSS menus.

      1. 5

        Wasn’t Web 2.0 about AJAX and XMLHttpRequest? i.e making the web page interactive with asynchronous requests? I would consider gmail to have started web 2.0 in 2004, which was much later than RSS

        1. 6

          I don’t think there was ever a definitive definition of Web 2.0. Part of it was the flashy client parts, but part was also APIs that made it possible for others to interact to services.

          For me, the quintessential Web 2.0 site was/is Flickr, where you have a content organizer, rich API, tagging, and social features. And there’s RSS too, I still subscribe to some seldom-updated streams in my feed reader.

          We’ve moved past that now. The site/service that defeated Flickr is Instagram, which disables a lot of stuff that Flickr enabled - except tags. You can’t organize your images in folders, you can’t even decide in what order to show them, and you cannot upload other than through the app. The app is the service, the web view is basically read-only.

          1. 2

            That is true as well! Here’s what I vaguely remember.

            Even though RSS as a format was invented earlier, the “blogosphere” exploded in popularity at about 2005-2006 (with popular services like Wordpress, Technorati). And at that point people loosely used the moniker “Web 2.0” for everything that elevated the Web platform above the old boring (D)HTML tag soup:

            • separation of (X)HTML and CSS
            • AJAX and first Web apps
            • Content aggregation through RSS/Atom
            • Microformats
            • “Semantic Web” (nobody knew what that was, and it never materialized)

            (Now we back to the tag soup, although it now includes all of HTML, CSS, JS and a lot of ads.)

        1. 6

          That we spend a ridiculous amount of time setting up builds, releases and general tooling.

          That’s my pet peeve right now. What’s worse, every time I tried to fix it using my experience as a programmer and knowing how to abstract and DRY, I met a very hard push back from people insisting that everything should be left as is and there’s nothing wrong in writing tons of configs for every project.

          /vent

          1. 2

            This is probably the main reason I love coding with C. I can write a simple mkfile (plan9’s mk(1) is FAR superior to GNU Make, honestly) that’s about 20 lines and it compiles the whole project. While you can do this with other languages (rustc, as the rustaceans keep on mentioning to me), the dependencies usually are not so clean and it’s… generally more difficult.

            1. 2

              Dependencies are the reason I despise building C/C++ with Makefiles. If you want it to work reliably, you need to extract references to header files, find where the libraries you link to are located, and store all these paths as dependencies for future runs. And then you’re in CMake land and it’s no longer pretty.

              The Go build tool has this resolved. Go + mk would be love-worthy. They have the same people behind them, too.

            2. 2

              I’m merely a dabbler in Rust for now, but rustup + cargo are so much nicer than the competition, IMO

            1. 2

              All that sounds pretty damning for Apple maps.

              1. 10

                Kent Beck… Partly for his earlier work on XP…. but especially for the honesty to give this talk https://www.infoq.com/presentations/self-image/

                Rich Hickey. Because he is thinking deeply about what we are doing… https://changelog.com/posts/rich-hickeys-greatest-hits

                Martin Fowler, his Refactoring book was hugely influential, and he is also trying to think about what is good software.

                Brendan Gregg…. because he measures, and knows where to measure (has big picture), and knows how to explain what he is doing and why.

                J. B. Rainsberger : Because he directly calls bullshit on some of the biggest and stinkiest mounds of shit the industry has served up. (And because he is honest enough in one of his talks to admit that he started doing TDD in desperation to dig him personally out of a deep pit of failure.)

                If there is a common theme it’s thinking deeply about what is good software, thinking about the human side of software, and attempting to articulate these thoughts.

                I really dislike technocrats that neither consider (empathetically) the human side, nor articulate what they are thinking and why. If you want to instantly piss me off…. tell me I’m doing wrong… but then fail to articulate what right is and why.

                1. 2

                  Thank you for the Hickey’s greatest hits link! Didn’t know anyone compiled it, but now I think it should’ve obviously been done by now :-)

                1. 21

                  Well, one of my pet hates about phones these days is the sheer size of them – they’re basically a tablet in your pocket. I want a phone.

                  And I thought I was the only one on the planet going nuts about this. I also bought an iPhone SE 2 years ago for exactly the same reason. I don’t get what the fascination with large sized screens is. You can’t even operate the phone with one hand.

                  Anyway, I switched to iOS for similar reasons. Personally for me, the final straw was the Android permission system. Once an app has all the permissions, it has them all the time. Not sure if things have changed in the meanwhile, but I’m super happy that I switched.

                  1. 10

                    Once an app has all the permissions, it has them all the time. Not sure if things have changed in the meanwhile, but I’m super happy that I switched.

                    It has

                    1. 8

                      The size of phones is just killing me, and they seem to be getting bigger. Hopefully the fashion will change soon.

                      1. 6

                        Yeah, I cannot understand why smartphones are getting bigger and bigger. It’s like sane phone sizes ended with end of 2014-2015, especially if you want some good specs.

                        In 2014 you could buy Z1 Compact (dimensions: 127 x 64.9 x 9.5 mm (5.0 x 2.56 x 0.37 in); screen: 4.3 inches, 51.0 cm2 (~61.8% screen-to-body ratio)), now it’s practically impossible to buy similarly sized high-end smartphone.

                        ~4.5” screen seems to be what is the limit of being able to somewhat comfortably operate smartphone in one hand using your thumb (unless you have some big hands, of course, but I don’t). With Redmi 2 (dimensions: 134 x 67 x 9 mm (5.28 x 2.64 x 0.35 in); screen: 4.7 inches, 60.9 cm2 (~67.8% screen-to-body ratio)) I’m actually already unable to reach top of the screen and 3 buttons below the screen with my thumb without slightly readjusting hand position.

                        BTW It’s equally ridiculous for me to put 3K screens in such a small size factor like smartphones (well, they’re reaching 6” screens already, but even including that). Going over FullHD seems quite wasteful and brings only more battery drain. I doubt there are people using their phones with magnifying glass…

                        1. 10

                          My guess: more and more people are using phones as their only computer, so sizes will continue to increase in order to accommodate them.

                          1. 8

                            Exactly this – me and my partner are basically polar opposites on this front. When I need to do anything beyond simple, brief content generation (text messages, and only short ones) – I reach for my laptop. The time to take it out of my bag, tether it to my phone, get online and do the work then put everything away is less than my slow speed on a phone.
                            Work wise – the phone is an accessory to my computer(s)… and mostly I use it as a well, phone, click, alarm and message receiving device.

                            My partner legitimately runs two businesses from their phone. The phone is the primary content generation device, email, texts, taking photos, editing images, scheduling, planning, online resources, looking at sales data, ordering new products for the workplace, etc, etc – everything is done on the phone first, and begrudgingly done on a laptop if a product just won’t work from their phone. That product is likely to have a short shelf life because having a great phone experience is probably the most important feature to them.

                            1. 2

                              And I know people who use 17” laptops for impromptu presentations. Harder to find those these days.

                              1. 1

                                For small table presentations (impromptu or otherwise), I love mirror mode to a 15.6” USB powered monitor, so I can sit behind my computer when presenting. Specifically great for like live coding / pair coding.

                                1. 1

                                  Do any of those monitors have Linux support?

                                  1. 1

                                    Yep. I think almost all of them use the generic DisplayLink USB 3 stuff – which works (might need to install a Displaylink generic driver).

                                    1. 1

                                      The DisplayLink story wasn’t so good as of 4.1, have you noticed it getting better?

                                      1. 1

                                        I am not sure if I got lucky or what, but I haven’t had a major issue with it and been using them for a few years now on Ubuntu 16.04 and now 18.04 (various spins of it). I don’t use too many of the DisplayLink features (rotation, sound support, etc – so maybe that is where stuff gets hung up?).

                          2. 1

                            ~4.5” screen seems to be what is the limit of being able to somewhat comfortably operate smartphone in one hand using your thumb (unless you have some big hands, of course, but I don’t).

                            I agree. I switched from an iPhone SE to an iPhone 6s with its 4.7” screen, which is just a bit too large. Luckily, iOS has this handy feature where if you double tab (not press) the home button, it will move the image 50% down, making it easier to reach top buttons. I’d still love a 4.3 or 4.5” iPhone though. But it’s not where things are moving, so unlikely to ever happen (they even abandoned 4.7” on new models, yes I know, newer models have smaller bezels).

                          3. 1

                            Americans like phones they way they like their cars – the bigger the better.

                            1. 1

                              Funny enough the giant phone trend is being driven by Asians, specifically Chinese and Korean customers. They all want massive screens for some reason. Americans don’t really help the trend much but for once were not actually driving the bus.

                          4. 1

                            That part was music to my ears as well :-) https://mastodon.social/@isagalaev/100981223084458245

                            We should start a consumer group or something (oh well, who am I kidding?)

                          1. 1

                            I was thinking of posting this here, but felt it was pretty Rust specific.

                            Also, hi Anish! How are things going these days? (I hosted Anish as an intern on Android, he did great work on line breaking)

                            1. 6

                              it was pretty Rust specific

                              FWIW deep dives on any technical topic are considered on-topic here, so post to your heart’s content. ❤

                              1. 2

                                That’s even without mentioning Rust specifically as one of the most frequent recurrent topics on lobste.rs.

                                1. 8

                                  Yeah. But even if it was a deep dive on how, say, MUMPS on the IBM System/360 passed arguments between procedures or did register allocation or something, we’d still be glad to see it. ❤

                                  1. 2

                                    Someone please write this

                              2. 2

                                He also has interesting projects on his site. Plus, a great explanation for why people use LaTeX over alternatives in this post.

                              1. 9

                                Too few do-nothing 5-second spinners!

                                1. 11

                                  I have come to the conclusion if your website has a loading screen it is shit 100% of the time. I might make an exception for things that are real complex apps or games but there are just way way too many websites like twitter, linked in and reddit that take forever to load for no real reason other than to import half of NPM.

                                1. 3

                                  It used to be a time when various complicated attempts at implementing, say, Singleton pattern in Python was considered to be a laughing matter. Python way was always to not invent a problem when common sense and evidence show that there isn’t any. This is the same case. There was never any problem with Python constants-by-convention not actually being constants.

                                  1. -7

                                    Surrendering to SJW trolls is quite coward move.

                                    Let’s rename, for example, Ruby, because its name supports child labor in ruby mines in Africa. For example to “Zeemeeqooxlang”, abstract and google-facebookish name that will not trigger anyone.

                                    Rename “Linux” to “WorldOS”, because it’s named after Linus Torvalds, who is toxic person.

                                    1. 11

                                      Alternative POV: this is more about finding a better name for the project than capitulating.

                                      To the uninitiated, does ‘bro’ connote a network security monitor at all? It never did for me, and I needed an explanation to connect the name to the function of the tool.

                                      1. 6

                                        Exactly this – like when the Nim project was called “Nimrod”. Now, if you are from the US – you would be more than forgiven for not knowing that “Nimrod” often is used to mean “mighty hunter” (https://en.wikipedia.org/wiki/Nimrod). But in America it came to commonly mean idiot, there are debates over to why, but many lay it on bugs bunny cartoons (specifically him sarcastically calling Elmer Fudd various things like like “A poor little Nimrod” (sarcastically obviously, as he was pointing out her wasn’t a mighty hunter).

                                        Anyway, regardless of what the word might have meant, or even the history of why it was picked, calling your project Nimrod might just make you a… nimrod. Nim got wise and renamed itself and I saw that as a mark of project maturity not capitulation to any group.

                                        1. -5

                                          The idea that “bro” is a bad name because it sounds like “bro culture” which is bad, is already capitulating to authoritarian feminists. Imagine if American Protestant Christians had enough cultural power that they could force, say, the BSD project to change its devil logo to something more inoffensive in a corporate setting.

                                          1. -5

                                            Their explanation of name being a reference to “1984”, and at the same time to “street culture” makes sense.

                                            Network security software always had “gangster” and obscene names, just like operating system terminology always had references to nasty occultism. It would be sad if every software adopt culture of front end frameworks developed by hipsters in sterile lofty coworking spaces. This would be real lack of diversity, not that kind of hypocritical “diversity” advocated by SJW extremists. Maybe if it was called “asshole” or something like that, it would be better to rename it, but “bro” is quite neutral name.

                                            1. 7

                                              culture of front end frameworks developed by hipsters in sterile lofty coworking spaces.

                                              Do you realize you just disrespected a whole bunch of people you don’t even know, and have no idea about their ideals? No reason to do that simply because you don’t identify yourself with that particular crowd.

                                              Also, “surrendering to trolls”? Why everything has to be a fight?

                                              1. -2

                                                Do you realize you just disrespected a whole bunch of people you don’t even know

                                                No, I belong to this group too. I have less idea about culture amongst “security” folks than in this. I use and like lots of things created by “web hipster” people.

                                                But the same group is a home to “software development cops” that try to police every open source project they find. Force to rename. Force to implement code of conduct with items such as “ban every contributor who says bad things in twitter”. At the same time, this is group in which real toxic behavior is the norm: all these news stories about misogyny in Googles/Facebooks/Ubers that appear every day.

                                                Also, “surrendering to trolls”? Why everything has to be a fight?

                                                Because they were forced to rename by SJW folks? SJW folks has monopoly to violence because they are “moral majority” and everyone else should not treat it as fight?

                                                1. 2

                                                  Because they were forced to rename by SJW folks?

                                                  Nothing in the linked article says anything about being “forced” to rename.

                                          2. 5

                                            Zeek isn’t much better. People who had german history in school (like, people from germany) are probably having a little ‘hail’ echo in their head after hearing it. Not an positive association, either.

                                            1. 4

                                              Am from Germany. No echo of any sort and I it took a while until I got the Nazi reference…

                                            2. -9

                                              Agreed. Bro is a tremendously cool name (and domain name!), why would they ever want to change it??? oh yeah right, SJW…

                                            1. 7

                                              Oh… The same why we say “xerox” for copiers, “u-haul” for hauling rentals, “uber” for ridesharing, “google” for search, “pc” for all non-Mac x86 compatible computers long after the death of the original IBM PC… And conversely, we use “android” for all the individual brands, even though nobody calls iPhones “iOS phones”.

                                              We use whatever word forms the strongest association with a new thing in our head. There’s nothing nefarious about it, and there’s no “cause” to be “lost”. The ActivityPub-based social network for short messages is called “mastodon”, get over it :-)

                                              P.S. Yes, I’d argue that even though ActivityPub allows federation of all the different forms of content, we’ll continue to use “mastodon” predominantly for short messages.

                                              1. 6

                                                When it first was posted to HN I was incredibly disappointed. There is no cryptography, user accounts are completely controlled by the server owner, there isn’t an easy way to have accounts on multiple servers, discoverability on a single person server is near impossible, etc.

                                                After looking past it’s faults though, it probably is the first modern federated network to become popular. That’s an achievement. The UI/UX is good enough for people to actually want to use it. There is even enough diversity (in terms of interests) for lots of interesting conversations and people outside the tech world.

                                                It also probably kicked off the creation of other decentralized services based on activitypub (like PeerTube). There was even an active effort to bring ActivityPub to Lobsters for a while.

                                                Very excited for the next two years of Mastodon.

                                                1. 8

                                                  There is no cryptography

                                                  Where would you be expecting cryptography? I’m not the kind of person who advocates for cryptography, for it’s own sake, so I’d be curious to see where you think it’s missing. To validate identities? To protect data (but then again, nearly everything is public)?

                                                  user accounts are completely controlled by the server owner, there isn’t an easy way to have accounts on multiple servers

                                                  Well there is account redirection and profile metadata. Both can be used to create a ad hoc system for multiple accounts. Again, what would you (or anyone else, especially critics) be imagining this could or should look like?

                                                  discoverability on a single person server is near impossible, etc.

                                                  This is true, maybe an external service (or protocol) could be set up for this, to help people find others. Until then this is a good starting point.

                                                  1. 3

                                                    Where would you be expecting cryptography?

                                                    I was imagining every user with a public/private key so that…

                                                    • public posts are signed
                                                    • DMs are encrypted
                                                    • key could easily move from instance to instance and be cryptographically proven to be the same

                                                    Again, what would you (or anyone else, especially critics) be imagining this could or should look like?

                                                    Just a specific piece of machine readable metadata that says “I am also x, y, z.” Does this already exist?

                                                    Until then this is a good starting point.

                                                    Thanks for that! Found some interesting users.

                                                    1. 3

                                                      Just a specific piece of machine readable metadata that says “I am also x, y, z.” Does this already exist?

                                                      Apparently it does! Just checked on my https://mastodon.social/@isagalaev, the links to my web site and flickr on the right have rel="me".

                                                      1. 1

                                                        Neat, could’ve sworn that wasn’t there before.

                                                        1. 1

                                                          It’s a very new feature!

                                                          1. 1

                                                            Well, the original post is pretty much about how much Mastodon changed over the 2 year period. :-)

                                                        2. 3

                                                          Actually every user has a public/private key and all public posts are signed.

                                                          Check this out, a random user:

                                                          $ curl -H"Accept:application/activity+json" https://apoil.org/users/nasa | jq
                                                          {
                                                           ...
                                                            "publicKey": {
                                                              "id": "https://apoil.org/users/nasa#main-key",
                                                              "owner": "https://apoil.org/users/nasa",
                                                              "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/oA+ovirWaOy84/ulTs\nyagWc9ktVQXo6qFxVdryz2zLN2WCtk82GnfiQKQZ3bk9kN8WArRUBfFF6Rx038SU\nFfB950DVr8MBnCOeE6uy/48pU5ER2UY0Sz3lPDBgLWrjQRL+e3cg05cO+aY3J+l8\nOrzme9wVqn48e4DG1AnJnbIdNb9i5QKQa/q1LaaAyGUwS8T/jIGecRZowT4I874k\nikVwpWbOIg+P2zoi40HqPj+DJlCSs3hh3P/zK7p4Vn8fDcqQkUO82zkRU4sSphOi\ndcAFJ2M2bxEpDghxv0MQMjY+WTrEepLT+YJFBbxFJYdCrbHzYErOkYfvJReMmkb4\n4wIDAQAB\n-----END PUBLIC KEY-----\n"
                                                            },
                                                            "endpoints": {
                                                              "sharedInbox": "https://apoil.org/inbox"
                                                            }
                                                          }
                                                          

                                                          And the notes are signed using Linked Data Signatures. (I personally don’t like LD signatures for various reasons but that’s another matter).

                                                          The keys in a normal user’s case are of course completely handled by the server, but they don’t have to be. I’ve built a prototype ActivityPub client/servers where clients held the private keys themselves and it worked very fine.

                                                          As for end-to-end security see for example this ticket which is about adding OpenPGP. There is also a ticket about persistent identifiers (public keys etc.) but sadly I can’t find it now.

                                                          1. 1

                                                            I was imagining every user with a public/private key so that…

                                                            • public posts are signed
                                                            • DMs are encrypted
                                                            • key could easily move from instance to instance and be cryptographically proven to be the same

                                                            What would be interesting, if I wouldn’t use mastodon in my web browser – I just wouldn’t trust it. As an optional extension that could be worth while talking about, but I have the feeling that it would have to be done on a lower level (ActivityPub), rather than just on one implementation.

                                                            1. 1

                                                              Encrypted DMs would be neat.

                                                              I’ve been using Matrix/Riot as a e2e encrypted instant messenger, but so far I’ve been disappointed with the user experience. If Mastodon added e2e DMs in real time, i’d happily give that a shot as a replacement.

                                                              1. 1

                                                                Matrix is a whole ’nother can of worms. Client support is okay now (we have native desktop clients), but the server is still incredibly slow.

                                                                There are a few efforts at alternative servers, but none are usable yet. Hopefully they will be usable soon enough.

                                                                1. 1

                                                                  I agree with your points, but I was specifically talking about e2e.

                                                            2. 1

                                                              Well there is account redirection and profile metadata. Both can be used to create a ad hoc system for multiple >accounts. Again, what would you (or anyone else, especially critics) be imagining this could or should look like?

                                                              The dumb thing that happens on reddit a lot is some subreddit mod’s account gets hacked and then they can vandalise anything. Account redirection can be controlled by the owner, as well as profile metadata.

                                                              Basically the mastadon model isn’t very good at handling the fact that trust in a host can change over time. We all have that old gmail account we can’t quite shut down but wish we could just move somewhere else.

                                                              There’s a potential model here where user accounts themselves could be controlled at an individual level, and the accounts could then connect to a network (but the primary account info is still hosted by you). So instead of saying that your identity is “somemastadon.instance/username” you say it’s “myown.website/mastadon”, and in “somemastadon.instance” it knows to poll you for information/put you in the proverbial phone book.

                                                              This is quite complicated but could also be left to power users, with most people just opting to have their account be hosted on the instance. Meanwhile the nerds can have fun and host their timeline themselves without having to have a full blown instance to run.

                                                              1. 1

                                                                There’s an open issue on mastodon ( https://github.com/tootsuite/mastodon/issues/2668 ) and plume ( https://github.com/Plume-org/Plume/issues/94 ) to let you point a domain at an existing instance and have it host your toots.

                                                                Would that do what you are looking for?

                                                                1. 2

                                                                  Yep, that sounds right!

                                                                  Some of those threads seem to cover the trickiness around identity but, ironically, e-mail providers have gotten most of this pretty right over the years.

                                                                  EDIT: actually, I think there is another model of this, a bit more interesting, where I actually host my own data and the larger network is simply mirroring my data. That way I don’t have to rely on them to be holding onto all my data in the case I decide to leave. This is a bit more tricky, granted, but it’s a model that would be more durable to trust-breaking scenarios

                                                                  I think the one thing that mastodon would need to get right is around usernames. My username should be rtpg@myown.domain, even if it’s being hosted on mastadon.social. There might be a lot of trickiness involved in making sure other instances respect that mechanism (ultimately allowing for host redirection)

                                                            3. 4

                                                              I run my own instance. It’s not trivial, although it’s not too challenging since Mastodon releases an official docker container (you have to run the same container three times, one of web, one for streaming and one for sidekiq/jobs). Here’s what I wrote to maintain everything:

                                                              https://github.com/sumdog/bee2/

                                                              I generally like Mastodon, although I’m glad I run my own instance. With all the crazy drama that happens on some of these instances, I’m glad I’m in total control of my own data (although this leads to its own problems, like people not running security upgrades).

                                                              Any other crustaceans on a Mastodon instance? Post your user Ids and I’ll follow you: @djsumdog@hitchhiker.social.

                                                              1. 2

                                                                Any other crustaceans on a Mastodon instance?

                                                                There was a thread asking that question a while back: https://lobste.rs/s/7qazoc/crustaceans_mastodon_where_are_you

                                                                Post your user Ids and I’ll follow you: @djsumdog@hitchhiker.social.

                                                                I’m on zge@icosahedron.website. There’s a little issue that lobste.rs’ markdown interprets this as an email address by default, so you should probably use a markdown link to make it easier for people to open your profile. Maybe something could be done to make it easier to post ActivityPub addresses, but they’re rather easy to mistake for email addresses.

                                                                1. 1

                                                                  ayeee lol issa me!

                                                                2. 1

                                                                  I mean, there’s cryptography in the sense of HTTP Signatures. What kind of use of cryptography (or rather did you expect some kind of PSK stuff going on) did you expect?

                                                                  It’s amazing how far it’s gotten so far - excited to see how far it can go.

                                                                  1. 2

                                                                    Yup, I expected something like this - even if it were to be opt-in.

                                                                1. 39

                                                                  This is the most sane article on modern tools I’ve read in ages. Neglecting complexity is the industry-wise disease, and the article explicitly talks about it.

                                                                  1. 25

                                                                    Our industry would be a lot better if there were more stories of people running into real issues and having to scale–not self-inflicted ones. I don’t see enough of “Here’s where our response times and query times blew up, here’s why we couldn’t just buy a bigger machine, here’s the service architecture we had and why that was unchangeable, here’s where our hand was forced.”

                                                                    There’s not enough clean data and anecdata to properly educate the next generation, and instead we end up with weird stories like Hadoop being beaten by basic shell knowledge or the famous McIlroy/Knuth example.

                                                                    Cynically, one might note that a common theme is that fewer engineers with more knowledge and better analysis outperform large teams of less experienced engineers with shinier-but-less-understood tooling and problems, but then we start running into the deep soul-searching of how our industry career paths work and how we’re compensated and how “good” we all really are at our jobs…and that just leads to madness.

                                                                    1. 9

                                                                      Knuth example:

                                                                      “What people remember about his review is that McIlroy wrote a six-command shell pipeline that was a complete (and bug-free) replacement for Knuth’s 10+ pages of Pascal. Here’s the script, with each command given its own line:”

                                                                      Although I get and agree with article’s gist, the second program is super apples to oranges comparison. Knuth custom made his functions if I’m understanding the article. He did it in 10 pages of neat Pascal to ensure it’s all done correctly. The alternative was 6 lines of shell that were other programs. Their source is used in the solution but not counted. Problems in his source was counted but problems in those dependencies’ source over time wasn’t mentioned at all. Either the UNIX utilities were flawless, neat code or their flaws were ignored. Apples to apples comparison would be the total source, style, correctness, and effort of the full program (script plus source of dependencies) vs Knuths full program. Knuth might look better then.

                                                                      1. 14

                                                                        I’ll disagree with you here–the shell was linking together programs (subroutines) the same as you would in a language–say, Pascal–with standard library routines and components. Saying that the shell script doesn’t count because it used other programs feels a little bit like saying the Pascal program doesn’t count because the developer isn’t manually pushing around stack frames and setting link registers.

                                                                        Anyways, your concern and my reply above is exactly what I’m talking about: we only have a handful of stories like the above, and they don’t even provide clear guidance for practices. Some questions:

                                                                        • Are we to conclude that McIlroy was correct for using smaller programs that functioned about as quickly and could be maintained by others?
                                                                        • Are we to conclude that Kunth’s rigor is better, even if his program took much longer to develop?
                                                                        • Is the fact that Knuth is clearly the superior computer scientist also give him superior engineering status?
                                                                        • Should all of us have the familiarity with basic tools that McIlroy has so we don’t have to reinvent bespoke wheels as Knuth did?

                                                                        All of those are valid questions and interpretations of the source story–which is why I classified it as “weird”.

                                                                        The story underscores our own profession’s lack of understanding.

                                                                        1. 3

                                                                          “aying that the shell script doesn’t count because it used other programs feels a little bit like saying the Pascal program doesn’t count because the developer isn’t manually pushing around stack frames and setting link registers.”

                                                                          I think that takes it too far. Most developers don’t expect each other to write compilers or assembly. Experts usually do that in a way average developer can use. If custom and aiming for efficiency, they use the standard, low-level language of the platform. That’s C for UNIX. Pascal is a C alternative. So, I’d have compared the C implementation of the shell commands plus the shell script to the Pascal implementation. That’s pretty fair.

                                                                          “ll of those are valid questions and interpretations of the source story–which is why I classified it as “weird”. The story underscores our own profession’s lack of understanding.”

                                                                          I agree with that and your questions being good examples of it.

                                                                          1. 2

                                                                            I think these are very interesting questions. I’d note that indeed you would be comparing apples to oranges, given that McIlroy’s shell commands are one abstraction level higher; indeed the shell is linking programs together like subroutines, but those subroutines/programs are themselves written using the standard library as well. If Knuth had used a Pascal helper library which included subroutines equivalent to each of the existing shell programs, that program would not have been (much) longer.

                                                                            So yes, most often it is the right approach to re-use existing libraries and components (otherwise, we’d all still be hand-crafting machine code, basically building skyscrapers out of toothpicks). The best engineers understand the tower of abstraction as far down as possible, which means they know where the fault lines are, so they realize when the standard tools suffice, and when it is necessary to write your own or dive into the source to make existing tools suitable. It’s a trade off that has to be made, depending on the project and how important the component is to it.

                                                                            I think you end up with even deeper and harder to understand abstractions that try to paper over the flaws in lower level tools if you avoid rewrites at all costs, which is (unfortunately) something of a broader problem in our profession. It doesn’t help that all the “good practice” guides tell you to re-use, re-use, re-use existing code and never write your own if something already exists if it’s even remotely similar to what you need. Of course, market pressure to perform and whip up stuff as quickly as you can in as low a budget and as little time as possible doesn’t help. I’m definitely guilty myself of using square pegs to fit round holes just to save time and costs, and I’m sure the vast majority of us are. On the other hand, without that pressure there would be so many examples of modern technology that we take for granted which would not exist.

                                                                            I guess this is why programming in practice is more of an art or craft than a science. It’s also what makes it challenging, and we’ll probably be arguing about all of this decades from now :)

                                                                          2. 2

                                                                            The counterexample to the oversimplified “what people remember” is also in Programming Pearls.

                                                                            Here’s the story in a nutshell. With a good idea, some powerful tools, and a free afternoon, Steve Johnson built a useful spelling checker in six lines of code. Assured that the project was worthy of substantial effort, a few years later Doug McIlroy spent several months engineering a great program.

                                                                            [http://dl.acm.org/ft_gateway.cfm?id=315102&type=pdf]

                                                                            1. 2

                                                                              That’s really only relevant from a security/correctness perspective.

                                                                              The important part in most environments is that the shell pipeline takes five minutes to write and another ten to debug, and most future modifications are going to take a similar amount of effort.

                                                                              Doing it Knuth’s way would take me all day, and I have plenty of other work to do.

                                                                              1. 1

                                                                                That’s true. It’s better to use quick-and-dirty route if incorrect results are OK.

                                                                                1. 1

                                                                                  Well in this case it was Knuth program that had bugs. So, slow-and-dirty route.

                                                                                  1. 1

                                                                                    The UNIX utilities have had plenty of bugs. Those may or may not have, too. The fair comparison would be bugs and severity in them up to that point vs Knuths clean-slate version in Pascal.

                                                                            2. 4

                                                                              and that just leads to madness.

                                                                              Or disenchantment. That’s where I am.

                                                                              1. 2

                                                                                I knew about the Knuth/McIlroy discussion but I never read any of McIlroy’s actual comments from it. They’re really good. Kudos for linking to that article.

                                                                                Makes me want to find a full copy of the journal in my university’s library.

                                                                            1. 9

                                                                              How come nobody wrote about javascript becoming the new C++ yet? I do find pattern matching pretty nice though.

                                                                              1. 4

                                                                                More like perl.

                                                                                1. 6

                                                                                  It isn’t and it isn’t likely to. C++ isn’t C++ just because it has lots of features. C++ is C++ because it has lots of features and they don’t quite work together.

                                                                                  ES features work together mostly rather smoothly. Things like classes and statics desugar straightforwardly to prototypes and properties on constructors, async doesn’t interact poorly with anything in particular. GC papers over a multitude of sins: you can’t get lots of the really nasty interactions from uninteresting looking code, like introducing a segfault by closing over an iterator that got invalidated.

                                                                                  1. 9

                                                                                    That’s debatable. I don’t think classical features work smoothly together with prototypal features, and I don’t think functional programming works smoothly without pure functions.

                                                                                    JavaScript people want to use classes, but the language was originally designed for prototypes.

                                                                                    JavaScript people want to say they’re doing functional programming, but idiomatic JavaScript seems to lean heavily on the this keyword which in any function is an input not expressed in the signature.

                                                                                    1. 8

                                                                                      JavaScript people want to use classes, but the language was originally designed for prototypes.

                                                                                      The hell of it is, the language is plenty nice and compact without classes. Like, that was a crutch pulled in to woo over people that didn’t want to learn the language.

                                                                                      1. 4

                                                                                        This!

                                                                                        I’d also say, too many people actually believe classes to be The Only True Way of writing code and consider plain functions to be inferior.

                                                                                        1. 4

                                                                                          I don’t see why prototypal style and pattern matching are at odds, if anything I would think prototypal is closer to pattern matching than C++ is.

                                                                                        2. 3

                                                                                          One of the issues here is that JS is so massive at this point that defining “idiomatic” is nearly impossible. In this regard it is like C++: different teams and codebases will have dramatically different norms.

                                                                                          1. I basically never use this is any of my business-logic code: all of that is just pure functions. The only places I actually use this are in view-layer code, and there it’s basically just because Ember gives me really nice tools for defining components which are pure functions of their state, while separating out the various pieces that may change given different inputs into their own distinct computed properties (which are just pure functions of the inputs): a nice way to keep different pieces isolated from each other, while still having functional-style code. (In this example I left all of that aside because it wasn’t the point, but I basically tend to write Ember components like React pure functional components: no internal state, everything is derived from the inputs to the component.)

                                                                                          2. Classes in JS are prototypal (and I wish they were named otherwise because people often miss this), and you can do all the normal prototypal things with them (even if people often don’t) – in fact, trying to write “classical” OOP will still bite you, because classes are runtime objects you can do things to just like you’d expect if you understand JS well. That said, if you do understand them, they’re really nice sugar for prototypal patterns people often use.

                                                                                          1. 1

                                                                                            One of the issues here is that JS is so massive at this point that defining “idiomatic” is nearly impossible.

                                                                                            Although I don’t use it, watching the JS ecosystem from afar makes me think its nature makes “idiomatic” a bit pointless. People are always doing their own thing in JS. It’s also aimed at everyone from people who barely know programming to professionals. It’s taught and deployed globally. Saying any one style is right or will get majority adoption seems unlikely for such an ecosystem.

                                                                                          2. 3

                                                                                            I don’t think classical features work smoothly together with prototypal features

                                                                                            This looks like it works perfectly well to me:

                                                                                            function Foo(x) {
                                                                                             this.x = Math.max(x, 1);
                                                                                            }
                                                                                            Foo.prototype.quack = function quack() {
                                                                                             console.log('quack '.repeat(this.x - 1) + 'quack');
                                                                                            };
                                                                                            
                                                                                            function Bar(z) {
                                                                                              Foo.call(this, z);
                                                                                            }
                                                                                            Bar.prototype = Object.create(Foo.prototype);
                                                                                            Bar.prototype.constructor = Bar;
                                                                                            Bar.prototype.walk = function walk() {
                                                                                             console.log('like a duck');
                                                                                            }
                                                                                            
                                                                                            class Baz extends Bar {
                                                                                             constructor(y) {
                                                                                              super(3);
                                                                                              this.y = y;
                                                                                             }
                                                                                             walk() {
                                                                                              super.walk();
                                                                                              console.log('i overrode walk and called the parent method');
                                                                                             }
                                                                                             swim() {
                                                                                              console.log('blub! ' + this.y.toString());
                                                                                             }
                                                                                            }
                                                                                            
                                                                                            function Quux() {
                                                                                              return Reflect.construct(Baz, ['worm'], Quux);
                                                                                            }
                                                                                            Quux.prototype = Object.create(Baz.prototype);
                                                                                            Quux.prototype.constructor = Quux;
                                                                                            Quux.prototype.poot = function poot() {
                                                                                             console.log('plllllbt');
                                                                                            }
                                                                                            
                                                                                            const q = new Quux();
                                                                                            q.quack();
                                                                                            // output: quack quack quack quack
                                                                                            q.walk();
                                                                                            // output: like a duck
                                                                                            // output: i overrode walk and called the parent method
                                                                                            q.swim();
                                                                                            // output: blub! worm
                                                                                            q.poot();
                                                                                            // output: plllllbt
                                                                                            console.log(q instanceof Foo);
                                                                                            console.log(q instanceof Bar);
                                                                                            console.log(q instanceof Baz);
                                                                                            console.log(q instanceof Quux);
                                                                                            // outputs: true, true, true, true
                                                                                            

                                                                                            Output is exactly what you’d hope for. I can extend functions-with-prototypes from classes, extend classes with functions-with-prototypes, override methods, call parent methods, instanceof works fine and so on.

                                                                                            The invocation for extending a class from a function is a little odd but that’s not really anything to do with classes, that’s just because ES6 permits preventing accidentally calling constructor functions without new (by defining new.target) and classes do that by default, so you have to override that if you want to do the weird thing.

                                                                                        1. 1

                                                                                          So presumably future Firefoxes might support this distributed Web natively by maintaining a big-ish local list of gateways?

                                                                                          (I mention Firefox specifically due to its non-profit nature, as this entire idea should sound like anathema to any commercial entity.)

                                                                                          1. 2

                                                                                            I think making each browser installation a first-class IPFS node is the right way to do that.

                                                                                            Assuming Worse-Is-Better, then, sure, throw a list of gateways in there. It needs some logic though.. What happens when you click a link?

                                                                                            On that blog, if you view it through Gateway A and click a link, the link points to some other resource on Gateway A. That’s how the author wrote the links; they are relative URLs. None of these Gateways touch the content, AFAIK.

                                                                                            But, also on that blog are some regular http(s) links that point to gateways…

                                                                                            I guess I am thinking out loud here. These gateways are themselves ordinary websites and making Firefox IPFS-aware will require some work.

                                                                                            1. 1

                                                                                              Currently, the canonical form of IPFS URLs is through the ipfs.io gateway. Browser extension rewrite the URL to the specified custom gateway, often the local machine.

                                                                                        1. 3

                                                                                          Incidentally, I’m looking at https://www.lambda.cd/ right now, which seems to be in the same ballpark as Drone, but probably with even less assumptions about what build steps do.

                                                                                          1. 3

                                                                                            Using Clojure for the build script is neat, I like it, but like many others, LambdaCD fails short on some of my key requirements:

                                                                                            • Builds should be isolated, preferably running in a container.
                                                                                            • It should support triggering builds on pull requests, too.

                                                                                            LambdaCD doesn’t appear to do either out of the box. A quick look suggests that one can build both on top of it, but I’d rather not, when there are other options which do what I need out of the box. Still, there are some good ideas there, will be keeping an eye on it. Thanks for mentioning it!

                                                                                            1. 2

                                                                                              It does the triggering thing, although right now it’s a separate plugin (which they apparently want to ship with the main library at some point): https://github.com/flosell/lambdacd-git#using-web--or-post-commit-hooks-instead-of-polling

                                                                                              Can you explain more about isolation? My simplistic view on it was that one could simply shell out to docker build ., and generally rely on docker itself to manage images. Am I missing some gotcha here?

                                                                                              1. 3

                                                                                                Yeah, that notification thing looks good enough for implementing pull requests, though the pipeline will need to be set up in every case to support that scenario, since the pipeline is responsible for pulling the source too. Thus, it must be ready to pull it from a branch, or a different ref, or tag, or whatever. Having to implement this for every single repo is not something I’d like to do. Yes, I could implement a function to do that, and remember to use it in every pipeline, but… this is something I’d expect the CI system to do for me.

                                                                                                Looking further into LambdaCD, this part of the HOWTOs suggest that while pipelines are code, they are not in the same repository as the code to build. This means that when I add a new project, I need to touch two repos now. If I have a project with more than one branch, and I want to run different pipelines in the branches, this makes that much more complicated. For example, I have a master and debian/master branch: on master I do the normal CI stuff, on debian/master, I test the packaging only, or perhaps in addition; or I’m implementing a new feature, which requires a new dependency, so I want that branch to have that dependency installed too - both of these would be cumbersome. If, like in the case of Drone, or Travis, if the pipeline is part of the source repo, neither of these is a problem: I simply adjust .drone.yml / .travis.yml, and let the system deal with it.

                                                                                                Additionally, if someone else implements a feature, and submits a pull request, I want them to be able to modify the pipeline, to add new dependencies, or whatever is needed for the feature. But I do not want to give them access to all of my pipelines, let alone my host system. I don’t think this can be achieved with LambdaCD’s architecture.

                                                                                                Can you explain more about isolation? My simplistic view on it was that one could simply shell out to docker build ., and generally rely on docker itself to manage images. Am I missing some gotcha here?

                                                                                                It’s not that easy. First, I don’t want to run docker build .. I don’t need to build a new image for every project I have. I want each of my stages to execute in a container, by default, with no other option. I do not want the pipeline to have access to the host system under normal conditions. To better highlight what goes on under the hood, lets look at an example. See this Drone control file for example, which on one hand is reasonably simple, but it achieves quite a few things.

                                                                                                The dco and signature-check stages execute in parallel, in two different containers, using two different images (with the sources mounted as a volume). The latter only on tag events. Under the hood, this pulls down the image if it’s not available locally yet, runs them in docker with the sources mounted, and fails the build if any of them fail.

                                                                                                The bootstrap and tls-certificate stages run parallel again, using the same image, but two containers. This way if I change anything outside of the shared source directory, that won’t cause a conflict. This allows me to install a different set of packages in parallel, and not have a conflict.

                                                                                                The stable-build and unstable-build stages also run parallel, and so on.

                                                                                                There’s also a riemann service running in the background, which is used for some of the test cases.

                                                                                                Shelling out to docker is easy, indeed. Orchestrating all of the above - far from it. It could be implemented in LambdaCD too, with wrapper functions/macros/whatever, but this is something I don’t want to deal with, something which Drone does for me out of the box, and it’s awesome.

                                                                                                1. 1

                                                                                                  Thank you very much for such a detailed response! I’ll give it a thorough thinking because you seem to approach the problem from a completely different side from mine, so may be I need to rethink everything.

                                                                                                  For example, instead of having every project define its own pipeline I’d rather have a single pipeline defined in my CD system which would work for all projects. So it will have logic along the lines “if it’s the master branch deploy to production, if it’s a PR, just run tests”. For it to work, all project will have to follow conventions on how they get built, how they get tested.

                                                                                                  This is something I implemented successfully in the past with Jenkins, but now I’m looking for something more palatable.

                                                                                                  1. 2

                                                                                                    So it will have logic along the lines “if it’s the master branch deploy to production, if it’s a PR, just run tests”.

                                                                                                    Yeah, that makes sense, and might be easier with a global pipeline. Perfectly doable with pipelines defined in the projects themselves too, even if that’s a bit more verbose:

                                                                                                    pipeline:
                                                                                                      tests:
                                                                                                        image: some/image
                                                                                                        commands:
                                                                                                          - make tests
                                                                                                    
                                                                                                      deploy_production:
                                                                                                        image: some/image
                                                                                                        commands:
                                                                                                          - deploy
                                                                                                        when:
                                                                                                          event: [push, tag]
                                                                                                          branch: master
                                                                                                    

                                                                                                    With Drone, this will run tests for everything, PRs, pushing to any branch, tagging. The deploy_production stage will only be run for the master branch, and only on push and tag (this excludes PRs, pushes to any other branch, or tags that aren’t on master). Granted, with a single pipeline, this can be abstracted away, which is nicer. But per-project, in-source pipelines grant me the flexibility to change the pipeline along with the rest of the project. When adding new dependencies, or new testing steps, this is incredibly convenient, in my experience.

                                                                                                    Mind you, there’s no solution that fits all use cases. If you mostly have uniform projects, a global pipeline has many benefits over per-project ones. For a company with well controlled, possibly internal repos, likewise. My case is neither of those: I have a bunch of random projects, each with their own nuances, there’s very little in common. For me, a per-project pipeline is more useful.

                                                                                                    1. 1

                                                                                                      If you mostly have uniform projects, a global pipeline has many benefits over per-project ones. For a company with well controlled, possibly internal repos, likewise. My case is neither of those: I have a bunch of random projects, each with their own nuances, there’s very little in common.

                                                                                                      This sums it up nicely!

                                                                                          1. 10

                                                                                            Were I a Windows user if I had had any doubts about switching browsers before, that right there would clench it for me. It’s like a clingy ex.

                                                                                            1. 9

                                                                                              For the average user this might have some pretty devastating effects. Firefox is in decline despite being technically incredible because they don’t have a powerful platform to leverage.

                                                                                              It seems plausible that in the future essentially every windows user will use Edge, every Apple user uses Safari and every Android user uses Chrome. Chrome is pretty much the only browser people manually install and thats because it’s constantly pushed on users on all google pages as well as IE being horrible.

                                                                                              1. 9

                                                                                                It’s actually not that bad, as long as all of them agree on a common standard. And now they have to, because otherwise too much of the Web will look broken to too many users. Anything is better than a monoculture, even if it means that Mozilla who’s been pushing for this diversification all these years doesn’t get to claim winning numbers in terms of users. It doesn’t matter. Firefox’s role is to be a constant threat/challenge that keeps other browser developers honest. In a world where we already have 3 major browsers competing besides Firefox, this role just isn’t emphasized.

                                                                                                And as The Beast, who once saved the world, Firefox will recede to its lair and keep vigil in case any new sons of Mammon arise from the ashes!

                                                                                                1. 1

                                                                                                  They aren’t though. Apple regularly invents proprietary web standards when they need them and only switches to open standards when another org makes them.

                                                                                                2. 1

                                                                                                  Do you mean that Firefox’s market share numbers are declining?

                                                                                              1. 10

                                                                                                I appreciate both the desire to have a formal spec which implementations can be compared against, and the desire to capture things as they really are. A spec no-one follows is worse than useless; someone will write an implementation against it, then wonder why everything else seems to do things incompatibly.

                                                                                                Unfortunately, it’s very difficult to formally capture what’s arisen from a process of ad hoc implementations. I experienced this working on CommonMark; its spec is incredibly long, and isn’t even a grammar; it’s more like what WHATWG put together for the URI, for the same reasons.

                                                                                                1. 6

                                                                                                  Bear in mind that the URL syntax did have RFCs, so it didn’t purely arise from a process of ad hoc implementations. I’m not 100% sure the RFC did actually capture what browsers were already doing, but it certainly helped in focusing the existing implementations towards a common agreement. WHATWG’s spec is a step back from that, IMO.

                                                                                                  1. 8

                                                                                                    Thing is, simply having an RFC is not enough for it to be followed. Here’s the obligatory classic link: https://web.archive.org/web/20110904005422/http://diveintomark.org/archives/2004/08/16/specs

                                                                                                    1. 1

                                                                                                      haha, that’s a great one! I did’t know it yet. Thanks for pointing it out

                                                                                                    2. 5

                                                                                                      WHATWG’s spec is a step back from that, IMO.

                                                                                                      Agreed. It’s a pity, and now that this is done, it’d be very difficult to try to converge again on a spec in the future.

                                                                                                  1. 15

                                                                                                    This started out as a total rant about the current state of the web, insecurity and the lack of proper rigidity in specifications. I decided not to post it while I was all riled up. The next day I rewrote it in its current form. It’s still a bit one-sided as I’m still having trouble understanding their reasoning. I vainly hope they’ll either give me a more coherent explanation why they dropped the formal grammar, or actually fix it.

                                                                                                    1. 15

                                                                                                      The formal grammar doesn’t reflect reality. The browsers started diverging from it years ago, as did the server authors. Sad, but true of many many similar specifications. The WHATWG spec a descriptive spec, not a prescriptive one: it was very carefully reverse engineered from real behaviours.

                                                                                                      1. 8

                                                                                                        You can model that, too. Specs trying to model C with undefined behavior or protocol operation with failure modes just add the extra stuff in there somewhere. Preferably outside of the clean, core, expected functioning. You still get the benefits of a formal spec. You just have to cover more ground in it. Also, good to do spec-based test generation run against all those clients, servers, or whatever to test the spec itself for accuracy.

                                                                                                        1. 1

                                                                                                          … that’s exactly what these modern bizarro algorithmic descriptions of parsers are—rigorous descriptions of real behaviors that have been standardized. “Just add the extra stuff” and this is what you get.

                                                                                                          It sounds like by a “formal spec” you mean a “more declarative and less algorithmic” spec, which definitely seems worthwhile. But be clear about what you want and how it’s different from what people have been forced to do by necessity in order to keep the web running.

                                                                                                          1. 1

                                                                                                            By formal spec, I mean formal specification: a precise, mathematical/logical statement of the standard. A combo of English and formal spec (esp executable) with both remove ambiguities, highlight complexities, and aid correct implementation.

                                                                                                            Certain formal languages also support automatic, test generation from specs. That becomes a validation suite for implementations. A formal spec also allows for verified implementations, whether partly or fully.

                                                                                                            1. 2

                                                                                                              I am exceedingly familiar with what a formal specification is. I am pretty sure you are confused about the difference between rigor and a declarative style—the two are entirely orthogonal. It is possible to specify something in an algorithmic style and to be entirely unambiguous, highlight complexities, aid correct implementation, and support automatic test generation, moreover, this has been done and is done extremely often—industry doesn’t use (or get to use) parser generators all the time.

                                                                                                              1. 1

                                                                                                                Ok, good you know it. It’s totally possible Im confused on rigor. Ive seen it used in a few different ways. How do you define it?

                                                                                                                1. 2

                                                                                                                  Sorry for the delay, renting a car :(

                                                                                                                  I would define rigor as using mathematics where possible and extremely precise prose when necessary to removing ambiguity, like you pointed out. Concretely, rigor is easier to achieve when the language you are writing in is well defined.

                                                                                                                  If you written using mathematical notation you get the advantage of centuries of development in precision—you don’t have to redefine what a cross product or set minus or continuity are, for example, which would be very painful to do in prose.

                                                                                                                  Specs try to achieve the same thing by using formalized and often stilted language and relying on explicit references to other specs. Because mathematicians have had a much longer time to make their formalisms more elegant (and to discover where definitions were ambiguous—IIRC Cauchy messed up his definition of convergence and no one spotted the error for a decade!) specs are often a lot clunkier.

                                                                                                                  For an example of clunkiness, look at the Page Visibility API. It’s an incredibly simple API, but even then the spec is kind of painful to read. Sorry I can’t link to the specific section, my phone won’t let me. https://www.w3.org/TR/page-visibility/#visibility-states-and-the-visibilitystate-enum

                                                                                                                  Separately, for an example of formal methods that looks more algorithmic than you might normally expect, see NetKAT, which is a pretty recent language for programming switches. https://www.cs.cornell.edu/~jnfoster/papers/frenetic-netkat.pdf

                                                                                                                  Certainly web spec authors have a long way to go until they can commonly use formalisms that are as nice as NetKATs. But they still have rigor, just within the clunky restrictions imposed by having to write in prose.

                                                                                                      2. 5

                                                                                                        I have to parse sip: and tel: URLs (RFC-3261 and RFC-3966) for work. I started with the formal grammar specified in the RFCs (and use LPeg for the parsing) and even then, it took several iterations with the code to get it working against real-world data (coming from the freaking Monopolistic Phone Company of all places!). I swear the RFCs were written by people who never saw a phone number in their life. Or were wildly optimistic. Or both. I don’t know.

                                                                                                        1. 8

                                                                                                          I may hazard a guess… I watched the inception of WHATWG and used to follow their progress over several years, so I have a general feeling of what they’re trying to do in the world.

                                                                                                          WHATWG was born as an anti-thesis to W3C’s effort to enforce a strict XHTML on the Web. XHTML appealed to developers, both of Web content and of user agents, because, honestly, who doesn’t want a more formal, simpler specification? The problem was that the world “in large” is not rigid and poorly lends itself to formal specifications. WHATWG realized that and attempted to simply describe the Web in all its ugliness, complete with reverse engineered error handling of non-cooperative browsers. They succeeded.

                                                                                                          So I could imagine the reasoning for dropping the formal specification is due to admitting the fact that it can’t be done in a fashion compatible with the world. Sure, developers would prefer to have ABNF for URLs, but users prefer browsers where all URLs work. Sorry :-(

                                                                                                          1. 3

                                                                                                            This is my understanding too, but you still need to nail down some sort of “minimally acceptable” syntax for URLs to prevent further divergence and to guide new implementations.

                                                                                                        1. 9

                                                                                                          Minor nitpick in an otherwise excellent article.

                                                                                                          I think in every Software Engineers life comes a time when he needs to decide if he wants to pursue a career in engineering or switch to management.

                                                                                                          I would encourage using they instead of “he”. Small change but makes quite a lot of difference.

                                                                                                          1. 8

                                                                                                            By the way… Given that the author’s name is Slavic, this is most likely comes from our languages’ coordination of pronouns with the grammatical gender of the preceding word. In Russian/Ukrainian/Belorussian the word “engineer” is of male gender grammatically, so it’s inevitably followed by “he”.

                                                                                                            1. 3

                                                                                                              Interesting. I didn’t know that. Thanks!

                                                                                                            2. 8

                                                                                                              Hey, sure! Thanks for the heads up

                                                                                                              1. 1

                                                                                                                in my experience, it is at least an upwards move in terms of pay (not to equivocate that with worth).

                                                                                                              1. 23

                                                                                                                I don’t think that direction is “up” ;)

                                                                                                                1. 6

                                                                                                                  agreed. it’s at best sideways, but in reality, it’s downward for a time. nobody will necessarily respect your opinion as management in an org just because you’ve been promoted.

                                                                                                                  1. 2

                                                                                                                    The article actually does distinguish between “moving up” and “switching from engineering to management”. It’s the title of the link here on lobste.rs that’s misleading.

                                                                                                                    1. 2

                                                                                                                      Perhaps, this is a personal opinion of mine. I consider both moving to a Software Architect position or Management position as going up.