1. 20

    (context: I’ve used Go in production for about a year, and am neither a lover nor hater of the language, though I began as a hater.)

    With that said, my take on the article is:

    1. The “order dependence” problem is a non-problem. It doesn’t come up that often, dealing with it easy – this is simply low-priority stuff. If I wanted to mention it, it would be as an ergonomic nitpick.
    2. The infamous Go error handling bloat, while annoying to look at, has the great benefit of honesty and explicitness: You have to document your errors as part of your interface, and you have to explicitly deal with any error-producing code you use. Despite personally really caring about aesthetics and hygiene – and disliking the bloat like the author – I’ll still take this tradeoff. I also work in ruby, and while raising errors allows you to avoid this boilerplate, it also introduces a hidden, implicit part of your interface, which is worse.

    It’s also worth pointing out Rob Pike’s Errors are Values which offers advice for mitigating this kind of boilerplate in some situations.

    1. 22

      There’s a difference between explicitness and pointless tediousness.

      Go’s error handling is more structured compared to error handling in C, and more explicit and controllable compared to unchecked exceptions in C++ and similar languages. But that’s a very low bar now.

      Once you get a taste of error handling via sum types (generic enums with values), you can see you can have the cake and eat it too. You can have very explicit error documentation (via types), errors as values, and locally explicit control flow without burdensome syntax (via the ? syntax sugar).

      1. 4

        I agree.

        But Go, eg, is not Haskell, and that’s an explicit language design decision. I think Haskell is a more beautiful language than Go, but Go has its reasons for not wanting to go that direction – Go values simple verbosity over more abstract elegance.

        1. 14

          If it’s Go’s decision then ¯\_(ツ)_/¯

          but I’ve struggled with its error handling in many ways. From annoyances where commenting out one line requires changing = to := on another, silly errors due to juggling err and err2, to app leaking temp files badly due to lack of some robust “never forget to clean up after error” feature (defer needs to be repeated in every function, there isn’t errdefer even, and there’s no RAII or deterministic destruction).

          1. 4

            Sounds like you’re fighting the language 🤷

            1. 2

              commenting out one line requires changing = to := on another

              I do not agree that this is a problem. := is an explicit and clear declaration that helps the programmer to see in which scope the variable is defined and to highlight clear boundaries between old and new declarations for a given variable name. Being forced to think about this during refactoring is a good thing.

              1.  

                Explicit binding definition by itself is good, but when it’s involved in error propagation it becomes a pointless chore.

                That’s because variable (re)definition is not the point of error handling, it’s only self-inflicted requirement go made for itself.

                1.  

                  Go takes the stance that error propagation is not different than any other value propagation. You don’t have to agree that it’s a good decision, but if you internalize the notion that errors are not special and don’t get special consideration, things fall into place.

              2. 2

                there isn’t errdefer even

                I mean, it’s a pretty trivial helper func if you want it:

                func Errdefer(errp *error, f func()) {
                    if (*err) != nil {
                        f()
                    }
                }
                
                func whatever() (err error) {
                    defer Errdefer(&err, func() {
                       // cleanup
                    })
                    // ...
                }
                

                In general, to have fun in Go, you have to have a high tolerance for figuring out what 3 line helper funcs would make your life easier and then just writing them. If you get into it, it’s the fun part of writing Go, but if you’re not into it, you’re going to be “why do I have to write my own flatmap!!” every fourth function.

                1. 1

                  commenting out one line requires changing = to := on another

                  IMHO := (outside of if, for & switch) was a mistake; I prefer a C-style var block at the top of my function.

                  silly errors due to juggling err and err2

                  I think that this is mostly avoidable.

                2. 5

                  Yup, Go (well, presumably Rob Pike) made a lot of explicit design decisions like this, which drove me away from the language after a year or two and many thousands of LOC written.

                  Beside the awfulness of error handling, other big ones were the inane way you have to rename a variable/function just to change its visibility, the lack of real inheritance, and the NIH attitude to platform ABIs that makes Go a mess to integrate with other languages. The condescending attitude of the Go team on mailing lists didn’t help either.

                  1. 3

                    There is no value in verbosity, though. It’s a waste of characters. The entire attitude is an apology for the bare fact that Go doesn’t have error-handling syntax.

                    1. 8

                      What you label “verbosity” I see as “explicitness”. What to you is a lack of error-handling syntax is to me a simplification that normalizes execution paths.

                      It’s very clear to me that the people who dislike Go’s approach to error handling see errors as a first-class concept in language design, which deserves special accommodation at the language level. I get that. I understand the position and perspective. But this isn’t an objective truth, or something that is strictly correct. It’s just a perspective, a model, which has both costs and benefits. This much at least is hopefully noncontroversial. And Go makes the claim that, for the contexts which it targets, this model of error handling has more costs than benefits. If you want to object to that position then that’s fine. But it’s — bluntly — incorrect to claim that this is some kind of apologia, or that Go is missing things that it should objectively have.

                      1. 1

                        It often feels to me that people who complain about error handling in Go have never suffered dealing with throwing and catching exceptions in a huge codebase. At least in Go, you can be very explicit on how to handle errors (in particular, non-fatal ones) without the program trying to catapult you out of an escape hatch. Error handing is tedious in general, in any language. I don’t think Go’s approach is really any more tedious than anywhere else.

                        1. 2

                          Error handing is tedious in general, in any language. I don’t think Go’s approach is really any more tedious than anywhere else.

                          Yep, and a bit more — it brings the “tedium” forward, which is for sure a short term cost. But that cost creates disproportionate long-term benefits, as the explicitness reduces risk otherwise created by conveniences.

                      2. 2

                        The argument isn’t that verbosity has a value in itself – it doesn’t.

                        The argument is that if you have to choose between “simple, but concrete and verbose” and “more complex and abstract, but elegant”, it’s better to choose the former. It’s a statement about relative values. And you see it everywhere in Go. Think about the generics arguments:

                        People: “WTF! I have to rewrite my function for every fucking datatype!”.
                        Go: “What’s the big deal? It’s just some repeated code. Better than us bloating the language and making Go syntax more complex”

                        They caved on that one eventually, but the argument is still germane.

                        As I said, I don’t personally like all the decisions, and it’s not my favorite language, but once I got where they were coming from, I stopped hating it. The ethos has value.

                        It all stems from taking a hard line against over-engineering. The whole language is geared toward that. No inheritance. You don’t even get map! “Just use a for loop.” You only see the payoff of the philosophy in a large team setting, where you have many devs of varying experience levels working over years on something. The “Go way” isn’t so crazy there.

                  2. 3

                    Java included exceptions in the function signature and everyone hated those, even Kotlin made them optional. Just like how this Python developer has grown to enjoy types, I also enjoy the explicit throws declarations.

                    1. 3

                      you have to explicitly deal with any error-producing code you use.

                      Except if you forget to deal with it, forget to check for the error, or just drop it.

                    1. 2

                      @shantnu_tiwari, Which of the multitude of environment managers listed do you recommend?

                      1. 6

                        I would try to stick to standard virtualenv + pip, if you can.

                        Some libraries may not work, but if you try the other package managers, you end up going down a rabbit hole…

                      1. 26

                        There are a lot of extensions that automatically select the ‘reject all’ or walk the list and decline them all. Why push people towards one that makes them agree? The cookie pop-ups are part of wilful misinterpretation of the GDPR: you don’t need consent for cookies, you need consent for tracking and data sharing. If your site doesn’t track users or share data with third parties, you don’t need a pop up. See GitHub for an example of a complex web-app that manages this. Generally, a well-designed site shouldn’t need to keep PII about users unless they register an account, at which point you can ask permission for everything that you need to store and explain why you are storing it.

                        Note also that the GDPR is very specific about requiring informed consent. It is not at all clear to me that most of these pop-ups actually meet this requirement. If a user of your site cannot explain exactly what PII handling they have agreed to then you are not in compliance.

                        1. 4

                          Can’t answer this for other people, but I want tracking cookies.

                          When people try to articulate the harm, it seems to boil down to an intangible “creepy” feeling or a circular “Corporations tracking you is bad because it means corporations are tracking you” argument that begs the question.

                          Tracking improves the quality of ad targeting; that’s the whole point of the exercise. Narrowly-targeted ads are more profitable, and more ad revenue means fewer sites have to support themselves with paywalls. Fewer paywalls mean more sites available to low-income users, especially ones in developing countries where even what seem like cheap microtransactions from a developed-world perspective would be prohibitively expensive.

                          To me, the whole “I don’t care if it means I have to pay, just stop tracking me” argument is dripping with privilege. I think the ad-supported, free-for-all-comers web is possibly second only to universal literacy as the most egalitarian development in the history of information dissemination. Yes, Wikipedia exists and is wonderful and I donate to it annually, but anyone who has run a small online service that asks for donations knows that relying on the charity of random strangers to cover your costs is often not a reliable way to keep the bills paid. Ads are a more predictable revenue stream.

                          Tracking cookies cost me nothing and benefit others. I always click “Agree” and I do it on purpose.

                          1. 3

                            ‘an intangible “creepy” feeling’ is a nice way of describing how it feels to find out that someone committed a serious crime using your identity. There are real serious consequences of unnecessary tracking, and it costs billions and destroys lives.

                            Also I don’t want ads at all, and I have no interest in targeted ads. If I want to buy things I know how to use a search bar, and if I don’t know I need something, do I really need it? If I am on a website where I frequently shop I might even enable tracking cookies but I don’t want blanket enable them on all sites.

                            1. 4

                              How does it “costs billions and destroys lives”?

                              1. 2

                                https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-2020/csn_annual_data_book_2020.pdf see page 8. This is in the US alone and does not take the other 7.7b people in the world into account. I will admit it is not clear what percentage of fraud and identity theft are due to leaked or hacked data from tracking cookies so this data is hardly accurate for the current discussion, but I think it covers the question of ‘how’. If you want more detail just google the individual categories in the report under fraud and identity theft.

                                Also see this and this

                                But I covered criminal prosecution in the same sentence you just quoted from my reply above so clearly you meant ‘other than being put in prison’. Also, people sometimes die in prison, and they almost always lose their jobs.

                                1. 4

                                  The first identity theft story doesn’t really detail what exactly happened surrounding the ID theft, and the second one is about a childhood acquaintance stealing the man’s ID. It doesn’t say how exactly either, and neither does that FTC report as far as I can see: it just lists ID theft as a problem. Well, okay, but colour me skeptical that this is cause by run-of-mill adtech/engagement tracking, which is what we’re talking about here. Not that I think it’s not problematic, but it’s a different thing and I don’t see how they’re strongly connected.

                                  The NSA will do what the NSA will do; if we had no Google then they would just do the same. I also don’t think it’s as problematic as often claimed as agencies such as the NSA also do necessary work. It really depends on the details on who/why/what was done exactly (but the article doesn’t mention that, and it’s probably not public anyway; I’d argue lack of oversight and trust is the biggest issue here, rather than the actions themselves, but this is veering very off-topic).

                                  In short, I feel there’s a sore lack of nuance here and confusion between things that are (mostly) unconnected.

                                  1. 2

                                    Nevertheless all this personal data is being collected, and sometimes it gets out of the data silos. To pretend that it never causes any harm just because some stranger on the internet failed to come up with a completely airtight example case in 5 minutes of web searching is either dishonest or naive. If you really want to know, you can do the research yourself and find real cases. If you would rather just feel comfortable with your choice to allow all tracking cookies that is also totally fine. You asked how, I believe my answer was sufficient and roughly correct. If you feel the need to prove me wrong that is also fine, and I will consider any evidence you present.

                                    1. 2

                                      The type of “personal data” required for identity theft is stuff like social security numbers, passport numbers, and that kind of stuff. That’s quite a different sort of “personal data” than your internet history/behaviour.

                                      To pretend that it never causes any harm just because some stranger on the internet failed to come up with a completely airtight example case in 5 minutes of web searching is either dishonest or naive. If you really want to know, you can do the research yourself and find real cases.

                                      C’mon man, if you’re making such large claims such as “it costs billions and destroys lives” then you should be prepared to back them up. I’m not an expert but spent over ten years paying close attention to these kind of things, and I don’t see how these claims bear out, but I’m always willing to learn something new which is why I asked the question. Coming back with “do your own research” and “prove me wrong then!” is rather unimpressive.

                                      If you would rather just feel comfortable with your choice to allow all tracking cookies that is also totally fine.

                                      I don’t, and I never said anything which implied it.

                                      If you feel the need to prove me wrong that is also fine, and I will consider any evidence you present.

                                      I feel the need to understand reality to the best of my ability.

                                      1. 1

                                        I feel the need to understand reality to the best of my ability.

                                        Sorry I was a bit rude in my wording. There is no call for that. I just felt like I was being asked to do a lot of online research for a discussion I have no real stake in.

                                        GDPR Article 4 Paragraph 1 and GDPR Article 9 Paragraph 1 specify what kind of information they need to ask permission to collect. It is all pretty serious stuff. There is no mention of ‘shopping preferences’. Social security numbers and passport numbers are included, as well as health data, things that are often the cause of discrimination like sexuality/religion/political affiliation. Also included is any data that can be used to uniquely identify you as an individual (without which aggregate data is much harder to abuse) which includes your IP, your real name.

                                        A lot of sites just ask permission to cover their asses and don’t need to. This I agree is annoying. But if a site is giving you a list of cookies to say yes or no to they probably know what they are doing and are collecting the above information about you. If you are a white heterosexual English speaking male then a lot of that information probably seems tame enough too, but for a lot of people having that information collected online is very dangerous in quite real and tangible ways.

                                2. 3

                                  I am absolutely willing to have my view on this changed. Can you point me to some examples of serious identity theft crimes being committed using tracking cookies?

                                  1. 2

                                    See my reply to the other guy above. The FTC data does not specify where the hackers stole the identity information so it is impossible for me to say what percentage are legitimately caused by tracking cookies. The law that mandates these banners refers to information that can be used to identify individuals. Even if it has never ever happened in history that hacked or leaked cookie data has been used for fraud or identity theft, it is a real danger. I would love to supply concrete examples but I have a full time job and a life and if your claim is “Sure all this personal data is out there on the web, and yes sometimes it gets out of the data silos, but I don’t believe anyone ever used it for a crime” then I feel like its not worth my time spending hours digging out case studies and court records to prove you wrong. Having said that if you do some searching to satisfy your own curiosity and find anything definitive I would love to hear about it.

                                  2. 2

                                    someone committed a serious crime using your identity

                                    because of cookies? that doesn’t follow

                                  3. 1

                                    Well this is weird. I think it’s easy to read that and forget that the industry you’re waxing lyrical about is worth hundreds of billions; it’s not an egalitarian development, it’s an empire. Those small online services that don’t want to rely on asking for donations aren’t billion-dollar companies, get a deal entirely on someone else’s terms, and are almost certainly taken advantage of for the privilege.

                                    It also has its own agenda. The ability to mechanically assess “ad-friendliness” already restricts ad-supported content producers to what corporations are happy to see their name next to. I don’t want to get too speculative on the site, but there’s such a thing as an ad-friendly viewer too, and I expect that concept to become increasingly relevant.

                                    So, tracking cookies. They support an industry I think is a social ill, so I’d be opposed to them on that alone. But I also think it’s extremely… optimistic… to think being spied on will only ever be good for you. Advertisers already leave content providers in the cold when it’s financially indicated—what happens when your tracking profile tells them you’re not worth advertising to?

                                    I claim the cost to the individual is unknowable. The benefit to society is Cambridge Analytica.

                                  4. 2

                                    The cookie law is much older than GDPR. In the EU you do need consent for cookies. It is a dumb law.

                                    1. 11

                                      In the EU you do need consent for cookies. It is a dumb law.

                                      This is not true. In the EU you need consent for tracking, whether or not you do that with cookies. It has to be informed consent, which means that the user must understand what they are agreeing to. As such, a lot of the cookie consent UIs are not GDPR compliant. Max Schrems’ company is filing complaints about non-compliant cookie banners.

                                      If you only use functional cookies, you don’t need to ask for consent.

                                      1. 3

                                        https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:31995L0046 concerns consent of user data processing.

                                        https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32002L0058 from 2002 builds on the 1995 directive, bringing in “cookies” explicitly. Among other things it states “The methods for giving information, offering a right to refuse or requesting consent should be made as user-friendly as possible.”

                                        In 2009 https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32009L0136 updated the 2002 directive, closing a few loop holes.

                                        The Do-Not-Track header should have been enough signal to cut down on cookie banners (and a few websites are sensible enough to interpret it as universal rejection for unnecessary data storage), but apparently that was too easy on users? It went as quickly as it came after Microsoft defused it by enabling it by default and parts of adtech arguing that the header doesn’t signify an informed decision anymore and therefore can be ignored.

                                        If banners are annoying it’s because they’re a deliberate dark pattern, see https://twitter.com/pixelscript/status/1436664488913215490 for a particularly egregious example: A direct breach of the 2002 directive that is typically brought up as “the cookie law” given how it mandates “as user-friendly as possible.”

                                        1. 2

                                          I don’t understand what you’re trying to say. Most cookie banners on EU sites are not at all what I’d call a dark pattern. They’re just trying to follow the law. It is a stupid law which only trained people to click agree on all website warnings, making GDPR less effective. Without the cookie law, dark patterns against GDPR would be less effective.

                                          1. 3

                                            The dark pattern pgeorgi refers to is that on many cookie banners, the “Refuse all” button requires more clicks and/or more careful looking than the “Accept all” button. People who have trained themselves to click “Accept” mostly chose “Accept” because it is easier — one click on a bright button, and done. If “Refuse all” were equally easy to choose, more people would train themselves to always click “Refuse”.

                                            Let’s pretend for a moment the cookie law no longer exists. A website wants to set a tracking cookie. A tracking cookie, by definition, constitutes personally identifiable information (PII) – as long as the cookie is present, you can show an ad to specifically that user. The GDPR recognizes 6 different conditions under which processing PII is lawful.

                                            The only legal ground to set a tracking cookie for advertising purposes is (a) If the data subject has given consent to the processing of his or her personal data. I won’t go over every GDPR ground, but suffice it to say that tracking-for-advertising-purposes is not covered by

                                            • (b) To fulfil contractual obligations with a data subject;
                                            • nor is it covered by (f) For the legitimate interests of a data controller or a third party, unless these interests are overridden by interests of the data subject.

                                            So even if there were no cookie law, GDPR ensures that if you want to set a tracking cookie, you have to ask the user.

                                            Conversely, if you want to show ads without setting tracking cookies, you don’t need to get consent for anything.

                                            1. 2

                                              I feel the mistake with the whole “cookie law” thing is that it focuses too much on the technology rather than what people/companies are actually doing. That is, there are many innocent non-tracking reasons to store information in a browser that’s not “strictly necessary”, and there are many ways to track people without storing information in the browser.

                                            2. 1

                                              I’m not saying that dark patterns are employed on the banners. The banners themselves are dark patterns.

                                              1. 1

                                                The banners often come from freely available compliance packages… It’s not dark, it’s just lazy and badly thought out, like the law itself.

                                                1. 1

                                                  What about the law do you think is badly thought out?

                                                  1. 1

                                                    The cookie part of the ePrivacy Directive is too technological. You don’t need consent, but you do have to inform the user of cookie storage (or localstorage etc) no matter what you use it for. It’s unnecessary information, and it doesn’t protect the user. These are the cookie banners that only let you choose “I understand”, cause they only store strictly necessary cookies (or any kind of cookie before GDPR in 2016).

                                                    GDPR is the right way to do it. The cookie part of EPR should have been scrapped with GDPR. That would make banners that do ask for PII storage consent stand out more. You can’t make you GDPR banner look like an EPR information banner if EPR banners aren’t a thing.

                                        2. 2

                                          Usually when I see the cookie consent popup I haven’t shared any personal information yet. There is what the site has from my browser and network connection, but I trust my browser, uBlock origin and DDG privacy tools to block various things and I use a VPN to somewhere random when I don’t want a site to know everything it can about my network location.

                                          If I really do want to share personal info with a site, I’ll go and be very careful what I provide and what I agree too, but also realistic in that I know there are no guarantees.

                                          1. 8

                                            If you’re using a VPN and uBlock origin, then your anonymity set probably doesn’t contain more than a handful of people. Combined with browser fingerprinting, it probably contains just you.

                                            1. 2

                                              Should I be concerned about that? I’m really not sure I have properly thought through any threats from the unique identification that comes from that. Do you have any pointers to how to figure out what that might lead to?

                                              1. 9

                                                The point of things like the GDPR and so on is to prevent people assembling large databases of correlated knowledge that violate individual privacy. For example, if someone tracks which news articles you read, they have a good first approximation of your voting preferences. If they correlate it with your address, they can tell if you’re in a constituency where their candidate may have a chance. If you are, they know the issues that are important to you and so can target adverts towards you (including targeted postal adverts if they’re able to get your address, which they can if they share data with any company that’s shipped anything physical to you) that may influence the election.

                                                Personally, I consider automated propaganda engines backed by sophisticated psychological models to be an existential threat to a free society that can be addressed only by some quite aggressive regulation. Any unique identifier that allows you to be associated with the kind of profile that these things construct is a problem.

                                              2. 2

                                                Do you have a recommendation?

                                            2. 2

                                              The problem with rejecting all the tracking is that without it most ad networks will serve you the worst/cheapest untargeted adverts which have a high chance of being a vector for malware.

                                              So if you reject the tracking you pretty much have to also run an ad-blocker to protect yourself. Of course if you are running an ad blocker then the cookies arent going to make much difference either way.

                                              1. 1

                                                I don’t believe it makes any difference whether you agree or disagree? the goal is just to make the box go away

                                                1. 2

                                                  Yes. If I agree and they track me, they are legally covered. If I disagree and they track me then the regulator can impose a fine of up to 5% of their annual turnover. As a second-order effect: if aggregate statistics say 95% of people click ‘agree’ then they have no incentive to reduce their tracking, whereas if aggregate statistics say ‘10% leave the page without clicking either, 50% click disagree’ then they have a strong case that tracking will lose them business and this will impact their financial planning.

                                              1. 4

                                                This post made me wonder - is there are serious, production level software being written in array languages these days? APL was created in different times and I understand it did have some use. But outside of gimmicks and fun does anyone now work with K, J and others? (And not just to keep legacy apps alive) What would be the reasons to do that?

                                                1. 11

                                                  Yes. K is widely used in the trading and finance world. Dyalog APL is a modern commercial vendor with at least enough paying customers to support the company – I don’t know what the numbers are. And J has at least some customers, I get the feeling fewer but don’t know for sure. These languages are definitely not just gimmicks.

                                                  1. 5

                                                    Do you know why they’re chosen over languages with more available experience / support / better integrated IDEs?

                                                    1. 9

                                                      For q/kdb+, there’s a huge amount of momentum and a very specific niche. Nobody is writing huge applications in q (okay, some people are, but not many). Instead, for example, they’re writing very specialized programs that analyze a billion stock trades and try to find patterns. The language is designed to make exactly that kind of thing concise and fast.

                                                      1. 6

                                                        What lorddimwit said for K. Also this page might help: https://kx.com/resources/use-cases/.

                                                        In the case of APL/J I’m not sure what the story is today. One part of the mythology was that a small team of experienced APL/J developers could be more productive than a team 5-10x the size in a mainstream language, because you are operating at a much higher level of abstraction and writing much less code. I’m sure such teams did exist, but even as a huge fan of these languages I am very skeptical of the claim generalizing to developers in general. First, because these languages are much harder to learn fluently than mainstream languages. Second, I think it’s hard to separate out the “the language” effect from the effects of “you just had very smart group of people” and “everyone is highly fluent in a single language” and “everyone is passionate about the language.”

                                                        Nevertheless, that is one of the selling points, and that central value proposition is still reflected on Dyalog’s homepage:

                                                        Dyalog delivers an APL-based development environment that allows both subject matter experts and IT specialists to efficiently convert ideas into software solutions.

                                                        1. 5

                                                          these languages are much harder to learn fluently than mainstream languages.

                                                          When I was a kid, a friend showed me some APL he was writing, and also the “game of life” example. So I got hooked, and ended up writing about a thousand lines of APL. APL was easy. Not much to it. Functional programming was harder for me to learn (as a kid): the idea of recursive functions was a tough nut for me to crack. And this was before the era of modern, hyper complex programming languages, like Rust and C++, which are many orders of magnitude more complicated than APL.

                                                          C++ has float vs int, unsigned vs signed, char, short, int, long, long long vs int8_t, int16_t, int32_t, int64_t, etc, with complex conversion rules, and with different laws of arithmetic for different number types. 7/2==3 but 7.0/2.0==3.5, and so on. APL just has numbers, that’s it.

                                                          C++ has data abstraction with classes, single inheritance vs multiple inheritance, private vs protected vs public inheritance, constructors, destructors, and on and on. APL has a fixed set of primitive data types with no way to define new ones. You learn those basic data types (which are very simple) and you are done.

                                                          C++ has 14 ways to initialize a variable, APL has one. C++ has something like 23 different levels of operator precedence, which few people are ever able to memorize, APL has maybe 2 levels (verbs vs adverbs).

                                                          As a professional programmer, I’ve written hundreds of thousands of lines of C++. I still have no idea what SFINAE means, and I don’t care. I just use google, online C++ references, and copy/paste snippets like everybody else. I gave up hope years ago of understanding C++ in the deep way that I used to understand APL, or even C.

                                                          The claim that APL is “much harder to learn” is absurd, if you just compare language complexity. So this claim needs a lot of caveats and qualifications. The word “fluently” is used as a qualification. Okay, what’s different about APL is that you use different idioms to write code than you do in mainstream languages. If you have already invested years of your life to become fluent in hypercomplex mainstream idioms, then you may feel that you have to start over from scratch to learn and use APL fluently, which is a different experience than switching from one mainstream language to another. Mainstream languages tend to be mostly the same, with minor differences in syntax, but they all mostly support the same idioms.

                                                          1. 3

                                                            Yes, C++ is a much bigger language.

                                                            If you have already invested years of your life to become fluent in hypercomplex mainstream idioms, then you may feel that you have to start over from scratch to learn and use APL fluently, which is a different experience than switching from one mainstream language to another. Mainstream languages tend to be mostly the same, with minor differences in syntax, but they all mostly support the same idioms.

                                                            This is basically where I am coming from. I think if you took a young person with no prior experience and taught them APL or J in high school (which has been done) you won’t have a big problem.

                                                            But for an experienced programmer “array thinking” is a huge paradigm shift. Learning J, for me, was much harder than learning Haskell, for example. There is a much steeper “unlearning” process too.

                                                            You only have to learn about 50 primitives, but many of those primitives don’t map 1-1 to standard functions in other languages (eg, J’s copy verb # and the filtering idiom #~ based on it). And to be fluent, there are many combinations and idioms you have to learn as well, not to mention hooks and forks and longer trains.

                                                            Getting to the point where you can frame a problem as an array problem, and quickly write up an idiomatic solution in the same amount of time that you could do the same in Python, say – that’s what I’m claiming is going to take much longer.

                                                            1. 2

                                                              APL has maybe 2 levels (verbs vs adverbs).

                                                              • control structures

                                                              • (line) separators

                                                              • guards

                                                              • copulae

                                                              • verbs

                                                              • adverbs

                                                              • stranding

                                                              • parentheses, brackets, braces

                                                              And all the demons of regular precedence show up again in numeric literals. For instance: 1e¯2j3 is (1e(¯2))j3; nars and j have as many as 4 levels.

                                                              Still orders of magnitude simpler than most other languages, though.

                                                              1. 1

                                                                Footnote: adverbs are accompanied by conjunctions (or, to use the traditional vocabulary, operators may be monadic or dyadic).

                                                          2.  

                                                            In my very much newbie view, performance (automatic SIMD, although not automatic multi-core parallelism) and succintness. (There is really something magical about the core of your program taking eg. 8 characters instead of 200 lines. The function itself is frequently is shorter than the name you’d give it.)

                                                        2. 2

                                                          There is a list of companies using those language here.

                                                          1. 1

                                                            I’d consider Julia to be a successor of APL. It is widely used in scientific computing and seems to be starting to displace Fortran for a bunch of things.

                                                          1. 8

                                                            Alternatively, one can use static named directory. It has the advantage of being expanded at any place, so it works with any command, not just with cd.

                                                            1. 1

                                                              Is this approach zsh only?

                                                              1. 2

                                                                Yes. AFAIK, bash does not have this.

                                                              2. 1

                                                                Wow! I had no idea such a thing existed. Definitely it looks like a more complete solution than mine, although also more complex. Still good to learn something new :)

                                                                1. 1

                                                                  I also like the words of wisdom thar you can just use shell variables.

                                                                  https://vincent.bernat.ch/en/blog/2015-zsh-directory-bookmarks#fn-variables

                                                                  You only lose the prompt expansion.

                                                                1. 32

                                                                  This seems like an oversimplification, and an unreasonable one.

                                                                  This model is true if a dependency has a fixed benefit and a cost that scales linearly with the cost of your app. There probably are some dependencies that work that way, but I doubt it’s all, and I’m not even sure if it’s most. The author mentions just using jQuery, but comparing jQuery and React, both the costs and benefits of React scale with the size of the app.

                                                                  In other cases, building your own solution might be great when you’re small–you build a solution that works perfectly for your use case, and avoid the complexity of the dependency. But as you grow, you may find yourself wandering into increased complexity. If that happens, you can end up reimplementing the complexity of the dependency, but without the benefit of a community that has already solved some of those problems.

                                                                  A final issue with NIH is that it can impose a real cost when dealing with turnover and on-boarding new people. The tacit knowledge that current employees has is lost, and new employees will expect things to work like “standard” tools they’ve used elsewhere.

                                                                  …that was three somewhat pro-dependency paragraphs, but that’s not the whole picture either. The same dynamic that I’ve cited above can go in reverse. There have been times when my judgment is that depencies don’t pull their weight, but for the opposite reason the author thought–I didn’t think we’d be using enough functionality to justify it. Our version might not be as robust, but it would be 10-100x less code, perfectly match our use case, and we could adjust the functionality in a single commit.

                                                                  The real point isn’t to be pro or anti dependency, but to argue that you need to understand how the costs or benefits of any particular dependency will play out for your project.

                                                                  1. 5

                                                                    The tacit knowledge that current employees has is lost, and new employees will expect things to work like “standard” tools they’ve used elsewhere.

                                                                    You meant this part as pro-dependency, but I think it can work equally well for anti-dependency.

                                                                    “Standard” carries a lot of weight here, and assumes that the bespoke tool is harder to learn than the standard one. It also assumes that every current devs, and new ones, are proficient in the standard tool. But if that “standard” tool is React, or Angular, say, this often won’t be the case.

                                                                    I have personally seen all of React brought in to add a little bit of dynamic functionality to one part of one page. On a team where most people had never used React and about 50 lines of vanilla JS could have done the same job as the 50 lines of React did (and we ultimately did rewrite it to remove React).

                                                                    It’s not just about the tradeoff between “re-implementation cost” and “learning cost.” It’s about accurately measuring both. But ime the full costs of dependencies are rarely measured correctly. This failure is magnified by the programmer’s love of new toys, and the rationalizations they’ll make to satisfy it.

                                                                    1. 2

                                                                      The tacit knowledge that current employees has is lost, and new employees will expect things to work like “standard” tools they’ve used elsewhere.

                                                                      An organisation can try to do an industry scale inverse Conway’s maneuver by pushing its internal solution as a “standard.” When it works, the organisation reduces their cost of onboarding!

                                                                      1. 1

                                                                        After your first sentence, I was expecting a strong, non-nuanced opinion.

                                                                        But your comment is nicely nuanced and balanced and drills right to the root issue. Thanks!

                                                                        1. 1

                                                                          As org gets big they have more money to consider inhouse solutions.

                                                                          As for the inverse graph, would it apply to something like git or gcc? You got big enough the benefit of using gcc goes into the negative (or zero)?

                                                                          1. 3

                                                                            That may be true in isolation, but you need to factor in two other things: competition and opportunity cost. A company the size of Apple or Google could easily afford to create an in-house GCC competitor, but the money / engineer time spent doing that is money and time spent not doing something else. Apple was very explicit when they started investing in LLVM that they didn’t consider a compiler to be a competitive advantage. Their IDE tooling was, but a toolchain is just table stakes. By investing in an open solution that other companies are also putting money into, they benefit in two ways:

                                                                            • They aren’t paying all of the costs (for a while, Apple was paying for over 50% of LLVM development, that’s dropped off now as others contribute more), so their opportunity cost is lower.
                                                                            • They have the same baseline as their competitors in something that they don’t consider a differentiating feature.
                                                                          2. 1

                                                                            Addendum, since my previous post has a negative tone: I appreciate that the author asked how the cost/benefit analysis changes as a project scales. While I obviously disagree with the generic answer, it’s a good frame and I’ll keep it in mind whenever I try and talk about the subject.

                                                                          1. 4

                                                                            This was a good summary of RBAC.

                                                                            For an excellent critique of the foundational problems with ACLs (which apply to RBAC as well) – and a great introduction to capabilities, which solves those problems – see Chip Morningstar’s “What are capabilities?”.

                                                                            1. 5

                                                                              This is great:

                                                                              When we are surrounded by artifacts and systems that represent an earlier way of doing things, it is almost like they have a magnetic pull. What we believe is possible depends upon what we’ve experienced and it’s unfortunate that many people haven’t experienced great culture, teams, or technical practice. Training, workshops and books can help but they aren’t real experience; they are borrowed experience. They aren’t the same as a real work environment.

                                                                              Social and cultural forces (often hidden) determine almost everything else. Trying to solve problems solely by imparting technical knowledge is doomed to fail.

                                                                              1. 25

                                                                                A quick, rough timeline:

                                                                                • 2005: git is released, and Junio Hemano becomes the core maintainer
                                                                                • 2008: the first thread about staging on the linked article, and, GitHub is formed
                                                                                • 2021: 13 years later, this is still a thing

                                                                                There’s something about “we can’t change this, what about all the people using this” in the early days, becoming an issue for far far longer and for far many more people, that feels like a failure mode.

                                                                                1. 31

                                                                                  I’m reminded of the anecdote about make: Its original author used tab characters for indentation in Makefiles without much thought. Later when they decided to add make to UNIX, they wanted to change the syntax to something more robust. But they were afraid of breaking the ten or so Makefiles in existence so they stuck with the problematic tab syntax that continues to plague us today.

                                                                                  1. 11

                                                                                    Your comment reminds me of the origin of C’s confusing operator precedence rules:

                                                                                    Eric Lippert’s blog post “Hundred year mistakes”

                                                                                    There were several hundred kilobytes of existing C source code in the world at the time. SEVERAL HUNDRED KB. What if you made this change to the compiler and failed to update one of the & to &&, and made an existing program wrong via a precedence error? That’s a potentially disastrous breaking change. …

                                                                                    So Ritchie maintained backwards compatibility forever and made the precedence order &&, &, ==, effectively adding a little bomb to C that goes off every time someone treats & as though it parses like +, in order to maintain backwards compatibility with a version of C that only a handful of people ever used.

                                                                                    But wait, it gets worse.

                                                                                    1. 18

                                                                                      I think this article includes a logical fallacy. It assumes that whatever you’re doing will be successful, and because it is successful, it will grow over time. Since it will grow over time, the best time for breaking changes is ASAP.

                                                                                      What this logic ignores is that any tool that embraces breaking changes constantly will not be successful, and will not grow over time. It is specifically because C code doesn’t need continual reworking that C has become lingua franca, and because of that success, we can comment on mistakes made 40+ years ago.

                                                                                      1. 6

                                                                                        Sure, but this error propagated all the way into Javascript.

                                                                                        I’m not saying C should have changed it. (Though it should.) But people should definitely not have blindly copied it afterwards.

                                                                                    2. 3

                                                                                      I’m curious why you think it is problematic? Just don’t like significant whitespace? But make also has significant newlines…

                                                                                      1. 3

                                                                                        For me it’s because most editors I’ve used (thinking Vim and VSCode) share their tab configs across file types by default.

                                                                                        So if I have soft tabs enabled, suddenly Make is complaining about syntax errors and the file looks identical to if it was correct. Not very beginner friendly.

                                                                                        1. 4

                                                                                          IIRC Vim automatically will set hardtabs in Makefiles for you. So it shouldn’t be a problem, at least there (as long as you have filetype plugin on).

                                                                                          1. 2

                                                                                            I always make sure to have my editor show me if there are spaces at the front of a line. Having leading spaces look the same as r trb is a terrible UX default most unfortunately have

                                                                                        2. 2

                                                                                          Thanks, I hate it

                                                                                          1. 1

                                                                                            What was the problem with tab syntax?

                                                                                        1. 11

                                                                                          I remember this person’s previous airing of dirty laundry in the git community and felt the whole thing was a big waste then, but for some reason this time around I’m here for the dish. The author seems like a nightmare (what other kind of person lists out, in extreme detail, the number of people that agree with them?), but it makes for an amusing read if you disconnect yourself from the outcome.

                                                                                          1. 27

                                                                                            The author seems like a nightmare (what other kind of person lists out, in extreme detail, the number of people that agree with them?

                                                                                            I get where you’re coming from, but in this case, I don’t think so.

                                                                                            The author’s argument is not “I have an opinion, it’s right” but “I have an opinion which nearly the entire community shares, save one key person”. If you want to make an evidence-based case for that argument, you pretty much have to do something like the accounting that he did. Or appeal to general polling results – and you’ll notice the article links to such a poll, presumably to collect such evidence.

                                                                                            My good faith question to you would be: What other tactic do you think he should have taken, given the history here, and the case he wants to make?

                                                                                            1. 5

                                                                                              It’s possible to make a case for consensus without framing it so directly as, “and everybody agrees with me,” which the constant back-and-forth of the text quoting does. As the OP says in the other reply to my comment, “he definitely has an axe to grind and you can feel it.” I’m not in a position to make a positive claim that X tactic is the solution to this problem. My only statement is that whatever tone he’s adopting casts himself in a bad light.

                                                                                            2. 6

                                                                                              Yeah, I’m slightly conflicted as the submitter. I think he definitely has an axe to grind and you can feel it, but it’s also a useful summary of one of git’s major UX issues and why it doesn’t get fixed, even if he’s framing it like he’s a victim here.

                                                                                            1. 16

                                                                                              I like the point about type keys, but one thing that distracted me was the refactoring in step 3. Honestly, the code in step 2 was more readable. The different approaches in step 3 are an example of the DRY principle taken too far.

                                                                                              1. 3

                                                                                                I came to make the same comment.

                                                                                                As a variant of Sandi Metz’s

                                                                                                Duplication is far cheaper than the wrong abstraction

                                                                                                I’ve recently come to:

                                                                                                “A little duplication is better than one more abstraction.”

                                                                                                The abstraction need not be wrong, or even artificial. It has a cost just by virtue of being an abstraction.

                                                                                                1. 3

                                                                                                  createUserWithNotifications? I found that oddly specific as well.

                                                                                                  Admins may have different arguments for notifications so maybe you’ll end up encoding a kind of type flag in the call. Or encode a bunch of stuff in the names of four-line functions.

                                                                                                  The base premise is valuable but “overfitting the cleanliness” runs the risk of painting yourself in a corner and having to clean your way out again.

                                                                                                1. 26

                                                                                                  I am beginning to get concerned at the author’s self-promotion here.

                                                                                                  1. 1

                                                                                                    Do you just mean the number of self-authored articles posted in a row?

                                                                                                    What are the lobste.rs rules (or unofficial norms) around submission frequency?

                                                                                                    1. 18

                                                                                                      For a user account 1 month old, they have only submitted their own stuff, and 3/4 of it has been variations on OOP clickbait.

                                                                                                      Personally, I like to see folks submitting their own stuff–unless it’s really, really good and in most cases frankly it isn’t–at like a 1 in 5 or smaller ratio…and only after they’ve been actively engaging in the community for months.

                                                                                                      1. 9

                                                                                                        He is engaging substantively here in the comments and isn’t promoting a business so I don’t have an issue with it (don’t have an opinion on quality of this post)

                                                                                                        1. 4

                                                                                                          This seems like their way of engaging in the community. I would encourage them to post a variety of sources on top of their own content, but months of other participation before submitting anything of their own seems like gatekeeping. All the posts are well-rated and have led to active conversations that they themselves participate in - I don’t see a big deal.

                                                                                                          1. 8

                                                                                                            I’d say, by the number of spam votes, the community doesn’t want him engaging in this specific way. It’d feel less spammy if he submitted things in addition to anti-OOP rants.

                                                                                                            1. 3

                                                                                                              About 100 upvotes and 150ish comments vs 22 spam votes, mostly on this post where an influential community member commented about self promotion.

                                                                                                              1. 5

                                                                                                                I was already seeing the spam votes on this climb well before friendlysock commented. They’re all on this one because his first two posts weren’t spam while this one is, being his third anti-OOP rant in ten days.

                                                                                                                1. 4

                                                                                                                  I see +36, -18, 20 users hidden. I think it’s safe to say it’s controversial.

                                                                                                              2. 5

                                                                                                                We gatekeep by requiring invitations.

                                                                                                                Gatekeeping with social norms works pretty well for keeping the site worth reading.

                                                                                                                1. 1

                                                                                                                  months of other participation before submitting anything of their own seems like gatekeeping.

                                                                                                                  Yes, that would be the objective.

                                                                                                              3. 6

                                                                                                                What are the lobste.rs rules (or unofficial norms) around submission frequency?

                                                                                                                The top post from an earlier discussion proposed a guideline that one third of your submissions can be your own material.

                                                                                                                The source marks users as heavy self promoters if they authored 51% or more of their submissions.

                                                                                                            1. 2

                                                                                                              Outstanding article. I went down the oop road and got good at it. It declares one claim you must take on faith— that if you insist that “everything is an object”, it’s possible to find a nice set of objects to implement you’re system, and that’s the best way to do things.

                                                                                                              Instead, what it does is tickles a developer’s brain in a super enjoyable way that feels fulfilling … in other words mental masturbation.

                                                                                                              What i found is you often can find an elegant solution that consists of objects, and it will feel like a profoundly beautiful thing when you do. It will feel so right that it convinces many that, “this is the way.”

                                                                                                              But in reality, it’s over-complicated. Your brain has a blast, but it was more about pleasuring your brain by making you work under a challenging limitation. Turns out you could drop that single dogmatic principle and wind up with a simpler solution faster, still elegant and maintainable (which is of course more fulfilling).

                                                                                                              The one claim you had to take on faith, turns out, is exactly where the whole thing breaks down. And the incorrect illusion of “rightness” it gives to the puzzle solver’s brain is the engine that keeps it rolling.

                                                                                                              1. 4

                                                                                                                Instead, what it does is tickles a developer’s brain in a super enjoyable way that feels fulfilling … in other words mental masturbation.

                                                                                                                I very much agree. I do see “every little thing is an encapsulated object that receives messages” as an artificial constraint which acts like a additional challenge akin to ones used in many games. “Complete game without killing anyone” in an RPG game and get a “pacifist” achievement, etc.

                                                                                                                Instead of actually solving the problem and working on solving constraints that are actually important, we tend to get stuck on puzzle solving that makes us feel smart. It’s not limited the OOP. The same kind of motive are e.g. people agonizing over expressing some universal taxonomy, overusing generics to provide “super clean universal abstraction”, or (in Rust) solving a borrow checker puzzle involving 3 lifetimes, just to shave off one data copy in some cold path.

                                                                                                                1. 3

                                                                                                                  Very true, and a good pattern to be aware of (in yourself and others).

                                                                                                                  That said, there is an upside to adding additional constraints: constraints can make things easier to reason about. The most obvious, famous example that comes to mind is maintaining referential transparency in functional programming, and isolating your mutations. Or, say, in React, the way you have actions that update a data model, and then a unidirectional flow of that updated model down into the re-rendered view. In these cases, too, (especially at first) it can be a “puzzle” to figure out how re-structure your problem so that it fits into the paradigm. But in both of these cases, at least imo, there is a huge net benefit.

                                                                                                                  Which is to say that “artifical constraints” per se aren’t the problem. The problem is artificial constraints that are time-consuming but don’t pay you back.

                                                                                                                  1. 1

                                                                                                                    Which is to say that “artifical constraints” per se aren’t the problem. The problem is artificial constraints that are time-consuming but don’t pay you back.

                                                                                                                    Agreed!

                                                                                                                    1. 1

                                                                                                                      I agree, except for semantics… if the constraint has an actual payoff (like “use only pure functions” does, for example), then it is no longer “arbitrary” or “artificial”.

                                                                                                                      “Everything is an object” never had a real payoff… it was just dogmatic koolaid.

                                                                                                                  2. 3

                                                                                                                    I am by no means an OOP-first or an OOP-only and spent years being anti-OOP (but without knowing what OOP was or knowing what I preferred instead) – if I had to be pressed to “pick a paradigm” I would say I’m a functional programmer.

                                                                                                                    However, I have seen (and written myself and tried to come back later) enough “big procedures of doom” to know that is not the way. Or at least not a way I want to have to touch unless for a lot of money. Of course “good procedural” exists just like “good OOP” does but really we should focus on what we (often) have in common, which is that a 50 line procedure with everything inline is (often) an unreadable mess two days later and (more often) gets worse with every edit and so it needs to be modeled somehow (and no, procedures named do_thing, do_second_thing don’t count). You can use polymorphism and call it OOP or you can use closures and call it functional or you can use modules with glue and call it procedural or what have you – the paradigm and the name doesn’t matter, only the result.

                                                                                                                  1. 4

                                                                                                                    I really want to love J. I wrote about it here.

                                                                                                                    The long and short of my feelings is that all of the purported benefits of J could be achieved by a similar but profoundly more regular and comprehensible language and that in practice, even relative clunkers like Python and R are in fact faster for many of the tasks for which J is optimized.

                                                                                                                    Sure, it gives one a thrill to write spectral clustering in 5 obscure lines of magic, but is that thrill worth all the hassle?

                                                                                                                    1. 5

                                                                                                                      Your complaints about J are pretty similar to mine, so I’ll point out that my new language BQN addresses most of them. For example here’s the documentation on lexical scoping and closures, and it has sane list literals as well. It definitely remains in the APL universe, with only 1 or 2 function arguments allowed and a second level of functions called modifiers (but functions and modifiers are first class). And it promotes tacit programming, which you sound kind of ambivalent about (isn’t everyone?). But the supported combinators and the glyphs they use are different, and several users coming from other array languages have said that BQN feels like a big improvement or even a completely different experience in this area. The implementation is still kind of immature, with some missing features and less than top-tier performance (although it will thrash other array languages at scalar computation due to bytecode compilation and primitive JIT), but it’s definitely suitable for scripting and medium-sized data mangling at this point.

                                                                                                                      1. 1

                                                                                                                        BQN is beautiful.

                                                                                                                        1. 1

                                                                                                                          Have you considered writing a BQN transpiler to R or Python so people can use the available libraries? Almost everything I do as a data scientist involves shuffling and otherwise preparing data for use with already implemented algorithms. The fact that J is missing a lot of library stuff (though it does have an OK R interface) is a big part of the reason I don’t use it.

                                                                                                                          But I would also consider using J really anti-social.

                                                                                                                          1. 1

                                                                                                                            Yes, and in fact I did most of a NumPy embedding a while ago. I decided I should probably get the compiler more stable before making a bunch of embedded versions that I have to modify whenever the interface changes. Just yesterday I started seriously working on header support, which is the last big missing feature. After that I’ll look at updating the NumPy version and implementing in Julia. R is probably possible as well. But there are always a lot of things to do so it could be a while before I get to this.

                                                                                                                        2. 3

                                                                                                                          I find it interesting that you’re complaints are very different from my complaints! Some overlap, but I didn’t consider things like the block syntax.

                                                                                                                          Sure, it gives one a thrill to write spectral clustering in 5 obscure lines of magic, but is that thrill worth all the hassle?

                                                                                                                          IMO the best “practical use” of J is as a desktop supercalculator. It’s for when I need to know the size of a symmetry reduction or the distances between roots of a polynomial. I am continually surprised at how often really weird use cases come up for me.

                                                                                                                          1. 2

                                                                                                                            Out of curiosity, what do you do for a living? When I need to desktop calculate I typically use Emacs Lisp or R.

                                                                                                                            1. 2

                                                                                                                              I’m a formal methods consultant.

                                                                                                                          2. 1

                                                                                                                            I love J, and thought your article was a good and thoughtful critique.

                                                                                                                            The only part that felt unfair to me was the discussion of double-bonded verbs. Calling a bonded verb dyadically is a special shortcut form of the power of operator ^::

                                                                                                                            x m&v y ↔ m&v^:x y
                                                                                                                            x u&n y ↔ u&n^:x y
                                                                                                                            

                                                                                                                            (from https://www.jsoftware.com/help/dictionary/d630n.htm)

                                                                                                                            This explains the behavior of all the weird examples. As such, there is no question of them seeming right or goofy or having any hope of being deciphered. Either you’re aware of the shortcut or not.

                                                                                                                          1. 6

                                                                                                                            This is great. Well done. How is the code licensed? I didn’t see anything at:

                                                                                                                            https://github.com/githubocto/repo-visualizer

                                                                                                                            1. 7

                                                                                                                              ah good question! Just added a MIT license.

                                                                                                                            1. 13

                                                                                                                              I’ve also been totally consumed by the same obsession. Lots of money, too: I want to be able to distribute VQGAN models on multiple gpus, which is far beyond my minimal pytorch knowhow. So I’m now looking to pay a contractor.

                                                                                                                              I have this dream of making 2000x2000 pixel murals and printing them to canvas. AWS has EC2 configs with 96 gigs of gpu. I can’t stop thinking about this, and it’s disrupting my life.

                                                                                                                              But it’s also exhilarating. I know it’s “just” an ai generator, but I’m still proud of the stuff I “make”. Here are some of my favorites:

                                                                                                                              My daughter wants to be an artist. What should I tell her? Will this be the last generation of stylists, and we’ll just memorize the names of every great 20th century artist to produce things we like, forever?

                                                                                                                              I worry about this too, but also am excited to see what artists do when they have these tools. And I think it’ll make artists turn more to things like sculpture and ceramics and other forms of art that are still out of the machine’s reach.

                                                                                                                              EDIT: also, a friend and I have been making games based off this. “Guess the city this from this art” or “guess the media franchise”. It does really funny stuff to distinct media styles, like if you put in “homestar runner”

                                                                                                                              1. 5

                                                                                                                                Just my random observation but “your” pieces and the post’s all give the vague appearance of something running through endless loops of simulacra. Said another way, they all share similar brush strokes.

                                                                                                                                I think we’re headed into the (while looking at a Pollock) — “humph, my AI could have painted that!” era

                                                                                                                                1. 4

                                                                                                                                  There are a bunch of known public Colab notebooks but one is very popular. It’s fast but has this recognizable “brush stroke” indeed. Some GAN jockeys are tweaking the network itself though, and they easily get very different strokes at decent speeds. You don’t even need to know neural network math to tweak, just the will to dive in it. Break stuff, get a feel for what you like. If this is to become a staple artist’s tool it’ll have to be like that, more than just feeding queries.

                                                                                                                                2. 3

                                                                                                                                  These are cool. The “Old gods” one especially… if that was hung in your house and you told me you’d purchased it from an artist I wouldn’t blink. When you make them, are you specifying and tweaking the style, and then generating a bunch, and then hand-picking the one you like?

                                                                                                                                  1. 3

                                                                                                                                    Starting out I was just plugging intrusive thoughts into colab to see what I’d get. If it didn’t produce something interesting (not many do) I’d try another prompt. Recently I spent a lot of time writing a “pipeliner” program so I can try the same prompt on many different configs at once. I got the MVP working on Monday, but I’m putting it aside a while so I can focus on scaling (it only works on one GPU, so can’t make anything bigger than 45k square pixels or so)

                                                                                                                                    1. 1

                                                                                                                                      Are you saying you’ve managed to get this to run locally? All the guides I’ve found are simply how to operate a Colab instance.

                                                                                                                                      1. 2

                                                                                                                                        I got it running locally, but I don’t have a GPU so upload it to an EC2 instance. I recently found that SageMaker makes this way easier and less burdensome, though.

                                                                                                                                    2. 1

                                                                                                                                      I printed the old gods to canvas and it came out pretty good.

                                                                                                                                      1. 1

                                                                                                                                        Nice. Do you have pic?

                                                                                                                                    3. 1

                                                                                                                                      There are neural nets intended specifically for upscaling images. Pairing one of these with VQGAN image generation (which is pretty low res) might let you make larger scale art without a huge unaffordable GPU.

                                                                                                                                    1. 2

                                                                                                                                      Not just these two, but all methods. Why in the world can I not <form method="buy"> after all these years is baffling. This is a huge contributing factor to people giving up on HTTP, when browsers refuse to implement it sensibly.

                                                                                                                                      1. 3

                                                                                                                                        Assuming you mean adding custom methods to HTTP, how would a browser know which of these methods are idempotent?

                                                                                                                                        I don’t think the lack of custom methods harms HTTPs usage personally, though this may be because I’ve internalized a record-cetric way of modelling. I would probably implement that as a POST /products/123/purchases, or maybe PUT /products/123/purchases/<transaction_id>

                                                                                                                                        1. 4

                                                                                                                                          No custom method is idempotent, basically. That’s the only safe way

                                                                                                                                          1. 1

                                                                                                                                            Provide an attribute on the form which tells the browser if the request is idemptotent.

                                                                                                                                            A POST can be idempotent too, but the browser assumes it is not.

                                                                                                                                          2. 3

                                                                                                                                            This feature would contradict the basic design principles of HTTP. The spec has this to say on the HTTP verbs:

                                                                                                                                            HTTP was originally designed to be usable as an interface to distributed object systems…

                                                                                                                                            Unlike distributed objects, the standardized request methods in HTTP are not resource-specific, since uniform interfaces provide for better visibility and reuse in network-based systems [REST]. Once defined, a standardized method ought to have the same semantics when applied to any resource, though each resource determines for itself whether those semantics are implemented or allowed.

                                                                                                                                            Fielding also addresses this point:

                                                                                                                                            The central feature that distinguishes the REST architectural style from other network-based styles is its emphasis on a uniform interface between components (Figure 5-6). By applying the software engineering principle of generality to the component interface, the overall system architecture is simplified and the visibility of interactions is improved. Implementations are decoupled from the services they provide, which encourages independent evolvability. The trade-off, though, is that a uniform interface degrades efficiency, since information is transferred in a standardized form rather than one which is specific to an application’s needs.

                                                                                                                                            That is, the basic idea is that every application has resources, identified by URIs, that you interact with via this tiny set of very general verbs. The specifics of your application are not defined by adding custom verbs, but by custom media types. This article walks through a simple example of doing this.

                                                                                                                                            A whole world-view is implied here: The world is made up of resources, each with a canonical location. You can view them, create them, update them, and delete them. Want to log in? Wrong. You are actually creating a new session resource. Want a refund on your purchase? Create a new refund request resource. It is a noun-centric world view.

                                                                                                                                            The merits of this design are debatable, of course, but understanding the intention will at least make things less confusing, and you don’t have to wonder why this feature hasn’t been implemented yet.

                                                                                                                                            1. 1

                                                                                                                                              The noun-centric worldview is precisely why GET and POST are insufficient. There are things you can do with a resource besides get it or create it.

                                                                                                                                              1. 2

                                                                                                                                                This is still verb-think :)

                                                                                                                                                As another poster mentioned: In your example, you don’t buy something – you create a new purchase resource (or order, or whatever). Yes, this is unnatural. It clearly doesn’t click for most people. Probably it was not the best design. Still, it is absolutely fundamental to the principles of REST and HTTP, and I think it’s easier to just embrace it. I don’t think it’s going anywhere.

                                                                                                                                          1. 1

                                                                                                                                            Because those methods are for astronaut architects, and the only two methods you should ever use in reality are GET and POST. If you’re using Rails and it comes with PUT and DELETE specified, okay, I guess don’t go out of your way to redefine them, but the other verbs are pointless. There are many ways of communicating something to an HTTP server:

                                                                                                                                            • the URL path
                                                                                                                                            • query parameters
                                                                                                                                            • headers
                                                                                                                                            • the request body (for post)

                                                                                                                                            You don’t need yet a fifth way of communicating random bits of information. Use GET if it’s idempotent. Use POST if it is not idempotent. That’s a well defined semantic. DELETE in most cases should mean “set the is-hidden flag to true” anyway, which is a POST. PUT means even less than DELETE.

                                                                                                                                            1. 2

                                                                                                                                              A POST can often be idempotent. A PUT should almost never be idempotent. This is a useful distinction in many cases and especially so when there is middleware involved. There are an unknown number of firewalls and other services between your browser and your client. They make decisions based on the semantic meanings of these methods and pretending they aren’t there will lead to odd bugs eventually that are difficult to track down.

                                                                                                                                              1. 2

                                                                                                                                                An operation being potentially mutative, rather than idempotent, is perhaps a more appropriate consideration here. Mutative operations can still be idempotent of course, something like

                                                                                                                                                func (a *Account) SetBalance(target int) {
                                                                                                                                                  a.currentBalance = target
                                                                                                                                                }
                                                                                                                                                

                                                                                                                                                GET requests should not be mutative under any circumstances, while POSTs are (although they can be implemented idempotently)

                                                                                                                                                1. 1

                                                                                                                                                  What middleware is going to replay a POST request? POST response, maybe, but a request?

                                                                                                                                                  1. 1

                                                                                                                                                    It’s the reverse:

                                                                                                                                                    A POST can often be idempotent.

                                                                                                                                                    https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/POST

                                                                                                                                                    A PUT should almost never be idempotent.

                                                                                                                                                    https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PUT

                                                                                                                                                    1. 1

                                                                                                                                                      You are correct. I transposed them in my head apparently. The larger point still stands though.

                                                                                                                                                  2. 1

                                                                                                                                                    Because those methods are for astronaut architects

                                                                                                                                                    Most major APIs (eg, github, etc) use PUT and DELETE. I’m not against criticisms of the whole paradigm, but these distinctions in practice are completely standard in the industry and not the special domain of “astronaut architects”.

                                                                                                                                                  1. 7

                                                                                                                                                    The actual rejection comment of Hickson has a good point about DELETE: you usually don’t want a body.

                                                                                                                                                    But for PUT? Nothing except that “you wouldn’t want to PUT a form payload.” that’s a quote weak argument.

                                                                                                                                                    1. 10

                                                                                                                                                      It’s no problem to make a form that sends no body though…

                                                                                                                                                      1. 6

                                                                                                                                                        The spec says delete MAY have body. And practically speaking, you’d always want a csrf token anyway. I didn’t understand the PUT argument at all – not that it was weak, I simply didn’t understand what he was arguing – and posted another question in this thread about it.

                                                                                                                                                        1. 3

                                                                                                                                                          How is that a “good point”?

                                                                                                                                                          1. 1

                                                                                                                                                            I wanted to be somewhat generous as in if you write an API, many delete requests don’t have bodies.

                                                                                                                                                            But the sibling comment about the CSRF token is a good one.

                                                                                                                                                        1. 3

                                                                                                                                                          The bug was eventually closed as Won’t Fix by Ian Hickson, with the following rationale (href):

                                                                                                                                                          PUT as a form method makes no sense, you wouldn’t want to PUT a form payload. DELETE only makes sense if there is no payload, so it doesn’t make much sense with forms either.

                                                                                                                                                          Can someone explain his argument? I looked up the original email thread and there was no more context. Why wouldn’t you want to PUT a form payload but POSTing one is ok? Additionally, why is this situation different from PUTing a JSON payload to an API endpoint? Afaict the only different is the representation – application/x-www-form-urlencoded vs application/json. What am I missing?