-
Haha this reminds me of a code I have encountered at my first (full time) job. It was 3 star indeed, with function pointers. It was supposed to be unit test (in C), but this style was needed for code reuse because tests are repetative, you know :)
We ended up throwing out the complete garbage and rewriting the tests from scratch. Old times… :)
-
I don’t buy it because the real protocol is what you read and write from the file, not that you can read and write files. And if the “file” is a directory, what do the filenames you read and write from/to it mean?
So is there really any difference between
open(read("/net/clone"))andnet_clone();? The author seems to say the former is more loosely coupled than the latter because the only methods are open and read on the noun that is the file…. but really, you are stating exactly the same thing as the “verb” approach (if anything, I’d argue it is more loosely typed than loosely coupled). If a new version wants to add a new operation, what’s the difference between making it a new file that returns some random data you must write code to interpret, and a new method that returns some data you must write code to use?-
So is there really any difference between open(read(”/net/clone”)) and net_clone();
Yes: The fact that you can write tools that know nothing about the /net protocol, and still do useful things. And the fact that these files live a uniform, customizable namespace. You can use “/net/tcp/clone”, but you can also use “/net.home/tcp/clone”, which may very well be a completely different machine’s network stack. You can bind your own virtual network stack over /net, and have your tests run against it without sending any real network traffic. Or you can write your own network stack that handles roaming and reconnecting transparently, mount it over /net, and leave your programs none the wiser. This can be done without any special support in the kernel, because it’s all just files behind a file server.
The difference is that there are a huge number of tools you can write that do useful things with /net/clone that know nothing about what gets written to the
/net/tcp/*files. And tools that weren’t intended to manipulate /net can still be used with it.The way that rcpu (essentially, the Plan 9 equivalent of VNC/remote desktop/ssh) works is built around this. It is implemented as a 90 line shell script It exports devices from your local machine, mounts them remotely, juggles around the namespace a bit, and suddenly, all the programs that do speak the devdraw protocol are drawing to your local screen instead of the remote machine’s devices.
-
You argue better than I can, but I’ll add that the shell is a human interactive environment, C api’s are not. Having a layer that is human interactive is neat for debugging and system inspection. Though this is a somewhat weaker argument once you get python binding or some equivalent.
-
I was reminded of this equivalent.
-
-
But in OOP you can provide a “FileReader” or “DataProvider”, or just a FilePath that abstracts either where the file is or what you are reading from too. The simplest would be the net_clone function above just taking a char* file_path, but in an OOP language the char* or how we read from whatever the char* is can be abstracted too.
-
Yes, but how do you swap it out from outside your code? The file system interface allows you to effectively do (to use some OOP jargon) dependency injection from outside of your program, without teaching any of your tools about what you’re injecting or how you need to wire it up. It’s all just names in a namespace.
-
without teaching any of your tools about what you’re injecting or how you need to wire it up
LD_PRELOAD, JVM ClassPath…
-
-
-
-
-
I don’t buy it because the real protocol is what you read and write from the file, not that you can read and write files
Yes - but the read()/write() layer allows you to do useful things without understanding that higher-level protocol.
It’s a similar situation to text-versus-binary file formats. Take some golang code for example. A file ‘foo.go’ has meaning at different levels of abstraction:
- golang code requiring 1.10 compiler or higher (uses shifted index expression https://golang.org/doc/go1.10#language)
- golang code
- utf-8 encoded file
- file
You can interact with ‘foo.go’ at any of these levels of abstraction. To compile it, you need to understand (1). To syntax-highlight it you only need (2). To do unicode-aware search and replace, you need only (3). To count the bytes, or move/delete/rename the file you only need (4).
The simpler interfaces don’t allow you to do all the things that the richer interfaces do, but having them there is really useful. A user doesn’t need to learn a new tool to rename the file, for example.
If you compare that to an IDE, it could perhaps store all the code in a database and expose operations on the code as high-level operations in the UI. This would allow various clever optimisations (e.g. all caller/callee relationships could be maintained and refactoring could be enhanced).
However, if the IDE developer failed to support regular expressions in the search and replace, you’re sunk. And if the IDE developer didn’t like command line tools, you’re sunk.
(Edit: this isn’t just one example. Similar affordances exist elsewhere. Text-based internet protocols can be debugged with ‘nc’ or ‘telnet’ in a pinch. HTTP proxies can assume that GET is idempotent and various cacheing headers have their standard meanings, without understanding your JSON or XML payload at all.)
-
-
I remember in college a classmate was a big openSUSE advocate, so I worked in that system for a while. Felt very different from the Ubuntu world, and I almost never hear of them in general chatter. Good to see they’re still moving forward well
-
I’ve used openSUSE extensively and think it’s an excellent distribution. It’s also one of the few high quality distributions that still has KDE as a first class citizen rather than an afterthought, with significant testing going into the KDE workspace.
In the past, software.opensuse.org combined with their one-click-install tool in YaST makes it easy to get modern or uncommon software installed.
I think one of the reasons openSUSE doesn’t get featured a lot is because they are the smaller player in the enterprise field (compared to Red Hat) and are eclipsed by Ubuntu in the hobbyist / personal use space.
-
I have it good authority from a consultancy gig that it’s big in Germany, especially in enterprise.
I was also told this is, at least in part, because of very long support times for old releases. Which is fine for enterprise, but can lead to interesting situations when upgrades would be in order.
-
-
I have used opensuse on a pet server for a while. Zypper package manager was very convinient in terms of insight into security updates necessary, reboots necessary upfront before the update. I changed to CentOS later on because the hosting only supported that, and it felt backwards. (I have been a longtime redhat/fedora user)
-
-
-
caleb
1 month ago
|
link
| on:
"Russian" hackers cause ProtonMail + Tutanota outages, tell users to "go back to gmail"
while you’re at it don’t use email at all, just use signal because PGP can’t protect you from security leaks in your mail client
-
And what protects you from security leaks in your signal app? Signal desktop recently had several CVE’s issued.
https://www.cvedetails.com/vulnerability-list/vendor_id-17912/year-2018/Signal.html
-
-
Just write your own mail client, or stick with mutt. ( I’m contemplating both. I have betrayed mutt, and I’m “homesick” now)
Also nobody is going to protect from security leaks in your Signal client, and than you have an OS underneath in both cases…
I think GPG and plain text email are OKish for most threats, just as well as any other alternatives.
-
-
Yes, or you can set up a paranoid firewall that way…
-
-
-
-
Too bad .net core is still so immature with regards to tooling. (also that some of the project I work on are stranded on .net core 1.1 because reasons)
-
kodfodrasz
edited
2 months ago
|
link
| on:
Office 365, Skype, MS Teams, and VS Code are all being rewritten in React Native
Pasting text with accents not in latin-2 (eg. őű) in web based Outlook now results in garbled text. This worked earlier. Not a big deal, only effects the 90% of the emails I write… Error reported, ofc. The desktop Outlook and the Android Outlook are also terrible. Way to go Microsoft! Drink the Kool-Aid! At least your products will be unified and will be terrible in the same way on every platform.
Meanwhile I’m not renewing my subscriptions and I’m looking for alternative providers who can handle such difficult tasks.
Edit: undo crappy autocorrect (cool Windows 10 feature, done badly…)
-
While I think a website like this would make sense in a few years, right now I think GDPR is complicated, confusing, and scary enough to a lot of companies that they are going to make mistakes. I’d rather help them do it better than mock them.
-
As one of the thousands of engineers who had to figure out how to shoehorn a six-month compliance project into a lean team’s packed roadmap, I concur. This wasn’t easy, not even at a company that respects user data to begin with. Lots of the jokes I’ve seen about GDPR right now just lessen my opinion of the teller.
-
-
Not from my point of view – who cares if companies just woke up to GDPR two weeks ago, if I don’t use them for data processing? None of my actual pain came from that. But I definitely spent a lot of time working on GDPR when I’d rather have been building product, other deadlines slipped, things moved from To-Do to Backlog to Icebox because of this. We’re ready for GDPR, but that stung.
-
-
-
I did our GDPR planning and work, and I’m so glad to see it in effect. The industry is finally gaining some standards. Sometimes it’s time to own-up that you care more about your own bottom-line than doing the right thing, if you complain about having to give up a “rather have been building product” attitude.
-
-
Well, if people like you (who didn’t even do the work) get to complain, then so do I!
I actually did do the work. But either way, complaining about it being a pain overall is just fine, because it is. On the other hand, explicitly complaining that because you had to do it in 6 months you had issues fitting it in, had other deadlines slip, and had to essentially kill other to-do’s is a very different thing. If you’d used the extra 18 months, I bet you’d have had much less issues with other deadlines.
If someone tells me they’re gonna punch me in the face, then they punch me in the face, I still got punched in the face.
This analogy doesn’t even make sense in context…
-
-
-
-
-
-
-
-
-
They were not conservative in tracking users, and spending for tracking and spying on users was not expensive?
As a user I don’t care about the woes of companies. They forced the lawmakers to create these laws, as they were operating a surveilance capitalism. They deserve the pain, the costs, and the fear.
-
and spending for tracking and spying on users was not expensive?
Tracking users is very cheap, that’s why everyone can and does do it. It’s just bits.
As a user I don’t care about the woes of companies.
Feel free not to use them, then. What I am saying is that GDPR is a new, large and expansive, law with a lot of unknowns. Even the regulators don’t really know what the ramifications will be. I’m not saying to let companies not adhere to the law, I’m just saying on the first day the world would probably benefit more from helping the companies comply rather than mocking them.
EDIT:
To be specific, I think companies like FB, Google, Amazon, etc should be expected to entirely comply with the law on day one. It’s smaller companies that are living on thinner margins that can’t necessarily afford the legal help those can that I’d want to support rather than mock.
-
-
-
-
-
-
Made some progress on my rss feed news analyzer. It has a name now: Praegustator, as it will pre-taste news for me.
It saves content is encounters, as the NLP part is mostly non-existent yet (there is language detection and language based stemming and basic text feature extraction, but very basic.), as the pipeline will need to be run lots of times from the start, so the saved content will be reprocessed as the NLP pipeline evolves. The persistence part is OK, and after having ran it for a few weeks the amount of data was more than anticipated. I have tested some compression algorithms, and finally decided to use brotli to store the corpus. Migrated the collected data, and tested it a bit.
I have set up CI in GitLab (pretty neat experience overall), as their free plan is more than enough for me, and will move away from BitBucket as they are slow, and expensive.
Overall the foundations are in place, I need a deployment solution, and then I can start working on the training part, and do the really boring stuff (well, CI was also not so much fun, as It was too similar to work). There are already 1000 items to categorize. Probably will need to write a simple app for it to quickly grind through it.
So mostly basic stuff yet, and the boring stuff I also do at work, but one must get through this to get eventually to the dessert. :)
-
I don’t really like .NET Core because of the utter mess it’s made out of compatibility and the CADT rewriting of tooling for .NET, but this is good news for anyone maintaining legacy desktop stuff.
-
Dotnet tooling was in such a poor 90s enterprise app state that it desperately needed a facelift. At least the really WTF parts (yeoman, dnf) were quickly refined into more sensible (project.json) solutions, and it is generally getting better (but the csproj format sometimes suggests that they are still holding XML wrong)
I want the remote (and local cli based) debugging to get better, as it is a bad joke currently.
My scenarios: VS -> ssh -> remote linux -> docker -> dotnet app VS -> ??? -> docker for windows -> dotnet app
With VS Code something is possible, but with VS I could not find any useful and working setup/docs. The docs are Hello World setups and for an existing complex real world usecase neither worked. There is no clean and technical description about the working of the tools, supported protocols, what is possible with what, ‘cause it’s open source now, so just find it out yourself! (At least now it is partially possible)
-
-
No, I was just trying to sum up the history of the tooling, and emphasize that it was always an improvement at each step. The msbuild they “went back to” is a step forward rather, in my opinion.
At least they dared to try new things, and I see it as it has revitalized the community.
-
I’m not sure about this - I see this a problem for the ecosystem by needless compatibility breaks and constantly shifting best practices that you’re never sure what’s current or not.
If revitalization means shifting it to something like the Node community in behaviour and attitudes, then I’m not sure if I want to participate in that.
-
I can sincerely feel your frustration about this, as I’ve also had some terrible weeks upgrading .Net Core versions on larger applications, but I believe these steps are better if done sooner than later, and the Desktop Framework has much luggage from the Enterprise Application Toolkit hell of the 1990s left over, which better gets left behind.
I think (rather hope) that the situation will stabilize now, as the node/npm hipster stuff was already tried, and mostly abandoned, and the existing stuff got facelifted (MSBuild), and this will be the trend overall the framework.
What I really don’t like is the mess C# is becoming (I despise async keyword and the inconsistencies it has brought), with the half-assed solutions, and the failed promise of Roslyn (which was anybody will be able to write language extensions, yet we can only write code parsers and generators. I cry out for Lombok)
I also find the tooling lacking compared to Java. I especially miss simple and reliable, working remote debugging (without having to install extra stuff on target), a JMX equivalent.
-
-
-
-
-
-
I’m sad after reading these comments.
I understand and respect his decision, and these comments themselves are the very evidence why he is right. How about having OpenSource simply about openness and source? Why do politics and ideologies have to always appear?
Maybe a new manifesto is needed, much like the Agile manifesto:
- Individuals and interactions over group identities and categories of people
- Working software over ideologies and codes of conduct
- Respecting each other regardless anything
-
-
Perhaps the point is that some people would like a safe space for focusing on technical matters rather than every single open source and free software community getting politically co-opted into a culture war.
Wanting a community focused on technical work and otherwise treating people equitably isn’t “apolitical”, you’re right, but that doesn’t make it invalid.
I choose to focus on helping people who came from a similarly disadvantaged background as myself but that’s something I do on my own time and money. I don’t impose it on the software communities I participate in.
I think we need the diversity of participants in free software represented in the communities and organizations. Were that the case, I think I would see more diversity in organizational structures, conduct standards, explicit goals, etc. What I perceive is a corporate-funded monoculture that is getting a bit creepy in the demands placed on others that don’t want to participate.
I’m also starting to notice a social intelligence / neurotypical punching-down in these threads where someone who is less adept at adopting the politically convenient argot of the day gets excoriated for trying to express their discomfort in their own words. It makes me deeply uncomfortable how the members of this community conduct themselves in these threads.
Some of my favorite communities are very engaged with the issues of access in ways that are in keeping with the zeitgeist (e.g. Rust) and do great work in part because of that. Some of my other favorite communities have a different emphasis or approach. I’d like them to co-exist peaceably and for people to do what they are most passionate about, whatever form that takes.
-
You may be right. But what I wanted to express is: I have my ideologies, just like anybody else does, but I believe that open source should only have one ideology, which is about software, collaboration, and not people, or other ideologies. For my taste even the GNU project is too political in many aspects, but on the other hand they have some great pieces of software and those are often governed and built in a great atmosphere. (I can recall a single notable “scandal” that reached me, but the community was generally welcoming, as it is for most software projects.)
Edit: Or to rephrase it even more: ideology is a system of thought covering most aspects of (human) life. I beleive everyone has a personal world view, that is closer to some pre-canned ideology than to others. Yet software projects should have ideologies of software lifecycle, not of human lifecycle, and those can be very well separated, as my personal life and life at my work can also be separated.
The etiquette of the global human civilization should be enough to cover the human-human interaction part of the collaboration, as it is for professional interaction in my experience with colleagues from all over the world. We share our vision about software, quality, and work together, while we may disagree on plenty of things, which have no place in the discussion about a software project.
-
-
-
I’m genuinely sorry about that. :(
Unfortunately, some topics always bring out discussion that highlights the leaky abstraction of other lobsters as purely technical beings.
It’s the strongest argument against certain forms of content here.
-
One of the goals of open source movements is bringing in new people. I don’t think that’s a particularly contentious goal.
Outreachy is one organization that embodies particular ideas about how best to do that. It’s true those ideas are politically charged, but they’re in service of a goal that is agreed upon. So you can’t effectively pursue the goal of getting new people into open source without taking some kind of stance on the political questions.
Some political questions (what is the optimal US tax policy) are more or less irrelevant to open source. But others are so pervasive that they can’t be ignored, except by creating a tacit consensus. Even the idea that we should respect each other creates conflicts where people have sufficiently different ideas about what respect means.
-
These goals promote the production of “high quality programs” as well as “working cooperatively with other similarly minded people” to improve open-source technology.
source: https://en.wikipedia.org/wiki/Open-source_software_movement
Bringing a specific political agenda to an open source project violates the similarly minded people, or can have the effect of pushing away differently minded people. This is not what respect means in my opinion. I have worked a lot wit differently minded people, and we got along, as we were focusing on the goals. The goals were creating software, not changing society or a community. This moving goalposts is what is bad for OpenSource in my opinion.
-
“Apolitical” open source has turned out to be overwhelmingly white and male - significantly more than even the broader software industry. Reference.
I don’t think there’s any evidence that this demographic skew is deliberate. However once a group is dominated by a certain demographic then it’s easy for people to get the message that this is “not for them”, even if noone says this (and especially if some “bad apples” do).
I believe that there’s nothing about being white and male that makes the best possible open source software developers, so this demographic skew is a bug not a feature. I believe that the best possible open source community is the one with the biggest group of committed (to creating open source) people involved.
With this in mind, what can be done to encourage more diversity and bring more people in? There’s no evidence that the status quo (“focus on tech”, etc) will change by itself.
pushing away differently minded people
The only people the LLVM CoC will push out is people who repeatedly violate it (and by doing so that person is pushing out other people). Outreachy is bringing people in, it doesn’t push anyone out.
Someone decided to leave because aspects of the project no longer meshed with their political world view. You see this as “pushed out”, but I don’t really see who is pushing them here (unless there are some CoC violations we don’t know about or something, but AFAIK there aren’t).
-
-
-
-
As an American, I was really confused by the date of this article. I kept thinking to myself, “Wow, this post is from January and it just now made it to lobste.rs?” Then I clicked on the News homepage to see what other news they had, and promptly realized they’re using the European format (01.05.2018) on the article, but a less ambiguous format (May 01, 2018) for the News homepage.
-
-
YYYY-MM-DD is the one true international date format! :-)
DMY is definitely more widespread than MDY, I’ll agree, but it isn’t used in most of East Asia, besides the US. People in countries that don’t use either of those often find it ambiguous whether a year-last date was intended as a “European-style” or “American-style” date (which in my limited experience is what Japanese and Chinese call those two formats), since both styles are foreign. You can even find examples of all three styles on Chinese universities’ English-language pages…
-
Going by
user population size, by international standards, and by rationality (sort lexicographically!), YYYY-MM-DD is probably the only format that deserves to be called international. It’s also much less ambiguous than month-first and date-first, given that the US and Europe do the opposite thing but write it the same way. I suppose someone could write YYYY-DD-MM but I don’t remember having seen this, while I definitely am confused about whether someone is writing in the European/US style from time to time.This is as an American, born and raised. :) I still prefer to write MM/DD, though, because we speak dates that way. Maybe it’s different in other languages.
EDIT: Actually, according to Wikipedia, DMY is used by the most people! https://en.m.wikipedia.org/wiki/Date_format_by_country
-
Other than ISO 8601, I prefer DMY with the month written as a three-letter abbreviation. ex: 01 May 2018. It prevents the confusion over whether 01 is the first day of the month or the first month of the year, and reads in the order one typically cares about while preserving the rank order of the components. When I need a checksum I put the day of the week in front: Tue 01 May 2018. That lets me be confident I didn’t make a transcription error and lets the person I’m communicating with check my work if they need to.
-
-
MDY and DMY are equally unambiguous when the month is written as an abbreviation, but a numeric month papers over language differences: It doesn’t matter if you call it “Aug” or “八月”, it’s 8.
(That requires everyone to standardize on the Hindu-Arabic numerals, but, in practice, that seems like it’s happened, even in places which don’t use the Latin alphabet.)
-
-
In Hungary, though we are in Europe, we don’t use the “European format”. The hungarian standard format is “YYYY. MM. DD.”. I prefer the ISO format for anything international, as it is easy to recognize from the dashes, and avoids confusion. (In my heart I know that our format is the one true format, but I’m happy the ISO has also recognized it! 😉)
Edit: To me the D M Y format can be justified, though for me Y M D seems more logical. (specifying a time instance from the specific to the generic, or from the generic to the specific range can both be ok) What I cannot grasp is how the M D Y format appeared.
-
What I cannot grasp is how the M D Y format appeared.
The tentative progression I pieced together last time I looked into it, though note that this is definitely not scientific grade historical research, is something like this:
-
When talking about a date without the year, English has for centuries used both “May 1st” and “1st May” (or “1st of May”), unlike some languages where one or the other order strongly predominates. Nowadays there’s a strong UK/US split on that one, but in 18th-19th century England they were both common;
-
it seems to have been common for authors to form a fully qualified date by just tacking on the year to however they normally wrote the month/day, so some wrote “May 5th, 1855” and others “5th May, 1855”;
-
fairly early on, the “May 5th” and “May 5th, 1755” forms seem to have become dominant in the US for whatever reason; and finally
-
much later, when writing dates in fully numerical format became a thing, Americans kept the same MDY order that they had gotten used to for the written-out dates.
-
-
-
-
-
-
As an Australian, I get pretty annoyed every time I read a US article and have to deal with the mental switch. Even worse because I work for a US company and people throw around “we’re doing this 6/5”, and that doesn’t even look like a date to my eyes — we never just do D/M, so “number/number” looks like a fraction. once I work out it’s a date, I realise it’s an American thing and realise it must be M/D.
-
-
-
-
-
I second Dapper. I have good experience with it, but testing it will give you a hard time when you wish to test it.
In my pet project when I got to the point that persistence is needed I thought I’ll give Dapper a second chance (later about its first chance), when I had enough of the pain of setting up migrations. Instead I went with Evolve DB migrations from Netlify, and Dapper. As I use SQLite setting up test with the in memory DB didn’t hurt that much, and I’m pretty content with Dapper at the moment.
Earlier I have already tried Dapper at work, and we faced strange issues, as we also used Dommel to automatically build (most of the) queries. As it turned out Dommel was not thread-safe in some parts and it caused strange problems in some cases. I also don’t recommend using Dommel.Extensions/Rainbow or other pseudo-ORM-s. They have the some of the features of EF, without proper docs, support, vivid community, etc. (eg. caching, lazyness, change tracking, all the stuff that can bite you if you don’t know the details well, and EF has more answers for these questions than these).
I think that If you want to use pure SQL, use Dapper. If you need an ORM, than EF is the way to go on .Net.
-
kodfodrasz
edited
4 months ago
|
link
| on:
Switched from Jekyll to a shell script (rsync + lowdown + entr + httpd)
I use Hugo, and I’m surprised how content I’m with it. I switched from a Jekyll clone, and despite its quirks (mostly originating from its Go ancestry) it is pretty usable and also pretty fast.
What really interest me is why would I not use S3 and Cloudfront? Not that my blog written in a language spoken by a tiny population could possibly get overwhelmed with traffic, but my monthly fees are below 1$, and the site could handle practically unlimited load, should it face it. Also no hassle with hosting, security upgrades, SSL certificates. I have hosted it on a simple DO instance, and it was totally OK, yet AWS is superior in every possible respect for serving purely static pages.
Instead of rsync the aws cli can be used to sync the bucket, it is incremental, and also pretty fast.
-
I think it would be simple to use this tool in conjunction with S3/Cloudfront. I use Jekyll to build a local version of my site and then s3_website to push it to AWS. I like that the tool I use for building the site doesn’t tie me to a particular hosting strategy. (AFAICT the linked script only uses rsync to build the site locally in a target directory, not to deploy it to some remote host.)
-
Sure it would be simple, it is just as simple as using rsync, I’m curious why would anybody run httpd and self-host given the drawbacks. Maybe I have a different usecase in mind, and that doesn’t let me see, or simply a matter of different preferences…
-
-
Thank you for your comments.
Yes, rsync(1) is just to copy source files (html, css, md, etc) to ssg working directory. Yes, I use httpd(8) in debug mode (not like a daemon) locally, just for previewing. Why
httpd -d? It’s already installed on OpenBSD by default. On macOS you can usepython -m SimpleHTTPServerfor the same purpose.-
I ran into problems with SimpleHTTPServer because it has no concurrency: a single client can block everything. You can work around this with the threading mixin, something like: https://kdecherf.com/blog/2012/07/29/multithreaded-python-simple-http-server/
-
-
-
-
Even if you have only http facing the public internet you need to track the security reports. I found having to track CVEs for the few services I had on my machine too burdensome. Also you may need TLS, which also has its overhead, and hosting costs more than on S3 imho. If you need the machine for other purposes that may make the equation a bit different though.
-
-
Oh, it totally fell out of my sight. My bad.
I abandoned the pet server approach to have more of my limitd freetime devoted to my blog, creating content, as I already did enough ops at work.
-
-
-
-
-
-
+1 to Hugo, I’d say “pretty fast” is underselling how ridiculously fast it is (at least compared to other popular static site generators).
Re: why not S3+Cloudfront?
I started with this a while ago. The problem is you end up using something like Route53 to get your custom domain and TLS, which ultimately ends up costing you $2-3/mo per domain altogether, which adds up pretty quickly when you have a bunch of domains. Not to mention the ordeal of managing AWS and their massive dashboards and weird config syntax.
These days I use Github pages + Cloudflare for DNS/TLS in their free tier. If I were up for migrating again, I’d consider using Netlify which is great by all accounts and supports some basic dynamic forms that are handy for static sites (contact form, etc).
-
I agree that Route53 costs can add up, but if your DNS provider can serve “APEX entries” you can get away without that, if I recall correctly (or maybe you can use Cloudfare then?). My single domain site takes <1€/mo, (Route53 + S3 + Cloudfront).
Regarding Netlify: recently I have seen some useful/impressive tools they have open-sourced, so I’d also consider their services.
-
-
-
Some of the ‘alternatives’ are a bit more iffy than others. For any service that you don’t have the source to or can’t self-host (telegram, protonmail, duckduckgo, mega, macOS, siri to name a few), you’re essentially trusting them to uphold their privacy policy and to respect your data (now, but also hopefully in the future).
And in some cases it seems to me that it’s little more than fancy marketing capitalizing on privacy-conscious users.
-
-
To be fair, they at least had the following going for them:
- no need to use a phone client, as compared to WhatsApp which deletes your account if you access it with an unofficial client. You can just buy a pay-as-you-go SIM card and receive your PIN with a normal cell-phone
- they had an option for e2e encrypted chats, with self deleting messages (there was this whole fuss with the creator offering a million dollars (?) if anyone could find a loophole)
- their clients were open source, and anyone could implement their API
Maybe there was more, but these were the arguments I could think of on the spot. I agree that it isn’t enough, but it’s not like their claim was unsubstantiated. It just so happened that other services started adopting some of Telegrams features, making them loose their edge over the competition.
-
Also the client UX is pretty solid imho. Bells and whistles are not too intrusive, and stuff works as you’d expect.
Regarding its security: It is discussed in the FAQ what security models they offer in which chat mode.
-
https://github.com/nikitavoloboev/privacy-respecting/commit/3dfb4baf3d5fc9a90dd82c9fc41f898e0a04802e
Bit more accurate now, I hope?
-
-
-
-
-
I was checking email SaaS providers last weekend as the privacy policy changes at current provider urge me not to renew my subscription when it ends. I have found mostly the same offers, and to be honest neither seemed convincing to me.
For example the Tutanota offer seemed questionable: They keep me so secured that the email account can only be accessed by their email client, no free/open protocol is available. Only their mail client can be used, they use proprietary encryption scheme for my own benefit… OK, it is open sourced, but come on… I cannot export my data in a meaningful way to change providers. So what kind of encryption scheme is it? It is RSA-2048+AES, not using GPG/PGP “standards”, and is hosted in Germany, pretty much a surveillance state… This makes their claims questionable at least.
-
-
I’m not sure if “Gmail alternative” is implying anything other than “service to send and receive email”. If that’s all, I’ve been using https://www.mailgun.com/ to send emails to myself whenever someone uses a small app I wrote to get into my building using their api. And I’ve had zero problems. They give 10k emails sent/received a month.
-
I’ve used mailgun on a bunch of WordPress installs, and have yet to be disappointed.
https://sendgrid.com/ is pretty nice, too.
-
+1 for sendgrid.
I have used sendgrid and it was OK for my relatively low volume traffic.
-
-
-
-
When I was developing Java I despised Maven with all the copy-pasta oriented project files, and I thought its process was overly complicated.
Now, when working on .Net Core projects I still have to manually edit, and copy paste build file fragments to the
.csprojfiles (this is greatly because of bugs in Visual Studio’s related features), but what I see is that Maven had some great features, which are missing from other build tools.I don’t know much about Gradle, but I suspect has roughly the same feature set as maven. What I really miss in other build tools is the Maven Bill Of Materials feature. When working with several projects made up of many shared components (libraries) this approach helps versioning and ensuring compatibility and interoperation so much, I could not appreciate when I was there.
-
Tarball of all the videos: https://timetoplatypus.com/static/das.tar.gz
-
This is literally how the guy makes a living, so, maybe don’t do that?
-
I took it down.
-
Very considerate of you! :)
-
Ya I didn’t intend to upset anyone, it was purely a convenience thing.
-
-
-
“First, everything is free all week”
He’s encouraging people to grab his videos by giving everything away for free. All he required was a login which may have monetary value later that timetoplaytypus’s share negates. It’s possible, though, he thinks they can only grab a small amount of videos with some portion of people paying for the rest after deal expires. That’s on top of new, recurring revenue from it on future videos. Maybe this hurts him on at least gap between what he though could be shared and what would be. In that case, he’d have made a gamble that may or may not pay off vs offering a limited number of videos with a clear prohibition on sharing them.
On ethical side focusing on results, I don’t think there’s a huge difference of someone here sharing his videos all at once in convenient form for free vs him saying grab as many as you want after you log in for free. Given freeloading users vs type and number that would pay him, I don’t think he’d have many losses in that scenario if any at all. The kind of people that would pay him would probably mostly still pay him. Hopefully, no effect.
-
He’s encouraging people to take a free look at his work and see if they think it would be worth for them to pay for more of it in the future. Shitty people that don’t care about anything else but themselves might interpret this offer as an invitation to take advantage of someone’s work, and even actively undermine this someone’s livelihood. I think these people are at least half of what is wrong with the word and they should all go live in a cave and never interact with anyone else ever again.
-
I hear you. It’s a sensible perspective. I prefer he keeps getting paid for doing good work, too. I also agree that this should be the norm instead of pervasive parasiting.
-
I think you see the situation a bit radically.
On one hand when someone publishes a free software and people use it for their benefit without any pay then they are shitty? When someone decides to publishing something for free, then the factor that some people may not pay for it must be calculated into that decision.
I believe that the ad-supported word is a bigger threat, as makes the feeling that stuff are for free a norm.
-
Neither of those examples apply. OP is publishing something for free for a LIMITED amount of time, with the very obvious intention of giving people a preview of his product. Free software and free content are very different propositions.
-
I still think that the possibility had to be factored into this offer, and it likely was. The style and language are still harsher than I think the situation justifies.
-
Fortunately, I don’t care what you think.
-
-
That is your right to do so.
-
-
-
-
-
-
-
let’s be real here. the first thing i thought of when i saw this was “can i write a script to download everything before the deadline” and im pretty sure 99% of people here thought something along that line.
given the target audience of his screencasts, you kinda have to expect this.
-
Everybody thinks stupid thoughts, but not everyone acts on it. And since we’re a big part of Gary’s target audience, wouldn’t it be nice, if it turns out he overestimated the amount of dicks among us? By the way, first thing in my head also was “Hmm, can I download it?”, but then I remember the guy has to eat.
-
The swearing you demonstrate in your comments is disturbing. I hope it will not become the norm in the comments section.
I believe you could also communicate your point very well without using words like “shitty people” and “dicks”.
-
-
-
-
I come to comment on this because I remembered this tweet he posted on the matter, a while ago: https://twitter.com/garybernhardt/status/870721629440983041
I’m glad it’s been taken down already, I think its just fair to the author’s work.
-
-
-
Any endpoint on my site that doesn’t exist returns HTTP 451
Edit: for example, https://timetoplatypus.com/abc
-
-
Nah, it’s just a mistake on my part. I’ll get around to fixing it…eventually
-
-
-
-
-
Malware is defined by its malicious intent, acting against the requirements of the computer user (wikipedia)
In my opinion the Chrome malware scanner is a malware itself.
-
Yes I agree, it might be a good idea to block it with whatever virus scanner you’re currently using and report it as spyware since it literally is spyware. My method stops it from being installed but it’s not a long term solution since they could merely install it somewhere else.
-
To be honest I have seen so much controversy about Antivirus software, that I think they pretty much defeat their purpose. (remote code execution, often in elevated context, non-sandboxed execution of untrusted code, etc)
I mostly use Windows as desktop environment, and it mostly suits my needs. I do not wish to pay for extra vulnurabilities and spyware, but the Windows 10 Defender cannot be completely disabled. When the JS analysis engine was found to execute untrusted JS code in SYSTEM context, and that it was actively exploited I added the Downloads folder to exclusion list, as that was a major threat vector.
I try to defend against these threats by browsing cautiously and trying to stick to trustworthy, signed software whenever possible, often compiled from source by myself. Does this protect me against every threat? Definitely not, but might be enough for “drive by” assaults. Does this protect me better than an AV suite? Who knows.
What I know: I have never had any problem with cryptolockers on Windows, while i know people who used AV suites, and still had problems. What I don’t know: is my machine currently infectd by something malicious.
I’m open to suggestions, but my tin-foil-hat period is over, as it had too much cost, and I am dubious if it had any benefits.
-
-
-
This concept isn’t new: I’ve even used a language before that did it. I’m drawing blanks on that but I think it was agent-oriented programming. Trying to remember anything else you might find interesting that’s similar. Coordination languages like Linda come to mind where they’re separate components moving typed objects into and out of some shared space.
Wait, the other things were called blackboard architectures. The agents were independent like actor or OOP models with communication happening in a shared blackboard that was pub-sub in style. Here’s an example. This style got a lot of effort in the 1980’s-1990’s with AI Winter killing it off. It came back a bit in agent-oriented programming for languages like Telescript where developers would build programs that could move from place to place to do computation locally on behalf of users for things like marketplaces. This paper describes a few models. Between proprietary licensing and implementation concerns, stuff like Telescript died off with the model turned into libraries or middleware for languages like Java (esp Java). Might be some good ideas in those old works for the folks trying to use actor models to solve everything.
Main problems I recall were way higher overhead and turning sequential problems into distributed ones that were harder to verify. I only used it for some toys I built studying AI. It was impractical at least back. Except for the bandwidth savings on dial-up of moving small agents to do data analysis.
-
Main problems I recall were way higher overhead and turning sequential problems into distributed ones that were harder to verify.
This can partly be true, but nowadays with microservices almost everything is distributed already, with the very problems you mention. (At least in my field I mostly see these, so take “everything” with a grain of salt). On the other hand multithreaded programs can be much like distributed systems (in some aspects at least) having similar dynamic properties and problems.
That is also true that this works best with pipeline like processing (where a unit of work is larger than the message-passing overhead), or broadcast like messaging (eg. application events published to UI anybody interested, eg. UI elements from multiple possible views in a multi-threaded GUI application, or mutiple parallel processings for same input, eg. video transcoding to different formats and resolutions, thumbnailing, etc.)
This patter is not a silver bullet, just like neither other is, but is worth to have in one’s toolkit.
-
“On the other hand multithreaded programs can be much like distributed systems”
What you say is true of microservices. Far as multithreaded, it’s long been understood how to do them safely with either formal modelling (eg SPIN model checker), safer concurrency models like Eiffel’s SCOOP, or static analyzers that can spot races. They’re just simpler than most distributed designs. This might not be advantageous if the distributed model is itself as easy to analyze. It agree it probably works best with pipelines that can absorb the overhead.
“This patter is not a silver bullet, just like neither other is, but is worth to have in one’s toolkit.”
Oh no. I was just telling you and other readers about the prior work in case you found it useful. Also, letting you know the gist of the pattern already has a name with a lot of R&D into it already.
-
-
Spec: https://www.w3.org/TR/activitypub/
ActivityPub strikes me as the invention of people who believe that the internet = HTTP, and who know about JSON but not RFC822.
Some of the example message bodies just look like JSON-ized SMTP headers, “inReplyTo” etc. It looks like it has a MIME-inspired “mediaType” attribute too, but does it allow only one media type per message?
Can someone who is more familiar with ActivityPub give me the sales pitch about why existing protocols don’t suffice?
RFC822 is ASCII only to begin with one of the biggest limitations of email related “standards”.
Some 6.5 billion people around the globe use non-ascii charecters, and old standards only have layers of hacks upon them to support their usecases to some extent.
Why not create new standards from the ground up for the current usecases? I’m not interested in ActivityPub curently, but I have some experience with email and related technologies, and it badly needs a redesign. It won’t happen as none of the parties capable to organise it is interested in it.
My uninformed guess is that with the slow decline of email, there are more & better JSON parsers than there are MIME or email parsers. I would have made the same choice, but my reason would have revolved around JSON’s ability to store structured data, for future flexibility.
HTTP Headers are the same format like MIME headers, browsers already have everything one would need for mail. Multipart documents (email attachments) are the same format like HTTP file uploads via form. There is a number of headers both share.
I think it comes down to tooling. Protocol A could be 10x as widely deployed as protocol B, but if protocol B has better libraries, I’ll give that more weight in my decision of which to use. I had to assemble a multipart MIME message for work a few weeks ago, and everything about the experience was inferior to “create a data structure and convert it to JSON”.
Coders are likely to pick the easiest path, if everything else is roughly equal.
No reason, really. It’s a marketing effort, mostly.
SMTP is forever tainted by spam. ISPs like to block ports, spam filters like to eat mail from new unknown servers, etc.
Giving a pitch for Webmention instead of ActivityPub: Webmention requires the sender to publish an html page that actually links to the target URL. You can be stricter and require a valid microformats2 reply/like/repost/bookmark. That already stops old school pingback spam. For stronger protection, there are clever schemes based on “this non-spam domain you linked to has linked to me”.