-
My personal favorite for this task is entr(1): http://entrproject.org/
-
-
-
My one qualm with entr is how it deals with new files. It should handle that itself, not require calling it in a loop.
-
-
A tool that is indispensible for me when working with long chains of patches in git is stgit[0]. It replaces
git rebase -ifor me when I want to make amends to a patch further up the chain. It is typically used for distributing patches via mailing lists, but treating branches as stacks you can push onto and pop from fits well with my mental model of git.
-
Truly inspiring. The question for me now is if we can apply this to the existing tools and libraries or if it will require an entirely new generation of JavaScript frontend frameworks.
-
-
Interesting techniques, though, like one of the commenters mentioned, I don’t see how this would work for applications (services) that change over time. And what about when the libraries (files) used also change? And, as another commenter mentioned, what if the application accessed a file that it hadn’t accessed during the “profiling”?
I can see some uses for ephemeral command-containers, i.e., containers that are used like shell commands (compilers and such).
-
-
I’ll continue to work on my PureScript toy project with Halogen. It’s definitely the most fun I’ve had with web development in a long time.
-
I’m using the last version, and I love it. There were a few issues early on, but they got patched. Wouldn’t trade it back for my old MacBook.
I’m sure they will get the fixes in and this laptop will be running Linux great out-of-box.
-
I’m sure they will get the fixes in and this laptop will be running Linux great out-of-box.
Are they likely to do that? As you say it would be great if I could just format with a 2016 Linux distro and everything just worked. I’m not a Linux compiling sort though, so I won’t be buying one at the moment.
-
-
-
Informative, but wow, that’s a lot of caveats for a “Linux” laptop.
-
Agreed. To me, though, the major difference between this and some of the efforts we saw from Dell and others five or ten years back (plus the “Linux on netbooks” debacle) is that the hardware support is being added to the kernel. Being pretty hopeful about this laptop, I was heartened to see that the fixes were all kernel commits, not weird binary blobs or some custom distro I end up locked into.
-
Ooph, indeed. I was hoping they’d have ironed out all the major issues before releasing the Linux edition. I really liked the previous Linux model, though, and will definitely get the new one, but I’d rather wait a month or two instead of spending the nights patching my kernel.
-
Yeah, I have the previous version: it’s very nice with great support. This looks even better. I think after a few months most of the big things should be ironed out, and I need to save some money right now anyway.
Anyone know how the large screen support is in Linux right now? I’m really happy to finally see some more pixels after a few years of that stalling out or even declining.
-
-
-
-
passy
3 years ago
|
link
| on:
Facebook sending 'nonposts' to its servers and storing unpublished thoughts
Companies like Facebook are data companies and it’s against their DNA to discard data, especially if it’s as valuable as this. I went to a Data Science meet-up last month where Facebook presented some of their work for type-ahead predictions and one of the signals is corrections user make in the search box, that means words they entered, than “backspaced” and replaced with the correct term. This is incredibly valuable data that improves the user experience for everyone and you can’t simply buy off-the-shelf.
-
Can’t we just all agree to use Org mode and be done with it?
-
-
-
-
much more expressive than Markdown
Not strictly more expressive, though. There is something that Org mode cannot express and Markdown can: code that begins or ends with whitespace. (And this has been an annoyance a few times in actual Org mode files I have written.)
In Org mode, you can’t write something like “
append ~ & vbCrLf~ to each line”. Markdown makes that possible – not with `, but with its reassuringly ever-present escape hatch of writing raw HTML. You can always write “append <code> & vbCrLf</code> to each line”.You could probably fix this locally by editing the setting
org-emphasis-regexp-components, but then your Org mode files won’t look the same on other people’s computers. -
-
-
-
-
-
n.b.: I have no idea if this actually works.
-
Or, coming at it from the other direction, you can use Evil to bring Vim keybindings to Emacs, while using the canonical org-mode plugin. Evil worked well for me when I used org-mode for three months – it’s a very complete emulation. Though compared to sticking with Vim, it requires you to start from scratch with your configuration.
(passy’s link is to Spacemacs, a bundle of Emacs plugins that includes Evil.)
-
This is what I do, but it is a bit of a hassle if you use emacs for things other than vanilla text editing. If you use other emacs packages, you often get either keybinding clashes or outright brokenness, especially when in normal mode. Lots of emacs packages are really not expecting vim-style keybindings, so you have to add workarounds to your local config to sort things out, either with a real fix, or by selectively disabling evil-mode with something like (evil-set-initial-state ‘offending-mode 'emacs).
With org-mode, for example, out of the box one of the more common keybindings, TAB to expand/collapse a heading, clashes with evil-mode.
-
-
-
-
-
-
-
-
Why would I want my
lstogit status?-
Perhaps because many of your filesystem directories are merely ephemeral staging areas for files whose true existence is in a loosely-connected web of Git repositories, eternally recording their history and backing them up around the globe, and so the actual most important thing to know about those files is whether they contain changes that might be accidentally lost.
-
Odd, it seems most commenters so far have never pretty formatted their own custom git aliases or added git status/branch to their shell prompt. And power tools like glances? Real users eschew even top and cat /proc directly! </sarcasm>
The block and hard link counts is great. More transparency into my files and filesystem is welcome!
-
-
I did not know that number was the hard link count (man doesn’t say, only info does, so much for rftm). Thank you!
-
-
-
I looked through the code; the git integration is completely optional. Everything git-related is guarded with a feature flag, so you can disable it at compile time if you don’t like it: https://github.com/ogham/exa/blob/master/src/dir.rs#L81
-
-
The paragraph in the edit precisely captures my sentiment:
I view Go as a huge wasted opportunity. How often does a new semi-successful language backed by a successful company appear? Google squandered it through something which looks very much like arrogance.
-
This is the part of the essay that made me laugh out loud. Why should Google care that anyone thinks they squandered an opportunity? It’s their time and resources and they are free to waste them however they like.
People who take issue with this seem to be implying that something terrible has happened because some people at Google didn’t agree with a particular definition of “good”. As if all those smart people wasting their energy on creating Go should be better directed creating something they don’t personally love but would be more pleasing to the writer.
The existence of one language does not harm or hinder any others, so I really do have to laugh when people shake their heads at the terrible waste.
-
-
seriously, who cares how much time has been spent wrapping libraries? If people don’t want to spend that time then they won’t. There’s a strange puritan streak about this train of thought: as if it’s everyone’s moral imperative not to spend their time on anything that isn’t on the approved list.
And languages do exist independently of one another, vacuums even. There are plenty of languages that have only a few adherents, languages that I wouldn’t touch with a barge pole. But good luck to them and all of you who spend your time with them. I salute your diversity.
-
TBH what I really care about is the job opportunities. There’s a pretty small number of companies willing to try new languages, and those that are are usually only willing to try one or two at a time (which is eminently sensible on all counts). If one of those very valuable job-with-a-cool-new-language slots goes to Go, that’s one that’s not available for a language I’d want to work in (Scala or, dare I dream, Idris?)
(I should probably start my own company with blackjack and hookers, I know, but I like that bit of stability that comes from working with ~50 other people).
-
{companies who would evaluate Go} \cap {companies who would evaluate Scala, let alone Idris} = {}I tried to structure that in English for about ten minutes and just couldn’t make it work. More espresso needed!
That’s not a value judgement on either set of languages, by the way.
-
-
Fascinating. I’ve never worked in a company in my career that would evaluate both Go and Idris.
Maybe working in big companies has colored my view too much, but I’m used to languages matching the company matching the developer: a company that makes conservative choices on languages isn’t going to be investigating a pure-functional language with dependent types, if for no other reason than the people that work there aren’t going to be comfortable with it. And a company willing to investigate Idris has already pulled in developers uninterested in a language like Go.
-
The kind of company that would try either is the kind of company that accepts suggestions from low-level developers (I don’t think either has the marketing clout to be imposed by management). Such places tend to have a reasonably broad spread of developers of different views. This may be my small-company experience but there tends to be quite a variety of different requirements/workloads for different components that attract different development styles, even within the same company,
-
-
-
-
-
-
-
-
-
-
Time and time again. You can’t deploy crypto in the browser[0]. Being from Switzerland certainly helps, because the US government can’t just come with a gag order forcing them to decrypt users' emails, but you still have to put your full trust into the provider to live up to their promise.
-
Their setup is less insane than most (at least they don’t have all the plaintext data on their server locally, and use unique per-user keys). Many issues remain, like the fact that most SMTP traffic is not end-to-end encrypted, so mail comes in and often goes out in plain text. So even if the transport protocol is probably encrypted (TLS), every mail server in the delivery chain can intercept or modify the data.
The point in the article you linked though, is not entirely applicable here. They’re not trying to replace TLS/SSL with JavaScript client-side encryption. They’re just trying to encrypt/decrypt some data in Javascript. Their Javascript and probably encrypted emails are still channeled through an authenticated HTTPS connection.
Their client-side crypto is an additional layer on top of HTTPS, which provides something HTTPS does not: the fact that the server side must not know the plaintext of the payload data.
There is still a need to provide some kind of authentication for the Javascript library which is doing the decrypting/encrypting, and all code calling into that library, and I’m not sure how or if they will provide this. Is there a way to sign Javascript and warn the user about updates to such code?
-
To me it sounds like adding a false sense of security when there’s effectively nothing stopping a sophisticated attacker or a government entity to completely reverse all efforts.
We have seen this exact case with Lavabit before. It doesn’t help to have additional layers, if they can’t all be scraped off. It’s making money off of people’s fears without actually addressing them.
-
Yes, but Lavabit did have the single encryption/decryption key for all his data. In the case of Photonmail, they don’t.
So say there’s a compromise of the service where the service would continue to operate with malicious Javascript which is sending the data in plain text (or worse, your key) to either the compromised servers or some third party. This attack is entirely plausible in the case of Photonmail.
I’m guessing the Javascript code that is running on the client side would be monitored by the community for changes, and you’d have to be wary of what the service is running on your end. I think a compromise like this involving changing the behaviour of their client side code would be noticed pretty quickly.
I agree that this approach is not 100% fool proof, but it’s much harder to pull off unnoticed.
-
-
-
-
-
If I have the choice between using a battleproof database and deploying my own crypto system in the wild, I’ll go with a db every single day. You will get the crypto wrong. It might seem exciting and cool, but the odds are clearly against you - and your users.
-
Not necessarily true. If you are familiar with crypto primitives you can make well designed schemes to achieve what this article describes. I would prefer that the tone was “learn about crypto because it has real world use” rather than “look this stuff is easy,” because it’s not easy.
The author uses simple examples, a fixed number of required fields. If you stick to that, it’s pretty easy to get right, and still really useful.
-
I respectfully disagree. :) I’m all about making people learn more about crypto primitives, but with the ultimate goal of making them aware of the difficulties of handling them securely. I just don’t see any actual benefit of storing your data on the user as opposed to a database. You’re only opening yourself up to more attack vectors without gaining anything.
If your server gets compromised, you’re still paying the same cost as the system needs to be able to access the data. Even worse, if you lose the secret without noticing it, attackers can present fake data to you. A compromised database on the other hand is way easier to detect in comparison. And that secret leakage is not at all far fetched. Secure storage of secrets is incredibly hard. One Bleichenbacher-style vulnerability through an unfortunate error code or a exposed timing difference and a careful attacker might be able to extract the secret without you ever noticing.
One of my declared career goals is never having to touch crypto code in production and so far I’m doing reasonably well at that. :)
-
-
-
Implicitly ignoring nil is the worst thing to do; it’s the reason when something goes wrong in Javascript you spend hours figuring out “why was that nil”? At least with a NullPointerException you find out relatively soon (though ideally you would find out before that, at the thing that was going to return null).
Most languages know better than to allow nilness to pass silently, just as they know better than to have asynchronism happen silently. The whole point of monads is to allow you to do this kind of thing in a low-overhead, but still explicit way.
-
The behavior described in the article didn’t seem very “monadic” to me either. Swallowing errors appears to be the opposite of what Monads are about - treating side effects explicitly. That said, I can definitely see the benefit of this behavior in certain cases, for example when it matters more to make something work than to make it correct.
-
-
You’re absolutely right that implicit handling of nil can cause errors to be detected further from their causes–but the same is true of currying, which allows type errors to arise from widely separated parts of a program. Different languages have different habits around these kinds of convenience/safety tradeoffs.
FWIW, I find Clojure’s nil handling generally more convenient than a hindrance–functions which define
niloften serve as their own base case in recursive algorithms, for example, which reduces the need for explicit branching. This is especially helpful when building up maps! And while I agree that Clojure’s default nil behaviors can make it easier to make mistakes, core.typed is quite effective at preventing NPEs when you want that degree of safety.-
You’re absolutely right that implicit handling of nil can cause errors to be detected further from their causes–but the same is true of currying, which allows type errors to arise from widely separated parts of a program.
Are you equating runtime errors and type errors? I’ve not seen currying create confusing type errors. Confusing runtime errors, yes definitely, but if you have types - no.
Source-sink distances in GHC type errors are generally quite good, whereas I’ve seen things like Clojure vectors being functions create mind-bending source-sink distances in errors.
-
I think the way Swift handles this is a pretty happy medium. Values aren’t implicitly nullable, and
nilpropagation is explicit rather than implicit. This means that:When you’re okay with
nilpropagating, you can very easily just chain optional values by doing something like:let myValue : SomeType? = myObject?.doSomething()?.value as? SomeTypeAnd myValue would be
nilif myObject isnil. Useful in the cases when something like that is acceptable.But if you absolutely need the value to not be
nil, then you throw in an explicit optional unwrapping and you get crashes if it is nil:let myValue : SomeType = myObject!.doSomething().value as! SomeTypeAnd in this case myValue would either be non-
nilor you’d get an exception.
-
-
That analogy doesn’t make any sense. How exactly would “tests” have prevented the Chernobyl disaster? Or on the flipside, how do override the safeties of modern languages?
unsafePerformIO? That seems like a pretty terrible reason to question the entirety of your type system.Ironic choice of example given that the Chernobyl disaster was literally caused by people executing a test:
That’s a brilliant spin on it.