Because dependencies are really hard.

Left padding a string is a problem that can be solved pretty trivially; pulling a dependency for it means you’re spending more bytes doing TLS to download the package then you are just writing the code to pad the string.

Beyond the overhead, when you rely on an outside dependency:

• you have to worry about pulling it - is the network alive to accommodate the download?
• you have to worry about the author making breaking changes, perhaps even maliciously
• you have to worry about the author deciding to pull it, leaving you in the lurch

Those worries can be mitigated (vendoring), and sometimes the benefits of getting new features outweigh the risks of changes, but for a dependency that is effectively “finished” I don’t see the benefits.

That said, I think there’s a really interesting problem that can be solved here: can we find a way to mark certain dependencies as “finalized”? Joe Armstrong (Erlang) had some really interesting ideas around a global function store. In that case we could push left-pad/2 up to the function store and mark it as “frozen” - then a programmer can just call left-pad/2 in their code, have it pulled out of the global function store, and auto-vendored in their code.

Maybe we can have our cake and eat it too…

Depends on the function, I guess. If it takes you so much time to write isArray that you choose to look for and depend on a package for that, well…

I’m really confused by the amount of controversy this is causing especially to people that don’t use Node. Most of the people that have been using npm correctly have just been like well that sucks to the idiots out there but my build isn’t broken. Now I have to turn around and see blog posts about “DAE think javascript programmers are dumb” while sniffing their own farts and auto fetching dependencies from search.maven.org.

Edit: Sorry that’s an unfair characterization for David Haney, he probably writes his blog post while sniffing his own farts and autofetching with NuGet. ;-)

Microservices cause pain and overhead that is counterbalanced by process improvements that only apply when your organization reaches substantial scale. Micromodules cause pain and overhead (at least they would if you were taking them seriously by investigating their provenance and checking the change log when you update them) that isn’t counterbalanced by much at all.

if you actually release an open source project called kik

This line says it was an actual empty legal threat, meaning it was extortion. Bob had known that the kik name was taken, therefore Bob had known that kik was already released on npm.

Azer should sue, and take Kik’s $0.50 emoji revenue stream.

The wording’s not great, but they’re correct in saying that trademarks can’t be selectively enforced. The reality is that if no agreement could be reached sans-lawyers, that their lawyers would have to get involved to preserve the trademark.

So no, this was not a polite request, but it never could have been a polite request. It could at most have been a veneer of politeness with the implication of legal action, because Kik really doesn’t want to weaken their trademark by engaging in selective enforcement.

I think it is valid. I would have it download to a local folder so that the next time it doesn’t need to talk to the internet unless you delete the cache file/folder. Otherwise you need to tell your users, “get these 4 packages first, then we can talk”. I know this system can be abused and malicious scripts/packages can be run/installed, but when it is working it is great for end users and should require less support from the developer.

Alright everyone back to using Ant, Make, and hand compilation because this guy thinks dependency management is for for idiots.

What exactly would namespacing have solved in this instance?

Let’s review what happened (within the package repo):

• current version of left-pad is unpublished
• npm decides break their own rules to avoid breakage: re-publishes old version (normally impossible) under new author

If this scenario happened with namespaced package, what would stop npm from breaking their own rules again, and transfer ownership of the (now namespaced) package?

It’s 2016 and people are still using NPM as a build tool even after being explicitly told not to deserve their builds breaking because of political shit like this.

It is disingenuous to portray a reasonable interpretation as a ‘minority position’.

Well, it appears to be a minority of lawyers. They think judges would consider that user-does-the-link are subterfuges and would not look favourably upon someone trying to sidestep the GPL via user-does-the-link. It is the opinion of judges that matters.

This wasn’t RMS’s argument, but his lawyer’s argument. That’s why RMS was initially surprised by this.

It may be the case that a kernel module is a derivative work of the kernel, but RMS argues that even using readline as an optional dependency makes your whole program (in this case a CL implementation) a derivative work. A laughable claim. I hope this goes to trial and that the beginnings of a reasonable interpretation of derivative work for computer programs starts to be formed.

If this gets overturned in court GPL loses teeth overnight. I don’t think linking against a library is a derivative work inherently unless you’re using library instructions. In which case you are using GPL licensed instructions therefore making a derivative work but IANAL.

It also means that using proprietary libraries and linking to them optionally is not a derivative work, which weakens copyrights for libraries as a whole. Meaning that using libraries is fair game regardless of their licencing status or means of acquisition as long as you have some form of stubs making the proprietary library optional.

It’s actually not as bad as you think. The community rep seats were actually a way for corps to get more votes on the board, there was very little “community” involvement.

There’s a story where a person took out ads to prank his roommate on facebook.

http://mysocialsherpa.com/the-ultimate-retaliation-pranking-my-roommate-with-targeted-facebook-ads/

I used to work in this field and on facebook and twitter they’re more than likely not guesses because it’s user provided information same with profile targeted ads from Google. Without any of these things companies build statistical models by tracking you over the internet, and with enough data it’s easy to reach a very very small margin of error on advertisement ranges.

Some companies don’t even track just what your characteristics are anymore. They build probability models if you’re likely to be swayed by a certain ad when serving up their inventory in real time bidding. There’s basically a whole opaque industry that works on tracking and stats, and more often than not the things they build are close to the mark. For women who were pregnant or just had a child our P values were like 1%.

There was also that Target ad targeting that figured out a girl was pregnant: http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/

These kinds of stories happen all the time. There are more hits than misses. What’s harder to do is actually figure out bots vs humans ;-).

[Comment removed by author]

This is a big problem, because as browsers become more difficult to maintain and replace, browser vendors gain more leverage in negotiations where their interests conflict with those of users, opening the door for corruption. Thus we see Pocket integration in Firefox and the opaque binary blob with permission to listen to your microphone in Chromium.

But is it better than the alternative where it’s bundled and/or closed source software or software that you have to pay for and it’s standards compliance is nonexistent comparatively.

I’d rather have browsers that are very close to full standards compliance with arbitrary business partnerships and features than browsers that had an arbitrary ship date to which a middle manager said good enough. At least this way the middle manager is ruining end user experience which impacts his own company negatively rather than developer experience which really impacts third party companies/developers who don’t want to invest in developing around your browser’s quirks negatively.

Your average user doesn’t care/understand that IE can’t render CSS in a compliant way. They just think your site is shit.

I can tell you why I linked it & why I read most articles about the system.

This is as pure as hobbies can go. It’s not done for fame (at least not apparently), without a goal to be useful to anyone except the author. It’s a breath of fresh air and really interesting for someone not writing an operating system since the mid 90s. His OS may be old school but it also allows a new generation of people (or people that didn’t go into OS development) to look how things were done or how they could have been done.

Agreed, although I think that some people are not aware of his mental condition. Check out this comment.

because they are really really naive about programming outside their little bubble

How’s so?

The ultimate programmer’s hobby project (well, from a technical point of view) it’s certainly to build an operating system from scratch. If you have posix support you have loads of applications to snatch into it. Terry ignores posix, so he has to implement the “user space” too.

It has some features that date way back to the 70/80’s, that are non-existent in current day operating systems.

And you can’t deny that this is a technically demanding task, so probably because of that that he was godded on reddit. Most of us, in perfect mental shape, would be unable to accomplish this. I know I wouldn’t.

If showing admiration for a great hobby project is naivety … I don’t know.

That’s what GS, RS, and US are for! Group, Record, and Unit Separator, ASCII 1D, 1E, 1F.

That actually gave me an idea on what to do if my shell scripts' input delimiters start being problematic and need to be worked around to accept input that has them.

The solution might not be to drop something that isn’t being used but to start using it more because it does have a purpose.

Too late. Unfortunately tarruda and the rest of the “core” contributing team have basically devolved into making the grandiose features while letting the community fill in the blanks when their architecting has misgivings. For example copy paste behavior is just broken in the scope of all NeoVim features compared the vim.

It’s been available for most of last year. I’ve been using it for about 14 months. It’s been an “okay” experience. There are certainly some things that are better but there are major criticisms as to how certain issues are being handled in the name of progress.

I don’t see the benefit of removing and ostracizing a community developer.

Except this is entirely poison to the development and potential commercialization of a project. Brendan Eich should be the perfect example for that, if you’re going to seek wider acceptance you shouldn’t have political land mines of your contributors acting like this on the internet. This kind of thing kills the ability of companies to sit on your foundation board or give you monetary patronage later on, because those companies don’t want the heat of having to deal with your community’s mouths.

Politics exist in OSS. There’s simple no bullshit ways to get around this so that people don’t have to become entirely political, one of those ways is to make sure that your contributors know that they will be entirely disavowed for hate speech.

Freedom of speech isn’t freedom from consequences, nobody has to give you a platform for saying whatever the hell you want. Nobody has to respect you for your opinions, and nobody has to even give you a fair shake after you’ve aired them out. Freedom of speech is about saying what you want to say and nothing more, it’s not about treating people with hateful views the same as people without them.

Steve Klabnik continue to spread such hate on Twitter.

According to the follow-up post, it appears he apologised.

Yes, someone who says, “oops, I’m sorry” is definitely someone I could learn from.

While I find some of Steve Klabnik’s activity distasteful, so far as I know he didn’t act that way in the Rust community. Trying to exclude him for his outside activity would be a mistake, just as recent incidents related to Opal and Strange Loop are mistakes.

When the Rust community adopted the code of conduct, it was specifically clarified that outside activity (which would include, for example, political donation by Brendan Eich) does not affect whether to exclude someone.

I stopped following Steve Klabnik on Twitter some time ago precisely because of comments like that. I find it inappropriate to use the same platform to espouse both moral-political and professional-technological views. That said, he is (was?) a frequent poster here, and I’d be curious to hear his side of things.

Is this the type of person that the Rust community welcomes and approves of?

It doesn’t matter. The “antifa” movement in Italy is just as violent as the fascists they claim they are fighting, and the only way to tell who’s who is by what “team” they cheer for, not their actions. I find this despicable and violence an unacceptable political tool, but we need to put that aside when working together. Let’s keep serious actions like boycott for serious offenses. This one does not qualify.

There are times when I feel like the sort of views espoused by @CoralineAda are in danger of being snuffed out and should be shouted as loud as possible. This time, though, it feels like the pendulum has swung too far in the other direction. This sort of thing - the public shaming of a person over a twitter @ message - makes me terrified to contribute to OSS. He didn’t use any racial/gender epithets or slurs… compared to what I read on the internet most of the time, that was a pretty tame remark (in the context of a discussion of surgery for children, which is at minimum up-for-debate and hardly “hate speech” IYAM).

But once someone gets called out like that, the hate train leaves the station, and this person’s reputation is basically ruined. I don’t sympathize with his @elia’s views whatsoever, but this seems like an excessive use of moral force to me.

I think Linus' is kind of untouchable since he’s the leader. What those people did there was “oh, this guy is a contributor on this project, but he isn’t the boss, let’s complain and have him removed!”, you can’t really do that with Linus or Theo de Raadt or antirez or whatever.

I still think meh sholuld have been a little less mean to them, the aggressive tone is ok but the “protip: you can’t and you won’t” is just rude, not matter what context.

“Hurting people’s feelings” is a stupid way to put it. Saying you’re an incompetent programmer is hurting people’s feelings, saying and entire class of people are suffering from mental illness is based on your dislike of their lifestyle is hate speech.

One is a personal attack the other is a prejudiced view that discredits people because they are different. There’s several leagues of diffence between “you’re an asshole” and “[trans people] not accepting reality is the problem here”.

I don’t think Elia’s life would be ruined if his contributions to Opal were rejected.

This is not just “hurting people’s feelings”. He’s expressing some pretty unwelcome opinions about people’s sexual identity, piling on to the abuse that they generally already feel everywhere else. He’s being a bully, not a “free-thinker”. This is not comparable to saying that believing in God is a delusion. It is possible to change one’s beliefs. Changing one’s sexual identity is almost impossible.

Linus’s actions are not commendable nor tolerable either. He should not be held up as an example of how being an asshole is alright and how nobody cares if he is. Lots of people care that he’s an asshole and don’t like it.

If people have stupid ideas, they should be called out for them. This is not punishment, and being asked to step down from a role in which they are no longer welcome is not an extreme punishment.

Christians in English-speaking parts of the world are not a vulnerable minority. The hypothetical “denying reality” remark is not hate speech. I’m sure the issue would never have been opened, and that does make me sad. I do feel that portions of the atheist community behave in ways that are serious harassment, and insufficiently recognized as such.

People can say the right things for the wrong reasons, and that does make saying them wrong. If it’s not perceived as such, that’s a bug.

Sounds like it has lots of good ideas, it would be great if he could get some backing to add some shine for it, maybe break away from 640x480…

They do see TermKit, Terminology, FinalTerm etc. It just doesn’t get anywhere because it’s a mostly useless feature, that’s hard to standardize and make backwards compatible.

CLI tools in Unix work best with text, you can grep ‘cat’ but we don’t have tools to grep a picture of a cat. There’s a huge limitation to composibility and expressiveness in working with rich media right now.

Most of these terms generally become half explorer half shell. Which is pretty useless because explorers themselves don’t make file navigation any “easier” in most circumstances. The easier tasks in an explorer is manually selecting a set of files that is contiguous that is smaller than the screen or selecting a non contiguous set of files smaller than 10 that fits on the screen, the rest causes explorers to degenerate to shell like behavior without the extensibility of an actual shell.

An OS can also provide general computer stability and protecting you and your data from your applications, ie. preventing an application from exhausting all available memory, looking at your private files, phoning home, spying on what you type in

Yes, it could, but normal GNU/Linux defaults don’t help with these problems much, if at all. Android is slightly better, but not that much. Linux’s security system is not designed for this, and getting it to do this is a struggle.

I think that the reaction against this that some developers comes down to a split between engineers and service professionals. In building a building, the architects, civil engineers, and construction workers perform very different tasks. If most people’s experience with construction is the contractor that redid their kitchen, it’s perfectly valid for a civil engineer who builds skyscrapers to want to be distinguished from the person who lays tile floors.

There are certainly very skilled non-programmer technical IT professionals, but there are also many who aren’t [1] [2]. These depictions of the job “IT” cast it in a negative light that many, myself included, would rather not be associated with.

[1] http://www.reddit.com/r/4chan/comments/20x58t/anon_works_it/ [2] http://en.wikipedia.org/wiki/The_IT_Crowd

It’s an ego massage. And there should be some. Being a good chef is a lot simpler than to grok nowadays computer systems. Just try counting the levels of abstraction you are able to think at: user clicks at a link and a page loads. What really happened? Go!

It seems to me you’re making his point? There’s a hell of a lot of difference between a chef, a maitre d', a silver service waiter, and a burger flipper / table wiper at McDonald’s.