1. 5

    The libra project depends on several fairly new “wild west” libraries for building experimental cryptosystems that have only emerged in the last few years

    Uh, Curve25519 based stuff is everywhere, including TLS, SSH and Tor. It’s very much production quality. And dalek is a very good implementation that has been audited. This part of the article is terrible.

    As for everything else… yeah, typical cryptocurrency stuff.

    1. 4

      Implementations, not algorithms.

      1. 2

        I mentioned the implementations, as you can see.


        experimental cryptosystems

        reference sort of looks like it refers to the algorithms. Might be referring to the stuff they’re using the algorithms for, of course (“depends […] for building …” not “libraries [that are] for building …”) but whatever

    1. 2

      Since last time:

      Still reading Figuring & PoC||GTFO; read a bunch of books about games (It’s All a Game: The History of Board Games from Monopoly to Settlers of Catan, which is well-written but may have let a good story override the facts in some places; The Maze: A Labyrinthine Compendium, which is a beautiful book with pictures of mazes from around the world; Birth of the Chess Queen, very well-researched; and Pub Games, likewise); and finished the Akira series.

      Software-wise the only thing I’ve read is Mr Babbage’s Secret: The Tale of a Cypher and APL, which was wonderfully broad. There are a lot of tidbits about old encryption schemes, such as those used with the runic alphabets. I also read The Design of Everyday Things which could really be called “minimizing errors in software use”.

      Otherwise The Mere Wife was a fun re-take of Beowulf, and As the Earth Turns Silver taught me about a side of Wellington (NZ)’s history I didn’t know about previously. I used to live in an area that was Wellington’s “Chinatown” and didn’t even know it!

      Edit: Oh, I forgot that I’m currently reading Luke O’Neil’s Hell World, which is a very important book.

      1. 4

        The most intriguing thing to me with Ada is ranges on numeric types.

        1. 4

          You might find the existential types interesting. It means they’re all unique and incompatible by default. So, Miles with Integer representation and Kilometers with integer representation won’t mix since the types don’t match.

          1. 2

            Those are neat too.

            The range check sticks out to me though because I’ve had to debug a few things where range checks would have helped.

            1. 6

              As nickpsecurity says, the even nicer, more general concept is contracts, i. e. boolean conditions that can be attached to various things, including types. With type invariants specified you can have arbitrary conditions automatically checked on the values of your types, including ranges.

              Preconditions, postconditions, loop invariants and type invariants are the things I miss most from Ada in other languages.

              1. 4

                Well, it makes sense given our variables operate on ranges of memory and values but the languages weren’t enforcing them. Ada lets you do that. It’s actually an instance of contracts or formal specs. Design-by-Contract gives you ranges and more.

            2. 1

              If you enjoy ranges on numeric types you might also enjoy XML Schema.

              1. 1

                I didn’t say “enjoy”, I used “intriguing” since it would make the language/tooling automate checks for me.

                I’ve never been asked to use XML for anything, so I don’t know enough to know you’re genuinely serious about recommending XML Schema.

            1. 1

              Nothing is more fun than reading on a tightly regimented schedule.

              I really can’t imagine much worse 🙃

              1. 2

                Currently reading:

                • Light/Fiction:
                • Non-Fiction:
                  • Figuring – Maria Popova, wonderfully discursive so far
                • Research/learning:
                  • L’Étranger – Albert Camus, trying to read a book in French for the first time and this was recommended as a beginner’s book, but, really? At least it’s easier on Kindle with instant word lookup.
                  • The Book of PoC||GTFO; progressing very slowly on this, reading a few sections at a time

                Good things I’ve recently finished are a bunch of Umberto Eco’s essays/lectures (Six Walks in the Fictional Woods, Experiences in Translation [on the same topic, 19 Ways of Looking at Wang Wei by Eliot Weinberger was a lot of fun—turned out he was the translator for Borges’ Selected Non-Fictions], Serendipities), Maggie Nelson’s Bluets was great (also read Kenya Hara’s White so I’m on a theme here), and Virginia Woolf’s To The Lighthouse (I left this for far too long!).

                (DFW is now cancelled because he attributed apophatic theology to Aquinas in String Theory, truly the straw that broke the camel’s back.)

                1. 2

                  that’s okay because char + char is a nonsense operation, it makes no more sense than date + date

                  1. 4

                    There’s something interesting here I haven’t quite worked through: increasing correctness via types goes the opposite way from function subtyping! Given

                    A: Int -> Nat
                    B: Nat -> Int

                    Matt shows that B is going to be more safe than A. The interesting thing is that A is a subtype of B! It’s contravariant in the domain and covariant in the range. Any function with type signature matching B can also accept a function with a type signature matching A.

                    IIRC Haskell has doesn’t have function subtyping, so this is more academic, but it’s interesting from a PLT perspective.

                    1. 1

                      [Caveat, hobbyist, armchair Haskell programmer:] There’s some kind of polymorphism subtyping, I’m not sure what it’s called: given toInt :: X -> Int you can write fromAnything = toInt :: (forall a. a) -> Int.

                      (The converse is a little harder because Int -> (forall a. a) is the same as forall a. Int -> a, but if you define data Anything = forall a. Anything a then you can write fromInt :: Int -> X and toAnything = Anything . fromInt :: Int -> Anything.)

                      However, good luck invoking the first and using the result of the second… I’m sure there’s a more practical example to be found.

                      Edit: Here’s a better exploration on Stack Overflow, with a link to this paper in the comments, and another comment on HN.

                    1. 5

                      Maybe it’s just my naive preconceptions, but reading

                      We have connected with so many command-line users who LOVE to customize their terminals and command-line applications.

                      just feels very wrong from a corporation like Microsoft. The reason probably is that this portrayal of a “community” around a utility, a product basically, has a close to zero chance to be an authentic gesture from your loving OS-Patron (as if that were even the question), than being the result of a cold, statistical survey on how to emotionally engage consumers to consume optimally.

                      But on the other hand, what else is there left for them to do?

                      1. 9

                        The reason probably is that this portrayal of a “community” […] has a close to zero chance to be an authentic gesture […] than being the result of a cold, statistical survey on how to emotionally engage consumers to consume optimally.

                        I think your cynicism is unfounded and unhelpful. There is a community, and this is a big deal. People have wanted a modern, functional terminal for a long time. I know it’s still cool to hate on Microsoft in many places, but my observations are that the engineers in the company care a lot about contributing to community, and that management wants to do the right thing.

                        1. 6

                          There might be a user base, but I am highly sceptical (although I also could be wrong) that this is a “community” of people enthusiastic and engaged in it’s very idea of the terminal. And this really isn’t generic hate of Microsoft (although I still don’t trust them), but rather a distaste of corporate “over-friendly-ness”, regardless of their intentions.

                          1. 1

                            Then douse your skepticism with the pure fresh water of statistics!

                            For example, this video from the Windows Developer group on Windows Terminal, released 4 days ago has seven hundred and thirty eight thousand views.

                            In what universe does that not count as a community?

                          2. 3

                            I agree, and reading this I think there’s a lesson here for all of us. We need to zoom out and try to be mindful of the fact that people’s needs, wants, preferences and limitations vary a LOT, and so does our ability to be aware of every community or body of users that exists.

                            I spoke with a gent yesterday who worked at a company that specialized in selling virtualized DEC Alpha/Tru64 and VMS environments. They have a LOT of customers!

                            We all get so hooked into our own little corner of the world that we make the mistake of thinking that corner is the entirety of the world, and it just isn’t.

                            As I said elsewhere, Windows Terminal will be a big deal for me because I use WSL in a work context for impermeable reasons I won’t go into again here, where having a ‘real’ terminal emulator will be a massive quality of life improvement.

                            1. 2

                              Yet all I see is another attempt at “Embrace Extend Extinguish”.

                              How long will it take before we see some command line tools which will require this terminal emulator to actually run?

                              I’ve been using bash on CygWin whenever I needed some terminal and user land tools on windows and I’m not intending to switch over from something that’s been around for decades, to something new that has only been around for less than a decade. The same goes for WSL.

                              1. 5

                                Yet all I see is another attempt at “Embrace Extend Extinguish”.

                                ¯\_(ツ)_/¯ See what you want to see. That may have been how things were done in the Ballmer era, but we’re a long ways past that now.

                                1. 3

                                  You expect people to just brush over everything they’ve done and are doing and just “move on” and trust them? They did a complete 180 in the last couple of years, you can’t expect people to not be skeptical of them. I don’t believe they have good attention, time will tell. I disagree with all the unethical ways they collect data.

                                  1. 2

                                    That may have been how things were done in the Ballmer era, but we’re a long ways past that now.

                                    Are we? I don’t think so. I see a terminal emulator with extra features like embedded pictures in the text output, without specifications and proper documentations. To me this is the entire office EEE debacle all over again but with a terminal.

                                    1. 4

                                      What specifications does a Windows terminal demand? What on earth are they even meant to be extinguishing? It’s a terminal, not some core part of WSL2 or whatever else people are trying to connect this to. When they released PowerShell were they EEEing themselves?! How is this different?

                                      1. 2

                                        See: Embrace, extend, and extinguish - Strategy

                                        Note the careful wording used:

                                        Embrace: Development of software substantially compatible with a competing product, or implementing a public standard.

                                        A terminal emulator can be considered a public standard. This terminal is an implementation of that standard.

                                        Extend: Addition and promotion of features not supported by the competing product or part of the standard, creating interoperability problems for customers who try to use the ‘simple’ standard.

                                        Extinguish: When extensions become a de facto standard because of their dominant market share, they marginalize competitors that do not or cannot support the new extensions.

                                        Integration with ssh, PowerShell, Ubuntu on WSL, emoji’s and icons are all promotional features which are not widely supported by the competition. The competition can’t even support them, because a terminal in text-mode on a UNIX-system simply does not have the capability of rendering bitmap graphics until some kind of window-manager is launched.

                                        What specifications does a Windows terminal demand?

                                        First: It’s not a “Windows Terminal”. We already have plenty of those. It’s a POSIX-compatible terminal with various extensions that cannot be supported on the other platforms. And it’s running on Windows: A platform which throughout it’s entire history, has been used and abused to gain a monopoly marketshare.

                                        What on earth are they even meant to be extinguishing? It’s a terminal, not some core part of WSL2 or whatever else people are trying to connect this to.

                                        It’s an attack on the whole UNIX-like opensource ecosystem which shows that the spirit of Ballmer is still very much alive: Ballmer: ‘Linux is a cancer’ - The Register

                                        When they released PowerShell were they EEEing themselves?! How is this different?

                                        This is different from PowerShell in the sense that PowerShell was never meant to be a terminal that could run UNIX-like tools. PowerShell’s main addition was that it opened up commandline access to a lot of the internals of Windows which were previously inaccessible through an easily scriptable commandline interface.

                                        1. 1

                                          “The competition can’t even support them, because a terminal in text-mode on a UNIX-system simply does not have the capability of rendering bitmap graphics until some kind of window-manager is launched.” “ It’s a POSIX-compatible terminal with various extensions that cannot be supported on the other platforms. “

                                          These are good arguments for them potentially doing an EEE strategy. Gotta wonder what the actual risk is, though, if terminal use is so different between Windows and Linux platforms. Anyone intending on using Linux would just use a subset that works on both. If they don’t, they might not care about Linux compatibility. That would mostly be common in Windows shops. I’m curious what attack strategy you think they’ll do in the terminal that would convert more free Linux boxes into paid Windows boxes.

                                          1. 2

                                            The attack strategy is simple: They are betting on the lazyness of software developers.

                                            Suppose one of the Windows-only tools finds its way into one of the scripts powering one of the company’s products and sits there for about 3 years. Most of the time that is long enough for all the developers who’ve worked on it, to leave the company.

                                            When that happens it will be to hard or costly to fix those scripts and management will be forced to make the decision: “Just run our product on Windows”.

                                            I’ll have to admit that I’ve just made this example up, but I am basing it on an example similar to this:

                                            #include <stdio.h>
                                            int main() {
                                                int i = 1;
                                                int j = 2;
                                                printf("i=%d\n", i);
                                                printf("j=%d\n"); // Notice the missing parameter here!

                                            If you compile this with gcc, it will fly in your face and tell you to fix your code. However if you compile this with a recent version of Visual Studio, you will discover that it happily compiles this into a working binary. It even fixes the missing parameter!

                                            In the past I’ve “inherited” a C++ application which should in theory be compiling on just about every OS. In reality this was infeasible because of all kinds of minute errors, like the one demonstrated above, which had slipped into the code due to the “extra and out of spec functionality” Microsoft had provided the developers with.

                                            You can call me a sadist or whatever you like, but I think that developers deserve a good whipping if they make errors like this. Doubly so if they then rely on the “extra functionalities” provided by their tools of choice.

                                            So having seen this, it’s not hard for me to imagine how this brand new terminal will lead to all kinds of “convenient accidents” which will lead to many pieces of software only being compilable and runnable on Windows boxes. It’s EEE in one of it’s purest forms.

                                            1. 5

                                              If you compile this with gcc, it will fly in your face and tell you to fix your code. However if you compile this with a recent version of Visual Studio, you will discover that it happily compiles this into a working binary. It even fixes the missing parameter!

                                              This simply isn’t true, and the reality is the opposite of what you are claiming, as you can verify yourself: by default gcc will compile this without warnings, whereas MSVC (and clang) will warn.

                                              1. 1

                                                Unfortunately, you are right, and I am dumping this only from memory and I am unable to share parts of the code base I was working on at that time… So I have no other hard proofs available.

                                                That doesn’t change my argument though. Allthough I have to admit that I’m genuinely surprised that gcc accepts this example.

                                              2. 2

                                                Interesting. Yeah, I could see subtle incompatibilities adding up overtime.

                                      2. 1

                                        Oh no, they’re still just as evil. They just adapted to the new market. They may or may not be doing less of EEE. I haven’t tracked that. They did use corrupt, patent law to suck billions of dollars out of Android ecosystem despite not contributing jack to it. Selling a polished ReactOS to enterprises probably would get you sued. People in Microsoft and articles like this said they started laying off lots of their QA people with more vulnerabilities, crashes, and data losses coming in future as result. They also have plenty of spyware they’re putting in the new versions of Windows. Plus, never forget their incentive structure means that the next CEO might do even more bad things.

                                        Microsoft isn’t to be trusted now or ever in the future. All deals done with them should have an escape plan: portable software, data in open formats, and easy moves to another platform in worst case. With the costs of that, probably better to just do business with a more ethical company in the first place. On open platforms where possible. :)

                                        Bonus: There’s actually a good example in your space. Github, not Microsoft’s offering, was the wise choice. Oh the irony of Github becoming Microsoft anyway.

                                      3. 1

                                        It’s very easy to write code that works on Cygwin and doesn’t work on Linux, so I’m not sure how this is any worse.

                                        1. 3

                                          Cygwin is a hack. This is an official, supported offering by Microsoft. Tons of people will use it in places where folks hoped to convert people away from Windows. Everything they do might also become legacy systems that, if there’s a lock-in risk here, add to the transition cost of switching that ensures lock-in. Cygwin probably could never do that.

                                        2. 1

                                          Nah, they won’t extinguish their own golden goose. Have you seen how much money they’re making with Azure? It ain’t chump change!

                                      4. 2

                                        Do you use WSL? If you don’t, you won’t understand the context.

                                        Picture an environment where they replaced the blazing fast Ferrari like UNIX terminal handling routines with a Model T.

                                        That’s what this is meant to fix AFAICT.

                                        1. 1

                                          No I never have, nor plan to. But I don’t understand why me commenting about their peculiar style of writing/engagement is related to their technical product, which I am not trying to downplay.

                                          1. 1

                                            You’re right. Pardon me.

                                          2. 1

                                            But users of msys or cygwin have had a satisfactory terminal forever in mintty. So it’s not like there’s never been an option.

                                            1. 3

                                              There hasn’t been a better alternative part of Windows itself, though. Not everyone uses msys or cygwin, especially Windows-only developers.

                                          3. 2

                                            There’s always been communities around Microsoft products, esp developers and admins. It follows naturally with the combination of its humongous market and fact that people in Microsoft shops will want better experiences. They build helpful tools, share code, share tips, and so on like anywhere else. Entire sites were dedicated to Windows FOSS. Many of them also use UNIX/Linux on the side and/or in the same organization for different apps/services.

                                            Why does it surprise you that some chunk of Microsoft’s customers wanted a terminal with benefits of Nix terminals? Or that the company that made PowerShell, responding to market demand, would respond to market demand again for terminal improvements? I think it’s in their rational self interest to hook developers up with a good terminal much like it was to make Linux apps easier to run on Windows. Win win long as one is careful to not let Windows, esp any incompatibilities in Microsoft’s versions, to become a dependency. That avoids EEE. ;)

                                            1. 1

                                              This person is hired and talk in the name of the Microsoft Empire because it serve its interest well, such as actually LOVEing to customize its interest well.

                                              If MS learns that involving people from the outside into its project then it is a good thing, but I deeply agree that we should not fool ourself thinking Microsoft does something else than aiming for more market shares.

                                              It is the aim of any company of that size, even if it might feature honesty down the stream (the actual person writing the article).

                                              1. 3

                                                Yes that’s her job as a PM. Specifically they have open sourced this terminal. You talk about promotion and then jump to accuse them of the lack of bringing outsiders into the project.

                                                If you take a look at the contributions from the outside in under a week, I’d say outside involvement has already taken root. They’ve also been talking to developers directly (I’ve had a couple times where I’ve been invited to schedule time with them to discuss their development plans and I have no special relationship with Microsoft or the team).

                                                It seems like Microsoft has changed but there will be a balance to keep. As long as Azure keeps growing, Windows probably has less pressure to monetize and control every aspect of the platform. The reality seems less about them being generous and more about their business model shifting their focus. No altruistic leaning is needed to understand why Microsoft is suddenly interested in open source and continuing their interest engaging developers (this is how enterprise adoption stick so well, even if you weren’t part of that camp; I wasn’t and didn’t understand until I talked to folks that were).


                                                1. 1

                                                  The big, hard-to-change streams of revenue for Windows come from both lock-in to Windows-specific features and marketing Windows to companies that want their supplier to be around long time with big ecosystem. Microsoft has realized that open sourcing things that tie into their paid platforms usually can’t hurt those sales. They might even help them since the companies will be less likely to switch. They might even buy more Microsoft apps, hosting, or whatever. The community projects also bring them the business benefits of F/OSS and a PR boost.

                                                  What’s not to like in this approach for a greedy company trying to make its numbers go up in a highly-competitive, changing market that features lots of F/OSS? ;)

                                            1. 4

                                              A 2D graphics library that fits on a single page, replacing 10,000 lines of C in the Cairo library. See page 4 of this PDF: https://raw.githubusercontent.com/wiki/damelang/nile/socal.pdf

                                              1. 2

                                                A ray tracer, written in C, that fits on a business card: http://fabiensanglard.net/rayTracing_back_of_business_card/index.php

                                                1. 5

                                                  This is a famous APL program that computes the next generation in John Conway’s “Game of Life”:

                                                    life←{↑1 ⍵∨.∧3 4=+/,¯1 0 1∘.⊖¯1 0 1∘.⌽⊂⍵}

                                                  When I was a teenager, some kids were passing this around, and it got me interested in programming.

                                                  1. 5

                                                    An alternate version to contemplate:

                                                    life ← { ⊃ 1 ⍵ ∨.∧ 3 4 = 1 0 ¯1 +.(⌽∘⍉)⍣2 ⊂⍵ }
                                                2. 1

                                                  This is pretty cool. Thank you!

                                                1. 4

                                                  I think I would also be interested in seeing the older source code for Calculator in Windows 3.x, 95, NT4, 2K.

                                                  1. 1

                                                    Are there any particular reasons why? I think the new Calculator has a lot of interesting functionality.

                                                    1. 2

                                                      I think for several reasons:

                                                      1. Nostalgia

                                                      2. The limited resource era probably led to some interesting solutions

                                                      I changed my wording a little, though, instead of “more interested” to “also interested”

                                                    2. 1

                                                      The core (numeric) code looks like it dates from this time.

                                                    1. 18

                                                      In short, if you’re building a web application and you’re accepting input from users, you should always normalize it to a canonical form in Unicode.

                                                      Strong disagree, you should use string comparisons that understand Unicode. You can’t achieve “intuitive matching” via normalization without discarding information from the user’s input.

                                                      For example, the FFI ligature :

                                                      > x = 'ffi'
                                                      > x === 'ffi'
                                                      > ['NFC', 'NFD', 'NFKC', 'NFKD'].map(nf => x.normalize(nf) === 'ffi')
                                                      [false, false, true, true]

                                                      Only the K normalization forms will make this comparison equal. However:

                                                      > ['NFC', 'NFD', 'NFKC', 'NFKD'].map(nf => x.normalize(nf))
                                                      ["ffi", "ffi", "ffi", "ffi"]

                                                      … you have lost information from the user’s input. has been decomposed to ffi. If you store the user’s data normalized then you’ve thrown things away.

                                                      Instead, use localeCompare (or Intl.Collator) to properly do language-sensitive string comparisons:

                                                      > 'ffi'.localeCompare('ffi', 'en', { sensitivity: 'case' })

                                                      As always, remember that equivalence is language-sensitive:

                                                      > 'i'.localeCompare('I', 'en', { sensitivity: 'base' })
                                                      > 'i'.localeCompare('I', 'tr', { sensitivity: 'base' })

                                                      There are no simple one-size-fits-all solutions when dealing with text. You must consider your scenario and what you are trying to achieve. A rule like “always normalize everything” can cause trouble.

                                                      1. 6

                                                        One way to interpret the fine article is to normalize not when storing the data, but rather to normalize when performing string comparisons. I personally always store data as the user entered it, SQL injection attempts, XSRF attempts, and all, exactly as they entered it. I then normalize the data when in use, i.e. when comparing passwords, or outputting HTML. The only place where I would suggest normalizing text is in a separate full-text search storage engine, such as ElasticSearch.

                                                        1. 1

                                                          (Yes, that’s better, although I’m also fairly sure that NKDC/NKFC fail for comparisons in other ways, but I didn’t have time to come up with any.)

                                                        2. 1

                                                          When creating a file on macOS with HFS+, the filesystem driver always normalizes it and stores its filename in NFD form. So, it decomposes the characters if the user wants to create a filename passing a composed form. Then, user may access the file by passing both composed filename and decomposed filename.

                                                          (Haven’t checked if that’s the case with APFS)

                                                          1. 2

                                                            APFS: store as is, compare under normalization

                                                        1. 3

                                                          I learned about this from CACM because I’m a dweeb

                                                          A tl;dr is Metamorphic Testing is Property-Based Testing, except

                                                          • This paper came out a full year before quickcheck
                                                          • It’s only on “metamorphic relations”, or relations between multiple test inputs and test outputs. And example would be commutivity: f(a, b) = f(b, a). PBT also includes regular properties, which only require one input-output: f(0, a) = a.

                                                          The interesting thing is that the MT people seem to have focused on “messy” domains like testing search, ML, and computer vision. But I hadn’t heard about it before and nobody I asked has heard about it, either.

                                                          1. 2

                                                            I think it’s important to distinguish between the construction of property-based tests and the verification of them. QuickCheck mostly provides (a randomized method for) the latter, with no guidance on how to construct the test, whereas this paper provides (one rather manual methodology for) the former, which can be based on modification of existing canned test inputs and doesn’t need automatic input generation.

                                                            Looking at the authors of the citations in both papers it seems I need to read some of Manuel Blum’s work on testing 🙂

                                                          1. 3

                                                            +Semi-related work

                                                            +Replacements (refs/replace) are superficially similar to obsolescences in that they describe that one commit should be replaced by another.

                                                            git replace is new to me. When did it appear? Is anyone using it?

                                                            I’ve also been meaning to try git absorb which looks thoughtfully designed.

                                                            1. 4

                                                              If I remember correctly, git replace was useful to me in a case where an old CVS repository had been imported without history to git and then worked on for a long, long time. Much later, the old CVS history was preserved by using a decent cvs2git kind of utility, creating another git repository. Git replace would then allow me to stitch these two repositories together, effectively prepending history (something which would be impossible to do with a normal git parent commit ref, without completely cracking sha1)

                                                              1. 3

                                                                Absorb is really nice if you’re using a fixup-heavy workflow. Fast, too.

                                                                1. 1

                                                                  Are you an actual user of git absorb? Or are you talking about the hg original? I’ve wondered how usable it is for git already.

                                                                  1. 1

                                                                    Yes I use git absorb. Haven’t run into any problems yet 🙂

                                                                2. 2

                                                                  I’m hoping to eventually integrate git absorb into git revise, which is basically a faster in-memory version of git rebase for rebases that don’t change the final file contents, just reorder when changes happen (i.e. 90% of my use cases for git rebase)

                                                                  1. 3

                                                                    Since that’s in Python you could probably take advantage of the linelog implementation that’s underneath hg absorb to make the work easier. I recommend looking at the hg absorb code. Linelog makes it easy and slightly more robust than just moving patch hunks around.

                                                                1. 7

                                                                  Don’t forget to read the ‘Potential sources of bias’ section. It’s easy to implement this wrong.

                                                                  1. 1

                                                                    44497 prng seed bits needed to properly shuffle a list of only 4199 items… No wonder that this function is absent from so many libraries.

                                                                    1. 2

                                                                      That’s the limit though, you need 44 488 bits to fully specify a permutation of 4199 items. It’s nothing to do with this algorithm in particular.

                                                                    1. 2

                                                                      oh … first time i see someone interested in hermes trismegistus … any link to your research ??? (mine is metamn.io/gust)

                                                                    1. 17

                                                                      The Reddit trick, with appending .json to the end, isn’t unique to that site. It’s a common trait in Rails apps (GitHub is the gigantic exception, but GitHub is both old and atypical for a Rails app).

                                                                      Here it is on lobsters: https://lobste.rs/s/31hkbx/four_cool_urls.json

                                                                      Here it is on users.rust-lang.org: https://users.rust-lang.org/t/passing-a-mutable-reference-based-on-self/24108.json (it applies to any other discourse.org-based forum)

                                                                      It’s basically implemented with respond_to “content negotiation”, which is smart enough to handle file suffixes as an override for the Accept header: https://stackoverflow.com/a/9492463/3754495

                                                                      1. 5

                                                                        The Reddit trick, with appending .json to the end, isn’t unique to that site. It’s a common trait in Rails apps

                                                                        To be clear to all, Reddit isn’t a Rails app, so you have to give them some credit. But that’s cool, I didn’t know that :-)

                                                                        1. 4

                                                                          As johnaj said, Reddit is (AFAIK) Python, but GitHub has some limited support for it: you can append .diff or .patch to a pull request or commit, for example.

                                                                          1. 3

                                                                            Whaaaat! I didn’t even know Lobsters could do that. Thanks for the tip cuz I definitely needed that.

                                                                            1. 2

                                                                              Similarly OData has the $format=media/type query parameter that I’ve seen other non-OData endpoints adopt.

                                                                            1. 3

                                                                              I’m trying to read the four classic Chinese novels - last year I read Water Margin so this year I’m hoping to read Journey to the West (and watch Dragon Ball in conjunction), although it will probably take a long time.

                                                                              I want to work through my purchased-but-unread books that are sitting on my shelf: The Tale of Genji, Hypnerotomachia Poliphili, The Design of Everyday Things.

                                                                              Books about New Zealand history, and particularly Māori: currently reading He Reo Wahine: Maori Women’s Voices from the Nineteenth Century and will hopefully read Tears of Rangi: Experiments Across Worlds or Ka Whawhai Tonu Matou: Struggle Without End.

                                                                              Still on a Greek bent, I loved Mary Renault’s Theseus books so might read her Alexander trilogy. Madeline Miller’s The Song of Achilles was a really different take so I hope to read Circe. I also saw The Silence of the Girls in a book shop recently, which sounded good.

                                                                              … and trying to read more by or about people who occupy different quadrants to myself, such as something like Things Fall Apart, We Need New Names, Americanah, Homegoing, or Kintu (picked these up from a list).

                                                                              In the background I’m working my way through Robin Hobb’s Realm of the Elderlings books but trying not to consume them too quickly because I don’t want to run out! I’m partway through the Sherlock Holmeses so I need to finish them too…

                                                                              I also need a new South-American author to get obsessed with. I finally finished Borges Selected Non-Fictions and I read a lot of Bolaño last year, but I’m going to run out of his books soon (although I’m saving The Savage Detectives).

                                                                              … and I want a new sci-fi series to get into. Something like Ann Leckie’s Ancillary series or Yoon Ha Lee’s Machineries of Empire, which absolutely blew my mind. Also, Brandon Sanderson is always fun.

                                                                              1. 4
                                                                                1. 1
                                                                                  memset(ptr, sizeof(*ptr), 0);

                                                                                  Shouldn’t this (the first snippet) be this instead?

                                                                                  memset(ptr, 0, sizeof(*ptr));
                                                                                  1. 6

                                                                                    (that’s the point)

                                                                                    1. 4

                                                                                      I believe that is indeed the basis of the motivating example.

                                                                                      1. 1

                                                                                        One of the *sans, maybe asan with replace_intrin ? will catch this error.