1. 10

    This is like stacksort on steroids. I have to wonder where they got their English input though. Did they hire a bunch of people to look at some code and explain what it did?

    1. 1

      I see what you’re getting at here but I disagree.

      Using ML to learn about common coding patterns and help people be more productive by suggesting better/more efficient/more idiomatic alternatives feels like much more than a simple recursive grep to me :)

    1. 2

      I know your cutoff was a year ago, but I made a request for a dsp tag 2+ years ago that got traction. Would be cool to see it get implemented!

      1. 2

        God I’m tired of the branded attack websites. I understand picking a catchy name so people actually talk about the exploit and fix it, sure, but why go so far with the branding? Is it a prestige/recruitment thing?

        1. 4

          I think it’s the same reason we have host and domain names. Humans are lousy at remembering numbers or jumbled alphanuneric codes, but we are very good at correlating names with characteristics, so in a way, branded attacks act as mnemonics to help us remember the vulnerabilities and if they were mitigated or not.

        1. 2

          This project reminds me of Paul Graham’s¹ hypothesis that non-Lisp languages become more like Lisp over time, and that Lisp becomes faster over time. Maybe mailing list development becomes more like forge development over time, and forges develop better communication features.

          ¹ I think Paul Graham is useful to listen to about Lisp but not much else

          1. 4

            Yes please. I wrote a longer treatise about this a while ago.

            That said, I agree with @arp242 that user-visible names should be represented in a more friendly format.

            1. 23

              If your main complaint is that email is horrible to work with, the issue is most likely not email, it’s probably your mail client.

              I know a lot of people on here love git-by-email and everyone has their own reasons for why, but I get frustrated when I see messages like this. I’ve been using email for over 20 years now over multiple clients. I’ve even contributed to a mail client.

              Most of my frustrations with email go away when I use group chat, instant messaging, and synchronized “what do I need to work on” dashboards (such as GitHub’s pull request view). Email is nice for writing messages to friends you haven’t talked to in a year, event invites, and newsletters.

              In my opinion it’s awful for transactional stuff, because the overhead (setting up filters, archiving stuff) gets in the way of doing what you need. I also find it awful for stuff that needs to be machine parsed, because it’s a sloppy format, does not have a good concept of a “query” (there’s an API call to GitHub to tell me all open pull requests on a repository, for a similar thing in email you’d have to build something yourself) and emails come with a lot of cruft around them like signatures and such.

              If I think email is bad for transactional tasks and machine-parseable tasks, and reviewing code is a transactional machine-parseable task, my problem is with email.

              1. 2

                In my opinion it’s awful for transactional stuff, because the overhead (setting up filters, archiving stuff) gets in the way of doing what you need

                Those things are optional and time consuming. So don’t do them.

                I set up my filters about a decade ago, and only touch them when I join a high volume mailing list – so, maybe once a year or two. I don’t archive messages. My inbox goes back slightly more than half my lifetime.

              1. 6

                This is a fun article, but one thing casually mentioned in the beginning stuck out to me:

                However, when playing competitions at a high level, you need to keep track of a lot of information. What cards do people have in their hands? What dice numbers have not been rolled much?

                I don’t really play Catan so there might be some context needed, but that last sentence sounds like Gambler’s Fallacy. Is there something I’m missing?

                1. 20

                  In Catan, each resource-bearing tile is allocated a number. When that number is rolled, everyone with access to that tile gets the resource.

                  If you’re halfway through a game and there have been very few sixes rolled, that could imply that there’s a genuine shortage of some resource (as distinct from a shortage due to other players hoarding), which has implications for what kind of trades you’re likely to be able to pull off.

                  1. 2

                    Makes sense, thanks for the information!

                  2. 1

                    When I first read it, I thought it was meant as a joke.

                    But now that you point it out, I realize I might have jumped to conclusions, and he might be serious.

                  1. 2

                    I’ve been using quart for an internal work project for over a year now and it’s really great. I previously used quart-openapi to provide OpenAPI functionality, but it’s great to hear that there is another solution out there that might require less boilerplate. Thanks @pgjones!

                    1. 9

                      Wanted to comment on the “Install Nix:” section since I helped narrowly with the Catalina installer update this May, just finished updating the Nix installer for Big Sur, and happen to be working this morning on a draft PR that may finally de-complicate Catalina+ installs.

                      This works.

                      Edit: I think I told a small lie; this method of install works, but the correct incantation is actually curl -L https://nixos.org/nix/install | sh :)

                      • Catalina with a T2 chip: sh <(curl -L https://nixos.org/nix/install) –darwin-use-unencrypted-nix-store-volume (according to the site, “unecrypted” is a misnomer as the chip will encrypt it anyway).

                      The scare-flag’s goal is to encourage anyone who cares (or is compelled to care by some policy) to go read the docs before installing. “Unencrypted” is only a ~misnomer for T2 macs and is quite accurate on non-T2 macs :)

                      • Catalina without a T2 chip: follow these instructions 4.

                      It isn’t this complicated/manual on a non-T2 Mac unless you use FileVault (in which case, the linked instructions are a good resource). If you do not use FileVault, sh <(curl -L https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volume should be sufficient.

                      1. 1

                        Thanks for the info! I’ll update the post later tonight.

                        1. 1

                          If you see it as an evergreen post, you may want to keep an eye on https://github.com/NixOS/nix/pull/4181. I can’t swear if/when it’ll land, but hopefully it’ll de-complicate things a little.

                      1. 1

                        While pretty cool, my major worry is that faces will be biased toward whatever the sample set is – we’re all gonna start looking like whatever Nvidia thinks we should look like. Admittedly this happens on a smaller scale whenever engineers pick coefficients for lossy compression algorithms, but usually that’s done based on psychoacoustic or psychovisual (?) terms as opposed to “this matched our sample set.”

                        1. 1

                          Bias is ‘loss’ in lossy compression; skin is smoother and blemishes fewer at lower bitrates as well in other encoders and so on. Predictable motion will be have favourable compression, arrive faster and appear smoother in streamed video – The point is, biases trickle in regardless of what you do. It is just that the author of the algorithm doesn’t have some magical conspiracy certified control switch. If the end results are not plausible it’ll not be adopted and you can verify the output by streaming to yourself.

                          If you look at examples of the same set of technqiues (search for ESRGAN in gaming and emulation forums) being applied for upsampling of old video games and current realtime raytracing (the other side of the sameish coin) you’ll see that it is more of a quality filter than it is the more questionable ‘style transfer’ (different but related).

                        1. 15

                          Obligatory reference to Urbit’s creator: https://en.wikipedia.org/wiki/Curtis_Yarvin.

                          Platforms are designed around their founders’ beliefs, so when a platform wants to “win” computing it may be a good idea to understand what “winning” means. More information is here.

                          1. 8

                            Please, please criticize the tech and not the developer.

                            Urbit developed by Mother Theresa or Obama or Mao would still be just as clunky.

                            And like yes, the obtuseness of Urbit makes it hard it read enough to actually engage with its technical shortcomings, but ugh.

                            It’s all so tiresome.

                            1. 6

                              Guess we’ll have to agree to disagree on this – I think these positions are too extreme to push aside regardless of how good the technology is. Imagine trying to give a presentation on the technological innovations of ReiserFS without mentioning anything about Hans Reiser. If the technology really is useful and politically agnostic it’ll show up elsewhere without the toxicness attached.

                              1. 6

                                This is one of those things where I think that ‘Death of the Author’ is actually really useful. It is commonly misunderstood as meaning that the author is irrelevant, when what it really means is that when we are analysing a thing, we don’t have to automatically defer to what an author claims, especially when they seem to be acting in bad faith, and sometimes the totality of an author is useful to show why a particular interpretation makes sense, though at the same time the faults of the author are not necessarily present in the thing.

                                For a timely example, there had been some discourse in the analysis of the Harry Potter books about transphobic messages (primarily around the character Rita Skeeter), as well as antisemitic and homophobic stuff. When the author publicly went mask off as a terf (as well as (debatably) a homophobe and a believer in antisemitic conspiracy theories), it really strengthened the analysis of the work. But it isn’t enough to go ‘JKR bad, so work bad’ - for it to be useful to the analysis you have to tie it to stuff in the work.

                                For an example of not being able to tie it to stuff in the work, you have the Haber process. Fritz Haber was involved in the invention of chemical warfare, a crime against humanity. His life is useful to contextualize the invention of the Haber process, but it doesn’t taint it or make it ‘morally unusable’, as chemical warfare is not somehow present in (or encoded into) the work.

                                I think that Curtis Yarvin’s beliefs are relevant here in a way that Hans Reiser’s crimes are not, because we can tie them to the structure of the work in the critique. For a few example:

                                • Purposeful obscurantism
                                • A system of hierarchy (while claiming no hierarchy)
                                • Too few ‘real person’ nodes by design for everyone to be a real person in the system
                                • A totalising feudal system structure which combines elements of fascism and feudalism
                                • Gibberish syncretic occultism, most obviously the way Urbit stuff uses things like ‘functional programming’ ‘determinism’ etc - Nock for example is in no sense a functional substrate with a formal analysis and a proof theory in the way they state it is - they don’t give either a denotational nor an operational semantics, there are way too many rules and reductions which are redundant and overlapping, there is no proof of progress or proof of consistency, no proof theory, etc etc etc.
                                • Constant lies about history especially about historic conditions, which ties in to the constant lies in the Urbit literature about the history of computing especially about performance comparisons - actually comparing Urbit’s throughput and reliability to DNS or the Visa payment network is illustrative here
                              2. 2

                                Urbit is an attempt to create a kind of digital feudalism. It /is/ a polittcal project at its heart: you can’t have an honest review of the project that ignores the political goals that the project embodies & you can’t really talk about that without talking about the politics of its founder(s).

                            1. 5

                              It’s not very high quality, but occasionally I’ve found useful open source tools on https://alternativeto.net/. It’s definitely more focused on end-user apps instead of libraries or infrastructure, but it’s better than nothing.

                              1. 34

                                A long time ago I was a huge fan of a certain programmer¹ who had a lot of technical prowess and put TONS of angry rants that I thought were funny in their code. Bashing other tech companies’ engineers in a funny way while writing awesome code seemed to be a great thing to aspire to. One day I decided to contribute a one-line patch to this programmer’s side project which was on their self-hosted git instance. Not wanting to go through the annoying process of setting up git to work with gmail for a one-line patch, I just typed the diff into what I thought was a decent and friendly email. I received no response and forgot about it.

                                A few months later the programmer, not realizing (or caring) that I followed them on twitter wrote a pointed angry rant about idiots who could only use github and not send in a properly formatted git patch. This was followed by a tweet asking a question about the thing my patch aimed to fix, meaning that the previous rant was almost certainly about me. Suddenly, all the programmer’s funny angry rants weren’t so funny anymore, and just made this programmer seem like… a jerk. They are now the CEO of a successful startup. Am I going to apply to work for them? Probably not. Am I going to use their product were I to need its features? Maybe, but with hesitation.

                                The whole reason I’m telling this story is to remind people that it’s possible to be opinionated without being a jerk, and that it’s bad to celebrate when people voice good opinions in a jerk-like way². The programmer in question could have emailed me back asking for a properly formatted git patch, privately complained to their friends, or expressed their frustration on twitter in a way that wasn’t mean. I think the last part is the most important – rants have their place to vent frustration (and clearly Drew is very frustrated) or even change people’s minds, but have a different tone entirely when one of the core aspects of a rant is “I am smarter and more ethical than these other people.”

                                I hope Drew’s concerns get addressed, but I also hope he is able to voice them more constructively in the future.

                                ¹ Left unnamed, but not @ddevault

                                ² See Linux Torvalds, for example

                                1. 16

                                  Not to pile on, but this is the reason I unfollowed Drew on fosstodon. How angry rants become very pointed and are sometimes on the brink of harassment.

                                  1. 5

                                    I didn’t even had to do that, he blocked me after insulting me. I still like to read his posts, but more for the spectacle than for objective opinions, really.

                                  2. 5

                                    rants have their place to vent frustration (and clearly Drew is very frustrated)

                                    I think this is key. Drew seems to be generally angry and frustrated with the state of the world, technology, ethics of technologists, etc. And he’s right to be angry, a lot of stuff sucks! Anger can be a good/useful emotion, if it drives you to change shitty situations instead of accepting them, and that’s something I admire about Drew, his refusal to take the status quo for granted and his ability to follow through on groundbreaking projects. (I’m rooting for Sourcehut because it isn’t a clone of Github, it has a different philosophy and design goals, whereas many open source products look like inferior knockoffs of some proprietary progenitor.) Maybe he wouldn’t be making the kind of software+projects he does if he weren’t so angry. But, like most things, anger can be toxic when taken to extremes or misdirected, and it can drive people away.

                                    Whenever I introduce one of Drew’s projects like Sourcehut to my friends/colleagues, or forward a post of his, I have to add the disclaimer that Drew is kind of a dick, even though I tend to agree with him on many things. At some point his anger may do more damage to his projects by preventing people from using or contributing to them than whatever motivational benefits his anger provides to his personal productivity.

                                    1. 5

                                      One of the effects of having some of my own posts being posted on sites like Reddit and Hacker News a few times is that I’ve become a lot more careful in how I comment on other people’s posts. In general, I strive to write anything public as if the author of the post would actually read it. In quite a few cases, they probably do.

                                      It’s easy to think you’re oh-so-witty-and-funny with your snarky sarcastic takes or whatever; but in reality it’s usually not, especially not over the internet.

                                      I’ll readily admit I don’t always succeed at this though; but I try. I sometimes rant a bit to my friends or girlfriend in private, which has the same frustration-venting effect and doesn’t upset anyone. Just because someone is wrong, or because you strongly disagree with them, isn’t a reason to be a jerk to them.

                                    1. 2

                                      Deleting tests or parts of an application to narrow down where a bug might be. If you have a VCS that supports local branches, it’s totally fine to go WILD with a codebase as long as your changes don’t get merged to your main branch. Deleting a bunch of passing tests or initialization code can speed up the fix/compile/test loop, helping you find the bug quicker.

                                      This also applies if you have a CI system where the CI configuration is stored in a file such as .travis.yml or a Jenkinsfile. Go ahead and rip stuff out of there if it’s in your way, just make sure you revert those changes before creating a PR.

                                      1. 4

                                        Yeah, I feel my lack of statistics knowledge sometimes leads me to the wrong conclusion (especially about performance measurements). Any crustaceans have stats programming book recommendations? Preferably Python (R is fine too) and project-driven?

                                        1. 2

                                          The end of the article lists a bunch of them.

                                          1. 2

                                            Oh yeah, but I was curious if anyone had further suggestions (particularly more modern books since the programming ones looked a bit dated)

                                            1. 1

                                              I enjoyed Statistics Done Wrong by Alex Reinhart. It’s not really a programming book but a catalog of common statistical errors, and is written in a more accessible style than your average textbook.

                                        1. 8

                                          Already seeing several friends complaining that they can’t use it because they have restricted it to people who have their phones set to use the German app store. https://github.com/corona-warn-app/cwa-app-android/issues/478 Here in Berlin immigrants make up something like 30% of the population, and there is generally no need to get a German phone when you move here. Add “app store location is where you physically live” to the list of myths programmers mistakenly believe in.

                                          1. 1

                                            I really wonder, what’s the goal of such measure?

                                            Let’s say I leave in a neighboring country like France for example, but work in Germany, it would make sense for me to have both apps, right? (Actually it would make even more sense to have one app for all countries, but that’s another story…). By tying the apps to a given national store, then it makes things harder, which is counter productive.

                                            1. 2

                                              My impression is that it was an easy way for Apple/Google to enforce the one app per country rule, but outside of that I’m not really sure.

                                              I had a similar weird experience when trying to purchase RainToday (en) while my phone was set to the US app store.¹ Many of MeteoGroup’s other apps are available in the US app store, but not RainToday, and when asked I simply got a response that “[t]he warnings and the radar in RainToday are not available for the USA. That’s why RainToday is not available in the US store.” I guess they didn’t want to deal with the support load of people buying the app and expecting it to work in the States.

                                              ¹ Dark Sky’s rain alerts don’t work in Europe, but that doesn’t even matter any more because the world sucks.

                                          1. 1

                                            I had always thought this was the reason the LOOP instruction was slow on Athlon and later processors: that it was artificially slowed down to support old timing routines. After reading this SO post, however, I’m not so sure anymore.

                                            1. 1

                                              I’ve found LWN to be consistently high-quality technical journalism, and well worth your (or your employer’s) money. If you’re working for a FAANG, it’s likely you can click a button and get it expensed. Older articles are available for free.

                                              One of the more fundamental aspects of my engineering philosophy with regard to optimization came from a quote in an LWN article from more than 10 years ago:

                                              “It’s not about booting faster, it’s about booting in 5 seconds.” Instead of saving a second here and there, set a time budget for the whole system, and make each step of the boot finish in its allotted time.

                                              That mentality has set me up for a lot of success in taming unruly systems.

                                              Outside of LWN, the asshole filter was a helpful post in dealing with cross-team communication. The tldr is: people want to get things done and if the official process is not the best way to do that, people are then incentivized to violate boundaries. I’ve seen this a lot in client-based teams that grow from ad-hoc email requests to a formal ticketing system: usually the ticketing system is where tickets go to die, while the clients know that to get real work done you just ping someone on the team directly. Eventually, the only way the ticket system survives is for people who get pinged to reject the ping: “Sorry, we’re trying to use the ticket system for this. Can you make a ticket and we’ll continue there?” By making the ticket system the best way to get something done, people are incentivized to do the right thing. Of course, this only works if the tickets are actually looked at and responded to, and only if the whole team makes a unified effort – otherwise the pings just get shifted somewhere else.

                                              1. 2

                                                Having used something like this in a previous life, I’m very excited to see a publicly available web-based VCS-backed IDE come to life. Congrats to the team!

                                                1. 1

                                                  xmake looks really interesting and is something I’ll probably consider for my next project (especially if the FreeBSD package is updated). The documentation that I’ve seen so far all does in-tree builds though, which is probably the worst antipattern in build-system design. Are they any docs for driving the build from the build directory?

                                                  1. 1

                                                    The documentation that I’ve seen so far all does in-tree builds though, which is probably the worst antipattern in build-system design. Are they any docs for driving the build from the build directory?

                                                    ? I do not understand it.

                                                    1. 1

                                                      @david_chisnall is asking if it is possible to build in a different directory than the directory with the source code. A good test for this is: “can I mount the source on a read-only filesystem, and compile somewhere else?” This is often useful for people who work on multiple branches in a large codebase, or CI systems for large codebases which heavily rely on caching.

                                                      1. 2

                                                        oh, it is supported. xmake will not write any files to the source directories by default, only write some target and cache files in curdir/build, tmp, curdir/.xmake and ~/.xmake directories, but we can also modify the location of these directories.

                                                        modify global and local cache directory

                                                        export XMAKE_GLOBAL_DIR=/xxx
                                                        export XMAKE_CONFIG_DIR=/yyy
                                                        

                                                        modify tmpdir

                                                        export XMAKE_TMP_DIR=/ttt
                                                        

                                                        modify the build output directory:

                                                        xmake f --buildir=xxx
                                                        xmake
                                                        
                                                        1. 3

                                                          ~/.xmake

                                                          Please, use XDG Base Directory instead.

                                                      2. 1

                                                        All of the examples (unless I am misreading them, please correct me if I’m wrong) run xmake from the source directory. Modern build systems drive the build from the build directory. This has a number of advantages:

                                                        • The source directory can be on a read-only or write-is-expensive filesystem (e.g. an aggressively cached local copy of a slow network filesystem), whereas the build directory can be on fast throw-away storage (e.g. the local SSD on a cloud VM).
                                                        • It’s easy to have different backup policies for the source and build directories.
                                                        • Your per-build configuration is stored in the build directory, so you can easily rerun.
                                                        • A completely clean build, even in the presence of build-system bugs, is trivial to do by simply deleting the build directory.
                                                        • You don’t need to add a load of things to .gitignore for build outputs and it’s really easy to keep your source tree clean.
                                                        • If you have generated source files, it’s trivial to tell the generated ones apart from the others (the generated ones are only in the build directory, not the source tree).

                                                        With CMake (which has many other problems), the normal workflow is:

                                                        1. Create a new build directory.
                                                        2. Run ccmake to configure the build with all of the options that you want.
                                                        3. Run ninja to build it.

                                                        You can repeat these steps for multiple build configurations and you can build each independently. For example, for LLVM I have a release build and a debug+ASan build that I can link against, and when I’m writing something that depends on LLVM libraries I will do the same thing and have a release build and a debug build with ASan. When I want rapid edit-compile-test cycles, I use the release build, but as soon as something goes wrong I switch to the ASan version and get much more useful debugging information.

                                                        In contrast, the instructions that I read for xmake said to run xmake in the source directory. This makes me really nervous, because it remind me of the bad old days when you ran make in your source directory and got a load of generated files interleaved.

                                                        The tool I would like is something that I can use in the same way that I use CMake but where the input language is not a horrible macro language that’s been gradually extended and where there is clean layering in the standard library with nothing hard-coded in the tool (for example, the way CMake hard codes the flags that it passes to cl.exe).

                                                        1. 2

                                                          Although xmake runs by default in the root directory of the project with the xmake.lua file, it will not write any files to the source directory. All files will be generated in a separate build directory.

                                                          cd projectdir
                                                          xmake
                                                          

                                                          It will generate ‘build’ and ‘.xmake’ directories to projectdir.

                                                          But the build directory can also be modified.

                                                          cd projectdir
                                                          xmake f --buildir=/tmp/build
                                                          xmake
                                                          

                                                          But xmake still generate .xmake directory to projectdir/.xmake

                                                          we can also do not generate .xmake to projectdir

                                                           export XMAKE_CONFIG_DIR=/tmp/build/cache
                                                          xmake f --buildir=/tmp/build
                                                          xmake
                                                          

                                                          Now, even xmake is still running under the project directory, but the project directory will always be very clean.

                                                          In addition, xmake can also not run under the project directory.

                                                           cd otherdir
                                                           xmake -P projectdir
                                                          
                                                          1. 1

                                                            Thanks, it sounds as if it can do what I want. It’s a shame that the documentation and default behaviour encourages bad style though.