1. 5

    It’s not very high quality, but occasionally I’ve found useful open source tools on https://alternativeto.net/. It’s definitely more focused on end-user apps instead of libraries or infrastructure, but it’s better than nothing.

    1. 33

      A long time ago I was a huge fan of a certain programmer¹ who had a lot of technical prowess and put TONS of angry rants that I thought were funny in their code. Bashing other tech companies’ engineers in a funny way while writing awesome code seemed to be a great thing to aspire to. One day I decided to contribute a one-line patch to this programmer’s side project which was on their self-hosted git instance. Not wanting to go through the annoying process of setting up git to work with gmail for a one-line patch, I just typed the diff into what I thought was a decent and friendly email. I received no response and forgot about it.

      A few months later the programmer, not realizing (or caring) that I followed them on twitter wrote a pointed angry rant about idiots who could only use github and not send in a properly formatted git patch. This was followed by a tweet asking a question about the thing my patch aimed to fix, meaning that the previous rant was almost certainly about me. Suddenly, all the programmer’s funny angry rants weren’t so funny anymore, and just made this programmer seem like… a jerk. They are now the CEO of a successful startup. Am I going to apply to work for them? Probably not. Am I going to use their product were I to need its features? Maybe, but with hesitation.

      The whole reason I’m telling this story is to remind people that it’s possible to be opinionated without being a jerk, and that it’s bad to celebrate when people voice good opinions in a jerk-like way². The programmer in question could have emailed me back asking for a properly formatted git patch, privately complained to their friends, or expressed their frustration on twitter in a way that wasn’t mean. I think the last part is the most important – rants have their place to vent frustration (and clearly Drew is very frustrated) or even change people’s minds, but have a different tone entirely when one of the core aspects of a rant is “I am smarter and more ethical than these other people.”

      I hope Drew’s concerns get addressed, but I also hope he is able to voice them more constructively in the future.

      ¹ Left unnamed, but not @ddevault

      ² See Linux Torvalds, for example

      1. 16

        Not to pile on, but this is the reason I unfollowed Drew on fosstodon. How angry rants become very pointed and are sometimes on the brink of harassment.

        1. 5

          I didn’t even had to do that, he blocked me after insulting me. I still like to read his posts, but more for the spectacle than for objective opinions, really.

        2. 5

          rants have their place to vent frustration (and clearly Drew is very frustrated)

          I think this is key. Drew seems to be generally angry and frustrated with the state of the world, technology, ethics of technologists, etc. And he’s right to be angry, a lot of stuff sucks! Anger can be a good/useful emotion, if it drives you to change shitty situations instead of accepting them, and that’s something I admire about Drew, his refusal to take the status quo for granted and his ability to follow through on groundbreaking projects. (I’m rooting for Sourcehut because it isn’t a clone of Github, it has a different philosophy and design goals, whereas many open source products look like inferior knockoffs of some proprietary progenitor.) Maybe he wouldn’t be making the kind of software+projects he does if he weren’t so angry. But, like most things, anger can be toxic when taken to extremes or misdirected, and it can drive people away.

          Whenever I introduce one of Drew’s projects like Sourcehut to my friends/colleagues, or forward a post of his, I have to add the disclaimer that Drew is kind of a dick, even though I tend to agree with him on many things. At some point his anger may do more damage to his projects by preventing people from using or contributing to them than whatever motivational benefits his anger provides to his personal productivity.

          1. 4

            One of the effects of having some of my own posts being posted on sites like Reddit and Hacker News a few times is that I’ve become a lot more careful in how I comment on other people’s posts. In general, I strive to write anything public as if the author of the post would actually read it. In quite a few cases, they probably do.

            It’s easy to think you’re oh-so-witty-and-funny with your snarky sarcastic takes or whatever; but in reality it’s usually not, especially not over the internet.

            I’ll readily admit I don’t always succeed at this though; but I try. I sometimes rant a bit to my friends or girlfriend in private, which has the same frustration-venting effect and doesn’t upset anyone. Just because someone is wrong, or because you strongly disagree with them, isn’t a reason to be a jerk to them.

          1. 2

            Deleting tests or parts of an application to narrow down where a bug might be. If you have a VCS that supports local branches, it’s totally fine to go WILD with a codebase as long as your changes don’t get merged to your main branch. Deleting a bunch of passing tests or initialization code can speed up the fix/compile/test loop, helping you find the bug quicker.

            This also applies if you have a CI system where the CI configuration is stored in a file such as .travis.yml or a Jenkinsfile. Go ahead and rip stuff out of there if it’s in your way, just make sure you revert those changes before creating a PR.

            1. 4

              Yeah, I feel my lack of statistics knowledge sometimes leads me to the wrong conclusion (especially about performance measurements). Any crustaceans have stats programming book recommendations? Preferably Python (R is fine too) and project-driven?

              1. 2

                The end of the article lists a bunch of them.

                1. 2

                  Oh yeah, but I was curious if anyone had further suggestions (particularly more modern books since the programming ones looked a bit dated)

                  1. 1

                    I enjoyed Statistics Done Wrong by Alex Reinhart. It’s not really a programming book but a catalog of common statistical errors, and is written in a more accessible style than your average textbook.

              1. 8

                Already seeing several friends complaining that they can’t use it because they have restricted it to people who have their phones set to use the German app store. https://github.com/corona-warn-app/cwa-app-android/issues/478 Here in Berlin immigrants make up something like 30% of the population, and there is generally no need to get a German phone when you move here. Add “app store location is where you physically live” to the list of myths programmers mistakenly believe in.

                1. 1

                  I really wonder, what’s the goal of such measure?

                  Let’s say I leave in a neighboring country like France for example, but work in Germany, it would make sense for me to have both apps, right? (Actually it would make even more sense to have one app for all countries, but that’s another story…). By tying the apps to a given national store, then it makes things harder, which is counter productive.

                  1. 2

                    My impression is that it was an easy way for Apple/Google to enforce the one app per country rule, but outside of that I’m not really sure.

                    I had a similar weird experience when trying to purchase RainToday (en) while my phone was set to the US app store.¹ Many of MeteoGroup’s other apps are available in the US app store, but not RainToday, and when asked I simply got a response that “[t]he warnings and the radar in RainToday are not available for the USA. That’s why RainToday is not available in the US store.” I guess they didn’t want to deal with the support load of people buying the app and expecting it to work in the States.

                    ¹ Dark Sky’s rain alerts don’t work in Europe, but that doesn’t even matter any more because the world sucks.

                1. 1

                  I had always thought this was the reason the LOOP instruction was slow on Athlon and later processors: that it was artificially slowed down to support old timing routines. After reading this SO post, however, I’m not so sure anymore.

                  1. 1

                    I’ve found LWN to be consistently high-quality technical journalism, and well worth your (or your employer’s) money. If you’re working for a FAANG, it’s likely you can click a button and get it expensed. Older articles are available for free.

                    One of the more fundamental aspects of my engineering philosophy with regard to optimization came from a quote in an LWN article from more than 10 years ago:

                    “It’s not about booting faster, it’s about booting in 5 seconds.” Instead of saving a second here and there, set a time budget for the whole system, and make each step of the boot finish in its allotted time.

                    That mentality has set me up for a lot of success in taming unruly systems.

                    Outside of LWN, the asshole filter was a helpful post in dealing with cross-team communication. The tldr is: people want to get things done and if the official process is not the best way to do that, people are then incentivized to violate boundaries. I’ve seen this a lot in client-based teams that grow from ad-hoc email requests to a formal ticketing system: usually the ticketing system is where tickets go to die, while the clients know that to get real work done you just ping someone on the team directly. Eventually, the only way the ticket system survives is for people who get pinged to reject the ping: “Sorry, we’re trying to use the ticket system for this. Can you make a ticket and we’ll continue there?” By making the ticket system the best way to get something done, people are incentivized to do the right thing. Of course, this only works if the tickets are actually looked at and responded to, and only if the whole team makes a unified effort – otherwise the pings just get shifted somewhere else.

                    1. 2

                      Having used something like this in a previous life, I’m very excited to see a publicly available web-based VCS-backed IDE come to life. Congrats to the team!

                      1. 1

                        xmake looks really interesting and is something I’ll probably consider for my next project (especially if the FreeBSD package is updated). The documentation that I’ve seen so far all does in-tree builds though, which is probably the worst antipattern in build-system design. Are they any docs for driving the build from the build directory?

                        1. 1

                          The documentation that I’ve seen so far all does in-tree builds though, which is probably the worst antipattern in build-system design. Are they any docs for driving the build from the build directory?

                          ? I do not understand it.

                          1. 1

                            @david_chisnall is asking if it is possible to build in a different directory than the directory with the source code. A good test for this is: “can I mount the source on a read-only filesystem, and compile somewhere else?” This is often useful for people who work on multiple branches in a large codebase, or CI systems for large codebases which heavily rely on caching.

                            1. 2

                              oh, it is supported. xmake will not write any files to the source directories by default, only write some target and cache files in curdir/build, tmp, curdir/.xmake and ~/.xmake directories, but we can also modify the location of these directories.

                              modify global and local cache directory

                              export XMAKE_GLOBAL_DIR=/xxx
                              export XMAKE_CONFIG_DIR=/yyy

                              modify tmpdir

                              export XMAKE_TMP_DIR=/ttt

                              modify the build output directory:

                              xmake f --buildir=xxx
                              1. 3


                                Please, use XDG Base Directory instead.

                            2. 1

                              All of the examples (unless I am misreading them, please correct me if I’m wrong) run xmake from the source directory. Modern build systems drive the build from the build directory. This has a number of advantages:

                              • The source directory can be on a read-only or write-is-expensive filesystem (e.g. an aggressively cached local copy of a slow network filesystem), whereas the build directory can be on fast throw-away storage (e.g. the local SSD on a cloud VM).
                              • It’s easy to have different backup policies for the source and build directories.
                              • Your per-build configuration is stored in the build directory, so you can easily rerun.
                              • A completely clean build, even in the presence of build-system bugs, is trivial to do by simply deleting the build directory.
                              • You don’t need to add a load of things to .gitignore for build outputs and it’s really easy to keep your source tree clean.
                              • If you have generated source files, it’s trivial to tell the generated ones apart from the others (the generated ones are only in the build directory, not the source tree).

                              With CMake (which has many other problems), the normal workflow is:

                              1. Create a new build directory.
                              2. Run ccmake to configure the build with all of the options that you want.
                              3. Run ninja to build it.

                              You can repeat these steps for multiple build configurations and you can build each independently. For example, for LLVM I have a release build and a debug+ASan build that I can link against, and when I’m writing something that depends on LLVM libraries I will do the same thing and have a release build and a debug build with ASan. When I want rapid edit-compile-test cycles, I use the release build, but as soon as something goes wrong I switch to the ASan version and get much more useful debugging information.

                              In contrast, the instructions that I read for xmake said to run xmake in the source directory. This makes me really nervous, because it remind me of the bad old days when you ran make in your source directory and got a load of generated files interleaved.

                              The tool I would like is something that I can use in the same way that I use CMake but where the input language is not a horrible macro language that’s been gradually extended and where there is clean layering in the standard library with nothing hard-coded in the tool (for example, the way CMake hard codes the flags that it passes to cl.exe).

                              1. 2

                                Although xmake runs by default in the root directory of the project with the xmake.lua file, it will not write any files to the source directory. All files will be generated in a separate build directory.

                                cd projectdir

                                It will generate ‘build’ and ‘.xmake’ directories to projectdir.

                                But the build directory can also be modified.

                                cd projectdir
                                xmake f --buildir=/tmp/build

                                But xmake still generate .xmake directory to projectdir/.xmake

                                we can also do not generate .xmake to projectdir

                                 export XMAKE_CONFIG_DIR=/tmp/build/cache
                                xmake f --buildir=/tmp/build

                                Now, even xmake is still running under the project directory, but the project directory will always be very clean.

                                In addition, xmake can also not run under the project directory.

                                 cd otherdir
                                 xmake -P projectdir
                                1. 1

                                  Thanks, it sounds as if it can do what I want. It’s a shame that the documentation and default behaviour encourages bad style though.

                          1. 2
                            • Sublime Text - I’m still astonished at how fast it renders/scrolls.
                            • Sublime Merge - my day job has a heavy rebase/commit split workflow, and Sublime Merge is a godsend when doing tricky interactive rebases.
                            • autojump - as mentioned earlier. It’s one of the first things I install on a new workstation. I believe there are alternates such as z and fasd which you may want to check out.
                            • Pull Reminders - I absolutely hate email notifications, and things like review requests or responses to comments usually get buried in my inbox. I also find the GitHub notification workflow suboptimal – I still have to click to archive notifications, which means they pile up, which means things get lost. By hooking up Pull Reminders to Slack I get notifications that I don’t have to click to archive. This has dramatically reduced my response time to PRs.
                            • Pull Assigner - Automatic PR assignment has made reviews in a team go much smoother. Without this, I often find teams fall into bimodal patterns where a few people review everything and the other people don’t respond due to bystander effect.
                            • mtr - A fantastic way to diagnose latency and packet loss issues in your network. I feel like it’s not as well known as it should be.
                            • A “percentile latency” graph - I’m not sure if there is an official term for it, but a graph where the X axis is a percentile and the Y axis is latency. I first saw these in Gil Tene’s How Not to Measure Latency (summarized here) and was blown away – not only are they very effective at describing how a system operates in normal cases and at the limits, but you can directly lay your SLAs on top of them and see how much wiggle room you have before you’re in violation.
                            • black and isort - mentioned otherwise in this submission, but a great way to focus more on the code instead of the style.
                            1. 2

                              I just wanted to circle back and say that I ended up going with @colindean’s recommendation and bought a Ubiquiti Dream Machine. So far I’m really happy with it, although it was confusing to set up at first.

                              For the record: for home use you probably want to set it up using “remote access” (formerly called “cloud access”), and access the controller via https://unifi.ui.com/. It’s possible to log in via the controller’s IP address directly, but then you’d need to accept its cert or bypass SSL cert verification. Additionally, read performance optimizations from the Ubiquiti forums with a grain of salt – some of those people are optimizing for business or conference installations with dozens or hundreds of devices, and what they recommend may not be appropriate for a home network with different use cases and constraints.

                              Other than that initial setup, it seems to do everything I want. Thanks again!

                              1. 1

                                Glad to hear it. Welcome to the Ubiquiti world!

                              1. 7

                                Avoid meshes if you can. You’ll want n access points, where n is an integer and depends on the area to cover. Connect those access points to the upstream using cabled ethernet.

                                Mesh is fine if you want coverage, not so fine if you want capacity in a saturated environment. Every packet has to be sent more than once across the air, and the impact of that is worse than a doubling because if the way radio time is shared.

                                Clueful friends of mine tend to use either Ubiquiti or Mikrotik. One has Cisco Aironets brought home from work when they replaced them with new radios. I have Mikrotik hardware myself, the oldest is 10+ years old at this point and still receiving OS upgrades. If you consider Mikrotik, look for metal hardware, not plastic. The metal is built to last.

                                My own policy is to use those slow old APs forever, and to say that if something wants 100Mbps or more then that device needs an ethernet cable. That’s been a good policy for me in practice. For example it’s kept the WLAN free of bandwidth hogs, even if those hogs (like a few giant rsync jobs I run) aren’t time sensitive.

                                1. 2

                                  [I asked an extended version of this in a different reply in this thread]

                                  Is there anything special you need to do to enable switching amongst the various access points as you wander around the house?

                                  1. 1

                                    Enable, no, but there are things you can do to improve quality of service. I use a Mikrotik feature called capsman, I understand that Ubiquiti and Cisco Aironet provide the same functionality. (I don’t know about other vendors, those three are just what friends of mine use.)

                                    The only thing to watch out for is really that you have to purchase APs from one vendor if you want the nice roaming. If you mix brands, TCP connections will be interrupted when you move through the house, and a moving station may remain connected to an AP for as long a that’s possible, not just for as long as that AP is the best choice.

                                  2. 1

                                    You’ll want n access points, where n is an integer and depends on the area to cover. Connect those access points to the upstream using cabled ethernet.

                                    If I could get ethernet to everywhere I want wifi, I wouldn’t need the wifi.

                                    1. 1

                                      That’s true of course, but isn’t it rather beyond the point? The goal is to get ethernet to enough points that the entire area has a good WLAN signal.

                                      When I installed my cables I strictly needed two APs, but I got three instead in order to simplify the cabling. More APs, but less work pulling cables.

                                    2. 1

                                      I don’t know if you’d call the environment saturated here in an urban road but mesh is working nicely. No dropouts, fast, covers everything, cheap. What sort of environment would cause it trouble?

                                      1. 2

                                        At one point 27 different WLANs were visible in what’s now our kitchen, two of them often with a great deal of traffic, and intuitively I think there was some other noise source, not sure what. That was usually good, occasionally saturated, and bulk transfer throughput would drop deep, even as low as 1Mbps. I cabled and now I don’t need pay attention to the spectral graph.

                                        I’ve worked in an office where over 50 WLANs from various departments and companies in the same building were visible. Some people did >100-gigabyte file transfers over our WLAN, so I expect our WLAN bothered the other companies as much as their us. The spectral graph was pure black.

                                        1. 1

                                          As of right now, I see 21 networks from a Macbook in my living room. 2 of those are even hotspots from the street, run by competing phone companies. It doesn’t help that many ISPs offer “homespots,” where customers who rent their router create several SSIDs – one for the user, and one for other customers of that ISP to use as a hotspot. So I guess mesh is not a good idea where I am.

                                          1. 2

                                            Well, most people don’t have a lot of guests who transmit a lot of traffic, so maybe?

                                            Still, I haven’t regretted the cable I had installed. Remember that you can simplify the problem, you don’t have to install the cable along the most difficult route.

                                    1. 2

                                      It’s been mentioned in passing a few times in here, but I wanted to call it out specifically: @pytest.mark.parametrize is great. The syntax takes a little getting used to (you have to feed it a string of comma-separated parameter names) but other than that it works as expected. As a bonus, you can stack multiple @pytest.mark.parameterize decorators on a test to get a cartesian product of test cases.

                                      1. 3

                                        I’ve been using Nix (NixOS?) as a replacement for Homebrew and so far it’s been pretty good. Not the best learning curve but so far I’ve been able to install the packages I need (although getting git installed with shell completion took up the better part of an afternoon…). The main reason I like it over Homebrew is that every time I go to install a package I’m not rolling the dice on how long the operation will take. Homebrew operations seem to take 5 seconds or 15 minutes depending on whether it needs to recompile openSSL or not, and you can’t predict this before you run brew install… Good to know that from the packager’s side it’s a bit more tricky.

                                        1. 1

                                          iPhone Fits-In-Your-Hand (SE). I thought about giving in and buying a 7 over the holidays but decided to stick with this until it dies or they release another phone this size.

                                          1. 6

                                            I find it curious that the Blink team at Google takes this action in order to prevent various other teams at Google from doing harmful user-agent sniffing to block browsers they don’t like. Google certainly isn’t the only ones, but they’re some of the biggest user-agent sniffing abusers.

                                            FWIW, I think it’s a good step, nobody needs to know I’m on Ubuntu Linux using X11 on an x86_64 CPU running Firefox 74 with Gecko 20100101. At most, the Firefox/74 part is relevant, but even that has limited value.

                                            1. 14

                                              They still want to know that. The mail contains a link to the proposed “user agent client hints” RFC, which splits the user agent into multiple more standardized headers the server has to request, making “user-agent sniffing” more effective.

                                              1. 4

                                                Oh. That’s sad. I read through a bit of the RFC now, and yeah, I don’t see why corporations wouldn’t just ask for everything and have slightly more reliable fingerprinting while still blocking browsers they don’t like. I don’t see how the proposed replacement isn’t also “an abundant source of compatibility issues … resulting in browsers lying about themselves … and sites (including Google properties) being broken in some browsers for no good reason”.

                                                What possible use case could a website have for knowing whether I’m on ARM or Risc-V or x86 or x86_64 other than fingerprinting? How is it responsible to let the server ask for the exact model of device you’re using?

                                                The spec even contains wording like “To set the Sec-CH-Platform header for a request, given a request (r), user agents MUST: […] Let value be a Structured Header object whose value is the user agent’s platform brand and version”, so there’s not even any space for a browser to offer an anti-fingerprinting setting and still claim to be compliant.

                                                1. 4

                                                  What possible use case could a website have for knowing whether I’m on ARM or Risc-V or x86 or x86_64 other than fingerprinting?

                                                  Software download links.

                                                  How is it responsible to let the server ask for the exact model of device you’re using?

                                                  … Okay, I’ve got nothing. At least the W3C has the presence of mind to ask the same question. This is literally “Issue 1” in the spec.

                                                  1. 3

                                                    Okay, I’ve got nothing.

                                                    I have a use case for it. I’ve a server which users run on a intranet (typically either just an access point, or a mobile phone hotspot), with web browsers running on random personal tablets/mobile devices. Given that the users are generally not technical, they’d probably be able to identify a connected device as “iPad” versus “Samsung S10” if I can show that in the web app (or at least ask around to figure out whose device it is), but will not be able to do much with e.g an IP address.

                                                    Obviously pretty niche. I have more secure solutions planned for this, however I’d like to keep the low barrier to entry that knowing the hardware type from user agent provides in addition to those.

                                                  2. 2

                                                    What possible use case could a website have for knowing whether I’m on ARM or Risc-V or x86 or x86_64 other than fingerprinting?

                                                    Benchmarking and profiling. If your site performance starts tanking on one kind of processor on phones in the Philippines, you probably want to know that to see what you can do about it.

                                                    Additionally, you can build a website with a certain performance budget when you know what your market minimally has. See the Steam Hardware and Software Survey for an example of this in the desktop videogame world.

                                                    Finally, if you generally know what kinds of devices your customers are using, you can buy a bunch of those for your QA lab to make sure users are getting good real-world performance.

                                                2. 7

                                                  Gecko 20100101

                                                  Amusingly, this date is a static string — it is already frozen for compatibility reasons.

                                                  1. 2

                                                    Any site that offers you/administrators a “login history” view benefits from somewhat accurate information. Knowing the CPU type or window system probably doesn’t help much, but knowing it’s Firefox on Ubuntu combined with a location lookup from your IP is certainly a reasonable description to identify if it’s you or someone else using the account.

                                                    1. 2

                                                      There are terms I’d certainly like sites to know if I’m using a minority browser or a minority platform, though. Yes, there are downsides because of the risk of fingerprinting, but it’s good to remind sites that people like me exist.

                                                      1. 1

                                                        Though the audience here will play the world’s tiniest violin regarding for those affected the technical impact aspect may be of interest.

                                                        The version numbering is useful low-hanging-fruit method in the ad-tech industry to catch fraud. A lot of bad actors use either just old browsers[1] or skew browser usage ratios; though of course most ‘fraud’ detection methods are native and just assume anything older than two major releases is fraud and ignore details such as LTS releases.

                                                        [1] persuade the user to install a ‘useful’ tool and it sits as a background task burning ads or as a replacement for the users regular browser (never updated)

                                                      1. 2

                                                        I was happy to see GoatCounter come up recently, as I keep thinking “you know, all these cookie warnings are only needed if you use third-party analytics” and was wondering if someone offered analytics without that. I hope this gives them a boost!

                                                        1. 4

                                                          Sublime may not have the tight integration you’d get from other IDEs, but it does have the advantage of being fast. It’s been effectively jank-free since I switched to it several years ago. If VS Code isn’t powerful enough then Sublime + plugins probably won’t be either, but I did want to at least give it a mention.

                                                          1. 1

                                                            Sublime (with anaconda, terminus) and use of pudb (in a separate terminal window) for stepping through code.

                                                            Bias: This is my spare-time coding setup on a 5-6 year old laptop, feel like I’d invest in an IDE if I was writing python more regularly.

                                                          1. 7

                                                            I feel like the original post (and some of the subsequent discussion here) is full of armchair quarterbacking and general smugness, even though I do sympathize with the fact that computers are ridiculously faster than 10 years ago but somehow seem slower (Dan Luu dives into that a bit if you’re interested). That said, I don’t think the problem is frameworks-upon-frameworks or leaky abstractions or that modern developers don’t have a Mel-like total understanding of every transistor on their system.

                                                            My view of the problem is that developers are reluctant to acknowledge that, as a complex system, software will always run in a degraded mode. If you acknowledge that things can’t be perfect, you can shift the discussion to how much you want to spend to approach perfection. Conversely, you can then think about where you want to spend your time with that budget.

                                                            1. 1

                                                              I’m going for the first time but don’t have any specific plans. Hoping to wander around and check out cool stuff.