-
Elixir is an obvious alternative. However, maybe another option is a language close to Erlang that compiles to it or its bytecode that just fixes issues like this. Esp syntax.
-
My feeling is that Elixir is exactly this. While it brings a bit of runtime, you’re close enough to the Erlang VM to be able to do pretty much everything you can do in Erlang.
If you ignore the standard library etc. and just focus on the language, it does pretty much what you describe: Fix the shortcomings regarding pattern matching, variable naming, …
-
-
-
I’ve seen this before in Piet :-)
See
Piin http://www.dangermouse.net/esoteric/piet/samples.html (direct link to image: http://www.dangermouse.net/esoteric/piet/piet_pi_big.png)
-
MasonJar
5 months ago
|
link
| on:
Considering using Golang for my main language for web development
Backing up a bit, what kind of web apps are you building, and what makes you interested in using Go for it?
-
Apart “standard” CRUD stuff, some of the applications would benefit from first class asynchroneous support and sometimes they do quite a bit of data crunching so the ability to utilize all cores would be a plus. I can sidestep most of the problems of python but a strongly typed and faster language wouldn’t hurt. Although I can see that lack of generics brings its own problems to the table.
-
I’ve only worked with Go a bit, and I’m rather skeptical of it’s efficiency for developing CRUD apps. Nothing posted in the rest of this thread so far has inclined me to think otherwise. I could see a couple of ways to go then:
-
Just implement it all in Python or something, wait and see what parts (if any) are hurting from lack of concurrency, raw computation speed, and strong typing, then convert those bits to Go, and communicate with the web process via whatever makes sense.
-
Design with a front-end in something more convenient and a computation back-end in Go from the start, thus having the communication designed well from the start and avoiding trying to implement something in Python that probably won’t do the job well enough.
-
All-in on Go, make it all in Go, whatever warts it may have for CRUD basics.
If you’re thinking hard about 3, I’d try and pick up whatever frameworks look decent here and build a simple demo CRUD webapp in Go with 1 or 2 models and see how that goes before making the call.
I also wonder if an all-Go webapp would pair well with a frontend-heavy design with React and Redux. Let the front-end stuff handle the templating and most of the routing, and let the Go code do what it’s best at - slinging JSON and DB queries around and computing business logic.
-
-
-
-
Elixir runs on the Erlang VM which is one of the most robust and mature ecosystems of all. If you’re not familiar with Erlang, take a look at the history (it was developed for telecommunications) and then a look at Elixir itself.
If you want to write web applications, http://phoenixframework.org/ is the web framework in the Elixir world. It’s still quite modular, so it’s easy to start your own project from parts (persistence, webserver, request handling) without using the whole framework.
-
-
-
-
If you need asynchronous support to handle a huge amount of concurrent user connections, Go will be valuable. If the async stuff and data crunching you need would work as asynchronous background jobs, then writing the web app in Python, using a job queue, and writing the job runners in Go would be a good move. Or even Python with numpy if applicable, since numpy will be faster and easier than Go at matrix math and the other things it specializes in.
I personally don’t like Go for web development. It’s a lower level language that’s great for writing network services in general, but slinging HTML is on the tedious side.
I’m also trying to wrap my head around the fact that there are tons of db drivers, when I looked last time 2 years ago I was completely unsure which one would be the right to use - are there some “language standards” that are most used and supported well by community?
For what database? For Postgres, github.com/lib/pq is the de facto standard; for MySQL, github.com/go-sql-driver/mysql. They are both used by the Go project for integration tests of
database/sql, as described on the github.com/golang/go wiki page here.
-
-
-
the-kenny
6 months ago
|
link
| on:
Is it possible to make the donation progress bar hideable / collapsable?
With uBlock you can hide elements client-side.
-
-
the-kenny
6 months ago
|
link
| on:
network-gamepads: Stream input devices (keyboards, mouses, gamepads, etc) over a network connection
Do you have any idea how it compares (performance-wise) to USBIP (http://usbip.sourceforge.net/ also in the Linux Kernel)?
-
No, we actually did no formal performance benchmarks, but we use it quite heavily for multiplayer emulation games, and so far everyone was very satisfied with latency, responsiveness and general controller-feel. Very interesting point though, I’d like to do that some time!
One feature that I imagine is hard to do with USBIP is filtering the input - since we don’t want people using their keyboard/mouse on the gaming rig, we filter for the gamepad axes and buttons, which works a treat!
In addition, we can use non-USB devices on the client (e.g. PS/2) and even non-devices (the repo contains the slightly out-of-date
osc-xlater, which translates a set of OSC messages sent by eg. a smartphone into a gamepad emulation). I also believe our approach requires fewer privileges in comparison to USBIP, as we can run with user privileges for both components if configured correctly.
-
-
It’s a bit sad he’s taking Rust mostly as a stepping stone to sell his thing. For example, he’s not showing any examples of code that actually has that problem. But, he’s definitely right.
That being said, I find the following comment from Manish worth cross-posting: https://www.reddit.com/r/rust/comments/7sq8xl/unsafe_zig_is_safer_than_unsafe_rust/dt75ny6/
I mean, unsafe C++ is also safer than unsafe rust (all zig is unsafe zig, all c++ is unsafe c++)
Generally c++ does try to make it tedious to do really footgunny things. It’s hard to compare because UB is UB and nasal demons come out regardless, but ime the scarier kinds can be harder to trigger in c++ in many cases. Plus Rust has noalias. But this is very anecdotal, others may disagree.
-
I don’t see why it is sad, it seems quite intelligent for him to adopt strategies that reach his target audience. What would really be sad is if he did all that work making zig and nobody gave it a shot because there was no reasonable way to get people to read about it.
-
It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.
Framing it as “Zig gets pointer alignment right” and using Rust as an example later in the post is a much better strategy. People appreciate if you point out flaws in a not-too-annoying way. That’s for example a reason why I promote Pony at any moment I can, they really get this right.
In any case, I definitely don’t intent on telling you how you should feel about it. I don’t like it and Rust happens to be the project I align with :).
-
I understand what you’re saying about putting it in a positive light instead, but honestly I’m not sure I would’ve read the article if it had been “Zig gets pointer alignment right”.
Rust has taken a similar approach, many times it has taken “shots” at C++ and Go (I say “Rust” but of course it’s about individuals) and that is fine IMO. It is both helpful for the language to get attention, and helpful for the reader to have it compared to something more widely known.
I’m keeping an interested eye on Zig as I think it can turn into something great, that “better C” place that’s closer to C than Go and farther from C++ than Rust (that’s my impression of the language, I may be wrong as I don’t follow it that closely yet).
-
-
I don’t see it as taking a shot at Rust.
The post starts with a language that’s safe-by-default with the temporal safety very rare in general. Cyclone and Clay are only predecessors coming to mind. The post then drops into unsafe Rust to focus on its weakest area: an area where you really want external tools like symbolic analysis or fuzzers running on it like with C. Then, post compares another language, Zig, with less safety in general to Rust in unsafe mode to show unsafe Rust is less safe in a specific case. Readers will find that the post pushing Zig sniping a weak area of Rust is also written by the author of Zig.
That is exactly how most language promoters take a cheap shot at another language getting more attention. You might have not intended it that way but many readers will perceive it that way. skade’s suggested framing here is always better for this sort of thing. Double true if you’re authoring both the post and a competing language.
And good luck on Zig since it’s an interesting language in the system space which I love seeing people try to improve. :)
-
-
It’s generally not a good strategy to take simple shots at others. We’re as excited about zig as anyone else, but this sets up for an annoying and unnecessary competition.
It is a competition already, people can only use a finite number of programming languages. If someone is using rust on a project, they are not using zig and vice versa.
-
-
-
Not requiring a keyword to do unsafe operations doesn’t mean all code in a language is unsafe, it just isn’t explicitly spelled out when it is.
-
-
-
That’s exactly it. Wirth did this in his languages like Oberon. Safe by default with unsafe modules saying so loud and clear.
-
-
-
-
Note that in
diredyou can doC-c C-qto make the buffer editable, rename or modify the files however you want, then commit the changes viaC-c C-c-
Yes. I describe that in my final paragraph, although I use
C-x C-q, sinceC-c C-qdoesn’t work here.Hot editing the directory listing itself is brilliant, the first time I did it was certainly one of those mind-expanding moments that
emacshas so many of.EDIT: oh I get it now, you were explaining my final paragraph for me… Thank you. :)
-
-
Nice & short introduction to assembler. Easy to follow too!
Just never even think about using something like this for real medical stuff :)
-
My first reaction was that readers from high-assurance field would have collective heart attack at the words try assembly programming followed by “for drug calculations.” They’d say, “If they’re using assembly for that, why did we waste all this time building static analysis tools and automated provers for these kinds of calculations?!” Fortunately, it’s just a learning exercise. I didn’t get an increased heart rate this time. :)
-
-
the-kenny
8 months ago
|
link
| on:
Do you work with a SOC & board that can easily hold OpenWRT? I need advise pls.
Do you have a power supply?
-
paluche
8 months ago
|
link
| on:
I'm Sorry You Feel This Way NatWest, but HTTPS on Your Landing Page Is Important
What do you expect talking to a PR person on twitter about hypertext transfer protocols?
-
-
Indeed, everyone in the company I work for receives security training, not just technical people, and we have about 20k employees. One of the primary red flags is anything that doesn’t use HTTPS. Ignorance of security practices is not an excuse when you work for a bank, no matter what position you are in…and if the bank is not providing their employees this training then I would wager they have very serious flaws in many other parts of their organization. Especially and most dangerously, flaws that are invisible to the public. This type of behavior and attitude with their public website is very telling of what nastiness likely lies below the surface.
-
I’d expect them to be SOMEHOW trained to identify dangerous activity, especially if money is involved.
Hmm. I wouldn’t say so. To be honest everybody has a different field of expertise, and I wouldn’t blame a PR person for not knowing IT security “basics”.
The person didn’t react very well, but definitely did the right thing of transmitting the issue to the relevant dpt.
-
-
-
I like the idea to rewrite basic tools in Rust. Not just because it’s a more secure language than C, but because it’s so much more expressive. I think many complicated programs would benefit from this. Many of the basic tools are full of hackery and obscure stuff you can do in C.
However, I agree with the assessment that this isn’t reliable, as long as there isn’t a small self contained Rust compiler written in C which can bootstrap itself. Rustc is a beast to compile as are bigger programs written in Rust.
-
the-kenny
9 months ago
|
link
| on:
Netflix functions without client-side React, and it's a good thing
Note that this is a very click-bait-y title: Netflix moved their landing page to server-side rendering only. The main-application still uses React as it was using before.
-
I don’t think that’s clickbait, if you’re familiar with React you’ll know there is client and server side React. They removed the client-side React.
-
I tend to disagree: While the “client-side” part surely lowers the expectations on the content, it still claims “Netflix” (all of it!) works without client-side React, which obviously isn’t true. This claim is even more confusing if you ask people to specify what “Netflix” is: Most people would say it’s the player- and browsing-interface.
-
-
-
The fundamental problem with USB-C is also seemingly its selling point: USB-C is a connector shape, not a bus. It’s impossible to communicate that intelligibly to the average consumer, so now people are expecting external GPUs (which run on Intel’s Thunderbolt bus) for their Nintendo Switch (which supports only USB 3 and DisplayPort external busses) because hey, the Switch has USB-C and the eGPU connects with USB-C, so it must work, right? And hey why can I charge with this port but not that port, they’re “exactly the same”?
This “one connector to rule them all, with opaque and hard to explain incompatibilities hidden behind them” movement seems like a very foolish consistency.
-
It’s not even a particularly good connector. This is anecdotal, of course, but I have been using USB Type-A connectors since around the year 2000. In that time not a single connector has physically failed for me. In the year that I’ve had a device with Type-C ports (current Macbook Pro), both ports have become loose enough that simply bumping the cable will cause the charging state to flap. The Type-A connector may only connect in one orientation but damn if it isn’t resilient.
-
-
-
The perfect connector has already been invented, and it’s the 3.5mm audio jack. It is:
- Orientation-free
- Positively-locking (not just friction-fit)
- Sturdy
- Durable
Every time someone announces a new connector and it’s not a cylindrical plug, I give up a little more on ever seeing a new connector introduced that’s not a fragile and/or obnoxious piece of crap.
-
-
Not been my experience. I’ve never had either USB-A or 3.5mm audio fail. (Even if they are in practice fragile, it’s totally possible to reinforce the connection basically as much as you want, which is not true of micro USB or USB-C.) Micro USB, on the other hand, is quite fragile, and USB-C perpetuates its most fragile feature (the contact-loaded “tongue”—also, both of them unforgivably put the fragile feature on the device—i.e., expensive—side of the connection).
-
-
-
You could potentially go optical with a cylindrical plug, I suppose.
-
-
-
3.mm connectors are not durable and are absolutely unfit for any sort of high-speed data.
They easily get bent and any sort of imperfection translates to small interruptions in the connection when the connector turns. If I – after my hearing’s been demolished by recurring ear infections, loud eurobeat, and gunshots – can notice those tiny interruptions while listening to music, a multigigabit SerDes PHY absolutely will too.
-
This. USB-A is the only type of usb connector that never failed for me. All B types (Normal, Mini, Micro) and now C failed for me in some situation (breaking off, getting wobbly, loose connections, etc.)
That said, Apple displays their iPhones in Apple Stores solely resting on their plug. That alone speaks for some sort of good reliability design on their ports. Plus the holes in devices don’t need some sort of “tongue” that might break off at some point - the Lightning plug itself doesn’t have any intricate holes or similar and is made (mostly) of a solid piece of metal.
As much as I despise Apple, I really love the feeling and robustness of the Lightning plug.
-
-
-
-
It’s impossible to communicate that intelligibly to the average consumer,
That’s an optimistic view of things. It’s not just “average consumer[s]” who’ll be affected by this; there will almost certainly be security issues originating from the Alternate Mode thing – because different protocols (like thunderbolt / displayport / PCIe / USB 3) have extremely different semantics and attack surfaces.
It’s an understandable thing to do, given how “every data link standard converges to serial point-to-point links connected in a tiered-star topology and transporting packets”, and there’s indeed lots in common between all these standards and their PHYs and cable preferences; but melding them all into one connector is a bit dangerous.
I don’t want a USB device of unknown provenance to be able to talk with my GPU and I certainly don’t want it to even think of speaking PCIe to me! It speaking USB is frankly, scary enough. What if it lies about its PCIe Requester ID and my PCIe switch is fooled? How scary and uncouth!
-
Another complication is making every port do everything is expensive, so you end up with fewer ports total. Thunderbolt in particular. Laptops with 4 USB A, hdmi, DisplayPort, Ethernet, and power are easy to find. I doubt you’ll ever see a laptop with 8 full featured usb c ports.
-
-
lisp+java= Clojure -
-
Note that chrome also features a pretty nice headless mode: https://developers.google.com/web/updates/2017/04/headless-chrome
It’s controlled via the debugging api and features pretty much everything you can do in Chrome itself, and much more: https://chromedevtools.github.io/devtools-protocol/
-
I think the takeaway here is a) don’t confuse all kind of errors with a http request with invalid tokens (I’m not familiar with the Github API, but I suppose it returns 503 unauthorized correctly) and b) don’t delete important data, but flag it somehow.
-
It returns a 404 which is a bit annoying since if you fat finger your URL you’ll get the same response as if a token doesn’t exist.
https://developer.github.com/v3/oauth_authorizations/#check-an-authorization
Invalid tokens will return 404 NOT FOUND
I’ve since moved to using a pattern of wrapping all external requests in objects that we can explicitly check their state instead of relying on native exceptions coming from underlying HTTP libraries. It makes things like checking explicit status code in the face of non 200 status easier.
I might write on that pattern in the future. Here’s the initial issue with some more links https://github.com/codetriage/codetriage/issues/578
-
-
-
-
-
Then there’s your problem. Your request class throws
RequestErroron every non-2xx response, andauth_is_valid?thinks anyRequestErrormeans the token is invalid. In reality you should only take 4xx responses to mean the token is invalid – not 5xx responses, network layer errors, etc. -
-
-
-
-
I think the takeaway is that programmers are stupid.
Programs shouldn’t delete/update anything, only insert. Views/triggers can update reconciled views so that if there’s a problem in the program (2) you can simply fix it and re-run the procedure.
If you do it this way, you can also get an audit trail for free.
If you do it this way, you can also scale horizontally for free if you can survive a certain amount of split/brain.
If you do it this way, you can also scale vertically cheaply, because inserts can be sharded/distributed.
If you don’t do it this way – this way which is obviously less work, faster and simpler and better engineered in every way, then you should know it’s because you don’t know how to solve this basic CRUD problem.
Of course, the stupid programmer responds with some kind of made up justification, like saving disk space in an era where disk is basically free, or enterprise, or maybe this is something to do with unit tests or some other garbage. I’ve even heard a stupid programmer defend this crap because the the unit tests need to be idempotent and all I can think is this fucking nerd ate a dictionary and is taking it out on me.
I mean, look: I get it, everyone is stupid about something, but to believe that this is a specific, critical problem like having to do with 503 errors instead of a systemic chronic problem that boils down to a failure to actually think really makes it hard to discuss the kinds of solutions that might actually help.
With a 503 error, the solution is “try harder” or “create extra update columns” or whatever. But we can’t try harder all the time, so there’ll always be mistakes. Is this inevitable? Can business truly not figure out when software is going to be done?
On the other hand, if we’re just too fucking stupid to program, maybe we can work on trying to protect ourselves from ourselves. Write-only-data is a massive part of my mantra, and I’m not so arrogant to pretend it’s always been that way, but I know the only reason I do it is because I deleted a shit-tonne of customer data on accident and had the insight that I’m a fucking idiot.
-
I agree with the general sentiment. It took me a bout 3 read throughs to parse through all the “fucks” and “stupids”. I think there’s perhaps a more positive and less hyperbolic way to frame this way.
Append only data is a good option, and basically what I ended up doing in this case. It pays to know what data is critical and what isn’t. I referenced the acts_as_paranoid and it pretty much does what you’re talking about. It makes a table append only, when you modify a record it saves an older copy of that record. Tables can get HUGE, like really huge, as in the largest tables i’ve ever heard of.
/u/kyrias pointed out that large tables have a number of downsides such as being able to perform maintenance and making backups.
-
you can do periodic data warehousing though to keep the tables as arbitrarily small as you’d like but that introduces the possibility of programmer error when doing the data warehousing. it’s an easier problem to solve than making sure every destructive write is correct in every scenario though.
-
Tables can get HUGE, like really huge, as in the largest tables i’ve ever heard of
I have tables with trillions of rows in them, and while I don’t use MySQL most of the time, even MySQL can cope with that.
Some people try to do indexes, or they read a blog that told them to 1NF everything, and this gets them nowhere fast, so they’ll think it’s impossible to have multi-trillion-row tables, but if we instead invert our thinking and assume we have the wrong architecture, maybe we can find a better one.
/u/kyrias pointed out that large tables have a number of downsides such as being able to perform maintenance and making backups.
And as I responded: /u/kyrias probably has the wrong architecture.
-
-
Of course, the stupid programmer responds with some kind of made up justification, like saving disk space in an era where disk is basically free
It’s not just about storage costs though. For instance at $WORK we have backups for all our databases, but if we for some reason would need to restore the biggest one from a backup it would take days where all our user-facing systems would be down, which would be catastrophic for the company.
-
You must have the wrong architecture:
I fill about 3.5 TB of data every day, and it absolutely would not take days to recover my backups (I have to test this periodically due to audit).
Without knowing what you’re doing I can’t say, but something I might do differently: Insert-only data means it’s trivial to replicate my data into multiple (even geographically disparate) hot-hot systems.
If you do insert-only data from multiple split brains, it’s usually possible to get hot/cold easily, with the risk of losing (perhaps only temporarily) a few minutes of data in the event of catastrophe.
-
-
Unfortunately, if you hold any EU user data, you will have to perform an actual delete if the EU user wants you to delete their stuff if you want to be compliant with their stuff. I like the idea of the persistence being an event log and then you construct views as necessary. I’ve heard that it’s possible to use this for almost everything and store an association of random-id to person, and then just delete that association when asked to in order to be compliant, but I haven’t actually looked into that carefully myself.
-
That’s not true. The ICO recognises there are technological reasons why “actual deletion” might not be performed (see page 4). Having a flag that blinds the business from using the data is sufficient.
-
-
-
There’s actually a database out there that enforces the never-delete approach (together with some other very nice paradigms/features). Sadly it isn’t open source:
-
-
-
The only thing that keeps me sane is using weechat to connect: https://github.com/wee-slack/wee-slack
I relay it over to Emacs using https://github.com/the-kenny/weechat.el which is almost as nice as my regular IRC client.
-
-
Thanks! The only thing that confused me was that it seems to use a white face for your own nick, which makes it invisible in the default color theme, so I had to remove
"white"fromweechat-color-list. Easy fix once you realize what’s going on, but very confusing at first.Also I’ve noticed sometimes the unread-tracking is a bit unreliable. However, this might be because I sometimes keep the web client open, and I’m not sure how that interacts with unreads. I will try to see if I can get more details about this and report an issue if so.
-
As for the color: Yes, we just copied the original colors from weechat itself, which is made for a dark theme. I’ll add a task to my list to create a more compatible color theme for bright emacses.
When I developed weechat.el there wasn’t an acceptable way to sync unread status. I haven’t tracked the relay protocol for quite some time now, but I’ll check if it’s possible now. It’s actually a feature I’d like to see too.
-
Oh, one thing I just remembered is that it was very surprising to me that
weechat-trackingdoesn’t track unread messages at all by default but only tracks mentions. It would be helpful to make that clearer or make the default match other clients.
-
-
-
-
-
Personally, I use the web client. It has almost all the features of the desktop client and I can turn off desktop notifications, making the only actual notifications, then, the favicon updates which aren’t nearly as jarring.
I think I’d prefer to use something else entirely, like your setup, but for some reason I’ve not taken any time to try it out. I do fear that I might become complacent or something and forget that I hate slack… because I’m not actually using slack, I’m using a chat service that feels like irc, and that’s dangerous.
Slack actually bothers me more because the model is fundamentally different than what I’m used to–1 network, multiple channels. Where as in slack there are multiple networks and multiple same topic channels. “But, irc has multiple networks, too?” Yes, but the official communities will hang out on freenode#lobsters, or freenode#racket, or efnet#mtg (idk?), not create a whole network about golang, and then have a separate channel, in each network, about Battle Star Galactica, essentially making BSG discussion so bifurcated it doesn’t even happen anywhere.
-
-
-
There’s also https://github.com/yuya373/emacs-slack ( also packaged as a spacemacs layer - https://github.com/syl20bnr/spacemacs/blob/master/layers/+chat/slack/README.org )
-
I tried to get that working first, but it was extremely unreliable at the time. Maybe it’s gotten better; this was about 6 months ago.
-
-
-
I’m extremely tempted, in my bid to not use graphical apps unless required, to connect to slack via the IRC bridge using suckless’ ii to script some grepping for notifications and piping those to dunst. I have a very hard time not responding to the shiny dot saying “NEW CONTENT HAS APPEARED.” I’d rather make it deliberate to catch up on content once every 2 hours (that’s only 4 times a day) for some timeboxed period of time than constantly monitor it. Bonus: More free ram.
-
-
the-kenny
edited
1 year ago
|
link
| on:
Firefox Focus New to Android, blocks annoying ads and protects your privacy
Why did Mozilla choose to prevent installation of Firefox Focus via Google Play in Germany?
Seems like they uploaded the same software under a different identifier “com.firefox.klar” and made this version available here: https://play.google.com/store/apps/details?id=org.mozilla.klar
-
It’s due to a naming conflict with Focus Magazine
It’s mentioned at the bottom here: https://blog.mozilla.org/press-de/2015/12/08/app-focus-by-firefox-ein-content-blocker-fur-apple-ios/
-
-
2018: Install security patches, also get Candy Crush
I was going to write the same :) I’m pretty sure it is still true for the MS engineers as they most likely have a version of Windows (Enterprise?) that has none of that crap, so they never see it and doesn’t affect them.
It affects me too, but these decisions are all made at the management level. I’ve just formed a habit of uninstalling/disabling misfeatures as they appear.
The biggest benefit of Enterprise edition is that you’re allowed to disable things. But they usually enabled by default regardless.