1. 19

    I ran across a pretty interesting talk about zig here.

    Note: I got a good laugh at the end of the talk where he said he made tabs in the source a hard compile error. Well played Andrew. ;)

    1. 9

      I personally loved the whole “Ya I know saying Zig is faster than C is a big statement since programming language performance is measured as a fraction of C, but I’m telling you it’s an improper fraction”

      1. 1

        Agreed. It was a good presentation – there were a few memorable moments like that.

    1. 3

      Been using jrnl to keep notes of things I’ve done or ideas I intend to execute on.

      1. 1

        jrnl is great. I use it as my personal journal.

      1. 2

        Should have an option to emit TAP

        1. 1

          +1

          I’ll definitely look into that, thanks

        1. 1

          Why do you have a AUTHORS() macro? Isn’t that why version control is for?

          1. 2

            Yep, version control can provide that, but I didn’t want to rely on it being present. I think from a developer standpoint, it’s convenient to know then and there who wrote a particular test (compared to perusing a changelog to find who wrote it). I used this at work and that was my experience, at least.

          1. 3

            Nice! Really like the minimalist approach of it.

            1. 3

              Thanks!

              I’m certainly aiming for a minimal front-end. As I write new features, I try to hold to a quote I once heard: “if it needs a manual to work, it’s not ready for production”. Obviously there are exceptions to this, but the spirit of the saying is that features should be as intuitive as possible. So I’m comfortable with the backend code getting sophisticated (and ideally not complicated) as long as writing the tests remains straightforward. I measure straightforwardness by how easy it is to explain a new feature using an example. If it’s difficult to explain using an example, it’s not ready

            1. 1

              This would be a useful extension to tldr

                1. 1

                  Ugh, I searched and didn’t see it. Thanks.

                  1. 1

                    Yup, no problem.

                1. 5

                  Love finding writings like this where the author has clearly worked on something very specific, and can articulate nuances that you’d either never think about or wouldn’t think existed (for example, buildings that are numbered zero)

                  1. 3

                    We need something like that for every category in one place. Plus, premade components in common languages that enforce their best practices by default with escape hatches for some stuff where it makes sense. minimax’s link is a good start.

                    1. 14

                      This is literally how the guy makes a living, so, maybe don’t do that?

                      1. 9

                        I took it down.

                        1. 2

                          Very considerate of you! :)

                          1. 3

                            Ya I didn’t intend to upset anyone, it was purely a convenience thing.

                        2. 8

                          “First, everything is free all week”

                          He’s encouraging people to grab his videos by giving everything away for free. All he required was a login which may have monetary value later that timetoplaytypus’s share negates. It’s possible, though, he thinks they can only grab a small amount of videos with some portion of people paying for the rest after deal expires. That’s on top of new, recurring revenue from it on future videos. Maybe this hurts him on at least gap between what he though could be shared and what would be. In that case, he’d have made a gamble that may or may not pay off vs offering a limited number of videos with a clear prohibition on sharing them.

                          On ethical side focusing on results, I don’t think there’s a huge difference of someone here sharing his videos all at once in convenient form for free vs him saying grab as many as you want after you log in for free. Given freeloading users vs type and number that would pay him, I don’t think he’d have many losses in that scenario if any at all. The kind of people that would pay him would probably mostly still pay him. Hopefully, no effect.

                          1. 0

                            He’s encouraging people to take a free look at his work and see if they think it would be worth for them to pay for more of it in the future. Shitty people that don’t care about anything else but themselves might interpret this offer as an invitation to take advantage of someone’s work, and even actively undermine this someone’s livelihood. I think these people are at least half of what is wrong with the word and they should all go live in a cave and never interact with anyone else ever again.

                            1. 2

                              I hear you. It’s a sensible perspective. I prefer he keeps getting paid for doing good work, too. I also agree that this should be the norm instead of pervasive parasiting.

                              1. 2

                                I think you see the situation a bit radically.

                                On one hand when someone publishes a free software and people use it for their benefit without any pay then they are shitty? When someone decides to publishing something for free, then the factor that some people may not pay for it must be calculated into that decision.

                                I believe that the ad-supported word is a bigger threat, as makes the feeling that stuff are for free a norm.

                                1. 0

                                  Neither of those examples apply. OP is publishing something for free for a LIMITED amount of time, with the very obvious intention of giving people a preview of his product. Free software and free content are very different propositions.

                                  1. 2

                                    I still think that the possibility had to be factored into this offer, and it likely was. The style and language are still harsher than I think the situation justifies.

                                    1. -5

                                      Fortunately, I don’t care what you think.

                                      1. 2

                                        You should reconsider your approach to commenting on lobste.rs.

                                        1. 0

                                          That is your right to do so.

                              2. 8

                                let’s be real here. the first thing i thought of when i saw this was “can i write a script to download everything before the deadline” and im pretty sure 99% of people here thought something along that line.

                                given the target audience of his screencasts, you kinda have to expect this.

                                1. 0

                                  Everybody thinks stupid thoughts, but not everyone acts on it. And since we’re a big part of Gary’s target audience, wouldn’t it be nice, if it turns out he overestimated the amount of dicks among us? By the way, first thing in my head also was “Hmm, can I download it?”, but then I remember the guy has to eat.

                                  1. 4

                                    The swearing you demonstrate in your comments is disturbing. I hope it will not become the norm in the comments section.

                                    I believe you could also communicate your point very well without using words like “shitty people” and “dicks”.

                              3. 4

                                I come to comment on this because I remembered this tweet he posted on the matter, a while ago: https://twitter.com/garybernhardt/status/870721629440983041

                                I’m glad it’s been taken down already, I think its just fair to the author’s work.

                                1. 1

                                  I probably should have read the comments before spending 20 minutes writing a scraper.

                                  1. 1

                                    The HTTP 451 is intentional, no?

                                    1. 2

                                      Any endpoint on my site that doesn’t exist returns HTTP 451

                                      Edit: for example, https://timetoplatypus.com/abc

                                      1. 1

                                        FWIW it looks like the HTTP response is only a 404. is this because many clients/servers don’t respect 451 yet?

                                        1. 1

                                          Nah, it’s just a mistake on my part. I’ll get around to fixing it…eventually

                                  1. 2

                                    DHS also said that its NPPD is “not aware of any current DHS technical capability to detect IMSI catchers.”

                                    “NPPD is aware of anomalous activity outside the [National Capital Region] that appears to be consistent with IMSI catchers,”

                                    These statements contradict each other.

                                    1. 1

                                      Why?

                                      First statement: DHS says NPPD doesn’t know about DHS’s ability to detect IMSIs

                                      Second statement: NPPD can detect IMSis

                                      1. 1

                                        Good point, I missed the “DHS technical capability”.

                                    1. 17

                                      Trying to finish a long running project: my e-ink computer.

                                      1. 3

                                        Amazing! Please keep us posted!

                                        Are you documenting the project anywhere else besides sporadic tweets?

                                        1. 4

                                          Yes, I document everything along the way. I do not like to publish about ongoing projects as I tend not to finish them when I do that :).

                                          Both the code and the CAD designs will be open sourced once the project will be finished.

                                          I also plan to write a proper blog post about it. I still need to figure out the proper way to do partial refresh with this screen and it should be more or less done (the wooden case still needs some adjustments).

                                          [Edit] Typos.

                                          1. 1

                                            Same, I would definitely be interested in following the project progress.

                                          2. 2

                                            Nice! What screen are you using, and how are you controlling it? Have you written any blog posts?

                                            1. 2

                                              It seems to be this one, same marks on the bottom corners and the shield looks the same:

                                              https://www.waveshare.com/wiki/7.5inch_e-Paper_HAT

                                            2. 1

                                              Is that a raspi it’s hooked up to? Where did you buy the screen?

                                              There is another guy doing e-ink stuff on the internet recently. You should go search for him. He is researching how to get decent refresh rates too.

                                              Instead of creating a laptop-like enclosure, you should make a monitor-like enclosure. It will look way better and more reusable.

                                              1. 1

                                                So, one of the thigns that annoys me about this world is how we don’t have e-ink displays for lots of purposes that nowadays get done with a run of the mill tablet. You don’t need a tablet for things like a board that shows a restaurant menu, or tracking buses in the area. So why can’t I find reasonably sized E-ink displays for such purpses?

                                                1. 1

                                                  Entirely agree with you.

                                                  I guess it can be explained by the fact that LCD screens have a better brightness, they are better to catch human eye attention.

                                                  The eink technology is bistable on the other hand, making it highly energy efficient for such applications - when no frequent updates are needed.

                                                  Energy is cheap nowadays, we don’t really care about energy consumption anymore. But I guess this might change past the peak oil.

                                                  I guess these techs will start developing as soon as energy becomes scarce and expensive.

                                              1. 2

                                                Just an FYI, you can also install the bash completion script to /etc/bash_completion.d/ so that it auto-loads (and you won’t have to modify your bashrc file). On some distributions, I believe you can also install to /usr/share/bash-completion/completions/ but I’m not sure about that one.

                                                1. 7

                                                  Another aspect of code navigation that’s not often given much consideration is greppability/searchability. Bascially, how powerful of a tool do you have to use to be able to statically (or without running it) get a good idea of where a particular line of code dispatches to. Every time an indirection is introduced, you raise the bar for how powerful the code analysis tool is required to keep from having to guess at where something is, unless you preserve the uniqueness of the name used. The two biggest practices that seem to make this sort of analysis more difficult seem to be Interfaces and using RabbitMQ-dispatched microservices.

                                                  This isn’t to say that using interfaces and microservices are a bad things, but that they trades off easy navigability for some other quality (in the cases that I’m thinking of, Interfaces are used to help testability in C#, and microservices are used for, among other things, reducing IL->x86 JIT times in C#, by breaking up the monolith).

                                                  1. 3

                                                    On the flip side, how searchable is assembly? You can search for individual instructions but you can’t search for any higher level patterns in the code, which is what abstractions usually name.

                                                    It just seems like none of the languages at any level of abstraction lend themselves very well to analysis or exploration. I think it’s partly because of the attachment to representing programs as text, which is limiting.

                                                    1. 4

                                                      Note that I said indirection, not abstraction as such. Not all abstractions are represent semantic indirection as such. Function calls, for example, can be static jumps, and are usually pretty easy to analyze, provided that the types in question aren’t crazy.

                                                      1. 3

                                                        A grep derivative tailored towards finding specifically patterns in assembly code would make for a really interesting project actually…

                                                    1. 6

                                                      I’ve been working on a pure C11 implementation of a PNG steganography tool that I prototyped originally in Python and Perl (so I know it works). Current issue I’m running into is that the bytes of the PNG chunks are represented in my library as unsigned char *, and the CRC32 function I’m using gives me a checksum of that data as an unsigned long. I’m not experienced enough with C to know how to append that checksum to my unsigned char * bytes variable, so I’m trying to figure that out. The fun part of the project is that I’m also testing the library using the C testing framework that I built a little while back.

                                                      I had to take a break from contributing to OSH (https://github.com/oilshell/oil) because of travel/work so I’m hoping to get back into that as well.

                                                      1. 1

                                                        You may want to use memcpy to get those bytes in there, or you can shift and mask the correct number of times. I don’t know enough about how the checksum has to be written.

                                                      1. 10

                                                        I’ve been building a C testing framework for work and heard about Snow on Lobsters, so I’m planning to peruse it’s features for inspiration. The one I’m building isn’t as macro-heavy/macro-driven but I think there are a number of advantages to leveraging macros so I want to see what I can add.

                                                        1. 5

                                                          You should have a look at greatest, which has worked out great for me in the past. I don’t do a lot of C, but dropped my own little testing setup for greatest, and haven’t looked back.

                                                          1. 2

                                                            I’ll check it out, thanks for the link. At a glance, my framework does look similar.

                                                            Probably worth mentioning, I am sort of targeting this at folks that develop software using the traditional full cycle SDLC and have to live through that cycle many many times. As a result, I also have a goal to formally support requirements engineering. Basically what that means is that as a test engineer writes a test for a developer to implement against, they can optionally map it to either a requirement (by ID), a type of requirement (functional, non-functional, performance, etc), or a set of requirements (multiple IDs). On a very large project with many moving parts, support for this in a test tool can be invaluable.

                                                            The nice side benefit of this is that if you’re using a tool like Git, you can scroll through major points in the Git history and clearly see the progression of development not just by what tests are passing, but also by how many of the requirements solicited from the customer/stakeholder are satisfied. Eventually, I’ll support generating metrics from the tests in a common business/professional format (such as an Excel spreadsheet, so managers can create visualizations and whatnot).

                                                            I think it’ll be useful for developers because they don’t just have to point at a results table and say “I’m passing all the tests”, they can point at a results table and say “I’m passing all the tests and here’s also proof that the tests passing fully cover all the initial requirements laid out, therefore the product you asked for is built” (and of course if they don’t like what they got, they can go talk to the requirements engineer :P )

                                                            1. 6

                                                              Hi, greatest author here. :)

                                                              Something that might be useful in your situation: with greatest, if you have formal requirements IDs, you could use them as tags in the test function names, and then run tests based on those – you can use the -t command line switch in the default test runner to run tests based on test name / substring match. (Similarly, -x skips matching tests, so, for example, you could skip tests with __slow in the name.) If you name tests, say, TEST handle_EEPROM_calibration_read_failure__ENG_471(void) { /* ... */ }, then ./tests -t ENG_471 would run that. (Running tests by name also helps with quick feedback loops during development.)

                                                              I did some automotive embedded work several years ago. We had a whole requirement traceability system that involved scraping requirement IDs out of comment headers for tests, which eventually fed into coverage reports.

                                                              1. 1

                                                                Oh wow, that’s pretty cool. That tagging system can certainly be useful for more than just the requirement IDs but ya, that would work. Being able to filter tests by the tags is also really neat and I hadn’t thought of that as a feature.

                                                          2. 1

                                                            I’d be curious to see what someone could come up with if the test framework didn’t use the C preprocessor and used something else instead. Might be a fun exercise. But then again, maybe I’m just not liking the preprocessor lately.

                                                            1. 1

                                                              What would it look like to drive tests, for C programs, in say Lua? It seems like a wonderful idea, but I’m not sure if the boilerplate stuff can be automated in such a way to make it feasible…

                                                              1. 1

                                                                I’m not sure either, but it still might be an interesting exercise (or mini research project). Maybe I should be the one to look into it since I’m the one that spoke up. ;)

                                                                1. 1

                                                                  Actually, this sounds like something @silentbicycle has probably already tried. Might be worth checking in with him first. :)

                                                          1. 3

                                                            OSH AUR has been updated to v0.3.0 as well. If anyone has issues installing, please let me know. https://aur.archlinux.org/packages/osh/

                                                            1. 3

                                                              this is bait. do not execute a random obfuscated python script.

                                                              1. 2

                                                                oh ja, that’s for sure. Don’t execute random anything, but the style is definitely written to mimic the various tools we see in the space at the very least.

                                                                I think my fav comment to this was responding to the “my ssh tool is too dangerous to release” thing; definitely going for the “we have an internet badass over here” direction, even if unintentionally.

                                                                1. 2

                                                                  It’s odd, the author says that the tool is too dangerous to release but then they released it anyway

                                                                  1. 1

                                                                    in the past that was often done for “cred,” to make things look more bad ass than they actually were. Here I have no idea, but it came across as silly to me.

                                                              1. 1

                                                                I added some other features in my fork for those that are interested. There’s a pull request in there somewhere but the original jrnl developer isn’t too active anymore so it hasn’t been merged yet or anything.

                                                                https://github.com/timetoplatypus/jrnl

                                                                • import a jrnl from JSON
                                                                • export a jrnl to a pretty print HTML format
                                                                  • no HTML stripping from jrnl entries, so you can add any other decorators you’d like by inlining them in the entry.
                                                                1. 47

                                                                  https://forums.developer.apple.com/thread/79235

                                                                  November 13th, this was a known behavior

                                                                  1. 6

                                                                    Your comment should be on the top. Looks like apple should have responded two weeks ago. It would be interesting to study how widely exploited this bug has been. Does anybody have an estimate how many people could have seen that solution post on the developer forum?

                                                                    1. 2

                                                                      Does anybody have an estimate how many people could have seen that solution post on the developer forum?

                                                                      One fewer than should have seen it.

                                                                    2. 3

                                                                      So odd… The solution of entering “root” twice is given as if that’s just kind of a normal thing to do if you need to create an admin account. Is this behavior perhaps actually intentional, but should only work if there are no existing admin accounts?

                                                                      1. 1

                                                                        Here is the security patch: https://support.apple.com/en-us/HT208315

                                                                      1. 5

                                                                        Not able to reproduce this behavior. On Mac OS, I believe the root account is disabled by default; it gets enabled when a password is set for it. I wonder if the behavior they’re reporting is still present when a root password has been set.

                                                                        1. 7

                                                                          It is not, it gets fixed by setting a root password.

                                                                          I’ve been able to reproduce this on my 5K iMac but not my 13” TB MacBook Pro.