1. 33

    While AVIF has decent compression due to using AV1, its container format (HEIF) is unfortunately a bloated designed-by-committee mess. We looked at implementing it in libavformat in FFmpeg during GSoC 2019, and the conclusion in short was “no”. I might write a blog post on its many failings if there’s interest, but in short: it is not just a still image format. It also supports albums, compositing and a whole slew of other junk. This makes implementing a decoder for it in a project like FFmpeg a monumental task.

    In my opinion it would be vastly superior to just define a FourCC for AV1 and stick it in a BMP file. BMP parsers are common, the format already supports compression. There’s no need to come up with anything new. A similar argument can be made for audio formats, which can just be stuck inside WAV files with an appropriate TwoCC.

    1. 14

      I’d love a bog post that explains it in great detail (the format, the existing ffmpeg software architecture, the assumptions, the goals, the conflicts). I’d also like to hear about non-technical side of this - I think there’s lots of value to be derived from talking about projects that didn’t succeed.

      1. 12

        Out of curiosity, is any container format NOT a mess? I’ve heard people complain about ogg, MP4 and a few others, but nobody seems to dish out much praise anywhere. Container formats in general seem to be a somewhat obscure topic, nobody seems to say much about tradeoffs in them or what makes a good vs. bad design.

        1. 4

          Well, BMP and WAV are fairly simple and find wide use. They have their quirks though, like uncompressed BMP are stored upside-down and lines must be an even number of bytes. WAV only supports constant bitrate. AVI worked well enough before B-frames started being used. Ogg is an absolute joke. ISOBMFF (MOV) has tons of derivatives including MP4, 3GP and HEIF. It suffers from requiring a complete header to decode. Fragmented MP4 fixes that, but of course that’s only MP4. MXF is widely used in the broadcast world, is a huge mess both design wise and for being split over oodles of SMPTE specs. It also happens to be the format I maintain in libavformat.

          1. 3

            is any container format NOT a mess

            This is a very good observation.

            Container formats that implement a ‘database-in-a-file’ with bunch of tables, ‘foreign-key-conventions’, and so on are really really difficult to use (and I cannot even imagine, what it is to implementers, or folks who write conversion utilities).

            I do not know what a proper solution/architecture approach for these are, though. It seems that this model is needed.

            PEM ( https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file )

            PDF

            HDF5

            come to mind.

            1. 3

              The ISO container (MPEG-4 part 14, QuickTime, &c.) is at least a sensible model for a time-synced multi-stream container. It has a lot of cruft in it, though.

              1. 3

                Bink

                From what I’ve heard a significant portion of its value is that you don’t have to deal with any open formats/libraries, all of which are garbage.

              2. 6

                You sure make it sound like an overengineered piece of shit, and it it is, then your blog post (please write it!) would help expose it and limit the damage it can do.

                1. 6

                  HEIF, and thus AVIF, is an unfortunate pile of ISO specs. Each spec in itself isn’t unreasonable, but the sum of them adds up to ridiculous bloat. You need 300 bytes of MPEG metadata to say 1 bit of information that the AVIF has an alpha channel.

                  However, it’s most likely that nobody will implement the full feature set, and we’ll end up with a de-facto AVIF minimal profile that’s just for still images.

                  AVIF-sequence is another bizarre development. It’s a video format turned into image format turned back into worse, less efficient, more complex video format. And Chrome insists on requiring AVIF-sequence over a real AV1 video in <img>.

                  1. 3

                    However, it’s most likely that nobody will implement the full feature set, and we’ll end up with a de-facto AVIF minimal profile that’s just for still images.

                    This is the issue though. Because we can’t claim to have implemented AVIF because someone is going to come along with a composite AVIF some day and go “guise ffmpeg is broken it can’t decode this”.

                    I looked at AVIF-sequence just now, it just sounds like AV1 in MP4 with “avis” in the ftyp atom. Nothing too strange about that.

                  2. 2

                    There’s no need to come up with anything new are there other patent-free high-compression formats that support, as an example, PPTX-> conversion (to an individual file) ?

                    For my needs, being able to stick a slide show into one file (and then being able to reference ‘a page’ within the file, on a client), solves some technical complexities.

                    I might write a blog post on its many failings if there’s interest

                    Oh, and I also join folks who would love to see you write a blog post on this. Implementer’s analysis of AVIF, its pain points, short comings, etc, would be very interesting in shaping community understanding of this.

                    1. 1

                      I think the complexity is being used though. For example, iPhones take burst images compounded into a single HEIF, IIRC.

                      1. 1

                        Is burst images the correct term for this? From what I can see iphones just take an actual video recording. Burst images makes me think of cameras which actually move the shutter but I’m not sure it makes any difference on a phone camera where there are no moving parts.

                    1. 2

                      Looking through the Android 11 features and they seem like a decent improvement. The thing that stuck out to me was how at the end they have a link to “pixel exclusive features” after reading the list it didn’t seem like a single thing on the list was linked to specific hardware requirements. Is google really moving features out of android AOSP to make their phones look better?

                      1. 1

                        I couldn’t find that link in the page (Ctrl-F, ‘pixel’), would you mind sharing that URL? I’m curious to see what’s on it.

                        1. 1

                          I think the URL changed from a more consumer/PR-focused blog post to the current developer-focused URL.

                          1. 1

                            would you mind sharing that URL?

                            This is the list of “Pixel first” features. https://www.blog.google/products/pixel/android11-exclusive-pixel-features and they specifically say “And this time, with new Pixel-first features on Android 11, your Pixel has even more smarts to make it better and more helpful…” The Pixel support thread (https://support.google.com/pixelphone/thread/69861931?hl=en) similarly sells these new features from an (as I would term it) advertising perspective.

                            Is google really moving features out of android AOSP to make their phones look better?

                            Not to sound jaded, but why would this be a surprise? Or to rephrase that, if Google has teams dedicated to Pixel support, why would they force those teams to put everything developed into AOSP? As a company, they have to find some way/reason to market their products and I wouldn’t expect them to leave the Pixel stock.

                        1. 8

                          I wish they’d included an avif at a similar size as the jpeg used in the first F1 comparisons.

                          The ‘26’ in front of the car is barely visible in anything else than the jpeg, but the jpeg is ~70kb, so would avif at ~70kb match jpeg on that? do better? worse? I can’t tell.

                          1. 6

                            What really stands out to me is how some details are totally unaffected. The red bull sticker looks almost identical on the avif but the 26 which is almost as big becomes a complete smudge.

                            1. 4

                              AVIF has a novel technique of predicting color from brightness. This makes encoding of color cheaper overall, and helps it have super sharp edges of colored areas without any fringing.

                              However, the red-blue “26” text is only a difference in hue, but not brightness, so the luma channel doesn’t help it get predicted and sharpened. The encoder should have been smarter about this and compensated for it.

                              1. 1

                                The markings on the road are another smudge.

                              2. 1

                                Just a bit below, there is the same image as a 20 KB JPEG (to be compared with the 20 KB AVIF).

                                1. 2

                                  Sure, I’ve seen that, and it is neat, but there’s no 70KB AVIF to be compared with the 70KB JPEG, so that I can see whether AVIF is still better at that size.

                                  1. 2

                                    For a lot of things, there optimisation you want is best quality meeting this size / bandwidth goal, rather than lowest size meeting this quality goal. If a 70KiB JPEG meets your size / bandwidth requirements then it would be interesting to see how your quality increases going to a 70 KiB AVIF.

                                1. 1

                                  I had a UPS on my desktop for a while because 5 second power outages were pretty common. I noticed the thing used to run really hot. It must be wasting a huge amount of power while not actually providing any value most of the time.

                                  1. 4

                                    Got given a google home for free and ended up giving it away. Just don’t feel comfortable with google handling this information. Switched to an iphone recently and I feel better about siri just because Apple actually seems to give a shit about user data and privacy.

                                    1. 14

                                      Calling someone’s code ’clever should always be understood as an insult.

                                      1. 2

                                        I like solving made up programming changes with clever code. Its fun to see how small and wacky you can make the code but I would never put that stuff in a real app.

                                        1. 1

                                          In an idiocracy, this would be true.

                                          It’s like telling a joke to an emperor, he doesn’t get it and so off-with-your-head.

                                          Maybe the comedian was too clever for his own good, or too dumb to know when to be clever.

                                          But we don’t live in an idiocracy.

                                        1. 3

                                          Did you end up using a state management library for the frontend? If so, how did you get it populated by the backend? I’m just wondering if there are some well known patterns for syncing frontend state to the backend, perhaps especially with a REST API.

                                          1. 1

                                            The JSON:API standard for REST API design has a lot of implementations for both the server (e.g. Rails) and the client (e.g. Redux or framework-less JS). From the documentation, it looks like those libraries handle some of the work of transmitting states through the API. I’ve never used JSON:API myself, though.

                                            1. 1

                                              I have vuex installed with vapi that does that but I haven’t found a reason why I would need it yet

                                            1. 65

                                              This is terrible general security advice, as well as a failure in threat modeling.

                                              The point of the (very usable!) built-in password manager is to fight phishing and password reuse, which are each orders of magnitude bigger problems than endpoint compromise, which is the attacker position this article relies on. That alone makes this dangerous advice.

                                              But even if you are somehow focusing on endpoint compromise, on desktop systems the malware can just wait for you to type the password manager master passphrase, and exfiltrate the entire vault. Not 12 lines of code, but maybe 120. In fact, there’s a better argument for calling the latter approach “security by obscurity”; I wouldn’t call using SQLite an attempt at obscurity at all.

                                              In practice, the passwords that matter are the system FDE one for encryption at rest (which protects the browser passwords as well as the rest), and the sync password to protect the contents from the cloud provider, which the browsers correctly implement.

                                              The only thing requiring a master password to be typed to unlock the vault locally would do for most users is degrade UX, reducing adoption, and provide a false sense of security (because again if the endpoint is compromised, it will fall to keyloggers or memory inspection).

                                              1. 11

                                                Its annoying how so much of this “security advice” is about stuff where you have already been compromised and there are already 100 other ways to get the data or its about such insane things like “Out of office emails are a security risk” because someone might send you and email and then know they can launch an attack while you are on holiday..

                                                1. 1

                                                  In practice, the passwords that matter are the system FDE one for encryption at rest (which protects the browser passwords as well as the rest), and the sync password to protect the contents from the cloud provider, which the browsers correctly implement.

                                                  Firefox doesn’t implement the second properly: passwords are encrypted using a key which is a simple function of the password (which means that Mozilla can attempt to crack them, and will be successful for simple password like ‘open sesame.’

                                                  Worse, they don’t even have to do that: they sometimes prompt for Firefox passwords on web pages, which means that they can just steal your plaintext password there.

                                                  Sadly, Firefox used to have a password storage system which really was secure against Mozilla being malicious.

                                                  I think that Chrome is very slightly better here, because the password-encryption password is never shared with Google.

                                                  I completely agree with everything else you write, though.

                                                1. 7

                                                  There is no reason you have to use server side rendering with rails. My website uses rails to serve a json api to the frontend and I still get all the upsides listed on this post like devise and factorybot. I investigated using rust for the backend for speed reasons but after a few weeks trying it I went with rails because of how insanely fast it is to develop stuff with rails.

                                                  At the end of the day I would rather have a finished project over a faster one that doesn’t exist.

                                                  1. 3

                                                    I never was a rails guy so this may be off target, but I thought the author was suggesting you still have to do more work to write a JS based UI that takes advantage of all the things that Rails can do on the backend. He wants something that has the same ease of use that server rendered Rails apparently had.

                                                    1. 1

                                                      Rails even has “api-only mode” and has webpack integration. It does not save you from burdens of GraphQL and complex state management in React, however. UJS is mostly failed thing. But backend things are still there and it’s still better than most node.js libs, at least if you don’t need cooperative multitasking for handling millions of idle connections.

                                                    1. 10

                                                      It’s going to be interesting to see how much this is going to affect the future of how the WWW functions. GDPR sure didn’t manage to be as severe of a measure as we’d hoped it be. Heck, I’m having troubles getting the relevant authorities to understand clear violations that I’ve forwarded to them, where they then end up just being dismissed.

                                                      But this law here is of course not for the people, no… This is here for the copyright holders, and they carry much more power. So will this actually result in the mess we expect it to be?

                                                      1. 25

                                                        GDPR and the earlier cookie law have created a huge amount of pointless popup alert boxes on sites everywhere.

                                                        1. 10

                                                          The one thing I can say is that, due to the GDPR, you have the choice to reject many cookies which you couldn’t do before (without ad-blockers or such). That’s at least something.

                                                          1. 10

                                                            Another amazing part of GDPR is data exports. Before hardly any website had it to lock you in.

                                                            1. 4

                                                              You had this choice before though, it’s normal to make a cookies whitelist for example in firefox with no addons. The GDPR lets you trust the site that wants to track you to not give you the cookies instead of you having personal autonomy and choosing not to save the cookies with your own client.

                                                              1. 26

                                                                I think this attitude is a bit selfish since not every non-technical person wants to be tracked, and it’s also counter-productive, since even the way you block cookies is gonna be used to track you. The race between tracker and trackee can never be won by any of them if governments don’t make it illegal. I for one am very happy about the GDPR, and I’m glad we’re finally tackling privacy in scale.

                                                                1. 2

                                                                  it’s not selfish it’s empowering

                                                                  if a non-technical person is having trouble we can volunteer to teach them and try to get browsers to implement better UX

                                                                  GDPR isn’t goverments making tracking illegal

                                                                  1. 15

                                                                    I admire your spirit, but I think it’s a bit naive to think that everyone has time for all kinds of empowerment. My friends and family want privacy without friction, without me around, and without becoming computers hackers themselves.

                                                                2. 18

                                                                  It’s now illegal for the site to unnecessarily break functionality based on rejecting those cookies though. It’s also there responsibility to identify which cookies are actually necessary for functionality.

                                                              2. 4

                                                                On Europe we’re starting to sign GDPR papers for everything we do… even for buying glasses…

                                                                1. 12

                                                                  Goes on to show how much information about us is being implicitly collected in my honest opinion, whether for advertisement or administration.

                                                                  1. 1

                                                                    Most of the time, you don’t even have a copy of the document, it’s mostly a tl;dr document full of legal jargon that nobody reads… it might be a good thing, but far from perfect.

                                                              3. 4

                                                                “The Net interprets censorship as damage, and routes around it.”

                                                                1. 22

                                                                  That old canard is increasingly untrue as governments and supercorps like Google, Amazon, and Facebook seek to control as much of the Internet as they can by building walled gardens and exerting their influence on how the protocols that make up the internet are standardized.

                                                                  1. 13

                                                                    I believe John Gilmore was referring to old-fashioned direct government censorship, but I think his argument applies just as well to the soft corporate variety. Life goes on outside those garden walls. We have quite a Cambrian explosion of distributed protocols going on at the moment, and strong crypto. Supercorps rise and fall. I think we’ll be OK.

                                                                    Anyway, I’m disappointed by the ruling as well; I just doubt that the sky is really falling.

                                                                    1. 4

                                                                      I agree that it is not the sky falling. It is a burden for startups and innovation in Europe though. We need new business ideas for the news business. Unfortunately, we now committed to life support for the big old publishers like Springer.

                                                                      At least, we will probably have some startups applying fancy AI techniques to implement upload filters. If they become profitable enough then Google will start its own service which is for free (in exchange for sniffing all the data of course). Maybe some lucky ones get bought before they are bankrupt. I believe this decision is neutral or positive for Google.

                                                                      The hope is that creatives earn more, but Germany already tried it with the ancillary copyright for press publishers (German: Leistungsschutzrecht für Presseverleger) in 2013. It did not work.

                                                                      1. 2

                                                                        Another idea for a nice AI startup I had: Summarizing of news with natural language processing. I do not see that writing news with an AI is illegal, only copying the words/sentences would be illegal.

                                                                        Maybe however, you cannot make public from where you aggregated your original news that you feed into your AI :)

                                                                    2. 4

                                                                      Governments, corporations, and individual political activists are certainly trying to censor the internet, at least the most popularly-accessible portions of it. I think the slogan is better conceptualized as an aspiration for technologists interested in information freedom - we should interpret censorship as damage (rather than counting on the internet as it currently works to just automatically do it for us) and we should build technologies that make it possible for ordinary people to bypass it.

                                                                  2. 2

                                                                    I can see a really attitude shift coming when the EU finally gets around to imposing significant fines. I worked with quite a few organisations that’ve a taken ‘bare minimum and wait and see’ attitude who’d make big changes if the law was shown to have teeth. Obviously pure speculation though.

                                                                  1. 7

                                                                    Did we really call the accessibility tag a11y?

                                                                    1. 16

                                                                      FWIW, a11y is a fairly industry-standard term for accessibility, since it both serves as a short moniker (a la i18n for internationalization), and evokes being an “ally” for issues relating to accessibility.

                                                                      1. 3

                                                                        Accessibility is often abbreviated as the numeronym a11y, where the number 11 refers to the number of letters omitted. This parallels the abbreviations of internationalization and localization as i18n and l10n respectively.

                                                                        https://en.wikipedia.org/wiki/Computer_accessibility

                                                                        1. 3

                                                                          The number of times I have to type I18n in our app makes me glad this happened.

                                                                          1. 2

                                                                            Programmers really are the worst. :p

                                                                            1. 4

                                                                              Alternatively, it is nice to think of it as being an “ally” to people who use the web differently than we do. It’s cute, easy to type, and overall I don’t think it’s that hard to understand. I do see the concern that to people outside the industry it may not make sense, I just feel like on a highly technical site like lobsters it’s not as big of a concern. The tag description does say “accessibility” for what it’s worth.

                                                                          2. 2

                                                                            You know, I never questioned whether that was appropriate until now…

                                                                            1. 4

                                                                              Wait, I’m confused (or just ignorant) here - why wouldn’t it be? Is it different from shortening internationalization to i18n?

                                                                              1. 5

                                                                                It’s the same idea, but it’s kind of not very accessible in that it excludes people because it needs explanation.

                                                                                1. 4

                                                                                  Every field has jargon, and the cost of not having jargon is being unable to talk about that field’s ideas at all. I support Ed Kmett’s approach: use only jargon you understand and always be prepared to explain things to onboard newbies.

                                                                                  1. 2

                                                                                    Yeah, I mean, I realize that this term is fairly well-known. It’s a field that’s about people’s lives, so it does have a higher standard to meet than, say, type theory. I suspect that in practice, this abbreviation isn’t a problem. I was just a bit surprised at myself that I never questioned it before. I still don’t even know how it sounds in a screen reader, since I don’t have one set up to test with.

                                                                                    1. 3

                                                                                      I still don’t even know how it sounds in a screen reader, since I don’t have one set up to test with.

                                                                                      Just tested with Windows Narrator, it pronounces it “ay-eleven-why”.

                                                                          1. 3

                                                                            When you’re doing a pull request, some random guru-senior-architect might occasionally check your code and suggest few changes. Sounds unlikely but any additional eyes might uncover bugs or architecture mistakes.

                                                                            Is this true? I would love to have someone review my code but I cant see it ever happening. Do I just open a PR and hope someone comes along to review it? How would they even know I am waiting for public review. It feels quite rude to jump in to someone elses project and start reviewing their changes.

                                                                            1. 4

                                                                              “Watchers” of the repo will get notifications, so they can get involved pretty easily if they want to. Also, you can add a label like “needs review” or something like that to attract more attention.

                                                                            1. 3

                                                                              Wonder if it would be worth offering paid subscriptions as well for larger files.

                                                                              1. 2

                                                                                Refining features on my fitness tracking website PikaTrack before I start to work on an android app for it. Been a whole lot of work so far but I think I’m getting close to a decent service.

                                                                                1. 7

                                                                                  I would dearly love to flag or downvote this article for just being terribly, terribly bad, but there doesn’t seem to be an option for that. And then I see that 12 people have actually upvoted it. What on earth.

                                                                                  1. 2

                                                                                    Yeah I was looking at the flag reasons, its not spam, its not technically off topic. Its just total fluff/garbage.

                                                                                    1. 3

                                                                                      spam is how I usually flag this sort of stuff, because it’s low-quality meat.

                                                                                    2. 1

                                                                                      It’s the kind of bad programmers like. It’s written to be bad. I spent the last week writing a very complicated post on a critique of the narrative around the programmer job in the west and I had to kill it because it was going nowhere. I had the need to get some easy sweet up votes and wrote this because I knew it’s the kind of cheap humour programmers like.

                                                                                      Also I believe the expected behavior on lobste.rs is that if you disagree with the opinion of the majority of the voters is just to ignore the post. Down voting is not about the quality of the content.

                                                                                      1. 4

                                                                                        The moment lobsters becomes a site for cheap programmer humour is the moment the website dies.

                                                                                    1. 11

                                                                                      Here’s the issue:

                                                                                      • I write a post on kineticdial.com—it receives a couple hundred reads.
                                                                                      • I write a post on Medium—it receives tens of thousands of reads.

                                                                                      It really depends on what problem I am trying to solve for. Am I trying to get the content I write to be read by the most people or am I trying to develop a personal brand largely for employers considering hiring me?

                                                                                      1. 16

                                                                                        Or you write it on your site and duplicate to medium. Two birds, two stones

                                                                                        1. 11

                                                                                          Or write a new post for Medium and link to a ton of old content on your site.

                                                                                          1. 2

                                                                                            Very true!

                                                                                          2. 13

                                                                                            Genuinely honest question: if it’s a personal blog, why do you care about how many readers you’re getting? I understand that getting absolutely zero views is kinda depressing, but with a few dozen readers, I feel like content. My blog is just my personal space for me to ramble on about things I care. It’s personal.

                                                                                            I guess it’s human nature to always want more, but I dunno, I just don’t feel that with the number of readers reading my blog.

                                                                                            1. 11

                                                                                              Zero views can be depressing only if you measure it :)

                                                                                              I removed all statistics from my pages a while ago (did not check GA before anyway). While I don’t write as often as I’d like to, when I do, I find obliviousness to my content’s reach liberating.

                                                                                              1. 5

                                                                                                I’ve found that just getting higher numbers stops mattering pretty quickly for my personal satisfaction. If someone emails me with a genuine question or complement, it would make my day!

                                                                                                The other day I gave a training talk to a bunch of new employees via video call. One of them recognized me in the hallways and said he thought it was funny, engaging, and interesting. It really did make my day! Much more so than knowing I’m impacting a dozen products by training a dozen engineers. Same goes for code. I know for a fact code that I’ve written touches millions of people every day. But that stat became pretty meaningless quickly. If one of them said they liked a feature I worked on, that would mean a lot more to me.

                                                                                                Fuzzy feelings beat pure numbers for me. I suspect looking at blogging from that perspective will push you toward enabling comments and encouraging tweets and email.

                                                                                                1. 2

                                                                                                  True. I don’t have any kind of analytics on my blog either. But I have a couple of friends who follow my blog, so that’s how I know :) But it wouldn’t matter if they stopped reading (perhaps they have already and they’re too polite to tell me), I’d still write about the same things at the same frequency with the same writing style. That’s the beauty of the internet. I hope we don’t ever lose that.

                                                                                              2. 10

                                                                                                I’ve had the opposite experience: my website pieces got far more readers than my medium pieces. This could just be because I’ve written a lot more and my topic has changed, but it’s still a data point.

                                                                                                More importantly to me, I’ve gotten more engagement from website pieces. People are more likely to email me about them.

                                                                                                1. 6

                                                                                                  I speculate, but can’t prove, that it helps that the website is a straight-forward, minimalist design that takes people straight to good content without distractions or asking pardon for interruptions. A better, user experience.

                                                                                                2. 4

                                                                                                  Interesting; why do you get so many more reads on Medium?

                                                                                                  1. 9

                                                                                                    Medium has tools for discovering interesting content. You can browse blog posts not just by author, but by category and tag, and at the bottom of every post are “related reads” - links to articles by the same author or by other authors that might be relevant to your interests. Combined with the traffic generated by a cohort of popular bloggers, that means impressions on your own writing are much more likely.

                                                                                                    Compare that with a personal website, where people will only discover it if they go to your site specifically, happen to find you on google, or have you in their RSS feed.

                                                                                                    1. 3

                                                                                                      Medium also recently rolled out a feature where you’re not allowed to read more than N articles without paying.

                                                                                                      No idea if it was a one-time thing, as my wife and I haven’t seen it since. But we were both wtf’ing about it.

                                                                                                      Beware the shiny tools.

                                                                                                      1. 9

                                                                                                        Not the shiny tools: putting trust and data in an organization whose incentives are aligned against you now or potentially in the future. It’s why I strongly push for:

                                                                                                        1. Open formats and protocols with open-source implementations available to dodge vendor lock-in. Enjoy the good, proprietary stuff while their good behavior lasts. Exit easily if it doesn’t.

                                                                                                        2. Public-benefit and/or non-profit organizations chartered to do specific good things and not do specific bad things. Ghost is best example in that area. Alternatively, self-hosting something that’s easy to install, sync, and move on a VPS at a good company like Prgmr.com with local copies of everything.

                                                                                                        Then, you don’t care if the vendor with shiny tools wants to put up a paywall on their version of the service. It will be their loss (No 1) or not happen at all (No 2.) We must always consider economic and legal incentives in our investments of time, money, and data. That’s the lesson I took way too long to learn as a technical person.

                                                                                                        1. 3

                                                                                                          You’re referring to the Medium Partner Program to which the author has to explicitly opt in to. If they do, they get a cut of the payday.

                                                                                                    2. 2

                                                                                                      what is a read? i have a feeling that most pageloads on medium are not actual reads, unless there are active metrics on the client side.

                                                                                                      1. 1

                                                                                                        They distinguish reads from views in their stats page so there’s some sort of client-side logic that tries to determine true reads.

                                                                                                      2. 1

                                                                                                        I write on my own website and post it to websites like this. Someone posted a link to my website on hacker news and it hit the top and I got thousands of views without any need for medium

                                                                                                      1. 3

                                                                                                        You probably don’t need any particular thing at all. SPAs are a tool, SSR is a tool. There are lots of other tools as well. All of them could probably be done with something else. None of that matters as long as the tool is able to do what you want which they all can.

                                                                                                        1. 1

                                                                                                          You can drive in a screw with a hammer too. Or a nail with a screwdriver.

                                                                                                          For some jobs SPA is not the correct good tool. For others, it is. Right now, SPAs are treated as the only tool anyone would need, which is wrong. SPAs come with a bunch of downsides, are harder to develop, and tricky to get right. Sometimes those downsides are worth it, but frequently they’re not.

                                                                                                        1. 17

                                                                                                          if only there was a browser that was committed to the open web

                                                                                                          1. 5

                                                                                                            I use Firefox on GNU and Android, which puts me in a tiny minority. See my comment at top level for why I brought up this post.

                                                                                                            1. 10

                                                                                                              My frustration with firefox was their support of DRM/EME is a serious violation to the idea of an open web

                                                                                                              1. 16

                                                                                                                I agree that the EME is a horrible thing for the open web. However, I think a strong Firefox is one of the most important things for the open web, and people would’ve been switching even faster from Firefox to Chrome if Chrome was the only way to play Netflix/HBO/whatever.

                                                                                                                At least they implemented it in the best way possible; AFAIK, Firefox ships with no closed source EME blobs, just the infrastructure, and the blobs aren’t downloaded before the user requests it.

                                                                                                                1. 7

                                                                                                                  I agree but if this is our biggest frustration with Firefox it is in good shape.

                                                                                                                  1. 2

                                                                                                                    there’s also the ssl pushing and deferring to google to say which sites are dangerous

                                                                                                                  2. 4

                                                                                                                    You have to pick your battles DRM wasn’t one that could be won right away. Firefox waited out for a long time after all the other browsers added drm. It did not cause drm to be stopped, it just caused everyone to leave firefox to watch videos.

                                                                                                                    If firefox keeps its users it can use its power to win other battles, right now they are adding tracker blocking and stopping autoplay. If they stuck to having no drm they probably wouldn’t even exist anymore.

                                                                                                                2. 2

                                                                                                                  there’s not.

                                                                                                                1. 3

                                                                                                                  I have been using the default webpack config that vuecli set up. Has been working well for me. Also I wonder what the performance penalty of multiple files is now with http 2. On the first request the server can send the html and every js/css file at the same time so you don’t have multiple round trips

                                                                                                                  What seems more efficient to you: downloading 1000 lines of code 10 lines at a time, or downloading 1000 lines of code all at once?

                                                                                                                  This is a terrible way to explain something. You can’t download 1000 lines all at once. They all come one bit at a time. Also just vague feelings about speed are not useful. Measure the speed before and after the change and then use the results to make your decision. It certainly was true however that multiple JS files did cause slowdowns because browsers would only request a limited number of resources at the same time but I doubt it has much of an effect at all anymore. If I was writing a blog post and posting it here I would actually test this claim however.

                                                                                                                  1. 1

                                                                                                                    hey, thanks for the feedback, I’m going to tweak the wording to hopefully be clearer

                                                                                                                  1. 23

                                                                                                                    I think sometimes the motivation for doing something as a SPA, whether it really has to be or not, goes like this:

                                                                                                                    1. Having an API for our service is a business requirement.
                                                                                                                    2. If we ever do a non-Web app (native mobile, desktop, voice assistant skill, etc.), it’ll have to use the API.
                                                                                                                    3. To ensure the API doesn’t end up being second-class, our web front-end should use the API as well.
                                                                                                                    4. I don’t want to go full micro-services already.
                                                                                                                    5. Having a server-rendered web app access the API over http://localhost just seems dumb.
                                                                                                                    6. So… SPA.

                                                                                                                    Has anyone else gone through this thought process?

                                                                                                                    1. 3

                                                                                                                      Yeup. At $work we have a bunch of projects on which we’re contracted to deliver a mobile app and a web app using the same backend. This makes NodeJS (server) + React DOM (web) + React Native (app) really attractive. We take advantage of a lot of skill-sharing between React and React Native, and a little bit of skill-sharing between the NodeJS bits and the rest.

                                                                                                                      1. 3

                                                                                                                        I think I did #5 recently…

                                                                                                                        1. 3

                                                                                                                          Yeah, I’m not really sure what’s wrong with #5. I vehemently object to the use of javascript, so if I were given freedom to design a web interface to an API, that’s exactly what it would look like.

                                                                                                                        2. 2

                                                                                                                          Our website at work was built not as a SPA and now our customers require an API. If we just built it off to the side it would end up not keeping up with all the features that the website has. So many APIs today are second class. Now we have to put in a huge effort to convert the existing website in to a spa.

                                                                                                                          1. 1

                                                                                                                            Can you use the API on the server side, as an abstraction layer under your existing MVC app?

                                                                                                                          2. 1

                                                                                                                            We do software in a similar fashion where I work, but instead of doing SPA’s our server-side MVC endpoints call into Web APIs. Not sure if that’s better or worse than what you describe.