I’m not here to argue sides, and Linus’ comment is extremely uncouth, but you should understand that it’s due to territorial sanctions, not just because someone is Russian or not. It’s not that Russians are inherently untrustworthy, it’s just that everyone working within Russian territory could be forced to commit espionage for the government and they really wouldn’t have an option besides risking not only their lives but their family’s lives.
There’s absolutely a conversation to be had here, blindly screaming “racist!” at everyone isn’t how to go about it.
It’s not even a matter of territory, it’s a matter of employment. There are plenty of people from Russia on the MAINTAINERS list after this patch set, they just don’t work for sanctioned companies.
No one got removed from the list for being Russian. They got removed because they’re working for companies on the OFAC sanctions list. You don’t have to be Russian for that, you’d get removed regardless of nationality if you’re working for one of those companies, and the company in question doesn’t have to be Russian, either, there are companies from all over the world on that list, including from the US for that matter.
Framing this as xenophobic or racist is honestly kind of awful for those of us who actually experience xenophobia or racism. Not being allowed on a list because your employer is on the wrong list is both a universal problem and not quite the same kind of thing as being called a slur based on where you were born or when they hear your accent.
Not that I want to defend the way this was communicated. You never know why someone’s working for whoever’s employing them. Maybe they agree with their government’s ideology, sure, or maybe they just don’t care and karma woke up grumpy today. But maybe they have an ailing parent and no other realistic prospect of employment, or someone’s literally held a gun to their head, or a relative’s head, or maybe working there is the only reason why their kid isn’t being sent to the frontlines. Basic decency would’ve required an elegant approach, even at the risk of being wasted on people who didn’t deserve it.
This is a complete clusterfuck and I’m sure there’s no shortage of people who are cheering for it because they’re xenophobic assholes, which only makes it worse.
Blindly screaming “racist” isn’t the way to go about it, I will grant. Conversely, screaming “Russian bot”, “troll”, and “I’m Finnish” aren’t ways to go about that conversation either. There may be a very legitimate reason for the actions taken by Linus and friends. But mumbling something about “compliance requirements” (Greg KH) and deflecting with ad hominem (Linus) are not how you run an open source project that values transparency and trust very highly. Especially when that project is global in scope like Linux.
I’m seeing a lot of bad faith “well they do it so I can do” extremist comments around this predicament. Linus is being biased, so we can be too. The US commits espionage, so Russia should be able to as well (I’m not saying Russia is but that’s a sentiment I see being tossed around). None of this is productive. This is a matter of sanctioning laws and Linus not being able to shut his mouth, both problems are old as time. This is not an excuse for us to rip off our shirts and act like cavemen.
I don’t know if you’re familiar with the problems around the Rust For Linux project, but the entire Linux project seems to have extreme interpersonal issues in every corner. The entire Linux project is extremely unhealthy, and I’m really not surprised at how this was handled, it seems par for the course at this stage.
everyone working within Russian territory could be forced to commit espionage
The same is very true for the USA, as well.
The most offensive aspect of this drama is that, the door is open for the rest of the world to demand that American’s not be allowed access to the Linux kernel, also - for the same reasons that Russians are now denied it.
Listen to me very, very carefully, we are not talking about morality, we are talking about sanctioning laws. This is not a politics thread, pushcx already had to delete half the comments in this thread because people do not understand that.
It’s especially sad that your post is directly under one of my responses to a response to my post, where I point out how many people are using this as an excuse to act in bad faith and point fingers at everyone for no productive end goal. No, let’s not burn the world down because one country has some sanctioning laws against another, how about that?
Unfortunately for as long as a single nation thinks it has a moral imperative to ‘fix the world’ using its resources, this will always be a political battle.
one country has some sanctioning laws against another
Only the American people think they have the moral altitude to ‘do something about those inferior cultures’.
This isn’t about morality or law. This is about totalitarian-authoritarianism. Point.
The sanctioning laws against Russia are a lot more involved than the US single-handedly deciding Russia is an “inferior culture”, but I’ll stop here. I have a feeling you’re a bit too emotionally invested in this to hold a proper conversation about it.
Nonsense. America sanctions its enemies because it is a form of power and control, and that is the only reason it happens.
America has done everything bad that Russia has done, this century. But who sanctions the USA? Nobody, because only the USA has given itself that ability.
I’m not here to argue sides, and Linus’ comment is extremely uncouth, but you should understand that it’s due to territorial sanctions, not just because someone is Russian or not. It’s not that Russians are inherently untrustworthy, it’s just that everyone working within Russian territory could be forced to commit espionage for the government and they really wouldn’t have an option besides risking not only their lives but their family’s lives.
Can you clarify the origin of this information? It has been hard to find much of anything about the reasons for this action. The most detail I could find was that lawyers said to remove maintainers who work for companies “on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list.” Which would suggest it’s based on companies rather than territory.
Russian aggression is precisely the reason for the sanctions, though. I guess he’s just saying he agrees with them (and given the history between Russia and Finland I’m not surprised.) Admittedly agreeing with sanctions is rather irrelevant from a legal PoV - you still have to implement them, either way.
Assuming that this decision was taken to comply with international sanctions, it would be appropriate for the kernel team to remove access for contributors with ties to Hamas, an organization that is both sanctioned and responsible for the terrorist attacks that the state of Israel is now responding to.
Israel itself is not under sanctions.
Sanctions are a blunt instrument and will affect innocents and non-supporters of the sanctioned state or organization too. However the idea is that they are an international response that leaders should take into account before attacking another country.
While I agree to restrict access for maintainers affiliated with terrorist organizations such as Hamas, I believe that effectively differentiating between innocent individuals, supporters, and non-supporters is extremely challenging and basically not worth it
It’s practically impossible to make an objective decision about whether verbal and physical actions serve the terrorist organization’s purpose or not
I wrote this comment before reading that only those employed by companies on the OFAC list were remove from the list. This is also an imperfect filter but it’s far from the accusations that just being Russian is enough to be removed from the list.
Those russians that do not support russian aggression have much more pressing concerns than contribution to Linux. They should not be distracted from organisation of opposition or migration elsewhere, or a bajilion of other things they should be doing. Doing nothing was somewhat defensible before the full scale invasion but not any more. Doing nothing now is complecency and a tacit support of the current government policy.
This is a basically unreasonable obligation to put on the citizens of any country, and I can confidently say without knowing you that you would not hold yourself, your family, or your friends to the same standard if the situation were reversed.
What would you want to read on? Why not using bleeding-edge type system research results in a new language a bad idea? I don’t have a clue.
On the other hand, I can make that claim from the article even “stronger”. You can easily show that Go creators ignored research from before 1970 - Algol68 contains sum types/tagged unions.
@tt Types or no types is still in realm of holywars among my fellow developers - where everyone religiously defends their position. My interest is mainly to understand what research is saying about types in programming languages.
I don’t participate in the comments section as much, but it’s always a pleasure to read reasonable people having reasonable discussions. And the fact that politics is of the board… Love it!
I’m trying to relaunch my own SaaS product – https://ashop.co , it got “sidetracked” by sudden Amazon API update (with months notice). I also added all the features my previous clients asked for. Exciting and nerv-wrecking at the same time.
bbatsov, thanks for all your hard work on rubocop. I’ve had a few of these heated OSS issues in my time too. Just remember to keep perspective, policing in the USA is a very hot topic right now; there are millions of protesters on the street for a reason. If I was in your shoes: I’d tell everyone to step away from the issue for a month, let me consider the issue and make a decision then. Time often brings clarity.
Just remember to keep perspective, policing in the USA is a very hot topic right now; there are millions of protesters on the street for a reason
They are protesting because of police brutality, not because of the term “cop”. This is a bit like saying we should ban the term CO2 because of climate change.
One of the biggest rallying cries of the current movement is “defund the police”. It is not just police brutality but the concept of policing itself which demonstrators are calling into question. I think that context is missing from this discussion.
You might want to consider the other side of the argument, that a lot of people are not from US and more developers in Europe (and elsewhere) are pissed and tired of American politics.
I would rather see bbatsov spend time with his friends, family and kids than to spend a another minute on this issue. If he wishes to spend this time on OSS, my guess would be that he can find a way more interesting problems to tackle.
Stepping away from a month might be a good start, because who knows what riles up folks in July? Probably not the police and in that case nobody will care about the name anymore, at least not the degree that they’re willing to maintain a fork over it. If there’s still interest in having a fork next month, then so be it?
Asking him to spend any time on preparing the rename he isn’t interested in is, however, intruding in his life.
Is this is a sign of Microsoft not doing so great with GitHub? This basically creates less incentives to pay for a team account? I understand that microsoft has very big pockets… but how on earth do they even plan to make money nowadays?
This tweet from the GitHub CEO says that their enterprise product is how they make money:
I’ve been excited for this day for nearly 18 months, and it’s great to finally be here.
Thanks to our Enterprise customers whose rapidly growing use of GitHub makes this change possible for all the startups and small teams around the world. 🙏
It’s about expanding the user base and getting as much control over the largest number of people possible. The book Surveillance Capitalism goes into this.
This basically creates less incentives to pay for a team account?
There are still a bunch of features that are only for public repos with the free tier. Having those available for free is good marketing: everyone learns how they work and then wants them in their work repos. If anything, I’d think it would increase the incentives for buying the teams version. $4/month is basically noise on top of an engineer’s salary (let alone the total cost of employing an engineer). If those engineers are 1% more productive as a result of the features in the paid edition, it’s a clear win.
It usually depends on a project more, some languages fit more than others. But I decided to use Ruby for most of my projects – I can easily re-use most of the stuff I’ve been using in other project, I know library ecosystem well enough and I’m productive with it.
But personally, I lean towards Clojure/Elm/Elixir more and more. Just don’t feel that I’m productive enough with those.
I feel that databases already stepped-up their game, but somehow people are not up to date with all the improvements. A lot of developers I meet have no clue how to optimize database and generally treat it as a black box. A lot of companies would rather hire someone with ReactJS experience, than DBA experience :)
I obviously have no idea what you have in mind but I agree and am intrigued. (Even so, it’s interesting and instructive to see how the whole noSQL cycle went down.)
What I mean is that I have spent some time with PostgreSQL’s views, triggers and row-level-security to glimpse a future where a lot of business logic gets encoded in a non-imperative way very close to the data. We are not there yet, though.
It would be nice to be able to store the schema in a git repository and be able to statically check that all your views and procedures are compatible with each other. It would also be nice to have a tool to construct the best migration path from the current schema to the new one where you only instruct it on the missing bits (that is, how did the shape of data changed).
I think that a tight type system and some good tooling might be able to combat the complexity much better than service oriented architecture that still needs a lot of attention on coordination and API stability. If a team changed their public views, they should immediately get a type error or a QuickCheck test suite should notify them that they broke something. They could share ownership and modify dependent code themselves more easily.
It’s very simple actually: build up your schema with idempotent SQL scripts split up into a regular text files according to your taste (you can place them in a hierarchical file structure that fits your software model). Just use \ir path/to/script.sql to run all the scripts in order from a top init.sql file. For example, from init.sql, call one script to set up db users, another to create schemas and set basic permissions on them, then call one script for each schema which in turn calls sub-scripts to set up tables, views, functions… All of this happens in regular text files, under version control. Reloading the entire db strucure + seed data takes about a second, so you can iterate quickly.
Now, the great thing that subzero-cli gives you is a way to turn the resulting schema into a migration (using the Sqitch stand-alone migration tool) by automatically diffing your current schema against the last checked in schema. (This involves a little dance of starting up ephemeral Docker containers and running a diffing tool, but you don’t really notice.) So you get a standard way of deploying this to your production system using simple migrations. (Sqitch is a pretty great tool in itself.)
be able to statically check that all your views and procedures are compatible with each other
Here you’ll have to rely on automated tests, like pgTAP or anything really that you prefer. Python is very well supported as an “in-database” language by Postgres and I’m working on writing tests using the wonderful Hypothesis library and run them directly inside Postgres to thoroughly test functions, views etc.
It would also be nice to have a tool to construct the best migration path from the current schema to the new one
Again, handled very well by subzero-cli, relying on apgdiff (apgdiff.com, yes it’s “old” but subzero maintain their own fork which gets small tweaks from what I’ve seen).
I obviously agree with the rest of what you wrote :) If you put PostgREST, PostGraphile, or Hasura on top of your “smart” postgres system, you can give teams quite a bit of flexibility and autonomy in structuring client-server communication for their use cases, while keeping the core logic locked down in a base schema.
It would be nice to be able to store the schema in a git repository and be able to statically check that all your views and procedures are compatible with each other. It would also be nice to have a tool to construct the best migration path from the current schema to the new one where you only instruct it on the missing bits (that is, how did the shape of data changed).
Unless I misunderstand you, these tools already exist, at least for MySQL, PostgreSQL, and MSSQL. The compatibility checking does need to happen by deploying the schema, but the rest is there now.
I’m not here to argue sides, and Linus’ comment is extremely uncouth, but you should understand that it’s due to territorial sanctions, not just because someone is Russian or not. It’s not that Russians are inherently untrustworthy, it’s just that everyone working within Russian territory could be forced to commit espionage for the government and they really wouldn’t have an option besides risking not only their lives but their family’s lives.
There’s absolutely a conversation to be had here, blindly screaming “racist!” at everyone isn’t how to go about it.
It’s not even a matter of territory, it’s a matter of employment. There are plenty of people from Russia on the
MAINTAINERSlist after this patch set, they just don’t work for sanctioned companies.No one got removed from the list for being Russian. They got removed because they’re working for companies on the OFAC sanctions list. You don’t have to be Russian for that, you’d get removed regardless of nationality if you’re working for one of those companies, and the company in question doesn’t have to be Russian, either, there are companies from all over the world on that list, including from the US for that matter.
Framing this as xenophobic or racist is honestly kind of awful for those of us who actually experience xenophobia or racism. Not being allowed on a list because your employer is on the wrong list is both a universal problem and not quite the same kind of thing as being called a slur based on where you were born or when they hear your accent.
Not that I want to defend the way this was communicated. You never know why someone’s working for whoever’s employing them. Maybe they agree with their government’s ideology, sure, or maybe they just don’t care and karma woke up grumpy today. But maybe they have an ailing parent and no other realistic prospect of employment, or someone’s literally held a gun to their head, or a relative’s head, or maybe working there is the only reason why their kid isn’t being sent to the frontlines. Basic decency would’ve required an elegant approach, even at the risk of being wasted on people who didn’t deserve it.
This is a complete clusterfuck and I’m sure there’s no shortage of people who are cheering for it because they’re xenophobic assholes, which only makes it worse.
Blindly screaming “racist” isn’t the way to go about it, I will grant. Conversely, screaming “Russian bot”, “troll”, and “I’m Finnish” aren’t ways to go about that conversation either. There may be a very legitimate reason for the actions taken by Linus and friends. But mumbling something about “compliance requirements” (Greg KH) and deflecting with ad hominem (Linus) are not how you run an open source project that values transparency and trust very highly. Especially when that project is global in scope like Linux.
I’m seeing a lot of bad faith “well they do it so I can do” extremist comments around this predicament. Linus is being biased, so we can be too. The US commits espionage, so Russia should be able to as well (I’m not saying Russia is but that’s a sentiment I see being tossed around). None of this is productive. This is a matter of sanctioning laws and Linus not being able to shut his mouth, both problems are old as time. This is not an excuse for us to rip off our shirts and act like cavemen.
I don’t know if you’re familiar with the problems around the Rust For Linux project, but the entire Linux project seems to have extreme interpersonal issues in every corner. The entire Linux project is extremely unhealthy, and I’m really not surprised at how this was handled, it seems par for the course at this stage.
The same is very true for the USA, as well.
The most offensive aspect of this drama is that, the door is open for the rest of the world to demand that American’s not be allowed access to the Linux kernel, also - for the same reasons that Russians are now denied it.
Listen to me very, very carefully, we are not talking about morality, we are talking about sanctioning laws. This is not a politics thread, pushcx already had to delete half the comments in this thread because people do not understand that.
It’s especially sad that your post is directly under one of my responses to a response to my post, where I point out how many people are using this as an excuse to act in bad faith and point fingers at everyone for no productive end goal. No, let’s not burn the world down because one country has some sanctioning laws against another, how about that?
Unfortunately for as long as a single nation thinks it has a moral imperative to ‘fix the world’ using its resources, this will always be a political battle.
Only the American people think they have the moral altitude to ‘do something about those inferior cultures’.
This isn’t about morality or law. This is about totalitarian-authoritarianism. Point.
The sanctioning laws against Russia are a lot more involved than the US single-handedly deciding Russia is an “inferior culture”, but I’ll stop here. I have a feeling you’re a bit too emotionally invested in this to hold a proper conversation about it.
Nonsense. America sanctions its enemies because it is a form of power and control, and that is the only reason it happens.
America has done everything bad that Russia has done, this century. But who sanctions the USA? Nobody, because only the USA has given itself that ability.
technically many countries have sanctions against the US, though it’s usually a response to the US sanctioning them first.
Can you clarify the origin of this information? It has been hard to find much of anything about the reasons for this action. The most detail I could find was that lawyers said to remove maintainers who work for companies “on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list.” Which would suggest it’s based on companies rather than territory.
Linus’s comment does seem to suggest some animus towards Russia. Bringing up “Russian aggression” is willd to me.
Russian aggression is precisely the reason for the sanctions, though. I guess he’s just saying he agrees with them (and given the history between Russia and Finland I’m not surprised.) Admittedly agreeing with sanctions is rather irrelevant from a legal PoV - you still have to implement them, either way.
Assuming that this decision was taken to comply with international sanctions, it would be appropriate for the kernel team to remove access for contributors with ties to Hamas, an organization that is both sanctioned and responsible for the terrorist attacks that the state of Israel is now responding to.
Israel itself is not under sanctions.
Sanctions are a blunt instrument and will affect innocents and non-supporters of the sanctioned state or organization too. However the idea is that they are an international response that leaders should take into account before attacking another country.
It is; for instance:
https://en.wikipedia.org/wiki/Arab_League_boycott_of_Israel
While I agree to restrict access for maintainers affiliated with terrorist organizations such as Hamas, I believe that effectively differentiating between innocent individuals, supporters, and non-supporters is extremely challenging and basically not worth it
It’s practically impossible to make an objective decision about whether verbal and physical actions serve the terrorist organization’s purpose or not
I wrote this comment before reading that only those employed by companies on the OFAC list were remove from the list. This is also an imperfect filter but it’s far from the accusations that just being Russian is enough to be removed from the list.
Those russians that do not support russian aggression have much more pressing concerns than contribution to Linux. They should not be distracted from organisation of opposition or migration elsewhere, or a bajilion of other things they should be doing. Doing nothing was somewhat defensible before the full scale invasion but not any more. Doing nothing now is complecency and a tacit support of the current government policy.
This is a basically unreasonable obligation to put on the citizens of any country, and I can confidently say without knowing you that you would not hold yourself, your family, or your friends to the same standard if the situation were reversed.
I’m having fun with golang, never thought I’d like it as much as I do.
I’m building my own documentation browser for terminal https://poshtui.com/welcome
And also working on miniflux-email-client. https://github.com/skatkov/miniflux-email-client
poshtui looks really cool were you able to sell any licenses
Thanks.
5 already sold and I only know two of those buyers personally.
Golang, because I like https://charm.sh and decided to build a similar looking TUI.
Initially was not very fond of learning Golang. But even with downsides, it’s a pretty cool language to have under a belt.
This article mentions research about type systems. Anyone can recommend a good read on this topic?
What would you want to read on? Why not using bleeding-edge type system research results in a new language a bad idea? I don’t have a clue.
On the other hand, I can make that claim from the article even “stronger”. You can easily show that Go creators ignored research from before 1970 - Algol68 contains sum types/tagged unions.
@tt Types or no types is still in realm of holywars among my fellow developers - where everyone religiously defends their position. My interest is mainly to understand what research is saying about types in programming languages.
Have you seen https://danluu.com/empirical-pl/ ?
Thank you to maintainers. I have been successfully using it for years.I’m a happy user of bitwarden now.
https://www.instagram.com/p/CGkIh1ajohY/ – I often travel, so my warstation is mobile.
My main machine is Thinkpad X1 Carbon and I’m using Manjaro.
What keyboard and external screen is that? Out of interest which X1?
Recently acquired a small micro-SaaS rss reader ( https://briefcake.com ), because I actually started reading my feeds thanks to it :)
Thanks for existence, lobste.rs!
I don’t participate in the comments section as much, but it’s always a pleasure to read reasonable people having reasonable discussions. And the fact that politics is of the board… Love it!
I’m trying to relaunch my own SaaS product – https://ashop.co , it got “sidetracked” by sudden Amazon API update (with months notice). I also added all the features my previous clients asked for. Exciting and nerv-wrecking at the same time.
bbatsov, thanks for all your hard work on rubocop. I’ve had a few of these heated OSS issues in my time too. Just remember to keep perspective, policing in the USA is a very hot topic right now; there are millions of protesters on the street for a reason. If I was in your shoes: I’d tell everyone to step away from the issue for a month, let me consider the issue and make a decision then. Time often brings clarity.
They are protesting because of police brutality, not because of the term “cop”. This is a bit like saying we should ban the term CO2 because of climate change.
One of the biggest rallying cries of the current movement is “defund the police”. It is not just police brutality but the concept of policing itself which demonstrators are calling into question. I think that context is missing from this discussion.
With all due respect, mister Perham.
You might want to consider the other side of the argument, that a lot of people are not from US and more developers in Europe (and elsewhere) are pissed and tired of American politics.
I would rather see bbatsov spend time with his friends, family and kids than to spend a another minute on this issue. If he wishes to spend this time on OSS, my guess would be that he can find a way more interesting problems to tackle.
This is a well articulated comment. I think your advice is reasonable.
Stepping away from a month might be a good start, because who knows what riles up folks in July? Probably not the police and in that case nobody will care about the name anymore, at least not the degree that they’re willing to maintain a fork over it. If there’s still interest in having a fork next month, then so be it?
Asking him to spend any time on preparing the rename he isn’t interested in is, however, intruding in his life.
Is this is a sign of Microsoft not doing so great with GitHub? This basically creates less incentives to pay for a team account? I understand that microsoft has very big pockets… but how on earth do they even plan to make money nowadays?
This tweet from the GitHub CEO says that their enterprise product is how they make money:
It’s about expanding the user base and getting as much control over the largest number of people possible. The book Surveillance Capitalism goes into this.
There are still a bunch of features that are only for public repos with the free tier. Having those available for free is good marketing: everyone learns how they work and then wants them in their work repos. If anything, I’d think it would increase the incentives for buying the teams version. $4/month is basically noise on top of an engineer’s salary (let alone the total cost of employing an engineer). If those engineers are 1% more productive as a result of the features in the paid edition, it’s a clear win.
It usually depends on a project more, some languages fit more than others. But I decided to use Ruby for most of my projects – I can easily re-use most of the stuff I’ve been using in other project, I know library ecosystem well enough and I’m productive with it.
But personally, I lean towards Clojure/Elm/Elixir more and more. Just don’t feel that I’m productive enough with those.
What we really need are better databases.
I feel that databases already stepped-up their game, but somehow people are not up to date with all the improvements. A lot of developers I meet have no clue how to optimize database and generally treat it as a black box. A lot of companies would rather hire someone with ReactJS experience, than DBA experience :)
I obviously have no idea what you have in mind but I agree and am intrigued. (Even so, it’s interesting and instructive to see how the whole noSQL cycle went down.)
What I mean is that I have spent some time with PostgreSQL’s views, triggers and row-level-security to glimpse a future where a lot of business logic gets encoded in a non-imperative way very close to the data. We are not there yet, though.
It would be nice to be able to store the schema in a git repository and be able to statically check that all your views and procedures are compatible with each other. It would also be nice to have a tool to construct the best migration path from the current schema to the new one where you only instruct it on the missing bits (that is, how did the shape of data changed).
I think that a tight type system and some good tooling might be able to combat the complexity much better than service oriented architecture that still needs a lot of attention on coordination and API stability. If a team changed their public views, they should immediately get a type error or a QuickCheck test suite should notify them that they broke something. They could share ownership and modify dependent code themselves more easily.
This is indeed the technical platform I introduced at my last job and am using for my current project!
I’m using the excellent setup pioneered (?) by the PostgREST/Subzero project:
https://github.com/subzerocloud/subzero-cli
It’s very simple actually: build up your schema with idempotent SQL scripts split up into a regular text files according to your taste (you can place them in a hierarchical file structure that fits your software model). Just use
\ir path/to/script.sqlto run all the scripts in order from a topinit.sqlfile. For example, frominit.sql, call one script to set up db users, another to create schemas and set basic permissions on them, then call one script for each schema which in turn calls sub-scripts to set up tables, views, functions… All of this happens in regular text files, under version control. Reloading the entire db strucure + seed data takes about a second, so you can iterate quickly.Now, the great thing that subzero-cli gives you is a way to turn the resulting schema into a migration (using the Sqitch stand-alone migration tool) by automatically diffing your current schema against the last checked in schema. (This involves a little dance of starting up ephemeral Docker containers and running a diffing tool, but you don’t really notice.) So you get a standard way of deploying this to your production system using simple migrations. (Sqitch is a pretty great tool in itself.)
Here you’ll have to rely on automated tests, like pgTAP or anything really that you prefer. Python is very well supported as an “in-database” language by Postgres and I’m working on writing tests using the wonderful Hypothesis library and run them directly inside Postgres to thoroughly test functions, views etc.
Again, handled very well by subzero-cli, relying on apgdiff (apgdiff.com, yes it’s “old” but subzero maintain their own fork which gets small tweaks from what I’ve seen).
I obviously agree with the rest of what you wrote :) If you put PostgREST, PostGraphile, or Hasura on top of your “smart” postgres system, you can give teams quite a bit of flexibility and autonomy in structuring client-server communication for their use cases, while keeping the core logic locked down in a base schema.
Unless I misunderstand you, these tools already exist, at least for MySQL, PostgreSQL, and MSSQL. The compatibility checking does need to happen by deploying the schema, but the rest is there now.
I am pretty sure that checking of procedure bodies only happens when you run them.
Can you share links for the tools? I am not aware of them.
Yeah, stored procs are not statically analyzed in any of the tools I know. SQL Server: https://docs.microsoft.com/en-us/sql/relational-databases/data-tier-applications/deploy-a-database-by-using-a-dac?view=sql-server-ver15 MySQL: https://www.skeema.io/ For Postgres I know I’ve seen one or two tools that functioned in this way but I don’t seem to have saved the link.