Feed digilinux.ru [copy] http://digilinux.ru/feed/ has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Feed freepost [copy] https://freepo.st/rss/new has loading error: cURL error 6: Could not resolve host: freepo.st
Python: Please stop screwing over Linux distros
Linux distributions? Oh, those things we use to bootstrap our Docker containers? Yeah, those are annoying. What were you complaining about again?
The Python community is obsessed with reinventing the wheel, over and over and over and over and over and over again. distutils, setuptools, pip, pipenv, tox, flit, conda, poetry, virtualenv, requirements.txt, setup.py, setup.cfg, pyproject.toml… I honestly can’t even list all of the things you have to deal with. It’s a disaster.
This comic is almost 4 years old and it has become much worse since. Python is a mess. I really want to like Python. I have used it for many years and in many projects, including...
I will pay you cash to delete your npm module
npm’s culture presents a major problem for global software security. It’s grossly irresponsible to let dependency trees grow to thousands of dependencies, from vendors you may have never heard of and likely have not critically evaluated, to solve trivial tasks which could have been done from scratch in mere seconds, or, if properly considered, might not even be needed in the first place.
We need to figure out a way to curb this reckless behavior, but how?
I have an idea. Remember left-pad? That needs to happen more often.
I’ll pay you cold hard cash to delete your npm module. The exact amount will be determined on this equation,...
Status update, November 2021
Hello again! Following a spooky month, we find ourselves again considering the progress of our eternal march towards FOSS world domination.
I’ll first address SourceHut briefly: today is the third anniversary of the opening of the public alpha! I have written a longer post for sourcehut.org which I encourage you to read for all of the details.
In other news, we have decided to delay the release of our new programming language, perhaps by as much as a year. We were aiming for February ‘22, but slow progress on some key areas such as cryptography and the self-hosting compiler, plus the looming necessity of the full-scale acceptance testing...
Breaking down Apollo Federation's anti-FOSS corporate gaslighting
Gather around, my friends, for there is another company which thinks we are stupid and we enjoy having our faces spat in. Apollo Federation1 has announced that they will switch to a non-free license. Let’s find out just how much the Elastic license really is going to “protect the community” like they want you to believe.
Let’s start by asking ourselves, objectively, what practical changes can we expect from a switch from the MIT license to the Elastic License? Both licenses are pretty short, so I recommend quickly reading them yourself before we move on.
I’ll summarize the difference between these licenses. First, the Elastic license offers you (the recipient...
GitHub stale bot considered harmful
Disclaimer: I work for a GitHub competitor.
One of GitHub’s “recommended” marketplace features is the “stale” bot. The purpose of this bot is to automatically close GitHub issues after a period of inactivity, 60 days by default. You have probably encountered it yourself in the course of your work.
This is a terrible, horrible, no good, very bad idea.
I’m not sure what motivates maintainers to install this on their repository, other than the fact that GitHub recommends it to them. Perhaps it’s motivated by a feeling of shame for having a lot of unanswered issues? If so, this might stem from a misunderstanding of the responsibilities a maintainer...
How SmarterEveryDay's 4privacy can, and cannot, meet its goals
I don’t particularly find myself to be a fan of the SmarterEveryDay YouTube channel, simply for being outside of Destin’s target audience most of the time. I understand that Destin, the channel’s host, is a friendly person and a great asset to his peers, and that he generally strives to do good. When I saw that he was involved in a Kickstarter to develop a privacy product, it piqued my interest. As a privacy advocate and jaded software engineer, I set out to find out what it’s all about.
You can watch the YouTube video here, and a short follow-up here.
There are several things to praise here....
Software developers have stopped caring about reliability
Of all the principles of software engineering which has fallen by the wayside in the modern “move fast and break things” mentality of assholes modern software developers, reliability is perhaps the most neglected, along with its cousin, robustness. Almost all software that users encounter in $CURRENTYEAR is straight-up broken, and often badly.
Honestly, it’s pretty embarassing. Consider all of the stupid little things you’ve learned how to do in order to work around broken software. Often something as simple as refreshing the page or rebooting the program to knock some sense back into it — most users can handle that. There are much stupider problems, however, and they are...
Status update, October 2021
On this dreary morning here in Amsterdam, I’ve made my cup of coffee and snuggled my cat, and so I’m pleased to share some FOSS news with you. Some cool news today! We’re preparing for a new core product launch at sr.ht, cool updates for our secret programming language, plus news for visurf.
Simon Ser has been hard at work on expanding his soju and gamja projects for the purpose of creating a new core sourcehut product: chat.sr.ht. We’re rolling this out in a private beta at first, to seek a fuller understanding of the system’s performance characteristics, to make sure everything is well-tested and reliable, and to...
How reflection works in ****
Note: this is a redacted copy of a blog post published on the internal development blog of a new systems programming language. The name of the project and further details are deliberately being kept in confidence until the initial release. You may be able to find it if you look hard enough — you have my thanks in advance for keeping it to yourself. For more information, see “We are building a new systems programming language”.
I’ve just merged support for reflection in xxxx. Here’s how it works!
Background“Reflection” refers to the ability for a program to examine the type system of its programming language, and to dynamically manipulate...
Developers: Let distros do their job
I wrote a post some time ago titled Developers shouldn’t distribute their own software, and after a discussion on the sr.ht IRC channel today, the topic seems worthy of renewed mention. Let’s start with this: what exactly is a software distribution, anyway?
I use “software distribution” here, rather than “Linux distribution”, because it generalizes better. For example, all of the major BSD systems, plus Illumos and others besides, are software distributions, but don’t involve Linux. Some differ further still, sitting on top of another operating system, such as Nix or pkgsrc. What these systems all have in common is that they concern themselves with the distribution of software, and...