• 183 Posts
  • 153 Comments
Joined 1 year ago
cake
Cake day: July 29th, 2023

help-circle



  • Mercure's spec has a bit more meat on its bones in terms of providing an adequate description of the protocol.

    From https://mercure.rocks/spec :

    Mercure provides a common publish-subscribe mechanism for public and private web resources. Mercure enables the pushing of any web content to web browsers and other clients in a fast, reliable and battery-efficient way. It is especially useful for publishing real-time updates of resources served through sites and web APIs to web and mobile apps.

    Subscription requests are relayed through hubs, which validate and verify the request. When new or updated content becomes available, hubs check if subscribers are authorized to receive it then distribute it.







  • lysdexic@programming.devtoProgramming@programming.devRust vs C
    ·
    edit-2
    10 months ago

    You are making an extreme assumption, and it also sounds like you’ve misread what I wrote. The “attempts” I’m talking about are studies (formal and informal) to measure the root causes of bugs, not the C or C++ projects themselves.

    I think you're talking past the point I've made.

    The point I've made is that the bulk of these attempts don't even consider onboarding basic static analysis tools for projects. Do you agree?

    If you read the post of other studies you've quoted, you'd be aware that some of them quite literally report results of onboarding a single static analysis tool to C or C++ projects. The very first study in your list is quite literally the results of onboarding projects to Hardware-assisted AddressSanitizer, after acknowledging that they haven't onboarded AddressSanitizer due to performance reasons. The second study in your list reports results of enabling LLVM’s bound sanitizer.

    Yet, your personal claim over "the lack of memory safety" in languages like C or C++ is unexplainably based on failing to follow very basic and simple steps like onboarding any static analysis tool, which is trivial to do. Yet, your assertion doesn't cover that simple step. Why is that?

    Again, I think this comparison is disingenuous. You take zero effort to address whole family of errors and then proceed to claim that whole family of errors are not addressed, even though nowadays there's a myriad of ways to tackle those. That doesn't sound like a honest comparison to me.



  • lysdexic@programming.devtoProgramming@programming.devRust vs C
    ·
    10 months ago

    C syntax is simple, yes, but C semantics are not; there have been numerous attempts to quantify what percentage of C and C++ software bugs and/or security vulnerabilities are due to the lack of memory safety in these languages, and (...)

    ...and the bulk of these attempts don't even consider onboarding basic static analysis tools to projects.

    I think this comparison is disingenuous. Rust has static code analysis checks built into the compiler, while C compilers don't. Yet, you can still add static code analysis checks to projects, and from my experience they do a pretty good job flagging everything ranging from Critical double-frees to newlines showing up where they shouldn't. How come these tools are kept out of the equation?









  • Ergonomic keyboards are not a result of “the size of the keyboard”, but the shape.

    I apologize for the mistake. Even though I referred to size, what I had in mind was geometry/layout.

    Without any real studies on it mentioned so far you’re relying on gut feeling and logic here.

    Are there actually any studies suggesting that ergonomic keyboards prevent RSI? As far as I could gather, there's a correlation between higher RSI incidence and keyboard usage, but nothing suggests ergonomic keyboards lead to a lower incidence of RSI.


  • Not to be a spoilsport, but as I predicted the .NET MAUI community in programming.dev is of course dead on arrival.

    The last post was two weeks ago, and the next to last one dates over one month.

    There was far more effort invested in requesting the creation of a community than to actually have a community. The request to create the community received more messages than those the actual community received in over a month.

    What's the point of creating these communities?



  • Wouldn’t wrist position be considered part of your overall posture?

    There are far more factors determining wrist position than the size of the keyboard, and only a very small fraction of all keyboard users end up developing any form of issue.

    Moreover, I'd wager that the number of people enduring bad laptop keyboards greatly outnumber those developing any kind of RSI issue, let alone those who feel strongly enough to buy ergonomic keyboards.

    It would be interesting to see how many ergonomic keyboards end up being snakeoil preying on people with more disposable money than good judgement.


  • From the whole blog post, the thing that caught my eye was the side remark regarding SPAs vs MPAs. It was one of those things that people don't tend to think about it but once someone touches on the subject, the problem become obvious. It seems that modern javascript frameworks focus on SPAs and try to shoehorn the concept everywhere, even when it clearly does not fit. Things reached a point where rewriting browser history to get that SPA to look like a MPA is now a basic feature of multiple pages, and it rarely works well.

    Perhaps it's too extreme to claim that MPAs are the future, but indeed there are a ton of webapps that are SPAs piling on complexity just to masquerade as MPAs.




  • Upgrading a major C++ compiler version was never free in my experience, but even when working in a codebase with ~2M LOC the upgrade (e.g. 14 -> 17) was something that could be prepared in a set of feature branches by one person over the span of one, maybe two weeks.

    That greatly depends on your project, what dependencies it has, and what's involved in the migration. For example, I recall a previous project I worked on that experienced a considerable amount of non-trivial issues when upgrading to C++14 due to unforeseeable curve balls. One of them was caused by a third-party dependency toggling constexpr versions of its member functions only on C++14, which caused a bunch of obscure linker errors as old symbols were no longer available.


  • lysdexic@programming.devtoProgramming@programming.devOpenD, a fork of D
    ·
    edit-2
    10 months ago

    Walter Bright has fairly odious political opinions;

    I fail to see the relevance of what personal opinions and beliefs he may or may not have. You're making it sound like the goal is not to improve a language ir fix issues, but to take something away from a person just because you disagree with their political opinions. That's hardly good use of anyone's time, and sounds terribly petty behavior.

    I wish I had that much free time to be able to waste it being so vindictive about such trifling issues.

    Which languages have you invested/migrated to, only to find that “political stunts” had a “negative impact” on your planned development?

    I don't waste my time with meaningless irrelevant stuff. Either a tech stack serves it's purpose, or it doesn't. I don't have enough free time to waste it trying to cancel others.





  • I’d go with an ergonomic one to avoid pain on the outside of the wrists.

    I might be totally wrong, but I firmly believe these ergonomic risk factors are not the root cause of these health problems, and instead they are indirect factors that are correlated with fundamental problems affecting a person's activity.

    For example, tennis elbow isn't caused by a particular model of a tennis racket, nor is jumper's knee caused by a shoe model. Interestingly, I stumbled upon a post somewhere in the past that pointed out that Emacs users had a higher incidence of repetitive strain injuries than vi users. One of the most basic treatments of RSI is a combination of working on the patient's overall posture and rest, regardless of keyboard format.

    If you're experiencing wrist pain due to keyboard usage, the time you spend typing is a far more important factor than what keyboard model you're using.


  • From the blog post, it sounds like the underlying motivation is not tied to technical aspects but control over the language. If I had invested any of my personal time onboarding onto D and migrated any of my projects to D, I would be concerned about the negative impact these political stunts have on the tech stack.






  • I’m not saying this guy’s experience isn’t valid, just that there is something else going on here whether it’s a changing job market that hasn’t caught up with me yet or soft skills or that market or outdated skill set or what.

    The blogger described his career path as "After more than a decade of sitting behind a single company's desk, my CV looks bleak." That doesn't sound like someone who was mindful of their career path.

    I also don't think the blogger is completely honest or factual with regards to the job interview process. The blogger claims that "Nowadays, you have to pass through several layers of random and arbitrary screening in order to even get invited to the even more grueling in-person interviews." As someone who somewhat recently switched roles, my personal experience is not the same. The bulk of recruiting processes start with a phone screening to verify that you really exist and have basic social skills, but technical screenings follow right after. Some organizations do pride themselves in having close to a dozen interview rounds, but you are expected to prove your worth in each and every single interview round you're pulled into it.

    The truth of the matter is that as labor supply is increasing, you have to do more than show up in a meeting to get a job offer. Not having a degree is also a red herring because that's effectively irrelevant for the bulk of the development positions out there.

    There's however a critical factor that I feel everyone should have in mind: the bulk of IT services/consultancy recruiters out there might post job ads but they actually have zero positions to fill. The blogger briefly mention those without appearing to connect the dots when they mention "Mr X was very impressed with your skills, however, we don't have any opening for you right now". Odds are they really really do not have a opening, and they just forced you to go through tests and assessments just so that they could add another entry in their database.