HackerTrans
TopNewTrendsCommentsPastAskShowJobs

galdor

no profile record

Submissions

Building Erlang applications the hard way

n16f.net
4 points·by galdor·قبل 3 سنوات·0 comments

comments

galdor
·قبل 10 أشهر·discuss
It feels like the age of AI has made take home coding exercises obsolete. I still have not found a good replacement.
galdor
·قبل سنتين·discuss
You would be surprised by how many infrastructures have software running without any container :) I'm running FreeBSD on my servers so containers are out, but even if I was Linux, why would I use containers for base services?
galdor
·قبل سنتين·discuss
Yes, it can be compiled and packaged so that I can one day install it as any other package, in my case on FreeBSD.

And of course it's not just about avoid recompilation, there are a lot of features I want to add.
galdor
·قبل سنتين·discuss
This space may be well established, but it still does not fullfill all needs. For my own:

- NGINX does not support ACME, and I'm fed up with dealing with Lego and other external ACME clients. Also the interactions between locations has never been clear to me.

- Caddy plugins mean I have to download xcaddy and rebuild the server. I really do not want to rebuild services on my servers just because I need a simple layer 4 reverse proxy (e.g. so that I can terminate TLS connections in front of my IRC server).

So I'm building my own server/reverse proxy (https://github.com/galdor/boulevard). Competition is good for everyone!
galdor
·قبل سنتين·discuss
Microsoft Entra having first class support for OIDC really helps; I remember seeing a decision diagram in their documentation recommending using OIDC for new projects, it can help negotiating. Google Workspace also works just fine with OIDC, and so does Okta.

I've been told that the only source of problems is going to be companies using Shibboleth, even though there seems to be an OIDC plugin.
galdor
·قبل سنتين·discuss
OWASP recommendations for Argon2id are 19MiB memory, iterations 2, parallelism 1. And following OWASP is not only a good idea for security but also makes it easy to justify with IT security, compliance, etc.
galdor
·قبل سنتين·discuss
Could you distribute it? I'm not a huge fan of ASDF complexity and have had many headaches trying to make some custom components work. I would welcome any simple alternative, even though I will probably end up writing my own.
galdor
·قبل سنتين·discuss
In technical organizations (all organizations really), simplicity is also a hard sell: you need people in charge with the ability to say "no" to a lot of ideas. And no one wants to be on the receiving end of a "no".

Those who favour simplicity will always be outnumbered, and their position will be untenable unless the entire top management team agrees. Good luck with that.

It is also one the reasons why the BDFL model works so much better: you need the ability to say "no" a lot.
galdor
·قبل 3 سنوات·discuss
The text of this act treat them the same way unless I'm missing something (feel free to point me the text saying otherwise). A sane legal text would put in place thresholds with different levels of expectations and liability depending on the size of the company, who you are selling to (companies or individuals) and its revenues, respecting the principle of proportionality.
galdor
·قبل 3 سنوات·discuss
In kitchens as in plumbings:

- There are rules, and clear established practices that allow you to follow these rules. In software the rabbit hole goes so deep that your average developer cannot even be aware of all the risks.

- You do not have to rely on millions of lines of code you have no control on.

As a simple example, if you are using network communications, you are probably using OpenSSL, GnuTLS or one of the few other TLS implementations. All of them have regular security issues, and simply selling support on an Open Source software you built using one of them will make you liable for these issues. There is no choice: you need TLS, and you're not going to implement it yourself. What are you supposed to do?

The fact that a solo developer selling 100€/month of support is treated the same way than a billion dollar company demonstrates the complete insanity of this act.
galdor
·قبل 3 سنوات·discuss
Correct. I would be perfectly fine with some amount of control and liability proportional to the size of the company, excluding tiny ones as it is often the case.

With this new act, even selling 100€/month of support for a piece of software you are contributing to makes you subject to the full force of the bill (and the full force includes scary numbers, millions, with zero information on how precise amounts will be calculated).

We can only hope that it is not voted in this sorry state.
galdor
·قبل 3 سنوات·discuss
It seems the author is refering to the EU Cybersecurity Act that should be voted early 2024.

The last draft clearly excludes open source software as long as there is no commercial activity associated. If voted in this state, it won't affect the vast majority of developers releasing some code under an Open Source license. But it will wipe out all small businesses: if you're a solo company selling support or feature development on some Open Source software you wrote, paperwork and liability are just not worth it.

And good luck selling anything relying on existing Open Source libraries, because you're now liable for them too. Given the cost of a security audit, you may as well stop trying and just sell SaaS (which is explicitely excluded from the bill, funny).

Larger companies of course won't care and will continue shipping buggy software riddled with security holes because they can afford the paperwork and absorb the legal risk.
galdor
·قبل 3 سنوات·discuss
Normal Computing | https://normalcomputing.ai | New York or full remote | Full Time

Normal Computing is making AI both scalable and useful.

We are looking for a senior web backend developer (8+ years experience ideally in Python, PostgreSQL) to join the Core Engineering team and work on a variety of projects.

Pros:

- Full remote.

- A lot of autonomy with a focus on deep work and minimal process.

- Working on applications more interesting than the average CRUD software.

If you like to build and have the skills that go with it, you may like it here. Contact us!

https://jobs.ashbyhq.com/Normal%20Computing%20AI/2cb7e085-a0...
galdor
·قبل 3 سنوات·discuss
I might be missing something, but the appeal of gradual typing to me is that I can mostly type functions, providing safe input/output boundaries, and avoid having to type every single variable (unless I have to do so for performance reasons, as I do in Common Lisp).

This approach is comfortable to me both in Erlang and in Common Lisp, I see it as a balance between safety/performances and development speed (and I'm saying that as someone using Go for all professional development and being really happy with its full static typing).
galdor
·قبل 3 سنوات·discuss
> Google runs some very sensitive applications for paying enterprise customers, and they still tend to not expire sessions.

For Google Workspace, web applications (e.g. Gmail or Calendar) will regularly force you to re-authenticate "for your security". It's not a daily thing fortunately, but it is common enough to be frustrating.
galdor
·قبل 3 سنوات·discuss
For anyone finding CLOS interesting, "The Art of the Metaobject Protocol" is the next logical step. A good way to dig deep into how CLOS is built.

It should be a mandatory read for anyone looking to design a programming language with object concepts.
galdor
·قبل 3 سنوات·discuss
The trick with online platforms is to edit messages, replacing the content with a random string (this script supports both ".", a random string or a fixed string of your choosing).

Most web apps will keep a copy of messages you delete, but they usually do not save an history of every modification.
galdor
·قبل 3 سنوات·discuss
Wait it's integrated with SystemD? What is a package management system doing with the init process? I now remember that Guix is a daemon, something that made me really wary at the time; but a SystemdD dependency is something else entirely.
galdor
·قبل 3 سنوات·discuss
This is the only reason I haven't tried to use Guix. I love the concept, I want to use it, but it does not run on FreeBSD. And I would not invest time in a packaging system that works on my workstation but not on my servers.

It is sad to see so many Linux only software, especially when there is no technical reason not to support *BSD.
galdor
·قبل 3 سنوات·discuss
The most surprising aspect of REDUCE is the way the callback can be called depending on both the length of the list and the presence of absence of an initial value.