@kornel@mastodon.social
@kornel@mastodon.social avatar

kornel

@kornel@mastodon.social

I compress pixels (https://ImageOptim.com https://pngquant.org https://gif.ski).
Web Standards & #RustLang

This profile is from a federated server and may be incomplete. Browse more on the original instance.

kornel, to random
@kornel@mastodon.social avatar

When I want my mind blown, I compare former world's largest supercomputers to the tech I have around.

ASCI Red, the world's fastest supercomputer until the year 2000, was 150m² large, consumed 850,000W of power …and was slower than an iPhone 14 Pro, which uses ~6W.

ASCI Red had over 1TB of RAM, which may still sound impressive, except that RAM was 2× slower than the iPhone's 1TB SSD.

https://upload.wikimedia.org/wikipedia/commons/9/97/Asci_red_-_tflop4m.jpeg

kornel,
@kornel@mastodon.social avatar

@happyborg It's funny that software bloat complaint is as old as software, only the numbers change.

https://cr.yp.to/bib/1995/wirth.pdf

I can't wait until every program bundles a 64GB LLM for its AI interface, making Electron apps feel tiny ;)

kornel, to random
@kornel@mastodon.social avatar

It's surreal how slowly time moves in the world of C compilers.

Today there are still active projects that are hesitant to move past C89, and C99 is still the "new" standard.

The C99 standard has been released before the first public Mac OS X and Windows XP. It's older Itanium and the x86-64 instruction set. It predates iPod, Game Cube, first ever Xbox, and Nokia 3310.

Entire platforms lived and died in the meantime, while C programmers still can't be sure if they can rely on the new C99.

kornel,
@kornel@mastodon.social avatar

@cdamian @skolima There's a difference between stability and stagnation. The downside for C is that it's impossible to fix anything in the language, because it will take 20+ years to become the baseline. I suspect C++ mis-evolution has scared C users into don't change anything ever!.
Both C and C++ are outliers. It's possible to be stable without stagnation: Java and C# evolved without jumping the shark. PHP cleaned up a ton of language warts. Go can ship quickly without breaking things.

kornel,
@kornel@mastodon.social avatar

@timthelion I can’t take your “objectively”intensified outcry seriously.
Java has added terser forms for some previous noisy boilerplate. The old syntax still works. It’s never been a terse language, and it has been conservative in its evolution, so “unreadable” is a gross exaggeration, especially that readability is inherently very subjective and dependent on experience.

heydon, to random
@heydon@front-end.social avatar

Currently apoplectic that the Speech Recognition API hears “fuck” and outputs ['f***']. You puritanical Christian dickheads are at it again aren't you?

kornel,
@kornel@mastodon.social avatar

@heydon I’ve had Android dictation transcribe “fax machine” as “f*** machine”.

ekuber, to rust
@ekuber@hachyderm.io avatar

Rust's unexpected super-power is just how flexible it is. It allows you to write very high level looking code on a low level language. That caused people to use it beyond its intended niche. But it is fundamentally a low level programming language. It will continue becoming easier to use (that's my personal goal!) but there are "obvious" changes that would make things easier at the cost of speed or correctness that cannot take.

kornel,
@kornel@mastodon.social avatar

@ekuber It would be interesting to have a "do-whatever-you-want-Rust" for prototyping, that has a GC/ARC, allows global state, aliased mut and other "dirty" things, but with support for gradual typing that tightens the requirements, so that you could gradually refactor code into Rust proper where it needs more performance or bugfixing.

kornel, to random
@kornel@mastodon.social avatar

The https://js-naked-day.org is easy for me: https://lib.rs has no JavaScript. It never had any.

kornel, to Cat
@kornel@mastodon.social avatar

https://youtu.be/lOD3k6oMyUk
#cat #f1

JordiGH, to rust
@JordiGH@mathstodon.xyz avatar

https://doc.rust-lang.org/stable/book/ch10-03-lifetime-syntax.html#lifetime-annotations-in-struct-definitions

So yesterday I was asking in #rust (IRC channel, not a hashtag) and they were all acting like this is the most obvious thing ever. To me, it's not obvious why this example needs a lifetime annotation. Of course a reference in a struct should never point to nothing.

Why does the compiler need a lifetime annotation to make this explicit? Why can't this lifetime annotation be elided? I'd be curious to hear another explanation.

I guess my biggest confusion is that if the Rust language has been slowly eliding some lifetime annotations, why has it kept this one?

kornel,
@kornel@mastodon.social avatar

@JordiGH This is intentionally left as ugly and cumbersome, because it’s a rare niche feature, which you’re not supposed to use in 99% of cases. Rust doesn’t want to make it more convenient to write wrong code.

Noobs too often misunderstand Rust’s references as storing "by reference", which this syntax doesn’t do! It has entirely opposite meaning: it’s a temporary scope-limited loan that forbids storing this data in this struct, and turns the struct into a limited view of some data elsewhere.

kornel,
@kornel@mastodon.social avatar

@JordiGH Both. Structs having temporary references are a special case. If you don’t create such restricted "views" and don’t try to use them across functions, then you also rarely need to write explicit lifetime bounds. Implicit defaults cover almost all typical uses of references. It’s possible to write large Rust programs and not use <'a> even once.

kornel, to rust
@kornel@mastodon.social avatar

I like to minimize the size of binaries I build. Unremovable debugging strings annoyed me, so I've added an option to completely neuter Debug::fmt in #Rustlang

https://github.com/rust-lang/rust/pull/123940

predrag, to rust
@predrag@hachyderm.io avatar

Removing a pub method might NOT be a breaking change!

There are a dozen possible cases, and I recently found one more!

Did you think of the "matching default impl in a trait in a prelude" case? If you use cargo-semver-checks, you don't have to!
https://github.com/obi1kenobi/cargo-semver-checks/issues/727#issuecomment-2054091521

#rust #rustlang #semver

There's a case where this is in practice not actually breaking: if the trait in question is part of a prelude — either a built-in one or a crate's own prelude like e.g. pyo3's: For example, if pyo3 moves an inherent method to a trait in its prelude, we'd like to report that case as a hazard not necessarily as a semver-major change. The former tells maintainers "there's a bit of risk here so at least call this out in your release notes" whereas the latter is overstating our case a bit and could be perceived as crying wolf. It's of course possible (if a bit rare) that an inherent method may shadow an identical trait method in the built-in Rust prelude. This is a bit subtle! You may ask, why might a maintainer add an inherent method instead of using the built-in one? The answer is that the Rust standard library is actively developed too, and it's possible that the inherent method was added before std and the Rust prelude gained their version. E.g. the itertools crate has many candidates that are being considered for inclusion into the Iterator trait which is in the prelude. If a maintainer added an inherent impl for a useful pub helper method for their own iterator type, and later the Iterator trait gained an identical helper, removing that pub helper method is not breaking in practice because the Iterator trait is imported by the prelude.

kornel, (edited )
@kornel@mastodon.social avatar

@predrag (edit: nevermind, misread the code)

kornel,
@kornel@mastodon.social avatar

@predrag oh I see. I misunderstood as removal of trait impl.

kornel, to random
@kornel@mastodon.social avatar

I've set up git commit signing with SSH. It was relatively easy, and did not need any GPG cruft.

https://calebhearth.com/sign-git-with-ssh

kornel,
@kornel@mastodon.social avatar

@brokenix That would ruin both git and SSH for me. To me not using GPG in any shape or form is the goal.

kornel,
@kornel@mastodon.social avatar

@bjfs84 As a protocol it's full of outdated weak cryptography, without a clear path to migrate away from it, so even modern reimplementations bring back the broken algorithms for compatibility. From tooling perspective, gpg is overcomplicated with dangerously bad defaults, and shoddy integrations. Its use in e-mail is hopelessly unfixably terrible. While it could be just used as a key format, that needlessly pulls in all of the complexity and old cruft for the failed features.

kornel,
@kornel@mastodon.social avatar

@bjfs84

https://blog.cryptographyengineering.com/2014/08/13/whats-matter-with-pgp/
https://www.latacora.com/blog/2019/07/16/the-pgp-problem/
https://www.schneier.com/blog/archives/2016/12/giving_up_on_pg.html

chrisg, to rust
@chrisg@fosstodon.org avatar

I spent the whole day chasing a weird benchmark result - I would get twice the performance changing things that seemed unrelated.

It turns out that I hit upon a case where code alignment costs half the performance

(AMD Ryzen 9 3900, Rust 1.79 nightly 04-02)

This code

vector[index];  
vector[0..index].iter().any(|x| *x == needle)

Is twice as fast (according to criterion.rs) as omitting the first line. You'll note the first line does nothing.

#rust #rustlang

kornel,
@kornel@mastodon.social avatar

@chrisg In this specific example there's no difference:

https://rust.godbolt.org/z/aP9bK9GE8

However, [index] in Rust is a different operation than in C or C++. It does perform an operation: checks whether the index is in bounds.

If you have a loop with [i] later, it won't need to repeat bounds checking if the earlier code has already proven it's always in bounds.

if index >= vec.len() { return }

would have worked too, without a potential panic.

kornel, to ai
@kornel@mastodon.social avatar

GPL2 vs GPL3 as a Rap battle (#ai-generated)

https://suno.com/song/16da57d3-b68f-41fd-ad07-4da2b56bdb36/

Yoav, to random

Trying to gather a web developer signal - do y'all care about subresource integrity for dynamic imports?

kornel,
@kornel@mastodon.social avatar

@Yoav I like the concept, but in reality I never had a situation where it'd be useful.

My first-party resources are typically hosted and served the same way, so it doesn't do much: if someone can hack my scripts, they can hack my HTML too.

If I have untrusted third-party resources, they're usually scripts that I don't control (analytics, ads, embeds), which may be upgraded by their owner at any time, so I can't use SRI, because it will backfire.

The use-case of jQuery on a shared CDN is dead.

j3rn, to rust
@j3rn@fosstodon.org avatar

Something that frightens me about is the magnitude of the interdependency of packages. I pulled in a single dependency into my project, and it brought 68 transient dependencies. This doesn't seem to be the exception, in fact, this seems to be the rule. In total, 69 projects that I have to hope remain maintained and non-malicious.

kornel,
@kornel@mastodon.social avatar

@j3rn Keep in mind that these aren't 1:1 equivalents of deps in other languages.

In Rust, often one project will split itself into many tiny packages, but the total amount of code and number of people responsible stays similar.

e.g. adding 1 libcurl pulls in more code from more libraries by more people than pulling in reqwest split into 170 pieces.

Such split would have prevented the recent xz attack, because ssh could use a systemd-notify package rather than link entire systemd monolith.

annika, to random
@annika@xoxo.zone avatar

PHP tip: you can write 0 (zero) as 0_0 for added emotion.

if ($balance == 0_0) {  
 panic();  
}
kornel,
@kornel@mastodon.social avatar

@annika With varying screaming intensity:

0.0 | 0o0 | 0O0

kornel, to random
@kornel@mastodon.social avatar

The MIT license says it needs to be included with the software, but it doesn't say it can't be a song:

https://youtu.be/pGbodliLFVE?t=53

kornel, to random
@kornel@mastodon.social avatar

People are afraid of running unaudited curl | sh, but nobody bats an eye on 24707 lines of obfuscated garbage in ./configure.

#xz

kornel,
@kornel@mastodon.social avatar

@lewiscowles1986 In this particular case I think it will pick up existing vcvars env if there is one.

I mean modern in contrast to autotools still solving 1980's problems.

"modern" in programming languages is kinda relative. Use of UTF-8 is "modern" even though that's from 1990s, but newer than UCS2. "New" Rust features originate from research in '80s and '90s, but look "modern" relative to languages that implement inventions from the late '60s.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • modclub
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • GTA5RPClips
  • tacticalgear
  • normalnudes
  • tester
  • osvaldo12
  • everett
  • cubers
  • ethstaker
  • anitta
  • provamag3
  • Leos
  • cisconetworking
  • lostlight
  • All magazines
    •