Readit NewsIf it was provided, it would significantly trim dependency trees of all the small utility libraries.
Perhaps we need a common community effort to create a “distro” of curated and safe dependencies one can install safely, by analyzing the most popular packages and checking what’s common and small enough to be worth being included/forked.
Joking aside, I don't think there ever really was a lack of initiatives by entities (communities, companies, whatever) to create some sort of standard library (we typically tend to call them frameworks). There's just simply too much diversity, cultures and subcultures within the whole JavaScript sphere to ever get a global consensus on what that "standard" library then should look like. Not to mention the commercial entities with very real stakes in things they might not want to relinquish to some global unity consensus (as it may practically hurt their current bottom line).
Personally, I think that using any service that claim to deliver, for which in the real world I just can't find much supporting evidence and otherwise mostly claims from (direct or indirect) stakeholders (incl. users themselves), feels rather dumb. LinkedIn, and the ecosystem developed around it, has every incentive to be dishonest. In such cases, the burden of evidence that proves otherwise needs to be high. I've not seen that bar ever reached for LinkedIn; not even remotely. At least not where I live.
If my perspective leads to people claiming I'm "denying reality" (heard that a few times), it only suggests me how (practically or emotionally) invested some people apparently must be. To me it still looks and feels mostly like a huge fraud-machine. Nothing particularly new specific to LinkedIn though. Before LinkedIn, I've seen how recruitment and hiring agencies wiggled their way into the employment market, where I grew up in. It did not see it do any good. I'd say it shared plenty of characteristics with cancer.
It may take considerable effort, but I'd recommend doing your own due diligence and find potential employers yourself, to then approach them directly. Still works quite well, even today and without needing questionable middlemen/services.
Just my two cents; mileage may vary.
IMHO, you just compare two different things. Traditional method of installing apps on Windows is packing all dynamic dependencies with it. While on linux dynamic dependencies are shared between apps. So, there is nothing surprising that when you change the dependencies of the app, it stops working.
There are few ways to solve this and your are free to choose:
- distribute the same as on Windows
- link statically
I was involved in replacing Windows systems with Linux + Wine, because (mission-critical industrial) legacy software stopped working. No amount of tweaking could get it to work on modern Windows system. With Wine without a hitch, once all the required DLL files were tracked down.
While Wine may indeed be quite stable and a good solution for running legacy Windows software. I think that any dynamically linked legacy software can cause issues, both on Windows and Linux. Kernel changes may be a problem too. While Windows is often claimed to be backwards compatible, in practice your mileage may vary. Apparently, as my client found out the hard/expensive way.
Especially this:
> where a cadre of (opinionated) people with power get to decide what's right from wrong, based on their beliefs about what might only be a subset of reality (albeit their only/full one at that).
This is always true. There's no arrangement where you can outsource reasoning and decisionmaking (by choice or by coercion) but also not. That's a contradiction.
I'm well aware of that. On itself there isn't a problem with it, in principle at least. Right until it leads to bad decisions being pushed through, and more often in ignorance rather than malice. I personally only have a real problem with it when people or tech ends up harmed or even destroyed, just because of ignorance rather than deliberate arbitrary choices (after consideration, hopefully).
To be clear, I'm not saying that any of that is the case here. But lets just say that browser vendors in general, and Mozilla as of lately in particular, aren't on my "I trust you blindly at making the right decisions" list.
Certificate Transparency [1] is an important technology that improves TLS/HTTPS security, and the name was not invented by Mozilla to my knowledge.
If Firefox were to implement a hypothetical IETF standard called “private caching”, would you also be cynical about Firefox “doing something private at this point in time” without even reading up what the technology in question does?
What if I did (understand)? What if I knew a thing or two about it, even some lesser known details and side-effects? Maybe including a controversy or two, or at least an odd limitation and potential hazard at that. But, you correctly do point out that Firefox isn't to blame for implementing somebody else's "standard". Responsible for any and all consequences? Nonetheless, certainly yes.
Aside from now probably not being the best of times for Firefox, my main (potential) concern still stands. However, it is hardly a Firefox-only one, I'll give it that.
While this no doubt is an overall win, at least for most and in most cases, afaik this isn't completely without problems of its own. I just hope it won't lead to a systemd-like situation, where a cadre of (opinionated) people with power get to decide what's right from wrong, based on their beliefs about what might only be a subset of reality (albeit their only/full one at that).
Not trying to be dismissive here. Just have genuine concerns and reservations. Even if mostly intuitively for now; no concrete ones yet. Maybe it's just a Pavlov-reaction, after reading the name Firefox. Honestly can't tell.
I did contract work for a large international financial institution, known for being "one of the big N" (N<5). Lots of data/backend/db work, in several languages/stacks. Then a new style/naming convention for databases got pushed, by middle/higher management. It included identifiers in both camel-case and pascal-case. It was clearly "designed" by somebody with a programming background in languages that use similar conventions.
I noticed how there would be trouble ahead, because databases have (often implicit) naming conventions of their own. Not without reason. They have been adopted (or "discovered") by more seasoned database engineers, usually first and foremost as for causing the least chance of interoperability issues. Often it is technically possible to deviate from them (your db vendor XYZ might support it), but the trouble typically doesn't emerge on the database level itself. Instead it is tooling and programming languages/frameworks on top of it, where things start to fall apart when deviating from the conventional wisdom of database naming conventions.
That also happened with that client. Turned out that the two major languages/frameworks/stacks they used for all their in-house projects (as well as many external product/services), fell apart on incompatibility with the new styling/naming conventions. All internal issues, with undocumented details (lots of low-level debugging to even find the issues). I already had predicted it beforehand, saw it coming, reported it, but got ignored. Not long after, I was "let go". Maybe because of tightened budgets, maybe because several projects hit a wall (not going anywhere, in large part because of the above mentioned f#-up). I'm sure the person who original caused the situation still got royally paid, bonuses included, regardless.
Anyways, the moral of the story here is this: even if you technically could deviate from well established database naming conventions, you can get yourself in a world of hurt if you do. Also if it appears to resolve naming inconsistencies with programming languages of choice.
https://x.com/godotfoundation/status/1840721449364988300/pho...
https://x.com/godotfoundation/status/1840721449364988300/pho...
1) On Friday, we made a tweet that unexpectedly led to a wave of harassment directed at our staff and community. We unequivocally condemn this abuse.
The volume of negative engagement overwhelmed our moderation efforts. While attempting to protect the Godot community we mistakenly blocked individuals who were not participating in the harassment. The Godot Foundation Board takes full responsibility for these moderation actions.
If you believe you were blocked in error and have not violated our Code of Conduct, please contact us with the form linked below. We are committed to swiftly rectifying any mistakes.
We firmly stand by our mission to keep our community spaces free from hate, discrimination, and other toxic behaviors.
– The Godot Foundation Board
2) On community moderator Xananax
We strongly condemn the harmful language used by Xananax, moderator of an unofficial Godot-related Discord server.
We want to clarify that Xananax is not hired by nor a spokesperson for the Godot Foundation.
As an organization, we have our own official Discord server, moderated together with new volunteers vetted by our team.
– The Godot Foundation
I found their responses to be... insufficient and potentially blind to the amount the debacle affected public perception?
I don't know who are on Godot Foundation's board, but as I've mentioned elsewhere: these people might want to lawyer up. This situation may very well have legal ramification, including for them.
Particularly if this was indeed their (only) response, to the events so far. Their attempt to distance themselves for the actions of Xananax, characterized as unofficial and an individual not sanctioned by them, means little if that person was effectively able to exclude access to Gotdot sources (as I’ve read from several sources) and/or at least a substantial part of its community. If the Godot Foundation made this possible by somehow by giving away the keys to their castle, then that's on them; they can (and will) carry the consequences. Even more so if they had any power to at least “freeze” the situation and somehow failed to do so.
Either way ... the tone, character and message of these two tweets sound pretty clear to me. Sad to see Godot go down this road. I always did see plenty of potential in Godot, albeit in need of a lot of work (of which I even considered actively participating at some point).
After this, I think no serious business could/should risk doing business based on Godot. Not after such a lackluster and “it wasn’t us”-style of response. Personally, that was about as dumb a move they could make; also precisely what I hoped they would not do. Two major rules of any successful sustainable business: all ultimately comes down to relationships of trust, where trust comes on foot and leaves on horseback. Godot could just as well have pointed this proverbial gun to their face instead of the foot.
Addendum:
On another level, not just related to Godot and more to all politically/ideologically driven dramas that have done harm to Open Source in general over the last decade or so: It looks like most of these incidents center around geographical regions/cultures (maybe covert commercial interests too), that apparently deem such incidents acceptable (or even weaponized them). Apparently even believing (or at least acting like) people should just move on, without the damage-causing entities facing substantial/material punishment nor be held accountable for the damage done.
This is not about censorship, political/ideological oppression, or what-not in that “department”. This is about people doing damage, yet typically walking away with near-impunity. Many of which having “freedom of speech” as their only excuse, while their actions clearly go way beyond speech. Also, since when did the right not to never be persecuted for speech became a license for saying anything without any consequences?
Most of the push-back against that kind immunity has time and again been framed as just politically/ideologically-driven responses themselves, even if they were obviously not. Unsurprisingly, mostly by those who use politics/ideology as their weapons of choice. Still, why is such framing even accepted in the first place? Since when is doing harm considered acceptable, no matter what kind of political/ideological excuse it’s packaged in? If that fundamental flaw isn’t fixes, on a cultural level, then many people may eventually see increasingly more Open Source (development) moving towards regions/cultures where playing such games isn't (politically/culturally/legally) tolerated. Not because of politics; simply because of business and even societal needs.
Probably doesn’t sound like a big deal, until a whole geographical region gets cut off. Maybe only because too many abuses kept coming from there: arbitrage mitigation and unfortunate guilty-by-association. No doubt sounds like a wild idea now. Would not count on it staying that way.
Regardless, from the looks of it so far, this Community Manager should probably be placed on forced leave and be stripped of all privileges, pending a thorough investigation. A psychiatric evaluation might also be warranted. Not because of any political ideology, but simply to assess if this person could and should be held accountable, legally and maybe even financially, for the inflicted damage to Godot as a project/product.
So far, it doesn't look good. Many years of hard work (maybe not so much code development but pretty much everything else) may have been irreparably damaged if not evaporated in mere days. Personally, I've been several times in a position where I considered Godot as the basis for application development. In hindsight I am now relieved I did not, for this drama would have turned that into a serious business liability. I can only imagine the (financial) implications for other companies who did pick Godot as a tech to build part of their business upon. While that may be considered collateral and "just the price of doing business", I'd would certainly hold this individual personally responsible for that damage. While a fork may mitigate some of the damage already done, it is not going to fix what went sideways here.
Based on just a cursory observation from what happened here, there is no doubt in my mind that (regardless of motivation or justification) this individual should never wield this much power, ever again. If Godot leadership does not take these actions back (into their own hands), it may find itself held accountable for the results of this situation. They may want to go find an experienced law firm too. I doubt this will be the end of this drama for them. While Open Source licenses may divert/absolve legal liability for technical/functionality/code-quality aspects, the same might not be true for liability as the result of harm-inducing behavior of individual people (like the kind that appears to have happened here).
If nothing else, let this episode be a lesson for doing proper vetting of people in a position of (potential) power. As most serious businesses know all too well, having anyone with opinions on the extremities of any ideological/political spectrum in a position of power, is typically not a bright idea. Though in this case I’d personally argue it’s a lot worse and appears to involve a mentally unhinged individual. Any reasonable person would have considered and reconsidered the implications of the actions so far taken .. and even then still waited for a considerable body of group consensus would have approved these actions before pressing the red button.