Gemini Articles of Interest
A Gemini client* is needed for the following links.
-
C++ Core Guidelines
I end up writing C++ for $DAYJOB every 2-3 years, and it looks like I'll be doing so again soon. Every time I return to the language I look to see what has changed, and this time it's the turn of the Core Guidelines (a surprisingly impressive coding standard). Aside from my opinion on the current state of the C++ language, I find its evolution over the decades fascinating. Idiomatic C++ now is a totally different language to what it used to be. Unfortunately, the old idioms still compile so people use them, but that doesn't need to be the case any more.
A while ago, I studied the SaferCPlusPlus library. It was very impressive, but there's always some risk in adopting a 3rd-party library (i.e. you may end up responsible for maintenance yourself). Since I looked last, the Core Guidelines checkers and support library has made enough progress to be useful. I suspect this may only guard against 80% of the memory safety bugs SaferCPlusPlus would, but on the other hand you're much closer to the mainstream.
-
Native Applications over Gemini
Lately I've been pondering the idea of native applications (GUI, TUI, platform irrelevant) over Gemini. They could look and feel identically to a native application, only the backend would be accessed over gemini:// instead of http://. Gemini can serve any file type, so the responses could have a MIME type of application/json or application/xml, etc. This would allow for more customized applications than simply dynamic text/gemini via a browser, with all the benefits of Gemini. The downside would be less room for user input, because of the limit on Gemini URL lengths, but that could be mitigated with the Titan protocol.
-
NixOS Bento: now able to compare local and remote NixOS version
Project update: the report is now able to compare if the remote server is using the NixOS version we built locally. This is possible as NixOS builds are reproducible, I get the same result on the server and the remote system.
The tool is getting in a better shape, the code received extra checks in a lot of place.
-
NixOS Bento: new reporting feature
Bento received a new feature, it is now able to report if the remote hosts are up-to-date, how much time passed since their last update, and if they are not up-to-date, how long passed since the configuration change.
As Bento is using SFTP, it's possible to deposit information on the central server, I'm currently using log files from the builds, and compare this date to the date of the configuration.
This will be very useful to track deployments across the fleet. I plan to also check the version expected for a host and make them report their version after an update, this should possible for flakes system at least.
-
What is it the Free Software Foundation *does*, exactly?
The open source and free software movements undoubtedly stem from the philosophy and practices of the Free Software Foundation. The FSF champions the use of such code, and has written a handful of licenses in its over 35 years in operation to ensure the continued proliferation of code that is free to receive, examine, operate, extend, and share.
There are few issues more central to the FSF’s mission than the log4j debacle. In yet another case among countless others, code released for free, by a handful of unpaid maintainers, has been spread across the entire world, literally. "Apple, Microsoft, Steam, Twitter, Baidu, and Cloudflare" are only a small (but critically important and valuable) handful of companies that rely on this code, according to TNW’s Ivan Mehta[1]. These companies, some of the most massive engineering organizations in the world, have built their software on top of a project maintained by a handful of people in their spare time, and now that the vulnerability has been revealed, those handful of maintainers have spent nearly all their time patching and testing security fixes while the whole Internet breathes down their necks.
[...]
It is long past time for the software development community to take a step back and try and figure out how the hell we got to this point. The FSF has been an integral part in ensuring that programmers don’t get paid for their work, and if they *aren’t* responsible for that, then I honestly can’t point to anything they *have* done, and their vaunted position in the software community—and the philosophy that has nurtured the climate we live in today as programmers and users—needs critical re-examination.
* Gemini links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.