@akoizumi@social.kyoko-project.wer.ee I can relate.

@prologic I thought we were punctuating our posts with the names of programming languages, since you said “Go!”

PHP!

@prologic I agree. Lua!

I finally got my stats script into a usable state.

@prologic Here, I’ll paraphrase the README for you.

a modern decentralized semantic web built atop self-sovereign identity

more information chatternet.github.io [Editor’s note: 404]


• Open
  
• Decentralized
  
• Self-moderating
  

a web of self-signed semantic documents.

Activity Pub protocol federated platforms Mastodon

self-signed data model

• No de-platforming
  
• No platform lock-in
  
• No spam from arbitrary users
  

a semantic, self-describing JSON data format

public-private key pair cryptography

does not rely on a specific network stack or protocol

wget | bash

npm install

Typescript

Buzzwords of the Day:

@abucci@anthony.buc.ci Wow, that’s really cool. How is the actual data stored?

Happy Thanksgiving!

@eaplmx

Now I can’t play either CDs or LPs since I don’t have a player.

Sure, but you still own that music. You can buy a player at any time and play them. You can take them to a friend’s house and play them there. You can even rip all your albums to digital files and copy them to your flash modded iPod.

In terms of durability, both CDs (pressed, not burned) and LPs will last a long time if you take care of them.

Youtube, Spotify, and Amazon offer convenience, but that convenience comes at the cost of your freedom. You are not permitted to do what you want with the content you paid for. You must also understand that you will lose access to that content at some time, occasionally without warning, and that time may be closer than you think.

The best of both worlds are DRM-free marketplaces like Qobuz, Gogs, and HDtracks.

@darch@neotxt.dk @abucci@anthony.buc.ci https://xkcd.com/2365/

@prologic

are there other examples?

Python, Ruby, Perl, Rust. Sometimes even Go. There’s a little bit of this in every language with an official package manager. I’d say Python and NodeJS are the worst offenders, though.

I feel like I pick on NodeJS / NPM too much

I don’t think we pick on NodeJS/NPM enough.

@prologic

“dependency hell” comes from this “exponential dependency tree” that we inevitably see in ecosystems like NodeJS / NPM

Yes, and these “ecosystems” try to put a band-aid on it by allowing packages to specify which version of a package they need. All that means is you get 7 different versions of the same package bloating up your node_modules folder and 6 critical vulnerabilities from one package.

Then, it’s impossible to keep track of all 1200 of your dependencies and sub-dependencies, so you get a robot to do it for you: Dependabot. What happens when Dependabot dies? Absolute chaos.

NodeJS library authors could just write better libraries and avoid breaking changes every update, and NodeJS software developers in general could fix their programs when they break, but they don’t. It’s on the “ecosystem” to solve for this, and it inevitably does a terrible job.

@eaplmx There can’t be a concrete rule for this sort of thing. I’m generally in favor of reinventing the wheel to certain extent, but using a library can be very useful if you want to focus on the end result.

When your 5 dependencies each have 5 dependencies of their own, then you have a problem.

@prologic All I know is, this problem is much less prevalent in languages without official package managers, like C or Lua.

@lyse@lyse.isobeef.org Ah, it’s always something. I’m glad I used a tag URI for the identifier. :)

Oh wait, it does. There just isn’t one for 520 yet.

@justamoment I wish https://http.cat/ included nonstandard status codes.

@prologic@twtxt.net Yes. It’s some sketchy custodial cryptocurrency wallet/gambling/crypto theft platform.

@markwylde No, it doesn’t have to be this way, but it is (almost) always this way. When a programming language makes it too easy to manage dependencies, you inevitably get microdependencies. It doesn’t help that many people learn JavaScript or Python as their first language.

@support@twtxt.net @prologic@twtxt.net Robot detected

@prologic This is why I contain all node.js activities in an Alpine Linux chroot that I can nuke when I’m done.

@ocdtrekkie Agreed. I still think it should be on Spyware Watchdog.

@akoizumi@social.kyoko-project.wer.ee It’s also proprietary.

@axodys@octobloc.xyz, when you get access, do you think you could share what sorts of unsolicited network requests it makes?

@eaplmx A leaf fell in Australia so @prologic’s Internet connection died for a few minutes.

Ladybird’s Current Progress on Yarn.social: https://mckinley.cc/notes/20221119-ladybird-yarn.html