> There’s probably more I built that I have already forgotten about.
This is a big gripe of mine at the moment. I rarely have any confidence that I know how the thing works, or what additional things it does / does not do but which I expect.
Recent example: all API endpoints should require a bearer token. Imagine my surprise when half of them didn’t enforce this effectively, 3 days later. A bearer token would work, but also providing no bearer token would also work. Over the course of time, tests were removed / things were modified to get to the goal and say “done, boss!”
I’ll note that for this project, “don’t look at the source code” was a requirement. Things have been corrected before release, but the amount of potential foot guns is so damn high.
> with their demands that the government already knows exactly where they live, where they hang out…
You’d think this, and then you hear about how long it took the FBI to locate aaronsw (rip), who lived life online, and left lots of clues to his general location, but somehow the only place the FBI ever looked was 1,000 miles away? I guess you could say that was 15 years ago, but we had domestic spy programs 15 years ago, too.
So, if I use my SIM card 16 hours a day, 7 days a week, Ill get banned? Doesn’t that seem absurd? The SIM card is enforcing one voice call at a time. If the apartment building has to wait in line to use it, what’s the difference?
If you deployed it in a way that did multiplexing such that multiple users could use it at once, then sure—-Business time. But otherwise…
> So, if I use my SIM card 16 hours a day, 7 days a week, Ill get banned?
Probably not - you'll get billed or hit a FUP
> Doesn’t that seem absurd? The SIM card is enforcing one voice call at a time. If the apartment building has to wait in line to use it, what’s the difference?
The difference is that it is perfectly acceptable to enforce a "no-reselling" or a "no-3rd-party" for services.
I can't think of a single service provider that provides a consumer tier permitting reselling or 3rd-party use.
There have always been attempts at caching non-string values in Tcl for performance gains, but the semantics are the same. The value’s types are whatever the operator requires and an error when not compatible. If, internally, $x is an integer, and you pass it to a string function, well, $x gets temporarily turned into a string. Dynamic with “weak” types.
Well, if you followed the link under the quoted text, you would get the next sentence,
> The new objects make it possible to store information in efficient internal forms and avoid the constant translations to and from strings that occurred with the old interpreter.
Easily the most quoted part of the film, aside from “Hack the planet!!!!” … but also an amazing prediction! All the devices in our pockets are RISC machines. That did change everything.
How does a text representation of an Emacs screen snapshot look any better than a pixel representation of that same screen snapshot? It's much more flexible, more compact, and qualitatively better, since you can change the font size, and it's still crisp, and you can even copy and paste the text.
It makes perfect sense to use compact flexible text instead of a fatter fixed resolution image to screen shot Emacs.
Yes. Except they are attempting to make the claim that protesters are interfering with federal operations, which is a crime. Therefore, they can try to make the claim that they are only investigating potential involvement in a crime, punish you, and file it under a violation of the terms of service for precheck and global entry. IANAL, etc, but this seems to be the strategy.
Any good and honest tansu experience reports out there? Would be nice to understand how “bleeding edge” this actually is, in practice. The idea of a kafka compatible, but trivial to run, system like this is very intriguing!
Kafka is not a straightforward protocol and has a few odd niches. Not to mention that message formats have changed over the years. Even the base product has recently dropped support for some of the oldest API versions. And there are still plenty of clients out there using old versions of librdkafka (he says from experience).
So I'd be interested how (backward-)compatible they are.
I agree that it isn't straight forward! Tansu uses the JSON protocol descriptors from Apache Kafka, generating ~60k LoC of Rust to represent the structures. It then uses a custom Serde encoder/decoder to implement the protocol: original, flexible and tag buffers formats for every API version (e.g., the 18 just in FETCH). It is based off spending the past ~10 years using Kafka, and writing/maintaining an Erlang client (there are no "good" Kafka clients for Erlang!). It also uses a bunch of collected protocol examples, to encode/decode during the tests. Tansu is also a Kafka proxy, which is also used to feed some of those tests.
However, there are definitely cases I am sure where Tansu isn't compatible. For example, Kafka UI (kafbat) reports a strange error when doing a fetch (despite actually showing the fetched data), which I've yet to get to the bottom of.
If you find any compatibility issues, then please raise an issue, and I can take a look.
I've used Redpanda for local development and testing stands. It is super easy to setup in docker, starts really fast and consumes less resources than Java version. Haven't really compared it to anything, but I remember using Java version of Kafka before and it was a resource hog. It is important when you develop on laptop with constrained resources.
to be fair, Kafka now has a GraalVM docker image[0][1] which was made for local dev/testing, and it has caught up fairly well to these alternatives re: memory and startup time
Perhaps I am missing something, but this seems to require a Lemon (LLM)? Is the idea that the Lemon is used to help build an index AOT that can be queried locally, after?
I want to figure out how to build advanced tools, potentially by leveraging Lemons to iterate quickly, that allow us all to rely _less_ on Lemons, but still get 10,20,30x efficiency gains when building software, without needing to battle the ethics of it all.
ChunkHound does it a bit differently, since at true enterprise scale it's very slow and costly to pass all code chunks through an LLM during indexing time. Instead, ChunkHound implements a customized "deep research" algorithm that's been optimized for code exploration so it can answer, on demand, any deep technical question about the indexed codebase. This research agent can be powered by a lower tier LLM (think Haiku, Codex low, etc) that's already included in your subscription.
This is a big gripe of mine at the moment. I rarely have any confidence that I know how the thing works, or what additional things it does / does not do but which I expect.
Recent example: all API endpoints should require a bearer token. Imagine my surprise when half of them didn’t enforce this effectively, 3 days later. A bearer token would work, but also providing no bearer token would also work. Over the course of time, tests were removed / things were modified to get to the goal and say “done, boss!”
I’ll note that for this project, “don’t look at the source code” was a requirement. Things have been corrected before release, but the amount of potential foot guns is so damn high.
reply