This reasoning obscures the huge overhead of creating a distinct "version 2" next year. I can do a much better job on the software if I don't have to spend 70% of my time marketing the next version or sectioning off this or that feature for commercial reasons.
But I take your point, I don't love subscription software either, but most of my current users are pretty comfortable with these so it's good for now while I'm working alone. And my hosting / API access fees are not _zero_ so there is a vague justification there too.
The answer I got with the prompt "You are a git expert. How do I search for a string in dangling commits?"
Was:
Dangling commits in Git are often referred to as commits that are no longer reachable from any branch, tag, or the HEAD. These commits usually occur when you create a commit and then move the branch pointer away from it without creating a new branch or tag. They can also occur during rebases or other history rewriting operations.
Git has a garbage collector (`git gc`) that will periodically clean up these dangling commits, but until that happens, they're still in your repository and can be examined.
Unfortunately, Git doesn't provide a direct command to search for a string in dangling commits. However, you can find these commits using the `git fsck` command, which checks the filesystem for errors and dangling commits.
Here is a way to do it manually:
1. List all the dangling commits using `git fsck --lost-found`. This will print out all the dangling commits and store them in `.git/lost-found/commit/`.
2. For each dangling commit, you can search for a specific string using `git log -p <commit-id>` or `git show <commit-id>` and then pipe the output to `grep`.
Here's an example of what this might look like in a script:
mkdir -p .git/lost-found
git fsck --lost-found
for commit in $(ls .git/lost-found/commit/); do
git show $commit | grep -q "your string here" && echo "Found in commit $commit"
done
This script will print the IDs of any dangling commits that contain the string "your string here".
Remember to replace "your string here" with the string you are searching for.
*NOTE*: This operation could be time-consuming if you have a lot of dangling commits or a large repository. Also, this approach might not work if the garbage collector has already cleaned up the commits. Make sure to be careful when manipulating Git's internals like this, as it could potentially corrupt your repository if done incorrectly.
I've gotten the impression that clustered Postgres still isn't very straightforward to run. Do you mind elaborating on your ideal setup and point to some resources?
It's not straightforward at all but it's better than it was five years ago ... you can use something more "meta" like SymmetricDS (https://www.symmetricds.org/). I haven't used it personally but a dirt simple way to get an HA, scalable PostgreSQL instance would be to use Amazon's Aurora DB.
Depending on donations is almost always tenuous, especially if it's not anchored by big donors (and, often, even then).
There's even a school of thought that the existence of things like Patreon for funding open source development is actively harmful insofar as it can create the illusion that it's a viable funding mechanism for sustainable open source development when it really isn't.
As Vitalik and other people doing social-coordination research keep arguing - it's a matter of coordination and not of anybody being greedy. The feeling that your little donation means little is what keeps the whole swarm of users from donating.
From the sibling comments, it seems like you're just referring to his history of abrasive social interactions on bug tickets. Granted it is strikingly abrasive, but that really isn't a good reason to forego donating. At the very least don't actively convince others not to donate.
When you interact with customer service as a paying customer you get to expect courtesy. Some people seem to expect obsequiousness but I digress.
By what chain of reasoning do you derive the existence of the moral obligation to users who have paid exactly nothing let alone the obligation to consider what the broader world thinks of open source developers. It's pretty clear Kovid is a bit of an asshole and sometimes outspokenly incorrect but what right do we have to demand different? Usually such an obligation is transactional. Even if unspoken and devoid of monetary context there is some broader context SOMETHING of value is gained or lost.
So far as I can see the only thing we give Kovid is attention which is cheap and he gives us work which is dear. If you don't agree that the present transaction of putting up with the existence of opinionated posts which you don't have to read for a useful piece of software you don't actually have to use it.
It would even be useful for you to expand on why you think its insecure because that may inform users who can then see to their own interests better for having the benefit of your counsel but don't bore us with talk of his moral obligation unless you can't substantiate such.
The spoiler alert is that you cannot because you have confused the right to control the mores of a particular community with the right to impose those on non-members.
I don't think being a paying customer changes much here either unless there's some sort of explicit customer support package in the deal, especially when we're just talking about donors.
I once made the mistake of accepting donations for a forum I run and learned how people will expect the world from you, like 1:1 customer support whenever they need it, just because they once gave me $5.
Eventually all the "this is outrageous, I am a paying customer!" made me refund everyone and I never accepted donations again.
That is kinda the point of being an open source project, though, isn't it? The lead dev says, "It's going to be way too difficult for me to convert this codebase to Python 3, I don't want to do it." A group of volunteers then decide to undertake the effort themselves because they wish to ensure the project's continued viability for the future. AFAIK, he hasn't nixed the idea completely if others are handling the legwork.
You might want to add some specifics and references to back up such a statement. Otherwise it very much looks like a fairly cheap character attack to an outsider such as myself.
Where's the controversy? A maintainer and a contributor disagreeing about a bug report, and it gets a bit heated. Nothing important to see there, and nothing we haven't seen a thousand times in public bug trackers.
The submitter was pretty civil for the most part, and Kovid ended with:
> Something answering posts from fools like you over the years should have taught me a long time ago.
And submitter is correct - he does this often. I recall a security bug that he refused to fix as fixing it would break some convenient feature. That one got really heated, and only when distributions declared they will stop carrying calibre in their package management system did he cave in and fix it.
Nevertheless, I don't see these as obvious reasons not to support him in Patreon.
I stumbled into that git issue and couldn't stop reading. He was immediately dismissive of the security suggestion, even when that person had gone out of their way to provide verifiable examples of the vulnerability. I ended up not installing the software.
You mean you didn't install Calibre because of a bug report where the author allegedly misbehaved? That's odd. A lot of open source software is riddled with ego and personality clashes, and because they play out in public forums, mailing lists and bug trackers for everyone to see, these flamewars tend to be very visible (also see: Linus Torvalds' outbursts). Do you also not use these programs?
Did you need Calibre in the first place? If so, what did you end up using instead?
There are many other such instances in which the lead dev immediately responds to bug reports with 'works on my machine' without even asking for details to reproduce the bug. Any further words from the bug reporter are met with sarcasm or words worse than I would term "a bit heated".
How much, exactly, are any of these people reporting bugs paying for this software?
You use open source software that is made by one guy and offered to the world for free, you kind of have to deal with the possibility that that guy has better things to do than fuss over every bug report.
I have no way of knowing how much these people paid, if anything, to the dev's Patreon or Liberapay or Donate to PayPal. What they did do was spend their time reporting serious issues for zero payment. Bugs are important to fix, some bugs can be critically important to fix. If the dev chooses to fix these bugs, it is the dev that will receive all credit for doing so. The person who made the effort (albeit minor in comparison) of reporting the issue will not be credited or acknowledged in any way.
Also, I think a vulnerability that allows unprivileged users to gain root on a system on which Calibre is installed is worth fussing over.
I would argue its always better if people form their own opinions, so I just suggested that people should look it up themselves and come to their own conclusions.
The book Range: Why Generalists Triumph in a Specialized World
by David Epstein https://www.goodreads.com/book/show/41795733-range argues a lot for this as well, and goes on to discuss numerous examples where generalists have made the breakthroughs and/or excelled in some way, due to synergy, overlap and inspiration.
There was a previous Swedish tunnel project that had a number of incidents, among others groundwater pollution caused by a new sealing compound that contained acrylamid
