July 07, 2020
On 7/7/20 8:52 AM, Adam D. Ruppe wrote:
> On Tuesday, 7 July 2020 at 07:49:02 UTC, Walter Bright wrote:
>> Businesses will not want to commit to a balkanized project.
> 
> It's been ages since I worked on a software project for a business that didn't have many random third (and fourth and fifth and sixth and seventh.....) party dependencies. Trying to remove or avoid them would universally encounter pushback from management. "Don't reinvent the wheel" they say.
> 
> It is really absurd.

+1

To any customer who is shy to include 3rd party dependencies, isn't using DMD a 3rd party dependency?

> 
> 
> But anyway this whole debate is moot because if you like the code, you can simply copy/paste it (with attribution as required by Boost copyright of course) into your own files. You keep full control and get all the benefits of using it.

Doing that these days would be silly. You can depend on a specific version of a repository without problems. Git even allows you to add a dependency on another git project, and freeze it at that version.

-Steve
July 07, 2020
On Tuesday, 7 July 2020 at 12:52:35 UTC, Adam D. Ruppe wrote:
> On Tuesday, 7 July 2020 at 07:49:02 UTC, Walter Bright wrote:
>> Businesses will not want to commit to a balkanized project.
>
> It's been ages since I worked on a software project for a business that didn't have many random third (and fourth and fifth and sixth and seventh.....) party dependencies. Trying to remove or avoid them would universally encounter pushback from management. "Don't reinvent the wheel" they say.
>
> It is really absurd.
>
>
> But anyway this whole debate is moot because if you like the code, you can simply copy/paste it (with attribution as required by Boost copyright of course) into your own files. You keep full control and get all the benefits of using it.

This would be good advertising for DFL, haha.
July 07, 2020
On Tuesday, 7 July 2020 at 13:00:04 UTC, Steven Schveighoffer wrote:
> Doing that these days would be silly. You can depend on a specific version of a repository without problems.

I always have problems when trying to do that. git submodules bring pretty consistent pain in my experience.

But it probably isn't so bad if the submodule rarely changes.

Just for 100% control anyway nothing beats copy/paste. Then there's zero difference between you writing it yourself.

I kinda wish the D upstream were more willing to do that. My view is it shouldn't be on independent developers to add stuff to Phobos, for example, instead the Phobos team should just be copying and testing modules they are interested in on their own.
July 07, 2020
On Tuesday, 7 July 2020 at 13:01:10 UTC, 9il wrote:
> This would be good advertising for DFL, haha.

I don't know what you mean...
July 07, 2020
On Tuesday, 7 July 2020 at 12:04:43 UTC, Steven Schveighoffer wrote:
> Guys, this is all open source, all licensed identically. There are ways to solve this. Practically speaking, just because DMD depends on Mir, doesn't mean that Mir has control over how the dependency works. DMD can depend on a specific version of Mir, upgraded when reasonable (i.e. it should take a PR change to DMD for upgrading which code exactly is depended on) and if something changes in the future, you can fork it, or move back to using libc. This way, the code is only maintained in one place unless something catastrophic happens.

Well, for avoidance of doubt, I'm not personally opposed per se to the use of 3rd party libs in DMD or druntime/phobos.  It just struck me as important that everyone understands clearly each other's concerns.

What I think provoked concern was not the idea of using mir-algorithm as a 3rd party lib, but this alternative suggestion:

> The second solution is to move `mir.bignum` and `mir.parse` to
> DRuntime/Phobos. In this case, I would like to preserve the `mir.`
> namespace and the same authority and veto right for this part of
> the codebase as I have at Mir Org.

... where what's being asked is a rather stronger commitment, and not really workable: if the code's going to live in D foundation repos then any maintainer or veto rights are going to be provisional.  It's just not reasonable for the maintainer of 2 stdlib modules to be able to unilaterally veto changes, or force breaking change.

There's no reason per se why 3rd party libs can't be used under the hood to provide implementations, but druntime and phobos maintainers need to be able to make their own API guarantees.
July 07, 2020
On 7/7/20 11:08 AM, Adam D. Ruppe wrote:
> On Tuesday, 7 July 2020 at 13:00:04 UTC, Steven Schveighoffer wrote:
>> Doing that these days would be silly. You can depend on a specific version of a repository without problems.
> 
> I always have problems when trying to do that. git submodules bring pretty consistent pain in my experience.
> 
> But it probably isn't so bad if the submodule rarely changes.

It's cumbersome in my experience, I do it on some iOS projects that I have.

But as long as you don't touch ANY FILES inside the cloned submodule, and just use git to update it (i.e. git checkout v1.x when upgrading), you are just versioning which commit your code depends on.

Xcode makes this difficult because it tries to write some temporary files inside the submodule, and I have to clear those out before upgrading.

But that problem shouldn't exist here. Like all things git, it's hard until you figure it out, and then it becomes easy.

> 
> Just for 100% control anyway nothing beats copy/paste. Then there's zero difference between you writing it yourself.
> 
> I kinda wish the D upstream were more willing to do that. My view is it shouldn't be on independent developers to add stuff to Phobos, for example, instead the Phobos team should just be copying and testing modules they are interested in on their own.

The problem here is that you are maintaining a separate copy. There is always the chance that you don't copy it right (e.g. you copy a local checkout that has some test changes you made, or you copy the wrong version). Imagine how fun the reviews will be when you have to check that all the cumulative changes from 1.0 to 1.5 match what the source repository has.

We have computers and software to do source control for a reason.

-Steve
July 07, 2020
On Tuesday, 7 July 2020 at 15:08:33 UTC, Adam D. Ruppe wrote:
> On Tuesday, 7 July 2020 at 13:00:04 UTC, Steven Schveighoffer wrote:
>> Doing that these days would be silly. You can depend on a specific version of a repository without problems.
>
> I always have problems when trying to do that. git submodules bring pretty consistent pain in my experience.
>
> But it probably isn't so bad if the submodule rarely changes.
>
> Just for 100% control anyway nothing beats copy/paste. Then there's zero difference between you writing it yourself.
>
> I kinda wish the D upstream were more willing to do that. My view is it shouldn't be on independent developers to add stuff to Phobos, for example, instead the Phobos team should just be copying and testing modules they are interested in on their own.

git subtree

it's like submodules but also like copy-paste.
July 07, 2020
On Saturday, 4 July 2020 at 20:35:48 UTC, Walter Bright wrote:
> On 6/21/2020 8:24 AM, 9il wrote:
>> So excited to finally announce we can correctly parse floating-point numbers according to IEEE round half-to-even (bankers) rule like in C/C++, Rust, and others.
>
> Great work! Would you like to add it to dmd?

AFAIU, the 'problem' is that *all* floating-point literals are parsed as real_t values, which for DMD is x87 real (usually using the host C runtime's `strtold`). When emitting them as double or float literals, the compiler converts these values to a lower precision, where the increased intermediate precision might break the 'banker's rule'.

So wouldn't the trivial 'fix' be using `strtod` for double literals and `strtof` for floats? [For LDC, we wouldn't rely on the host C runtime or a mir implementation, but use LLVM facilities anyway.]
July 07, 2020
On Tue, Jul 07, 2020 at 03:08:33PM +0000, Adam D. Ruppe via Digitalmars-d-announce wrote:
> On Tuesday, 7 July 2020 at 13:00:04 UTC, Steven Schveighoffer wrote:
> > Doing that these days would be silly. You can depend on a specific version of a repository without problems.
> 
> I always have problems when trying to do that. git submodules bring pretty consistent pain in my experience.

git submodules serves a very specific niche; using it for anything outside of that most definitely brings in gigantic pain.

That very specific niche is this: there's an external repository R that contains code you'd like to use, BUT that you'll never edit (unless you wish to push it back upstream).  You check it out in some subdirectory of your source tree, say ./someRepo/*, and add it as a submodule. This adds the SHA hash of the exact revision of the code in .gitmodules, meaning that you depend on that exact version of R.  Occasionally, you want to update R to some (presumably newer) version, so you do a `git submodule foreach git pull ...` to pull the revision you want. This updates .gitmodules to point to the new revision.

What you do *not* want to do is to edit the contents of the submodule, because that will start creating diverging branches in the submodule, which generally leads to a gigantic mess, like when somebody checks out your code and tries to fetch submodules, they may not find the revision being referred to (you haven't pushed the commits upstream, upstream rejected it, etc).

Basically, git submodules let you refer to a specific commit in a specific repo.  Don't expect it to do anything else for you, including housekeeping that you *thought* it ought to do.

I've used git submodules quite happily for my own projects, where I want to pull in code from another project but don't want to have to worry about version compatibility and all of that dependency hell. Basically you update a submodule to a new revision when and only when *you* initiate it, and don't commit the submodule update until you've verified that the new revision didn't break your code.  The submodule SHA ensures that you'll get the exact version of the submodule that you last checked in, not some random new version or some corrupted/edited version that some unreliable network source have given you instead.


> But it probably isn't so bad if the submodule rarely changes.

Yeah, you do *not* want to use submodules if you're interested in keeping up with the latest bleeding edge from upstream.  Well I mean you *can*, but just don't expect it to automate anything for you. The onus is upon you to test everything with the new revision before committing it.

Oh, and another point: it's *probably* a good idea to git clone (i.e. fork in github parlance) the submodule into a local copy, so that if the network source vanishes into the ether, you aren't left with uncompilable code.  Don't laugh, the way modern software development is going, I will be SO not surprised when one day some obscure project that everyone implicitly depends on suddenly vanishes into the ether and the rest of the world collapses because everybody and his neighbour's dog blindly assumed that "if it's on the network, it'll be there forever".


> Just for 100% control anyway nothing beats copy/paste. Then there's zero difference between you writing it yourself.

I highly recommend this approach when your dependency is small. Or if you want to ensure no external dependencies.  There have been far, FAR too many times IME in the past few years where I encountered a project that was no longer compilable because one or more dependencies have vanished into the ether.  Or the code no longer compiles with the dependency because the latest version of said dependency has migrated to a brand new codebase, and the old revision that the project depended on is not compatible with the new version.  Or said project itself has moved on and happily broke functionality I depended on.

These days, my policy is: download the danged source code for the specific version of the specific project I'm depending on, AND download the danged source code of the danged dependencies of that project, etc., and keep a local copy of the whole recursive dependency tree so that I can ensure I can always build that specific version of that specific project with that specific functionality that I'm using.  Trying to keep up with projects that gratuitously break stuff, or abandoned projects whose dependencies are no longer compatible with it, etc., is a hell I wish to have no part in.  I've lost faith in the emperor's code reuse clothes; copy-n-paste is what gives the real guarantees.

And I'm not alone in this -- I've noticed that quite a few open source projects are distributing a copy of the sources of the librar{y,ies} they depend on in their own source tree as a fallback, in case the target system's version of that library doesn't exist, or is hard to find, or is somehow incompatible with the version they're expecting to use.


> I kinda wish the D upstream were more willing to do that. My view is it shouldn't be on independent developers to add stuff to Phobos, for example, instead the Phobos team should just be copying and testing modules they are interested in on their own.

+1, this guarantees Phobos doesn't (directly) have dependencies outside of itself.  As a standard library, that's a no-no (cf. the repeated problems we had over the years with libcurl, zlib, etc.). Just keep a copy of the source code in some dedicated subdirectory that can be easily replaced when we need to upgrade to a new version -- that's what open source is for!!!


T

-- 
People tell me I'm stubborn, but I refuse to accept it!
July 07, 2020
On 7/7/20 1:37 PM, H. S. Teoh wrote:
> cf. the repeated
> problems we had over the years with libcurl, zlib, etc.

zlib is actually included copy-paste style in Phobos [1]. So it's interesting that you cite it as an example of causing problems because we don't include a copy of it.

-Steve

[1] https://github.com/dlang/phobos/tree/ea070e9a5c168de2e8460413e44bff1d406ff5c3/etc/c/zlib
1 2 3 4 5 6