Profile cover photo
Profile photo
Lex Spoon
Software engineer at Square
Software engineer at Square

Lex's interests
View all
Lex's posts

Post has attachment
If there's any place you should be using 2FA, it's on your email. Email is not just valuable by itself, but also frequently used as part of resetting passwords for all of your other Internet accounts.

Post has attachment
It reminds me of public health efforts. In the same way that major restaurants are more extra careful to keep their sites healthy, major Internet services do try and protect their users from having their accounts hacked. In both cases, though, it only goes so far. Individuals still need to protect themselves to a degree.

Wash your hands, everyone, and use two-factor authentication.

Post has attachment
+1. As can be seen in the comments, it's hard to think of a language nowadays that doesn't have multi-line string literals.

Post has attachment

Post has attachment
Supporting C in a build system
In a previous post, I showed that the standard build rules for C code are unreliable . Let me describe two ways to do better. In the interest of brevity, I will describe the build rules using a toy build engine called Blcache (short for "build cache"). I in...

Post has attachment
Standard build rules for C are unreliable
The standard way of integrating C into a build system is to use automatic dependencies generated from the compiler . Gcc and Clang can emit a list of the header files they read if you run them with the -M option. Visual Studio can do it as well, using the /...

Post has attachment
I used to say this, and I even started converting machines over. Nowadays I'm not so sure.

As Brad says, the sysadmin costs are not just heavy, but error-prone. There's a new risk factor that you will lose data by botching a command somewhere.

Moreover, some of the best ways to improve the sysadmin costs involve making the system no longer be explicitly RAIDed. In particular, you get most of the advantage if you have a RAID inside the drive package, rather than having five separate drive packages that are all independently plugged in. To the extent higher reliability drives become important, I would think the place to start is by buying higher quality drives that have internal redundancy of various kinds.

An additional complication is that you only benefit from the error recovery if you have procedures in place to notice the failure and do something about it. Both the noticing, and the doing something about it, are something a lot of people are not going to bother with in a lot of contexts.

The main issue, though, is that in most cases, drive failure isn't even the biggest source of risk for data loss. It's much more likely that you will issue a stray delete command than that your SSD will fail at the wrong time! To defend against this more likely case, you end up wanting some sort of distributed backup system, such as Gmail for your email, or GitHub for your source code. Once you do that, though, you already have such a good data protection system that you no longer gain much benefit by RAIDing your local storage.

On the flip side, RAID remains excellent for performance. If you want to make your Witcher 3 levels load faster, then RAID could help you.

Post has attachment
Aside from the immediate problem of long paths being discussed here, it's not good for a module system to mix multiple versions of the same module. Instead of trying to do fancy deduplication to reduce the number of versions of each module that exist, I would be tempted to go cold turkey and say that in the next version of NPM, you get one and only one version of each module.

Post has attachment
Two little things I wish Java would add
When geeking out about language design, it's tempting to focus on the things that require learning something new to even understand how it works. SAM types require understanding target typing, and type members require understanding path-dependent types. Fun...

Post has attachment
This will be nice for Semmle if it works as advertized. Aside from the general benefits of compatibility (we can design for Linux and then port), Bash in particular is just a reasonable scripting language. Cmd.exe is not.
Wait while more posts are being loaded