I believe that excellent communication can be had without engineers swearing at each other, and I don’t think there are is any good rationale that warrants such behavior. You believe that there is a time and purpose for the style of conversation that Linus portrayed, and it is warranted and effective behavior.
I’m going to agree to disagree from here. Thanks for the conversation.
I kindly disagree with most of what you said. Linus is brilliant, and I appreciate his contributions not just to technology and freedom but also to society. However, this does not pardon the hardships he has also brought upon others.
It’s important to be honest in code reviews, but his language, while also honest, goes far and beyond that. We’re doing ourselves a disservice defending this behavior as if it’s a standard of communication quality that people should strive for, or learn how to behave like.
Please defend these statements for me. I’m having a hard time understanding how this is language we should strive for in a code review, even with your explanation.
A package typically includes the program and its data inside the package. It’s not just an install script. Imagine if Chrome’s MSI installer was simply a wrapper that also downloaded the browser. Imagine if there was a vulnerability with this, and it downloaded and installed something else. Since the package didn’t include the program files, it wouldn’t be able to tell if they were genuine. It only fetched the MSI, which was a download that initially passed the expected checksum (if it even does that).
Additionally, file lists help ensure that programs and packages don’t conflict with one another. What if you wanted Chromium and Chrome at the same time. Can you do that? Simply wrapping an MSI doesn’t guarantee that. Perhaps there are conditionals in an installer that includes a vendored library under some circumstances, which would make them conflict.
What about package removals? Some programs leave a bunch of junk behind in their uninstaller. Typically, since packages very often contain their own files, they simply delete their files when they’re being upgraded or removed. If a package manager puts full trust in an MSI to always be exactly correct, then it loses complete control over correctly managing file removals.
I could go on and on, with more examples, but “run this binary installer” is the Wild West of putting software on your system. This is mostly the status quo on Windows, but this is a very poor standard. Other operating systems have solved this problem with proper packaging for decades.
When building a package from sources, it makes sense to wrap installers, but then you produce a package that is typically distributed by a mirror. These packages would then by downloaded by you, and contain the source of truth that is trusted to be what it is and that it’ll do what it’s supposed to do without any doubts to consistency and security.
Maybe you want to migrate a PostgreSQL database to a newer version without starting PostgreSQL server.
Maybe you installed OpenSSH but don’t want sshd to run yet, because you haven’t hardened the configs.
Maybe you installed Nginx as a part of a migration from Apache httpd, but httpd is already running.
In addition, Arch hardly configures your system in a custom way, too. When you install a package, most of the time, it responds with “here are the files from the developer that you asked for.”
If you don’t like this philosophy, then your feelings are perfectly valid, and this is a textbook example of why different distributions exist 👍
They’re certainly not in the business of losing money on purpose. But I think I’m the terms of arguing this point for the sake of it, they’re trying to gloss over something shitty.
Linus does not fuck around (lemmy.one)
An oldie, but a goodie
JPEG (lemmy.world)
https://www.smbc-comics.com/comics/167225794620221228after.png
It's (usually) already installed (lemmy.ml)
Based KDE 🗿 (lemmy.ml)
Enabling Bluetooth on Arch Linux (itsfoss.com)
deleted_by_author
Lemmy, recommend me a good budget Android phone please
I need one for general purposes only, NOT for gaming, so I don’t really care about gaming-related features....
When you need to disable ads and give access to the microphone (lemmy.world)