ISO

Not as perfect as the people objecting to a factual statement.

They must be answering Bjarne's call to defend the honor of C++ against evil enemies 😛

A reminder that Bjarne doesn't actually code. He is a bureaucrat.

LPE is in the title. And you sound like someone who doesn't know what that stands for.

This also comes with a good public write-up on github (not some monetized fancy domain), with an explanation why it went public early, which wasn't their fault.

There is a lot of intelligence insulting going on in the security theater industry, which is something I talked about here more than once, despite not being exactly a prolific commentator. But unfortunately for you, this particular case is one of the least offensive.

People really can't help themselves without indulging in some false dichotomying, with some historical revisionism seasoning on top.

You can have your project with PRs and issues enabled, but without any "community" bureaucracy or Code of Conducts or performative AI policies or whatever.

And guess what? That's how most projects operated for the longest time, and that's what many of them still do. And people didn't go straight from ftp servers to CoCs anyway (that's the revisionist part).

And this faux open-source pompous attitude, not uncommon in the microblogtard sphere, is as foreign to hardcore open-source attitude, as the dimwitted anti-meritocratic wave we had in the last decade.

Refuting the genetic fallacy with appeal to authority is equally fallacious.

And there are plenty of inept and unintelligent people in the C++ scene anyway. Ironically, someone active (or used to be) in committees even thought ChatGPT surpassed human intelligence years ago, and started to "contribute" on that basis (and more ironically, that wasn't the semi-scandal that caught him out).

The genetic fallacy is fallacious on its own. Always. There is no further proof needed to point to it being contextually applicable. And in your case, that attempted proof was unhelpful and in itself fallacious.

There is no substitute for the static analyzer within the compiler informed by the type system. Near-zero bugs require provable static analysis that guarantees preventing a certain bug class, i.e. (safe) Rust for the bug classes it guarantees preventing. Hopefully, future languages with even better type systems will help with even more bug classes, or incrementally improves on what Rust currently has to offer.

C code simply doesn't have enough info for an external tool to push bugs down to near-zero count. This is also exactly the point of struggle that lead to complete failure in delivering guaranteed safety to C++.

There has been murmurings, mainly from non-technical people, about how "AI" will render advancements in safer type systems nearly useless, because the magic ^(mushroom)^ AI will just find all the issues in code written in older languages. What they don't realize is that the effect will be reversed. Many established projects that come with a high reputation, and a veneer of maturity, indestructibility, and meticulousness will simply, and perhaps unfairly, lose that perception under the continuous barrage of potentially high impact bugs and vulnerabilities surfaced by these tools, with not enough human bandwidth to keep up with them, and with new code susceptible to the same problems repeating over and over. This will effectively lead to an even harder push for adopting technologies that prevent a good chunk of these bugs from ever happening at any point, not the other way around.

@klisurovi4@midwest.social

I tested building from the source repo the AUR PKGBUILD uses. Vendored libupnp needed -Wno-incompatible-pointer-types to build with modern GCC. Otherwise, the build succeeded without a problem (see the end of this comment).

I also tested the executable itself, and it seems to work too, although the tool doesn't expose an option to pick the device to listen to, which may not work for users with multiple active network interfaces, if the wrong one is picked.

Here is the executable if you don't mind running binaries from a random person on the internet 😉. libfuse.so.2 should be the only non-system dependency.

git clone https://github.com/amiri82/djmount
cd djmount
# apply the diff below, then
./bootstrap
./configure
make
# the executable should be at djmount/djmount

 libupnp/configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libupnp/configure.ac b/libupnp/configure.ac
index 8c073e7..889ed9f 100644
***
a/libupnp/configure.ac
+++ b/libupnp/configure.ac
@@ -56,7 +56,7 @@ RT_BOOL_ARG_ENABLE([tools], [yes], [helper APIs in upnptools.h])
 #
 # Checks for programs
 #
-CFLAGS="-fcommon"
+CFLAGS="-fcommon -Wno-incompatible-pointer-types"
 AC_PROG_CC
 AM_PROG_CC_C_O
 AM_PROG_AR

I searched for "upnp fuse" and found a project called "djmount". The code is ancient (last updated 20 years ago), but it may still work (AUR package uploaded in 2023).

If if it indeed works, then you can just mount your shares, and access them system-wide, from any file manager or utility.

We Ran Our Own Infrastructure

Another revisionist myth. SourceForge (the first forge!) wasn't "our own", nor was BitBucket (mentioned by author), or Gitorious (which was famously archived btw). or sourceware, or ...

I guess we can call ftp servers like the gnu ones "ours". But that's about it as far as where congregations of relevant projects lived.

Did some projects self-host with trac, cgit, mailman, ...etc? Yes, of course. Just like how some projects self-host today with gitea/gitlab/...etc.

But our hero moxie verified it was all kosher. And we can't question our heroes, can we❓😏

I'm reminded of the responses I got in this thread, which ironically predates the discovered signal messages leak in iOS via, SURPRISE SURPRISE, the same component he insisted on using non-free google dependencies for in signal's official Android app (push notifications) 🙂

The new Iter struct basically mirrors slice's Iter, but with poiners/pointer arithmetic used for everything (the new next() impl). PhantomData is used in both to track the lifetime of the data pointer.

If you're posting from Desktop Linux, your comment utilized at least 10 liberally licensed libraries. And that's before it got into the wire. GPL packages are a MINORITY, not a majority with exceptions.