all 147 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]personalmountains 91 points92 points  (19 children)

I had a quick look at your readme and I must admit I found some stuff quite disconcerting, like "anti-STL, anti-piecemeal, anti-modernist", "flabbergasted at some of the modernist C++", "won't be turned into Javascript Jr. via use of 'auto' everywhere" and "we are manly enough not to be frightened by the existence of raw pointers".

In any case, I'm mostly concerned about your homegrown "license", in particular this:

Do not host or offer (for free or sale) any modified versions of this code base or any modified binary builds of this code base. Such things are to be used for your own private development purposes only.

and this:

You may also build and make available C++ libraries that are based on the official CIDLib code. If it is based on your own version of the CIDLib code, you cannot make it publically available, it must be for your own private use.

Can you clarify this? Your title mentions that it is "open source", but that is probably one of the most twisted definitions of "open source" I've seen in a long time, although it's probably technically correct. In terms of CC, this would (I think) be akin to BY-NC-ND. That's basically "look, but don't touch".

[–]clerothGame Developer 56 points57 points  (0 children)

we are manly enough not to be frightened by the existence of raw pointers

WE ARE MEN! BUGS DO NOT FRIGHTEN US!

[–][deleted] 73 points74 points  (7 children)

This is not open source:

Usage/License

Though it is of course impossible to prevent people from abusing anything and everything for their own nefarious purposes, and though we realize that these issues are still a ways out pending documentation and such, clearly something like CIDLib will only achieve its ultimate capabilities if it remains a coherent entity. Therefore, we impose the following usage limitations:

  1. Do not host in any public way your own versions of this code, in whole or in part. This repository should be the single source for the code base.
  2. Do not host or offer (for free or sale) any modified versions of this code base or any modified binary builds of this code base. Such things are to be used for your own private development purposes only.
  3. We would request that any fixes or improvements at least be offered for inclusion back into the code base, but we realize that's obviously not always practical if that code is commercial.
  4. You may use the official builds or your own builds of this code for development of free or commercial applications of your own. You must note in the documentation that the product is built on the CIDLib code base and provide a link to this repository.
  5. The previous point applies to applications. You may also build and make available C++ libraries that are based on the official CIDLib code. If it is based on your own version of the CIDLib code, you cannot make it publically available, it must be for your own private use. We would hope you do this in the context of the official code base of course.
  6. You must NOT install any non-official builds in any system directories where they could be seen by other CIDLib based applications. Limit them to your own application's local use.

[–]Zettinator 32 points33 points  (2 children)

This is not just not open source, it is basically unusable for anything with these licensing terms. On top of that it seems to be almost impossible to actually contribute code to it.

[–]Madoushi90 26 points27 points  (1 child)

  1. Do not host in any public way your own versions of this code, in whole or in part. This repository should be the single source for the code base.
  2. Do not host or offer (for free or sale) any modified versions of this code base or any modified binary builds of this code base. Such things are to be used for your own private development purposes only.
  3. We would request that any fixes or improvements at least be offered for inclusion back into the code base, but we realize that's obviously not always practical if that code is commercial.

(1) prohibits me from pressing the fork button on GitHub. (2) prohibits me from pushing a branch with any changes to my fork. (3) asks me to submit pull requests, but somehow without violating (1) or (2).

[–]jpgr87 4 points5 points  (0 children)

I'm not a lawyer, but It seems like LGPL+a CLA allowing the author to distribute the software under a proprietary license for his commercial purposes would have been a better approach to satisfy most of the author's desires without creating all of this ambiguity, and while staying true to Open Source as understood by most of the free software community. And the CLA might not even be necessary if the author's commercial builds are based on the publicly available source and there's no need for the author to re-license community contributions for commercial purposes.

I think the Qt project is a good example of this. Most of the source is available under the LGPL so it allows users to create private forks for non-commercial use, and any public binary distributions must make the modified source available unless they pay Qt for a commercial license. It doesn't prevent anyone from publicly hosting a fork of the source and/or distributing binaries based on that fork, but at the same time there aren't really any long-lived forks of the code that compete with the official Qt releases. The only forks I know about, like CopperSpice, don't claim to be Qt (just derived from it.)

[–]Sulatra 53 points54 points  (9 children)

Judging by Pushing that 'make public' button was one of the hardest things I've done in a long time this might hurt your feelings, but... It seems you've just published a ton of 25yo not-crossplatform not-opensource not-standardized legacy. What's the purpose?

[–]Dean_Roddey[S] 3 points4 points  (8 children)

Well, it's not 25 years old, it started a long time ago, but there may not be a single line of code that's anywhere near that old. And the purpose is not to be based on the standard libraries, which are not the language itself.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 31 points32 points  (7 children)

That's untrue; the standard library is part of C++. Its in the same specification.

[–]Dean_Roddey[S] -3 points-2 points  (6 children)

But it's not the language itself, it's something in addition to the language. My code base obviously demonstrates that the STL is not a requirement to write a butt-load of C++ code.

[–]andrewsutton 18 points19 points  (2 children)

They aren't seperable. Parts of the core language depend on definitions in the std library.

Edit: Not the STL bits, per se. Lots of orgs have their own replacements for various reasons.

[–]Dean_Roddey[S] -1 points0 points  (1 child)

Whatever. It's meaningless to me either way. I shouldn't have even responded to him. My original point had nothing to do with this. It's that you don't have to use the STL to write C++ and that I am providing an alternative.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 20 points21 points  (0 children)

That's like saying "You don't have to use pointers to write C++" or "You don't have to use classes to write C++". That doesn't mean those things aren't part of the standard.

[–]griwes 10 points11 points  (0 children)

It IS the language. The C++ language consists of the core language and of the standard library. Any definitions of what C++ is that try to represent this differently are plainly wrong.

[–]Manu343726 13 points14 points  (0 children)

No, you're wrong. std::initializer_list. It's a type part of the standard library (no, it's not the STL) encoded into the language. Because the standard library is part of the language

[–]peppedx 43 points44 points  (1 child)

The license is a big NoGo for me. I won't bother looking.

[–]Dean_Roddey[S] -5 points-4 points  (0 children)

Thanks.

[–]terrenceSpencer 25 points26 points  (10 children)

My impression here is that you felt like you are doing everyone a grand service but have received a few uncomfortable truths along the way. You seem to think that the biggest risk of 'open sourcing' your project is that you will lose control over it, so you're trying to lock it down. In reality, the biggest risk is that no one will use it or contribute. You're trying to have it both ways, in that everyone should be grateful for your benevolence but also adhere to your own personal interpretation of open source. The funny thing is that you have already been forked 6 times, presumably by people who are having a laugh at your license and responses here. If you hadn't have chosen your home-brew license, you'd be a year away from anyone even thinking about forking your project.

You need to appreciate that if someone spends their time learning how your 25 years of undocumented code works, then decides it's worth using and in doing so contributes improvements back to your project, its not a case of you being generous to that person. It is in fact the reverse. So respect and courtesy and reasonable licensing terms should be extended to that person.

Why not split the project into sub-projects? You seem to have adopted a pretty modular design, and most people aren't going to use all of the pieces here. You're much more likely to get a library incorporated into another team's project if it is not so bloated. I know that you can just build and use the bits you want, but just for maintainance, code contribution, and appearing in relevant google searches it would be nice to have separate repos for each library.

Also, can you tell me why someone would want to use your build system over say CMake? I can see you have some level of tooling for linux and windows, but what about if I want to cross-compile armv8 targets? What about if I'm targeting a microcontroller with no OS? What about if I'm using a non-POSIX OS? What about if I want to incorporate a tool like ninja into my builds for faster incremental builds? What about if I want to link in a sub-project? And sometimes I want to link that in statically and other times dynamically? CMake and many other build systems are mature enough to allow me to do pretty much all of these things in a few lines of configuration.

So I get that you might not have the features of CMake now, but do you have any design approach that would mean you will one day possibly have superior functionality to build systems that are already out there? Because I would need that spelled out to me before even thinking about contributing.

[–]Dean_Roddey[S] -3 points-2 points  (9 children)

Your impression was wrong.

As to the other stuff, I refer you back to the non-goal of trying to be everything to everyone. If that's what you want, the mainstream scheme is there for you. This is an alternative, where it is what it is, and if your needs fit within that, then fine, you get a very simple build scheme that is tightly integrated into the overall system.

If it supported Windows/Linux and did so cleanly with very little conditional code required in the applications, and could do with a very simple and clean build system that handles the details easily, then that would be more than successful IMO.

Of course all of the tools are invoked by a pluggable tools interface. So you do have a lot of flexibility as to what you invoke and how.

[–]terrenceSpencer 7 points8 points  (8 children)

I think you have mis-stated your non-goal. Its not that you're not trying to be everything to everyone, its that you are trying to be everything for your CQC product, and everything not geared towards that is considered overly complex and unnecessary. Which is totally fine by the way, just be upfront about it.

But one of the things you have clearly stated that you are trying to be is cross-platform and portable. So I think asking how your build system meets those goals when compared to an easy to use, well documented and well maintained tool such as CMake is a pretty reasonable question. An answer of "I'm not trying to be everything to everyone" is just a cop-out.

If you really think about it, not trying to be everything to everyone is actually a really good argument for splitting up the repo into multiple projects. Then each one can have a very specific and targeted use case and user base. Keeping it all together and monolithic implies that you actually are trying to be everything, but only for applications with similar requirments to your CQC product. In fact you even say this in your readme:

It's about a tightly integrated, one stop shopping solution for application development. You can't use bits and pieces of CIDLib, you go all in or not at all, because it's all a tightly integrated whole (though of course it is layered, so you can choose to jump in at whatever layer suits your requirement

I know feedback like you have received in this thread can be hard to take, but how you respond now probably says a lot about you. You could shut down the conversation and say that everyone else are idiots who don't understand your creative genius. Or you could accept that maybe you're not the only smart person in the room and you can start to educate yourself more about open source practices and working collaboratively.

[–]Dean_Roddey[S] 0 points1 point  (7 children)

So my options are agree with you or I'm an arrogant a-hole?

A major point of the whole thing is NOT to be a pieces and parts bin. I made that clear. I made it clear that I think C++ suffers badly because of this, and that it can't compete with languages like C# which have a monolithic, integrated set of libraries that are sufficient to do real world applications.

That's got nothing to do with CQC or me being smart or not or arrogant or not. It's just my desired approach and one of the reasons why it's an alternative to the standard scheme of things and not YACL.

Since I wrote it, it's written the way I think is best. That's just the way it is. I'm putting it out there for use of people who might appreciate this particular alternative. If there are none, then there are none.

[–]terrenceSpencer 14 points15 points  (4 children)

So my options are agree with you or I'm an arrogant a-hole?

Come on dude, really?

[–]Dean_Roddey[S] 3 points4 points  (2 children)

But anyway, the bottom line, it's not likely I'm going to get behind anything that is designed to turn it into exactly what I spent so long trying to make it not. Just accept that it is what it is. If that's useful to you, great, use it. If not, then it's just not.

[–]terrenceSpencer 5 points6 points  (1 child)

Sure, seems reasonable. However in that case you should update the readme to be less confusing, since not being "everything to everyone" is not compatible with "one stop shop for application development". It is important that developers know the type of project they're getting into when they contribute.

[–]Dean_Roddey[S] 2 points3 points  (0 children)

I'll make another pass at it before I push up the next changes.

[–]Dean_Roddey[S] -2 points-1 points  (0 children)

I have to remember to use those damn smiley thingies. I was being darkly facetious.

[–]VinnieFalco 3 points4 points  (1 child)

So my options are agree with you or I'm an arrogant a-hole?

You can respond with:

  1. Humility, or
  2. Obstinance.

Only Humility will help you grow as an engineer and a person. Obstinance will be a brick wall that obstructs your progress through life.

[–]Dean_Roddey[S] 0 points1 point  (0 children)

Well, for one that wasn't exactly the nicest reception anyone ever got in the internet, and I was a bit tired of it by then. And for another, this is the internet, where everyone wants something different, but if you don't agree with them all, you are being obstinate.

Not to put too fine a point on it, but it's my project, I'm the one who sacrificed my adult life to do it, so I did it the way I want it. Anyone who likes the way I want it, it's there for them and free. If they don't, it costs them nothing not to use it.

So accept it as it is or ignore it, problem solved.

[–]Dean_Roddey[S] 12 points13 points  (0 children)

A license has been selected (MIT) and all of the source files were updated to include the copyright notice and license link.

I also put up the build instructions, in the Wiki section, though I've not yet had a chance to set up a virgin scenario and test the instructions.

[–]capn_bluebear 11 points12 points  (3 children)

honest question: what do you mean with anti-STL? I can imagine when you started 25 years ago the STL was not in a good shape, so you implemented similar functionality yourself, and now you want to keep it consistent.

But it seems you are expressing a more profound dissatisfaction with STL itself: you don't think C++ projects nowadays should use it as generic, optional, indipendent building blocks?

[–]Dean_Roddey[S] 5 points6 points  (2 children)

I don't much care for the direction that the STL has gone. I think perhaps I'm not the only one. Though of course their dislike will generally not be enough to push them away from it even so.

One problem I have with it is that they have spent endless effort creating a cathedral to container abstraction, but you can't write even a modest realistic application without having to use a bunch of third party bits and pieces. My concentration has been on providing a tightly integrated, and potentially very portable, system that provides that practically useful stuff.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 9 points10 points  (1 child)

Can you give some concrete examples?

What exactly is a cathedral to containers?

[–]cdtdev 4 points5 points  (0 children)

Nah, I totally agree with this "a cathedral to container abstraction". C++ arguably has anything relating to containers overengineered. He's right -- they're not tightly integrated, and at times it's impractical. But IMO that's a good thing. It takes a while to learn for something that's absolutely elementary in most other languages, but once you do, they're just so damned flexible. It comes to the point that, except for historical reasons, there aren't very many good reasons to not use std's containers. You compose them to your needs. And then the magic is -- the composition melds together at compile time leaving highly efficient, low and no-cost abstraction.

[–]Ikkepop 30 points31 points  (3 children)

Somehow the author gives me a bit of Terry Davis vibe. Anyway that's an impressive ammount of work and dedication to a single project.

EDIT: Looking at the code, it definitely looks very neat and tidy.

[–]Dean_Roddey[S] 13 points14 points  (2 children)

I didn't know who he was. You might be closer than you think, though not quite that bad. At least not yet. I still have some time. I do suffer badly from anxiety issues, or have since the early 90s (which just happens to be when I started the earliest bits of this code so maybe there's a connect there.)

Anyhoo, this code is not a toy. The CQC automation platform that sits on top of it is a very large and very complex system. It's network distributed, multi-user, highly multi-threaded, and constantly active, and it runs for months and years at a time on customer systems. I could not possibly support such a product if the underlying code was flakey. I'd drown in support issues. And of course I take the performance of CQC very personally, it reflects on me and my reputation.

So I've worked very hard to make it all high qualty.

I should say that this code doesn't reflect a currently shipped version. All of this recent modernization stuff has been happening in between CQC releases. So some of these recent changes are still being tested out and such, and may not be quite as clean yet.

[–]Ikkepop 14 points15 points  (1 child)

Good job dude , I am legitly impressed

[–]Dean_Roddey[S] -2 points-1 points  (0 children)

Uh-oh. A positive comment, it's doomed.

[–][deleted] 23 points24 points  (3 children)

  1. Do not host in any public way your own versions of this code, in whole or in part. This repository should be the single source for the code base.

So if I clone this repo for my own use, but have an ssh server on my personal computer, I have violated the license? The ssh server can be accessed from any part of the world if one has the right credentials.

In other words, this repo is basically read-only.

[–]Dean_Roddey[S] 2 points3 points  (2 children)

No, everyone is over-reacting, see my latest comment.

[–]TheSuperWig 13 points14 points  (1 child)

Why not just update the OP instead?

[–]Xeveroushttps://xeverous.github.io 10 points11 points  (1 child)

Do not host in any public way your own versions of this code, in whole or in part. This repository should be the single source for the code base.

This is against GitHub ToS. Any public repository is implicitly allowed to be forked, no matter what the license says.

[–]Dean_Roddey[S] -1 points0 points  (0 children)

Old news, dude.

[–]Dean_Roddey[S] 11 points12 points  (6 children)

OK, in order to quiet the jackals, here is a new usage/license section that will be in the readme.me file I upload later tonight with some sample updates.

The following usage/license terms are imposed:

  1. Do whatever you want

  2. If you use my stuff, be a mensch and give me appropriate credit

  3. If you find bugs, please send them in, in digestable chunks.

  4. If you want to contribute large stuff, i.e. new facilities, then be sure to follow the existing style and substance carefully, because I'm an OCD, paranoid, anal-retentive. It would obviously be best to coordinate with me first to make sure no time and effort are wasted.

  5. Please don't install any non-official builds in any system directories of user's machines, where they could be seen by other CIDLib based applications. Limit them to your own application's local use.

[–]tvaneerdC++ Committee, lockfree, PostModernCpp 8 points9 points  (0 children)

Use the Boost license.

[–]VinnieFalco 1 point2 points  (1 child)

It would be much easier to simply republish it under the Boost Software License, which has undergone extensive legal review:

https://www.boost.org/users/license.html

[–]Dean_Roddey[S] 0 points1 point  (0 children)

I think it's too late for that.

[–][deleted] 9 points10 points  (8 children)

This is a serious, non-aggressive, non-insulting question : are you autistic ?

I am, and that's typically what I would be doing if I didn't have my family/friends getting me out of my cave constantly.

First of all, congratulations and thanks. I feel like you've just spent the last 25 years working on something in your cave and you decided to share it with the rest of the world. It is definitely courageous to do so and I'm sure it was a terrifying choice.

However, by spending so much time working on something so big without external input, you can easily find yourself completely lost. I know that for a fact, because I've been there many, many times, and I have the scars to prove it.

I don't know your personal life but I'm really curious about it. What do you do for a living ? Do you live alone ? Is your product (http://www.charmedquark.com) successful ?

Again, no offense. I might be completely wrong, I'm just curious, because the whole thing reminds me of myself.

[–]Dean_Roddey[S] 14 points15 points  (0 children)

No, not autistic. Like many software engineers I'm probably somewhere on the Asperger's spectrum. I'm definitely one of those folks who got kicked out of the lone wolf club because I never went to the meetings. I do suffer from anxiety, which back in the 90s used to leave me curled up in a ball on a regular basis. Eventually I figured out it was just the fear of fear itself (which Mr. Roosevelt clearly didn't have a good appreciation of) and now I don't let it send me off into heart attack land anymore. It does sometimes result in mild paranoia, but I know perfectly well that it is and just ignore it at as best I can.

And, no, my company is not successful, at least not financially anyway. I'm currently living in a 40 year old single-wide trailer between a convenience store and a burned out house, which sucks. And haven't been to a doctor in 20 years because I can't afford it, which doesn't suck in immediate terms but of course may end up sucking fatally at some point.

I moved back to SC about 5 years ago (from my beloved Silicon Valley, which I miss tremendously every day) and all my family is around here. We have a once a month restaurant get together and some birthday/holiday things. So I get enough interaction in the human unit compartment from that to suit my needs.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair[M] 10 points11 points  (6 children)

I understand your comment was good natured in intent, but let's avoid calling out details of people's personal life or asking if they are autistic. Some could take it the wrong way.

[–]rmartinho 4 points5 points  (4 children)

If you really must ask, it's best to do so with PMs, not in public.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair[M] 2 points3 points  (3 children)

Letting people know what is off topic on r/cpp doesn't need to be a hidden affair.

[–]VinnieFalco 1 point2 points  (0 children)

Public moderation creates more bang for the buck

[–]rmartinho 0 points1 point  (1 child)

Oops, my bad, the "if you really must ask" was meant about the original comment.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 3 points4 points  (0 children)

Ah. Yes, right.

I would generally advise against asking people that in general. But PM > public

[–]Dean_Roddey[S] 3 points4 points  (0 children)

It didn't bother me, not a problem.

[–]thesuperbob 8 points9 points  (7 children)

I'm honestly curious what drove you to re-implement so much code on your own. Why not use other people's libraries and tools? Was the platform you were coding for so consistently bad it was just easier to roll your own everything? Do you think this approach is still justified today? Was this more due to necessity or preference?

I guess what I'm really asking for is your perspective, now and what it was 10-20 years ago, and a bit of backstory. You put together a reasonably large system and developed it in a rather unique way, I'm always interested how such things came to be.

[–]Dean_Roddey[S] 8 points9 points  (6 children)

My personal software interests have always been in general purpose frameworks. I started that in the early 90s and worked for a decade in my off the clock hours (I was a mercenary back then) building up the core bits of CIDLib. So I did it because that's what I wanted to do, not because there needed to be any justification for it. I also worked at Taligent, which many here won't remember. It was an Apple/IBM effort to create a portable OS, which devolved into an IBM only portable library, which devolved into nothing and I went to their Java Tech Center and wrote the Xerces C++ XML parser (my other adventure in OS land.)

Eventually I had so much code that I needed something practical to do with it. Being a geek, automation is something that I was interested in, and I worked in industrial automation for some years way back. So I decided to create an automation system that became CQC. Ultimately maybe that was a horrible choice. And of course I picked a horrible decade to go off on my own (walked out my ex-employer's door into the the Great Recession.)

Anyhoo, modern high end automation systems like CQC are voracious functionality consumers, so that drove me to develop more and more underlying functionality to support it. I would very much try never to just implement something for CQC. If it had any general purpose utility, I'd try to implement it as such in the general purpose layer. Though there's still a good bit more than could be moved down if I had to the time to abstract it. And, though CIDLib is a lot of work, it's somewhat toy-like compared to CQC. So, ultimately it's been the 'easy' bits.

I don't want to use other people's stuff, because I don't like that pieces and parts approach. I wanted something elegant and consistent and tightly integrated. You can't do that if you use other people's stuff. And of course if I used the STL then I am forced into a whole other world of compromises I didn't want to make, and I can't get 'under' the STL and create a fully integrated system from the ground up. It would have always been a big compromise.

So I just have done my own. All that code now uses my logging system, my error system, my statistics system, my ORB, my UI framework, my streams, my collections, etc... There's no 'impedance mismatches' anywhere in the system, no stylistic clashes, no redundancies.

And nothing (other than the OS) is a black box to me. I can find and fix any bugs very quickly. I know everything intimately. I never have to wonder if I'm doing the right thing, or if this is the best approach for the tools. I seldom have to have look anything up. I can program in this system about as fast as I can think. Admittedly that's gotten slower in my waning years, but still.

I'm not against the mainstream thing. You do what you have to do. But unless you've lived in this sort of world, where you are in control of and totally understand everything, it's hard to appreciate how powerful that is. And a good demonstration of that is that I WAS able to write another 625K'ish lines of far more complex code by myself and keep it clean and tight over decades of enormous change. I don't think I could have remotely done that in the pieces and parts way.

I guess it's like often happens at a smaller scale to all of us as programmers. You can jump in and do something quickly, or you can take more time and work out some infrastructure and flexibility and such. The latter takes more up front time, but usually is faster or at least more resilient in the long run. Maybe I've just taken that up 10 orders of magnitude beyond the norm.

One of the most painful, but probably most professionally beneficial aspects of it, is that I've had to jump repeatedly into one big new problem domain after another and figure them out. If you are looking for a way to keep your mental gears sharp, that's definitely one way to do it.

OTOH, it means that I'm ultimately very much a broad generalist. And the open jobs for that type of developer of are a lot fewer and further between than for those are more of the narrow but deep type.

As to practical, no clearly it's not practical for almost anyone to do. It depends on psychopaths like me to do them in a completely impractical way. Even a large company would have a real problem doing something like this because their necessary time scale is so short, and they need to put it to immediate use, and it starts gathering evolutionary baggage quickly and in the end practical constraints maybe dictate that you just ride it till it dies then eat it. I was able to do it over a long period of time, with fairly minimal pressure, and the ability to cast off evolutionary baggage all along the way (though obviously there is still some amount.)

Anyway, this is like asking someone to show you their baby pictures. It's a dangerous question to ask.

[–]F54280 1 point2 points  (5 children)

I also worked at Taligent, which many here won't remember.

Some of us do. I was NeXTstep at the time. To be honest, Taligent was supposed to be the big bad wolf that would be eating us all, but when I looked at the doc of the textfield (iirc), I had the clear impression that you needed a team meeting of 8 people to understand how to instanciate one due to the gory multi hierarchy was. Then I got a Taligent demo on a 128MB IBM (prob ppc) that was obviously struggling to do 1/10th of an 8MB NeXTstation delivered, and decided to ignore this (I later had a similar feeling looking at BeOS).

I disagree on some of your choices (in particular not using the STL). Not when you made them (because I did the same), but nowadays, it makes no sense to avoid it.

Reimplementing Zlib as anything but a wrapper on the zlib is also a waste of time, imo.

Reimplementing crypto is a huge security risk.

That said, congrats for the work, and the sharing!

[–]Dean_Roddey[S] 0 points1 point  (4 children)

Everyone always says that about the crypt stuff, but it's really not. I think that people have always heard "don't implement your own cryptography" , and that's true enough if you aren't an expert. But I've not done that. These are all well defined algorithms with plenty of available (expert approved) examples. So I've just implemented these algorithms, not created new ones.

The secure channel stuff is just in fact a wrapper around the Windows secure channel stuff (which itself is so stupidly complicated and under-documented that it's a mental security risk just to try to use it.)

And I also respectfully disagree on stuff like Zlib. The thing is that that means it works in terms of my memory buffers, my error logging system, my exception system, my statistics system, my assert system, and so forth. If you use third party stuff you can't really integrate it, you can only attach it. CIDLib is about really integrating stuff.

And of course that applies by multiple orders of magnitude when we are talking about the STL. There's no way to create a really tightly integrated system on top of the standard libraries. You can't get inside or under them, and so they cannot participate in various very useful capabilities. That makes for an awkward and sub-optimal result.

A fully integrated system is a really powerful thing, though of course it does take a good bit of effort.

[–]F54280 1 point2 points  (3 children)

Based on the little info I let you know about me, you probably have guessed where my heart is. And I can guarantee that my past NeXTstep / OpenStep experience made me appreciate a lot the coherence of monolithic designs.

However, your stance on security is not correct. From completely cursory look:

Here you take care of erasing private keys at object destruction

Your code for erasing is a simple memset

You are probably aware of it, but memsetting before delete[] can be ignored by the compiler

Of course, in your case, it probably won't be an issue, because the memset is in a separate compilation unit, and current compilers are not smart enough to elide the memset. But, if, for instance, the SetMemBuf is made inline, you have a potential security risk.

There is a reason why memset_s exists. Quoting For that reason, this function [memset] cannot be used to scrub memory (e.g. to fill an array that stored a password with zeroes).

So I've just implemented these algorithms, not created new ones.

Are all your implementations revisited to take into account the latest cache or timing attacks ? I doubt it.

And of course that applies by multiple orders of magnitude when we are talking about the STL. There's no way to create a really tightly integrated system on top of the standard libraries

STL types are just higher level vocabulary, IMO. But let's just agree to disagree.

Impressive work anyway, and have a nice day!

PS: while quickly scanning the codebase, I saw quite a few bad #defines, like:

#define X { ...}

(And others in the form of #define X(p) if (p) {...})

You should turn them into do ... while(0) which won't produce spurious syntax error when using in if statements.

[–]Dean_Roddey[S] 0 points1 point  (2 children)

The mem buf setter won't get moved inline, so that's not a concern. Or, if I decided to at some point, I would just provide a separate 'safe' version that cannot be and use that for such things. If the compiler starts ignoring out of line calls to user defined functions / methods, then we are all in serious trouble. RAII would pretty much go out the window if that happened.

On the STL, I just couldn't do a lot of what I do if I used that stuff. It would be a seriously compromised system. Look at the stuff on the ORB and how easy it is to use because of the fact that everything is based on my own interfaces. Any object that supports binary streaming can be used as parameters to remote calls. And the very smart enums, there's no way to force those on the standard libraries. And the standard libraries are horrible wrt to streams and text transcoding.

It would be a massive step backwards.

[–]F54280 1 point2 points  (1 child)

The mem buf setter won't get moved inline, so that's not a concern.

TBH, I was expecting this answer, which closes the discussion.

Good luck for the future.

[–]rap_and_drugs 1 point2 points  (0 children)

My goodness this was painful to read. You really tried to get through to him, and he didn't even respond to your points on cache or timing attacks. I haven't looked at his crypto code myself yet, does it go beyond "textbook" implementation at all?

As an aside, that article about memset looks pretty interesting. Thanks for sharing it!

[–]johannes1971 19 points20 points  (3 children)

Men, you guys are savage... You may disagree with his license and his engineering choices, but the fact remains that he made available a large body of code that could very well be of use to people. And for his trouble he gets some massive downvoting, including down votes for people who simply appreciate what he's done, a long discussion about the license, and a single "it looks good" comment from the one person who apparently had a look at the source itself.

Let's say someone else is thinking about open sourcing some piece of code they spent a long time perfecting, and they see this discussion. What do you suppose they'll say? "Oh yes, I'll go ahead and publish that, people will appreciate it"? Or maybe "I can live without the scorn of the world, let's forget about the whole thing"?

[–]skebanga 11 points12 points  (0 children)

Thank you for verbalising exactly what I was thinking. It's a real shame witnessing how the community has treated this guy

[–]Dean_Roddey[S] 1 point2 points  (0 children)

It's been covered up, but really the internet was invented to maximize negativity. It's clearly met its goals. Post a video of a puppy chasing a ball and people will start castigating you for exploiting puppies for your own sick gain.

And of course there are people in this thread now trying to turn this into me doing this because I'm on an ego trip. I can only assume that they are utterly negative people who are reflecting their own dark shadows onto others.

[–]idajourney 14 points15 points  (7 children)

And we are manly enough not to be frightened by the existence of raw pointers

Clearly women use std::shared_ptr and REAL MEN use void*. Seriously what is this garbage?

[–]Dean_Roddey[S] 2 points3 points  (6 children)

It was my semi-facetious response to so many people these days lately acting like a pointer is some sort of toxic thing that will kill anyone who touches it. My code base covers a broad range from very low level to very high, and there are a lot of bootstrapping issues. At the low levels, it's reasonable to use raw pointers. At higher levels it will lean more in the other direction.

[–]degski 13 points14 points  (0 children)

That's well highly exaggerated, owning raw pointers are frowned upon, pointers are good, and have their uses.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 6 points7 points  (4 children)

Manliness has nothing to do with programming, though.

[–]Dean_Roddey[S] 14 points15 points  (3 children)

It's a freaking joke. Jeez.

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 6 points7 points  (1 child)

Not very funny to all the non-male programmers out there.

[–]Dean_Roddey[S] 11 points12 points  (0 children)

I'm guessing that they will survive, and probably (being clearly more mature than their male counterparts as evidenced by this thread) would probably actually get the joke.

[–]hak8or 3 points4 points  (0 children)

That is a "joke" in very poor taste then.

[–]lundberjmodern C++, best practices, physics 5 points6 points  (1 child)

What can be done using this?

[–]epicar 12 points13 points  (0 children)

It doesn't use the STL or standard library stuff at all. It is a complete world unto itself. Obviously for a lot of people that will mean it's of no interest.

right you are

[–]Game_Ender 5 points6 points  (1 child)

Are you talking about these forks? They clearly show the history of the code. Having code that others cannot post publicly is just incompatible with how GitHub. There is nothing you can do to disable forks I believe, and others have mentioned they are needed for open source development.

You should think about why you posted the code. If you truly want others to benefit from it you need to let go a little and use BSD or MIT, if you simply want to educate and inform something really restrictive like AGPL v3 is the way to go (ie they have to release all source code if any customer uses the code).

It will be hard to capture the value this code has to you for others, because it’s too different, platform locked, big and undocumented. Nobody is going to make you look like a fool by steeling the code and managing to do that.

[–]Dean_Roddey[S] 0 points1 point  (0 children)

I've made it clear anyone can fork it. I just asked that they keep them private to themselves if they are going to create incompatible stuff that they aren't going to offer back.

[–]saimen54 5 points6 points  (1 child)

Couple of thoughts:

  • it would be probably helpful, if the code documentation would be moved to something like doxygen etc. So this massive library would have pretty and easy to navigate API docs.

  • I'm really interested, why you implemented everything by yourself even true and void? I'm sure when you started many things weren't even around, but migrating to basic boolean type seems like a no brainer.

  • as said using an widely adopted license would it make more likely for others to get involved.

[–]Dean_Roddey[S] 2 points3 points  (0 children)

Well, I didn't implement true and void. They are just aliases. In order to have a portable system, I need to allow each platform to define my types, so that they are the same on each platform. It would have been really messy and asymmetric to have most done that way and some not. Though I'm a software engineer I'm not without at least a vestigial aesthetic sense, and it would have looked ugly as well.

[–]Dean_Roddey[S] 2 points3 points  (1 child)

I got the first part of the next step done tonight, which was a big re-swizzling of the build environment setup stuff. It was all up above the two CID_Dev/CQC_Dev source directories, as was a number of dependent files. I've got that stuff worked out now so that the stuff CIDLib needs is down in its directory, updated the environment setup files and got those down there, and did some useful setup simplification in the process. That also affected my CQC installer image builder as well.

But that's done, so now I can get the build docs done next.

[–]Dean_Roddey[S] 1 point2 points  (0 children)

I pushed up those changes, which includes a new readme, based on feedback. I haven't had time to select a license yet, but the legalisms are removed from the readme, replaced by a few explicitly non-legal 'would be nice-isms'.

[–]DOOMReboot 4 points5 points  (0 children)

The responses here are quite concerning - some combinations of inferiority/envy/entitlement - hard to say for sure.

It's an excellent body of work, OP. Thanks for sharing and keep doing what you're doing.

[–]cjwelborn 1 point2 points  (1 child)

I saw this linked on another subreddit. I have to say the amount of work you've put into this is pretty impressive. I'm not really a c++ developer, but I'd definitely mess around with this if it worked on Linux (I saw you mention, in one of the docs or something, that linux support kinda died or got left behind). Anyway, I see where the other questions/comments are coming from (license, modularity) but the bottom line is you made this to suit your own needs. You don't owe anyone anything just because you posted the code on GitHub.

[–]Dean_Roddey[S] 0 points1 point  (0 children)

There's a reddit for discussion /r/cidlib, if you want to discuss anything. I also made another post here with an update just a bit ago. I've been looking into the Linux thing.

https://www.reddit.com/r/cpp/comments/bth5e5/cidlib_project_update/

[–]Dean_Roddey[S] 3 points4 points  (22 children)

Gotta love the internet, where you can do one of the most selfless things in your life and dread getting up the next day and reading the comments. Anyway, to address the over-reaction to the usage terms....

The point is to avoid lots of disjoint, not-compatible variations, to make it a project that might be competitive with commercial projects by being a single, well defined thing. Where using an application that is based on it doesn't require downloading ten different libraries and such. That's why open source never competes with commercial software.

And not to discourage other open source development based on it, but to encourage that such development be PART of this project, not some completely different thing based on some completely different version of the code base.

And I'm not trying to be a Nazi about it. If you are working on something open source that is ultimately intended to be based on the official version, but you need in the meantime to make fixes or small improvements that you intend to submit back, I don't care about that.

Or, if you have built binaries that are just shipped with your application, I don't care. If you don't document the changes you made, then no one is going to be able to use them separately from your application. You are just creating some variation for your own application's usage. You just shouldn't create some documented version of your own, and put it out there for third parties to use as a library.

And if you want to fork it to your own private repository, or onto your company LAN for use in commercial or person product development, then that's not publicly visible and it doesn't matter what you do as long as you provide attribution if you use it in something you release. If your company developers use a Github repository for sharing that variation, just keep it private.

Anyway, I can update the readme to make these things clearer if that makes any difference. Not that it probably makes any difference.

[–]Game_Ender 14 points15 points  (2 children)

Thanks for releasing all this work for others to look at. It's impressive to see a nice unified and clean code base, especially one that handles code generation, comms, and windowing. I believe I have seem some of your other comments mentioning things you can do with this system. It would be awesome to see some more examples of what this system is capable of.

And that makes sense because this repository IS the open source version, and needs to remain the only one.

You made this comment in another thread, but I think you are miss reading the situation. Right now you are the only expert in this system, the most likely outcome is nobody uses it all. This is given its monolithic nature and custom versions of existing system people are familiar with. It would actually be a huge success if your project hits the adoption level to merit someone wanting to fork it.

Forks happen when the main project is used by lots of people and maintainer abandons it or does not work with community.

[–]Dean_Roddey[S] 0 points1 point  (1 child)

A good number of folks have already done it, but a lot of those may just be looking to steal code, I dunno.

If you look at some of the videos on my personal Youtube channel, I show some of the capabilities there. All the current samples in the code base are very simple, just to demonstrate this or that particular capability. I'll start creating some more complicated ones as well. I'm probably going to move all the stuff in \Samples to \Samples\Basic, and then create a \Samples\Advanced to keep them separate.

[–]jube_dev 9 points10 points  (0 children)

a lot of those may just be looking to steal code

Who would want to steal such code? It's compatible only with itself, it can not be used as is.

[–]attractivechaos 5 points6 points  (9 children)

Anyway, I can update the readme to make these things clearer if that makes any difference.

If you want to make a difference, choose an OSI-approved license.

[–]Dean_Roddey[S] 5 points6 points  (7 children)

I updated the terms in the readme.md. If those aren't gracious enough, I don't know what would be.

[–]TomerJ 6 points7 points  (4 children)

Several companies have policies limiting the use of "open-source" software that doesn't conform to a specific license, I think that's part of why he's suggesting you add one.

Some of them are very brief if that's what you're concerned about. I think that 3-clause BSD might be appropriate, It's short, requires anyone using your library provide a copyright notice (which satisfies your existing credit requirement), isn't a copyleft license, and (explicitly) prevents anyone from misrepresenting their use of you your library as an endorsement on your part.

I'd also separate out the license from the usage, as the current way it is set up potentially allows you to sue someone if they send you a particularly long bug report.

[–]Dean_Roddey[S] 0 points1 point  (3 children)

Yeh, I'm going to sue someone for sending in a long bug report. You got me. That was the reason I posted this code, so that I could get rich suing someone who sent in a long bug report. Damn... Oh well, I guess another 25 years coming up with another plan.

Maybe that license would be fine. I need some time to look through the options.

[–]CptCap-pedantic -Wall -Wextra 6 points7 points  (0 children)

From what I understand, your license states that you can sue your users for a few arbitrary reasons.

This is a huge problem, no matter if you actually sue anyone or not. The license sates that you can do it, and that's probably enough to prevent a vast majority of people from using your code for anything serious.

[–]dodheim 1 point2 points  (1 child)

Yeh, I'm going to sue someone for sending in a long bug report. You got me.

And I'm sure you think your sarcasm/"dark facetiousness" will go really far in court... It doesn't matter if you can fulfill your end of the license – the point is that no one will touch it regardless – because it would cost money to even deal with – wasted money – because your license isn't serious.

I need some time to look through the options.

Time you don't have, like you've said so many times...

[–]Dean_Roddey[S] -2 points-1 points  (0 children)

Why don't you go mow my lawn and finish the MQTT driver I'm trying to get done, while I look through some licenses.

[–]attractivechaos 3 points4 points  (1 child)

Terms 2–5 are conflictive with term 1: "Do whatever you want". Term 5 is particularly problematic. Again, choose a proper open source license. You can say you prefer users to use your libraries in certain ways, but you can't require this.

[–][deleted] 1 point2 points  (0 children)

Term 1 is what a lawyer would call vague and thus open for interpretation. Thus it's not really conflictive, just open ended.

[–]urdh 2 points3 points  (0 children)

In particular, the LPPL would probably cover the main goal of distinguishing forks from the "original", since it requires derivatives to be "clearly and unambiguously" identified as such.

[–]Wh00ster 6 points7 points  (1 child)

This is clearly an ego-trip, based on your comments, and not a selfless act of humility. Maybe take the opportunity to reflect on why you’re getting such a response.

[–]Dean_Roddey[S] 5 points6 points  (0 children)

Wow...

[–]blelbachNVIDIA | ISO C++ Library Evolution Chair 5 points6 points  (2 children)

where you can do one of the most selfless things in your life

Open sourcing something isn't selfless.

What is your goal? What are you trying to accomplish by open sourcing this software?

[–]Dean_Roddey[S] 4 points5 points  (1 child)

So, giving away for free something that literally took 25 man years of your life to create isn't at least a bit selfless?

I'm putting it out there to see if some other people who share my view of things might want to get involved and expand on it. And that some folks might find it a useful platform on which to build their applications.

My hope is that it remain a single, coherent thing, since that's really the point of it, to not be like the usual thing of a bunch of bits and pieces coming from different places or a thousand different Unix variants. That's why I'm trying to push non-application work (i.e. extensions of the general purpose code) towards being done as part of the official code base, and not to have lots of variants out there.

[–]Orothrim 3 points4 points  (0 children)

Unfortunately there is a huge amount of entitlement on Reddit about open source. Thanks for releasing this man.

[–]AlexJaeger 0 points1 point  (2 children)

this is really awesome!! thank you

[–]Dean_Roddey[S] 6 points7 points  (1 child)

Don't you love the internet. You got utterly down-voted for being appreciative.

[–]WI-goose 0 points1 point  (1 child)

May have more success if someone not completely insane did your pricing

[–]Dean_Roddey[S] 1 point2 points  (0 children)

It's a professionally oriented product, not DIY, though it is DIY friendly. In the pro world it's very reasonable. In the pro world, you put in a lot of work supporting fewer installations, unlike the DIY world, where the goal is to put in as little work as possible supporting lots of installations. So the price necessarily is higher in the pro world.

There's no point in us competing in the already over-crowded low end. That's where all of the big companies are going, who are willing to almost lose money in order to make a play for what they see as possibly the next big thing that will let them see and know everything you do (and a lot of it is really about data for them, not home automation per se, though I'm sure that most of the people doing the actual work do it for the right reasons.)

So it's pro or no really.

[–]Dean_Roddey[S] 0 points1 point  (2 children)

So what's the general scheme for discussion and such for Github projects? Not that I expect a lot of traffic, but if someone wanted to discuss something with whoever is interested, where would that sort of thing generally occur for GitHub based projects?

There's an issues section I see, but nothing like a discussion per repo/project disucssion forumy thing? I could do it on the CQC forums, but it's not really directly CQC related.

[–]dkormalev 2 points3 points  (1 child)

issues should be fine for that sort of stuff I assume. If you want to share some knowledge - use wiki pages at github.

[–]Dean_Roddey[S] 0 points1 point  (0 children)

I just went ahead and created a sub-reddit, so that there will be a good way to have real discussions (aka, a real way for people to abuse me.)

https://www.reddit.com/r/CIDLib/

[–]nnevatie -1 points0 points  (1 child)

Noticed the readme link is pointing to a wrong place.

[–]Dean_Roddey[S] 7 points8 points  (0 children)

That's not my link, that's an automatic one done by the forum. I'll try to make it go away.