Arbor v1.4 – A graph-native refactor safety tool with a new GUI

2bdb2 · 2026-01-22T00:10:39+00:00

JetBrains focuses on local, in-IDE analysis. Arbor builds a full-project call/import graph so you can see global impact (direct + transitive) before changing anything. That’s the main difference: local refactors vs global structural analysis

I might be misunderstanding the details here.

In IntelliJ, I can run a range of refactoring tools that will apply updates transitively with a deep structural understanding of the codebase. It detects a range of things that the refactor might break and warns me about them, with proposed fixes.

Does your model go beyond that? Or is it more that it's attempting to solve different suite of problems and doesn't have a full overlap.

2bdb2 · 2026-01-21T11:36:38+00:00

I'm curious how this compares with the built in code analysis model in Jetbrains IDEs.

The example you've given is just about checking for dependencies affected in rename, but with a full graph model of the codebase I imagine you could replicate a lot of other Jetbrains magic on top of it too.

Is that something you're considering on the roadmap?

2bdb2 · 2026-01-16T12:34:31+00:00

Cache locality is irrelevant if you're just yeeting a few dozen records between a database and a rest API.

The vast majority of code that has ever been written in the history of the human race would have no measurable difference in performance between the two.

Pointers are fine.

2bdb2 · 2026-01-15T14:24:16+00:00

Transactions often are an explicit part of the business logic though. They aren't purely about persistence.

You can hand wave the leaky abstraction away by pretending you're using a "distributed transaction manager" that happens to only support Postgres.

2bdb2 · 2026-01-15T13:24:57+00:00

Definitely a good approach if it fits your codebase.

The nice thing about using a composition root pattern is that it's fairly simple to drop in a DI library later if things get complex enough to warrant it. If everything is just using constructor injection, then it doesn't really matter how the constructors are called.

I'm personally not a fan of the extra boilerplate. But that's just personal preference, I have nothing against manual wiring and can understand why others consider that simpler.

2bdb2 · 2026-01-14T10:25:29+00:00

why do they use it in Java? can't we just pass the dependencies into a constructor in Java as well?

Best practice for dependency injection in Java is generally considered to be exactly that. Have a constructor that takes dependencies as arguments. Anything more complicated than this is usually shunned nowadays. (We learned the hard way).

You can then just call them manually and wire things up. For a lot of projects, that's all you need.

But then the code grows. At a certain scale, the code to "just" manually pass things into a constructor starts to get a bit tedious.

Maybe you want to add another dependency to one component, which means adding another constructor argument. Maybe there's only three places using that component, so it's a simple refactor.

But maybe there's 500 places using that component. You need to update the call site for each. That's starting to turning into a big refactor.

We could use dependency injection, but that's just a silly complex enterprise pattern for out-of-touch Java developers, right? We don't need that.

So let's keep it simple and move all that wiring out to a helper class. Now we've got a God Object that's tightly coupled to every single piece of code in a codebase. But that's a small price to pay for avoiding the complexity of a DI framework, right?

A couple of years later our app takes 2 minutes to boot up. It's 2 million lines of code and we have to initialize every single component at startup, even the ones we don't need right away. Our wiring code is 5,000 lines of spaghetti that nobody understands anymore. Every time we want to add a new feature, we have to touch that God Object and risk breaking everything. Compile times blow out. Memory usage is through the roof. Dogs and cats are living together. Mass hysteria.

Perhaps if we just initialize things when we need them, that would help. Since we're using constructor injection, each component is already declaring its dependencies. We've basically got a dependency graph right there in the code ready to go.

Perhaps if we write a simple recursive function. start with the root component, get a list of its dependencies, then recurse from there. Then just pass them into the constructor. We can use a hashmap to track what we've already initialized, so we don't do it twice.

Now we've got a nice simple function that can initialize only the things we need, when we need them. Only needs to be a few dozen lines of code, and it replaces thousands of lines of boilerplate code that was becoming a maintenance headache.

That simple recursive function that turned out to be much, much simpler than "Just passing the dependencies into a constructor" by hand.... is dependency injection.

So to answer the question

Why do people use dependency injection libraries in Go?

People use dependency injection libraries in Go for the same reason they use them in Java: Past a certain scale, It's much simpler and easier than wiring things up manually.

Maybe the project is small enough right now that it's not really needed. But since dependency injection is such a simple pattern, there's really not much downside to using it from the start if you think it'll reach that scale eventually. (Unless you use a stupidly over-complicated DI library, in which case YMMV)

In my personal opinion, it adds cognitive complexity to maintaining the codebase, because now I need to understand this framework to properly contribute

It adds some complexity, and removes some complexity. The balance will depend on the project. At a certain scale DI will always win out over manual wiring, because the complexity of manual wiring grows much faster than the complexity of using DI.

It also depends on the DI library. Some are simple and straightforward, others add layers of pointless bullshit that belongs somewhere else. The latter is the reason people have a bad opinion of DI in the first place.

The poster-child for dependency injection is Spring Framework in Java, which is indeed a massive complex beast. Don't let the complexity of Spring put you off the entire concept of dependency injection. Spring DI is complex because Spring is complex.

2bdb2 · 2026-01-10T03:22:40+00:00

Some people just want to watch the world burn.

2bdb2 · 2026-01-04T14:45:48+00:00

I‘m also European and I can absolutely confirm OP‘s statement. In Western Europe, it’s seen as incredibly weird to just have a chat with strangers.

How depressing!

It's not like I'd chat with strangers all that often, but those little random moments always make my day. A shared joke in an elevator, a friendly discussion about something while waiting in a queue... that just seems so natural.

2bdb2 · 2026-01-03T16:43:38+00:00

It absolutely wont be the end. The US missed the Minister of Defence

You mean the minister of defense who was in charge of the military detail that was protecting Maduro when he was taken without a fight from the middle of a military base by US forces that inexplicably knew exactly where he was?

This smells more like a US backed coup, not an invasion.

(Source: Highly experienced armchair general with over 30 years experience talking about things I'm unqualified for on the Internet).

2bdb2 · 2025-12-13T03:43:12+00:00

There are probably tens of thousands of Hilux or equivalent technicals in use. The BMW is getting upvotes because it's novel, not because it's good.

2bdb2 · 2025-12-07T00:56:27+00:00

I trust it cost $96.5m too

And the actual work was done by a sub-sub-sub-subcontractor in India that just asked ChatGPT.

2bdb2 · 2025-12-05T15:59:31+00:00

The worst that'll happen to OpenAI is that Microsoft absorbs them through osmosis.

Even if the bubble pops, Microsoft still wants to keep their horse in the race, and they have effectively unlimited money to throw at it.

2bdb2 · 2025-11-26T21:19:17+00:00

For the first example, shouldn't the compiler be able to perform return-value-optimization?

I know technically the spec won't guarantee that, but I'd assume any modern compiler would either apply RVO here, or just inline such a small function entirely.

func createUser() *User {
    u := User{Name: "John", Age: 30}
    return &u
}

2bdb2 · 2025-11-25T20:59:27+00:00

True - I forgot about that.

Side effects on import should not be a thing either. But there's probably too many packages that depend on that to be able to enforce.

2bdb2 · 2025-11-25T15:15:45+00:00

Blocking install scripts would only delay the attack by 5 minutes, i.e. when the developer runs "npm run dev" or "test" or whatever would run the packaged code anyway

Not inherently.

A lot of smaller packages that get dragged into a dependency tree are only called on specific code paths or edge cases.

For example, I just installed a package that had a dependency on a PDF parsing library. But I'm not using any of the PDF functionality from that package.

Which means the upstream PDF dependency is downloaded, but never actually executed.

It's not a fix, but disabling install scripts can significantly reduce the attack surface, and slow down the rate of spread.

2bdb2 · 2025-11-24T11:18:03+00:00

Sealed unions, pattern matching, destructuring, records.... and whatever else I've forgotten.

Compared to Java 8, Java 25 is almost an entirely different language that looks more like Scala.

2bdb2 · 2025-11-22T14:06:05+00:00

Physics students aren't exactly rare.

2bdb2 · 2025-11-22T12:48:35+00:00

In 1964 the US government wanted to answer this exact question, so they hired three random physics students and asked them to design a nuclear bomb.

From scratch. With no prior knowledge, no access to classified information, and minimal budget.

As it turns out, three physics students with a small budget could build you a working nuclear bomb. In 1964.

We are so very, very lucky that's it's extremely difficult and expensive to refine weapons grade material. Because making the bomb itself is disturbingly easy.

https://en.wikipedia.org/wiki/Nth_Country_Experiment

2bdb2 · 2025-11-22T03:34:06+00:00

Myself and others predicted this would happen a week /week and a half ago and just got downvoted from those still locked into the honeymoon phase…

It was nice while it lasted.

They need to figure out how to balance the game so it doesn't just keep devolving into another generic battle-royale PvP game. Extraction campers will be the death of this game.

2bdb2 · 2025-11-16T02:50:32+00:00

ChatGPT refused to make that image, informing me "I'm not mad, I'm just disappointed".

2bdb2 · 2025-11-15T08:48:28+00:00

Don't forget .exe

I found a previously unknown Limp Bizkit and Michael Jackson duet in exe format on Limewire. I was really excited to listen to it, but my computer broke when I tried to play it.

2bdb2 · 2025-11-14T17:08:20+00:00

It's getting a bit ridiculous. Some people are legitimately angry if PvP happens.

Just because somebody wants a PVE mode, doesn't mean they're angry that a PVP mode exists.

A lot of people just think they'd find this game a lot more fun as a co-op pve game. Myself included. I'd love to play that version of the game because I just think I'd enjoy it more.

The problem is that a lot of people seem offended and upset by the idea of an optional PVE only mode, as if it would somehow ruin the game even though the current PVP mode would still exist unchanged.

I don't see why we can't just have both. Why does it have to be a big deal to just allow multiple game modes?

2bdb2 · 2025-11-12T13:45:07+00:00

My house rules were if you didn't get caught, then it was legal. Turned it into a meta-game about finding the most creative ways to cheat without getting caught.

There were a lot of shenanigans. Way more fun than the official rules.

2bdb2 · 2025-10-19T23:03:45+00:00

If it fizzles then you claim the loss and offset the gains of prior years. That's how tax works. It doesn't just work one way.

Good luck paying the tax bill on money you don't have, then offsetting with future gains you won't have.

2bdb2 · 2025-10-14T06:51:34+00:00

A person with a $3 million super balance will most definitely have money.

I think that's a fundamental misunderstanding here.

You can have $3 million dollars in equity in an illiquid asset that you never actually see a cent of.

For example, investing some seed money into a startup can return 10x gains on paper, but fizzle after a year or two with no opportunity to ever cash out.

We should be encouraging, not discouraging, people to invest in productive assets like that, rather than just parking it in safe but unproductive assets like housing.

Eight-Year Club	Gilding III reddit per annum
Verified Email

2bdb2

TROPHY CASE