<raggi>
a gem name is not equivalent to the require namespace nor is it equivalent to the constant namespace
<qrush>
totally. i wish it worked like go's. so nice.
<raggi>
yes
<raggi>
if it was 1-1, many problems get easier
<raggi>
we shoudl change this when ruby releases a backward incompatible version
<raggi>
just break the whole world in one go, at the right time
<krainboltgreene>
Fair enough, I concede that point.
<raggi>
krainboltgreene: i maintain apps that have many hundreds of depednencies
<raggi>
krainboltgreene: and the flexibility we have already is painful
<krainboltgreene>
raggi: You're not the only one.
<raggi>
krainboltgreene: pushing people to use user namespaces is going to make it much harder
<krainboltgreene>
I'm not convinced of that.
<raggi>
we've lived thrhough this before, it was really shit
<krainboltgreene>
When?
<raggi>
read back through the #sinatra logs from around the tip when rip was written
<raggi>
and whatever the datamapper channel is
<raggi>
those guys got it so badly
baburdick has joined #rubygems
<raggi>
krainboltgreene: when github did this
<krainboltgreene>
If the big issue is dependency resolution, the solution might just be to treat it as incompatible versions.
<raggi>
krainboltgreene: then you just enabled two large subtrees of dependencies to be entirely incompatible
<krainboltgreene>
raggi: That's nothing new.
<raggi>
krainboltgreene: now we have another instance of "chef ruby" and "rails ruby", where you can have one or the other, but never both trees
<raggi>
krainboltgreene: (although that's a resolver bug in the latest instance)
<raggi>
but this stuff has happened many times with this kind of setup, hell, this is why bundler exists!
<krainboltgreene>
The way I solved this in library.io was to evaluate the library underneath the parent libraries namespace.
<raggi>
the dm + merb folks were having too much of a hard time
<raggi>
krainboltgreene: that's fraught with bugs
<raggi>
krainboltgreene: what about conflicting monkey patches that are applied with eval calls?
<krainboltgreene>
raggi: I need more detail.
<raggi>
krainboltgreene: e.g. Array.class_eval "def to_hash; Hash[*self]; end"
<raggi>
that won't be caught by your monkey-evaluation
<krainboltgreene>
raggi: Well Io worked much like Ruby, in that the last evaluated thing was the reality.
<raggi>
krainboltgreene: we don't have namespaces
<krainboltgreene>
Though Io also didn't have classes.
<raggi>
krainboltgreene: constants are nothing like namespaces
<krainboltgreene>
raggi: Who is we in this, again?
<raggi>
ruby
<krainboltgreene>
Ruby doesn't have namespaces?
<raggi>
no
<krainboltgreene>
This is news to me, after 3 years.
* raggi
facepalms
<krainboltgreene>
I could have sworn I was namespacing things!
<raggi>
This::Is::Not::A::Namespace
<raggi>
it's just a stack of nested constants
<krainboltgreene>
I could have sworn nesting implies namespacing.
<raggi>
this is distinctly different, because expressions leak outside of their nesting
dfdf has quit [Remote host closed the connection]
<raggi>
namespacing implies that expression evaluation is subject to namespace rules
<qrush>
highway to the troll zone...
<qrush>
lets keep this civil :)
<raggi>
that's only the case for a small number of expressions in ruby
<raggi>
what this means, in the context of this conversation
<krainboltgreene>
I think I've heard about this from an spec issue, I had no idea that ruby didn't have real namespacing.
<krainboltgreene>
rspec*
<raggi>
is that you cannot "evaluate into another namespace" in a way that is "correct"
<raggi>
by correct, i mean wihtout mistakes / bugs
<krainboltgreene>
Right.
<raggi>
and some of those bugs, with alarming regularity, actually open up RCE vectors
<raggi>
you can add an RCE to rails just by doing that array class eval I posted above
<krainboltgreene>
So the issue seems to be less rubygems.org and more Ruby?
<raggi>
there are a *lot* of random apps that have some code like that loaded
<raggi>
krainboltgreene: ruby is restrictive on what is possible to do
<raggi>
particularly in this area
<krainboltgreene>
Add another reason why I wish Io had taken off...
<krainboltgreene>
Alright, so what about qrush's idea? We have canonical gems that have global level, but allow people (if by default) to push namespaces gems?
<krainboltgreene>
Bleh, that's not good either really.
<krainboltgreene>
I wonder if I wouldn't just be happy with `gem install --github krainboltgreene/unicorn`
<raggi>
github used to have that
<raggi>
it was awful
<raggi>
because popular gems would depend on conflicting user namespaced gems, that were 99% the same code
<raggi>
and you cannot have and load both
<raggi>
if you declare the namespaces in dependencies, then you can't install a working set
dfdf has joined #rubygems
<raggi>
if you hide the namepsaces in the dependencies, then you get bugs in production that you cannot predict
<raggi>
because no one will take the time to figure out which dependencies truly work together
<raggi>
single canonical sources is good for everyone
ckrailo has joined #rubygems
<raggi>
the only way to fix abuse is with abuse policing
<raggi>
and abuse will always happen, regardless of changes
<qrush>
rubygems is too big to fail!
<raggi>
we've been really lucky with the community so far
<qrush>
i wonder if this is a good breaking point. leave the existing thing stable and play with new, experimental ways of handling it.
<raggi>
tbh, the most abuse was dylan being a dick with squatting on debian package names
<raggi>
seriously, if you're going to design a new dependency system
<qrush>
raggi: i just had to delete 15-20 gem squats during railsconf. and the exploit gem :(
<raggi>
think about what it's really like when you have huge trees of depednencies
<krainboltgreene>
Maybe some automatic rules could be a good idea?
<raggi>
i gtg
<krainboltgreene>
Like, 1 push over the lifetime of the gem, after 3 months?
<krainboltgreene>
Blam, targeted for deletion.
<krainboltgreene>
Raggi has convinced me that ruby is too restrictive to get what I want, but I think there's room to solve 80% of the problems.
<krainboltgreene>
qrush: Thanks for inviting me to the conversation.
cowboyd has quit [Remote host closed the connection]
gazoombo has quit [Remote host closed the connection]
davidjrice has quit [Remote host closed the connection]
yeban has quit [Remote host closed the connection]
fidothe has quit [Remote host closed the connection]
capen__ has quit [Remote host closed the connection]
guilleiguaran_ has quit [Write error: Broken pipe]
JSharp has quit [Remote host closed the connection]
xerxas has quit [Remote host closed the connection]
wycats__ has quit [Remote host closed the connection]
kaichanvong has quit [Write error: Broken pipe]
johnmwilliams__ has quit [Remote host closed the connection]
qrush has quit [Remote host closed the connection]
randym_ has quit [Remote host closed the connection]
lmarburger_ has quit [Read error: Connection reset by peer]
abuiles has quit [Remote host closed the connection]
patricksroberts_ has quit [Remote host closed the connection]
Guest85414_ has quit [Remote host closed the connection]
<raggi>
those rules would break perfectly valid things
jfoy has quit [Quit: jfoy]
DanKnox_away is now known as DanKnox
acts_as_coder has joined #rubygems
jfoy has joined #rubygems
markalanevans has quit [Quit: markalanevans]
jfoy has quit [Client Quit]
jfoy has joined #rubygems
workmad3 has quit [Ping timeout: 240 seconds]
baburdick has joined #rubygems
wycats__ has joined #rubygems
paulca has joined #rubygems
markalanevans has joined #rubygems
markalanevans has quit [Remote host closed the connection]
Elhu has quit [Quit: Computer has gone to sleep.]
adac has joined #rubygems
Guest85414_ has joined #rubygems
davidjrice has joined #rubygems
fidothe has joined #rubygems
qrush has joined #rubygems
abuiles has joined #rubygems
nz__ has joined #rubygems
lmarburger_ has joined #rubygems
fcoury__ has joined #rubygems
kaichanvong has joined #rubygems
guilleiguaran_ has joined #rubygems
patricksroberts_ has joined #rubygems
yerhot has joined #rubygems
xerxas has joined #rubygems
capen__ has joined #rubygems
JSharp has joined #rubygems
johnmwilliams__ has joined #rubygems
randym_ has joined #rubygems
gazoombo has joined #rubygems
yeban has joined #rubygems
markalanevans has joined #rubygems
cowboyd has joined #rubygems
paulca has quit [Quit: paulca]
workmad3 has joined #rubygems
workmad3 has quit [Ping timeout: 248 seconds]
Elhu has joined #rubygems
Elhu has quit [Client Quit]
gaffneyc has joined #rubygems
gaffneyc has quit [Client Quit]
reset has joined #rubygems
acts_as_coder has quit [Quit: Leaving.]
jfelchner has joined #rubygems
workmad3 has joined #rubygems
pipework has quit [Remote host closed the connection]
pipework has joined #rubygems
workmad3 has quit [Ping timeout: 276 seconds]
le_gars has joined #rubygems
wojtha has quit [Remote host closed the connection]
wojtha has joined #rubygems
jfelchner has quit [Ping timeout: 252 seconds]
paulca has joined #rubygems
huoxito has quit [Quit: Leaving]
jfelchner has joined #rubygems
cowboyd has quit [Remote host closed the connection]
stevenharman_ has joined #rubygems
stevenharman has quit [Ping timeout: 256 seconds]
le_gars has quit [Remote host closed the connection]
pipework has quit [Remote host closed the connection]
adac has quit [Read error: Operation timed out]
adac has joined #rubygems
stevenharman_ has quit [Quit: Leaving...]
fidothe has quit [Ping timeout: 260 seconds]
yerhot has quit [Remote host closed the connection]
pipework has joined #rubygems
mikewintermute has quit [Quit: mikewintermute]
pipework has quit [Remote host closed the connection]
tbuehlmann has quit [Remote host closed the connection]
yerhot has joined #rubygems
bbrowning has quit [Remote host closed the connection]
wojtha has quit [Ping timeout: 260 seconds]
adac has quit [Read error: Operation timed out]
baburdick has quit [Quit: Leaving.]
paulca has quit [Quit: paulca]
yerhot has quit [Remote host closed the connection]
dvu_ has quit [Remote host closed the connection]
dvu has joined #rubygems
dvu has quit [Remote host closed the connection]
huoxito has joined #rubygems
krainboltgreene has joined #rubygems
jfelchner has quit [Ping timeout: 252 seconds]
dmison has joined #rubygems
fidothe has joined #rubygems
yerhot has joined #rubygems
dvu has joined #rubygems
darkdust has joined #rubygems
baburdick has joined #rubygems
<darkdust>
i have ruby 1.9.3 installed as ruby1.9 on my prod system, is they anyway to tell gem build to use that in the my gem binary file? i.e., /usr/bin/env ruby1.9 instead of /usr/bin/env ruby