[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
A better XML, config is code (was Re: Profiles/manifests-related command
From: |
Giovanni Biscuolo |
Subject: |
A better XML, config is code (was Re: Profiles/manifests-related command line...) |
Date: |
Mon, 11 Nov 2019 16:56:59 +0100 |
Hello Konrad,
this thread is slowly going OT from the initial subject, anyway I found
an interesting comment from you I would like to reply
Konrad Hinsen <address@hidden> writes:
> Hi Ludo,
[...]
>> Just to say I’m not willing to replace ‘config.scm’ with
>> ‘config.yaml’, if that’s what you had in mind. :-)
>
> YAML is for kids. Real managers won't settle for less than full
> XML. ;-)
When I started studying Guix/Scheme (and I'm still far away from
understanding) I stubled on an article advocating Lisp to XML-minded
people like I was: http:/www.defmacro.org/ramblings/lisp.html
The point is: config.scm is better than config.xml that is better than
config.yaml that is better than config.json :-D
The real question is: a configure file is code or data? IMHO is code,
especially when it comes to system configuration; for this reason every
user learn to *code* in some way or another (even when using a GUI to
configure software)
Systems are complex, we should avoid complicating them (think any
configuration management system you like :-O ) *and* we should also
avoid oversimplifying them [1]; this also means users must know what they
are doing
[...]
> The question is if we want Guix to remain exclusively a power tool for
> power users.
Mumble... but every user *is* a power user when installing and
configuring a system, no? The "only" difference is what tools *and*
binary distribution (or binary building) system we decide to trust when
installing and configuring our system, and our decision should be
informed
...so yes, if it's not a channel under your control - or of someone you
decide to trust - you should better not use it (and do not copy/paste
configuration files you do not understand)
I recently read this "Curl to shell isn't so bad" article (thanks ARota)
https://arp242.net/curl-to-sh.html
«In the end it’s still just running code you didn’t personally audit on
your computer, and a matter of trust.»
Guix is the best candidate to build a software ecosystem which we can
trust (and we already have), starting from "almost zero" binary depends
via GNU Mes and stage0; and we can always /challenge/ any substitute
server :-)
This obviously does not solve the "trust in source code" problem [2],
but this is another story
[...]
Thanks! Gio'
[1] Docker "containers" are easier from an "end user" POV than
installing and configuring via a "classic" package manager... but have
you ever tried to understand what's installed in a 7 layer filesystems
container?!? So what is *seems* simple is often _complicated_ :-O
[2] and that was also *not* the scope of the famous Trusting Trust speech
--
Giovanni Biscuolo
Xelera IT Infrastructures
signature.asc
Description: PGP signature
- Re: Profiles/manifests-related command line interface enhancements, (continued)
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/06
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Pierre Neidhardt, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Pierre Neidhardt, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/09
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/10
- A better XML, config is code (was Re: Profiles/manifests-related command line...),
Giovanni Biscuolo <=
- Re: A better XML, config is code (was Re: Profiles/manifests-related command line...), Konrad Hinsen, 2019/11/13
- Re: Profiles/manifests-related command line interface enhancements, Andy Wingo, 2019/11/12
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/12
- Re: Profiles/manifests-related command line interface enhancements, Bengt Richter, 2019/11/13
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/16
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/17
- Re: Profiles/manifests-related command line interface enhancements, zimoun, 2019/11/18
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/19
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/23
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/25