libera/#commonlisp - IRC Chatlog
Search
18:22:14
pl
There was even in older days a lisper here who used ECL to build commercial, custom Excel extensions with those APIs
18:26:04
sveit_
Bike: i would have guessed there would be a more "CLOSY" way of doing it by specializing initialize-instance with an :around method or something of the sort.
18:28:55
Bike
sveit_: but like, what would you be initializing? the new class. and in order to make the new class, you need to know its class, i.e. the metaclass.
18:29:42
jackdaniel
and check for the key metaclass, if not supplied then you may change the default value
18:30:11
jackdaniel
that said you'd need to specialize on something, and as bike says, the class is already a metaobject (or nil)
18:30:51
jackdaniel
when it is nil then you can't really specialize, when it is /something/ then what you are doing is redefining the class, so that's not a good way of doing things
18:38:26
sveit_
I see, thanks for the explanation. that's too bad, it seems a bit inelegant from the design perspective (surely /sometimes/ it makes sense to inherit the metaclass, and from my perspective it seems actually that if one is inheriting from some non-standard metaclass almost always you want to either have the same or a child metaclass of at least one of the parents)
22:08:00
etimmons
I was going to merge #56, but Travis doesn't seem to be running (and it doesn't look like it ran on the latest master commit either)
22:23:36
etimmons
I don't see any reason the rebase would have changed that, but I'll double check the tests locally before merging
22:30:03
fe[nl]ix
at this point, I'm inclined towards switching to Github actions, but I need to work on a way to setup CI easily on Github
22:40:38
etimmons
I realized I pointed you at 40ants/ci earlier. But An easier place to start might be https://github.com/40ants/setup-lisp
22:42:37
etimmons
It uses Roswell, which I have feelings about. But might be a good starting point if you're looking to do things the GitHub way and want to make a custom action
2:25:15
Catie
This is a pretty open-ended question, but sometimes I can load systems using Quicklisp, but I get COMPILE-FILE-ERRORs if I try loading them with ASDF:LOAD-SYSTEM or REQUIRE. Is this a known issue, and if so what causes it?
2:27:32
Catie
For me the most common one is CLX. If I don't have the FASLs cached, I can't REQUIRE it, but I can QL:QUICKLOAD it. Let me clear my cache to get the exact error
2:36:36
Catie
Well okay, now I just straight up can't REQUIRE Quicklisp systems. So never mind for now I guess?
2:38:25
Catie
I've been using it wherever I'm able because it's worked, basically. For the most part, at least
2:39:44
Catie
Can you do that without modifying asdf:*central-registry*? Because that's the onerous part that I've been trying to avoid
2:40:21
etimmons
If you're using QL then any system you've quickloaded in the past can be asdf:load-system'd after QL has been loaded
2:40:37
mfiano
I don't think it's recommended by asdf maintainers to go messing with the registry iirc
2:41:47
Catie
"modifying" in this case includes locally binding. Historically I've done a (let ((asdf:*central-registry* (cons #P"..." asdf:*central-registry*))) (asdf:load-system :whatever))
2:43:05
Catie
I've been using REQUIRE because it's part of the standard, but Quicklisp isn't. Basically I'm trying not to assume Quicklisp will be available. I suppose ASDF isn't either, but it's a de facto standard. Though again, Quicklisp kind of is as well. Hhhhh this made more sense in my head
2:44:09
etimmons
require is really only useful for implementation provided modules. because it's pretty underspecified
2:46:10
etimmons
ASDF is very configurable, so if you want to manually manage all your systems you can pretty easily configure it via environment variables (useful for build scripts) or configuration files in any number of places on your file system
2:47:06
etimmons
If you don't want to manually manage all your systems (i.e., you want to have your dependencies resolved and downloaded for you), QL or CLPM are great for that.
2:47:31
etimmons
And both of them have ways to then load your downloaded systems directly with asdf:load-system
2:48:35
Catie
See, and it sounds like I had some pretty cool magic being able to REQUIRE things willy-nilly, but then I went and observed it and it went away
2:49:09
etimmons
BTW, asdf:_central-registry_ still works (and I imagine will continue to work for quite a while), but I really recommend the "source registry" configuration methods. Much more flexible and can be done without modifying rc files for N implementations
5:15:52
sm2n
I would say reading library code is more of a cultural habit in the CL community than it might be in other language communities. Especially with M-.
5:16:36
sm2n
But I don't know if people go and read libraries from start to finish (I do sometimes).
5:17:00
ns12
With a MITM attack on a network used by Lisp zealots, it might be possible to mine Bitcoins using Alexandria.
5:20:18
aeth
as opposed to many package management systems where you can just point it at a github or whatever
5:24:01
sm2n
There are some efforts for distributed auditing/attestation, but they haven't really taken off.
5:25:36
sm2n
It's actually not bad in CL, since in my experience the set of dependencies that most projects have is relatively small
5:27:51
sm2n
the idea being that if you trust that the implementation is not malware, you should trust the libraries too
5:28:25
White_Flame
no system that I know which supports downloading libraries off the internet has a preventative vetting process for finding malicious things
5:28:45
sm2n
doesn't really work here either, but it seems plausible that people could pool money to pay people to audit code, through some foundation (the CL foundation?) or something
5:28:47
White_Flame
quicklisp as least (afaik) ensures that all dependencies in a single release all build & test with each other
5:29:15
sm2n
The issue is that most people don't care enough to actually make such a thing happen anyway
5:29:32
White_Flame
if you're concerned about security, you download a package and stop using quicklisp
5:29:49
White_Flame
include that source code in your own internal repository and don't allow updates from teh outside world
5:30:06
sm2n
This is a problem everywhere, even outside language ecosystems — how do you verify any software you have isn't malicious?
5:30:59
aeth
it's just a subset of the problem of internet communities scaling beyond manual moderation of everything being possible... in this case, of code