Fork me on GitHub
#clojure-europe
<
2021-01-21
>
dharrigan07:01:09

Good Morning!

orestis07:01:24

Good morning

orestis07:01:53

Would people pay for commercial licenses for Clojure libraries that deal with things such as SAML, emails, etc? All the boring bits and plumbing that you have to wade through just to get to something useful.

orestis07:01:35

I’m not talking about low level stuff, more like solving high level problems including eg email validation, monitoring, throttling, etc etc

javahippie07:01:52

For me, licensing valuable libraries is okay, as long as the licensing process is not too heavy, I can evaluate before buying and the licensing does not bind me for 20 years. I prefer buying support for open source libraries, but that’s a business model that is easily exploited (as we heard this week)

orestis07:01:42

I like the license model where the closed license expires after a few years.

javahippie07:01:33

(forgot: Morning)

javahippie07:01:07

That’s a good one. For closed source libraries, bankruptcy of the vendor is a huge concern for companies, this would address that

javahippie07:01:38

I like the pricing of jOOQ. It’s free with Open Source databases, and the enterprisier the DBs you use get, the more expensive the license gets, too: http://www.jooq.org/download/

orestis07:01:50

Agree, it’s one of the things that deters me from datomic usage.

dharrigan08:01:46

I use JOOQ quite a bit, when doing Kotlin.

ordnungswidrig08:01:59

What does it even do? JPA but better?

dharrigan08:01:10

much better, not JPA at all

dharrigan08:01:26

It basically introspects your db and creates a DSL for writing plain old sql

djm08:01:02

I've used jOOQ. It's quite nice, but I didn't ever manage to make complex queries not look horrible

ordnungswidrig08:01:14

Well, SQL is quite optimized for what it does.

dharrigan08:01:30

I'm spoilt now with HoneySQL

djm08:01:12

And when trying to extract stuff into methods, you can end up with crazy return types like SelectConditionStep<Record4<Long, Integer, Integer, Integer>>

dharrigan08:01:34

Are you using Kotlin?

dharrigan08:01:41

You can destructure that very nicely

djm08:01:44

No, Java

djm08:01:51

But that sounds interesting

dharrigan08:01:00

.map { (foo, bar, baz, quz) -> ..... }

dharrigan08:01:32

Using Kotlin really does make using JOOQ a lot lot nicer

ordnungswidrig08:01:37

Oh, yes. These times where I had to build a domain model User extends Entity<UserKey>> and so on. God bless persitent datastructures…

javahippie08:01:24

“These times” are still relevant for me 😫. Searching a way out of those Enterprise-Big-Company projects

borkdude08:01:59

Morning. Does anyone have a Raspberry Pi (64bit) here? There is now a non-official binary for babashka: https://github.com/babashka/babashka/issues/241#issuecomment-764009022

dharrigan08:01:32

My Pi 4 Model B is due to arrive today

djm08:01:47

In Kotlin-land I'd like to play around with SQLDelight, but Kotlin + jOOQ could be fun

djm08:01:58

I only have 32bit RPis

dharrigan08:01:22

I can give bb a whirl later

djm08:01:36

(Zero and 3B+)

djm08:01:21

I thought about getting an RPi 4, but it sounded like the power consumption was quite a lot higher

dharrigan08:01:41

I've got a PoE Hat for it

dharrigan08:01:45

plug'n'play 🙂

dharrigan08:01:53

Here's a little bit of JOOQ + Kotlin, if people aren't offended 🙂

dharrigan08:01:00

magnumDslContext
            .select(POI_TYPE.POI_TYPE_ID, POI_TYPE.UUID, POI_TYPE.NAME, POI_TYPE.ICON)
            .from(POI_TYPE)
            .where(POI_TYPE.UUID.eq(UUID.fromString(uuid)))
            .and(POI_TYPE.TENANT_ID.eq(tenantId))
            .fetchOne { (poiTypeId, uuid, name, icon) ->
                PoiType(_id = poiTypeId, id = uuid.toString(), name = PoiType.Type.valueOf(name), icon = icon)
            }

djm09:01:23

If you're interested, when trying to do something vaguely complex, we ended up with http://djm.blinkenshell.org/jooq_repository_example1.txt , which we refactored to use CTEs to try to make more readable, and ended up with http://djm.blinkenshell.org/jooq_repository_example2.txt I'm not sure if Kotlin has anything that would help with that

djm09:01:39

I'm also not sure if the CTE version is actually more readable :man-shrugging:

dharrigan09:01:02

interesting!

djm09:01:38

We needed to pull out data for the first of the year, and the last day for each month that actually had any data

dharrigan09:01:01

I certainly favour this approach far more than JPA.

dharrigan09:01:11

Which I don't think I've used for many-a-year now!

djm09:01:21

Plain SQL is hard to beat, but we wanted the type safety of jOOQ... which did come in handy as the database was outside of our control, and kept changing, a lot!

djm09:01:49

Using Kotlin for the tests also helped for that, val expected = FooRecord.apply { id = 1, foo = 2, bar = 3, ... }, meant that our tests didn't keep breaking when the database changed

dharrigan09:01:21

I share your pain, I have a db that is not under my control too, so yes, having JOOQ is superdoopar handy

ordnungswidrig08:01:55

Does Kotlin support something like dynamic language’s “ad hoc” datastructures? Oh do you still need to define a static language model (classes) to hold data?

dharrigan08:01:13

It's static, so you need what are called data classes

dharrigan08:01:50

data class Foo (val name: String? = "", val age: Int? = 0)

borkdude08:01:59

I recently played with golang. I expected it to be hard to do dynamically typed things, but it's incredibly easy just by casting everything to interface{} :)

😈 3
dharrigan08:01:34

but with the Kotlin Dataclass, it takes default's, so I can just do var foo = Foo() and it'll prepopulate it with name = "" and age = 0

dharrigan08:01:52

it supports destructing, so I can then do val (name, age) = foo

dharrigan08:01:24

tbh, it's a very nice language, and when I'm working with my fellow co-workers, and in Kotlin lang, I'm quite happy

dharrigan08:01:51

but you can pry Clojure from my cold dead hands :)

😂 6
mpenet09:01:25

@borkdude a suggestion clj-kondo upgrade

mpenet09:01:13

might belong to #clj-kondo

jkxyz09:01:20

Good morning!

slipset09:01:15

I think I’d be happy to pay for libs to solve auth etc, but I would want to have the source available to me.

orestis10:01:36

I wonder if it makes economic sense via Patreon/GH sponsors etc to take on this role in a community.

slipset10:01:11

I think what I would want is a system like the one used for Cursive, albeit a bit more complicated in some way, because I’d need access to the source code (at least once I started paying, or when I went into some agreement/NDA with them).

otfrom10:01:53

I'm happy (and do) contribute to open source. I'm always very nervous about anything proprietary in my stack

slipset10:01:55

Not having access to source code is a major PITA when you need to debug

👍 6
otfrom10:01:12

sry, contribute financially

otfrom10:01:18

I also do PRs 😉

ordnungswidrig10:01:26

@slipset one of my biggest concerns, too.

slipset10:01:33

The thing I hope my company would be happy to pay for is a security lib that was, well secure.

ordnungswidrig10:01:03

@slipset how would you know when it’s open source?

slipset10:01:13

Know what?

ordnungswidrig10:01:20

that it’s secure

slipset10:01:55

I’m not sure I understand the question, but any how. Say that https://www.pac4j.org was delivered by a company who sold pac4j licenses to companies. I would probably be willing to pay for that, given that I also had access to the source code of the lib(s) I licensed.

slipset10:01:24

If there were libs/shims for Clojure, I’d probably be willing to pay more.

slipset10:01:37

Basically, I want to out-source security and the responsibility for fixing bugs in security libraries to a (knowledgeable) third party.

simongray11:01:08

belated goodmorning

ordnungswidrig11:01:29

@slipset I was refering to the access to source code.

orestis12:01:01

Security evaluation is kind of a social thing, right? I trust latacora based on their reputation and because I’ve met lvh and he’s wicked smart, and spending all his time in security. I have no means to evaluate objectively if they’re actually good at security or not.

orestis12:01:59

So paying a company to deal with security and releasing libraries that I could use, is helping them make such a reputation for themselves and hire good people etc etc. Much better than using a library that some company developed in-house and released after.

orestis12:01:20

There’s a limit on how much auditing of 3rd-party dependencies on can reasonably do.

slipset13:01:37

It is also nice as a consumer of a security lib to be in a somewhat more formalized contract situation than “I’ll fix it whenever”.

slipset13:01:55

Even though I don’t like to enter into SLA’s myself.

otfrom14:01:15

and I'm not sure most commercial companies would have an SLA that would bind them to fixing something in a particular time frame

otfrom14:01:22

(the joke of one throat to choke)

raymcdermott14:01:31

most companies, like most organisations (and people!) will only be pushed into changing things if their largest donors threaten to abandon them

otfrom14:01:57

yeah, but successful companies won't be too beholden to any one customer

mpenet14:01:05

indeed. it's a crappy situation (happened to a place where I worked in the past). 1 client that was basically 30% of the yearly revenue

raymcdermott14:01:13

sure, having a large set of diverse customers is the dream

slipset14:01:54

I think that’s what Basecamp has done.

metal 3