- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Exiting news for the lady bird browser. https://ladybird.org/
“I know what a lot of you are thinking” Yeah what about Firefox? “It’s impossible to make a new web engine” Um… No … Probably not that hard really with pretty decent standards these days. Performance JavaScript is probably pretty hard and a lot of the fancier protocols.
Seriously, what makes you better than Firefox?
Whatever, another choice isn’t bad I guess.
Firefox has its own set of issues. It is the best we have right now but we could benefit from another choice.
#1 sponsor is Shopify, how does that affect the indepentness?
How can you be “independent” if you have sponsors? All sponsorships are in the form of unrestricted donations. Board seats and other forms of influence are not for sale.
…per the FAQ.
influence exists whether they want it to or not.
True but you can account for that in the organization
Exactly. When the person who holds your purse strings decides they don’t like something, they can influence you by simply… taking away your financial backing.
Why are we shouting?
As long as it doesn’t become a way for Shopify to shovel ads and collect data it isn’t a problem. We will watch with great interest
Your client is interpreting “#1…” as “# 1…” and making it a title
I was wondering why it was written in C++, but the FAQ already beat me to it.
Why build a new browser in C++ when safer and more modern languages are available?
Ladybird started as a component of the SerenityOS hobby project, which only allows C++. The choice of language was not so much a technical decision, but more one of personal convenience. Andreas was most comfortable with C++ when creating SerenityOS, and now we have almost half a million lines of modern C++ to maintain.
However, now that Ladybird has forked and become its own independent project, all constraints previously imposed by SerenityOS are no longer in effect. We are actively evaluating a number of alternatives and will be adding a mature successor language to the project in the near future. This process is already quite far along, and prototypes exist in multiple languages.Glad to see they are open to using safer languages. C/C++ was great for its time, but we really need to move on from them.
As someone who has done no programming since taking C++ in high school more than 20 years ago, what do you mean by safer language?
Go and Rust mostly
google rust language
Holy borrow checker
new 'a just dropped
C and C++ require more manual management of memory, and their compilers are unable to let you know about a lot of cases where you’re managing memory improperly. This often causes bugs, memory leaks, and security issues.
Safer languages manage the memory for you, or at least are able to track memory usage to ensure you don’t run into problems. Rust is the poster boy for this lately; if you’re writing code that has potential issues with memory management, the compiler will consider that an error unless you specifically mark that section of code as unsafe.
Thank you!
I’m not sure why people keep pushing that myth on C++. It’s been a decade we have smart pointers. There’s no memory management to be done ever.
Using the old ‘new’ is like typing ‘unsafe’ in rust. Even arrays/vectors have safe accessor.
Am I missing something?
It’s been almost a decade since I used C++ and had to verify, but after some quick searching around it looks like it hasn’t changed a ton since I last looked at it.
You can use smart pointers, and certainly you should, but it’s a whole extra thing tacked on to the language and the compiler doesn’t consider it an issue if you don’t use them. Using new in C++ isn’t like using unsafe in rust; in rust your code is almost certainly safe unless marked otherwise, whereas in C++ it may or may not be managed properly unless you explicitly mark a pointer as smart.
For your own code in new codebases this is probably fine. You can just always make your pointers smart. When you’re relying on code from other people, some of which has been around for many years and has been written by people you’ve never heard of, it becomes harder to be sure everything is being done properly at every point, and that’s where many of these issues come into play.
Hard disagree. Safe C++ code can be written quite easily these days. And better tools are coming out all the time.
Yes, but there’s a difference between “you can write safe code” and “the compiler will come for your family the next time you make a mistake”
rust isn’t a magic bullet either, it still doesn’t protect against a whole host of problems, like stack overflows, out of memory/bitflips, logic errors, memory leaks, unrecoverable errors/panics etc., and many projects are full of unsafe context rust code anyways.
That cannot be true, i used
#![forbid(unsafe_code)]
Jokes aside: yes, Rust (and Go) wont magically resolve SQL Injections, but if we remember that about 70% of bugs are related to memory safety, using Rust (or Go) will make your code at least somewhat safer
And C++, just checked the wiki and the 2 example of openssh’s heartbleed and sudo, both in C. Not C++. As expected.
By that logic scratch would be the safest language out there (or can you tell me the last time a program written/built in scratch had a bug that affected millions of ppl around the world)
I wish it was not C++ but their implementation is quite interesting. Not only is it modern but they wrote their own standard library including error handling right down to the main function. It is quite nice for C++.
All that came from SerenityOS. I hope they do not lose too much of it with the split. I mean, the Ladybird Project Leader authored most of it ( their C++ framework ) so it will probably stick. Harder to do when you start using other libraries though.
Ah, the famed non-profit Shopify.
This is the first I’m hearing of Ladybird. Looks really interesting and glad to see there are more options coming
Godspeed to them.
I wonder what’s in it for Shopify. This seems like an odd thing for them to sponsor, or a very expensive FU to Google.
Sounds like Tobi’s on another side-quest.
This does seem like a Tobi ideological thing, doesn’t it? Ugh.
Well, it could be genuine altruism. But I doubt a web totally controlled by Google sounds good to a company that relies on the semi-open web for its business.
This is a bit like Valve liking Linux I imagine.
Not to mention they have been burned by Google. They were one of the ones pushing for JPEG XL.
We need more browser engines, especially those that are under NFP ownership. WebKit and Chromium have become too dominant.
Neat. But it’s kind of concerning to see yet another OSS project hitch it’s community resourcing to Discord.
Yeah, it’s a bit at odds with their “free from corporate influence” angle. Absolutely no reason to not use Matrix.
How does the make it non free from corporate influence. The hate boner towards discord is getting ridiculous sometimes. Yeah it sucks to use a repo thats not googleable and not open source bur discord is an objectively better user experience than matrix
We see these things differently. I would argue that Matrix clients are better organized than Discord. That said, not only is Discord a privacy nightmare, but ilthe interface is only pseudo-organized at best.
All the Matrix clients are buggy using far too many resources & the protocol is slow as balls about joining new rooms while being wasteful about data duplication for throwaway bits of text/multimedia. I don’t think eventual consistency is the right model for chat & following Slack & Discord’s model is the way.
Slack & Discord both use eventual consistency?
Btw I agree with you that Discord is better UX than Matrix, but your comment doesn’t make much sense
I find the Discord interface to be utter chaos.
How does the make it non free from corporate influence.
Do they require Discord and depend on it? Yes.
Is Discord corporate? Yes.
Are they then still free from corporate influence? Nope. H Simply put, if Discord suddenly implemented weird rules the Ladybird devs would have to comply with, they’d simply have to follow suit or break their main communication channel.And of course something will likely happen like that. They couldn’t help themselves, so it’s inevitable.
How does the make it non free from corporate influence.
Do they require Discord and depend on it? Yes.
Is Discord corporate? Yes.
Are they then still free from corporate influence? Nope.Simply put, if Discord suddenly implemented weird rules the Ladybird devs would have to comply with, they’d simply have to follow suit or break their main communication channel.
I actually do not like Discord and wish they did not use it. That said “absolutely no reason not to use Matrix” is clearly an objectively untrue statement.
Andreas has always been very pragmatic. He will choose the tools he likes best.
I used to follow Ladybird/SerenityOS stuff but their takes on “political stuff” is just… too bad.
A reminder that the Servo project has resumed active development since the start of 2023, and is making good progress every month.
If you’re looking for a serious in-progress effort to create a new open, safe, performant, independent, and fully-featured web engine, that’s the one you should be keeping an eye on.
It won’t be easy trying to catch up to continuously evolving and changing web standards, but that’s the only effort with a chance.
Though I am a big Rust fan, I think Ladybird is evolving fast enough that my money is on Ladybird to become a true daily driver first. The biggest obstacle to that is JavaScript as Ladybird still uses its homegrown engine ( very slow ) and Servo is integrating SpiderMonkey.
Ladybird just got a million dollar shot in the arm. We will see what becomes of that.
Despite the Mozilla origins, I do not think you can say Servo is backed by Google. The claim from Ladybird is that it is the only browser not financially supported by Google.
I would say that Servo is corporate backed at this point and Ladybird still is not ( backed by donations only ) but with large donations by a single donor, we will see if Ladybird is able to stay completely independent over time.
Where do you get that Servo is Google backed?
“I do not think you can say Servo is backed by Google”. How did you get your question from that?
For sure going to use a webbrowser from some random programmers/organizations.
Ladybird is extremely amazing project. Andreas is a good person, with great community around him. The only thing I didn’t like is the new logo - it is very meta-ish. Looks very corporative, and doesn’t really resemble browser :(
I am still trying to decide what I think about the Ladybird / SerenityOS split.
Short-term, this is going to make it a lot easier for Ladybird to make progress. So good.
Long-term, I feel like a lot of the values that Andreas used to express about SerenityOS have been compromised.
I very much liked the, everything from scratch and complete harmony within and complete control over our whole stack idea that came with the mono-repo.
I also thought that the energy from Ladybird was greatly contributing to SerenityOS. That is lost now, as is their chief architect, technical steward, and community organizer.
Much of the low-level performance work that went into Ladybird benefited the whole OS. Did SerenityOS even post a monthly update on YouTube this month? The community engagement has already been dampened.
SerenityOS was certainly benefiting from the networking, codec, and image format work. The biggest impact will obviously be the loss of what was emerging as an amazing native web browser. They cannot even use Ladybird now due to the reliance on so many third-party components. I guess it forks from where it was?
How is error handling done in Ladybird now? It was beautifully consistent before. What now?
I don’t think there really is a need or use case for Serenity OS outside of a hobby project. However, having a new web engine would be great for the open web. I just hope they take privacy seriously.
Don’t get me wrong, I am very excited by the possibility of having an independent browser engine. Firefox was that. Mozilla as an organization has compromised that. I hope Ladybird can avoid the same issues.
The rationale for SerenityOS beyond therapy and fun was precisely the “being responsible for everything ourselves” aspect of the project. Andreas has previously described it as a form of accountability. He has also described it as a kind of freedom in contrast to the Linux model with its inevitable politics, bike-shedding, and inefficiency as you try to get dozens of projects to agree on direction and merge code. Ultimately, the mono repo allowed the project to do things right in the right place in the stack ( in the code ). It allowed the project to move quickly, to avoid legacy, and to continuously improve and modernize. It allows harmony across the entire developer AND user experience.
Linux is famously fragmented. There is no open source desktop OS that provides “whole system” design and user experience harmony. Haiku comes close but it has never gotten much native app momentum. On Haiku, you are going to run the Falkon browser, use GIMP, and run LibreOffice. None of those are developed in concert with the OS.
SerenityOS held the promise of Ladybird, and Hack Studio, and the userland utilities ( and everything else ) all being developed in concert. The same GUI toolkit was used for everything. The same standard library. The same error handling and code level security measures.
This was the “need or use case”. Not anymore.
And it is not just SerenityOS. Ladybird is not as independent as it was. Not just the sponsorships but the code. SerenityOS is no longer a dependency but 8 other projects are. No more mono-repo and goodbye to all the reasons it was considered a good thing.
It’s great to build a completely open browser from scratch and I want to follow updates from the project. They have a Twitter account but not Mastodon sigh
And Discord for communication
The other day I was reading some GitHub issues involving an issue I was also having and the maintainer of the project was directing people to their discord server to talk about and hopefully resolve the issue. On top of that, they came back to the GitHub issue and just posted that after some discussion (on Discord) the issue had been resolved. Totally useless to me and anybody else who might be searching for that thing.
sorta understandable though