Slash v0.9 Released

I'm excited to announce that after countless hours of hacking and slashing through piles of perl, Slash 0.9 is finally out. It's definitely a long ways from 1.0, but we think you'll be able to download it from the FTP Server or the CVS Server and, assuming you are comfortable installing mod_perl and mysql, get your own Weblog up and running in a reasonable amount of time. The improvements and changes are too many to list here, but it's almost a full rewrite since the last release. And credit where it's due, Patrick Galbraith has really pulled it together... as both thanks and punishment, he is now the coordinator for Slash. We are starting up a mailing list to coordinate devel. Finally we also are happy to note that we have decided to use the GPL as the official license for the project. There are several other notes below.

The one thing that you'll notice missing is some of the Slashboxes. We've decided to only include Slashboxes that use the standard RDF format for backend information. This ought to be plenty of Slashboxes to get anyone started. The reason we decided to do this is that most of the remaining sites use backends that we had to ask for permission to use. You'll have to ask the same permission from the appropriate Webmasters.

This project has consumed countless hours on the parts of CowboyNeal and Patrick, and a to a lesser extent, me. We're all really excited to finally have a release ready to go, and to finally have a CVS server ready to help accelerate and coordinate future development. There's a lot of work left to do in this codebase, so if you're feeling spunky, feel free to send diffs.

Some notable features

• Many tables are cached locally in Apache to reduce SQL calls
• Mass moderation
• Customizable homepage
• Skinable look and feel by the sysadmin
• A plethora of default Slashboxes to get you started
• Highly configurable sections, including Look & Feel, and extension tables for extra fields (like the ISBN code fields we use in the authors table for example)
• Note passing system for authors in submissions
• Much of the site is remotely administratable with complicated but efficient Webforms.

TODO & BUGS

There are lots of both. Smoother installation. Preview bugs. Assorted troll protection bugs. Lots of new ideas to experiment with in the moderation system. A few security problems. Lots of interesting ways to make parts of the site more flexible for other users. Instant Messaging. Assorted advancements for the backend to help make distributed content management easier. Distributed/Load Balanced SQL. Cached Comments to reduce SQL. And much much more.

Re:GPL considerations...

Violating the GPL is only possible if you're including someone else's code and that code is GPL'd. Corel did this, is CmdrTaco?

Slash's license ought to be edited to enforce the real conditions for use, which of course accurately reflects the fact it's not compatible with the GPL.

Good

I hope Rob will now scrap this code and move to a java servlet/java 1.2 client codebase.

Re:skrip

Anyone can paint by the numbers, but it takes an artist to create something. Of course, creating a destructive force is not much of a creative act, it's more of a force of nature (or a force of thermodynamics).

Re:Mailing list?

Here's the subscribe page: http://lists.slashdot.org/mailman/listinfo.cgi

Re:Thanks, guys... This must've been a lot of work

Anyway we can fix the moderation problem?

What problem?

Well, this comment deserves to be rated up to at least 10...

Thanks for explaining the difficulty of a release process to all the whiners. So that they can officially be marked as trolls in future threads.

Thanks

I'll lay off of you now, Rob.

Re:Troll Prescience

Upcoming articles Troll talk

News for Everyone Else

How long before we see a SlashDot style site with more traditional news? Or even the top 1 or 2 daily stories covered on SlashDot to avoid the need for those pesky "regular" news sites?

Re:But what will theTrolls do?

I have retired from making grits comments. I was disappointed in the quality of trolling in general and wanted to disassociate myself from them. I may unretire in the future, however.

The original Grits Boy.

Um

If you didn't read what he wrote, he said that there was CVS access now. No point in waiting for releases.

Re:The Slashdot Source Release Procedure (C)2000 R

thank you! chide_molesta@hotmail.com

Re:Perl eh?

I'm hemos, aka Jeff Bates. I help run this site, along with Rob Malda. I handle books, and generally posting stories.

And don't forget nanotech. You wouldn't be the Hemos you are today without nanotech.

Slash v0.9 in PERL?

I guess I'll have to port it to PHP. When will people start seeing that PERL is old, slow and generally sucks?

This code is obviously not ready

You really weren't ready to put a release out yet were you? Yet you bowed to the pressure of the nitwits that post here and put it out anyway. You folded like a cheap TV tray. Take a cue from Linus, "you'll get it when it's ready."


Annonymous

BTW, thanks for all the great work. And don't forget that the above is dripping in sarcasam.

Re:Releash Slash!

Hmm... but when will X Free 4.0 be released?

Gnome and KDE 2.0?

Re:Open Source Friendly Business

fuck community friendly ;-) I'm sure that with attitudes like that, your business must do just wonderfully.

With an inability to recognize humor like that, I'm sure you're just a blast at parties.

Re:The Slashdot Source Release Procedure (C)2000 R

I can't quite figure out what language this is...

Re:Thanks and congratulations!

Check out this URL for a PHP version of Slash:

PHP Slash

What about HTML validity?

Writing valid HTML isn't that hard, so what about trying to do so? :-)

--
Hugo

Re:Cluster GRITBOXES

Just imagine it.

"Whiners"

Funny, now we are "whiners" because we expect them to be not hypocritical.

Practice what you preach. Without us "Whiners" the source code would never had been updated. We need to keep vigilant.

Hypocrisy?

How is it hypocritical to demand source code from a site which spends 100% of their time pointing out the "advantages" of open source and cursing those that do not see their point of view?

What does this have to do with me releasing MY source? I don't believe in open source, but I DO ask that people practice what they preach.

You missed the point

The source code would NEVER had been "ready" if we hadn't asked for it.

Without us "whiners" the updated code would never had been released.

Re:Mirror

I'm not sure what your particular problem was, but when I visited the link, I was presented with a nice directory with a README and a tarball.

Re:Troll Prescience

Perhaps they divined it from reading the source? :)

What's next?

Natalie Portman turning to stone?

Linus Torvalds becoming president of the world?

Nitrozac contracting a terminal illness?

See, we've still got a ways to go before we have a perfect world.

/.

We've got Slashcode.com running

yeah, /....

Re:/.

No no no, that's SlashMORSEcode.com

/_ .... ._ _. _,_ ... ._. ___ _... . ... _._. ___

skrip

actually, by definition, skriptkidz don't find the holes, they just use the blackbox skr1ptz that someone else has written.

Gee, great plan.

Then ever 1337 kid out there starts resetting your password five times a day...

Re:Great day in the morning!!

Ugly sucker, too. There's a Coelacanth webpage here.

Re:The release of the code

They sat on the code for months (years?); there was ample reason to doubt this would ever change. And once code is "ready" (IMHO this never really happens), what's the point of releasing it?

Re:now hopefully...

http://www.clarence.com/contents/tecnologia/specia li/000103decss/ you want it you got it go here

forgive my ignorance...

But what exactly _is_ slash v0.9, I mean, I think of slashdot as "just" a web site... thanks! icetweb@SPAMhotmail.com

Re:Hmm - doubting thomases

Yes, thank you.

No thank you to all the trolls demanding slashdot code.

Thank you to all those with patience, understanding, and good attitudes.

Re:Wow!

It aint beta if it works in production. I'd guess most of slashdot's problems were due to high load and limited distributed servers and availability.

Since I have the code now, I can determine if this statement is close to true.

Re:Thanks and congratulations!

What do you have against mod_perl?

Open Source Friendly Business

Hi. My name is Jeff Robinson, and I run BigCheese.com (currently in development), soon to be the Internet's only cheese-oriented vertical portal. We will provide a complete range of cheese-related e-solutions, from information on caring for your milk-producing livestock to comprehensive cheese production equipment e-leasing plans to reviews of the latest and greatest varieties of cheese.

I, personally, must say that I am very happy to see that Mr. CmdrTaco has released v0.9 of the source to Slashdot. This is a wonderful showing of solidarity with BigCheese.com: one of our guiding principles is to run our business in a community-friendly, open source oriented fashion. Heck, we'll even be using Linux servers. The sort of community-minded spirit this demonstrates on the part of Mr. CmdrTaco and company inspires me to conduct my business with just as much regard for the average guy.

Just think of it this way: you'll never have to worry about copyright lawsuits from dairy farmers. :)

Jeff Robinson
President & CEO, BigCheese.com

Re:Open Source Friendly Business

Imagine that - using Linux in order to be community friendly...

Heck mister cheese, my buisness uses Linux because it's best, and it's free.

fuck community friendly ;-)

Re:Open Source Friendly Business

fuck community friendly ;-)

I'm sure that with attitudes like that, your business must do just wonderfully.

Great!

I'm very, very happy to see this. I've been wanting to look at the latest code for a while now.

And now... [FLAME ON] Can all those stupid goddamn trolls who can't be bothered writing their own code stop WHINING and just SHUT UP! I'm sick of seeing your BULLSHIT in every goddamn article, so either download the code (which I somehow doubt most of you will do) or choke on your own HYPOCRISY, but either way SHUT THE FUCK UP!!!! [FLAME OFF]

Thank you.

Re:Can we use 'X-priority' to sort by Score/Priori

"Sure, it's lacking in features (For example, it does not distuinguish '3, Insightful' from '3, Funny'), but it works on a basic level. "

No, it doesn't.

What the NNTP idea lacks is the idea of dynamic content. NNTP is about sending messages when they are available and storing them in a news spool. Slashdot sends the latest version of a post when you want to read it, with the latest moderation details.

Or would you have the slashdot server (or however uses such a feature) send out multiple copies of each post, and cancel messages for any copies of that post that had already been sent?

Re:Releash Slash!

And Cori Nadine will move into my bedroom. The world can't be complete until that happens. Honest. It's one of Nostradamus' little known predictions.

Re:Thanks and congratulations!

Infinitely? I'd contend that mod-perl is just as capable (as in features and performance), coupled with one of many, many perl modules on cpan.

However, I would also say that it's mostly subjective. You can use python[zope], perl[mod_perl], php4, or vbscript and still achieve very similar results (give or take a little extra development depending on your objective).

Feeding the troll.

So, I guess you run bob-ix, the Unix-like OS that you wrote on the weekends and in your spare time?

Re:Feeding the troll.

No, I run Linux. Duh.

But I don't BITCH EVERY FUCKING THREE SECONDS about how the latest alpha code isn't available.

OK?

Another request

I have another request for CT:

Could you please, PLEASE put in some censor code to toss any post that contains the letter 'e', the number 8, or any sort of adjective? These might have been funny the first time around, but now I am well and truly FUCKING SICK of seeing this crap in every publication using the Roman alphabet.

Thank you.

Re:WAAAAHHHH!!!!

You label yourselves, I'm afraid...

Yet another request

I have yet another request for CT:

Could you please put in some censor code in to toss any post containing the letter 'm', too? It used to be funny, but it's really getting old.

Thank you.

Re:now hopefully...

Actually, don't just think employees, think anyone who is bored and has lots of spare time on their hands...

Re:Congrats to all concerned...

And my apologies for our behavior.

"My" apologies for "our" behaviour?

Do you have a frog in your pocket or something?

Re: GPL CSS ...

GPL CSS, doh.. not done...

MPAA suiing everyone in its sights...

A warm thank you!

For a while, I had the impression that you were a bunch of morons for not releasing the Slashdot source while at the same time forcefully advocating all kinds of open source projects.

Thank you for proving me wrong! I'm sure this will be a handsome reward (pun intended) for the whole community of Nerds.

Re:Um... Security hole?

Nah... you shouldn't forget your password. Only low-life users forget their passwords :-)

Cheers,
Anonymous CowDung (Too lazy to log in)

Re:Um... Security hole?

Oh I forgot... brute-forcing MD5 hashes is good punishment if you forget it

Damn, I hate replying to myself

Cheers,
Anomymous CowDung (Still too lazy to log in)

Oh well...

Time to get off the "Free Slash !" troll-wagon.
Now it is time to fight for a new goal:


Upgrade Slashdot to handle the load !

Victory!

Finally, Slashdot is practicing what it preaches!

Let this be a lesson for the MPAA - we WILL overcome!

Re:WAAAAHHHH!!!!

That's bullshit.

Re:Someone make Bruce a sign to wave!

*now* I know why they released it :-)

Um... Security hole?

From the INSTALL file:

The passwords are all "change". As that implies, you should change it. It's clear text, so simply change it via the database.

Um.. you mean my password is in CLEAR TEXT?!?! Why not hash it with MD5? Sounds much safer to me.

Just IMHO,
Anonymous CowDung (too lazy to log in)

Re:Um... Security hole?

Makes it kinda hard to mail it to you if you forget it, now, doesn't it?

Uhm, how about if you forget your password, they system simply resets your password to a new random password and emails that to you? You can then log into the site with the new random password and change your password.
Anybody that stores passwords in plaintext, is simply doing it wrong.

Tim unity@inlink.com

Re:Um... Security hole?

[Paul+Carver]

Anybody who thinks that a password (or cookie) passed over http is secure is deluding themselves. I doubt having your /. password stolen is all that much of a concern. You aren't using the same password for /. that you use for important systems are you?

If /. privledges were important I'd expect the password to go over SSL, but it's really not worth the overhead when the servers are already overloaded.

Re:Um... Security hole?

[Vidar+Hokstad]

Makes it kinda hard to mail it to you if you forget it, now, doesn't it?

Or maybe you like brute forcing MD5 hashed data :-)

Re:The Slashdot Source Release Procedure (C)2000 R

Now THIS is a funny troll.

Re:Problem with GPL websites

Allowing unpublished changes is a necessary evil, for privacy reasons. But there's still the fundamental inequity that they're getting our work and we're not getting theirs, all to subsidize more proprietary software the world would be better off without.

Re:Releash Slash!

Futurama will get funny.

You were being quite sensible up to this point.

Nick.

GPL and Freedom?

Could everybody please not use the word "freedom" when talking about GPLed projects? They clearly have nothing to do with eachother.

And for those that still don't get it: I download a piece of code and I know some cool ways to enhance it. So I code some changes and, community-minded as I am, I want to let everybody else use it too. So then I try to release the code for everybody to use and I include a file saying who made it and what I added. But nope, this is simply totally forbidden: I need to include all kinds of crap about forcing everybody to submit their changes to the opensource community when redistributing and more of that crap.

I could ofcourse quote mr. Franklin again but I won't, everybody is too much of a hypocrite to ever understand it anyway.

So I guess I'll just have to obfuscate the code a bit and release it to the public domain anyway. The bottomline is simple: I am a free man, if you won't give me my freedom, I will take it myself.

Re:GPL and Freedom?

[Doppleganger]

Perhaps the problem here is that you're confusing your own, personal freedom with a more general freedom.

In other words, the code is free.. not you. You're free to do whatever you want with the code, as long as you do not do something that infringes on the freedom of the code.

And yes, it does seem silly saying the code has freedom. But the general principle works, despite the odd phraseology. If you don't agree with it, no one is forcing you to use the code that is GPL'd... go write your own code from scratch so you can have control over it, and leave the free code alone.

Re:GPL and Freedom?

[Doppleganger]

Read my post... I said that the GPL *does* have to do with freedom, just not the kind of freedom that he was talking about. GPL is free code, not free people coding.

Re:GPL and Freedom?

[Ded+Bob]

Reread the original poster's comment. He asked that people refrain from comparing freedom with the GPL. He did not state he had a problem with using GPL'd software.

Re:Thanks, guys... This must've been a lot of work

My own project? I'd love to, but my day job owns all relevant work (consulting shops don't mess around in this regard).

As for Mozilla being "too early", I can't hypothesize a course of events that would have brought Mozilla to a more advanced state right now than it's already in. It took a long time because they started with crap, and fixing it quickly took the kind of massive effort Netscape couldn't afford themselves.

The answer for support is to feature an email address prominently that auto-responds with a FAQ and blackholes the mail. The FAQ explains that you're on your own and how to offer patches by email (for those without CVS commit priv), and the patch address bounces any mail that doesn't seem to contain a unified diff. I'll grant you this is more of a nuisance to set up than it ought to be.

If someone is too proud to let everyone find out some of their code is buggy, why would they even pretend to be part of the open source community? This is like cleaning before your maid arrives- if you don't want to rely on him, why bother?

Re:Thanks, guys... This must've been a lot of work

Excellent points!

While ESR said "release early, release often" I also seem to remember something about having something together enough to release in the first place.

I have used the Slash 0.3 code for a couple of sites and it was a royal pain, especially to customize. I've gotten several comments about "have you seen that site, they just ripped of slashdot!" To which I have to explain about open source, and if they looked they would see several points of credit and links to slashdot on the site.

I even consider it a point of admiration to use the Slash. I think the slash is a great concept and well done.

Now that I am done fawning over Slash, what about support? We are the open source people here. I know I am not the only one to use slash in the wild. Let's get some groups together to support it. It would not be very hard to do a couple of tweaks to Slash to use it for a good open forum for support.

We have servers, we have source, we have people, so let's get to it.

chris

chris@pugrud.net

---
Not anonymous, not a coward, just too lazy to create a login.

Re:Slashdot Boycott Day

[volsung]

No, wait, don't give up yet! There are so many other grievances to fixate upon:

• Rob posts stories about things other than Y, my pet topic.
• Rob supports evil Nazi moderators that mark down informative posts about the homosexual tendencies of many well known people.
• Rob prevents trolls from posting after several trolls from the same IP in a short time.

I say riot, my brothers and sister, riot! Leave this poor excuse for a communications medium and stick it to The Man (of whose conspiracy Rob has most assuredly become a part of). That will teach them to respect you. I hereby reinstate the boycott, but extend the duration for a week!

That's right, from Friday, January 28 @ 12:00PM EST to Friday, February 4, @ 12:00PM EST no one shall use Slashdot. Rob shall quiver at our might! Viva la revolucion! Viva la independencia!

Note: The needs of the revolution may dictate that we extend the boycott, perhaps indefinitely. Please do not return to Slashdot unless you receive a specially encoded email informing you that the boycott has succeeded. Such sacrifices are needed if we are to fix the evils of Slashdot!

Re:HOLY FUCKING GOD-DAMN SHIT!

[pudge]

"Flamebait"? That previous post was marked as "Flamebait"? I wish I knew what country the moderator in question came from and what "Flamebait" means in his culture.

Re:Perl eh? Sure

[pudge]

jjohn, you kiss just like my dad!

Re:now hopefully...

[screeching+weasel]

>> we are using Linux, arent't we?

no, we are not. we are using OpenBSD and BeOS.

What happened to 0.4-0.8?

[DJStealth]

I seem to remember the version being waited on for so long was 0.4, and since, they've created 5 versions before the source was released again.

Yet Another Mirror

[Steepe]

I have mirrored as well.... Everything you need all in one place.

ftp://cnhtech.com/pub/slashstuff

Not quite.

I ordinarily do not respond to trolls, but I felt this was an important issue to discuss.

The comments on Slashdot are no more GPL'd than text edited with GNU Emacs. Software products which use source code from Slashdot and that are distributed must be distributed under a GPL compatible license. Data processed by Slashdot (such as articles and posts) do not constitute derivative works, because the posts/articles are not code, are not modifying the Slash code, and are certainly not redistributing modified versions of Slash.

Re:now hopefully...

Security through obscurity is a very sound principle. It's just that most peeps don't get the fact that when you drop a bit of code onto somebodies computer, it's no longer obscure. I can make a trivial security system and as long as you can only see and feel the thick seeming walls, the strong appearing lock, the heavy bolts, it's pretty secure even it was designed and implemented by an idiot. But if I let you come in and examine it, then I'm phucked.

WAAAAHHHH!!!!

I'm a troll, but my gripe was legitimate. For a while it seemed like the slashdot crew was full of shit. However, they definitely put their money where their mouths are and I can say that I myself downloaded their code within 6 seconds of the announcement (forgoing first post to do so). So don't give me that crap. Some of us trolls care about the community and sometimes even write decent code. Don't label us :-).

The release of the code

I look with some amusement at the comments congratulating the /. 'ers for DOING EXACTLY WHAT THEY SAID THEY WERE GOING TO DO. For all you sniveling bitchy worms that have been flaming the whole crew about this for the last while I suggest that at NO time did the slashdotters deserve the heap o' stink you selfishly foisted onto them....just because they didn't feel like the code was ready when YOU wanted it, didn't mean that they were going to do anything other than what they promised- make the code readable and realease it when they felt it was ready....I hope whatever paybacks there are in this universe are dealt out accordingly to the crybabies who must have made life VERY difficult in what SHOULD have been a wonderful year for these fine folks.

Re:The release of the code

[mce]

They sat on the code for months (years?)

You seem not to be all that knowlegeable about the past status of things. Which really makes me wonder whether you are actually interested in using it, or only in talking about how bad it is that it (or rather: the current version) was not available.

Anyway: it is deemed now ready for release, which is not the same as being ready. The point of not releasing before it is ready for release is to make sure that people can start using it before they fully understand it. This is good.

--

Re:The release of the code

[Mike+A.]

You know, something just occurred to me. It is this: If you know lots of people are going to be reading the source you release, it drives you to make your code a lot cleaner than it would've been if it were closed. And of course, cleaner code is easier for you to maintain too.

I wonder if ESR has commented on this benefit of open source...

Re:The release of the code

[mce]

Exactly.

I sure have written crappy code in the past, when deadline pressure became too big and the boss was breathing down my neck. This works "fine" in a closed environment: if the program works, things are OK (hmmm, actually, most of the time things already are OK if it merely exists, but my professional pride demands that it also works). But tell me to open source that code, and that same professional pride will make me insist on cleaning it up first.

--

Re:Python

[Ranger+Rick]

I have to say that writing Perl is a lesson in frustration and mental torture, or at least I found it to be so before I gave up on it altogether :) Personally I far prefer Python ...

And you'll find just as many Perl programmers that say the exact same thing about Python; being "too restrictive, and Perl supports all the same things AFAIK". Let's face it, Perl and Python are (usually) mutually exclusive. :)

Re:The first hack I plan

[Ranger+Rick]

In NNTP, you would always be reading at -1, unless you have spam filters set up, just like any other news group.

Yay!

[maelstrom]

As a long time Slashdot reader, I'm pleased to see one of the premier Open Source advocacy sites living up to its ideals. I have to admit I was worried for awhile there.

Keep up the good work and remember to Use the source, Luke. Release early and release OFTEN.

Re:Yay!

[Lucabrasi]

Another mirror site for y'all: http://www.y2brand.com/slash/

Here's a thought...

[Enahs]

isn't it funny that other folks were using the Slash code before it was released today?

CLUE STICK: Slash has been "out there" for a while (that's what the "code" link is, surprisingly enough) it's just that Slash 0.9 is now released. For some reason, the damn trolls know how to write, just not how to read. :^)

Re:The first hack I plan

[jhebert]

Gnus, an emacs newsreader, already does pseudo-nntp access to slashdot, including letting you set your threshold and everything.

(granted, it's not real nntp, you can't use an arbitrary newsreader, but since gnus is my newsreader...)

Re:Perl eh? Sure

[jjohn]

I'm going to make you my Junkyard whore, Pudge.
Just you wait...

Re:Great day in the morning!!

[jjohn]

Coelacanth. It's a fish thought to be exinct for thousands of years. Coelacanth?

PHP-Slash already exists!!!

[Garfunkel]

Checkout http://phplib.netuse.de
or
http://glug.goshen.edu for an example site
(sooo much nicer in PHP)

Re:HOLY FUCKING GOD-DAMN SHIT!

[pudge]

Oh, real mature.

Re:Perl eh?

[pudge]

What is best? Whatever you like. For something like Slashdot, I think Perl is the best choice, because it has great scalability and speed and flexibility, and it runs everywhere. PHP might be fine for you; I don't like it because I can't do as much with it, and because I know Perl well enough to do whatever I want with it. Simply put, I don't need PHP.

The only bad thing about Perl is one of its primary virtues: it lets you write code in pretty much any style you want. What does that mean? It means that code like Slash, which is hack upon hack upon hack over years, can get kinda ugly (although it is much better than I thought it would be, judging from what some people had told me). I hope we can clean it up and make it better. That would be a Good Thing.

Re:You weren't waiting for a clean release!

[pudge]

Well, it is not big secret. There has been a lot of work on this in recent weeks, and Patrick did a hell of a lot of work over the weekend, and as expected right before a release, we did a lot of work on Tuesday, all day and into the night. Sweat and tears and Perl and MySQL.

Re:GPL considerations...

[pudge]

You are incorrect. The code is under the GPL. There is no longer a requirement for the link back to Slashdot.

Re:Mailing list?

[pudge]

There is one. http://lists.slashdot.org/mailman/listinfo.cgi

Re:HOLY FUCKING GOD-DAMN SHIT!

[pudge]

This post was at 7:30 last night, and the story was posted this morning. How did that happen?

Congrats to all concerned...

[Stormbringer]

..and thanks.

Re:Congrats to all concerned...

[jd]

I'd like to second that. (Well, thirty forth it, given all the other replies. :)

A -VERY- big congratulations to the entire Slashdot team, for a job well-done! The Slashdot code is perhaps one of the premiere news dialogue systems in existance, and it's authors deserve to feel proud of their achievement.

Last, but not least, any comment I've made in the past, wrt the source, I have done my utmost to be constructive from all sides and accepting of any decision made by the Slashdot team. However, ideals and me don't always mix too well, so I'd like to take this opportunity to offer a sincere and unconditional apology for -any- post or e-mail of mine which came across, to any degree, as offensive, whinging or trolling.

I -hope- nothing I have written about the Slash code has come across that way, but it's really not my place to tell others how they should take something.

Re:Congrats to all concerned...

[Menthos]

Well, I want to say a serious "Thanks!" to Rob and the rest on Andover responsible for this too!

Moderators: Even if this may be redundant, I don't think that Rob & Co. could get enough thanks to compensate for the bitching and harassments they have recieved previously, trust me, I was one of those thinking Bad Things (tm) about Rob and thought "hypocrisy", even if I didn't post those thougts on Slashdot, but merely agreed with every other person bitching.

I feel truly sad for myself and my judgement today, and happy for Rob and all others who have quietly worked behind the scenes to make this happen, even with the flames and bad thoughts from qlueless people like me.
Not only has Rob listened to those who wanted the source up-to-date, he has made it GPL too, made one Andover employee code maintainer, and fulfilled every other wish Slashdotters had. That's nice work.
Again, thanks, and keep the good work going. And my apologies for our behavior.

Re:Congrats to all concerned...

[Vladinator]

Kudo's to the entire tarball team! Thanks guys, we knew you'd get it out, 'When ready'. Rob's comments aside, we're greatful!


Hey Rob, Thanks for that tarball!

Re:now hopefully...

[Mawbid]

Not in the long term. Think ex-employees, for instance.
--

For the love of...

[John+Siracusa]

Will someone please buy these guys a programming book of some kind? Checking return values? Using Perl's quoting operators? Avoiding namespace pollution? Hello? Anyone home? Gah!

Re:Perl eh?

[Tal+Cohen]

I developed a Slashdot-like system from scratch, since I needed Hebrew support (which is not easy, considering the mess current browsers make out of Hebrew web pages). I used PHP, and I'm very satisfied. While I do not have any real experience with Perl, I'd vote for PHP.

You can find the site at http://www.haayal.co.il (meaningless if you don't read Hebrew).

Thank you.

[jwhyche]

Thank you Rob and crew. Now can we find something else to whine about? :)

Why call it Slash (totally Irrelevant)

[Monty+Worm]

I understand why you call the site slashdot, but why call the source Slash?

<Downloads source>

Yeeek! Welcome to the Jungle, baby!

Is the next release to be called Axl?

RE: what'll-the-whiners-complain-about-now?

[thinker]

1. Your functional illiteracy.
2. Jon Katz. (Sequitur 1.)
3. Sloppy journalism.
4. Redundant sloppy journalism.
   ("Check it once, post it twice.
   Question the source?
   That wouldn't be nice.")

---------------------------------
"The Internet interprets censorship as damage,

Kudos to Taco!

[Evan+Vetere]

...and Pater and the rest of the gang. I think you've just defused virtually all of the criticism headed your way as of late...

I'm downloading the code now, and you can expect diffs from me. And it's time for the requisite gripe: "You coulda used the artistic license..."

Re:Perl eh?

[Mad+Browser]

I've got a weblog going written in Java (Servlets) running at Suckage.com.

The source code is GPL and is available at Sourceforge at this address.

The first code release is *VERY* rough but it's getting there.

--hunter

Troll Prescience

[Christopher+Thomas]

This post was at 7:30 last night, and the story was posted this morning. How did that happen?

There appear to be several undocumented features that the trolls have the ability to access. This includes, but is not limited to, viewing of articles before posting on the main page, and a message board that seems entirely devoted to troll messages.

(conspiracy theory)This suggests that there is at least one troll on Slashdot staff who set up the message board and leaked undocumented feature information.(/conspiracy theory). Or it's possible that the slashdot staff hoped in vain that a message board for trolls would cut down on the number of other troll posts.

Re:Troll Prescience

[Zurk]

no they didnt. this has been debated quite extensively. its fairly simple to do it. *hint* check my previous postings on the subject.

Re:Troll Prescience

[phil+reed]

There's a bug (or maybe it's a feature) that allows you to make up your own SID in the URL, thereby creating your own article. I've seen a few referenced on some articles.


...phil

Re:Thanks, guys... This must've been a lot of work

[Crawl]

I guess my question is: how exactly does code for a website become dependent and integrated with the machine on which it is running? This is something that I've been wondering for a long time. If it's just a bunch of perl scripts and databases, just change paths to programs/files and database/table names. Or is that the problem? There are so many of those things that you have to change, and they're scattered all over the place. Or is it something else that I don't understand?

NT

[um...+Lucas]

So... now that we have the code - anyone want to help me port Slash to Win 2000/ASP's/SQL Server? :)

I don't know... I think I'm joking!

Re:NT

[RedX]

Check www.wonko.com for a Slash-like system running on Win2000/MSSQL using ASP's.

Re:Another Shameless Plug

[thedude]

Whoops! Try this:

http://phplib.netuse.de/download

Great day in the morning!!

[Jose]

It's like the Selikamp! What once was lost, now is found!

Re:Great day in the morning!!

[SPorter]

I heard that they caught one off the coast of Madagascar.

Re:OT? Improvement suggestion

[Taurine]

I did think of the abuse angle, but thought it wasn't a problem assuming that meta-moderation has no automatic effect upon the system (about which I could be terribly wrong).

As I understand it, there are many more meta-moderators at one time than there are moderators. My guess is that pretty much every moderation gets meta-moderated quite a number of times. I imagine that statistically there are many more good meta-moderators than bad/rogue meta-moderators. The each good meta-moderator's work would have the same 'extra' weight as any bad meta-moderator under the proposed scheme, so a bad bit of meta-moderation would quickly get counteracted.

I assume that fair and unfair is each worth one meta-moderation point, and all meta-moderations of a moderation are added together to get the meta score, therefore a whole group of moderators with the same opinion of a comment would only get a negative effect from the system if the majority of meta-moderators that saw that moderation thought that moderation was unfair.

Re:OT? Improvement suggestion

[Taurine]

I don't think meta moderation works that way. I think that moderation adds the points instantly, so if four people give a comment from a logged in user Interesting, it gets a total score of five right away. These moderations will soon get meta moderated. If a particular moderation gets an unfair, I think that moderator loses some karma, which in turn reduces their likelyhood of getting to moderate again.

Or is it just that the /. administrators get a list of users who have receive a lot of unfair meta moderations, and then decide whether any of those users need to be banned from moderating? Can anyone explain? I would read the source, but 'learn PERL' is quite a way down my todo list.

Thanks, Rob. I'll shut up now.

[f1r3br4nd]

Just two days ago I posted an off-topic flame about how Rob & Co. aren't living the same OpenEverything ethic they advocate. Now, I don't know whether to feel ashamed or vindicated.

I guess I'll be less judgemental in the future.

Not any more

[Industrial+Disease]

Maybe they were just so rushed to put out the new release under the new license that they didn't update that line of the page. At any rate, it's a request now instead of a requirement. Next whine, please.

Re:The first hack I plan

[wangi]

I was developing a web-based forum system with an NNTP backend... htpp://newwws.linuxbox.com/

Impressive

[auntfloyd]

Maybe Slashdot isn't run by a group of hypocrites like I have said in the past. It's good to see them cacthing up with reality. The CVS server is also an extra bonus. Hopefully, we won't have to have "Free the Slash Source" campaigns anymore.

~~~~~~~~~
auntfloyd

Re:Thanks and congratulations!

[Linux+Freak]

I just find PHP infinitely easier to develop with than Perl. Besides, PHP was built for web pages, not just practical extraction and reporting. ;-)

Re:OT? Improvement suggestion

[ContraB]

...for example, Interesting, then only one instance of Interesting should appear on a meta moderation page, and a meta moderation of Fair or Unfair should be applied to all the moderations with the same value. This would further increase the amount of meta moderation done without adding any user effort.

Maybe I am just unlucky, but I see this kind of duplicate almost every day.

Hey, I've thought this exact same thing as you. However, I just thought of a potential for abuse. If someone were to purposefully do a bad meta-moderation (ie., the post in question truly was "insightful", the moderation applied was "insightful", but the meta moderator voted "unfair") then in one stroke that meta moderator could foul up a number of moderators' otherwise very proper sensibilities. With the current system, the potential for this abuse is a bit better limited.

I'm not sure how to deal with that scenario. Would it happen frequently enough that this would be a problem? Only the Slashdot crew really knows, I think. Suggestions?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Re:SlashDistro? SlashoColo!

[SeanNi]

> The whole problem here is that someone - a metagod (M[infinity]) - would have to run the meta-Slashdot.

Around these parts, that guy's name is "root"...

It's a fine line between trolling and karma-whoring... and I think you just crossed it.
--
- Sean

Moderation?

[periscope]

Does this mean that someone could figure out how the system copes with the intricate details of Moderation and Meta Moderation, how it assigns karma points AND, most importantly, who gets to moderate? I realise that the code is released, but before anyonw flames me, CmdrTaco, is the code you released the exact same code that /. is running on now? It just occurs to me that some troll could figure out a way to get on the fast track to moderation...

Re:GPL considerations...

[YoJ]

The creator of the code can license the code under any license they wish. Slashdot has choosen to license the code under a modified GPL license that includes a terms-of-use clause (you must link back to Slashdot). The only "problem" is that they didn't release the code under the GPL, so it is not fully free software. This is choosing to use a non-free license, not breaking an existing license.

That said, I think that requiring people that use the code to link back to Slashdot is perfectly acceptable.

-Nathan Whitehead

This isn't redundant....

[Chuck+Chunder]

because it's something that simply can't be said enough.

You guy's rock!

Re:This isn't redundant....

[zantispam]

ROFL!!

(Of course, the parent I'm replying to has been moderated (Score:1 Redundant))

Either there is a moderator that just doesn't get it, or there's a moderator with a very twisted sense of humor.

I prefer to think that the latter is the case...

:-)

Oh, and thanks Rob!!!!

Here's my copy of DeCSS. Where's yours?

punctuation schmunctuation

[Chuck+Chunder]

Why do I only notice after I've posted? (yes I do preview).

Re:Thanks and congratulations!

[angelo]

However, I would also say that it's mostly subjective. You can use python[zope], perl[mod_perl], php4, or vbscript and still achieve very similar results (give or take a little extra development depending on your objective).

All of the above are quite capable systems, though you left out zend. I mention it only because it allows you to compile your scripts into code and can execute from 10 to 700% faster. Very cool tech.

Re:Thanks and congratulations!

[angelo]

Well, yes he did actually, since Zend is incorporated into PHP4

PHP4 works as a module, zend is a server.

Wouldn't you know it...

[Danchez]

... I downloaded 0.3pre just yesterday and was going finishing up the install today, when I read SlashDot, and lo and behold... 0.9 is out!!!!

To Rob and all the persons involved, Thanks for the hard work!!!

That quote!

[jdub!]

The quote at the bottom of the page when I first read this story was:

Coding is easy; All you do is sit staring at a terminal until the drops of blood form on your forehead.

Sound familiar, guys?

Congratulations Rob, Hemos, Nate and the rest of the gang... The code is now everyone's, but the perspective, as always, is all yours.

And that's what Slashdot means to me.

Re:OT? Improvement suggestion

[Webmonger]

Yeah, but what if a comment is only slightly Interesting? (Sort of like this one!) Say it doesn't deserve a 5, but it does deserve a 3. Who you gonna call?

A miracle???

[Le+douanier]

For those that don't believe in God, this is the ultimate proof that a miracle can happen ;)

I won'd use it directly myself but thanks /. and its operators for the work they do.

Re:Someone make Bruce a sign to wave!

[Uart]

'Limo.... you are my hero

Re:The Slashdot Source Release Procedure (C)2000 R

[Wah]

...dunno, but that SmokeMoreCrack call has got to be addi^H^H^H^Hrecursive.

Check that one out...

[fReNeTiK]

slashd, line 182, sub fpsBeDamned

#################################
# I suppose I'll let the secret out: for a few months, before the moderation
# system came into being, this little function faked "First Posts" and then
# deleted them when a real comment came along. Worked pretty well, and nobody
# figured it out. I disabled it when the moderation came online feeling that
# it was a cleaner solution. -CT

Cool hack... Left me ROFL ;)

Re:Jolly good show...

[PapaZit]

At this point, the moderation code has been released into the wild, and any attempts to patent will be thwarted by "prior art". It'll be up to us to make sure that the patent office knows about it, though.

Hmm - doubting thomases

[sufi]

Of course, no-one cares about slashcode anymore do they, it's just a hack made by someone who doesn't care anymore because they now have lots of money.

Cynics :o) - Now we can do things properly, just like it should be, and I look forward to it developing into a true opensource project just like people have been wanting since /. began! :o)

Congrats CmdrTaco for getting it right! It looks like you have delivered exactly what you promised!

:o)

Re:Hmm - doubting thomases

[dennisp]

"Of course, no-one cares about slashcode anymore do they, it's just a hack made by someone who doesn't care anymore because they now have lots of money"

While in jest, your comment still stinks. What an insult to those who worked hard to make this initial release. Why do people find it so easy to be rude on the net?

Re:OT? Improvement suggestion

[Chandon+Seldon]

Learning Perl is easy and worthwile.

All you have to do is go to your local bookstore and purchase "Programming Perl", just read the book and you'll know Perl.

Re:Mailing list?

[empath]

Sweet, thanks.

Mailing list?

[empath]

So um, how about a mailing list for slash users? Then people can get help without bothering the big Taco or anyone else, and it can be a place to talk about new/desired features and stuff. Anyone?

I think it was sarcasm

[divec]

I think the original poster was being sarcastic, and mocking the many people who really have been saying things like that.

Re:I think it was sarcasm

[dennisp]

Yes, it is 3am here and I am unable to grasp simple english. Sorry about that sufi. I think I'll go be a hypocrite somewhere else now :)

"Avoid" ...

[divec]

... is a book which avoids using the letter "e" throughout. Dunno if it has "8" in it, but I imagine it does have adjectives.

Re:"Avoid" ...

[CdotZinger]

Actually it's "A Void," by Georges Perec, who wrote it in French, which must have really sucked--and yes, there's an 8 in it, which is cheating. (Well, in the English "no-e" translation it's cheating; Perec cheated with French twenties.) He also wrote the world's longest palindrome, l think it was thirty pages or so. Goofy guy, decent writer.

Re:Perl eh? Sure

[TheTomcat]

Consider that Allaire is close to release CF for Linux. 8-)

I've been beta testing ColdFusion 4.5 for Linux (beta) on a non-production box, on and off for a few months now, and it works GREAT.

The only snag was that we couldn't keep our small databases in Access(mdb) format (yea.. I know.. I was planning on moving them over to SQL soon anyway).

Way to go Patrick

[coredog]

When will webedge.slashdot.org be available?

Corey

Wow!

[wnissen]

It's wonderful that the Slash code can be released, but isn't it interesting that Andover.net, with /. as one of its main properties, has already gone public whilst running beta software? I wonder what'll happen when Slash 1.0 is in use. Secondary offering anyone?

Walt

Re:Mirror

[ken_i_m]

This link asked for a userid and password.

Re:Where are the karma points?

[Kvort]

I have noticed this too. It appears that the highest level posts get sorted according to "Highest score first", and the other level (replies to posts, replies to replies to posts, etc) get sorted according to time posted. The only reasonable reason for this I can see is that it creates too much overhead to do sort messages recursively. Either that or its a bug. :)

>>>>>>>> Kvort

Re:Releash Slash!

[Uberdog]

and free transmeta chips for all!!!!!!!!!!!!

wheeee!!!!!

Re:Thanks and congratulations!

[Phrogman]

Well, yes he did actually, since Zend is incorporated into PHP4.

PHP3 The other alternative..

[Egorn]

I built the dtheatre.com code with Killbot up there and I was a firm believer in Perl some one would ask me to check the time I would make a perl script to do it.. but now I have converted all the way to PHP3 (PHP.NET) I still use perl for NT based sites and for some basic scripts like say a news headline grabber etc and it has far better regular expressions than anyone else.. but for everything else there's PHP3

Give it a week there'll be a PHP3 version

[Egorn]

somebody out there has got to be building one.. We got pretty close but we didn't need all the features for ours at dtheatre.com but there are a lot of people building little slash clones everywhere..

You can slash tires without a PhD in Rubber

[Rares+Marian]

The only guy who needs the source is the guy wants to fix it.

M'kay flaming code great, is there nothing cool

[Rares+Marian]

left undone?

Something like coding something useful. Like taking the /. code years earlier and building a site as opposed to leeching submit queues like a lazy bum and use up /.'s bandwidth in a way similar to the bug that downed AT&T's entire phone network years earlier. Not a crack, an actual bug which proved centralization where it's not needed is dangerous. Course I can name countless non-technological examples of such.

Rares

Re:Hooray!

[blogan]

Bad idea. People could then delete anything that started dragging their karma down. It'd be better if people just thought before they posted. Or they'd have to figure out how to handle the moderation that was done to the comment after it's deleted.

Re:The first hack I plan

[jsewell]

Unless you had a /. enabled newsreader that could process the X-Slashdot headers.

It could provide message threading display options the same as on /. (flat, nested, etc). It would also parse the moderations on the articles so it could filter articles based on your preferences.

You could do moderation from within the newsreader, but the /. comments server would have to allow the clients to modify the moderation fields in real time. Which would mean the client would have to authenticate /. member logins, and then only provide moderator access to users at the same time the regualr /. interface does, keep track of points left, etc.

On the downside, this is going to require some knowledge/changes/co-operation from the /. servers and operators.

On the upside, imagine a /. client for the Palm Pilot...

(yes, I know, you can read /. on a Palm with a web browser now, but the point is you could probably code a lightweight /. client for just about ever platform.)

Re:now hopefully...

[Vidar+Hokstad]

Nice troll... The issue of the poster you replied to is quite valid, but your sarcasm is misplaced.

There is a reason to be wary of potential holes in the Slash source because so many changes have been done without peer review.

This isn't a negative thing with open source - it's a negative thing with closed source development.

Had incremental changes to the Slash source been posted, and a distinction between "stable" and "development" version been made, then the risc would be much smaller, since you's have lots of people looking over the code before it would be used for production sites.

Re:Thanks, guys... This must've been a lot of work

[steelhawk]

Right!

(I'm no expert, so correct me if I'm wrong) but the main purpose of Slashdot is not to develop the Slash code for all the geeks out there, but rather to be a good news site for geeks (and maybe others too)... right?

At least I see it this way:
Giving the Slash code away too is just a bonus, so people should stop bitching about delayed releases and all that crap!

NO!!!! Damn you!!!

[Deosyne]

Now you release the latest code?!? Now?!? I finally got the damn pre0.3 to work!!!

Just kidding (well, not about getting pre0.3 to work). :) Actually, thank you very much for releasing this as I have been looking forward to getting a hold of a more recent version of the code. And more importantly, thank you for the additional support towards the code, such as the Slashcode site and CVS tree. :) I really appreciate it.

Deosyne

cheers

[fantomas]

thanks for your work and subsequent GPL'ing of the same. Big respect to thee clan of slashdot.

Re:Python

[spiralx]

There's probably a way to do this in Python, but I don't know what it is.

for i in range(10):

myname = "FD%d" % i
tmp = "'This is variable %d'" % i
exec "%s = %s" % (myname, tmp)

print FD6

Well, that's the first way I thought of to do this, and probably the simplest, although it's not quite as simple as Perl's ability to name variables using other variables :) From what I know the latest version of Python (v1.5.2) has all the same regular expressions as found in Perl v5, but they certainly aren't as easy to use as in Python. Still, your code got the thinking, and I might go back and practice my Perl a bit more :)

Python

[spiralx]

I have to say that writing Perl is a lesson in frustration and mental torture, or at least I found it to be so before I gave up on it altogether :) Personally I far prefer Python which is a hell of a lot more readable, supports all the same things AFAIK (it's been a while since I touched Perl) - regular expressions, SQL, HTML etc. And there's far less $ and $$ around :)

Re:Python

[Ranger+Rick]

The point of this rambling post, I guess, is merely to state that I am a single counterexample to his Ranger Rick's statement that Python and Perl are mutually exclusive. Of course, that means nothing, since he qualified it with 'usually', so I guess this means nothing at all!

You think your post means nothing? Well, check this out!

:)

Re:Python

[Our+Man+In+Redmond]

Differnt strokes for differnt folks. Personally I've never found Perl to be all that difficult, and it does allow for some things that are tough or maybe impossible to do in Python, like:

for ($i = 1; $i < 10; $i++)
{
$myname = "FD" . $i;
$$myname = "This is variable number $i";
}
print $FD6; # prints "This is variable number 6"

There's probably a way to do this in Python, but I don't know what it is. I also find Perl's quoting and regular expressions to be more comprehensive than Python's. It's probably just because I've used them more in Perl, and let's face it, Perl was built to muck with text files and it does a great job of that.

On the other hand you're right in that Python is a lot easier to read once it's written. Plus, its OO foundation makes writing things like GUIs much easier. OO in Perl always struck me as something of an afterthought, probably because it didn't come in until version 5.

At any rate both languages have quite a bit to recommend them. I'm glad I learned both, although I will admit not every language is suited for not every coder. I for instance have had a terrible time trying to grok C and C++, though I find them easier to deal with since I started using Perl.
--

Re:Python

[hcsiii]

Let's face it, Perl and Python are (usually) mutually exclusive. :)

I have used Perl, Python, and PHP3 (no PHP4/Zend yet) extensively. I continue to use both. I use Python on several projects where I have to work with other individuals on the code.

So far, they seem to find it easier to understand my meaning in Python.

(I'm the sort of fellow who uses multiple pointer indirection in C/C++ w/o really thinking about it much... not good for most of the people I work with ;-P)

When I have a quick script to write, I choose Python or Perl based on what is most readily to hand, as they seem nearly equal for this purpose. I do prefer Perl's documentation style. I like man-pages (though I seem to be very much alone in that), and find the regexp search features in less considerably easier that going to X for dvi, or lynx for html help for python. (html help is nice, but I can only search the current page, or use the limited search capacity provided by the website)

I've mostly used PHP3 when working with projects based in PHP3. IMP, TWIG, and PHPMYADMIN are all fun to work with. I implemented several complex MySQL based database interfaces with PHP3, rather than Zope, because it was easier to make the web-pages completely dynamic, using a single page to render subsets of columns from single tables, and multiple joins, with easy query's on whatever columns happened to be present.

When not constrained by other factors, I prefer to use Zope and DTML for my web-design, with Python as a backup to accomplish that which is beyond DTML.

The only thing which strongly pushes me from one ot the other, is if it seems to me that the project would be best implemented in an object fashion, because I don't like how Perl works with objects.

[ I do have to admit, I may not be the best example of a Perl vs. Python programmer, as I am also something of a language junkie. I have yet to use Postscript output extensively in a program, but I learned enough Postscript to write several PS programs to generate iterative and algorithmic images from our HP LJs. ]

The point of this rambling post, I guess, is merely to state that I am a single counterexample to his Ranger Rick's statement that Python and Perl are mutually exclusive. Of course, that means nothing, since he qualified it with 'usually', so I guess this means nothing at all!

Oh well.

Bravo!

[noc]

Usually I don't like 10e9 messages all saying the same thing, but sometimes I think it serves a purpose. Having a ton of praise for the Slash release is entirely appropriate. So, good job, guys! I know what a pain it is to release customized, idiosyncratic, constantly evolving code. And Slash is larger than anything like that that I've tried to do that with. (setq slashdot-esteem (* slashdot-esteem 2))

Open Source & Slash Releases

[chandler]

Good job. Anybody that runs a project knows the difficulties of releasing code. It's a lot of little stuff. I recently released something that didn't unpack into a new directory. Whoops, forgot to check for that! Anyway, the moral of the story is that you've got to check a lot of things before you can just go off and throw out a tarball of some source. Thanks for a good system. I understand the wait.

Btw, if anybody wants to get involved with a project, click my homepage link. I need help.

Re:now hopefully...

[ralmeida]

I thought that was the strength of open source -- we are using Linux, arent't we?

Where's the rest?

[forsberg]

So, now the 'Slash' is out at version 0.9

What I'm wondering is when the 'http://' and the 'dot.org' parts get released?

Now I Know Why Slashdot Is So Slow

[Agrippa]

Hey guys, mysql chokes big time on ORDER BY and GROUP BY statements. Sure they might be fine in other databases but mysql has a really hard time with them and it will lead to performance degredation. You should look into different ways to structure your SQL. Multiple selects, for instance, is much faster than one select with an ORDER BY and/or GROUP BY. Mysql flies on selects. Just a word of advice. Thanks for publishing the source, too :-)
.agrippa.

It's about time - No thats not what I mean.

[cruise]

I want to flame taco still cause I'm still offended by the attitude that came out of the "interview" a couple of weeks back but it would be wrong to do so.

Congrats, You've come through and in a way which is a very good representation of how "most" OpenSource projects make their information available.

I'm very happy to see that this has been done. And I'm sure CmdrTaco and company will really appreciate the reduction of heat over the issue.


They are a threat to free speech and must be silenced! - Andrea Chen

Yet Another Mirror

[Steepe]

I have mirrored as well.... Everything you need all in one place.

ftp://cnhtech.com/pub/slashstuffs;l

This is almost completely irrelevant

[KillBot]

I know. PHP has come a long way since when I started using it. I went with it mostly because I still find perl confusing, and because I like the structure of C++. Aside from that, cool! Hemos responded to my comment. That's almost as nifty as when he sent out ad rates personally. When will all the slashdot staff action figures hit electronics boutique :)

Thank you

[bons]

I'm sorry I doubted you.

Ken Boucher.

-----
Want to reply? Don't know HTML? No problem.

Re:Perl eh? Sure

[jallen02]

Cold Fusion is out for Linux, HP Solaris Been testing Linux servers all week. :-)

SLASH

[jbarnett]

Nothing but slash.

Thank You Slash Dot . Org Crew!

Slash Rules

Opps, I just though of something, do you guys think you will be sued by Guns & Roses?

GPL none the less, this makes me feel awhole lot more comfortable with the code than the "other" license Rob put on it. Sorry Rob but that first license just sounded alittle to "if-y", but putting it under GPL was a really good thing.

Thanks SLASH

I can see it now.

[Strog]

trolldot.org where you get moderated down for posting with your account. News articles are about Natalie Portman, trolls, hot grits and Don Knotts. It would be great as long as they don't try posting it all here too.

Of course I just added another 24 hours of wait time for this new website.

Still, I think it is a good thing that the source code is released. One less thing for AC's to whine about and might get some improvements too. Let's see if all you guys saying what you could do with the source are blowing smoke or not.

License requirements?

[Mark+Imbriaco]

On the download page it says that a requirement for use is that you display a Slashdot logo and a link back to Slashdot, but it appears to be under the GPL which would seem to preclude the old BSD-ish obnoxious advertising clause. Which is it?

Slash Crash and Burn

[davelee]

I seem to have run across a strange situation using redhat's Apache-1.3.9-8 rpm, mod_perl 1.21 and otherwise following exactly the instructions in the INSTALL file in the slash 0.9 tarball. Apache coredumps on the section. Excluding it at least allows Apache to start. Of course, Apache then proceeds to coredump when you try to access localhost:/ So do any of you brilliant people have any ideas? :)

Re:Jolly good show...

[st.t]

Given the lack of progress up to this point, I figured that Andover would copyright the code, patent the moderation system (and I think it IS patentable)

I think it is patentable, and it should be patented by the Good Guys before some corporate asshole tries to become a manipulative uberjerk about it.

Re:Another Shameless Plug

[Euphorea]

Uh, yer link is NFG...(Not Following Good ;)

Not Found
The requested URL /downloads was not found on this server.

Re:The first hack I plan

[hick]

Yes, NNTP !

I *hate* web chat systems and web message board
systems - you're lucky to get me to use it for this post.

Give me NNTP and I'd read the "comments" far more often using a proper newsreader.

This feels dirty.

Re:The first hack I plan

[Yarn]

ok, for incoming posts strip any moderation line, and have:

X-Slashdot-User:
X-Slashdot-Pass:

X-Slashdot-Moderate: [message id] [moderation]

Of course its a kludge. You think it isnt already!?

The first hack I plan

[Yarn]

NNTP comment retrieval, followed by NNTP comment posting...

* Yarn fires up vim
* Yarn remembers exams, and postpones :/

Re:The first hack I plan

[Yarn]

how about a header:
X-Slashdot-Moderation: -1 (troll)

maybe also
X-Slashdot-Parent:
X-Slashdot-Children: ...

Re:The first hack I plan

[matthewg]

I wrote it for 0.3, plan to update for 0.9. Check the code link.

Re:The first hack I plan

[AT]

X-Slashdot-Parent:
X-Slashdot-Children:

These might be nice, but it would much really cool to have newsreaders properly thread the articles. I think most newsreaders do threading on the References header, so of course it should support that.

Re:The first hack I plan

[Foogle]

Like I said: A big fat kludge ;) But hey, it's an idea anyway...

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:The first hack I plan

[Foogle]

You could do it, but it sounds like the whole system would be an awful kludge. Besides, you couldn't moderate while in NNTP mode, and anyone could hack their posts to have

X-Slashdo-Moderation: +4 (insightful)

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:The first hack I plan

[kgarimella]

If I recall correctly, there isn't a sort of moderation system that has evolved here in Slashdot when dealing with Newsgroups. I *think* what happens is that the administrators end up moderating the groups themselves. However, with a site like Slashdot, there's no way the admins would be able to moderate every single post, so in an NNTP setup, would we all be moderators? Or would a different client have to be created? I'm curious as to how exactly the threshold system will function in a newsgroup to keep Spammers/Trollers/Etc. down...

Re:In progress?

[Yarn]

Of course its feasable, I'd not be trying it otherwise :)

I looked at the code page but I want to do it my own way, from scratch.

Re:Thanks, guys... This must've been a lot of work

[sjames]

There are so many of those things that you have to change, and they're scattered all over the place.

I haven't looked at the new slash release yet, but I've seen EXACTLY that problem before. The nice thing about perl is that it is easy to make little tweaks here and there and evolve a CGI rather organically. The bad thing is that doing that can make 'portable' code remarkably non-portable.

Of course, none of us ever give in to the temptation of the quick and dirty fix that can lead to this problem [GRYNNE]

Re:Problem with GPL websites

[Fastolfe]

I hear this as an often quoted failing of the GPL, the fact that anyone can take a GPL'ed project private and allow people to use it (sans binary access) without necessarily being required to release the source.

Why is this a bad thing?

This allows GPL'ed, tried and tested code to make its way into proprietary networks and architectures. If we required all modifications to GPL'ed projects to be re-released, regardless of how the project was to be used, that would totally destroy the ability of companies to make proprietary, customized modifications to GPL'ed software for internal use, which is, by far, one of the most appealing things about GPL.

GPL considerations...

[jelwell]

On the Slash code page you mention "The only restriction is that you must put a Slashdot Logo and a link back to Slashdot on any site that uses our code. Beyond that, have a ball." I don't know if you're aware of this or not, but that is a violation of the GPL. Maybe you meant to alter the license so that users cannot do whatever they want with the code, as long as they release updates - that are distributed - back into the fold.

We gave Corel hell for it's GPL mistakes. Now it's time to see just how stupid even Slashdot can be. Is there something about the GPL that makes it too hard to understand? Is it freedom?
Joseph Elwell.

Re:GPL considerations...

[sethg]

Maybe the code page used to say that, but it doesn't now. I quote:

If you want, you're more than welcome to put a Slashdot Logo and a link back to Slashdot on any site that uses this code.

That's an encouragement, not a demand. The license is straight GPL.
--
"But, Mulder, the new millennium doesn't begin until January 2001."

You weren't waiting for a clean release!

[roystgnr]

Honestly, can you really go from "it's too site-specific and ugly to release" to "here's slash v0.9" in a few days? I don't think so.

No, clearly the slash release was ready last week when we were all whining about it, but CmdrTaco decided it would be fun to see how many Slashdot regulars he could sucker into make asses of themselves in said whining first.

Consider me suckered. Egg on my face.

Thanks for the code, guys.

Re:You weren't waiting for a clean release!

[Pascal+Q.+Porcupine]

Actually, in their defense, I do believe that they could go from one point to another in just a few days, for the following reasons:

1. Search-and-replace: a lot of site-specific things can simply be replaced by global variables, which can be put into some other included configuration file. (It IS PERL, after all.)
2. CowboyNeal has absolutely no life outside of his job (whatever it is) and BSI projects, and lately he's been permaidle on #everything - rare for him - meaning he was definitely pulling some major hours elsewhere.
3. Depending on how the code is structured (I haven't looked at it yet), it may have only seemed to be site-specific but maybe there was some simple way to liberate it. And in any case, it's not like they wrote hand-coded assembler which would only work on one particular release of libc6.1 on Debian 2.2 (Potato) which had been last apt-get updated on 1999/12/23.

Basically, I don't know what to believe, but frankly I don't really care so much, and there's plenty of explanations for any standpoint. Yes, this could just be some "investor relations" crap Andover.net suddenly decided to pull to raise their stock price, or it could be Rob and company suddenly realizing that they have had a decent release for some time, or maybe they really did work their asses off to make it releasable. I'm inclined to believe the latter.
---
"'Is not a quine' is not a quine" is a quine.

Re:Where are the karma points?

[Pascal+Q.+Porcupine]

Karma was never something designed to be boasted about, and although it was fun to have a publically-visible high karma, I got an enormous backlash from little snots who decided that my high karma was a sign that I was simply out to gain karma in any way I possibly can. Read my user info for more information.
---
"'Is not a quine' is not a quine" is a quine.

Hooray!

[otis+wildflower]

Now it's time for those of us (myself included) who have been whinging for months about this to put up or shut up...

Anyone have any feature ideas? (My fave so far: _cancel_ your own messages.. VERY TRICKY to manage those trees, but possible...)

Let the hacking begin!
Your Working Boy,

Re:Hooray!

[otis+wildflower]

Maybe (to make it super simple) allow any registered user to self-down-moderate, with karma penalties... Hmm, maybe after the departmental meeting, time to patch moderateCid.. ;)


Your Working Boy,

Re:Hooray!

[ufdraco]

And this would be a bad thing? Karma is not an end-all and be-all. The whole point of moderation is to get rid of the crap that isn't worth reading and point out the good stuff. So if they got moderated down big time and deleted their post as a result, then all the better--nobody has to read the crap anymore and the poster has learned his lesson. And by the same token, a highly moderated person can retract on finding that their apparent "insight" was completely wrong (as happened to Sig11 once--and there wasn't a moderator willing to moderate it down--I tried, but nobody seemed to understand the "offtopic" as being valid (all they had to do was read the replies...))

At any rate, you could still have the moderation stick, as the karma is located in a separate field that moderation only makes +1/-1 modifications to. If when deleting the comment, you don't undo the moderation that was done on it, the karma stays the same. Ta da! Problem solved!

As to how to handle the reparenting, don't. If it has children, replace the text with <this comment has been retracted> and perhaps wipe the poster's name as well. If there are no children, then delete it straight. Not that hard, as I see it.

I don't have anywhere to put it

[tilly]

Case of a $#!@$#! firewall.

I just wanted to be sure that they saw it. (They did.) According to the response I got it is in a queue and should get tested today or tomorrow.

Cheers,
Ben

Re:And now try to make them happy that they did it

[Syberghost]

I for one appreciate your modifications and enthusiasm in sharing them, and if I had moderator points I'd even give ya one right now, but I gotta say, I think that in general it'd be better to put a diff file out on the web somewhere and post a link; no reason why the whole thing should take up space on Slashdot's hard drives, and no reason why it should use up bandwidth every time somebody views the page.

Re:SlashDistro? SlashoColo!

[doom]

Yeah, just think: six months from now, every
weblog in the Universe will come equipped
with a Katz filter!

In progress?

[Johnboy]

Well, under the code page there's an indication that this is feasible. You did read the links, didn't you?

Thanks and congratulations!

[Linux+Freak]

To CmdrTaco and the rest of the Slashdot crew, thanks for this gift to the Open Source community.

[Now, if your next version is PHP-based, I might end up using it myself ;-) ]

(Score: -1, Flamebait but Insightful)

Quick! Mirror it before the DVD CCA sues them!

[DragonHawk]

Oh, wait, that's DeCSS, not Slash. I got confused.

Ah, the CCA will probably sue them anyway. Little things like actually doing something wrong don't bother them much.

Oracle

[Robert+S+Gormley]

I prefer Oracle's default password for one of its accounts:

"ChangeThisAfterInstall" (or something very similar)...

:-)

Re:SlashDistro? SlashoColo!

[Le+douanier]

As much as I respect their work, the guys at Slashdot have to eat, sleep, and post articles. They can't be coding round the clock.

Why not??? Then we should jail them and give them for only distraction the possibility to write / code, without having the possibility to post stories of course, this would take too much time for them to check the story and they probably would complain of having been jailed and other human rights stupidities.

NOTE to moderators: DON'T TAKE IT SERIOUSLY

Re:Can we use 'X-priority' to sort by Score/Priori

[GregWebb]

But is this an issue if we use Slashdot-controlled news servers ratehr than standard servers?

I mean, if we're getting comments from (for example) nntp.slashdot.org couldn't that still create it all on demand?

Greg

Re:Releash Slash!

[Jburkholder]

Good. Now can we finally move on?

I mean really, it's true that it was kind of a contradiction that not releasing the source for the site that openly supports open source, but the hysteria and trolling around it was too much.

So, you've won. Slash is released. Time to move on to some other all-important issue to bitch and whine about at -1 on every thread. What will it be? Where will all the complainers focus their hostility now? LinuxOne? RedHat? George Lucas? Hot grits?

Lots of (negative) energy floating around out there now without a single purpose anymore. What an opportunity to re-direct all of than onto some new life/death cause!

Sheesh.

Re:A request

[Foogle]

This is almost not a bad idea. I don't know how much strain it would place on the service (which IMHO needs to be improved anyway), but customizable censor-rules would be kind of neat. I mean, it wouldn't be censorship really, just a more potent form of browsing at a higher level. That way you could still read posts at 0, but you wouldn't have to hear all the crap about Natalie Portman and whatever people are pouring down their pants nowadays.

-----------

"You can't shake the Devil's hand and say you're only kidding."

Re:Releash Slash!

[hattig]

Today will be the day that Microsoft files for Chapter 11 at this rate... after cancelling Win2000 because it doesn't perform to the kind of standard that they want it to. Office 2000 will be released for Linux under the GPL.

Sun will suddenly release Java under the GPL or BSD licensing schemes.

Intel will slash chip prices across the board to just above fabrication costs.

Music will become free for anyone to download and play. Movies likewise.

All governments will merge into one big global mega government and suddenly world peace will occur.

Futurama will get funny.

~~

Re:A request

[quadong]

"I am pouring hot gr1ts down Natolie Port-man's pertifi3d pa|\|ts!"

A lot of good your troll filter did there, huh?

Re:Simple. Use regexps.

[quadong]

Yeah, and when your exhasustive method starts blowing away perfectly legitamate posts because they make reference to the new RIT5 encoding method (or ATA13 drives or something) you'll feel really clever. There is no way you will institute a filter that will catch all trolls and only trolls. Even catching a few trolls and only trolls is a challenge. The best you can do is search for posts that repeat the same long string over and over again. This is the only troll catcher I can think of that isn't likely to start tossing good posts.

Re:SlashDistro? SlashoColo!

[speek]

You *know* it's coming to ISPs. You *know* "personal slashdots" are coming...

Hmmm, with that many "slashdot's" around, wouldn't it be nice if they could all work together somehow? To create a meta-slashdot network? All user-logins are shared, moderation totals are shared. Popular slash sites can become slashboxes at other slash sites. Submissions can finally get moderated themselves, and moderation totals can go higher than 5 allowing for slash-search sites that return the most popular posts of the day, culled from all registered slash-sites...

I could go on....
Open source is great :-)

Re:Portability of Slash

[PotPieMan]

I believe that deusx (the original poster of this thread) was saying that Slash is very specific to the Slashdot site. I haven't looked at this release yet, but Slash 0.3 was arguably very specific to Slashdot. Indeed, there were no configuration files in the 0.3 release that could be easily tailored to your site (and I doubt there are any in this release).

That isn't to say that it is impossible to configure Slashdot (or a Slash-based site), but the time involved is much greater. Add to that the fact that Slash, out of the box, was designed to run under mod_perl with mysql running the backend database management. I would assume that CmdrTaco, CowboyNeal, nate, and countless others edited and compiled much of the afformentioned software to work with Slash better. Slashdot runs as well as it does (I'm not being sarcastic) because the site admins have worked at it for so long. So, part of it is changing the locations of files, generating tables, etc. A lot of it is the actual implementation of the code so that it runs.

Can we use 'X-priority' to sort by Score/Priority?

[stefanlasiewski]

News Access for /. is a really good idea (Something I've been thinking about for a while, but don't have the experience or time to do). I'm glad someone else thought of it.

Netscape Newsreader uses 'X-priority' headers to rate the importance of a Message. This Priority is set by the sender when they send out a message via NNTP or Email. The Receiver can click a button on their buttonbar to sort the message by Priority.

'X-Priority' could be used to translate ./ scores to a an Importance Ranking. If we translate the Slashdot Moderation score to the X-priority like this:

X-Priority...........Slashdot Score

Lowest: 5...........-1
Low: 4...........0,1
Normal: ?...........2,3
High: 2...........4
Highest: 1...........5

.. Viola! You enable certain newsreaders to organize the ./ News based on Importance.

Sure, it's lacking in features (For example, it does not distuinguish '3, Insightful' from '3, Funny'), but it works on a basic level.

I don't have Mozilla up and running at work, but I assume it supports some sort of Priority. MSOE 5 doesn't use Priority headers for News (It has 'X-MSMail-Priority: High|Low' for email).

Whaddya think?

-= Stefan

Re:SlashDistro? SlashoColo!

[PurpleBob]

Of course, there would have to be meta-Slashdot moderators, because otherwise someone could set up a slashdot where they do nothing but moderate up their own posts. So that entire slashdot would have to be moderated down.

And if you get enough Karma on various slashdots, you could become a meta-Slashdot moderator, moderating other Slashdots up and down, but then of course there would have to be meta-meta-Slashdot moderators to control them. And if one of these meta-meta-Slashdot moderators says that to moderate a certain Slashdot down because its meta-moderation system is faulty is an unfair moderation, he's meta-meta-meta-moderating (M4). Whee.

The whole problem here is that someone - a metagod (M[infinity]) - would have to run the meta-Slashdot. And what if people don't like the way it's run? Does he have to be moderated by a metagod-moderator (M[infinity + 1])?
--

Re:Releash Slash!

[dennisp]

and we all live unhappy in utopia forever and ever ...

slashv1.3.tgz...

[NoWhere+Man]

This came as a surpirse to me because 6 months back I went looking for a more updated version then pre0.3. I went to filez.com (when it was still up) and found a bunch of sites (like ftp.cdrom.com) that had versions of slash code at 1.3. I even have it lying around on my HD still. Does anyone know if this is Slashdot.org code? Or someone elses similarly named code for another program?
If you want a copy, email me (nicksworld@netscape.net), I'll send it to you as quickly as I can.

Re:SlashDistro? SlashoColo!

[dsplat]

The cost of eyeballs just went up--thanks, guys!

I have two comments on this. First, I have long insisted that any closed source product that is not at least as good than an open source alternative is defective. Second, you are right in your comment. Slashdot has set the standard. And since they are using the GPL, other sites that want to use the code will have to GPL modifications. It is just possible that this will lead to improvements. As much as I respect their work, the guys at Slashdot have to eat, sleep, and post articles. They can't be coding round the clock.

Re:Someone make Bruce a sign to wave!

[technos]

Proposed signe for Bruce Perens to wave

'Look at the Gimp' complete with a logo of the Gimp.
'I love you, Hemos!'
'Does anyone have a tubesock I can borrow?'
'Me, you, and ide.c. Lets get it on!'

Simple. Use regexps.

[Zipo+Bibrok+5e8]

Set up filter expressions like these:
[Gg]*[Rr]*[iI1]*[Tt+]*[Ss5]
[Nn]*[Aa4]*[Tt+]*[Aa40Oo]*[Ll1]*[eE3]
[Pp]*[Oo0]*[Rr]*[Tt+]*[Mm]*[Aa4]*[Nn]
[Pp]*[eE3]*[Tt+]*[Rr]*[iI1]*[Ff]*[iI1]*[eE3]*[Dd]
[Pp]*[Aa4]*[Nn]*[Tt+]*[Ss5]
Score a certain amount for each of them, and toss out posts above a specified score.

But what will theTrolls do?

[Jack+William+Bell]

About time. I was getting really tired of wasting moderator points in moderating down the "Rob is a hypocrite because he won't release Slash." Trolls. I guess those folks will have find something else to bitch about. Or else return to making obtuse comments about grits...

Jack

Re:now hopefully...

[TheCarp]

While I agree about the stupid trolls...I
just have 2 points about DOS and Script Kiddies.

A) (As others have said) If there are holes, they
will be found and fixed. Not a big deal. An
activly exploited hole can only survive for so
long.

B) Slashdot becomes saturated and stops responding
for at least an hour a day or so anyway.
The place is so popular that reading it
amounts to a DoS attack. What more could a
malicous attacker do? how much MORE slow could
you make it (try accessing it around 1 pm (EST))

Where are the karma points?

[jw3]

So. Is it the new version of /.? I remember, some time ago it was possible to look at someone else's karma. I mean - what's the reason of karma points if I can't boast about it? HELLO! I want all the world know that I have, um... oh, forget it.

Seriously, though, it happened to me several times lately that I get posts with high scores displayed underneath a couple of "Score 2" posts. Yes, I reloaded the page, stating explicitely that I want "Highest scores first". No, it wasn't a "4" response to a "2" article.

Least but not least, I want to express my outmost joy about having the possibility to read /. and seeing it developed. I think /. i a precursor of future shape of Usenet-like forums: self-moderated discussions with a configurable look&feel.

Regards,

January

Re:Perl eh? Sure - Cold Fusion

[tdenkinger]

If you don't, wouldn't Cold Fusion be the easiest embedded HTML language to use? Consider that Allaire is close to release CF for Linux.

I used Cold Fusion for years on the unmentionable operating system and it is easy to pick up and use. Unfortunately, it lacks the ability to easily encapsulate and abstract and encourages the use of global data; complex applications can quickly become festering pits of misery.

The perceived simplicity of the "language" also encourages people with poor programming skills to use it for everything. I once met a guy who wrote 2000 lines of Cold Fusion to parse text files. I was horrified. One of the other developers rewrote the code in about 100 lines of Perl.

Honestly, I never want to go back to writing Cold Fusion. While it is similar to Perl in that you can write quick and dirty web apps with it, Perl has the ability to let you go beyond the quick and dirty.

Troy Denkinger

Re:Mirror

[Lucabrasi]

Another mirror here: http://www.y2brand.com/slash/

Re:Perl eh? Sure

[jjohn]

There are lots of ways to use Perl effectively to build and maintain sites. I used modules and mop_perl for my Aliens, Aliens, Aliens site. Most of the functionality comes from a single module which is used by various scripts which access particular tables.

However, if I had to build it again, I would have gone with HTML::Mason, which is a very powerful embedded perl system, like PHP, Cold Fusion, ASP, Zope, etc. It is open source and very nice if you already know Perl. If you don't, wouldn't Cold Fusion be the easiest embedded HTML language to use? Consider that Allaire is close to release CF for Linux. 8-)

In the end, any system which helps you the programmer separate form from functionality is the tool to use. The days of hard coding perl scripts to generate HTML are over, I hope.

Re:now hopefully...

[Psiren]

just hope there arent any holes for script kiddies to find and DoS

A very good point. The trolls and first posters are annoying enough, but bringing the site down every five minutes would be very easy if there are holes in the code. Is this something that was considered before the code was released? I know security through obscurity is not generally thought of as security at all, but this would only make it easier for the arseholes of this world to wreak havoc.

Like it or not, Slashdot is now a relatively well recognised place, and in general our opinions make themselves felt. What would happen if it was brought down?

"Sir, I'd stake my reputation on it."
"Kryten, you haven't got a reputation."

And now try to make them happy that they did it!

[tilly]

Here is the letter that I sent to do my part...


What does this do?

1. I fixed the bug which meant that if you typed &nbsp;, previewed, then posted your post did not match your preview. (I needed to add a new stripByMode mode for this.)

2. I fixed the bug that made exttrans the same as plaintext.

3. I added a nice feature that allows people to indent lines just by indenting their submitted text. (eg If people try to paste Python code, it will now display.)

4. I made a minor modification to make the displayed comments a little easier for humans to read.

5. I modified your "Reduce the count of multiple lines" to not just reduce them by 2/3, but to actually keep them to a max of 2. I made them substantially harder to fool.

All in all little stuff that had been bugging me for a looong time...

My stupid email may cause these diffs to wrap. Make the obvious fix by hand if it does...

First the diff to public_html/comments.pl

$ diff -u comments.pl.00.01.26 comments.pl
--- comments.pl.00.01.26 Fri Jan 21 10:42:01 2000
+++ comments.pl Wed Jan 26 14:34:10 2000
@@ -219,7 +219,7 @@

"</td></tr>\n";

print "<tr><td align=right valign=top>Comment</td>";

print "<td><textarea wrap=virtual name=postercomment rows=10 cols=50>";
- print $$F{postercomment};
+ print &stripByMode($$F{postercomment}, "literal");

print "</textarea><BR>(Use the Preview Button! Check those URLs!

Don't forget the http://!)</td></tr>\n";

print "<tr><td> </TD><TD>\n";

Now to Slash.pm

$ diff -u Slash.pm.00.01.26 Slash.pm
--- Slash.pm.00.01.26 Wed Jan 26 13:18:55 2000
+++ Slash.pm Wed Jan 26 14:54:28 2000
@@ -1175,14 +1175,20 @@

my $str = shift;

my $fmode = shift || "nohtml";


- $str=stripBadHtml($str);
- if($fmode eq "plaintext" || $fmode eq "exttrans") {
- $str=~s/[\n]/<br>/gi; # pp breaks
- $str=~s/\<br\>\<br\><br\>/<br><br>/gi;
- } elsif($fmode eq "exttrans") {
+ $str =~ s/(\S{90})/$1 /g; # Stupid fix for long lines
+ if ($fmode eq "exttrans" or $fmode eq "literal") {
+ # Encode all HTML tags

$str=~s/\&/&amp;/g;

$str=~s/\</&lt;/g;

$str=~s/\>/&gt;/g;
+ }
+ if($fmode eq "plaintext" or $fmode eq "exttrans") {
+ $str=stripBadHtml($str);
+ $str=~s/[\n]/<br>\n/gi; # pp breaks
+ $str=~s/(?:\<br\>\s*){2,}\<br\>/<br><br>/gi;
+ # Preserve leading indents
+ $str =~ s/\t/ /g;
+ $str =~ s/\<br\>\n?( +)/"<br>\n" . ("&nbsp; " x length($1))/eg;

} elsif($fmode eq "nohtml") {

$str=~s/\<(.*?)\>//g;

}
@@ -1195,7 +1201,6 @@

{

my $str = shift;


- $str =~ s/(\S{90})/$1 /g;

$str =~ s/<(?!.*?>)//gs;

$str =~ s/<(.*?)>/approveTag($1)/sge;

Cheers,
Ben

Releasing both produces and counters this issue.

[Christopher+Thomas]

A very good point. The trolls and first posters are annoying enough, but bringing the site down every five minutes would be very easy if there are holes in the code. Is this something that was considered before the code was released? I know security through obscurity is not generally thought of as security at all, but this would only make it easier for the arseholes of this world to wreak havoc.

Releasing the code does indeed make any security holes visible for outside attackers to take advantage of. However, the flip side to that is that it makes any security holes visible to honest people who will either point them out to the dev team or send patches themselves. Because of this, most vulnerabilities should be transient at worst.

Re. security through obscurity. That will certainly work in the short term, with much less effort on the part of the dev team. The problem is that security holes will eventually become known, which means that the code will have to either be fixed or thrown out after a finite and probably shorter-than-expected time period. The argument for this is that it may still be less work to re-write the code every n months than to find and patch security holes as they are exploited. The argument against this is that with visible code, you have a vast army of users augmenting your dev team's efforts.

Which is better? I can think of cases in which each would be clearly the best option. In most cases, though, you just wind up with a Holy War on the subject.

Another Shameless Plug

[thedude]

Well, considering how people were mentioning wanting a php-based slashdot earlier I guess I should plug phpslash Seeing as I work on it and all:)

It's not slash0.9, (based on slash0.2 with improvments) but it's in php and in resonable development with plans to add all the current slashdot goodies.

Re:Problem with GPL websites

[Zaffle]

The problem with releasing a website's code under the GPL is that it's entirely possible for someone to use the code without distributing it -- what's distributed is the content generated by the code, not the code itself (or binaries thereof). This is the same problem with GPLing optimizing compilers, and it hasn't prevented anyone from releasing plenty of compilers, but it is an application where the GPL might not be ideal.

True, but look at it from slashdots point of view. I doubt they will intergrate many features created by the public into their codebase. I've talked to Malda a number of times about new ideas and most of the time hes said that he isn't interested in putting xyz into slashdot.

The only thing they will loose if someone takes slashdot, and uses it on their own site, but doesn't distribute it, is any changes this person made, and any bug fixes.

Esentially here, slashdot (unless they've had a change of heart), don't want the community developing it for slashdot. (Yes, they don't mind the community developing the slashcode for themselves, but its unlikely they will incorperate many ideas into slashdot).

There are some really neat features that I'm sure the slashdot crew will incorperate, but I suspect they don't care that much if someone comes up with a new slashdot mod but doesn't distribute the modification.

If I were CmdrTaco, and last time I checked I'm not, I'd release it under the GPL, then fork the code. Have the pure slashdot code that I maintain, and let someone else maintain the public slashcode, that gets all the neat features added in. And if i saw a feature I liked, get a patch and add it to my slashdot.

---

Jolly good show...

[dillon_rinker]

I must say, I was beginning to think that the corporatization/borgification of /. had begun. Given the lack of progress up to this point, I figured that Andover would copyright the code, patent the moderation system (and I think it IS patentable) and would begin licensing the software to other discussion sites. Glad to see I was wrong :)

And there's also the Zope competition coming

[ppetru]

You should not forget about Squishdot (runs on top of Zope). While it still has a long way to go, it's quite usable. It runs on technocrat.net, if you want an example.

Problem with GPL websites

[/]

The problem with releasing a website's code under the GPL is that it's entirely possible for someone to use the code without distributing it -- what's distributed is the content generated by the code, not the code itself (or binaries thereof). This is the same problem with GPLing optimizing compilers, and it hasn't prevented anyone from releasing plenty of compilers, but it is an application where the GPL might not be ideal.

Congratulations all the same.

Re: PHP

[Phrogman]

I would be very upset and very happy if they released a PHP-version of /. - I am currently in the process of programming my own site (modelled in part on /.) using PHP. If the current release were executed in PHP I would have release from my programming woes (setting up and managing the messaging system) and new woes - incorporating in those elements that I have already created.

Honestly, I was stunned by the cleverness of the Slashdot design the first time I saw it. I have learned more about PHP through trying to recreate those elements I like myself than I ever would have learned by simply configuring it to work. By programming it myself, using PHP, I have not only become very comfortable in PHP but I am building a far better site as a result. Originally my site was a directory of websites with an attached message board (which saw too little use) - now it will become a more tightly integrated combination of both. The directory portion - with attendant management tools on the Admin side - is complete, the remaining elements focus on the most difficult section - the messaging and topic creation system.

Once I have a fully functional website with the minimum of required elements in place then I can begin to study how the moderation system, and other elements of Slashdot work.

It would probably be far quicker for me to simply download 0.9 and configure it for my purposes (and it may come to that) but I am so far very happy with the performance and ease of learning/use of PHP.

For anyone not already versed in perl (and even then) I would urge them to explore PHP if they are engaging in dynamic website design.

Sorry I can't place a link to my site but its not ready for viewing yet - it looks pretty and some portions work but there are major holes in it. I think I will be ready to unveil it as beta inside of a month or so with luck.

The Slashdot Source Release Procedure (C)2000 Rob

func ReadEmail () {

while (email >> RobsMind) {

if (Mail.Contains (("slash" || "slashdot") && "source")) { TimeToReleaseSource += 24; MoveMailTo ("trash");
Insult.Flame ("community that made Slashdot what it is");
}

else {

MoveMailTo ("trash");
JackOff ("two goddamn hours");
}

}

SmokeMoreCrack (hellyeah);
KissAssAtAndover (hellyeah);
return NothingToCommunity;
}

SlashDistro? SlashoColo!

[Effugas]

In what's sure to make Ye Olde Taco throw down his hands with grief(lets not even talk about Neal and Pat, whose entire faces are only moments away from contorting into paryoxysms of fear, rage, and inevitability)...

Next up is the SlashDistro.

Maybe it'll be Mandrake, maybe it'll be Redhat, maybe it'll be the next jaw dropping creation from a couple of sixteen year olds, but we're going to see something you slap onto a spare server that gives you your own personal Slashdot, preinstalled.

You *know* it's coming to ISPs. You *know* "personal slashdots" are coming, at minimum, to dedicated Colos, and soon, everything from Geocities to whatever.

There have been other works of Weblog sites and software, but nothing as feature complete as Slash. The cost of eyeballs just went up--thanks, guys!

Homestead's already done some stuff with integrating Palmpilots and personal web pages. The most interesting stuff I see is a total integration of the wireless experience with a the online log.

The diary strikes back.

Then again, there's nothing sadder than an empty comment field...look for the first major mod to the Slash code is topic-level threading instead of story level.

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com

Slashcode Mailing Lists Up

[pudge]

Go ye therefore to http://lists.slashdot.org/mailman/li stinfo.cgi and subscribe to yonder slashcode mailing lists.

Re:Someone make Bruce a sign to wave!

[Bruce+Perens]

OK, Rob, I'll be there. Can you pick me up at Laguardia Airport, U.S. Airways Express terminal, 11:20? And I'll make my own sign.

Thanks

Bruce

How close is it though?

[Zaffle]

How close, other than the mentioned slashboxes, is this to the real thing(tm).

I suppose you could sum it up two ways:

Is it bug for bug the same?

If we come up with a new amazing idea that is so amazing CmdrTaco instantly wants to put it in, will our patch to the Slash v0.9 go straight onto the real site, or is Slash v0.9 a total rewrite from the current running slashdot on slashdot.org?

---

OT? Improvement suggestion

[Taurine]

In meta-moderation, the message at the top of the page states that duplicates are fine. I say _some_ duplicates are fine. I understand that one is moderating a moderation, not the displayed comment. But as the moderation is a discrete value, it really should be the case that if several people moderate a comment as, for example, Interesting, then only one instance of Interesting should appear on a meta moderation page, and a meta moderation of Fair or Unfair should be applied to all the moderations with the same value. This would further increase the amount of meta moderation done without adding any user effort. Maybe I am just unlucky, but I see this kind of duplicate almost every day.

Releash Slash!

[Frac]

Release Slash! oops, done.

well um, save etoy.com! oops, done too.

then find the mars polar lander! oh, we have signals too! damn, everything is getting resolved today. Guess there won't be news on slashdot tomorrow. ;-P

Perl eh?

[KillBot]

Is this the appropriate time to drop a shameless plug for your weblog? :) I remeber reading some time ago that perl was chosen because of its efficiency with all the string manipulation and stuff while being easy to develop at the same time. I've found that php has worked wonderfully for my purposes (although I get nowhere near even a fraction of the traffic that /. gets) and that it's much more easy to develop in. There seems to be a function for everything in web development, and it has a mostly perl compatible regexp function (and a few of its own). I've tried php4 (for speed tests), but it broke a few of the regexp functions that we had in place. So, to get to the point, what do the people feel is the best language for writing such a weblog in terms of efficiency and development time?

And here's my shameless plug - Digital Theatre News

Re:Perl eh?

[Hemos]

When Slash was written, the main core of it rather, PHP wasn't where it is now. Perhaps if PHP had been better developed at that point, we would have used it - but it wasn't, so....

Re:now hopefully...

just hope there arent any holes for script kiddies to find and DoS /. now that the new code is out

I'm sorry, sir? Is sir perhaps suggesting that opening up source code helps attackers to exploit security holes? Has sir not read the words of Bruce Schneier ? Is sir not aware that keeping source secret is the way to make it easier for script kiddies to discover security holes? Despite what sir thinks, sir will find that skript kiddies prefer to scrutinise binaries for security holes, spurning such vulgarities as source code. As Mr Schneier has pointed out again and again, the only way to be truly safe from DoS attacks is to be repeatedly DoS'd again and again until everyone loses interest ^H^H^H^H^H^H the community helps patch the holes.

This move is a punch in the nose for the "security through obscurity" movement and a shining vote of confidence in the "open source security model". Inspired, I have carried out the following moves to purge my life of "security through obscurity".

I hereby announce that my home phone number is +34 0191 429 7342. I hope that this will protect me from telemarketers.

My userid is "admin", and my password is "goyoujets", thus securing my website.

My financial details will shortly be published on the web, so that the "community" can help to protect me from tax audits. I am currently evading around £20,000 of VAT per year, and would appreciate help in fixing this bug before HM Customs and Excise throw me in jail.

And my medical records will be made public as soon as I can persuade my doctor to co-operate. This will cure me of all known diseases.

Follow my example! Open-source your life today! Bruce Schneier has!

Re:Someone make Bruce a sign to wave!

[Roblimo]

I'll have my (white) limo at LWCE, we'll have a sign for Bruce to wave as he stands in the sunroof, AND Emmett will be there with a brand-new Sony digital Hi-8 camcorder to make a permanent record of Bruce making a spectacle of himself, which we will post online for your downloading and viewing pleasure.

(All this is "weather permitting," of course.)

;-)

- Robin "roblimo" Miller

Mirror

[maelstrom]

I've put a mirror up at http://shiftq.linux.com/~mmichie.

Enjoy. After all, I'd hate to see Slashdot get Slashdotted (I need to feed my addiction dammit)! :)

Re: Corrections to CVS instructions (read this)

[Kurt+Gray]

I'm going to abuse my karma /and/ attach this to a highly-rated early comment so hopefully enough people will see this. Here are better CVS instructions then what we have posted at Server 51 (which I'm working on):

1. cd into a directory you want to download the slash source files to.
2. cvs -d :pserver:anonymous@cvs.server51.freshmeat.net:/cvs root/Slash login (anonymous password is blank -- just type return)
3. cvs -d :pserver:anonymous@cvs.server51.freshmeat.net:/cvs root/Slash co slash
4. cvs -d :pserver:anonymous@cvs.server51.freshmeat.net:/cvs root/Slash logout

Kurt
Server51.freshmeat.net

Someone make Bruce a sign to wave!

[Driph]

[(quoted from Bruce Perens IRC Interview)
"Q: If we release the Slash code, will you paint your car yellow? (Submitted by roblimo1)

A: If slashdot releases the slash code as Open Source, Roblimo can drive his limo to LinuxExpo New York, on Feb 2nd, park it in front of the Javitz Conference Center, and I'll pop out of the sun roof and wave signs at people saying that "Slashdot code is now open source", and in general make a spectacle of myself. ]


Well now. I believe we can all forget the bantering concerning politics and reasoning behind this release. The above statement is validation enough in itself.

See ya all at the Expo! :]


________________________________________________ _____________

Thanks, guys... This must've been a lot of work!

[deusx]

First, thanks to the guys at SlashDot for the release, and for making the damn thing in the first place.

Second, either thanks or a big ole kick in the nuts to all the trolls and me too'ers who jumped on hounding CmdrTaco to release the source-- I haven't decided which yet. You guys were ruthless, and though I think you all are patting yourselves on the back on "making this happen," I somehow think that this was in the works for a bit longer than the latest round of fervor.

How many of you asking-- demanding!-- for the source to be released, have an Open Source software project of your own out there? (I do. It's the Iaijutsu Web Application Framework Project, also on SourceForge.)

Now I'm not asking this to say "Ah hah! Go make a release of your own before you throw stones!" However, it would be nice if you knew what it were like. I suspect there weren't a large proportion of people in the outcry who actually to have active Open Source projects out there. I tend ot think that those people who DO have projects going out there were going easy on the guys at SlashDot.

Why? Because making a release is HARD WORK, *especially* if your web application project has come to be tightly wedded to the machine it's running on and is not particulrly general to install on others. It's *especially* tough when you have a day job that takes up a lot of your time, such as oh say, running a major Internet destination for news and information. Most times its easier to just put it off awhile..

BUT!! You say. ESR told me to release early, release often! And I believe this-- but look at what happened to Mozilla. It's working now, but it took awhile-- they released *too early*. I truly think there *is* such a thing, release too early, without a clean enough package, without enough documentation, and people will bitch just as much to you about your crappy tarball as they have been about you not releasing earlier.

This isn't *POOF* "Sorry guys, I've been a prick, I guess I'll release all the top secret RPMS, Debian packages, tarballs, and 100 pages of docs and man pages I've been sitting on." There *is* a bit of work to be done to 1) Even get SlashDot code pried out of the machine it's running on, and 2) Package it up so that you can wedge it into your machine, and 3) Make it look vaguely like something someone other than CmdrTaco can understand.

Now I know a lot of you are going to say, screw you, I would have loved to have just the pure pile of steaming dung of random code SlashDot may be RIGHT THIS SECOND. (Apologies to SlashDot, but I've gotten the impression that tho it works well, it might not be pretty. :) ) But you know, that's really the author's perogative. Sometimes, you have a lil pride in what you want to show people.

I also know that, even tho you hopeful conumers of raw unpretty code may say you exist out there-- I know that there'll be just as many who download it and e-mail CmdrTaco "i cant get this Slish thing to do c00l stuph on my 31337 LinuxOne machine". So there's a support issue involved, even if you say you're not going to support it. So you have to have *some* answer to it, even it it's just taking a bit more time in the packaging, docs, and commenting to stave off some confusion.

So, have fun with it, and *please* try to go easy on the author of the release now that it's out... He's been called every name in the book, whil probably working his ass off. The last thing he needs now is a billion questions and everyone to say, "You know, this wasn't that cool after all, Slashdot code sucks!"

:)