Yes, Laura Dido is thoroughly discredited in the SCO story, not because she is a blind fanatic of the SCO brand, but because she fell for their "look, our uncredited BSD code matches their code" story in the great SCO "smoking source" debacle.
But she appears (according to groklaw) to be unrepetant; she thinks they have a case and she thinks linux has a shadow hanging over it. She can't admit she was mislead/gullible/wrong, because it does the consulting group no good.
While I agree with you, I think the correct metaphor would be, if MS were to make a free version of Office that you werent allowed to critique MS on, but you could with a free version. And -and here is the most important- you couldnt use the free version if you were a potential competitor to MS.
What always irritated me about the license was that writing anything that constituted a distributed, versioned repository could be an infringement. So a good P2P filesystem could qualify, or a good versioned netwokr filesys (e.g. something like Rational/IBM ClearCase)
Now that Bitkeeper is out the way, hopefully somebody can write the filesys of the future:)
As the author of a non-ORA book, I worry that if thing becomes the "one stop shop" for Java content, then it will refer the viewers only to the ORA books. Which, as an O'Reilly site, they are free to do. But this is exactly why independent sites -CPAN, CTEX are better -no half-hidden agenda, other than the technology itself.
Also (and the codehaus people are involved with it, as are the apacheprojects, is the maven repository at ibiblio.org.
OSS project binaries are there -ready to use, with a well known layout (project/jars/artifact-version.jar). So under http://www.ibiblio.org/maven/ant/ live all the ant stuff, and if I know I want 1.6.2, its URL can be constructed.
The nice thing about this is tools can construct and use them automatically. Maven does this already, Ant1,7 will do so later in the year, as will the SmartFrog deployment framework (disclaimer, I work on both the latter projects). All three projects share a common local cache: once something is downloaded for one project (and authenticated), anything else can use it too). Maybe this will be an end to classpath hell. Or a globalisation of it.
But remember to raise the trust levels of "trusted zone" to "medium", to stop you running unsigned controls against from any site that pretends to be in the MS domains,.
I'd love to see Frame on linux. They ship it for solaris, so a linux port isnt hard -they just need to see benefit.
I wonder what the benefit to adobe was to port the (free) acroread program. Maybe everyone who paid many $£ for the acrowriteer were complaining to adobe that linux users were complaining they couldnt read the docs without being told off for using a dated version of the app. Or that adobe felt it was time to stamp out all the competition, competition for acroread that was getting too good, could print reliably, integrated with the desktops, etc, etc.
The specificness here is that the ActiveX control that comes with windows media isnt smart enough about handling running in an untrusted container.
there are win32 api calls that manage this (you have to implement some other interface in your COM object to get told about security zones), but nobody ever does.
ActiveX is the underlying problem here. They took something that worked in a constrained role -OCX controls for adding functionality to VB apps, and made them -as you note- scriptable by web pages.
the worst part: they dont give up. Even IE6SP2 leaves activeX at "prompted" in the internet zone. Since windows update sites are in that zone, you cannot run windows update without saying yes to prompted downloads. If you disable AX in the internet zone, bye-bye security patches. I despair.
1. Remember that jvm and library is different. There are good OSS JVMs, but the libraries are a trouble spot.
2 All the main OSS libraries build and run on Kaffe, including things like the SWT window toolkit, xerces parser, etc. Look at the Gump to see how well it is going: http://brutus.apache.org/gump/kaffe/
3. A lot of focus in the gump/ant dev groups is about improving gump builds. If we can clean build the OSS stack on the OSS platform, we will be independent of Sun.
4. the big issue with libraries is testing compliance. One thing we want is for sun to open up the TCK for Java so that OSS implementations can test against the official java TCK
5. Although the TCKs are opening up, it is patchy and trouble. TCK access is only under NDA, which makes it hard to broadly test and debug, which is what OSS relies on.
I sent email via faxyourmp to my EU members of parliament, one UK independence party (hates the EU entirely, along with anything foreign), and the Liberal Democrats
I havent heard anything back from UKIP, which surprises me -I thought they'd be "the EU is evil, here is why".
The lib dem MP gave some patronising guff about technical innovation and "balancing the needs of large enterprises and small businesses", nothing about consumers, OSS developers, etc.
But he did say they had voted to send it back, and were miffed at the response. They werent letting it lie, as it was a sign of a broader power struggle between governments (council of ministers) and the EU parliament itself.
Throttling might be detectable too, because QoS data may stay on the packet (dunno, that is too low level for me).
But imagine if you just drop packets intermittently? Especially after a few minutes, when normal testing would have checked everything off as successful.
any UDP system would have dropouts, and I assume VoIP is UDP for the latency.
This hurts
on
QA != Testing
·
· Score: 2, Insightful
I can see the problems this creates. Dev teams blame QA for being fussy; QA hate the dev team for releasing such junk.
We have to embrace test-centric development more. JUnit, CppUnit, PyUnit, they make it easy to write tests. But to convince the developers to write good tests, that is another matter. I often find it is harder to write a decent test for something complex than it is to implement the complex thing, but without that test, how do you know it works?
Show me your regression proofs then :)
on
QA != Testing
·
· Score: 1
I know testing only shows the presence of trouble, but if fully automated, you can first replicate a problem, and secondly show it has gone away,
Whereas proofs of correctness need to be redone every time you change code.
Test-centric dev (XP, the Agile methodologies) is standard in Java Dev these days, and there are good Python test tools too. Its a shame that C++ has lagged a bit, though CppUnit works well.
We have used CppUnit to test code, with CruiseControl (on sourceforge) to check out, rebuild and retest the app *every* time something changes in CVS. This is the future: you know all your tests work, all the time.
Agreed. and UML support in MS Visio is even worse.
I've played with Umbrello a bit, but not enough to find out its limitations.
One thing I like to do is treat all deployment problems as tests, and write automated health checks. Example -if the filestore's clock is on GMT but the server is in PDT, files get deleted as out of date by the scheduled cleaner upper. After the fix. we wrote junit tests to create files, check the time, fail if they are different.
Now, such tests only work after the fact, but once you start rolling out your code to multiple hosts, the same things do go wrong, and regression tests of deployment state start to pay off.
I seem to recall 1394 on the roadmap for Intel's southhubs bak in 1997 - I was working at a bay area PC vendor at the time, so we used to get all the NDA covered books. Firewire would have brought in data fast, which would have generated CPU load for things like DVI editing, which would have generated CPU demand. Intel thrive on CPU demand, above all else.
Where USB is Intel-centric is in the fact that it is hub and spoke, not P2P. There always needs to be a hub in the connection, which is where the PC fits in. 1394 lets you do fun things like hook up two devices and share data, no pc inside.
If 1394b had also taken off in the consumer space, my back-of-TV infrastructure would not be the mess of SCART, SVHS, Analog and SPDIF cabling that I'm scared of. But either apple or the MPAA got in the way; there is only one 1394 port on the DVD-R, and it is input only. We'll have to wait for gigabit ethernet to become common on home AV kit for that universal home network to become real.
Incidentally,
1. WinXP lets you run TCP over firewire at about 30 MBps (for a 100 or 200 mbit card)
2. WinXp does not support any firewire cards built on chipsets that have promiscuous mode. PCs dont ship with firewire cards that enable sniffing, even with other operating systems installed. that really sucks. I do have some of the older cards around, for just such emergencies.
Back in 1997, Firewire was going to be the connector everywhere in PCs, in and out. IDE, SCSI, external -all 1394b. Even laptop docks
But then apple demanded $1 per port, which would mean $5-$10 per PC, plus something for every peripheral.
The result: USB2.0. That's right: USB2 came into existence primarily because of Apple's pricing strategy for 1394 ports.
So it is kind of ironic that they are not shipping firewire on ipods to better serve the PC market. If they hadnt got greedy, there might not be a USB2.
I went from RH9 to SuSE: we run a SuSE9.2 only house here.
The problem I had is that even though I could get my "enterprise" employers to get a copy of RHEL for my work desktop, I had the home systems to think of. I dont want inconsistencies across them. And as I run VMWare regularly, I needed an OS that VMware supports. VMware dont support fedora -why should they: even redhat dont support fedora?
I've moved on, and I don't regret it. RedHat may have the best linux brand in America -and a good engineering team, but their product strategy seems doomed. You cannot act like microsoft in the Linux market, because the cost of switching from one linux distro to another is so much less.
well they can do traffic analysis. but once your app and screen saver also exchanges random encrypted packets with other nodes in the swarm, how are you going to tell which is "their data" and which is just randomness.
I guess they could outlaw random number generators.
Well, there is this mornings critical patch for ASP.net path interpretation which could lead to remote code validation.
More to the point, Win2K's installation of IIS was hopelessly insecure. Think of Code Red. Why did it spread? Because IIS exported all your printers using IPP by default. And because IIS is architected so that most of its extensions run as DLLs in the same process as IIS. So crash some plugin, you are running as root. Now, I know that really you can run as COM+ things in a COM+ process for better lifecycle and security, but dont know how good it us.
IIS6 on win2K3 is a lot better, but that is because IIS5 was so bad.
I reviewed two 'how to use Java Web Servies' papers last year that were due for online publication, both were vulnerable to SQL attacks.
now, this wasnt production code, but if people showing developers how to write a fancy SOAP endpoint to existing code dont mention that there is no validation of data, do you think readers will remember to do it?
You make some good points. Nobody does use unmanaged BTW, its just too painful. There is one thing wore than it: managed C++.
One thing though, neither Java or.NET have any notion of tainted data. all this security stuff does is let you run untrusted code in a sandbox, or trusted code in a secured zone to slightly limit the damage it can do.
But neither language has the idea of marking strings or other data that came from an untrusted source, the way Perl does. Which is odd, as both Java and.NET have so far succeeded server side.
Compared to Perl, Java is insecure as you can too easily fall to a SQL string attack, either in your web page, or, heaven forbid, Web Service.
JNI is the second edition at a Java to C++ API. It is the underpinnings of every binding from Java to platform there is, not an afterthought for applets (though Netscape were involved). If you don't use it much in your code, it's because other people (i.e Sun) do it for you. They also go out their way to make it hard to do so, whereas MS, with P/Invoke and COM support, make it really easy to invoke native code *from trusted apps*.
Most.NET code that I know doesn't use unsafe either: MS go out their way to discourage you. You have to compile as unsafe, grab pointers only briefly, and then only ever get to run if your code came from a trusted place. All remote code is blocked, even that on a network share.
Where MS do care is about COM integration, about platform integration. True, there is only one platform they care about, Windows.
But consider this: Integration between Java and Linux, especially the GUI, sucks. Want decent Java/Gnome bindings? You need the third party Java-Gnome libs, which use, wait for it, JNI. Want Java KDE bindings, go to KDEJava and get the java libraries plus native code. If you want to integrate with the OS, you need native code, which means JNI.
The fact that JNI is pretty rare can be seen by the fact that Gnome, KDE and drag-drop integration with the rest of the Linux GUI is pretty much nonexistent.
I think the FUD Sun are saying about "unsafe" is so bogus. If they want to slag it off, just pick on the.NET APIs, too much of which are thin wrappers around Win32. OR the fact that the.NET runtime needs IE6 installed, and IE6 is the web browser component for.NET apps. OR the fact that ASP.net is built on IIS. Those are security holes. Windows is a security hole. ActiveX is a gaping security hole. IIS is server side disaster..NET is actually pretty secure, but its just damage limitation on an otherwise dangerous piece of junk. Its like having ABS brakes on a Ford Explorer; not enough on its own to stop you crashing and burning horribly.
The garmin protocol for GPS receivers returns lat/long as unsigned integers; i forget the range but it is something like 32 bits. Really, dont need floating point, just big enough ints. There is a finite amount of detail you need for most things, and millimetre resolution of a position on the planet is about it.
I wouldnt use Base30 compression when base64 is evern more compact. Or base 80.
If you stick to one (real) OS, then Make+Unix is a good system. Cygwin is troublesome because java is still a windows app. We get a lot of support calls there: http://ant.apache.org/manual/platform.html
I would say the nice thing about Ant is that it integrates testing and more lately deployment, plus cruise control can automate everything. IDE support is nice-ish, it does give you broad choice of IDE
> 1. I had to get the next version of ant to ask it to pass a -ea to the java compiler.
-ea? Its not a javac option. And you can add any compiler argument like with the tag. Maybe you mean the -ea enable assertions feature of the java program. yes, that didnt come out till after java1.4, but you could still do it by hand.
2. If you dont know what you are doing, yes, ant can be an ugly mess. So can make.
3. Echo the compile command line. Every try "ant -verbose"? I'm not sure it does, but remember that ant doesnt create a command line for javac; it just loads it inprocess and streams stuff by.
I am sorry that had a bad experience with Ant. Maybe you should try Maven instead.
Slashdot Mirror
Yes, Laura Dido is thoroughly discredited in the SCO story, not because she is a blind fanatic of the SCO brand, but because she fell for their "look, our uncredited BSD code matches their code" story in the great SCO "smoking source" debacle.
But she appears (according to groklaw) to be unrepetant; she thinks they have a case and she thinks linux has a shadow hanging over it. She can't admit she was mislead/gullible/wrong, because it does the consulting group no good.
While I agree with you, I think the correct metaphor would be, if MS were to make a free version of Office that you werent allowed to critique MS on, but you could with a free version. And -and here is the most important- you couldnt use the free version if you were a potential competitor to MS.
:)
What always irritated me about the license was that writing anything that constituted a distributed, versioned repository could be an infringement. So a good P2P filesystem could qualify, or a good versioned netwokr filesys (e.g. something like Rational/IBM ClearCase)
Now that Bitkeeper is out the way, hopefully somebody can write the filesys of the future
> uname -ab o i386
FreeBSD minotaur.apache.org 4.11-STABLE FreeBSD 4.11-STABLE #8: Mon Mar 21 14:40:31 PST 2005 root@minotaur.apache.org:/usr/obj/usr/src/sys/tur
>
Its interesting how many tier-1 web sites are FreeBSD based. I thought imdb.com was freebsd, but netcraft says Linux again...
As the author of a non-ORA book, I worry that if thing becomes the "one stop shop" for Java content, then it will refer the viewers only to the ORA books. Which, as an O'Reilly site, they are free to do. But this is exactly why independent sites -CPAN, CTEX are better -no half-hidden agenda, other than the technology itself.
Also (and the codehaus people are involved with it, as are the apacheprojects, is the maven repository at ibiblio.org.
OSS project binaries are there -ready to use, with a well known layout (project/jars/artifact-version.jar). So under
http://www.ibiblio.org/maven/ant/ live all the ant stuff, and if I know I want 1.6.2, its URL can be constructed.
The nice thing about this is tools can construct and use them automatically. Maven does this already, Ant1,7 will do so later in the year, as will the SmartFrog deployment framework (disclaimer, I work on both the latter projects). All three projects share a common local cache: once something is downloaded for one project (and authenticated), anything else can use it too). Maybe this will be an end to classpath hell. Or a globalisation of it.
But remember to raise the trust levels of "trusted zone" to "medium", to stop you running unsigned controls against from any site that pretends to be in the MS domains,.
I'd love to see Frame on linux. They ship it for solaris, so a linux port isnt hard -they just need to see benefit.
I wonder what the benefit to adobe was to port the (free) acroread program. Maybe everyone who paid many $£ for the acrowriteer were complaining to adobe that linux users were complaining they couldnt read the docs without being told off for using a dated version of the app. Or that adobe felt it was time to stamp out all the competition, competition for acroread that was getting too good, could print reliably, integrated with the desktops, etc, etc.
The specificness here is that the ActiveX control that comes with windows media isnt smart enough about handling running in an untrusted container.
there are win32 api calls that manage this (you have to implement some other interface in your COM object to get told about security zones), but nobody ever does.
ActiveX is the underlying problem here. They took something that worked in a constrained role -OCX controls for adding functionality to VB apps, and made them -as you note- scriptable by web pages.
the worst part: they dont give up. Even IE6SP2 leaves activeX at "prompted" in the internet zone. Since windows update sites are in that zone, you cannot run windows update without saying yes to prompted downloads. If you disable AX in the internet zone, bye-bye security patches. I despair.
1. Remember that jvm and library is different. There are good OSS JVMs, but the libraries are a trouble spot.
2 All the main OSS libraries build and run on Kaffe, including things like the SWT window toolkit, xerces parser, etc. Look at the Gump to see how well it is going: http://brutus.apache.org/gump/kaffe/
3. A lot of focus in the gump/ant dev groups is about improving gump builds. If we can clean build the OSS stack on the OSS platform, we will be independent of Sun.
4. the big issue with libraries is testing compliance. One thing we want is for sun to open up the TCK for Java so that OSS implementations can test against the official java TCK
5. Although the TCKs are opening up, it is patchy and trouble. TCK access is only under NDA, which makes it hard to broadly test and debug, which is what OSS relies on.
I sent email via faxyourmp to my EU members of parliament, one UK independence party (hates the EU entirely, along with anything foreign), and the Liberal Democrats
I havent heard anything back from UKIP, which surprises me -I thought they'd be "the EU is evil, here is why".
The lib dem MP gave some patronising guff about technical innovation and "balancing the needs of large enterprises and small businesses", nothing about consumers, OSS developers, etc.
But he did say they had voted to send it back, and were miffed at the response. They werent letting it lie, as it was a sign of a broader power struggle between governments (council of ministers) and the EU parliament itself.
Throttling might be detectable too, because QoS data may stay on the packet (dunno, that is too low level for me).
But imagine if you just drop packets intermittently? Especially after a few minutes, when normal testing would have checked everything off as successful.
any UDP system would have dropouts, and I assume VoIP is UDP for the latency.
I can see the problems this creates. Dev teams blame QA for being fussy; QA hate the dev team for releasing such junk.
We have to embrace test-centric development more. JUnit, CppUnit, PyUnit, they make it easy to write tests. But to convince the developers to write good tests, that is another matter. I often find it is harder to write a decent test for something complex than it is to implement the complex thing, but without that test, how do you know it works?
I know testing only shows the presence of trouble, but if fully automated, you can first replicate a problem, and secondly show it has gone away,
Whereas proofs of correctness need to be redone every time you change code.
Test-centric dev (XP, the Agile methodologies) is standard in Java Dev these days, and there are good Python test tools too. Its a shame that C++ has lagged a bit, though CppUnit works well.
We have used CppUnit to test code, with CruiseControl (on sourceforge) to check out, rebuild and retest the app *every* time something changes in CVS. This is the future: you know all your tests work, all the time.
Agreed. and UML support in MS Visio is even worse.
I've played with Umbrello a bit, but not enough to find out its limitations.
One thing I like to do is treat all deployment problems as tests, and write automated health checks. Example -if the filestore's clock is on GMT but the server is in PDT, files get deleted as out of date by the scheduled cleaner upper. After the fix. we wrote junit tests to create files, check the time, fail if they are different.
Now, such tests only work after the fact, but once you start rolling out your code to multiple hosts, the same things do go wrong, and regression tests of deployment state start to pay off.
I seem to recall 1394 on the roadmap for Intel's southhubs bak in 1997 - I was working at a bay area PC vendor at the time, so we used to get all the NDA covered books. Firewire would have brought in data fast, which would have generated CPU load for things like DVI editing, which would have generated CPU demand. Intel thrive on CPU demand, above all else.
Where USB is Intel-centric is in the fact that it is hub and spoke, not P2P. There always needs to be a hub in the connection, which is where the PC fits in. 1394 lets you do fun things like hook up two devices and share data, no pc inside.
If 1394b had also taken off in the consumer space, my back-of-TV infrastructure would not be the mess of SCART, SVHS, Analog and SPDIF cabling that I'm scared of. But either apple or the MPAA got in the way; there is only one 1394 port on the DVD-R, and it is input only. We'll have to wait for gigabit ethernet to become common on home AV kit for that universal home network to become real.
Incidentally,
1. WinXP lets you run TCP over firewire at about 30 MBps (for a 100 or 200 mbit card)
2. WinXp does not support any firewire cards built on chipsets that have promiscuous mode. PCs dont ship with firewire cards that enable sniffing, even with other operating systems installed. that really sucks. I do have some of the older cards around, for just such emergencies.
Back in 1997, Firewire was going to be the connector everywhere in PCs, in and out. IDE, SCSI, external -all 1394b. Even laptop docks
But then apple demanded $1 per port, which would mean $5-$10 per PC, plus something for every peripheral.
The result: USB2.0. That's right: USB2 came into existence primarily because of Apple's pricing strategy for 1394 ports.
So it is kind of ironic that they are not shipping firewire on ipods to better serve the PC market. If they hadnt got greedy, there might not be a USB2.
Oh, you make good arguments.
I went from RH9 to SuSE: we run a SuSE9.2 only house here.
The problem I had is that even though I could get my "enterprise" employers to get a copy of RHEL for my work desktop, I had the home systems to think of. I dont want inconsistencies across them. And as I run VMWare regularly, I needed an OS that VMware supports. VMware dont support fedora -why should they: even redhat dont support fedora?
I've moved on, and I don't regret it. RedHat may have the best linux brand in America -and a good engineering team, but their product strategy seems doomed. You cannot act like microsoft in the Linux market, because the cost of switching from one linux distro to another is so much less.
well they can do traffic analysis. but once your app and screen saver also exchanges random encrypted packets with other nodes in the swarm, how are you going to tell which is "their data" and which is just randomness.
I guess they could outlaw random number generators.
Well, there is this mornings critical patch for ASP.net path interpretation which could lead to remote code validation.
More to the point, Win2K's installation of IIS was hopelessly insecure. Think of Code Red. Why did it spread? Because IIS exported all your printers using IPP by default. And because IIS is architected so that most of its extensions run as DLLs in the same process as IIS. So crash some plugin, you are running as root. Now, I know that really you can run as COM+ things in a COM+ process for better lifecycle and security, but dont know how good it us.
IIS6 on win2K3 is a lot better, but that is because IIS5 was so bad.
I reviewed two 'how to use Java Web Servies' papers last year that were due for online publication, both were vulnerable to SQL attacks.
now, this wasnt production code, but if people showing developers how to write a fancy SOAP endpoint to existing code dont mention that there is no validation of data, do you think readers will remember to do it?
You make some good points. Nobody does use unmanaged BTW, its just too painful. There is one thing wore than it: managed C++.
.NET have any notion of tainted data. all this security stuff does is let you run untrusted code in a sandbox, or trusted code in a secured zone to slightly limit the damage it can do.
.NET have so far succeeded server side.
One thing though, neither Java or
But neither language has the idea of marking strings or other data that came from an untrusted source, the way Perl does. Which is odd, as both Java and
Compared to Perl, Java is insecure as you can too easily fall to a SQL string attack, either in your web page, or, heaven forbid, Web Service.
JNI is the second edition at a Java to C++ API. It is the underpinnings of every binding from Java to platform there is, not an afterthought for applets (though Netscape were involved). If you don't use it much in your code, it's because other people (i.e Sun) do it for you. They also go out their way to make it hard to do so, whereas MS, with P/Invoke and COM support, make it really easy to invoke native code *from trusted apps*.
.NET code that I know doesn't use unsafe either: MS go out their way to discourage you. You have to compile as unsafe, grab pointers only briefly, and then only ever get to run if your code came from a trusted place. All remote code is blocked, even that on a network share.
.NET APIs, too much of which are thin wrappers around Win32. OR the fact that the .NET runtime needs IE6 installed, and IE6 is the web browser component for .NET apps. OR the fact that ASP.net is built on IIS. Those are security holes. Windows is a security hole. ActiveX is a gaping security hole. IIS is server side disaster. .NET is actually pretty secure, but its just damage limitation on an otherwise dangerous piece of junk. Its like having ABS brakes on a Ford Explorer; not enough on its own to stop you crashing and burning horribly.
Most
Where MS do care is about COM integration, about platform integration. True, there is only one platform they care about, Windows.
But consider this: Integration between Java and Linux, especially the GUI, sucks. Want decent Java/Gnome bindings? You need the third party Java-Gnome libs, which use, wait for it, JNI. Want Java KDE bindings, go to KDEJava and get the java libraries plus native code. If you want to integrate with the OS, you need native code, which means JNI.
The fact that JNI is pretty rare can be seen by the fact that Gnome, KDE and drag-drop integration with the rest of the Linux GUI is pretty much nonexistent.
I think the FUD Sun are saying about "unsafe" is so bogus. If they want to slag it off, just pick on the
The garmin protocol for GPS receivers returns lat/long as unsigned integers; i forget the range but it is something like 32 bits. Really, dont need floating point, just big enough ints. There is a finite amount of detail you need for most things, and millimetre resolution of a position on the planet is about it.
I wouldnt use Base30 compression when base64 is evern more compact. Or base 80.
If you stick to one (real) OS, then Make+Unix is a good system. Cygwin is troublesome because java is still a windows app. We get a lot of support calls there: http://ant.apache.org/manual/platform.html
I would say the nice thing about Ant is that it integrates testing and more lately deployment, plus cruise control can automate everything. IDE support is nice-ish, it does give you broad choice of IDE
> 1. I had to get the next version of ant to ask it to pass a -ea to the java compiler.
-ea? Its not a javac option. And you can add any compiler argument like with the tag. Maybe you mean the -ea enable assertions feature of the java program. yes, that didnt come out till after java1.4, but you could still do it by hand.
2. If you dont know what you are doing, yes, ant can be an ugly mess. So can make.
3. Echo the compile command line. Every try "ant -verbose"? I'm not sure it does, but remember that ant doesnt create a command line for javac; it just loads it inprocess and streams stuff by.
I am sorry that had a bad experience with Ant. Maybe you should try Maven instead.
Steve Loughran, Apache Ant Project.