Web 2.0, Meet JavaScript 2.0 248
Jeremy Martin writes "Well I suppose it's an undeniable fact about us programmer-types — every now and then we just can't help but get excited about something really nerdy. For me right now, that is definitely JavaScript 2.0. I was just taking a look at the proposed specifications and I am really, truly excited about what we have coming."
Re:Meh. (Score:5, Interesting)
"Program Units" - potential for misuse (Score:4, Interesting)
William
Re:Meh. (Score:5, Interesting)
Re:As long as I got my Framework (Score:5, Interesting)
Re:Javascript 2.0, usable by 2015... (Score:2, Interesting)
http://wiki.mozilla.org/Tamarin:ScreamingMonkey [mozilla.org]
Re:Ugh (Score:1, Interesting)
He said guaranteed, not could, which carries quite a different meaning. But go ahead and post your thoughts there. Perhaps he might expand on it.
JavaScript changing into Python (Score:5, Interesting)
There are indeed many Java-y features being added, such as "use unit" and classes, but these are also Python features. The one feature I saw from the article that looked distinctly Java-ish was static type checking at compile time, and Python will have something similar by the time JS 2.0 is generally usable (i.e. both are optional).
Features in nearer-term versions of JS are even more obviously Pythonic, though. Generators and tuple unpacking, for example.
I'll lay my cards on the table and say that I think Java makes programming laborious and unpleasant, and Python does just the opposite. These features don't seem to make JS any more programmer-unfriendly, and they add a lot, so I'm looking forward to Pythonic JS 2.0.
Standards rule (Score:3, Interesting)
Re:Cross-Browser (Score:3, Interesting)
For example, some corporate environments think that disabling all the programs in system32 to be a "security feature"... which means you can't do things like fix corrupt registry entries in your own HKCU hive! So I wrote a command-line registry editor (similar to reg.exe) in Javascript+WSH+WMI. I also used it to write a little utility that basically replicated the remote installation feature of SMS. Except mine doesn't break all the fucking time on networks that aren't always up (SMS server was separated from all the clients by a TACLANE that's only brought up as-needed).
Oh, and I wrote a DB app in Javascript that just happened to use a browser for a GUI (but there was no webserver middle-ware). Again, mostly because I loathe anything VB-related (such as VBA usually used to script Access). See http://www.kuro5hin.org/story/2005/7/14/13942/7643 [kuro5hin.org].
Re:Ugh (Score:3, Interesting)
Well, for one thing, 'print' is a verb instead of a noun. Also '+' is often used as shorthand for 'and' in English, so it's probably semantically clearer and more intuitive.
Now, if anyone can tell me why C's indirection operator is the same as 'multiply', and its address operator is the same as bitwise AND?
I always thought it would make more sense to use '$' = 'value of' and '@' = 'address of' for these.
Re:"Program Units" - potential for misuse (Score:3, Interesting)
You're talking about signed scripts, something not very commonly used. Something about being endlessly prompted to approve your browser's verification of the script's authenticity, or some crazy shit like that.
Point is, however, you're talking about a vulnerability that's in the network. Any protocol or script or program sent over the 'net is vulnerable, unless signed, and even that can be faked. A hacked DNS server at your ISP could redirect you to a phishing site when you visit your bank's website. Or, Verizon could redirect your negatory DNS lookups to one of their spam servers.
See? So, the question you have to ask is, how common are MITM attacks? I don't know the answer, but it seems more likely that your bank or ISP or online retailer is going to "lose" a few million financial identities to hackers, than you'd fall victim to a silently-inserted malicious script.
But who knows? Web browser security is notoriously tissue-thin, so we all have risk profiles with non-zero p, and the MITM attack could come along any vector- flash, HTML, HTTP, DNS, SMTP, etc.
Look at all the malware out there, a far more tangible problem; downloaded by unwitting noobs, busily building networks of zombie spam bots or whatever. MITM seems a more risky technology investment for the digital conman, with the penalties of being traced and caught. Kind of amazing that malware authors aren't chased down the same way hackers are. Maybe I don't watch enought television - missed when Prezzie Bush signed the anti-malware bill into law.
Re:Ugh (Score:5, Interesting)
Wrong!
The justification for classes in a prototype-based language is to use type safety properties in library and infrastructure code. Read enough from Brandon Eich and Douglas Crockford and you realize there are strict limitations on what safety properties can be guaranteed by current JS. At least, providing such properties is convoluted and error prone. Classes help provide needed structure for places that JS cannot hope to provide solutions today.
For example, I have a suspicion that Brandon is really attempting to replace the the Mozilla DOM code (C++) with JS2 code. This would simplify the interaction of the garbage collectors (some of those "memory leaks" everyone fusses about, ESPECIALLY in IE) and other infrastructure code.
Classes in JS2 are NOT about needed to emulate Java, so much as it is about providing tools to write robust libraries. Want more proof: MS Silverlight and Adobe Air are both based around JS2-like enhanced scripting languages. Those products make extensive use of the type safety properties brought by classes. This is also Brandon's main complaint against MS ATM. MS is promoting proprietary products with a JS2-like language, but stonewalling support for an open standard (with a robust reference implementation). Think about that for a minute: JS2-like languages are shipping today. Why can't we have a public standard for everyone else to use? Prototypes stay useful, though. MS incorporated extention methods in .NET 3.5, which have much the flavor of prototypes (when combined with generics) in a class-based language. Classes also bring some performance improvements, but that seems to be a secondary concern.
So, we have classes to build robust libraries and prototypes to glue them together with random code. Best of both worlds.
Finally, JS2 is 95% backwards compatible with JS1. The missing 5% is due to clarification of murky parts of JS1 and fixing a few issues everyone complains about. This also obliterates the need for multiple implementations of JS1 and JS2. The JS2 engine can take care of code, old and new. Even with class-based programming and you can "route around" classes using prototypes to extend functionality if you don't need the safety properties (most web code, but not libraries).
Re:Ugh (Score:5, Interesting)
I always thought it would make more sense to use '$' = 'value of' and '@' = 'address of' for these.
I think that by far C's main syntatic problem is using a prefix operator for pointer types and pointer dereferences, when the other type operators (arrays and functions) are postfixes. Because of this mistake, virtually all C programmers to this day, do not fully understand C's declaration syntax.
For example, to declare a function that takes a pointer to a void function(int) as an argument, and returns a pointer to a function(void) that returns a pointer to an array[SIZE] of chars, you would have to write: It also means we have to write: because:
(*m).x is required with a prefix operator, and is hard to type.
There are few C programmers who can read that first example. Now lets try a Pointer-as-postfix syntax for the same thing. We shall not use * as a postfix operator, because it would make the expression: "a * - b" ambiguous ("a*(-b)" or "(a*)-b"?). Instead, let us use your suggestion, and make "$" the postfix type operator, and dereference operator, and see the consequences. Lets also put the base-type after the expression instead of before it, and see what happens to the above declaration: Note that this simply reads left-to-right now (because we removed the mishmash of prefix/postfix operators), and there is no need for parenthesis to denote precedence, just functions.
The "->" syntax is no longer needed, as like in Pascal, we can have: which clearly means: dereference m and then get the x member.
Re:v2.0 (Score:3, Interesting)