That is mentioned in the talk, it’s actually not the annoying part of the dependency problem though, the annoying part is when you get conflicts despite not needing the interop.

There are plenty of tools for updating old references to use the new versions. I don't know exactly how the storage system works, but I assume you would write migrations similarly to how you do with traditional databases

Everything that depended on that function would be "updated" as well. I put updated in quotes because its actually creating new functions. So would the entry point into the program so you would be running a different program at that point that would all point to the new version of your function.

This was a very common question after and I wish I'd had a slide on it - here's longer reply about how it's done: twitter.com/unisonweb/status/1173942969726054401

I admit I'm new to this, but doesn't that mean you're swapping the 'codebase-wide analysis' problem with a 'codebase-wide-hash-propagation' one?

@@ryantomczik4916 basically if you change how a common function works you have to change 99% of your code :) It's automatic so that's nice but still you have a lot of work for little benefit.

In general, it seems like this would allow a whole host of similar attacks like the ones used to exploit caches in processors (Spectre, Meltdown, etc.)

You have the same problem with git now. Need to rewrite history then. Or just don't commit sensitive information (there are also tools for token scanning).

Yes, that's a typo. Sorry about that! Will fix in published slides.

Here's link to the slides (with that fix): slides.com/pchiusano/unison-strange-loop-2019#/

Or restrict "global" state to be "module-global". Or just don't have global state like you said :)

We will have this problem with any language, but from what I understand both names should still work, they just point back to the same thing.

And what will be put in git? Some binary ast file you've never wrote? Does it require you to use it's own system for version control, so you can't integrate it in a project that uses other languages?

No build doesn't mean no compilation. There would still be compilation.

You misuse serialization as external exportation.

@@llothar68 exporting from one system, importing to another. With the option one day to upgrade/change out one of those systems for a newer one. Misusing?

The current syntax is inspired by Haskell, but because we store the code as its AST, it would be very doable to have multiple syntaxes for it. See this note www.unisonweb.org/docs/language-reference#a-note-on-syntax and we are tracking "pluggable syntax" proposal here: github.com/unisonweb/unison/issues/499

twitter.com/jaredforsyth/status/1173763944323764225

Imagine using IPFS for package distribution!

I'm guessing due to abilities Future a -> a does not mean what I think it means, I'll try to read up the docs

It's a prefix function that takes a future and returns the value that it receives. Seems pretty straight forward to me.

@@skepticmoderate5790 I believe the question wasn't "what does it do?" It was "how does it accomplish that?"

I assume it uses some kind of monad. It's encapsulating an impure function action in a context that allows you to make functional guarantees about how it runs. At least that's how I understand the concept

since there is no mention of security, i am pretty sure all nodes have to trust each other. so yeah, data is trusted to be correct, and since hashing is used to identify functions, if a collision is found, it would break. but the other node can just lie about the result. if they didn't care about collisions, they wouldn't need a hash-function, they could use checksums. though it is unclear if they talk about cryptographically secure hash functions or not, though they are so fast now that i guess it is what is meant.

512-bit sha3 hash, so probably not a huge concern for collisions. Also I'm sure they thought of something to deal with potential collisions

Paul mentioned 512-bit SHA-3 hashes around 3:45

A hash collision might cause havoc, depending on how good the type checking is and whether the collision also is a signature collision. The protocol also has tests as a integral part, so errors should be catchable, and tracible. You can run tests descending the execution tree until you find the wrong component. The protocol could even be set up to add some sugar to one of the colliders automatically and rebuild where required. There is very little reason not to use a cryptographic hash for this. The amount of data it is required to operate on is relatively tiny, with a programmer probably outputting a few kilobytes that needs hashed on an average day. Changing something deep in the call stack could require a significant rehash, but that should happen very rarely.

Seems like hash poisoning is a potential problem too. Could I write a function which has an unused tweaked array of values in it which causes a collision on purpose and inject my malicious code?

twitter.com/jaredforsyth/status/1173763944323764225

Hash naming is the innovation that gives the language it's strength, but not the only feature. It has other features that play to that strength. Being able to easily differentiate between lazy and eager code is important. A language that is clear about the dependencies of every line of code is required for easy implementation. The test cases are important for the protocol, so need to be part of the language. Immutability and a functional approach to programming are almost required to make this work well (can't easily share a mutable variable), so a language that supports that is important. A type system that can handle distribution well is required, and it needs to be able to treat code as a type. He is not just presenting the innovation, he is presenting the language. Whether it does it's job better than a more established language with hash naming tacked on is up for debate. It may be the case that the language's only claim to fame is the introduction of hash naming. Their starting point was not producing an innovation though, it was writing a language tailored to solve a problem. No point abandoning the language because they found a technique applicable elsewhere. The language might still prove to be the best way to approach the problem.

Multiple occurances of the same hash should allow for decent space optimizations. This is not possible with what we are currently (2020) still are moving to which is as many docker containers (and other such hacks) as there are installed apps which contain mostly the identical libraries over and over and over again. Maybe not x60 but on my system I woudn't wanna bet on it with me trying out so much new software.

The hash isn't computed based on the name. It's computed based on the AST, so renaming DOES NOT change the hash.

because function aren't referred to by name but by hash. as i understand it, the names are just used for display and initial input. i guess confusion could arise from people using different names to refer to the same function (or vice versa) but that's more of a social problem between programmers, the code itself doesn't care..