> Information loss is an inherent property of large organizations.
That's such an interesting axiom, I'm curious if you would want to say more about it? It feels right intuitively - complexity doesn't travel easily across contexts and reaching a common understanding is harder the more people you're talking to.
On a more micro level, I find it very hard to write good documentation. I always forget something that once pointed out seems obvious. Or worse, the reader is missing some important context that many other readers are already privy to. Not to mention, some people don't even seek out docs before acting.
I imagine this gets amplified in a large org. The docs are lacking, people might not read them anyway, and you get an explosion of people who don't understand very much but still have a job to do.
It basically is like having politically motivated human chaos monkeys running around the data center randomly killing systems and seeing whether anyone notices.
The very fact that it takes such a battle to even get read only access to analyze where the money is going is evidence enough that there is insanely baroque levels of waste and unnecessary services happening here.
If it’s that important it can be put back.
Why is it so scandalous that conservatives want a smaller government, got elected, and are now making the government smaller?
You wouldn't be saying "if it's important it can be put back," if it was a government service important to you, like water service to your house. Scientists actually need to use pubmed.
Equating government-funded research programs (completely optional) to water provision isn’t remotely coherent. Pipes in the ground are a natural monopoly.
I'm glad I have the chance to explain this to somebody. Research is also a natural monopoly, because a fundamental particle can only be discovered once. Repeated development of what's under the hood of a car isn't wasted because every car is different, but repeated invention of internal combustion would be wasted time and energy.
What I mean by wasted time and energy is, it is wasteful for 1,000 researchers working in secret at private companies to independently discover the same protein, without telling anyone, when instead one person could have discovered it and then shared the information. It's like 1,000 companies digging trenches for water pipes under the same road.
Working with the most charitable interpretation of your view, is the idea that Peter Higgs would have patentented the Higgs boson, CERN would have paid him royalties to attempt to produce it, and CERN and Higgs together would have sold the rights to a trust that was able to collect royalties on all products whose invention required the use of electroweak theory? It would have to be a patent term that lasted about 100 years, otherwise Maxwell wouldn't have been able to fund Maxwell's laws.
To me software engineering is an interesting and kind of inexhaustible field, but the longer I do it, the more familiarity I have with the problem space, and some parts of it can become routine (it's ok to do things the boring way). And so I don't experience it as a constant adrenaline filled racecourse — often it's just an interesting professional activity. And if I decide to get deeply emotionally drawn in some of the time, that's my choice, rather than a requirement of doing my job.
(Obviously, the job evolves a lot over time and will keep doing that, but it isn't always starting absolutely from scratch every time either.)
I have to confess I am guilty of this — I used to just draw some unstructured circles and arrows on a whiteboard and call it enough.
Lately I've been trying to work my way through lots of different diagram types from https://plantuml.com/, and it does help to wrap my mind around the existing options.
I just rewrote a tangled 500 line shell script in go.
It was my first time writing a golang project at work, so I'm sure it could have been better. But writing it the naive way, with all the required golang error handling, it ended up taking about 10x more lines of code in golang than the original bash script.
It does have a dramatically better UX (largely thanks to spf13's cobra and viper), and is way faster than the original, and the codebase is a lot cleaner and more maintainable. So I think it was worthwhile for the users and maintainers.
But still, 10x more lines of code. I like the OP, but I'm still not sure I would reach for golang for short shell scripts.
It depends. For single scripts its too much, but if there are dozen or so scripts with related/similar tasks, there can be common code or pattern to be shared. I have one Go project with ~3kloc and does 20 or so operations. But if were to do just single operation it would still need ~1.5K line of code.
Yeah, the original script I rewrote was doing about 15 different operations depending on the user input/arguments, so I guess it indeed reached the point you're describing where there were a lot of common patterns. It's just that instead of being 15 separate scripts, it was one gigantic one with a lot of conditionals and case statements.
500 lines of bash could have been rewritten as 50 lines of dense Perl. Pro: fewer lines of code. Con: even the author would find the Perl script inscrutable after a few weeks.
A more experienced Perl hacker would probably rewrite it as 100 lines of less dense code that people could actually read and comprehend.
I'd probably end up rewriting it as 50 lines of code that used a bunch of pure perl libraries and then use https://p3rl.org/App::FatPacker to bolt the dependencies onto the front for distribution so it was still a single file to install for everybody else.
(there's a lot of perl out there that uses techniques I would switch away from as soon as I got past a one liner in the middle of a pipeline, alas, but it doesn't have to be that way, perl just doesn't stop you blowing both feet off ;)
One neat thing about Go that makes it superior to a shell script is that it compiles a statically-linked binary. One self-contained file! Or N if you support N platforms. Did I mention that cross-compilation is trivial?
As someone who once inherited a static binary (without debug symbols, gotta save those few bytes) that should have been a shellscript: Please don't. If your logic reasonably fits into a shell script, then put it there.
Posix shell-compatible scripts will also likely work on all platforms where you go program would've been run.
> Posix shell-compatible scripts will also likely work on all platforms where you go program would've been run.
While I see your point, writing a Posix compatible shell script is not trivial. Little errors creep in that "work on my machine" because /bin/sh is a symlink to /bin/bash, but break the script when someone runs it on macOS.
In my experience, you get a lot of cross-platform compatibility when writing Go for zero effort.
I mean this entirely depends on how things are done where you work. I wouldn't think the back-reference is necessary if all projects have their own repo in some central location (and it's trivial to match the binary's name to a repo).
It's a cool idea that the end users can chat easily with the teams who build the product. (If I got that right, I think that's part of what is offered here.) Where I work, we have several layers in between engineering and the end users and ... while there's a lot to be said for increasing focus and reducing distractions, I think it's also nice to have the unfiltered contact sometimes.
This was the case at ${lastCo} and it bothered me to no end as PM. My job is literally talking to customers! Why do I need to chat to a relationship manager so that I can talk to my own customer?!?
That exact point was my very axe to grind and why I am thankful to work on all sorts of comms. automations at Railway when they let me.
All my customers are internal, but there's still usually a support ticket layer between the developer and the customer. I told all my customers, for the apps I own, just send me an email. No need to go through all that. They're thrilled and 6 years in there's been no issues.
I always like writing the first verse on paper, then typing it up and maybe writing the other verses/the chorus while trying to figure out the music at the same time... I usually just write lyrics in a very simple text editor.
I like Rhymezone too, and the MacOS dictionary's thesaurus, as they sometimes help me think of words I don't come up with otherwise. But I feel like with songs - the good stuff always comes when you let yourself listen to your unconscious, like all the really good material and images are buried in there somewhere and you just have to trick yourself into finding them.
Inside my team, we generally review quite promptly (same day, or the next morning). Across teams — it's more variable and depends a lot on context (or lack of context). If I'm chasing down reviews, I'll usually tag people to start out, and then message them directly to ask for reviews 24 hours later, if they don't get back to me sooner. It's rare that someone doesn't review same-day if I ask them directly.
I often find the reviews to be helpful. People come up with edge cases I haven't thought of, or notice things to clean up. I try to proofread everything before asking for reviews, but after I've started at my own diff for a while, it's hard to read it with fresh eyes.
Sometimes we ask for reviews on more experimental PRs too, just to get early design feedback before wasting too much time on polishing the changes.
I'm confused by the comments saying "Just don't use iTerm2." The same class of issue can occur for any other project, and switching is not a very effective defense against it.
If anything, having an embarrassing issue like this is probably going to improve the iTerm2 project's security posture in the medium term. It's like that joke about firing the engineer who caused the incident, and the manager who retorts, "Why would I fire them? They just learned the hard way never to make this mistake again." (I'm paraphrasing.) I don't think that iTerm2 has had a notably high rate of critical security issues, and I suspect they won't make this class of mistake twice. (And if they do - then I will re-evaluate.)
I suppose intuitively I would think that using the default MacOS Terminal app is a bit lower-risk than using iTerm2 or any other open source terminal emulator, as Terminal is a rather sparse piece of Apple-provided software with a low pace of change. But it's also closed source and impossible to audit, so there are tradeoffs there too.
I don't think Apple terminal is sparse at all. Try to dig through the preferences, there's surprisingly much choice for an opinionated software vendor like Apple. I love it, I've tried iTerm2 in the past but I just saw no reason to keep using it. The only feature that slightly appealed to me was the tmux integration but I found that i preferred to just have tmux inside the terminal instead.
I know some people that use the game-like rolldown interface (quake mode?) but I also don't like/need that one. There's a few niche things like that which make it interesting. But overall I just don't see the need.
If there's something that's sparse in options, it's Windows Terminal. Don't like that one at all (though it's better than the previous command prompt window).
Ghostty has the quake mode interface and has allowed me to overcome my shame for never graduating to iTerm. I can't remember much about the game except the giblets but hopefully I've understood.
The majority of configuration options in Windows Terminal are hidden in JSON. The GUI only exposes a fraction. They are doing work to expose more options in the GUI though.
Having tried various alternatives for prolonged periods, it is currently IMHO the best option when you have to work on Windows.
Ah I see. I only used it since the beginning and I hated it and didn't go back. Certainly didn't explore json options :) Thanks!
I really hate working on windows too and our company is tightening stuff down so crazily that I can hardly work anymore so I mostly work on my home lab in Linux and transfer stuff there. Totally not allowed by my employer but they make it impossible for me to work otherwise.
I used iTerm2.app for a while, back when Terminal.app didn't support 256 colors. That was literally the only reason and I ditched it the day Terminal.app got 256c, many years ago, now.
I used iTerm2 for a while before realising that tmux automatically maps 24-bit colors to 256color. It works well enough for me that I switched back to Terminal.app.
> I've tried iTerm2 in the past but I just saw no reason to keep using it.
One feature that's cool in iTerm2 is that you can define the left and right margins so using Vim full-screen looks nicer (I hate narrow margins). But I've switched to Sublime text for everything so I stopped using iTerm2.
I am inclined to say that a low pace of change isn't necessarily a problem for something that at its core emulates 70s hardware.
It can easily become a problem if you don't leave it at that and add everything and the kitchen sink to it. Not having used the feature I have a hard time imagining why a terminal emulator should have SSH integration to begin with.
> Hardware in the 70s was full of security issues.
It's however clearly not in the "70s hardware portion" of iTerm that this issue arises. Also not in the features we've come to expect of the most bare bones terminal emulators since, like Unicode support, scrollback buffers and font rendering, or even the somewhat gratuitous features like escape sequences for RGB colors, setting the window title or sixel rendering.
This is very clearly one of the kitchen sink features, and playing the devil's advocate I should say that it reflects poorly on the kitchen sink design ethos.
The comment puts the slow pace of change as an advantage. Pretty standard security principle.
Ssh integration brings lots of other "local" iterm features based on command history, etc. to the ssh environment. If you do lots of ssh work and use a lot of relevant iterm features then it's nice. Otherwise not.
Obviously, these features can be recreated with traditional tools. But these tools take time and experience to setup, and aren't naturally intuitive, despite the insistence of emacs elitists. For those who don't want to invest significant effort learning tmux, it's really nice to just check/uncheck a few boxes.
The built-in Terminal is a) simpler, smaller attack surface b) older c) supported by probably more than one person, in a more risk-averse org d) used by a lot more people so issues will get noticed and fixed sooner e) part of a pretty robust public beta OS program.
Point D is a thing we assume about software but over time you realize it's not the case. You'll see a native macOS app like Terminal and assume it's blessed by Apple, has its own dedicated team with daily standup and meetings, but it's actually just propped up by random tickets in a larger issue tracker, doesn't have a dedicated team, and depends on what amounts to begrudged work or charity work by whoever happens to work on a ticket in passing.
A random rockstar will come in and move the code forward 5 years never to be seen again.
I really dislike that one. Not enough configurability. Unlike Apple terminal which is kinda surprising because normally Microsoft is the one with all the option settings and Apple makes the opinionated software where they decide everything and the user has to take it as it comes.
But Microsoft is becoming similar unfortunately. You can see it in other software too, like them discontinuing the real Outlook and replacing it with a web one that has much fewer options, can't even be started up offline (!) and wastes more screen space. And they are moving more and more apps to electron or their own knockoff of it.
Windows terminal is great. Very performant and looks really nice. I also have mobaxterm for doing work remote machines, but for local work using WSL Ubuntu it’s my preferred terminal by far.
How do you judge performance of a terminal ? I know graphics in the terminal is an edge case and all but when I'm running a chafa [0] application Windows terminal on Windows is about 1000x slower than alacritty on mac, I run into issues where if I hold down a key all the key events get queued up as if the graphics thread is blocking the applications ability to react to key events, so I just have to baby it and hit one key at a time.
Oh I used it only when it first came out. I went back to PuTTY (i never use the console on windows for other stuff and I'm not allowed to use WSL at work). And at home i only have a windows box for gaming.
So there was some assumption on my part sorry. But informed assumption because other stuff I work with (Teams, Outlook) have only become much worse since their release :)
I installed iTerm2 on my work Mac because it came so highly recommended, but I honestly never remember to open it over the regular terminal. ~All of the features that matter to me in a terminal are features of the shell and the OS, not of the emulator itself.
Iterm is better documented. Try finding how to pass Ctrl-Meta-key; better yet, throw in a shift as well. Setting up 24bit color, supporting italics, and allowing Emacs keystrokes to go through to the remote server at will is a quality of life improvement. I managed to be feature complete with iterm on macOS with minimal effort, but not with the default terminal, and there was no source code I could check to help me avoid trivial annoyances. Xterm/rxvt from xQuartz on Mac OS are easier to work with than the default Mac OS terminal, and feel closer to their behavior in Linux, but then you have some unneeded X window features and miss other trivial automation features like multiple tabs.
iTerm2 is slower. It feels way jankier with nvim than Console, kitty or literally anything else.
I do not believe anyone should be using iterm2, given their history of security issues. All of them leave me scratching my head as to why did anyone think that designing it the way they did is a good idea.
But it is. Scrolling in neovim is noticably slower on iTerm2. This makes it cumbersome to use. Even if it doesn't prevent me from inputting the keystrokes any faster, if it is cumbersome to use, it will make me work slower.
I've used numerous terminal emulators on both macOS and Linux. I use Neovim daily. There is no noticeable difference in scrolling performance.
Additionally, there are so many ways scrolling can slow down in Neovim (e.g., bad tmux config). It's hard to take your word for it that the issue lies in iTerm2 in the absence of any sort of reproducible evidence.
There might be some tmux involved, yes. But the same tmux config works just fine with Kitty. Kitty also hasn't been leaking commands I've ran as DNS requests. Nor has it left my zsh history on a remote host. I don't care to investigate why iTerm2 works worse for me because I am satisfied enough with a solution that works. iTerm2 not working for me rhymes with my previous experiences with iTerm2 and its security issues.
That's uncalled for. Security issues are quickly fixed and released in iTerm2. The dev is responsive to feedback, even to hostile Mastodon trolls brigading the issue tracker [1].
Please don't be like that.
Also, any serious software has its own share of problems. Have you actually looked at the issue tracker for your supposed champion?
What specifically is uncalled for? I disagree with the design choices made in iTerm2 and wish the best of luck to the developer(s) behind it. I am not wishing any harm, but I do have to say that the input latency is annoying and attempting to resolve words in command output to see if they are hostnames is a dubious technical solution. Am I not allowed to voice my opinion on this?
It was an oversight that was promptly fixed after the issue was raised. The dev created a post-mortem [1] and a wiki [2] describing the issue.
Seriously, give the poor dev a rest. It's absolutely uncalled for to throw in a non-sequitur about some bug from 7 years ago, making snide remarks about how that's a "design choice."
Sure, it was an oversight. I am glad the issue was resolved swiftly, and I think George Nachman managed the issue well. But it is the existence of the bugs discussed in this thread that make me feel like not using iTerm2. I do not understand how can one not use past events as arguments in favor of not using a piece of software. I'm more than certain that George Nachman is a great developer developing great software, and I am not saying otherwise. I will however not cede that I do not wish to use iTerm2 because of the existence of the dns lookup bug in the first place, combined with the high input latency - I will not use software just because someone has put a lot of effort in it - I have to feel good about using it too :)
People are allowed to have preferences and dislike software.
Similarly, if your mechanic forgets to tighten the lug nuts or leaves the oil cap off, and nearly kills you or destroys the engine, you are allowed to find a new mechanic without the Hackernews hoi polloi coming out of the woodwork saying how unfair it is, he has mouths to feed, and linking to critical Yelp reviews of your new mechanic trying to convince you of your own idiocy and wrongdoing.
This emotional attachment to a piece of throwaway software here is frankly weird.
This over the top aggressive response to a bug in a passion FOSS project. That thing you just did is what I have issue with.
People are allowed to have opinions. In the same spirit, others are allowed to call out inappropriate or toxic behavior.
Also,
> Hackernews hoi polloi coming out of the woodwork saying how ... he has mouths to feed
Do you not understand what people mean when they say iTerm2 is free and open source software developed in a single person's spare time, and people aren't owed any of it? You didn't pay your metaphorical mechanic. Such bold sense of entitlement.
What's even more unfortunate is your take on my previous comment:
> linking to critical Yelp reviews of your new mechanic
Let me be more clear. You'll find something to pick on in any FOSS software. When you bring it up, no FOSS community will tolerate the kind of attitude you put on full display here.
Last but not least,
> This emotional attachment to a piece of throwaway software here is frankly weird.
Piece of throwaway software? Do words have no meaning to you? This is 15 year's worth of work that you're belittling. That work consists not only of coding, but coordinating with users and other software projects. I've seen him many times in issue trackers of various other projects. He's giving away all of that work for free. Imagine having to deal with people like you on top of all that.
At ultra settings? Even if, 30 fps at 1080p is not nearly “without breaking a sweat”. Also, the air will have trouble keeping that performance after a few minutes without a fan.
I love my MBP M4 Pro, but its gaming performance doesn’t reflect well what it’s capable of.
This is at High settings! And I haven’t even mentioned that the game is running via Crossover through multiple translation systems. That’s translating both Intel Windows to ARM Mac as well as translating the graphics APIs (DirectX or Vulkan to Metal).
The cyberpunk native Mac release comes out this year and will almost certainly improve performance further.
Why would anyone care about ultra settings on a laptop? I don’t even set my PC desktop to ultra settings in the game and I have a current generation mid-high end GPU. Setting demanding games to Ultra just giving up FPS to not tell the difference.
30fps 1080p is basically console-level standards for a AAA graphically intense game (not esports or online shooter). And that isn’t bad at all for the processor with integrated graphics that Apple sticks in its cheapest computer and its tablets.
Your MacBook Pro M4 Pro is one of the best gaming laptops on the market in terms of hardware! Especially if you want something that’s thin, light, and quiet with good battery life and not just a thick tank of a system or a loud but thin and light gaming laptop that struggles to power and cool its dGPU.
Depending on your configuration, you can actually play Cyberpunk at high settings at or above 60FPS on your laptop. You’re vastly underestimating it!
Your laptop just needs the software to get ported, and the Mac gaming space is rapidly evolving now that Apple is paying attention to it.
I wanted to like kitty and tried it many times. It is subtle issues that break Emacs now and then, like breaking the display alignment for some zero-width joined emoji. Iterm2 on a MacBook is snappy for me. With remote work, the latency for me is mostly network delays of order a couple of ms per keystroke for the cabled Ethernet connection; mosh helps for the extreme cases, or when on WiFi (which often feels annoying without mosh), otherwise ssh -C is sufficient for my daily driver.
Quake mode. Terminal doesn't have it, and the recently released Ghostty's quake mode is slower than iTerm2.
There's very little I want in a terminal emulator. What I really want is a full screen terminal, with no menu bar, no delay, and no animations, which I can toggle with a global hotkey.
It strikes me as a little odd for the terminal rather than the desktop environment within which it runs to implement the hotkey (or, as you call it, ‘Quake mode’).
I just have my tiling window manager configured with a keybinding to raise my terminal. No menu bar, no delay, no animation, just type the keybinding and bam, there’s my console, covering the complete screen. Another keybinding, and there’s my browser. Another keybinding, and there’s my editor.
You would also get a better window manager, better compatibility with server operating systems, a bash updated this decade, XCompose (think the Option key, but way, way, way more powerful) and more freedom, but on the other hand you’d lose macOS-only programs, and from time to time would have to deal with something truly frustrating which would never be an issue on a Mac.
It’s certainly not perfect, but I do prefer it. But then, I enjoy yak shaving grin
The bulk of my workflow involves Chrome and tmux inside my always available full screen terminal. I haven't the need for multiplexing anywhere except the terminal.
> better compatibility with server operating systems
I run nix-darwin on MacOS, and I have remote NixOS machines configured as build hosts. This is important, as everything I write is Haskell, and it must be compiled for x86_64-linux.
> a bash updated this decade
I use zsh and the bash available in the latest nixpkgs.
---
MacOS does an excellent job of managing all the other quality of life stuff that doesn't immediately concern me as a power user. A number of my current and former colleagues are all in on NixOS, but the number of times over the years I've had to wait at the beginning of a video chat for them to configure their audio settings, which sometimes means installing different drivers and/or turning their machine off and on again…
Yeah. Even as a huge nerd, I think MacOS is great.
I do this using Raycast, no matter which terminal emulator I'm using today (Terminal, Ghostty or Alacritty), I can just setup my global hotkey in Raycast and get the same "quake mode" everywhere.
Does the terminal appear instantly, and obscure everything else?
By default, the way MacOS does full-screen windows is by moving them to a space. Switching between the terminal and another application, e.g., Chrome, causes a large sliding animation between applications, which I absolutely do not want.
Oh I don't have it fullscreen, sorry, it usually covers the bottom half or bottom-left corner (depending on screen size). There it appears and disappears instantly.
I have never felt a productivity roadblock from terminal. It’s important to distinguish “oh neat and shiny”/“I like this more” from “actually makes me work faster”. If your terminal is a real productivity roadblock, it’s likely your workflow is optimizing for the wrong things because it just shouldn’t be taking that much of your time.
I work on a laptop with a small scren most of the time. I am constantly going in and out of the shell. iTerm2 has a quake mode that allows me to seamlessly pull this up on top with a keypress. It significantly reduces the lag of switching to another window with CMD+Tab or w/e.
Some of this stems from just the extremely bad support for hotkey window management on the part of MacOS.
On my Linux machine with KDE I can open a new terminal with a single hotkey and alternate between open terminals with a second hotkey. I've never once wished for a fancier terminal than KDE's default.
Using Mac for work is a different story, though it's remedied somewhat with Rectangle and similar.
The small screen is your productivity bottleneck far more than the terminal itself. Change that and I’m sure you’ll notice a much larger productivity boost than a few seconds saved on cmd-tab or other hotkeys available (and there are hotkey improvement tools you can install that aren’t tied to a specific application).
I move around a lot and travel light, upgrading the small screen isn't really an option. I definitely agree there are probably countless ways I could further optimize my system, but switching to a more feature-rich shell app is a clear productivity upgrade, since it only took me a few minutes to setup the features I need (security concerns aside).
Neovim is basically unusable due to the plugins I use having Unicode characters not supported properly (like telescope), so it does make a huge difference to me. Also, latency is an issue, and of the third-party terminals, only kitty is snappy enough to have nearly zero latency issues while typing. Drives me crazy when I’m chaining commands and there is a ~150ms delay.
Plus, any terminal other than kitty is noticeably laggy when using other terminal programs and typing quickly, and 90%+ of my time is spent in the terminal: using custom commands and aliases, ruby shell, docker, on top of usually using vim for editing. And having great customizable hotkeys for different common functions.
Guess my point is that the terminal app you use can make a big productivity difference
You're right, all those users that switched to iterm2 because the default is such a steamer have NO IDEA what they are doing, and only you, some random on the internet are capable of seeing the flaw in their ways.
People can switch because certain things feel easier or there’s nicer polish or quality of life improvements you enjoy. That doesn’t mean there’s an actual productivity boost and couching the former in terms of the latter is dishonest.
It’s interesting the emotional reaction you’re having to a rather banal observation.
This is macOS, not UNIX for bearded geezers. It’s literally an operating system meant to be easy to use for consumers, a.k.a. morons.
It’s also a very popular corporate deployments where most of your command line users are web application developers who are just doing a job because it pays good money. They have no philosophical attachment to traditionalist simplicity, perhaps compassion nonfor computing at all.
I don’t blame macOS users for liking the features of iTerm2.
Wtf man. Some of the smartest people I know have no interest in getting anywhere close to sw eng or working anywhere in IT, so are by definition "consumers".
Just wait until one of those "morons" operates a tumor out of your brain.
It's just humor. I'm a moron myself. It's not a big deal.
The more serious point is that Apple's primary customer base does not care for what's going on with the command line, and that's why the provided terminal is basic and feature-bare.
It's not really this intentional thing where the bare terminal is the best implementation. It's more of a Notepad.exe situation where Apple has to include one for the basic functionality of the system.
Which is exactly why the command line is to be used as little as possible, and for the very few use cases a command line is required, it doesn't need to be fancy.
macOS users of Apple and NeXTSTEP culture linage don't care iTerm2 exists at all, only Linux and BSD refugees.
As an original Macintosh user who discovered programming via HyperCard and Unix through OS X I’d disagree. I think there are a fair number of people like me who can’t bear the ugliness (in all senses) of windows and the time sink of Linux but do love composable open source utilities and text files for parts of our work.
Even if someone exclusively writes software that ends up running on Linux servers, doesn't mean they don't appreciate various nice Mac-exclusive applications as a user during their workday.
An example: I love everything about the Things task management app so much that I would never choose to run a desktop OS it doesn't run on.
I don’t have the stats, but I wouldn’t be surprised if iterm 2 is more popular than Terminal.app. Only power users are using this, and they tend towards power user tools.
> Only power users are using this, and they tend towards power user tools.
I have a souped-up zsh config that I clone to all my systems, but I've honestly never seen the point in optimizing my terminal emulator. The shell itself provides the real functionality, and it's cross-platform so by leaning on it I get the same features whether I'm on my KDE desktop, MacBook, or SSH'd in via Termux.
What power user features am I missing by ignoring the emulator and focusing on the shell?
There's some minor things that iTerm2 does that I like:
You can hold down command and click URLs to open them. (You can actually kinda do this in Terminal.app as well by right-clicking a URL and choosing to open it, but it's a bit fiddlier, and I got used to the hover feedback in iTerm2.)
You can click to highlight entire blocks of output from commands, which I sometimes find handy when things feel like they're blending together.
It'll keep a floating copy of the previous command prompt at the top of the screen so you can see what led to whatever output is currently at the top.
Though I don't know how to do the third, Terminal.app supports the first two. Command+double-click opens URLs, and you can select the content of the last command with Edit > Select Between Marks or shift-command-A. (Terminal.app automatically adds a mark each time it detects a new prompt, unless you turn that setting off in Edit > Marks.)
This is actually one of those cases where the ease of doing it makes a real difference to me… iTerm2 does both of those on a single click, and that makes it vastly more likely that I’ll use them. (Completely a matter of taste, I’ll admit.)
Being able to easily set it up so it sends key combinations to remote servers at will (including ctrl/meta/shift combos) was my main reason; this enabled my seamless interactions with remote Emacs servers. 24bit color and italics were the cherry on top. The shells within Emacs have unlimited and easily searchable/editable state. I can log into a shell buffer and copy paste a debug diagnostic output together with the command line; I can quickly create minimal example oneliners iteratively to help debug a problem and paste both input and output at any point in time, including days later. I can search all my open shells (often dozens; sometimes hundreds) for any commands or outputs trivially. This is hard to achieve if the terminal gets in the way to using Emacs in the way I like, when some key combo is impossible to transmit, and I have to rewire things to the minimal common subset that Terminal.app supports and hope that it will not break in the future. Finally, without public source code, I dont think I can truly trust a terminal ever. It feels too personal. Of course apple has control of the hardware and I live with that restriction for parts of my life, but I am less concerned about apple monitoring/intercepting my work, and rather worried about the full number of exploits in the terminal app that remain to be uncovered in the near term. I agree that too many features are a drawback of iterm; at least the code is there and the useful features work well enough.
I tried that but I feel the same about that as lolinder says above. Using tmux as normal works better on all my systems, not just the Mac. I just don't see the point to it.
It’s fine if you don’t want features in your terminal, but telling people who do like having software that has features not to use an alternative just because “more features equals complexity equals security risk” in the way you’re doing it is pretty condescending.
Let’s not forget that basically every graphical IDE on the planet has an integrated terminal emulator, and for good reason
I’d have a smaller attack surface if I turned my computer off and did all my work for my employer with pen and paper. I’d have a smaller attack surface if I didn’t buy a Mac at all and only used a security-hardened distro.
And here you are acting like Apple is God’s gift to stability and security when every single fall season Apple’s major dot zero version updates ship with visible bugs all over the place.
And to nitpick you, the assumption that more than one person is actively working on the default macOS terminal is laughable. I doubt it even has a full time employee dedicating 100% of their time to it. The yearly release notes look like less than one person’s annual output of work.
I remember that thread on here where the person who worked on Rosetta 2 said it was a solo project for years until closer to release when the team expanded to around 10.
Safely writing to /tmp/ was solved in 1986. Personally I would consider this class of bug the "idiot software developer" class (or to be more charitable: "security-illiterate software developer"). My evidence? There are (at least) six different OS primitives that will avoid this bug.
If you RTFA you'll read (under "What is the issue?")
> This file, /tmp/framer.txt, may be readable by other users on the remote host.
This is EXACTLY a non-safe writing to /tmp
Yes, there are safe ways to write to /tmp, as described in the systemd link I provided, but no, it is not safe to naively write to /tmp. Same issue as the "Many Perils of /tmp" link I provided.
A solution that no one uses is not a solution.
If you're gonna be arrogant, you better also be right.
Honestly that 7 year old thread makes me glad I use iterm2. George posted a fix in a short period of time (which he still does today), and added comments to that thread addressing the issues. Sounds like a decent person who cares about his users.
No, the issue had been reported on their bug tracker twice (and closed twice) in the two years prior to their response in the thread. It took a loud enough crowd to convince them it was an issue, even though the original reports described the security implications.
Only if they actually communicate what they’ve learned from it and what changes they’re making to prevent such mistakes in the future / catch them before release. Until then you can assume that they’ll keep making similar classes of mistakes.
What did George ever do to you that warrants this level of contempt and condescension? Am I missing something, because there are so many activists like you having an inexplicable vendetta against iTerm2 all over this thread.
This is sad because iTerm2 is one of the best terminal emulators out there. It's the first terminal emulator that popularized shell integration. Newer terminal emulators are still catching up, a decade later. tmux integration is another popular feature that's still unique to iTerm2. George has been working tirelessly on iTerm2 pretty much solo for 15 years [1]. To this day, he continuously brings new improvements to the terminal experience that keeps being copied by other terminal emulators. Developers benefit from his work, iTerm2 users and non-users alike. We should be expressing our gratitude instead of doing whatever people are doing in this thread.
George found this security issue the day after New Year's day and immediately released a fix [2]. That's commitment. And while the effects of this bug can be severe, most people wouldn't have triggered the bug.
> 1. Either:
> a) You used the it2ssh command, or
> b) In Settings > Profiles > General, the
> Command popup menu was set to "SSH" (not
> "Login Shell", "Command", or "Custom
> Command") AND "SSH Integration" was checked
> in the SSH configuration dialog. That dialog
> is shown when you click the Configure button
> next to the ssh arguments field in Settings.
It's almost as if some people are jumping at any chance of retribution, justified or not. This all sure intensified after iTerm2 at one point introduced an AI-related feature into the default build that one can just safely forget exists by not actively enabling and engaging with it. Some in the Mastodon community even went as far as openly fantasizing about inflicting violence on the poor dev [3]. I just can't understand the morality of some of the people you see online.
It's insane and horribly disrespectful. I don't understand the animus either. I just sent a $ donation to the maintainer.
The response to this bug is completely over the top. He found a security issue in an optional feature, immediately fixed it over the New Year holiday, and provided clear documentation about who was affected and how to address it. That's exactly how responsible disclosure should work.
The level of hostility - especially over adding optional features that people can simply choose not to use - suggests this is more about bandwagoning than legitimate criticism. We should be supporting developers who maintain critical open source infrastructure, not attacking them over a prompt response to a contained issue.
There is absolutely 0 condescension in my comment. All I highlighted is the flaw in the argument that a mistake made is a lesson learned. Indeed, there’s no indication the root cause of the lesson leading to this situation has indeed been learned.
You seem to be triggered by a perceived critical comment of a piece of software you’ve developed an emotional attachment to. I have not attacked anyone associated with the iterm2 project nor have I questioned his talent in creating a popular project or his commitment to it. Lumping me in with toxic people you encountered on social networks is completely uncalled for and I’ve never called for violence against anyone.
You asserted that author hasn't "learned" anything from this bug in a drive-by comment that starts with "Only if they actually ~". I can assure you that's incredibly condescending.
It's uncalled for too. iTerm2 has a good track record responding to user issues, even obscure ones involving Japanese input. The dev even listened to the demands of trolls who raided the issue tracker from Mastodon [1]. Security fixes are released quickly. Nothing about the project warrants the kind of cheap dismissal in display all over this thread.
You mentioned emotional attachment twice in this thread as reason some people have problems with dismissive, aggressive, or mean comments against iTerm2. No, it's basic empathy and appreciation for the thankless work going into this FOSS project.
No it’s not condescending to highlight the author hasn’t indicated they have learned from the broader set of circumstances that led to this bug in the first place. Ripping out a feature is a first step not the only step.
I mention emotional attachment twice because twice to logical and attempted factual comments I’ve gotten emotional comments back verging on attacking me personally. I don’t use iterm2 nor is it a piece of software that takes up any mindspace for me but attacking this aggressively anyone even mildly critical because you feel like you’re part of this minority group and you need to defend yourself because you feel constantly attacked is tribalism, not empathy and appreciation.
When you tell me that you're the lone voice of reason amid the emotional tribal backlash against you, despite people breaking down all the reasons they're calling you out step by step, I have nothing more to tell you. You might want to remember that your supposed "logic" won't stand in any FOSS community though. Or like, any community. I honestly hope that you can one day become a different person from the one who proudly proclaims that disregarding other people's work is proof of rationality.
Where did I ever claim I was the sole voice of reason? Plenty of people on here are having a rational discussion about how this happened and several people recommended tips such as commit hooks to prevent WIP work from getting committed and released. That would be an example of a lesson learned. Indeed, it's entirely possible that George has learned that lesson too. I was just literally describing the logical problem with the assumed logic of "mistake made = lesson learned", especially when there's no evidence outlining what the lesson learned was. Similarly plenty of comments in response to things I've said have been fairly well balanced.
As for the backlash, I just highlighted how 2 responses in particular seemed emotionally charged and border line attacked me for completely innocuous comments. The first was completely condescending and sarcastic while adding no additional value to the conversation on a completely unrelated comment thread where I suggested that maybe, just maybe, the terminal you choose isn't going to meaningfully improve your productivity. Your conversation has accused me of being in league with people threatening violence to the iTerm2 author and again adding nothing to the discussion about what lessons were actually learned and then attacking me and demeaning me in all sorts of ways and accusing me of saying things I simply have not. How would you describe that? A logical defense of someone I'm not attacking?
Bringing up an arbitrary list of demands so that a FOSS dev can "prove" to you he has "learned"? That, is what, in your words, "adds nothing to the discussion."
Again you are claiming I said things I simply didn’t. Where did I come up with a list of arbitrary demands for him to prove he learned something?
All I said is that he simply didn’t say what he learned and provided examples of what it could look like. Again, I was very specifically responding to the claim at the beginning of the thread that a mistake made is a lesson learned isn’t actually true just because a mistake is made. It’s a very basic logical fallacy made by OP. And I point out how while he says he learned something he doesn’t actually clarify what the lesson is and what steps he’s taking to prevent said mistakes in the future. You may disagree but I feel like that adds something to the discussion.
I’m pretty done talking with you since it’s clear that you will continue conversing in bad faith and ascribing to me things I simply didn’t say.
They didn't assert that the author hasn't learned anything. They said that in the absence of information that they have, what they have and what they will do to prevent such issues in the future, you can assume they will make similar mistakes. Which may be more of a "better safe than sorry" strategy than you think is warranted, but that I don't perceive as an attack on the author.
Yes, you are right. Sometimes, reactions cause chain overreactions. We have different intensities of the situation. I checked the iTerm2 author's notes and compared them with my setup and I thought ok. It looks like I'm safe. And I moved on. But when I read your previous comment. I am now unsure because I need to know when and what changes led to this issue in the first place.
The iTerm team is just an army of one. There may be a formal analysis of the security soon.
The root cause as I understand from other comments in this thread is a double whammy of the feature existing itself and that they managed to create a release with a WIP commit that enabled the feature. The resolved the issue by ripping out the feature. However, the latter issue remains unaddressed and to me is equally if not more concerning - there should be good practices in place to ensure that feature flags aren't even being controlled via code edits and instead there's .gitignor'ed config files that are read in a developer build for turning those features on. Additionally, git commit hooks that scan for WIP comments & prevent pushing them and sprinkling WIP comments around temporary changes might also be good defense in depth measures.
iTerm2 doesn't interfere with people wanting the same old experience and you don't even have to use it either. Being "triggered" by a free and open source passion project that has helped countless number of developers around the world is beyond absurd. "Ungrateful" doesn't even begin to describe it.
People have always been emotional about their choice of software, I guess. But people are treating George, who has shown nothing but good faith this past 15 years of iTerm2 development, like the product manager of Windows Recall. That's a whole new level of emotional response which I don't understand where it's even coming from.
No, all the patch notes say is “I learned from my mistake and ripped out all the logging code”.
That’s not actually a postmortem of a list of process changes. Nothing about how WIP changes made it through into a code release nor in how such mistakes will be prevented in the future. There’s a much richer discussion of options in this thread of things people do to prevent things like this. For example, reading environment variables from a file that’s gitignored so that you never accidentally commit something and you don’t need to mutate code to do a config change.
He may indeed have learned from his mistakes, but I’m pointing out the flaw of assuming every mistake was treated as a learning opportunity, especially when no real evidence exists to suggest that.
There was another issue where iTerm2 added AI functionality and then after some backlash allowed the ability to turn it off. If the additional features (which is why you would use iTerm2 in the first place) start making more and more problems it is starting to make more sense to use terminal.app or alternatives.
iTerm2 never enabled any AI features by default (it always required an OpenAPI key, which the user had to provide). The backlash was for including an AI related feature in the default build at all.
Following the backlash, I think they made it an optional plugin.
Wow -- as already posted, this is absolutely false. This is not at all what happened, the iterm2 folks are way more sensitive to their users' feelings than that.
You're right, but, as a user reading those release note for the first time, that's how it seemed. AI is being added? TO MY TERMINAL? Yes once I read it I understood it wasn't quite that bad, but the initial "Are you f*king kidding me?" feeling never left. AI. Next to my terminal. Please.
That's such an interesting axiom, I'm curious if you would want to say more about it? It feels right intuitively - complexity doesn't travel easily across contexts and reaching a common understanding is harder the more people you're talking to.
reply