I hesitate to write this, since I like to be more of an "underpromise
and overdeliver" kind of guy, but the resonance was just too strong.

I spent the last year or so working in JavaScript and Node (for a
startup; our product is <https://medium.com/>). Going into it a year
ago, I thought that this pair of technologies / products would be a
good basis for doing the next layer of programming language and
platform development. Today, not so much.

Having gotten product out the door, I took a vacation. One of my goals
for the vacation was to start in earnest on what I thought a good
next-language might be, in terms of my own career / life-work arc.
Where I ended up was that I had a few ideas for an ultimate goal — in
particular I'm currently interested in exploring where all of
promise-based computation, a nearly-immutable data model, and software
transactional memory (for the mutable parts) meet — but I was (and am)
utterly dissatisfied with the prospects of exploring this territory
using any of the existing higher-level tools and languages that I
researched. My dissatisfaction stemmed from issues along the lines of
too many dependencies, poor semantic fit for the problem, and
philosophical incompatibility.

This led me to take a week and a bit to prototype what I think will be
a good-enough system to use as a substrate for my own further work. A
bit meta, I know. As with Kevin, I don't know how much progress I'll
be able to make in the short term, particularly because the work isn't
well-aligned with my job responsibilities. That said, I'm currently
quite excited about the prospects and have been spending an awful lot
of my evening and weekend time on it.

One thing that I feel is important at this level is an integral
parsing facility that can be used to write understandable code, and so
the prototype includes syntax for PEG grammar specification. (In a
way, this is a decades-overdue acknowledgment that Snobol had the
right idea here.)

Another high-order bit for me is avoiding gratuitous dependencies.
Getting to a self-hosted system seems pretty sensible to me, but I
don't want to have a ton of prerequisites for getting to that point.
Where I landed was to use C as the implementation language for a
minimal implementation, with the aim being for the code to be correct
and readable, eschewing both completeness and efficiency as primary
goals. Along the lines of how Scheme48 and PyPy are built, this C
implementation is meant to host exactly one program, a compiler for a
complete language implementation.

Because of where I'm positioning this in the stack, I'm aiming for
transparent Posix support but *not* ubiquitous asynchronous I/O (even
though I agree that that's ultimately desirable).

Though Kevin's and my short- to medium-term goals are probably
different, I think he is sensing the same underlying need in the
world. And I'll disagree, and take the stance that inventing a new
language *is* inherently good, and I want to help make it easier to do
so. Wish me luck!

Cheers,

-dan

Hi Kevin,

If you want feedback from users, these were the main problems for us:

1. VatTP not using standard TLS libraries -> security risk due to lack of
updates.

2. CapTP "ping-of-death" vulnerabilities due to pipelining: e.g.
server<-getVersion()<-pow(2147483647).

3. Lack of a framework for persisting and reviving database resources
(timeMachine not useful; had to build our own).

4. Lack of static type-checking (Java developers are used to the compiler
checking things for them). Lack of a proper record type is related.

5. Performance (especially start-up time). Static type checking would help a
lot here, I think.

People complained a bit about the syntax, but I don't think anything else
would have been better. If it had been pure Java, they'd have had to learn
the same concepts. Personally, I think it's very good.

Integration with Java was very easy and useful, though very hard to explain to managers.

________________________________________
From: e-lang-***@mail.eros-os.org [e-lang-***@mail.eros-os.org] on behalf of Kevin Reid [***@switchb.org]
Sent: 28 September 2012 15:50
To: Discussion of E and other capability languages; ***@googlegroups.com
Subject: [e-lang] Idle musings on doing E over again

I was trying to get to sleep last night, and was struck by the thought of: If we were designing E from scratch (with the same goals), what would I actually do differently?

This is the list I repeatedly got out of bed to write, over a couple hours. It has at least two items which contradict each other. It probably has some items which are really bad ideas. It does not attempt any sort of consistent level of importance of its items. But I thought it might be mildly interesting.

Am I thinking of actually doing this, you ask? Well, at the moment it seems rather impractical with my available free time and to-dos. Inventing a new language is not inherently a good thing, *unless* it turned out that, for example, all current E code could be semi-automatically rewritten into the new language, thus reusing all that historical effort. On the other hand, I suspect that E *could* be more useful to the world right now if it weren't hampered by certain design choices.

(I'd be sticking this on the wiki if it weren't down at the moment...) (Sending to friam on the off chance it's an interesting topic.)

------------------------------------------------------------------------

Guidance
--------

• Early, build an implementation targeting JavaScript/SES, because what kind of modern language doesn't run "on the web"? However, allow only membraned interop with JavaScript code, because the alternative is to discard sameness.

• Aim for facilitating less-heavyweight implementations; fast interpreters, straightforwardly powerful compilers, small runtimes. (I have no idea how to put this in concrete terms to evaluate a design.)

• Start writing code with decent error handling from the start -- Make sure that every common error at all levels of abstraction produces nice results at the REPL as well as nice caller code. Use the feedback from this to get our error-propagation and error-value semantics right.

Call semantics (apply)
----------------------

• Coherent capability-styled error-propagation semantics. (The current problem is that post-sealed-throw, the natural synchronous error handling is ejectors and the natural asynchronous error handling is returning a broken reference, but there is no automatic conversion to be had. Perhaps sealed-throw was my mistake.)

• Errors are a sort of return value, broken references, but they're a sort of return value you can't incidentally-discard. Think of them like Maybe; the default action on a call is to match Just _.
If you want to pass on brokenness to your caller, you can explicitly choose to 'box a call' which is like a try{}; this gives you success-containing-failure (i.e. a slot containing a broken reference?)
TODO: Figure out whether this ruins the property that you can pass around a promise that may or may not have resolved to a broken reference.
(Perhaps the answer is that these failures are *not* broken references; they're one bit different from broken references. Boxing a call gets you a broken reference instead. You can also 'yield a call' which is explicitly passing on the broken reference you might receive. Hooray, we've invented too many kinds of calls!)

• Going the other direction, trying to have the ejector semantics in eventual programming: have a special argument-placeholder which means "The smash facet of the resolver for the innermost enclosing eventual send". (The eventual send syntactic sugar can set up a shadowing binding.)

• Consider defining errors to cause state rollback as well as nonlocal exit.

• Problem with E inheritance design: it's conflated with matchers, so type mirandas (respondsTo/getAllegedType) have the funny behavior of invoking the matcher.

• Think harder about how/if we want to provide property-access patterns; can we cooperate with methods-are-properties languages like JavaScript and Python? The original property access scheme failed because its fallback to get/set did not compose with inheritance, so it got watered down to just a getFoo/setFoo wrapper, but that is capitalization-based name mangling which is evil.

Kernel/AST/Eval
---------------

• Explicitly permit implementations to intern verbs.

• Prototype actual implementation of the ‘quasi-parser calls may be constant folded’ early.

• Keyword arguments of some sort; choose map syntax which is amenable to this or -- ooh ooh! -- build in _record objects_ to the language, which are optimized for a static set of keys.

Surface Syntax/Nonkernel AST
----------------------------

• Aim for a syntax with the elegance of Smalltalk. Try to reject keywords, or permit them only in ways which namespace them (e.g. my old idea of <keywords> like <this>).

• (Perhaps) Instead of environments which spill siblingward in the AST, provide such scoping as part of a general "omit the right bracket/flatten nesting" surface syntax. (I suspect that this doesn't actually work as it is less expressive, but it's worth testing, I think.)

• One way to test this: start with a Lisp-style surface syntax, and include a generic flattener.

• Can't be sufficient: consider objects defined within the arguments of a method call (e.g. a lexical version of the Measviz initialization).

• Build a simpler syntax, with less C-lineage-isms. Today's world is more diverse; the people who might be interested in E are less likely to be scared off by syntax. (Those who want familiar syntax can use JS/SES.) We tried tweaking our syntax towards C/Java to improve adoption and it didn't notably help.

• Syntax such that comments readily map to specific comment nodes in AST. This means that source code tools can refactor or prettyprint without losing comments.

• Make it easier to apply auditors all over the place; auditors on methods.

• Doc-comments-are-quasis from the ground up.

Naming
------

• Allow non-strings to be nouns and verbs, thus enabling
- trivial gensyms for expanded code. (Have a way to mark names as not-outside-this-scope so that we can choose to stringify them).
- avoidance of name conflicts in public "on this object" protocols.
• Idea: nominal-typed-interface objects which automatically provide name symbols.
interface foo { method x() } def object implements foo { method foo.x() {...} }
- Private protocols, as in the JS private name proposal — if we can make "not proxiable" work for us.

• Review Joule's design which contained non-string verbs.
• If nouns and verbs can be selfish, then also revisit the restriction of LiteralExpr to specific objects. Let's do better than Common Lisp!

• Start with some sort of module system that has no global namespace, or at least uses URIs as its global namespace.

• Avoid introducing any "well-known environment" issues in the distributed object protocol; start testing with application-local objects from the start.

Standard Library
----------------

• Build stream types into the standard library from the start, and design the library-idioms so that streams are cheap.

• Include a parser generator (PEG?) so as to quickly build self-hosting language tools and tools for data languages (e.g. XML, JSON) and little languages (e.g. regular expressions).

• Build HTML/XML/JSON quasis from the start, because interop with the web is a good thing.

• Design a coherent standard library, with less of a mishmash of Java-inherited objects plus E objects. Make sure that all the expected facilities of a modern language's library are reasonably available. (What are good resources for that?)

• Don't include synchronous file access.

• Do include POSIX interfaces so we aren't crippled by lack of e.g.
• file permission setting
• sockets
• capable terminal I/O

• Avoid the file-URL vs file-local-pathname confusion in the current API.

• (And on that note,) Figure out whether the URI-literal scheme can be kept without the every-URI-"scheme"-is-a-lexical-variable property.

--
Kevin Reid <http://switchb.org/kpreid/>

I spent a considerable amount of time on this issue 12 or so
years ago. Note that SSL and TLS are the same thing, TLS is a
more modern version of SSL. HTTPS will use either, but there are
significant security issues with SSL1 and SSL2, so modern
browsers only will support SSL3, which also has issues, but they
are less likely to show up in real-world situations.

In the good old days, TLS was totally in bed with PKI and
certificate authorities. There are some recent RFCs which allow
the kind of key authentication needed for E, i.e. the public
key's hash is the vatID of the target vat.

I found the whole library thing a total none-starter. What TLS
libraries will be supported over all the target platforms? What
libraries provide the necessary interfaces to check the public
key against the vatID? I'm probably really old fashioned, but
coding the crypto from scratch seems a lot easier than answering
the above questions and validating the security of a library.

(The problem with security is that is isn't what you can do,
which can be answered by testing, but what you can't do, which
can only be answered by proof, although tiger teams can give you
some hints.)
Java failed as a language for users because of its slow startup.
Since E was built on the Java virtual machine, it had the same
problem. Since Java is statically typed, I don't see how having
static types will help with the startup time.

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos,
CA 95032

I would add promises and vat concurrency control to the list of
main ideas of E. Of the minor ideas, my favorite is quasi-literals.

Javascript already has vat concurrency control, and when people
suggest putting in thread-like features, they receive
significant pushback.

Promises can be added by libraries, but it is nice to have
language-level syntax.

Quasi-literals are proposed for future Javascript standardization.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032

I'm afraid I lost track of the conversation here, but the one thing
I'd say is: don't build on top of the JVM. On top of LLVM would be
pretty neat (you might then want some kind of E-on-E interpreter for
interactive, if you really care about interactive, not sure it matters
that much, TBH - maybe you can even compile/link small programs fast
enough to not need it).

I see the most important disadvantage of the JVM is its slow
startup. (Remember, my experience is a decade old.) This
slowness doesn't matter much for servers, where the JVM is
started when the server is started, but it was a pain when I was
doing data analysis in E.

I don't know about the issues with node.js, but it would be one
likely engine for a Javascript implementation.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz |The nice thing about standards| Periwinkle
(408)356-8506 |is there are so many to choose| 16345
Englewood Ave
www.pwpconsult.com |from. - Andrew Tanenbaum | Los Gatos,
CA 95032