Comment by mjsweet
2 years ago
My partner is an Astrophysicist who relies on Gnu Emacs as her daily driver. Her work involves managing a treasure trove of legacy code written in a variety of languages like Fortran, Matlab, IDL, and IRAF. This code is essential for her data reduction pipelines, supporting instruments across observatories such as Keck 1 & 2, the AAT, Gemini, and more.
Each time she acquires a new Mac, she embarks on a week-long odyssey to set up her computing environment from scratch. It's not because she enjoys it; rather, it's a necessity because the built-in migration assistant just doesn't cut it for her specialised needs.
While she currently wields the power of an M1 Max MacBook Pro and runs on the Monterey operating system, she tends to stick with the pre-installed OS for the lifespan of her hardware, which often spans several years. In her case, this could be another 2-3 years or even more before she retires the machine or hands it over to a postdoc or student.
But why does she avoid the annual OS upgrades? It's simple. About a decade ago, every OS update would wreak havoc on her meticulously set-up environment. Paths would break, software would malfunction, and libraries that used to reside in one place mysteriously migrated to another. The headache and disruptions were just not worth it.
She decided to call it quits on annual OS upgrades roughly 7-8 years ago. While I've suggested Docker as a potential solution, it still requires her to take on the role of administrator and caretaker, which, in her busy world of astrophysical research, can be quite the distraction.
This is really weird thing to complain about.
When your partner builds her entire dev environment against a very specific version, packages etc. and then you expect it to just work next macOS Version? If you don't put any effort into using containers, vms or even just basic setup scripts then yeah this will not work out.
I've worked with a few physicists and they are scientists first and developers second. Which is okay, but will lead to janky setups that you cannot simply upgrade the OS under.
I want actual updates of my OS and don't want to be stuck forever on some specific version of openssh because some Astrophysicist decides to built her dev environment against it.
So either build a reproducible dev environment or don't complain that you cannot update without issues.
I am an academic mathematician, and I've noticed a huge culture difference between academia (at least in mathematics) and software development.
In the software world, it seems to be universally accepted that everything will change, all of the time, and one needs to keep up. If your dependencies break, it's your responsibility to update those too. Hence software "maintenance", which requires a lot of effort.
In my world, maintenance is not a concern. If I write a paper, then once it's done it's done. Academic papers, too, have dependencies: "By Theorem 3.4 of Jones and Smith [14], we can conclude that every quasiregular foozle is blahblah, and therefore..." You don't have to worry that Jones and Smith are going to rewrite their paper, change their definition of "quasiregular", or renumber everything.
Different cultures. Personally, I prefer my own.
I am a programmer with 22 years of practice and I stand with you.
The churn gets very tiring at one point and you begin to suspect that the people who impose it on you actually have no clue what they're doing and are taking the easy way out because they want to clock out for the week. Which I do understand but pretending that it's for the good of everyone is obviously bogus.
IMO all you scientist folks should work closely with a few programmers and sysadmins and have them author you tools to bring up and down various environments. It's easy and it's much more churn-proof than what we currently do.
I am still in the process of authoring a script to bring up my dev environment everywhere I go, I need to iron out a few kinks in the initial bootstrap (as in, OS and Linux-distro specific ways to install several critically important tools before installing everything else) and I'll just provision a few laptops at home and a VM in the cloud and be done with it.
It's annoying but ultimately a worth investment. Look into it and ask your dev friends.
> I am an academic mathematician, and I've noticed a huge culture difference between academia (at least in mathematics) and software development.
> In the software world, it seems to be universally accepted that everything will change, all of the time, and one needs to keep up. If your dependencies break, it's your responsibility to update those too. Hence software "maintenance", which requires a lot of effort.
> In my world, maintenance is not a concern. If I write a paper, then once it's done it's done. Academic papers, too, have dependencies: "By Theorem 3.4 of Jones and Smith [14], we can conclude that every quasiregular foozle is blahblah, and therefore..." You don't have to worry that Jones and Smith are going to rewrite their paper, change their definition of "quasiregular", or renumber everything.
> Different cultures. Personally, I prefer my own.
Those are the problem with SW developers: they don't have a concept of a finished product and (some of them) never finish the product.
1 reply →
I think this is somewhat unfair. Software doesn’t “require” maintenance anymore than anything else does. If you’re happy with the state of the world as it exists at the moment in time you create the software, it will continue to run that way for as long as you have working hardware to run it on. A compiled application on a computer with a frozen set of software is just as permanent as any academic paper.
The problem is most people aren’t happy with stuff being the same way forever. They want new things and new updates, and that requires changes which in turn creates maintenance.
Software maintenance is less comparable to a single academic paper than it is to the entire field of academia. Sure Freud's papers are all exactly as they were when he published, but if you want to be in the field of psychology you’re going to have a bad time if that’s the most recent version of your academic “software stack”
3 replies →
Formal mathematics is the ONLY aspect of human life where you can get something “right” and it doesnt change.
Supremely unrealistic expectation anywhere else
I think you missed the point of reproducibility. If a stack is maintained with the mindset of reproducibility, then it will do exactly what you said, that it will never change and always works and don’t need to be maintained.
If the software stack is reproducible, then you decouple that to the environment and hence upgrading the OS shouldn’t break it.
(That said it is very difficult to be 100% reproducible, eg your hardware can change from x64 to arm64… that’s why people are suggesting docker. I don’t like docker in the sense that it is a lazy approach to make things reproducible. But the guarantee there is very high.)
> Different cultures. Personally, I prefer my own.
For science, not really - what use is the GP's partner's data if it cannot be reproduced?
I know, I know ... scientists go ahead and publish non-reproducible studies anyway, but it's widely acknowledged as bad science.
For scientists, containers seem to be a much more important than just about anything else, especially for publications, because reproducibility is at the core of the work being done.
Hey I'm in the software world; you're describing the ignorant asshole software world.
> "This is really weird thing to complain about."
What made you think the OP's post was a complaint? It seems reasonable to defer upgrades if you know they're going to break things and create a lot of extra admin work when you'd rather just be getting your job done.
I feel the same pain myself. Major macOS upgrades typically always break things, either in my dev environment or just by introducing bugs or breaking/removing/changing some random OS feature that I like using.
Its usually only Xcode which forces me to upgrade, since at some point in each release cycle Apple starts requiring the latest macOS for the latest Xcode, which in turn is required if you want to target/deploy to the latest iOS. If it wasn't for that I'd prefer to stick to one major version for 2-3 years.
Unacceptable. Deferring updates is always absolutely unacceptable. Security updates must always be given absolute priority over all other concerns. If security isn't breaking your workflow then your security is not extensive enough, and if security isn't your absolute top priority then you are doing security wrong. On the defensive side you are either perfect in your compliance or you are penetrated. This is an invariant. TLDR if security isn't breaking your workflow then your security isn't secure and you are part of the problem. You should be thankful when security stops you from working because that means your security is working.
4 replies →
While I can see some minor issues with version upgrades, some software simply have breaking changes, but mostly I'm surprised when people manages to create environments that are really locked to a single OS version.
It used to happen on Windows quite a bit, through now fault of Microsoft. People for one reason or another sometimes see to go out of their way to ensure that their software is tied entirely to one specific version of one operating system.
We dealt with a customer who could upgrade a server, required to use newer TLS versions, but their custom software was pretty much locked to Windows Server 2008. They couldn't even build the software on something newer. I quite honestly don't know how people keep ending up in that situation. I don't think they do it on purpose, but the way they insist on working just makes things work out that way.
Tools exist to serve its user, and so long as a tool keeps working there's no reason to replace it. In real life this is how tools are. You own a screwdriver and you use it until one day it breaks, and then you go and buy a new screwdriver just like your old one.
This is fundamentally different from the nature of computer software, which can completely change in scope and function from one version to another and introduce changes that "break" something for no good reason as far as the user is concerned.
Imagine for a moment if you will: You use your screwdriver everyday, but one day the handle suddenly changes to something completely new and the shaft falls out because the handle uses a new way of fastening the shaft.
You are told by the manufacturer to come in and have it replaced with the newest model, or if they're not so gracious they tell you to come in and buy the newest model.
And for what reason? The screwdriver was working fine until yesterday. You hate this, because as just a simple user there's no good reason the screwdriver suddenly changed itself. Whether you get it replaced or buy a new one, you're wasting time and even money.
You then realize, one way or another, you can just tell your screwdriver that it cannot change without your assent. Ever. You want, perhaps need your screwdriver to work everyday, so you tell it to never change. The manufacturer keeps changing their screwdriver, but yours never changes and it keeps working.
One day though, the screwdriver finally breaks and you need a new one. So you go and buy a new screwdriver. Except it's completely different. And completely incompatible with the rest of your workshop, and all the tools inside which you likewise told to never change.
Why is the computer world so fucking shit?
6 replies →
There was a time when every macos upgrade broke VMware, guaranteed. I too am extremely conservative about OS upgrades. Why take the risk when there's almost no benefit? Let the early adopters iron out the bugs for you.
VMware is a highly complicated piece of software relying on a lot of internals of how macOS works. I think it's reasonable to expect that it won't "just work"
I don't say you have to update, but in time security updates will no longer come for your version of macOS and in addition to that you will won't even get new features, like in the new macOS Version the openssh version is newer and now almost fully supports yubikey ssh keys stuff like that.
2 replies →
> and then you expect it to just work next macOS Version?
Yes I do. I couldn’t give a s how much security stuff or how many developer issues update solves, backwards compatibility is king. The older I get, the more I am about this. I have million things to take in my life, I’ve paid 3k for this thing and you expect me to sysadmin it on top?
This is OK for OS stuff but what do you do when xcode upgrade breaks how your apps are linked. This is what happened this time with erlang which uses wx for some of the apps. Now the poor erlang team has to backport fixes for all old versions as well.
[dead]
You might suggest she write a MacPorts Portfile(s) (or the Homebrew equivalent) that describes the her setup. It is a distraction, but hopefully a one time distraction. It doesn’t have the overhead of running docker, gives her all the tools in well-known paths. IMHO (and as a fan), MacPorts has an advantage over HomeBrew by having all dependencies vendored so OS updates have less impact.
Edit to add, if you or her want help with this, I wouldn’t mind helping, reach out to my username at gmail.
> MacPorts has an advantage over HomeBrew by having all dependencies vendored so OS updates have less impact.
I use MacPorts, but be careful stating this. libc is unstable between major releases of Mac OS, and the recommendation from the MacPorts project itself is to reinstall *all* of your ports after an OS upgrade.[1] This is not a fun process if you don't delay updating until the build bots for the latest OS go online. Also note it is literally impossible to statically link libc in Mac OS applications.[2]
Realistically speaking, I think Nix is likely to be a better alternative to both MacPorts and Homebrew for setting up dev environments, since you will have a declarative file format rather than ad-hoc Tcl (or Ruby) scripts running a function for fetch, verify, configure, build, destroot, etc. The only reason I personally don't use Nix is because MacPorts has more or less just worked for me and I haven't had the motivation to learn how Nix really works.
[1] https://trac.macports.org/wiki/Migration
[2] https://developer.apple.com/library/archive/qa/qa1118/_index...
Nix is great in theory, but the user experience is unacceptably bad, especially for anyone who isn’t a software engineer.
While it does do an excellent job of reproducibility if the inputs are the same, I’ve found it to be prone to be breaking if you switch to newer versions.
Part of the reason that it’s painful to use is because while it’s marketed as “declarative”, in actuality it’s functional, which results in a lot of convoluted syntax to modify parameters for a package, which varies based on the language of the package.
There seems to be some awareness of the usability issues, but the changes have seemed both a step forward and backwards. For instance, you used to be able to use the “nix search” command to look up package names; now it’s gated behind some arcane syntax because it’s “experimental” and something to do with flakes. And flakes seems like it has the consequence of fragmenting the package repositories and making it impractical to improve the language.
I still have helper functions to wrap desktop applications that I had to set aside, because some upstream changes broke it and neither I nor anyone on the nix forums could figure out if there was even a way to include them in the “darwin” namespace with an overlay. My goal was to make it as easy as homebrew to add an app to nix’s repository.
Another evening I sat down to make a minor feature to a Python library and decided to use a nix environment. In theory, this should have been better than a virtualenv. In practice, there’s no in-tree support for specifying specific versions of Python libraries, and mach-nix had trouble with the dependencies, so I wound up just filing a bug report and gave up on the feature I was trying to implement.
On the plus side, NixOS finally has a graphic installer, but I don’t think that helps macOS.
I’m still hopeful that the community will decide to prioritize usability, but after spending an aggregate of months of time trying to get things to work and continually running into time-consuming roadblocks, it’s not something I would recommend lightly to someone who wants to be more productive.
19 replies →
> libc is unstable between major releases of Mac OS
Really? I thought Golang on macOS switched from direct syscalls to linking against libc, because the former is unstable but the latter is stable.
1 reply →
> This is not a fun process if you don't delay updating until the build bots for the latest OS go online
The Sonoma installer came out for MacPorts less than a week after the release IIRC. The migration is like 4-5 shell commands. One of them takes a while as everything recompiles but it’s not interactive.
Agreed. I switched from Homebrew to MacPorts a few years ago and couldn't be happier. I just delay upgrading macOS until MacPorts officially supports the latest OS (which often takes a bit longer than Homebrew).
NOTE: I briefly tried Gentoo Prefix, so I could use the same setup for both Linux and macOS, but that required quite a bit more time investment than I'm willing to deal with. I spent even less time trying out Nix, but the learning curve was steeper than I had the time for, so I gave up on it pretty quickly.
Cheers to this guy.
> dependencies vendored
did you mean versioned? if you really meant vendored, could you elaborate?
I don't know about brew, but MacPorts wasn't ready when Sonoma came out. So that's a bit of a bummer for early adopter types, or folks that need to develop their own app against beta macOS and depend on ports for their setup.
Vendoring means to bundle dependencies into a project directly (often this means copying source code and using/maintaining the copy) rather than from some other source (other packages, OS, package repo, etc). Here's an article from LWN that talks about it with a real world example: https://lwn.net/Articles/842319/
Early adopters can upgrade MacPorts before it officially supports the latest OS by building from source if they have the patience and are willing to debug any broken ports.
5 replies →
vendored just means copying the upstream code dependencies into your project.
Golang, where it is (or used to be) a common practice, even has special tooling for this, and dedicates the "vendor" directory to that.
Some unsolicited, anecdotal advice I hope will be appreciated -
After several years of perennial macOS environment hell (part of which was spent working in a much more research-oriented environment - e.g. lots of ancient HPC packages, etc.), I made the jump to just using Nix on macOS [0]. Takes a little bit of learning (realistically just a couple hours to get productive IME - just enough to get acquainted with nix-shell [1] and build some configs). After a few months, I had the thought to look at what I still used brew for and realized I could just move to Nix completely - and remove Brew. I back up all my nix configs to a git repo, just in case - and whenever I switch to a new machine, or "brick" my current one - I just reinstall nix, pull in my configs, and I'm good to go - takes 5 minutes (a conservative estimate tbh). The only caveat is to just check the community [2] before upgrading to the next macOS version to make sure any issues have been ironed out. In the early days of macOS support, it was a bit finnicky between updates - I haven't had any issues for the last couple years that weren't my fault (for example, booting into recovery mode and accidentally deleting the nix store APFS volume - even then, all I had to do was reinstall nix and pull my configs).
It is so nice to just "declare" I want to use and just...use it. Want to try out ripgrep for something? `nix-shell -p ripgrep` Not what you want? just exit the shell. Too much unused crap taking up space in your Nix store? `nix-collect-garbage`.
There's even darwin-nix [3] as a sort-of "nixos-for-macos" - I started using it recently, mostly for managing macOS settings declaratively, and it's great - but honestly 99% of the usefulness I get on macOS from Nix is just using the package manager!
[0] https://nixos.org/download#nix-install-macos [1] https://nix.dev/tutorials/first-steps/declarative-shell [2] https://nixos.org/community/ [3] https://github.com/LnL7/nix-darwin
I have the same exact recommendation. My work laptop was stolen and setting back everything was a matter of 10 mins. I have a custom emacs configuration, templated with nix, that only calls stuff from nix store, that I’m pretty much confident that I nothing will break as long as nix works.
Btw, I still use hombrew for some stuff I’m too lazy to create derivations, but I use nix-darwin homebrew module to also manage it with nix. The shitty part is that I must install homebrew. I think that can also be automated with a simple activation script, but I’m too lazy and it’s not something I do more than once on the machine.
Hey, I have a pretty extensive Emacs configuration [1] on my Macbook using Nix, nix-darwin, and the Nix community Emacs overlay. It's been stable across multiple OS updates, and if minor stuff breaks 99% of the time an issue is already open as it's broken for everyone. Really, Nix is pretty awesome for the dev environment use case; bore yourself through the syntax and be rewarded with an easily reproducible system.
[1] https://github.com/dustinlyons/nixos-config
There are a few cases where Nix itself can break on macOS upgrades, but the recently released Survival Mode installer should mitigate that.
https://determinate.systems/posts/nix-survival-mode-on-macos
When you’re using nix-darwin the configuration hardly ever breaks and when it does you just run darwin-rebuild and everything works again
Yeah, this is basically the perfect use case for nixpkgs. You can make sure the same versions are built every time and get configured exactly the same. Then home-manager can deal with the extra config files. No reliance on the system tools anymore beyond the core libraries and you're not bound by the brew update cadence either.
Came here to say the same thing. Nix can even configure Emacs with all packages, so that everything is static, deterministic, and reproducible. I am actually looking forward to the possibility of running NixOS on MacBooks.
Couple of things here:
- late adoption is a synonym to remain production ready. We used to have a badge in the internal system of Amazon called late adopter because most of the staff who run the amzn infra did not want to upgrade anything unless there was a must (mostly security fixes)
- setting up such environments by hand is a time wasting error prone excercise. Automation is a must. I keep an Ansible repo only for the environment I need to maintain.
- using MacOS for Fortran, Matlab etc might not be the most efficient. For problematic software I usually run a virtualized Linux instance that can be snapshotted and transferred to other devices so it is super easy to replicate a complicated environment
- Docker might not cut it, we live in an era when a fully virtualized instance boots up in 3 seconds on a M1 Mac so you might as well just use a full OS instead of a container
Btw. it is a shame that software development is like this. The lack of 1.0 mindset and the continuous "improvements" that are quite often regressions and UX degradations are really annoying and mostly unnecessary. There are tiny improvements between the last 3 major OS versions from Apple.
I could not care less about new notifications (that I immediately disable after installing the new MacOS) and such features and I care deeply about being able to run my usual tools as they were running in the previous version.
>- Docker might not cut it, we live in an era when a fully virtualized instance boots up in 3 seconds on a M1 Mac so you might as well just use a full OS instead of a container
This sounds like FUD to me, but then again you can't use docker with out a VM on OSX any way.
Not sure which part is FUD. I use Docker since 2014, still has the little lego guy from the first conference and that sentence contains the word might, but ok.
1 reply →
Setting apart the collection of specific, idiosyncratic application stacks in question here, it is frustrating to see how badly computer users are being served by the commercial operating systems. I expected APPL and MSFT to make more progress in software usability in general.
We are now in an age that I call "Abusability": How much can we insult and mistreat the customer with our unfriendly software? ^_^
> I've suggested Docker as a potential solution
I recommend Podman instead because it is compatible with Docker containers but does not require root privilege.[1]
> it still requires her to take on the role of administrator and caretaker, which, in her busy world of astrophysical research, can be quite the distraction
. . . And yet
> she embarks on a week-long odyssey to set up her computing environment from scratch
She is already a sysadmin. But multiply the number of machines to maintain by a factor of 1000 for an initial model of a sysadmin's real workload.
= = =
[1] _ https://podman.io/
Maybe macOS is not the optimal platform for this kind of work (anymore).
I’ve relegated my Mac usage to simple web browsing and stuff like that.
Wouldn't it be simpler to just have a 'Nix running in a VMWare Fusion? Why go through this pain?
I am on a Mac, but my work is done on a Mint.
Native on apple silicon can be magical. I remember Jupyter being awesome once I found the goat to sacrifice to get it to install a few years back.
If it's already a massive house of cards, setting that all up all over again might be a nightmare.
Just run orbstack. Gives you nix or Debian. Or use a persistent docker.
I’ve found the Migration Assistant to be solid—almost fanatical—for persisting custom settings. Most recently, it carried over my non-standard OpenSSH + config with resident key support, GPG config, and a couple of other things without a hitch. I even found a few config files from 2007 and a same-era Safari SIMBL extension that probably stopped working in Snow Leopard, all faithfully migrated across five different machines and a dozen operating systems.
I’m curious what doesn’t work for her.
You know, it's probably not migration assistant. I would say it's a major OS upgrade and gets tarred with the same brush. I personally have found it to be fantastic for upgrading to new hardware.
The state of laptop and desktop computing is abysmal. I use Ubuntu as a daily driver for desktop and macOS for my laptop, but all three major OSes, including Windows, have many issues.
Gnome is relatively stable but not foolproof, there are strange behaviors like file picker previews not working. There are services running in the background that do who knows what. I have built a custom distribution using build root, I will be attempting to use that as my daily driver.
It might not be up to her requirements, but an Ansible playbook may help. It's what we use to set up new MacBooks and only runs in localhost mode.
Ansible is fairly quick to learn, and can control homebrew so it's able to install a lot of stuff.
If you're interested, ping me and I can share some snippets. Also I bet you'll get a reply from someone evangelizing Nix ;)
EDIT: Oh, and git repo with dot files is very useful. As is homebrew bundle, which installs a list generated from a different host.
EDIT 2: oh also I just moved MacBooks last week, so a lot of this fresh in my head right now. Including cargo/rust, VSCode profiles, brew bundle, ublock origin config, backups of .envrc files, etc etc ad infinitum. My Emacs config was actually about the easiest bit to move!
This sounds like a lot more work then a few extra button clicks?
Indeed, but when the alternative is missing critical security updates for years at a time one only needs to be bitten once to understand the value.
3 replies →
Less work than a week of manually doing it.
The way Russians put it, "The hedgehogs cried as they prickled their skins but continued shagging the cactus".
had to look that one up:
https://www.reddit.com/r/russian/comments/32x2ml/what_does_м...
Yep that's the kids version about mice eating the cactus.
>Each time she acquires a new Mac, she embarks on a week-long odyssey to set up her computing environment from scratch. It's not because she enjoys it; rather, it's a necessity because the built-in migration assistant just doesn't cut it for her specialised needs.
She could use a bash or zsh script, with instructions to get the apps she wants. Brew allows installing most open source apps + MAS apps you've bought + third party proprietary apps. E.g.:
(She could save those in a brew dump file from the earlier machine too and re-play it).
then she could hookup up some external disk (or use some cloud storage) and sync any settings files she has customized (.zshrc, and so on) and rsync any stuff, build some folder structure she has, etc, and copy over settings for third party apps.
With "defaults write" commands she can then set a lof of Mac preferences that she'd normally have to change on the Settings page or individual Apple apps, e.g.:
A new system would just need some small time to run the script to get to taste. I've been using that for years and it works great.
When I was maintaining a setup script using brew a few years ago, it seemed to regularly break due to brew changing how to pin versions or something else. I just gave up and switched to Linux. Maybe brew is more stable these days.
Maybe. I never pin specific versions, because for my use case (local utilities and apps) I don't care. So this is for basic system setup.
For reproducible stuff I use docker, vms, etc with pinned versions. And for sciency stuff she'll be having something similar, or at least conda and such.
Part of your story involves the point os update release where apple just straight up removed system python.
that would have been a nightmare
Not really - if you were using python heavily you would not be using Apple python but installed from python.org or Anaconda or a package manager to control what version is in use
Also Apple did give an OS release or two warning I think.
It sounds like her use case is a good candidate for containerising the data reduction pipelines. If she can get the cruft to run in a container (or a few perhaps), she has instant access to get them running on a new computer as long as Emacs is "just" the frontend.
Stuff like Emacs is the easiest to set up. I've had my emacs config in git for years like most people. I've installed it on many different systems over the years. I also have all my dotfiles in another repo.
She should really just switch to GNU/Linux, though. So much easier.
this is the advice I've been hearing more often than not. I've been Linux and Windows for most of my career, and only strayed into Mac a few times in the last 5 years. Without fail, _every_ Mac I've owned has needed support involvement on an OS upgrade.
when I've told people that, what I hear is "you're not supposed to update the OS on a Mac, stick with the one it shipped with and never make the major OS update as those are for newer hardware".
to me that seems illogical, wrong, worse than Windows... and yet as an observer to comments like the parent and seeing colleagues get bitten by issues, it appears to be true... the happy path with Mac OS is to never upgrade the major version
The happy path with macOS is to only use hardware and apps made by Apple, I think that’s the problem.
If you stick to that, upgrades are usually pretty safe.
This very topic is about broken grep made (or at least patched) by Apple.
1 reply →
I am not sure how to handle this post, I guess that's the same for RHEL or LTSes, if you upgrade major OSes you might break things, stay on current versions in order to stay safe, should we freeze software because astrophysicists are too busy?
A rolling Linux distro would introduce minor, easy-to-address changes every now and then. This may be less pain overall (much like making many small pull requests vs one giant rewrite).
Disclaimer: I'm running a rolling-release distro (Void) since 2016, and has gone through 5 machines with it, usually with near-zero setup after a move.
I also am on linux rolling, I use gentoo on desktop and arch on laptop, I update, things break, it's my fault, but would use the same approach for major non-rolling OSes updates, the point was not the amount of breakage, it's the breakage principle in itself, I am not sure why OP was blaming maintainer for breakage of major OS updates?
>This may be less pain overall (much like making many small pull requests vs one giant rewrite).
Just shows how different people are in their approaches to dependencies... I can't imagine working like that, the idea that everything I'm using could break at any moment. I'd rather deal with those (possibly larger in number at one time) set of changes at fixed upgrade intervals, in exchange for having a stable system.
2 replies →
I don’t understand why they can’t suitably migrate things so they don’t break. They have kernel access to the system. It should be trivial to move whatever around that needs to be moved to carry on functionality.
I suspect it’s because they actually don’t know _what_ will break with what they change.
I think either of us misunderstood, I understood that the wife wanted the update to don’t trigger any changes to their existing tools, you said that it should be trivial to move stuff around, implying that some change would be needed, that is according to what i got, the point OP was complaining about? I agree with you anyway, at least mostly, should be trivial or not, I wonder how many people have a look at changelogs before updating and then go to blogs to complain, I dont use osx as a linux user, when i see something of interest in update packages i go to check the changelogs to make sure its smooth and almost never anything happen, so I don’t have much to complain
With the difference that major LTS upgrades happen much less frequently than major macOS upgrades.
Nix-darwin seems like a solution worth looking into for this.
Ideally she would have the dependencies written down. How else are people supposed to replicate her work?
Nobody replicates work in these fields in that way.
Most of the time people just don’t replicate work, full stop. In the rare instances that they do, replicating the analysis from scratch is the whole point. Running the same script and getting the same result is not interesting.
While the macOS updates itself work quite well for me, e.g. I also didn't mind the 64 bit-only that much, anything relying on XCode command line tools is quite a pain. First I need to fight through the inconsistent warnings that the version is out-of-date/not installed and eventually find a Stackoverflow post which describes how to fix that. Afterwards a few other fixes are needed. I worked around it by relying more on Homebrew (which needs the occasional symlink fix) and limiting the number of tools I build myself. Still quite frustrating, I'll definitely switch back to Linux once my laptop won't get anymore security updates.
I realize Nix is also an option but the user land version is much more rudimentary than NixOS' - which already requires expert level knowledge of the package management for everyday chores.
To all who suggest nix or docker or whatever. Please consider that it should not be necessary in the first place. 20 years ago Apple advertised its laptops as "real Unix on your laptop" which rightly appealed to a lot of scientists
It is fair from the user to expect some stability here.
And it delivered - it is a real, as in "certified" unix. You are making here some assumptions about rate of updates, innovation and disruptions which have nothing to do with being a unix or unix-like and were never promised by apple as such.
I've done scientific work on a mac, and it was fine, now I am doing SWE work on a mac and it is fine, too. Such fragile setups would not survive most linux distro updates, the only advantage is that you could find a distro with a very low rate of innovation and thus a very long support window and call it day. But it is, obviously, not a viable choice for apple.
> But it is, obviously, not a viable choice for apple.
It's not obvious to me. Apple used to release 1 version of MacOS every 1.5-2.5 years[1]. Now it releases 1 every 11 months. And it's not like the recent versions have some groundbreaking innovations in them. Nobody cares about MacOS upgrades outside of worrying about breakage, or getting a recent enough XCode to target newer iPhones.
[1]: <https://en.wikipedia.org/wiki/MacOS_version_history#Releases>
3 replies →
I have slowly moved to macos as my "front end" to all the other machines.
I, too, decided to skip on macOS upgrades for the lifespan of the hardware. But I tend to buy a Mac every 2-3 years so it's just a few skips.
She looks to be the perfect candidate for RedHat Enterprise Linux instead.
You mean Rocky Linux, no?
It depends what she wants. If she wants to be able to open a ticket and have knowledgeable people answering I would say RedHat is a good candidate. If she just want stability maybe she can get away with Almalinux or Rocky but it is still to be tested how they will manage long term support vs stability.
No, better use the real thing
> she tends to stick with the pre-installed OS
That's not a great idea security-wise. Apple has formally committed to only updating the latest major version for security fixes. Of course, they have backported some fixes, but even in early 2023 those backports were highly delayed and incomplete.
If you're talking 7-8 years (and the hardware is certainly good for that long) of still using the OS as shipped, I feel like that is a mistake. The most painful updates are when they do the very large refactors, like Mojave->Catalina, then Catalina->Bug Sir. I am guessing whatever comes after Sonoma will be a biggie also.
I am still on Catalina for my media server. I don't dare update it. But it's not connected to Internet.
> That's not a great idea security-wise.
Unfortunately, a computer that doesn't do whatever you need it to do is useless, regardless of how "secure" it is.
This.
I personally like (older, 2010-2015) Apple hardware because it's sturdy, looks pretty nice, generally holds up over time, their touchpads and keyboards are the best I've found on laptops, shopping for new-to-me hardware is easy (and cheap) because of the limited model range and everymac.com, etc. Unfortunately the repairability went down for a good while, and build quality took a nosedive with the butterfly keyboards etc. The Apple Silicon machines seem nice, but there's even less upgrade possibilities than my 2014 MacBook Air, that at least has replaceable storage. How well they will hold up over time (decade-plus) is unknown still.
Catalina is about the newest OS any of my Macs will run. Still using Mojave, however, since I want to keep using my old paid-for (no scammy SaaS, which neither want or can afford) copy of Adobe CS3, which needs Carbon. Even by Mojave, it seems to me Apple had been locking the OS down and nerfing the Unix features way past the point of diminishing returns and into decline. It seems to only have gotten way worse since then.
So all in all, living with an "insecure" operating system seems like the lesser evil. I use an up to date browser (although it's only a matter of time before those are no longer available, I guess), browse from behind a Firewall + NAT if possible, make regular backups and keep an eye out for suspicious looking processes or ones using a lot of CPU or battery. The risks/drawbacks honestly seem pretty theoretical compared to the very practical drawbacks of trying to stay current. And I'm not even counting the monetary outlay of trying to stay current.
"Bug Sir" is such a great typo.
edit: Forgot that in addition to Adobe CS3 I also have a copy of MS Office 2011, that I found boxed at a flea market for the price of one month of o365 or something.
>Catalina->Bug Sir
Was that intentional or freudian?
Just use Nix.
I have my entire Mac setup in a single set of declarative files, including custom compile of Emacs ans all of my config.
It takes maybe 20 minutes to have a new Mac up and running. 10 if on fast internet.
I have a Settings folder for this. It includes a Brewfile and a lot of other configs. It cut down that setup time to under a day
Sounds like Apple is cribbing from the Debian playbook.
[flagged]
[flagged]
Thinking of a mac as a fashionable media consumption device in this day and age seems odd to me. Maybe before the switch to arm, because honestly their intel devices were middling. But between the apple flavor of arm processor and amount of RAM (especially with the M3) these devices are serious work horses.
I used to daily drive a linux machine on a Thinkpad, and the experience just doesn't really compete imo, it would be hard to get me to switch back. It's not that it's a bad experience on a linux machine in the year 2023, but it's not without annoyances that add up over time that I just don't experience on mac.
I think it's even more so now that they've switched to a CPU and proprietary platform architecture that's widely used in media consumption devices --- i.e. smartphones and tablets. IMHO when they were basically PCs with some small differences, they could be considered serious business computers; but now they're just oversized smartphones.
For the record, the Dilbert comic[0] whence "here's a nickel, kid" mentions Unix, not Linux. macOS is a certified Unix.
Accordingly, Macs c/o Unix have been used to perform real work for decades.
Even so Don Norman, Apple Fellow, wrote the forward to the Unix Hater's Handbook. I say this to say there's serious thought behind Apple's OSes _pre-Unix_ and criticism of Unix. (See e.g. John Siracusa's encomia to the spatial Finder).
[0] https://i.imgur.com/z96dZ0x.jpg
> macOS is a certified Unix.
So's z/OS, whereas FreeBSD isn't.
Also, there are Linux distros that are certified Unixes: Inspur K-UX, for example.
> Unix Hater's Handbook
Ah, yes, the "our favorite proprietary system was killed by Open Systems and we're Big Mad about it" book.