Comment by pdimitar

1 day ago

I invite you to ask on ElixirForum. I have never seen a truly hostile response.

Sometimes posts don't get traction due to ambiguity, and some smelled like "do my homework" so people ignored them.

But every post with a genuine curiosity in it gets answered, as far as I can tell.

10 comments

pdimitar

Reply
sevenzero  1 day ago

Yea I've posted there twice as far as I remember. You will absolutely get help, whether you understand the answers is a whole different story.

Elixirs community is great. Its just hard to learn because it's not yet widely adopted, there are no (non senior) roles for it and it's a lot of work understanding all the BEAM concepts. A thing just being interesting isn't enough motivation for me to learn, I need a bigger goal but with Elixir there do not seem to be any.

My last experience with it was building something with Phoenix Liveview until I noticed how easily you can hijack the websocket and just spam random commands to your server or temper with payloads (with regular webapps ive built i never had this issue). Which made me quit that project.

  • pdimitar  1 day ago

    Fair. If you have this friction then it's not worth pursuing.

    One thing that really helped me pick it up was saying YOLO and rewriting one part of the business stack from Ruby on Rails to Elixir. It taught me quickly and well.

    The official guides are also great and IMO you can get through them all without a rush in two weekends. But again, if you don't want to then don't.

    You can also try asking right here in this HN thread. Maybe I or others would be willing to give you a more detailed response.

    • sevenzero  1 day ago

      When building I couldn't get "what if I have ghost processes", "what if I spawn too many processes", "what if this architecture is bad compared to...", "when to kill processes", "whats the correct restart strategy for this" out of my head... It's so confusing to build for the BEAM that I ultimately gave up on it.

      4 replies →

  • arcanemachiner  1 day ago

    I haven't dug into this for a while, bit you should be able to define a catch-all event to return a respond to non-compliant requests . It should be built-in to some degree IMO, but I think it's not an unsolved problem.

    • sevenzero  1 day ago

      This will not work if a attacker guesses a function signature correctly as the catch all block usually is at the bottom of the module. If you use atoms in the function signature, attackers can just guess them, even if you never intended that function to be reachable from frontend code.

      That being said, I am not forced to use liveview, its just that most ressources nowadays use it.

  • ch4s3  1 day ago

    > whether you understand the answers is a whole different story.

    You can always ask follow up questions for clarification, people there are generally really friendly.