Need a compelling argument to use Django instead of Rails

[Bruno Desthuilliers]

E.g. try to extends or redefine builtin Python classes on fly.

Ok, this is one of the few restrictions - builtin types. Yeah. Have
something more convincing ?

Ruby is so
flexible that it can be used to create Domain-specific Programming
Languages.

Yes, Ruby is not bad at *embedded* DSLs. Nor are Lisp and Python and
Smalltalk and a few others too. Now embedded DSLs all have the same
limitation: they are just a specialisation of an existing
general-purpose language - so you have to deal with the host language's
syntax. Care to write an external DSL in Ruby ?

 

[Jaroslaw Zabiello]

Ok, this is one of the few restrictions - builtin types. Yeah. Have
something more convincing ?

Nope. Python has similiar dynamic. Or.. maybe real closures.

Care to write an external DSL in Ruby ?

?

 

[Bruno Desthuilliers]

This should not be problem in real life. Look at Ruby on Rails. This is
excellent example of DSL in action.

As Ben Bangert notices, if Rail's a DSL, then so are a lot of Python
frameworks and librairies:
http://www.groovie.org/articles/2005/12/08/is-rails-a-dsl-what-is-a-dsl-and-is-it-possible-in-python

Rails uses customized Ruby to create
very friendly web framework. So there is no possible to create such simple
and friendly framework in other language than Ruby (and Smalltalk which has
the same feature)

May I suggest that you learn some Lisp dialect ?

Of course, I you like, you can freeze every object you want and nobody can
be able to open and change it. You can also trace all activity for changing
something to objects because Ruby has nice system hooks implemented.

__getattribute__ / __setattr__ / __delattr__

And of course import hooks.

Ruby
has nice security system (private, protected, public scopes for methods and
attributes,

This is not "security", this is data-hiding. And IIRC, Ruby's attributes
are always private - just like in Smalltalk FWIW.

objects freezing, system hooks). In past Python had Bastion
module (http://www.python.org/doc/lib/module-Bastion.html) but it was
rejected and now Python has nothing.

Seems like Zope is not doing so bad...

Java guys can favor Ruby also because
of its security.

s/security/orthodox object model/ IMHO.

Jaroslaw, don't take me wrong, I really think that Ruby is a really nice
language (while not as mature as Python when it comes to implementation
and libraries). But I'm afraid that all your arguments here are nothing
more than the usual Ruby/Rails hype.

 

[Bruno Desthuilliers]

Nope. Python has similiar dynamic. Or.. maybe real closures.




?

I mean : write a parser and interpreter for a DSL. In Ruby.

 

[Paul Rubin]

This is not "security", this is data-hiding. And IIRC, Ruby's attributes
are always private - just like in Smalltalk FWIW.

I don't know anything about Ruby, but if it's supposed to be like
Java, then it's real security. I'm not sure why a typical server side
app would care, though.

 

[Bruno Desthuilliers]

I don't know anything about Ruby, but if it's supposed to be like
Java, then it's real security.

Hopefully it's more secure than Java wrt/ attributes/methods access
restriction. IIRC, accessing a 'private' attribute thru reflection is
quite possible in Java.

I'm not sure why a typical server side
app would care, though.

Noticed this too ?-)

 

[Paul Rubin]

Hopefully it's more secure than Java wrt/ attributes/methods access
restriction. IIRC, accessing a 'private' attribute thru reflection is
quite possible in Java.

That's controlled by some flag you can set. Browser applet sandboxes
depend on the security and set the flag.

 

[Kay Schluehr]

At least for my case I will use IronPython for higher level task, and
perhaps calls libraries written in C# instead of the other way around,
plus you can leave your module as scripts anyway. If what you want from
C# is accessing Python's power then you can always host the IronPython
engine can't you?

Yes, it is a two-way scripting. But then you can also access the
CPython interpreter as a dll. Another promising approach is that of a
CLR backend for PyPy but it compiles only RPython directly and one
needs a separate interpreter for anything more advanced in Python.

O.K. Let me do a constructive suggestion here. In order to demonstrate
the usefullness of the Python + .NET bridge why not writing a nice
little application? I've once written a Python console using
CPython+Scintilla+PythonNet. It is still buggy but feature complete (
at least I implemented all requirements I had to make ). One can
replace PythonNet using IronPython and embedd the console in a little
IronPython application.

If you are interested in this stuff I would start reanimating my code.
You can mail me at (e-mail address removed)

 

[Jaroslaw Zabiello]

May I suggest that you learn some Lisp dialect ?

Nope. I hate Lisp syntax.

__getattribute__ / __setattr__ / __delattr__

This is not the same. Ruby can also lock access to attributes. Freezing is
different. It can freeze any object so you will not be able to add or
delete any method. Once freezed object cannot be unfrozen. So you can be
sure that nobody will change you classes if you do not like.

And of course import hooks.

Python?? Where?

This is not "security", this is data-hiding.

No. Data hiding are in Python. Ruby uses security similiar to Java. If the
class has method marked as private it cannot be used in children classes.

And IIRC, Ruby's attributes are always private

Yes and no. Yes, because you cannot read them directly without accessors.
And no, because you can read them if you set proper accessor.

Seems like Zope is not doing so bad...

Zope is only a great application. Invision Power Board or ezPublish are
also great application, but it does not mean that PHP is great language.

Python has no security at all. I has only convention and mangling. Of
course somebode can say, it is enough, and maybe it is. But I think, that
this might be another reason why Java guys prefer Ruby to Python.

 

[Jaroslaw Zabiello]

I mean : write a parser and interpreter for a DSL. In Ruby.

I see. Nope. I do not like code generators. In this sense every template
system is DSL. E.g. Smarty Templates for PHP. You can create "external DSL"
even in C or assembler. This is not the point. The point is Ruby is much
better suited to create internal DSL than Python or PHP.

 

[John J. Lee]

This objection strikes me as having the same
nature as, "Python's lack of strong protection for
class members puzzles (and worries) me".

No, it doesn't.

I didn't express myself clearly enough.

The Pythonic
answer to that objection is usually that this is a
feature: it lets people who know what they're doing
solve problems more easily than if they had to work
around a bunch of "helpful" protection.

Yes. Simplifying a bit: It is not considered a good thing to take
advantage of that. Rather, it is considered a good thing *to be able*
to take advantage of it.

In stark contrast, I'm told that some Ruby users claim that open
classes are a good thing for everyday cases, rather than as a last
resort with serious costs. Even for builtin types!! I don't know if
that's true, it's just what I've heard. Hmm, googled a bit and found
this:

http://www.artima.com/forums/flat.jsp?forum=123&thread=120400


That single datapoint seems to support what I've heard!

Classes are effectively open in Python, too, at least

[...]

Quite.


John

 

[Paul Boddie]

[Quoting JZ...]

No. Data hiding are in Python. Ruby uses security similiar to Java. If the
class has method marked as private it cannot be used in children classes.

Can you please stop using the term security in a vague way whilst
pointing the finger at Java? Sure, Python doesn't really have the
"security" you refer to, apart from elementary protection using
name-mangling (which is mostly good enough) for double-underscore
attributes, but mentioning "Java" and "security" in the same sentence
whilst only really referring to private/protected/public/final is
misleading: Java has an entire spectrum of security features that are
found neither in Python nor Ruby.

[...]

Python has no security at all. I has only convention and mangling. Of
course somebode can say, it is enough, and maybe it is. But I think, that
this might be another reason why Java guys prefer Ruby to Python.

Whatever "no security" means, and I ask you to choose your terminology
more carefully, both Ruby and Python have some way to go before
supporting most of Java's more useful security features. Certainly, the
Java guys can't be flocking to Ruby specifically because it lacks
bytecode verification and a fairly mature sandboxing mechanism.

Paul

 

[John J. Lee]

It has no meaning. Just use always () if you like. But sometimes it is

[...]

Well... has no meaning *in Ruby*, yes. You're begging the question!

(The implied question being "*Should* it have meaning?")

There is a reasonable argument for assigning different meanings to foo
and foo(), as I'm sure you know: regardless of syntax, there is a
distinction to be made between calling a function and referring to it
(e.g. to keep a reference to the function for later use as a
callback). I guess Ruby uses code blocks for that purpose? Seems
there are swings and roundabouts.

http://blog.ianbicking.org/ruby-python-power.html#ruby-blocks


John

 

[Ray]

No. Data hiding are in Python. Ruby uses security similiar to Java. If the
class has method marked as private it cannot be used in children classes.

Why are you calling this "security"? The enforcement of "private" is
not "security" in Java by a long shot. Trust me I know, been doing Java
since near its inception. By your definition of "security" C++ has
"security" too. But no, Java (real) security is very different from C++
and Ruby enforcement of private. It's a much bigger subject in its own
right.

 

[Bruno Desthuilliers]

Nope. I hate Lisp syntax.

This should not prevent you from learning it - at least, you'd then
avoid making dumb statements...

This is not the same. Ruby can also lock access to attributes.

Please re-read the doc for these methods.

Freezing is
different. It can freeze any object so you will not be able to add or
delete any method. Once freezed object cannot be unfrozen. So you can be
sure that nobody will change you classes if you do not like.




Python?? Where?

RTFM:
http://www.python.org/doc/2.3.5/lib/built-in-funcs.html

What about learning Python instead of repeating arguments from clueless
people ?

No. Data hiding are in Python.

Oh, yes ? Where, exactly ?

Ruby uses security similiar to Java. If the
class has method marked as private it cannot be used in children classes.

Python methods are attributes, so from a Python POV, this is still
data-hiding. But granted, I should have used "language-inforced access
restriction" instead. So let me rephrase:

This is not "security", this is language-inforced access restriction.

Yes and no. Yes, because you cannot read them directly without accessors.
And no, because you can read them if you set proper accessor.

Adding accessors doesn't make the attributes public.

Zope is only a great application.

Zope is a framework and an application server.

Invision Power Board or ezPublish are
also great application, but it does not mean that PHP is great language.

You can't say that Python is dumb when it comes to security and reject
an example of a Python framework that address the problem.

Python has no security at all. I has only convention and mangling.

Please define "security". I fail to see how language-inforced access
restriction (and mandatory declarative static typing etc) relates to
'security'. As far as I'm concerned, security is about protecting a
system from piracy, not about inflicting useless pain to programmers.

Of
course somebode can say, it is enough, and maybe it is. But I think, that
this might be another reason why Java guys prefer Ruby to Python.

Agreed - but this all boil down to Ruby having a more canonical object
model than Python.

 

[Bruno Desthuilliers]

I see. Nope. I do not like code generators.

I'm not talking about "code generators", I'm talking about implementing
a language with another language.

In this sense every template
system is DSL.
Indeed.

E.g. Smarty Templates for PHP. You can create "external DSL"
even in C or assembler.
Indeed.

This is not the point. The point is Ruby is much
better suited to create internal DSL than Python

Care to back your claim ? Or are you just parroting what you read from
some clueless guy more concerned with hype and buzz than with reality ?

or PHP.

Please compare what is comparable.

 

[Kay Schluehr]

Of course, I you like, you can freeze every object you want and nobody can
be able to open and change it. You can also trace all activity for changing
something to objects because Ruby has nice system hooks implemented. Ruby
has nice security system (private, protected, public scopes for methods and
attributes, objects freezing, system hooks).

Sounds good. I guess unlike Java you can't inspect and modify all those
data using reflection in Ruby?

 

[Kay Schluehr]

I mean : write a parser and interpreter for a DSL. In Ruby.

It is this kind of stuff Rubys talk about when they mention "DSLs in
Ruby":

http://www.artima.com/rubycs/articles/ruby_as_dsl.html

 

[Bruno Desthuilliers]

Bruno Desthuilliers wrote:




It is this kind of stuff Rubys talk about when they mention "DSLs in
Ruby":

http://www.artima.com/rubycs/articles/ruby_as_dsl.html

yes, I know - embedded DSLs.

FWIW, after a *quick* glance at this article, I haven't seen anything
that seemed undoable nor even difficult to do in Python - it all boils
down to reading an ini-like file and creating a stub source-tree from it.

 

[gregarican]

Please define "security". I fail to see how language-inforced access
restriction (and mandatory declarative static typing etc) relates to
'security'. As far as I'm concerned, security is about protecting a
system from piracy, not about inflicting useless pain to programmers.

I must agree here. When I am coding I appreciate ease of referencing
things above and beyond a language tying my hands behind my back
supposedly in the name of security. If I am savvy enough and know what
I am doing I can create classes, methods, etc. that implement an
effective security model in terms of encapsulation and hiding. But
there are times that I am creating something that I don't want boxed in
by the language enforcing all of this for me. It's like when people
dismiss PHP as a supposedly insecure language. It's more a problem of
too many newly initiated PHP developers not using techniques they
should be to create secure applications.