My argument is that even a name like awk is much more relevant to the people who used this software back then, of course it was not the best way to name it, but at least it held some meaning to it. Unlike modern software, awk and others were not written with the consideration of a wide user-base in mind. Regarding whether we "lost the plot" or not, I believe that we did, because as mentioned, in the 80s there was a current of people who named software conventionally, and up to the 2010s, the names still used to hold some rational even when word-played or combined with cutey names.

> It sounds more like this person just had a personal vendetta against cute sounding names, not against the names being uselessly non-descriptive.

Not at all, I find it quite fun, just unprofessional.

--

Sent by replying to an automated RSS email, via msmtp (light SMTP client, which is unlike firefox, not a consumer product and its name has to do with its function).

I don't personally get it. I can see the argument for names that are descriptive, because a descriptive name might be useful. Meanwhile though, a name like awk is only useful if you already happen to know what it stands for, which to me seems a little silly. Relevant? Maybe... But to what end?

> Not at all, I find it quite fun, just unprofessional.

Why do you consider it "unprofessional"? This seems like a cultural thing. For example, in Japan, it seems like it is not unusual to see cute illustrations in otherwise professional contexts. I am not sure there is a standard for professionalism that is actually universal.

Disregarding that, okay, fine: let's say that naming software after irrelevant things is unprofessional. Why should we care?

Software developers have spent at least the past couple decades bucking trends. We went to work at white collar offices wearing khakis and t-shirts, with laptops decked out in stickers. Now I'm not saying this is all software developers, but it is certainly enough that it is a considerably recognizable part of the culture.

Professionalism, in my eyes, is descriptive, not prescriptive. If professional software engineers normally name things with cute nonsense names, then that is professional for our industry.

I can see the usefulness in descriptive names because they serve a purpose, but names that are merely somehow relevant but otherwise don't tell you anything useful seem just as useless as non-sense names, and justifying the distinction with "professionalism" feels odd.

> Sent by replying to an automated RSS email, via msmtp (light SMTP client, which is unlike firefox, not a consumer product and its name has to do with its function).

Note how this also neatly works as a strong argument against descriptive names. RSS? msmtp? We're now drowning in acronyms and initialisms. I don't particularly have anything against these names (I mean, I use msmtp and the name certainly doesn't bother me) but the utility of the name RSS is quite limited and the vast majority of people probably don't really know what it stands for (to my memory it is Really Simple Syndication, but it may as well be just about anything else, since that doesn't help me understand what it is truly useful for.)

But you do hit on an interesting point that probably helps explain to some degree what's going on here: even for small CLI utilities, more often than not programmers doing open source are actually bothering to work on the marketing and deployment of their software. When I was younger a lot of open source was still more decentralized, with many programmers just dropping tarballs periodically and Linux distros (and others) taking care of delivering the software to users in a usable form. Part of trying to deliver a holistic product is having a memorable name.

msmtp may not be developed as a product, but in practice, almost all software is like a product. Someone is a "consumer" of it. (Even if that person is also a producer of it.) People get "sold" on it. (Even if it's free.) How it's marketed definitely depends on the sensibilities of the developers and the target audience but I'd argue almost all software is "marketed" in some form even if it is non-commercial and not packaged like a product. (Even something like GNU's landing pages for things like Coreutils is arguably a very, very light bit of marketing)

The actual truth is software programs that have more care put into marketing are arguably more professional. The professionalism of having a "relevant" name is rather superficial in my eyes, but having concise "marketing" that "sells" your software well to its intended audience and provides good resources for users is professionalism that makes a difference. Likewise, plenty of things delivered more like products do have relevant names! For example, KeePass and SyncThing come to mind immediately.

So whether the next great email server suite is "SMTPMailSuite" or "Stalwart" is mostly immaterial, but I'm not surprised when marketing-concious developers choose memorable names. (Obviously in case of Stalwart, there's a company behind it, so having good marketing is absolutely in their best interest.)

Another downside of a descriptive name is that software evolves over time and a name that is too descriptive could stop being relevant eventually. Off the top of my head it's hard to think of a specific example, but you can see software that evolves this way all the time. (One example on the Linux desktop is how KWin went from being an X11 Window manager to a full-blown display server compositor during the Wayland transition; but that name obviously still works just fine.)

Boaty McBoatface? officials overrode the vote to name it after David Attenborough. The actual research submarine got the joke name. Again, this proves my point.

Fat Gary was an internal chip designation that never needed to be public-facing. Perfectly fine.

"Names are only for distinct identification" if efficiency was not at a question. Why use worse identifiers when better ones cost the same?

In Pharmaceuticals, Doctors prescribe "sildenafil," not "Viagra." The generic name describes chemical structure. Brand names are marketing for consumers, not professional nomenclature.

Mythology in chemistry/astronomy has centuries of legacy and connects to human cultural history. Calling an element "Titanium" after Titans carries weight. Calling a SQL replicator "Marmot" connects to... what, exactly? A weekend at the zoo?

But in any case, this isn't the real travesty with these names. It's that they're reusing existing common words. The article hates on "google" when actually it's a fantastic name - if you googled it when it was introduced, all the results were about what you wanted. By comparison, Alphabet is an awful name, because if you search for Alphabet only a tiny subset of the results are going to be useful to you.

Medical and chemical terminology is built on the history of latinate terms and compounds whose simples follow the same pattern. Latinate terms, I might add, which reference mythical, fantastical, or unusual things. Consider the planet Mercury, for example. The only difference? The centuries of time it took for scientific evolution to turn these unique names into a taxonomical language with its own logic.

There is no such taxonomy for computer science. But in the course of the evolution of such a taxonomy, it will be built out of the mess of names like the ones we like to use for our programs and tools like Rust, Ocaml (notice combination of interesting and technical), git, npm, bun, ada, scipy, etc etc.

Depends on the location, I guess. I've had doctors prescribe trade names, which I don't understand if there are alternatives with the same dosage, route of administration and similar inactive ingredients. Not even talking about the "do not substitute" prescriptions which are also based on dubious information most of the time.

As for "sildenafil" - I don't think generic names are usually meaningful. Usually the suffix relates to the category of the drug, but the first letters seem as random as the letters in trade names. I could imagine a world where the generic name is viagrafil and the trade name is Silden.

This is like having the first tool of a particular type come along and call itself ‘Mosaic’ and then someone makes another tool of the same kind and calls it ‘Mozilla’.

I actually stated this on the post, but let me reiterate, I think that naming things in somehow fun way is totally okay as long as it stays relevant to what the tool actually does (you can have this achieved by play wording suffixes (Mongo"DB", Open"SSL", Ma"git" are good examples, all are better than elephant, dog, and beaver).

Indeed. This helps me know that I'm using a database more modern than Ingres. I chose not to use Oracle or SQL Server because they might have predated Ingres.

Just one question: what's Ingres, and why do I care about it? Of course, I don't, which makes Postgres no more useful of a name than "fluffnutz" or "hooxup". That said, over time, I've come to like the name Postgres.

(At least that's how I remember it as I was "why name a language like that when you know it won't be searchable")

https://en.wikipedia.org/wiki/PostgreSQL

My point is that almost everyone refers to it as Postgres, because they do not actually value the descriptiveness of "PostgreSQL".

Also because the original name was, just, "Postgres". Stylized as POSTGRES.

PostgreSQL is an awful neologism (OK it's been around for a while now), and I honestly thought that they had decided to switch back to the original, and clearly superior, name. :) I recall it being under discussion several years back, and I am surprised it did not happen.

Namespacing, sure. But is "We use gh:someguy/openai/llm-streaming-client to talk to the backend" (x50 similarly cumbersome names in any architecture discussion) really better than "We use Pegasus as our LLM streaming client"?

"Which one?! There are seven popular projects with this exact name on GitHub that have >100K stars; which particular one do you use?"

This is one of those classic examples where things you've already learned are "obvious and intuitive" and new things are "opaque and indistinct".

We can go back and forth with specific examples all day: cat, ls, grep, etc are all famously inscrutable, power shell tried to name everything with a self-documenting name and the results are impossible to memorize. "llm-stream" tells me absolutely nothing without context and if it had context, pegasus would be equally understandable.

How did they pass by "IngresSequel"?

Idk, renaming things that shipped is a PITA.

Say you wanted to rename `fish` to `a-decent-shell`. - Packages in all distros would need to be renamed. - Configuration for all systems using/having fish would need to change. - Scripts would need to change, from the shebang to the contents if necessary. - Users would need to understand that they now need to search documentation using the new name. - Documentation would need to be migrated to new domains, sed-replaced, and reviewed.

All this migration would require some synchronized, multi-step process across multiple distros and deployments.

I'd rather have a name that works as an Id.

You just made my argument. Renaming is hard precisely because you shipped with the wrong name. That's why you should get it right from the start.

Every cost you listed [distro packages, configs, scripts, docs, domain] exists whether you rename to something descriptive OR another random word. The migration pain is identical. "Fish" → "decent-shell" costs the same as "fish" → "zephyr." My argument was that this renaming won't be necessary if you started by picking up the proper name at the first place, and it's very unlikely to have the need to rename it. We shouldn't be optimizing to avoid renaming. That's trading a rare maintenance event for permanent cognitive overhead.

No, it's just because the goddamn string Id appears in way too many places and you can't sed-replace the entire world at once. It doesn't matter if the string was cute, fancy, or you found it to be a good name.

> you should get it right from the start.

This is also optimizing for not renaming, just in a different way; also, you just said renaming was cheap, so which is it?

2. You complain about commit hashes while simultaneously noting that tags can be deleted and recreated. Hashes are precisely the solution to mutable tags. The "short hash" concern is a red herring; Git uses sufficient entropy that collisions are not a practical concern for dependency resolution.

As for "secure package distribution," go.sum files verify files verify consistent downloads. What additional security do you believe centralized registries provide?

3. Can you provide a concrete example of an ambiguous import you've encountered? I'm not familiar enough with Go to understand this criticism.

Exactly. This 'social phenomenon' should have been taken into account when designing a packaging system so that the language's ecosystem does not end up entirely dependent on Microsoft due to 'social reasons'.

> The go.mod file you linked references ~14 different Git hosts

Of which the non-github ones account to what... 15% of the deps in the file?

> You complain about commit hashes while simultaneously noting that tags can be deleted and recreated

Yes. Not using versions (semver) is a bad call, and having people be able to mutate the code of a version is a very bad call. Once a version has been tagged, the only viable choice must be to pull that version and push a new higher version.

> As for "secure package distribution," go.sum files verify files verify consistent downloads

Based on git's hash.

> Git uses sufficient entropy that collisions are not a practical concern

Unless crafted by an adversary? Git's sha1 hashes are not a security tool and must not be used in place of code signing.

They are also not good for versioning, as you can't deduce whether a commit introduces breaking changes. Rubygems has the ability to reference git repos. It's always a pain to update these compared to other semver deps -- you have to go to github and do a comparison between the old and new hashes to try and deduce whether bumping this will break you.

> Can you provide a concrete example of an ambiguous import you've encountered

See end of linked go.mod

> This 'social phenomenon' should have been taken into account when designing a packaging system

I'm unsure how this would be accomplished in practice without banning certain Git hosts, which seems untenable. Even Maven/Gradle ecosystems concentrate around a few major repositories (Maven Central, JCenter historically). This appears to be an inherent social dynamic rather than a solvable design problem.

> Of which the non-github ones account to what... 15% of the deps

Same question: what's the solution? Developers publish where it's easiest and most popular, creating a positive feedback loop. I don't see how package system design can prevent this.

> Not using versions (semver) is a bad call, and having people be able to mutate the code of a version is a very bad call

Agreed on both counts. However, how do we enforce immutability beyond operational controls? Even systems with "immutable" version policies ultimately rely on the registry operator honouring that policy. The only technical guarantee would be embedding content hashes alongside version numbers (which is effectively what go.sum does, albeit awkwardly).

Sidebar: how should we handle vulnerable versions? Allow pulling with warnings, or remove them entirely?

> Git's sha1 hashes are not a security tool and must not be used in place of code signing

Fair point. I was under the impression that Git had moved to SHA-256, but it seems there's no practical way to use it yet. While Git moved to a hardened SHA-1 implementation (not vulnerable to the SHAttered attack) in v2.13.0, SHA-1 remains weak for security purposes [1]. The transition to SHA-256 has been in the works for some time, but as of 2022 it appears to be a partial implementation with no support from major Git hosts [2].

What would ideal package security look like to you?

> They are also not good for versioning, as you can't deduce whether a commit introduces breaking changes

Completely agree. Repository references are useful for development and testing, but painful in production. I avoid them in published packages.

> See end of linked go.mod

Thank you, I see it now. I'm still deeply unfamiliar with Go but this feels like a legitimate criticism.

Glancing at github.com/tencentcloud/tencentcloud-sdk-go: is this import ambiguous because there's no top-level `go.mod`? If so, that feels like a significant oversight. I'm a fan of monorepos myself but I'm surprised Go doesn't have better support for them. I'll be doing some research to understand this better.

[1] https://git-scm.com/docs/hash-function-transition [2] https://lwn.net/Articles/898522/