Re: [Caml-list] [ANN] First OCaml hacking session in Belgium -- 1-2 July

[Hendrik Boom <hendrik@topoi.pooq.com>]

On Wed, Jun 07, 2017 at 11:14:20PM +0200, Danny Willems wrote:
> Hi everyone.
> 
> I'm glad to announce and invite you to the first OCaml/Reason (Compiler)
> Hacking
> Session in Belgium which will be the first week-end of July (1-2 July) in my
> appartment (yes, in my appartment for the moment. I hope I will have
> a bigger place later). The registration are opened here[2]. The full
> location
> will be given later. If you have any problem to come, we can find a solution
> if
> you come in Brussels, don't worry about that. For info, you have to take
> the train from Brussels to come and it lasts 1 hour. I will take you to the
> station.
> 
> The event is opened 24/24 and the entire week-end. You can come the
> entire week-end or only one day or few hours. If you want to stay to sleep,
> I
> can host around 5 people (just take a sleeping bag). Just tell me if you
> come.
> 
> Thanks OCamlLabs for offering OCaml stickers to all participants!
> 
> ### Motivation of the event.
> 
> I wrote an article on my blog[1] some weeks ago about the idea of organizing
> some
> hacking events (specially about OCaml/Reason) in Belgium.
> Since last year, I learnt and had some interesting experiences in the OCaml
> community and I'm still more and more interested in collaborating and
> meeting other
> OCaml developers I speak with on Twitter and GitHub or by email.
> 
> The main purpose of this event is to meet other people sharing the same
> interests than me and sharing cultures and knowledge.
> 
> ### Subjects
> 
> The subjects of this first event will be very large and will depend on
> coming
> people. The only thing I would like to keep in mind is <b>hacking</b>. Hack
> for me is discovering and understanding new subjects and build something new
> or
> fix some issues. I hope other hackers like me, with the same mindset, will
> be
> interested in this event and will come.
> 
> The (non-exhaustive) list of subjects is:
> 
> - hack on OCaml compiler. It can be fix some junior issues
>   (https://caml.inria.fr/mantis/my_view_page.php), understand the type
> system,
>   improve it, learn how type systems work, improve front-end, propose some
>   useful syntactic sugar, etc.
> 
> - hack on Reason front-end compiler. Reason changes the syntax of OCaml by
>   giving a syntax more friendly to people coming from other
>   languages like JavaScript. Reason community also builds very interesting
> tools
>   to interact with React or JavaScript world.
> 
> - hack Ocsigen. Ocsigen is a very interesting web framework and maybe the
> most
>   advanced web framework in terms of new ideas and concepts. The core team
> is
>   very small and doesn't have a lot of time to develop a lot of new
> features. As
>   there are not a lot of core developers, Ocsigen lacks some useful features
>   present in most web framework. The documentation and the website must be
>   updated and lots of issues must be fixed.

The main thing I find lacking in Ocsigen is documentation.

That, and (I suspect) some security issues.  I notice that the URLs it 
generates contain things like ../../../.. with march out of the main 
directory right out into the main file system.  Yes, it gets to the 
file I intended it to get to.  But it seems that an attacker could 
easily add things to that url to get at anything on the machine.

Or perhaps I just haven't found what's something blocking that?

-- hendrik