Bash 4 Compatibility
Your article on the new Bash version 4.0 (August 2009, pg. 62) refers to the topic of compatibility right at the start, pointing to eight changes introduced for the sake of POSIX compatibility. Chet Ramey also seems to have been referring to this in your interview, when he said that the new version was as downwardly compatible as possible, but version 3.2's behavior was just incorrect in some places.
In version 4.0 of the shell, the $@ and $* parameter lists are fairly inconsistent "semi-variables" (bash -uc 'echo $@' "$@:unbound variable"; but: @=1 @=1: command not found), although this is not mentioned in the COMPAT file.
These changes mark a departure of the new shell from the POSIX standard, which clearly states: "If there are no positional parameters, the expansion of '@' shall generate zero fields [...]."
Bash 4 simply treats $@ and $* as "undefined" if no parameters have been passed in. This problem primarily occurs when the nounset option (-u) is used to protect against the use of undefined variables and thus make scripts more secure and robust. In this light, the problem might only affect a couple of programmers, as most people still unfortunately work without nounset. (-u is not even mentioned in the Bash manpage.) However, it is quite conceivable that this new behavior could cause other problems that are still waiting to be discovered.
In my opinion, these changes are a careless step backwards and do not indicate the kind of diligence in release management you would expect from a critical package like Bash. This is the reason why I declared the changes to be a grave bug on the following Debian bug report site: http://bugs.debian.org/519165
Martin F Krafft
Bernard Bablok, the author of the Bash 4 article, writes:
I am not familiar with the particular issue described in this letter, but I will assume that Martin Krafft is right. Even so, I cannot share his assessment of Bash 4 as a "careless step backwards." In a complex program such as Bash, it can happen that a compatibility issue or an unwanted problem creeps in. There are bug lists and mailing lists in order to clarify or change such things.
Thanks for your letter. We'll hope the bug report you filed with Debian will draw some attention to this issue.
ECIS and EC
Contrary to an article in your magazine (see "Microsoft's Anticompetitive Behavior" July 2009, pg. 10), ECIS is not part of the European Commission.
They are a lobby group.
Could you please print a correction and amend the online version?
Jonathan Todd European Commission Spokesman on Competition
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.
Dyreza malware launches a man-in-the-middle attack that compromises SSL.
New cloud combines worldwide access with local attention to data security.
A first cousin of the recent Heartbleed attack affects EAP-based wireless and peer-to-peer authentication.
FOSS community acts to protect freedom of choice for laptop devices.
Quintessential open source browser shores up its market share with a step toward the proprietary dark side.
Authorities in 16 countries take action against users of the imfamous BlackShades malware tool.