Tech News - Programming

Chris Dickinson, a developer working on implementing Git in Rust shared updates on his project Git-rs. This is his second try over the same project. He writes, “I'm trying again this year after reading more of "Programming Rust" (Blandy, Orendorff).” Dickinson has maintained a ‘To Do’ list wherein he has written the steps right from reading the objects from loose store to creating a packfile and publishing it to crates. You can checkout his full project for his day-by-day updates. It is also quite interesting to see how developers are sharing their projects on Git and learning something new on a daily basis based on their experience. Users are overall happy to see Dickinson’s contribution. A user commented on Reddit, “Maybe everybody is happy just to use this as a personal learning experience for now, but I think there will be a lot of interest in a shared project eventually.” Users are also sharing their experiences from their own projects. A user commented on HackerNews, “I love to see people reimplementing existing tools on their own, because I find that to be a great way to learn more about those tools. I started on a Git implementation in Rust as well, though I haven't worked on it in a while.” Why work with Rust? Rust has been gaining tremendous popularity in recent times. Steve Klabnik, a popular blogger/developer shares his experiences working with Rust and how the language has outgrown him. He writes in his blog post, “I’m the only person who has been to every Rust conference in existence so far. I went to RustCamp, all three RustConfs, all five RustFests so far, all three Rust Belt Rusts. One RustRush. Am I forgetting any? Thirteen Rust conferences in the past four years.” He further adds, “ I’m starting to get used to hearing “oh yeah our team has been using Rust in production for a while now, it’s great.” The first time that happened, it felt very strange. Exciting, but strange. I wonder what the next stage of Rust’s growth will feel like.” Rust is also in the top fifteen (by the number of pull requests) as of 2018 in the GitHub Octoverse report. Moreover, according to the Go User Survey 2018, 19% of the respondents ranked it as a top preferred language which indicates a high level of interest in Rust among this audience. Last month, the team at Rust announced the stable release, Rust 1.33.0. This release brought improvements to const fns, compiler, and libraries. Last week, the Rust community organized the Rust Latam 2019 Conference at Montevideo for the Rust community. It involved 200+ Rust developers and enthusiasts from the world. https://twitter.com/Sunjay03/status/1112095011951308800 ‘Developers’ lives matter’: Chinese developers protest over the “996 work schedule” on GitHub Sublime Text 3.2 released with Git integration, improved themes, editor control and much more! Microsoft open sources the Windows Calculator code on GitHub  

Headlines about the recent NPM layoff has raised questions about the company culture and ethics. NPM which stands for Node Package Manager is now being regarded as “Not Politely Managed”. The San Francisco startup, NPM Inc, the company behind the widely used NPM JavaScript package repository,  laid off 5 employees in a wrong, unprofessional and unethical manner. The incident stands imperative of the fact that many of us while accepting those lucrative job offers merely ask companies not to be unethical, and seldom expect them to actually be good. Indeed, social psychologist, Roy Baumeister convincingly argues there’s an evolutionary reason to focus more on getting people to avoid bad things than to do good things; among other reasons, humans are hardwired to consider potential threats that could harm us. Bob Sutton, author of fantastic and influential books like Good Boss, Bad Boss and The No Asshole Rule, draws on Baumeister’s work to highlight why it’s so critical to stamp out poorly behaving leaders (and employees) in organizations. Frédéric Harper, a developer advocate who was among those who lost their jobs, posted at length about the situation on Twitter. His concerns, did not come from being laid off. That happens, he said, and will happen again. "It’s the total lack of respect, empathy and professionalism of the process," he said. In an email to The Register, he said there appeared to be a disconnect between the company's professed values and its behavior. NPM layoff took its roots under the new leadership The layoffs actually started last summer when the company hired a new CEO, Bryan Bogensberger, to take the company from about $3m in annual revenue to 10x-20x, explained an early NPM employee who spoke with The Register on condition of anonymity. Bogensberger was previously the CEO and co-founder of Inktank, a leading provider of scale-out, open source storage systems that was acquired by Red Hat, Inc. for $175 million in 2014. , He has been running NPM since around July or August 2018, a source explained, but wasn't actually announced as CEO until January 2019 because his paperwork wasn't in order. Bryan brought in his own people, displacing longtime NPM staffers. "As he stacked the management ranks with former colleagues from a previous startup, there were unforced errors," another source explained to the Register. A culture of suspicion and hostility emerged under the new leadership. At NPM an all-hands meeting was held at which employees were encouraged to ask frank questions about the company's new direction. Those who spoke up were summarily fired last week, the individual said, at the recommendation of an HR consultant. https://twitter.com/ThatMightBePaul/status/1112843936136159232 People were very surprised by the layoffs at NPM. "There was no sign it was coming. It wasn't skills based because some of them heard they were doing great." said CJ Silverio, ex-CTO at NPM who was laid off last December. Silverio and Harper both are publicizing the layoff as they had declined to sign the non-disparagement clause in the NPM severance package. The non-disparagement clause prevents disclosure of the company’s wrongdoing publicly. A California law which came into effect in January, SB 1300 prohibits non-disparagement clause in the employment severance package but in general such clauses are legal. One of the employees fired last Friday was a month away from having stock options vest. The individual could have retained those options by signing a non-disparagement clause, but refused. https://twitter.com/neverett/status/1110626264841359360 “We can not comment on confidential personnel matters," CEO Bryan Bogensberger mentioned. "However, since November 1, we have approximately doubled in size to 55 people today, and continue to hire aggressively for many positions that will optimize and expand our ability to support and grow the JavaScript ecosystem over the long term.” Javascript community sees it as a leadership failure The community is full of outrage on this incident, many of them have regarded this as a 100% leadership failure. Others have commented that they would put NPM under the list of “do not apply” for jobs in this company. This news comes to them as a huge disappointment and there are questions asked about the continuity of the npm registry. Some of them also commented on creating a non profit node packages registry. While others have downgraded their paid package subscription to a free subscription. Rebecca Turner, core contributor to the project and one of the direct reportees to Harper has voluntarily put down her papers in solidarity with her direct reports who were let go. https://twitter.com/ReBeccaOrg/status/1113121700281851904 How goodness inspires goodness in organization Compelling research by David Jones and his colleagues finds that job applicants would prefer to work for companies that show real social responsibility–those that improve their communities, the environment, and the world. Employees are most likely to be galvanized by leaders who are actively perceived to be fair, virtuous, and self-sacrificing. Separate research by Ethical Systems founder, Jonathan Haidt demonstrates that such leaders influence employees to feel a sense of “elevation”—a positive emotion that lifts them up as a result of moral excellence. Liz Fong, a developer advocate at Honeycomb tweets on the npm layoff that she will never want to be a manager again if she had to go through this kind of process. https://twitter.com/lizthegrey/status/1112902206381064192 Layoffs becoming more common and frequent in Tech Last week we also had IBM in news for being sued by former employees for violating laws prohibiting age discrimination in the workplace: the Older Workers Benefit Protection Act (OWBPA) and the Age Discrimination in Employment Act (ADEA). Another news last week which came as a shocker was Oracle laying off a huge number of employees as a part of its “organizational restructuring”. The reason behind this layoff round was not clear, while some said that this was done to save money, some others said that people working on a legacy product were let go. While all of these does raise questions about the company culture, it may not be wrong to say that the Internet and social media makes corporate scandals harder than ever to hide. With real social responsibility easier than ever to see and applaud–we hope to see more of “the right things” actually getting done. Update from the NPM statement after 10 days of the incident After receiving public and community backlash on such actions, NPM published a statement on Medium on April 11 that, "we let go of 5 people in a company restructuring. The way that we undertook the process, unfortunately, made the terminations more painful than they needed to be, which we deeply regret, and we are sorry. As part of our mission, it’s important that we treat our employees and our community well. We will continue to refine and review our processes internally, utilizing the feedback we receive to be the best company and community we can be." Does this mean that any company for its selfish motives can remove its employees and later apologize to clean its image? Update on 14th June, Special report from The Register The Register published a special report last Friday saying that JavaScript package registry and NPM Inc is planning to fight union-busting complaints brought to America's labor watchdog by fired staffers, rather than settling the claims. An NLRB filing obtained by The Register alleges several incidents in which those terminated claim executives took action against them in violation of labor laws. On February 27, 2019, the filing states, a senior VP "during a meeting with employees at a work conference in Napa Valley, California, implicitly threatened employees with unspecified reprisals for raising group concerns about their working conditions." The document also describes a March 25, 2019, video conference call in which it was "impliedly [sic] threatened that [NPM Inc] would terminate employees who engaged in union activities," and a message sent over the company's Keybase messaging system that threatened similar reprisals "for discussing employee layoffs." The alleged threats followed a letter presented to this VP in mid-February that outlined employee concerns about "management, increased workload, and employee retention." The Register has heard accounts of negotiations between the tech company and its aggrieved former employees, from individuals apprised of the talks, during which a clearly fuming CEO Bryan Bogensberger called off settlement discussions, a curious gambit – if accurate – given the insubstantial amount of money on the table. NPM Inc has defended its moves as necessary to establish a sustainable business, but in prioritizing profit – arguably at the expense of people – it has alienated a fair number of developers who now imagine a future that doesn't depend as much on NPM's resources. The situation has deteriorated to the point that former staffers say the code for the npm command-line interface (CLI) suffers from neglect, with unfixed bugs piling up and pull requests languishing. The Register understands further staff attrition related to the CLI is expected. To know about this story in detail check out the report published by The Register. The npm engineering team shares why Rust was the best choice for addressing CPU-bound bottlenecks npm Inc. announces npm Enterprise, the first management code registry for organizations npm JavaScript predictions for 2019: React, GraphQL, and TypeScript are three technologies to learn

Last week, Daniel Rosenwasser, Program Manager for TypeScript, announced the release of TypeScript 3.4. This release comes with faster subsequent builds with the ‘--incremental’ flag, higher order type inference from generic functions, type-checking for globalThis, and more. Following are some of the updates in TypeScript 3.4: Faster subsequent builds TypeScript 3.4 comes with the ‘--incremental’ flag, which records the project graph from the last compilation. So, when TypeScript is invoked with the ‘--incremental’ flag set to ‘true’, it will check for the least costly way to type-check and emit changes to a project by referring to the saved project graph. Higher order type inference from generic functions This release comes with various improvements around inference, one of the main being functions inferring types from other generic functions. At the time of type argument inference, TypeScript will now propagate the type parameters from generic function arguments onto the resulting function type. Updates in ReadonlyArray and readonly tuples Now, using read-only array-like types is much easier. This release introduces a new syntax for ReadonlyArray that uses a new readonly modifier for array types: function foo(arr: readonly string[]) { arr.slice();        // okay arr.push("hello!"); // error! } TypeScript 3.4 also adds support for readonly tuples. To make a tuple readonly, you just have to prefix it with the readonly keyword. Type-checking for globalThis This release supports type-checking ECMAScript’s new globalThis, which is a global variable that refers to the global scope. With globalThis, you can access the global scope that can be used across different environments. The globalThis variable provides a standard way for accessing the global scope which can be used across different environments. Breaking changes As this release introduces few updates in inference, it does come with some breaking changes: TypeScript now uses types that flow into function calls to contextually type function arguments. Now, the type of top-level ‘this’ is typed as ‘typeof globalThis’ instead of ‘any’. As a result, users might get some errors for accessing unknown values on ‘this’ under ‘noImplicitAny’. TypeScript 3.4 correctly measures the variance of types declared with ‘interface’ in all cases. This introduces an observable breaking change for interfaces that used a type parameter only in keyof. To know the full list of updates in TypeScript 3.4, check out the official announcement. An introduction to TypeScript types for ASP.NET core [Tutorial] Typescript 3.3 is finally released! Yarn releases a roadmap for Yarn v2 and beyond; moves from Flow to Typescript

Last week, Joe Watkins, a PHP developer, shared that PHP 8 will support the Just-in-Time (JIT) compilation. This decision was the result of voting among the PHP core developers for supporting JIT in PHP 8 and also in PHP 7.4 as an experimental feature. If you don’t know what JIT is, it is a compiling strategy in which a program is compiled on the fly into a form that’s usually faster, typically the host CPU’s native instruction set. To do this the JIT compiler has access to dynamic runtime information whereas a standard compiler doesn’t. How PHP programs are compiled? PHP comes with a virtual machine named the Zend VM. The human-readable scripts are compiled into instructions, which are called opcodes that are understandable to the virtual machine. Opcodes are low-level, and hence faster to translate to machine code as compared to the original PHP code. This stage of execution is called compile time. These opcodes are then executed by the Zend VM in the runtime stage. JIT is being implemented as an almost independent part of OPcache, an extension to cache the opcodes so that compilation happens only when it is required. In PHP, JIT will treat the instructions generated for the Zend VM as the intermediate representation. It will then generate an architecture dependent machine code so that the host of your code is no longer the Zend VM, but the CPU directly. Why JIT is introduced in PHP? PHP hits the brick wall Many improvements have been done to PHP since its 7.0 version including optimizations for HashTable, specializations in the Zend VM for certain opcodes, specializations in the compiler for certain sequences, and many more. After so many improvements, now PHP has reached the extent of its ability to be improved any further. PHP for non-Web scenarios Adding support for JIT in PHP will allow its use in scenarios for which it is not even considered today, i.e., in other non-web, CPU-intensive scenarios, where the performance benefits will be very substantial. Faster innovation and more secure implementations With JIT support, the team will be able to develop built-in functions in PHP instead of C without any huge performance penalty. This will make PHP less susceptible to memory management, overflows, and other similar issues associated with C-based development. We can expect the release of PHP 7.4 later this year, which will debut JIT in PHP.  Though there is no official announcement about the release schedule of PHP 8, many are speculating its release in late 2021. Read Joe Watkins’ announcement on his blog. PEAR’s (PHP Extension and Application Repository) web server disabled due to a security breach Symfony leaves PHP-FIG, the framework interoperability group Google App Engine standard environment (beta) now includes PHP 7.2

Last week, Joel Spolsky announced that he is stepping down as the CEO of Stack Overflow and taking up a new role as Chairman of the site's Board. That means that one of the most popular question and answer sites on the planet - and one of the most important for software developers - is now looking for its new CEO. https://twitter.com/spolsky/status/1111267189133316097 Back in 2008, Spolsky, along with with Jeff Atwood, co-founded Stack Overflow with the idea of bringing voting and editing to a Q&A site. The idea was to make it easier for programmers to find the right answer, instead of scrolling endlessly in a discussion forum. Explaining what makes Stack Overflow different from other Q&A sites on his blog, Joel on Software, Spolsky said, “already, it’s better than other Q&A sites, because you don’t have to read through a lot of discussion to find the right answer if it’s in there somewhere.” At a Microsoft conference, just six months after the site’s launch, Spolsky asked how many developers were using the site. He and Atwood were pleasantly surprised when one-third of the crowd rose their hands. Today, however, practically every developer visits Stack Overflow to learn from other developers. In addition to the huge user base, the company has now grown to almost 300 employees and has achieved $70m in revenue last year. For the future of Stack Overflow, Spolsky hopes to make the platform more inclusive and welcoming for new users. “The type of people Stack Overflow serves has changed, and now, as a part of the developer ecosystem, we have a responsibility to create an online community that is far more diverse, inclusive, and welcoming of newcomers,” he adds. Many Stack Overflow users have a love/hate relationship with the platform. Some developers find the site intimidating and unwelcoming - a fact that Stack Overflow itself has acknowledged in the past. For example, threads can sometimes become filled with condescending, sarcastic, and dismissive comments, particularly when newcomers fail to follow site rules. They are simply expected to know things right from the start. A Stack Overflow user shares a solution to this, “I think if new users were given a walkthrough of the site, how it works, and what's expected, it would be MUCH more welcoming, and the comments (while still sometimes unnecessarily sarcastic) would be more warranted, since the requirements have been clearly laid out.” Saying things like “thank you” and “please” are considered noise and a distraction from the actual point. There are endless examples of such behavior, but they are not really limited to newbies. When a woman seeking help on a Flexbox margins issue posted on Stack Overflow, she got a message saying, “if you don’t get this…you have no business making a portfolio as a web developer”. April Wensel, the founder of Compassionate Coding, has been writing consistently about the problems users sometimes face on Stack Overflow, sharing numerous examples of people being rude and demeaning. She hopes that the next CEO will take the right measures to make the site inclusive and “more human”: https://twitter.com/aprilwensel/status/1111331785730719745?s=19 Read Spolsky's announcement at the Stack Overflow blog. Stack Overflow celebrates its 10th birthday as the most trusted developer community 4 surprising things from StackOverflow’s 2018 survey. StackOverflow just updated its developers’ salary calculator; includes 8 new countries in 2018.  

The result for the .NET Foundation Board of Directors 2019 is finally revealed. Out of the 476 voters, 329 casted ballots in this election. After counting the ballots using Scottish STV (Single Transferable Vote), Jon Skeet, Sara Chipps, Phil Haack, Iris Classon, Ben Adams, Oren Novotny, and Beth Massi were declared as winners. In total there were 45 candidates competing for 6 seats. Beth Massi has been appointed by Microsoft while the rest got elected by .NET Foundation Members. Following are the winner profiles Jon Skeet: A Java developer at Google in London and is also C# author and community leader. https://twitter.com/jonskeet/status/1111540160305475584 Sara Chipps: Engineering Manager at Stack Overflow. https://twitter.com/SaraJChipps/status/1111458522418552835 Phill Hacck: A developer and author, and best known for his blog, Haacked. https://twitter.com/haacked/status/1111493618441703427 Iris Classon: Software developer, cloud architect at Konstrukt. She is also a member of MEET (Microsoft Extended Experts Team) Ben Adams: Co-founder and CTO of Illyriad Games. https://twitter.com/jongalloway/status/1111324076981682176 Oren Novotny: Microsoft’s Regional Director, MVP, and chief architect of DevOps & modern software at Insight. https://twitter.com/onovotny/status/1111410983749115905 Beth Massi: Product Marketing Manager for the .NET Platform at Microsoft and has previously worked for the .NET Foundation in 2014. https://twitter.com/BethMassi/status/1108838511069716480 How did the election process go The candidate's votes for a round are calculated by taking the sum of the votes from the previous round and votes received in the current round. The votes received in the current round and votes transferred away in the current round represent “votes being transferred”. The single transferable vote system was opted because it is a type of ranked-choice voting which is used for electing a group of candidates, for instance, a committee or a council. In this type of voting, the votes are transferred from losing candidates to other choices in the ballot. Round 1 The first round considered the count of first choices. Since none of the candidates had surplus votes so the candidates who received the least number of votes or no votes at all got eliminated and votes for other candidates got transferred for the next round. Round 2 Round 2 calculated the count after eliminating Lea Wegner and Robin Krom who received 0 votes. There was a tie between, Lea Wegner and Robin Krom while choosing candidates to eliminate. Though Lea Wegner was later chosen by breaking the tie randomly. Since none of the candidates had surplus votes they got transferred for the next round. Round 3 Round 3 calculated the count after eliminating Robin Krom and transferring votes. Since none of the candidates had surplus votes they got transferred for the next round. Round 4 Round 4 calculated the count after eliminating Nate Barbettini and transferring votes. There was a tie between the candidates Peter Mbanugo, Robert McLaws, Virgile Bello, Nate Barbettini, and Marc Bruins while choosing candidates to eliminate. In this round candidate, Nate Barbettini was chosen by breaking the tie randomly. Since none of the candidates had surplus votes they got transferred for the next round. Round 5 The fifth round considered the count after eliminating Marc Bruins and transferring votes. There was a tie between the candidates, Peter Mbanugo, Robert McLaws, Virgile Bello, and Marc Bruins while choosing the candidates to eliminate. Out of which, Marc Bruins was chosen by breaking the tie randomly. Since none of the candidates had surplus votes they got transferred for the next round. Collectively there were 41 such rounds where each round was an elimination round and then finally the winners were declared. To know more about this news, check out Opavote’s blog post. Fedora 31 will now come with Mono 5 to offer open-source .NET support Inspecting APIs in ASP.NET Core [Tutorial] .NET Core 3 Preview 2 is here!

Yesterday, the team at Go announced the results of their user survey for the year 2018. 5,883 users from 103 different countries participated in the survey. Key highlights from the Go User Survey 2018 According to the report, for the first time, half of the survey respondents said that they are currently using Go as part of their daily routine. It seems this year proved to be even better for Go as the graph saw a significant increase in the number of respondents who develop their projects in Go as part of their jobs and also use Go outside of their work responsibilities. Also, a majority of survey respondents said that Go is their most-preferred programming language. Here are some other findings: API/RPC services and CLI tools are the commonly used tools by Go users. VS Code and GoLand have become the most popular code editors among survey respondents. Most Go developers use more than one primary OS for development where Linux and macOS are popular. Automation tasks were declared as the fast-growing area for Go. Web development still remains the most common domain but DevOps has shown the highest year-over-year growth and is also the second most common domain now. Survey respondents have been shifting from on-premise Go deployments to containers and serverless cloud deployments. To simplify the survey report, the team at Go broke the responses down into three groups: The ones who are using Go both in and outside of work The ones who use Go professionally but not outside of work The ones who only use Go outside of their job responsibilities According to the survey, nearly half (46% of respondents) write Go code professionally as well as during their free time because the language appeals to developers who do not view software engineering only as a day job. According to the survey, 85% of respondents would prefer to use Go for their next project. Would you recommend Go to a friend? This year, the team had added a question, "How likely are you to recommend Go to a friend or colleague?" for calculating Net Promoter Score. This score measures the number of "promoters" a product has than "detractors" and it ranges from -100 to 100. A positive value would suggest most people are likely to recommend using a product, while negative values will suggest, most people wouldn’t recommend using it. The latest score (2018) is 61, where 68% are promoters - 7% are detractors. How satisfied are developers with Go? The team also asked many questions about developer satisfaction with Go, in the survey. Majority survey respondents indicated a high level of satisfaction which is consistent with prior year results. Around 89% of the respondents said that they are happy with Go and  66% felt that it is working well for their team. These metrics showed an increase in 2017 and they mostly remained stable this year. The downside About half of the survey respondents work on existing projects that are written in other languages, and ⅓ work on a team or project that prefer a language other than Go. The reason highlighted by the respondents for this is the missing language features and libraries. The team identified the biggest challenges faced by developers while using Go with the help of their machine learning tools. The top three challenges highlighted by the team as per the survey are: Package management is one of the major challenges. A response from the survey reads,“keeping up with vendoring, dependency / packet [sic] management / vendoring is not unified.” There are major differences from more familiar programming languages. A response from the survey reads, “Syntax close to C-languages with slightly different semantics makes me look up references somewhat more than I'd like", Another respondent says, "My coworkers who come from non-Go backgrounds are trying to use Go as a version of their previous language but with channels and Goroutines." Lack of generics is another problem. Another response from the survey reads, “Lack of generics makes it difficult to persuade people who have not tried Go that they would find it efficient. Hard to build richer abstractions (want generics)” Go community Go blog, Reddit's r/golang, Twitter, and Hacker News remain the primary sources for Go news. This year, 55% of survey respondents said they are interested in contributing towards the Go community, though it is slightly lesser than last year (59%). The standard library and official Go tools require interacting with the core Go team which could be one of the reasons for the dip in the percentage. Another reason is the dip in the percentage of participants who are willing to take up the Go project leadership. It was 30% last year and it has become 25% this year. This year only 46% of respondents are confident about taking the leadership of Go, it was 54% last year. You can read the complete results of the survey on Golang’s blog post. Update: The title of this article was amended on 4.1.2019. GitHub releases Vulcanizer, a new Golang Library for operating Elasticsearch Google Podcasts is transcribing full podcast episodes for improving search results State of Go February 2019 – Golang developments report for this month released  

Yesterday, Fastly, a US-based cloud computing service provider, open-sourced its native WebAssembly compiler and runtime, Lucet. Lucet is built on top of Cranelift, Mozilla’s low-level retargetable code generator. It already powers Fastly’s Terrarium project, their experimental platform for edge computation using WebAssembly, and now it is coming to their edge cloud platform as well. How does Lucet work? Lucet delegates the responsibility of executing WebAssembly programs into two components: compiler and runtime. The compiler compiles WebAssembly modules to native code and the runtime manages resources and traps runtime faults. As it uses ahead-of-time compilation strategy, it simplifies the design and overhead of the runtime compared to just-in-time (JIT) compilation that browser engines use. What are its advantages? Faster and safer execution of WebAssembly programs WebAssembly allows web browsers to safely execute programs with near-native performance. It is supported by some of the most commonly used browsers including Google, Mozilla, and Safari. With Lucet, Fastly aims to take WebAssembly “beyond the browser” by providing users a platform for faster and safer execution of programs on Fastly’s edge cloud. More languages to choose from Since WebAssembly is supported by an impressive list of programming languages including Rust, TypeScript, C, and C++, Lucet users will be able to work with the language they prefer. They do not have to be restricted to Fastly’s Varnish Configuration Language (VCL). Simultaneous execution of programs The Lucet compiler and runtime ensure that each WebAssembly program is allocated its own resources. This enables Fastly’s edge cloud to simultaneously execute a large number of WebAssembly programs without compromising on security. Supports WebAssembly System Interface (WASI) Lucet supports WASI, an API that provides access to various operating-system-like features. These include files and filesystems, Berkeley sockets, clocks, and random numbers. At the moment, Lucet supports running WebAssembly programs written in C, Rust, and AssemblyScript and its runtime only support x86-64 based Linux systems. To read the official announcement, visit Fastly’s official website. Introducing CT-Wasm, a type-driven extension to WebAssembly for secure, in-browser cryptography Creating and loading a WebAssembly module with Emscripten’s glue code [Tutorial] The elements of WebAssembly – Wat and Wasm, explained [Tutorial]

Earlier this month, Uber open-sourced Pelton, a unified resource scheduler that manages resources across distinct workloads. Pelton, first introduced in November last year, is built on top of Mesos. “By allowing others in the cluster management community to leverage unified schedulers and workload co-location, Peloton will open the door for more efficient resource utilization and management across the community”, states the Uber team. Peloton is designed for web-scale companies such as Uber that consist of millions of containers and tens of thousands of nodes. Peloton comes with advanced resource management capabilities such as elastic resource sharing, hierarchical max-min fairness, resource overcommits, and workload preemption. Peloton uses Mesos to aggregate resources from different hosts and then further launch tasks as Docker containers. Peloton also makes use of hierarchical resource pools to manage elastic and cluster-wide resources more efficiently. Before Peloton was released, each workload at Uber comprised its own cluster which resulted in various inefficiencies. However, with Peloton, mixed workloads can be colocated in shared clusters for better resource utilization. Peloton feature highlights Elastic Resource Sharing: Peloton supports hierarchical resource pools that help elastically share resources among different teams. Resource Overcommit and Task Preemption: Peloton helps with improving cluster utilization by scheduling workloads that use slack resources. Optimized for Big Data Workloads:  Support has been provided for advanced Apache Spark features such as dynamic resource allocation. Optimized for Machine Learning: There is support provided for GPU and Gang scheduling for TensorFlow and Horovod. High Scalability: Users can scale to millions of containers and tens of thousands of nodes. “Open sourcing Peloton will enable greater industry collaboration and open up the software to feedback and contributions from industry engineers, independent developers, and academics across the world”, states the Uber team. Uber and Lyft drivers strike in Los Angeles Uber and GM Cruise are open sourcing their Automation Visualization Systems Uber releases Ludwig, an open source AI toolkit that simplifies training deep learning models for non-experts

Developers frequently encounter NullPointerExceptions while developing or maintaining a Java application. They often don't contain a message which makes it difficult for the developers to find the cause of the exception. Java Enhancement Proposal (JEP) proposes to enhance the exception text to notify what was null and which action failed. For instance: a.to_b.to_c = null; a.to_b.to_c.to_d.num = 99; The above code will print java.lang.NullPointerException and which doesn’t highlight what value is null. A message like 'a.to_b.to_c' is null and cannot read field 'to_d' will highlight where the exception is thrown. Basic algorithm to compute the message In case of an exception, the instruction that caused the exception, is known by the virtual machine. The instruction gets stored in the 'backtrace' datastructure of a throwable object which is held in a field private to the jvm implementation. In order to assemble a string as a.to_b.to_c, the bytecodes need to be visited in reverse execution order while starting at the bytecode that raised the exception. If a developer or tester knows which bytecode pushed the null value, then it's easy to print the message. A simple data flow analysis is run on the bytecodes to understand as to which previous instruction pushed the null value. This data flow analysis simulates the execution stack that does not contain the values computed by the bytecodes. Instead, it contains information about which bytecode pushed the value to the stack. The analysis will run until the information for the bytecode that raised the exception becomes available. With this information, it becomes easy to assemble the message. An exception message is usually passed to the constructor of Throwable that writes it to its private field 'detailMessage'. In case the message is computed only on access, then it can’t be passed to the Throwable constructor. Since the field is private, there is no natural way to store the message in it. To overcome this, developers can make detailMessage package-private or can use a shared secret for writing it or can write to the detailMessage field via JNI. How should the message content be displayed The message should only be printed if the NullPointerException is raised by the runtime. In case, the exception is explicitly constructed, it won’t make sense to add the message and it could be misleading as no NullPointerException was encountered. As the original message won’t get regained so the message should try resembling code as possible. This makes it easy to understand and compact. The message should contain information from the code like class names, method names, field names and variable names. Testing done by the OpenJDK team The basic implementation of testing for regressions of the messages is in use in SAP's internal Java virtual machine since 2006. The team at OpenJDK has run all jtreg tests, many jck tests and many other tests on the current implementation. They have found no issues so far. Proposed risks to it This proposal has certain risks which include imposing overhead on retrieving the message of a NullPointerMessage. Though the risk of breaking something in the virtual machine is very low. The implementation needs to be extended in case more bytecodes are added to the Bytecode specification. Another issue that was raised is printing the field names or local names might impose a security problem. To know more about this news, check out OpenJDK’s blog post. Introducing ‘Quarkus’, a Kubernetes native Java framework for GraalVM & OpenJDK HotSpot The OpenJDK Transition: Things to know and do Apache NetBeans IDE 10.0 released with support for JDK 11, JUnit 5 and more!

Yesterday, the team at Kubernetes released Kubernetes 1.14, a new update to the popular open-source container orchestration system. Kubernetes 1.14 comes with support for Windows nodes, kubectl plugin mechanism, Kustomize integration, and much more. https://twitter.com/spiffxp/status/1110319044249309184 What’s new in Kubernetes 1.14? Support for Windows Nodes This release comes with added support for Windows nodes as worker nodes. Kubernetes now schedules Windows containers and enables a vast ecosystem of Windows applications. With this release, enterprises with investments can easily manage their workloads and operational efficiencies across their deployments, regardless of the operating systems. Kustomize integration With this release, the declarative resource config authoring capabilities of kustomize are now available in kubectl through the -k flag. Kustomize helps the users in authoring and reusing resource config using Kubernetes native concepts. kubectl plugin mechanism This release comes with kubectl plugin mechanism that allows developers to publish their own custom kubectl subcommands in the form of standalone binaries. PID Administrators can now provide pod-to-pod PID (Process IDs) isolation by defaulting the number of PIDs per pod. Pod priority and preemption in this release enables Kubernetes scheduler to schedule important pods first and remove the less important pods to create room for more important ones. Users are generally happy and excited about this release. https://twitter.com/fabriziopandini/status/1110284805411872768 A user commented on HackerNews, “The inclusion of Kustomize[1] into kubectl is a big step forward for the K8s ecosystem as it provides a native solution for application configuration. Once you really grok the pattern of using overlays and patches, it starts to feel like a pattern that you'll want to use everywhere” To know more about this release in detail, check out Kubernetes’ official announcement. RedHat’s OperatorHub.io makes it easier for Kuberenetes developers and admins to find pre-tested ‘Operators’ for applications Microsoft open sources ‘Accessibility Insights for Web’, a chrome extension to help web developers fix their accessibility issues Microsoft open sources the Windows Calculator code on GitHub  

Clojurists Together shortlisted two projects namely Neanderthal and Aleph for Q1 of 2019 (February-April) to provide funding for further development of these projects, the details of which they shared yesterday. These projects will get total funding of $9,000, which means $3,000 per month. https://twitter.com/cljtogether/status/1109925960155983872 What is Clojurists Together? Clojurists Together was formed back in 2017 and is run by a board of developers in the Clojure Community. It focuses on keeping the development of open source Clojure software sustainable by raising funds and providing support for infrastructure and documentation. Additionally, it also supports other community initiatives like the Google Summer of Code. The way it works is that open source developers apply for funding, and if the board members think that the project meets the requirements of the Clojurists Together members, their project is selected for funding. Then the developers get paid to work on their project for three months. The funds are raised with the help of Clojure companies and individual developers who can sign up for a monthly contribution or do a one-time donation. This is their fifth funding cycle and previously they have supported datascript, kaocha, cljdoc, Shadow CLJS, clj-http, Figwheel, ClojureScript, and CIDER. Details of the projects funded Neanderthal Neanderthal is a Clojure library for faster matrix and linear algebra computations. It is based on native libraries of BLAS and LAPACK computation routines for both CPU and GPU. On GPU, this library is almost 3000x faster than optimized Clojure/Java libraries and on CPU it is 100x faster than optimized pure Java. This project is being developed by Dragan Djuric, who works on the Uncomplicate suite of libraries and is also the professor of Software Engineering at the University of Belgrade. Within the span of these three months, Djuric plans to work on some of the following updates: Writing an introductory series named Deep Learning from the ground up with Clojure. Integrating Nvidia’s cuSolver into Neanderthal's CUDA GPU engine to provide some key LAPACK functions that are only available on the CPU. Along with these developments, he will also be improving the documentation and tutorials for Neanderthal. Aleph Aleph is a Clojure library for client and server network programming. Based on Netty, it is said to be one of the best options for building high-performance communication systems in Clojure. Oleksii Kachaiev, who is working on Aleph, has planned the following additions for Aleph in the allocated 3 months: Releasing a new version of Aleph with the latest developments Updating internals of the library and interactions with Netty to ease the operational burden and improve performance Implementing missing parts of the websocket protocol To know how far these projects have come, check out this monthly update for February shared by Clojurists Together yesterday. To read the official announcement, visit the official site of Clojurists Together. Clojure 1.10 released with Prepl, improved error reporting and Java compatibility ClojureCUDA 0.6.0 now supports CUDA 10 Clojure 1.10.0-beta1 is out!

Apple announced Swift 5 for Xcode 10.2 yesterday. The latest Swift 5 update in Xcode 10.2 explores new features and changes to App thinning, Swift Language, Swift Standard Library, Swift Package Manager, and Swift Compiler. Swift is a popular general-purpose, compiled programming language developed by Apple Inc. for iOS, macOS, watchOS, tvOS, and beyond. Writing Swift code is interactive and its syntax is concise yet expressive. Swift code is safe and comprises all modern features. What’s new in Swift 5 for Xcode 10.2? In Xcode 10.2, the Swift command-line tools now require the Swift libraries in macOS. These libraries are included by default in Swift, starting with macOS Mojave 10.14.4. App Thinning Swift apps now no longer include dynamically linked libraries for the Swift standard library as well as the Swift SDK overlays in build variants for devices that run iOS 12.2, watchOS 5.2, and tvOS 12.2. This results in Swift apps getting smaller once they’re shipped in the App Store or thinned in an app archive for development distribution. Swift Language String literals in Swift 5 can be expressed with the help of enhanced delimiters. A string literal consisting of one or more number signs (#) before the opening quote considers backslashes and double-quote characters as literal. Also, Key paths can now support the identity keypath (\.self) i.e. a WritableKeyPath that refers to its entire input value. Swift Standard Library The standard library in Swift now consists of the Result enumeration with Result.success(_:) and Result.failure(_:) cases. Due to the addition of Standard Library, the Error protocol now conforms to itself and makes working with errors easier. The SIMD types and basic operators have now been defined in the standard library. Set and Dictionary also make use of a different hash seed now for each newly created instance. The DictionaryLiteral type has been renamed as KeyValuePairs in Swift 5. The String structure’s native encoding has been switched from UTF-16 to UTF-8. This improves the relative performance of String.UTF8View as compared to String.UTF16View. Swift Package Manager Targets can now declare the commonly used, target-specific build settings while using the Swift 5 Package.swift tools-version. A new dependency mirroring feature in Swift 5 enables the top-level packages to override dependency URLs. Package manager operations have become significantly faster for larger packages. Swift Compiler Size taken up by Swift metadata can be reduced now as the Convenience initializers defined in Swift only allocates an object ahead of time in case its calling a designated initializer defined in Objective-C. C types consisting of alignment greater than 16 bytes are no longer available in Swift. Swift 3 mode has been deprecated. Supported values for the -swift-version flag has become 4, 4.2, and 5.Default arguments can now be printed in SourceKit-generated interfaces for Swift modules. For more information, check out the official Swift 5 for Xcode 10.2 release notes. Swift 5 for Xcode 10.2 beta is here with stable ABI Exclusivity enforcement is now complete in Swift 5 ABI stability may finally come in Swift 5.0

Yesterday, Microsoft released a new static type checker for Python called Pyright to fill in the gaps in existing Python type checkers like mypy. Currently, this type checker supports Python 3.0 and its newer versions. What are the type checking features Pyright brings in? It comes with support for PEP 484 (type hints including generics), PEP 526 (syntax for variable annotations), and PEP 544 (structural subtyping). It supports type inference for function return values, instance variables, class variables, and globals. It provides smart type constraints that can understand conditional code flow constructs like if/else statements. Increased speed Pyright shows 5x speed as compared to mypy and other existing type checkers written in Python. It was built keeping large source bases in mind and can perform incremental updates when files are modified. No need for setting up a Python Environment Since Pyright is written in TypeScript and runs within Node, you do not need to set up a Python environment or import third-party packages for installation. This proves really helpful when using the VS Code editor, which has Node as its extension runtime. Flexible configurability Pyright enables users to have granular control over settings. You can specify different execution environments for different subsets of a source base. For each environment, you can specify different PYTHONPATH settings, Python version, and platform target. To know more in detail about Pyright, check out its GitHub repository. Debugging and Profiling Python Scripts [Tutorial] Python 3.8 alpha 2 is now available for testing Core CPython developer unveils a new project that can analyze his phone’s ‘silent connections’  

Yesterday, the team at Redox released Redox OS 0.5.0, a Unix like operating system written in Rust. The team has added important programs and libraries to this release. What’s new in Redox OS 0.50? Cairo This release comes with Cairo, a 2D graphics library that supports multiple output devices. It produces consistent output on all output media and takes advantage of display hardware acceleration when available. It is implemented as a library which is written in the C programming language, while the bindings are available for various programming languages. relibc Redox OS 0.50 features relibc, a portable POSIX C standard library which is written in Rust and supports Redox and Linux. It reduces the issues with newlib and further creates a safer alternative to a C standard library. It has been designed to be used under redox, as an alternative to newlib. Event system The event system has been redesigned for providing support for select and poll. This release comes with new packages added to the Cookbook as well as for memory mapping support implemented in it. Standard images This release comes with new images based on new bootloaders for coreboot and EFI. The team has worked towards providing libraries for EFI Rust development and for developing coreboot payloads in Rust. LLVM This release also features the LLVM Project which is a collection of modular and reusable compiler and toolchain technologies. The LLVM Core libraries come with a target-independent optimizer and a code generation support for popular CPUs.          GLib This version of Redox OS comes with GLib which is the low-level core library that forms the basis for projects such as GTK+ and GNOME.                   Pixman Redox OS 0.50 comes with Pixman that is a low-level software library for pixel manipulation that features image compositing and trapezoid rasterization. Orbital widget toolkit This release comes with Orbital Widget Toolkit which is a multi-platform GUI toolkit for building user interfaces with Rust. This toolkit is based on the entity component system pattern which provides a functional-reactive API. It provides fast performance and ease over cross-platform development. Few users are happy and excited about this release and are appreciating the Redox team. A user commented on HackerNews, “Congrats on getting another release out the door! I was beginning to fear that momentum was stalling in lieu of PopOS. Keep up the great work!” The developer of Redox OS shared that there are still security concerns in the kernel with regards to memory management. He commented, “There are a couple known security issues in the kernel regarding memory management. One is that memory is granted in pages, so buffers passed to a scheme are over-mapped for the process handling it. You have to be root to handle a scheme, so it was not a high severity issue.” He further added that there are concerns with the grants which can be dropped by owning process and highlighted that more kernel work is needed. He commented, “Another is that grants can be dropped by the owning process while in use by another process. This can lead to the re-allocation of said grants in the owning process, making memory accessible to the other users of the grant. More kernel work is needed to prevent schemes from leaking data in this manner.” To know more about this news in detail, check out Redox’s official announcement. Fedora 31 will now come with Mono 5 to offer open-source .NET support LLVM 8.0.0 releases! JUnit 5.4 released with an aggregate artifact for reducing your Maven and Gradle files