Julia v1.10 Improves Performance, and Gnuplot Gets Pie Charts

Julia 1.0 was released in 2018 — after a six-year wait.

And there’s now another update. LWN.net gets you up to speed, calling Julia “a general-purpose, open-source programming language with a focus on high-performance scientific computing.”

Some of Julia’s unusual features:
– Lisp-inspired metaprogramming
– The ability to examine compiled representations of code in the REPL or in a “reactive notebook”
– An advanced type and dispatch system
– A sophisticated, built-in package manager.

Version 1.10 brings big increases in speed and developer convenience, especially improvements in code precompilation and loading times. It also features a new parser written in Julia… [I]t is faster, it produces more useful syntax-error messages, and it provides better source-code mapping, which associates locations in compiled code to their corresponding lines in the source. That last improvement also leads to better error messages and makes it possible to write more sophisticated debuggers and linters…

Between the improvements in precompilation and loading times, and the progress in making small binaries, two major and perennial complaints, of beginners and seasoned Julia users alike, have been addressed… StaticCompiler and related WebAssembly tools will make it easier to write web applications in Julia for direct execution in the browser; it is already possible, but may become more convenient over the next few years.

Thanks for sharing the article to long-time Slashdot reader lee1 — who also wrote No Starch Press’s Practical Julia: A Hands-On Introduction for Scientific Minds .

lee1 also reminds us that Gnuplot 6.0 was released in December:
lee1 writes: This article surveys the new features, including filled contours in 3D, adaptive plotting resolution, watchpoints, clipping of surfaces, pie charts, and new syntax for conditionals.

Read more of this story at Slashdot.

NPM Users Download 2.1B Deprecated Packages Weekly, Say Security Researchers

The cybersecurity site SC Media reports that NPM registry users “download deprecated packages an estimated 2.1 billion times weekly, according to a statistical analysis of the top 50,000 most-downloaded packages in the registry.”

Deprecated, archived and “orphaned” NPM packages can contain unpatched and/or unreported vulnerabilities that pose a risk to the projects that depend on them, warned the researchers from Aqua Security’s Team Nautilus, who published their findings in a blog post on Sunday… In conjunction with their research, Aqua Nautilus has released an open-source tool that can help developers identify deprecated dependencies in their projects.

Open-source software may stop receiving updates for a variety of reasons, and it is up to developers/maintainers to communicate this maintenance status to users. As the researchers pointed out, not all developers are transparent about potential risks to users who download or depend on their outdated NPM packages. Aqua Nautilus researchers kicked off their analysis after finding that one open-source software maintainer responded to a report about a vulnerability Nautilus discovered by archiving the vulnerable repository the same day. By archiving the repository without fixing the security flaw or assigning it a CVE, the owner leaves developers of dependent projects in the dark about the risks, the researchers said…

Taking into consideration both deprecated packages and active packages that have a direct dependency on deprecated projects, the researchers found about 4,100 (8.2%) of the top 50,000 most-downloaded NPM packages fell under the category of “official” deprecation. However, adding archived repositories to the definition of “deprecated” increased the number of packages affected by deprecation and deprecated dependencies to 6,400 (12.8%)… Including packages with linked repositories that are shown as unavailable (404 error) on GitHub increases the deprecation rate to 15% (7,500 packages), according to the Nautilus analysis. Encompassing packages without any linked repository brings the final number of deprecated packages to 10,600, or 21.2% of the top 50,000. Team Nautilus estimated that under this broader understanding of package deprecation, about 2.1 billion downloads of deprecated packages are made on the NPM registry weekly.

Read more of this story at Slashdot.

Why the Creator of Ruby on Rails Prefers Dynamic Typing

“I write all novel client-side code as JavaScript instead of TypeScript, and it’s a delight,” says the creator of Ruby on Rails. Posting on Twitter, David Heinemeier Hansson opined that TypeScript “sucked out much of the joy I had writing JavaScript. I’m forever grateful that Yukihiro ‘Matz’ Matsumoto didn’t succumb to the pressure of adding similar type hints to Ruby.”

When it comes to static vs dynamic typing, “I’ve heard a million arguments from both sides throughout my entire career,” Hansson wrote on his blog today, “but seen very few of them ever convinced anyone of anything.”
But wait — he thinks we can all get along:
Personally, I’m unashamedly a dynamic typing kind of guy. That’s why I love Ruby so very much. It takes full advantage of dynamic typing to allow the poetic syntax that results in such beautiful code. To me, Ruby with explicit, static typing would be like a salad with a scoop of ice cream. They just don’t go together.

I’ll also confess to having embraced the evangelical position for dynamic typing in the past. To the point of suffering from a One True Proposition affliction. Seeing the lack of enthusiasm for dynamic typing as a reflection of missing education, experience, or perhaps even competence.

Oh what folly. Like trying to convince an introvert that they’d really like parties if they’d just loosen up a bit…

These days, I’ve come to appreciate the magnificence of multiplicity. Programming would be an awful endeavor if we were all confined to the same paradigm. Human nature is much too varied to accept such constraint on its creativity…But it took a while for me to come to these conclusions. I’m a recovering solutionist. So when I see folks cross their heart in disbelief that anyone, anywhere might fancy JavaScript over TypeScript, I smile, and I remember the days when I’d recognize their zeal in the mirror.

Hansson also sees the “magnificence of multiplicity” in positions about functional vs object-oriented programming. “Poles on both these axes have shown to deliver excellent software over the decades (and awful stuff too!).”

Read more of this story at Slashdot.

Rust Foundation Solicits Feedback on Updated Policy for Trademarks

“Rust” and “Cargo” are registered trademarks held by the Rust Foundation — the independent non-profit supporting Rust’s maintainers. In August 1,000 people responded to the foundation’s Trademark Policy Review Survey, after which the foundation invited any interested individuals to join their Trademark Policy Working Group (which also included Rust Project leaders). They’ve now created a draft of an updated policy for feedback…

Crate, RS, “Rustacean,” and the logo of Ferris the crab are all available for use by anyone consistent with their definition, with no special permission required. Here’s how the document’s quick reference describes other common use-cases:
Selling Goods — Unless explicitly approved, use of the Rust name or Logo is not allowed for the purposes of selling products/promotional goods for gain/profit, or for registering domain names. For example, it is not permitted to sell stickers of the Rust logo in an online shop for your personal profit.
Showing Support of Rust — When showing your support of the Rust Project on a personal site or blog, you may use the Rust name or Logo, as long as you abide by all the requirements listed in the Policy. You may use the Rust name or Logo in social media handles, avatars, and emojis to demonstrate Rust Project support in a manner that is decorative, so long as you don’t suggest commercial Rust affiliation.
Inclusion of the Marks in Educational Materials — You may use the Rust name in book and article titles and the Logo in graphic components, so long as you make it clear that the Rust Project or Foundation has not reviewed/approved/endorsed your content.
There’s also a FAQ, answering questions like “Can I use the Rust logo as my Twitter Avatar?” The updated policy draft says “We consider social media avatars on personal accounts to be fair use. On the other hand, using Rust trademarks in corporate social media bios/profile pictures is prohibited…. In general, we prohibit the modification of the Rust logo for any purpose, except to scale it. This includes distortion, transparency, color-changes affiliated with for-profit brands or political ideologies. On the other hand, if you would like to change the colors of the Rust logo to communicate allegiance with a community movement, we simply ask that you run the proposed logo change by us…”

And for swag at events using the Rust logo, “Merch developed for freebies/giveaways is normally fine, however you need approval to use the Rust Word and/or Logo to run a for-profit event. You are free to use Ferris the crab without permission… If your event is for-profit, you will need approval to use the Rust name or Logo. If you are simply covering costs and the event is non-profit, you may use the Rust name or Logo as long as it is clear that the event is not endorsed by the Rust Foundation. You are free to use Ferris the crab without permission.”

Read more of this story at Slashdot.

Something Pretty Right: a History of Visual Basic

Long-time Slashdot reader theodp writes: In Something Pretty Right: A History of Visual Basic, Retool’s Ryan Lucas has a nice round-up of how Visual Basic became the world’s most dominant programming environment, its sudden fall from grace, and why its influence is still shaping the future of software development.

Visual Basic (or VB) burst onto the scene at a magical, transitional moment, presenting a radically simpler alternative for Windows 3.0 development. Bill Gates’ genuine enthusiasm for VB is evident in an accompanying 1991 video in which BillG personally and playfully demonstrates Visual Basic 1.0 at its launch event, as well as in a 1994 video in which Gates thanks Alan Cooper, the
“Father of Visual Basic,” with the Windows Pioneer Award.

For Gates, VB was love at first sight. “It blew his mind, he had never seen anything like it,” recalls Cooper of Gates’s reaction to his 1988 demo of a prototype. “At one point he turned to his retinue and asked ‘Why can’t we do stuff like this?'” Gates even came up with the idea of taking Cooper’s visual programming frontend and replacing its small custom internal language with BASIC.

After seeing what Microsoft had done to his baby, Cooper reportedly sat frustrated in the front row at the launch event. But it’s hard to argue with success, and Cooper eventually came to appreciate VB’s impact. “Had Ruby [Cooper’s creation] gone to the market as a shell construction set,” Cooper said, “it would have made millions of people happier, but then Visual Basic made hundreds of millions of people happier. I was not right, or rather, I was right enough, had a modicum of rightness. Same for Bill Gates, but the two of us together did something pretty right.”

At its peak, Visual Basic had nearly 3.5 million developers worldwide. Many of the innovations that Alan Cooper and Scott Ferguson’s teams introduced 30 years ago with VB are nowhere to be found in modern development, fueling a nostalgic fondness for the ease and magic VB delivered that we have yet to rekindle.

Read more of this story at Slashdot.

Programming Pioneer Grady Booch on Functional Programming, Web3, and Conscious Machines

InfoWorld interviews Grady Booch, chief scientist for software engineering at IBM Research (who is also a pioneer in design patterns, agile methods, and one of the creators of UML).

Here’s some of the highlights:

Q: Let me begin by asking something “of the moment.” There has been an almost cultural war between object-oriented programming and functional programming. What is your take on this?

Booch: I had the opportunity to conduct an oral history with John Backus — one of the pioneers of functional programming — in 2006 on behalf of the Computer History Museum. I asked John why functional programming didn’t enter the mainstream, and his answer was perfect: “Functional programming makes it easy to do hard things” he said, “but functional programming makes it very difficult to do easy things….”

Q: Would you talk a bit about cryptography and Web3?

Booch: Web3 is a flaming pile of feces orbiting a giant dripping hairball. Cryptocurrencies — ones not backed by the full faith and credit of stable nation states — have only a few meaningful use cases, particularly if you are a corrupt dictator of a nation with a broken economic system, or a fraud and scammer who wants to grow their wealth at the expense of greater fools. I was one of the original signatories of a letter to Congress in 2022 for a very good reason: these technologies are inherently dangerous, they are architecturally flawed, and they introduce an attack surface that threatens economies….

Q: What do you make of transhumanism?

Booch: It’s a nice word that has little utility for me other than as something people use to sell books and to write clickbait articles….

Q: Do you think we’ll ever see conscious machines? Or, perhaps, something that compels us to accept them as such?

Booch: My experience tells me that the mind is computable. Hence, yes, I have reason to believe that we will see synthetic minds. But not in my lifetime; or yours; or your children; or your children’s children. Remember, also, that this will likely happen incrementally, not with a bang, and as such, we will co-evolve with these new species.

Read more of this story at Slashdot.