Category: programming

Crate, RS, “Rustacean,” and the logo of Ferris the crab are all available for use by anyone consistent with their definition, with no special permission required. Here’s how the document’s quick reference describes other common use-cases:
Selling Goods — Unless explicitly approved, use of the Rust name or Logo is not allowed for the purposes of selling products/promotional goods for gain/profit, or for registering domain names. For example, it is not permitted to sell stickers of the Rust logo in an online shop for your personal profit.
Showing Support of Rust — When showing your support of the Rust Project on a personal site or blog, you may use the Rust name or Logo, as long as you abide by all the requirements listed in the Policy. You may use the Rust name or Logo in social media handles, avatars, and emojis to demonstrate Rust Project support in a manner that is decorative, so long as you don’t suggest commercial Rust affiliation.
Inclusion of the Marks in Educational Materials — You may use the Rust name in book and article titles and the Logo in graphic components, so long as you make it clear that the Rust Project or Foundation has not reviewed/approved/endorsed your content.
There’s also a FAQ, answering questions like “Can I use the Rust logo as my Twitter Avatar?” The updated policy draft says “We consider social media avatars on personal accounts to be fair use. On the other hand, using Rust trademarks in corporate social media bios/profile pictures is prohibited…. In general, we prohibit the modification of the Rust logo for any purpose, except to scale it. This includes distortion, transparency, color-changes affiliated with for-profit brands or political ideologies. On the other hand, if you would like to change the colors of the Rust logo to communicate allegiance with a community movement, we simply ask that you run the proposed logo change by us…”

And for swag at events using the Rust logo, “Merch developed for freebies/giveaways is normally fine, however you need approval to use the Rust Word and/or Logo to run a for-profit event. You are free to use Ferris the crab without permission… If your event is for-profit, you will need approval to use the Rust name or Logo. If you are simply covering costs and the event is non-profit, you may use the Rust name or Logo as long as it is clear that the event is not endorsed by the Rust Foundation. You are free to use Ferris the crab without permission.”

TypeScript 5.0, an update to Microsoft’s strongly typed JavaScript variant, is now available as a production release, Microsoft announced March 16. With the upgrade, TypeScript has been rebuilt to use ECMAScript modules. TypeScript 5.0 also modernizes decorators for class customization.

ECMAScript modules reduce package size and boost performance. Decorators, an upcoming ECMAScript feature, allow for customizing classes and their members in a reusable way, Microsoft noted in a March 1 blog post. Decorators can be used on methods, properties, getters, setters, and auto-accessors. Classes can be decorated for subclassing and registration. While TypeScript previously supported experimental decorators, these were modeled on a much older version of the decorators proposal. TypeScript 5.0 will permit decorators to be placed before or after export and export default, a change made since the January 26 beta release of the new version.

Here’s some of the highlights:

Q: Let me begin by asking something “of the moment.” There has been an almost cultural war between object-oriented programming and functional programming. What is your take on this?

Booch: I had the opportunity to conduct an oral history with John Backus — one of the pioneers of functional programming — in 2006 on behalf of the Computer History Museum. I asked John why functional programming didn’t enter the mainstream, and his answer was perfect: “Functional programming makes it easy to do hard things” he said, “but functional programming makes it very difficult to do easy things….”

Q: Would you talk a bit about cryptography and Web3?

Booch: Web3 is a flaming pile of feces orbiting a giant dripping hairball. Cryptocurrencies — ones not backed by the full faith and credit of stable nation states — have only a few meaningful use cases, particularly if you are a corrupt dictator of a nation with a broken economic system, or a fraud and scammer who wants to grow their wealth at the expense of greater fools. I was one of the original signatories of a letter to Congress in 2022 for a very good reason: these technologies are inherently dangerous, they are architecturally flawed, and they introduce an attack surface that threatens economies….

Q: What do you make of transhumanism?

Booch: It’s a nice word that has little utility for me other than as something people use to sell books and to write clickbait articles….

Q: Do you think we’ll ever see conscious machines? Or, perhaps, something that compels us to accept them as such?

Booch: My experience tells me that the mind is computable. Hence, yes, I have reason to believe that we will see synthetic minds. But not in my lifetime; or yours; or your children; or your children’s children. Remember, also, that this will likely happen incrementally, not with a bang, and as such, we will co-evolve with these new species.

Visual Basic (or VB) burst onto the scene at a magical, transitional moment, presenting a radically simpler alternative for Windows 3.0 development. Bill Gates’ genuine enthusiasm for VB is evident in an accompanying 1991 video in which BillG personally and playfully demonstrates Visual Basic 1.0 at its launch event, as well as in a 1994 video in which Gates thanks Alan Cooper, the
“Father of Visual Basic,” with the Windows Pioneer Award.

For Gates, VB was love at first sight. “It blew his mind, he had never seen anything like it,” recalls Cooper of Gates’s reaction to his 1988 demo of a prototype. “At one point he turned to his retinue and asked ‘Why can’t we do stuff like this?'” Gates even came up with the idea of taking Cooper’s visual programming frontend and replacing its small custom internal language with BASIC.

After seeing what Microsoft had done to his baby, Cooper reportedly sat frustrated in the front row at the launch event. But it’s hard to argue with success, and Cooper eventually came to appreciate VB’s impact. “Had Ruby [Cooper’s creation] gone to the market as a shell construction set,” Cooper said, “it would have made millions of people happier, but then Visual Basic made hundreds of millions of people happier. I was not right, or rather, I was right enough, had a modicum of rightness. Same for Bill Gates, but the two of us together did something pretty right.”

At its peak, Visual Basic had nearly 3.5 million developers worldwide. Many of the innovations that Alan Cooper and Scott Ferguson’s teams introduced 30 years ago with VB are nowhere to be found in modern development, fueling a nostalgic fondness for the ease and magic VB delivered that we have yet to rekindle.

But now, “we also have Zig, a newer language that seeks to absorb what’s best about these languages and offer comparable performance with a better, more reliable developer experience.”

Zig is a very active project. It was started by Andrew Kelley in 2015 and now seems to be reaching critical mass. Zig’s ambition is rather momentous in software history: to become the heir to C’s longstanding reign as both the go-to portable low-level language and as a standard to which other languages are compared….

Currently, Zig is being used to implement the Bun.js JavaScript runtime as an alternative to Node.js. Bun’s creator Jarred Sumner told me “Zig is sort of similar to writing C, but with better memory safety features in debug mode and modern features like defer (sort of similar to Go’s) and arbitrary code can be executed at compile-time via comptime. It has very few keywords so it’s a lot easier to learn than C++ or Rust.”

Zig differs from most other languages in its small feature footprint, which is the outcome of an explicit design goal: Only one obvious way to do things. Zig’s developers take this goal so much to heart that for a time, Zig had no for loop, which was deemed an unnecessary syntactic elaboration upon the already adequate while loop. Kevin Lynagh, coming from a Rust background, wrote, “The language is so small and consistent that after a few hours of study I was able to load enough of it into my head to just do my work.” Nathan Craddock, a C developer, echoed the sentiment. Programmers seem to really like the focused quality of Zig’s syntax.
While Zig is “approaching” production-ready status, the article notes its high degree of interoperability with C and C++, its unique error-handling system, and its elimination of a malloc keyword (leaving memory allocation to the standard library).

“For now, the Zig team appears to be taking its time with the 1.0 release, which may drop in 2025 or later — but none of that stops us from building all sorts of things with the language today.”

Telemetry, as Cox describes it, involves software sending data from Go software to a server to provide information about which functions are being used and how the software is performing. He argues it is beneficial for open source projects to have that information to guide development. And the absence of telemetry data, he contends, makes it more difficult for project maintainers to understand what’s important, what’s working, and to prioritize changes, thereby making maintainer burnout more likely. But such is Google’s reputation these days that many considering the proposal have doubts, despite the fact that the data collection contemplated involves measuring the usage of language features and language performance. The proposal isn’t about the sort of sensitive personal data vacuumed up by Google’s ad-focused groups. “Now you guys want to introduce telemetry into your programming language?” IT consultant Jacob Weisz said. “This is how you drive off any person who even considered giving your project a chance despite the warning signs. Please don’t do this, and please issue a public apology for even proposing it. Please leave a blast radius around this idea wide enough that nobody even suggests trying to do this again.”

He added: “Trust in Google’s behavior is at an all time low, and moves like this are a choice to shove what’s left of it off the edge of a cliff.”

Meanwhile, former Google cryptographer and current open source maintainer Filippo Valsorda said in a post to Mastodon: “This is a large unconventional design, there are a lot of tradeoffs worth discussing and details to explore,” he wrote. “When Russ showed it to me I made at least a dozen suggestions and many got implemented.”

“Instead: all opt-out telemetry is unethical; Google is evil; this is not needed. No one even argued why publishing any of this data could be a problem.”

Codex was trained on billions of lines of public code to suggest additional lines of code and functions given the context of existing code. The system surfaces a programming approach or solution in response to a description of what a developer wants to accomplish (e.g. “Say hello world”), drawing on both its knowledge base and the current context. According to the researchers, the study participants who had access to Codex were more likely to write incorrect and “insecure” (in the cybersecurity sense) solutions to programming problems compared to a control group. Even more concerningly, they were more likely to say that their insecure answers were secure compared to the people in the control.

Megha Srivastava, a postgraduate student at Stanford and the second co-author on the study, stressed that the findings aren’t a complete condemnation of Codex and other code-generating systems. The study participants didn’t have security expertise that might’ve enabled them to better spot code vulnerabilities, for one. That aside, Srivastava believes that code-generating systems are reliably helpful for tasks that aren’t high risk, like exploratory research code, and could with fine-tuning improve in their coding suggestions. “Companies that develop their own [systems], perhaps further trained on their in-house source code, may be better off as the model may be encouraged to generate outputs more in-line with their coding and security practices,” Srivastava said. The co-authors suggest vendors use a mechanism to “refine” users’ prompts to be more secure — “akin to a supervisor looking over and revising rough drafts of code,” reports TechCrunch. “They also suggest that developers of cryptography libraries ensure their default settings are secure, as code-generating systems tend to stick to default values that aren’t always free of exploits.”

According to Paul Jansen, CEO of Netherlands-based TIOBE Software, the rising popularity of C++ has pushed Java down a notch. The index’s rankings are now:
– Python in first place
– C second
– C++ third, and
– Java fourth.

C++ stepped up to third, and Java fell to fourth. “C++ surpassed Java for the first time in the history of the TIOBE Index, which means that Java is at position 4 now,” said Jansen in the December update for the TIOBE Index. “This is the first time that Java is not part of the top 3 since the beginning of the TIOBE Index in 2001.”

The surge in C++, perhaps in part helped by the stable release of C++ 20 in December 2020, is particularly ironic in light of the language’s recent dismissal by Microsoft CTO Mark Russinovich, which coincides with industry evangelism for Rust and its capacity for memory safety.
The article points out that other rankings still show a slighty higher popularity for Java.

And ZDNet notes the other languages rising quickly in popularity over the last 12 months:
In a year-on-year comparison in Tiobe’s index, the languages now in the top 20 that made significant gains over the period are: Rust (up from 27 to 20), Objective-C (up from 29 to 19), science-specialized MATLAB (20 to 14), and Google’s Go language (up from 19 to 12).

There are other initiatives underway, including the writing of an Apple graphics driver in the Rust language. For the initial merge into the mainline kernel, though, Linus Torvalds made it clear that as little functionality as possible should be included. So those drivers and their support code were trimmed out and must wait for a future kernel release. What is there is the support needed to build a module that can be loaded into the kernel, along with a small sample module…. Torvalds asked for something that could do “hello world” and that is what we got. It is something that can be played with, but it cannot be used for any sort of real kernel programming at this point.
That situation will, hopefully, change in the near future.

Meanwhile, Linux 6.1 also includes “support for destructive BPF programs, some significant io_uring performance improvements, better user-space control over transparent huge-page creation, improved memory-tiering support.”

The Register adds:
Other interesting additions include more support for the made-in-China LoongArch CPU architecture, introductory work to support Wi-Fi 7 and security fixes for some flaky Wi-Fi routines in previous versions of the kernel. There’s also plenty of effort to improve the performance of Linux on laptops, and enhanced power efficiency for AMD’s PC-centric RYZEN silicon.