Category: programming

“The only rule is that you share at least one novel and also your source code at the end,” explains the event’s official page on GitHub.

From the repository’s README file:

The “novel” is defined however you want. It could be 50,000 repetitions of the word “meow” (and yes it’s been done!). It could literally grab a random novel from Project Gutenberg. It doesn’t matter, as long as it’s 50k+ words.

Please try to respect copyright. We’re not going to police it, as ultimately it’s on your head if you want to just copy/paste a Stephen King novel or whatever, but the most useful/interesting implementations are going to be ones that don’t engender lawsuits.

This year’s computer-generated novels include ” sunday in the sunday in the,” mapping the colors from each dot in the Pointillist painting Sunday Afternoon on the Island of La Grande Jatte onto words from the lyrics of a musical about that painting. (“Rush blind. Link adds shallot again….”)

And there’s still no actual Rust code in Linux:

“You need to get all those things that can make sure that Rust can compile, and you can do the debugging and all these things,” explained Joel Marcey, director of advocacy and operations for the Rust Foundation, “and make sure that the memory safety is there and all that sort of stuff. And that has to happen first before you can actually write any real code in Rust for the Linux kernel itself.”

Marcey explained that Linux is going to be doing this inclusion very piecemeal, with lots of little integrations here and there over time so they can see how it is working. “I would imagine that over the next year, you’re going to see more small incremental changes to the kernel with Rust, but as people are seeing that it’s actually kind of working out, you’ll be able to maybe, for example, write Linux drivers or whatever with Rust,” said Marcey….

According to Bec Rumbul, executive director of the Rust Foundation, Rust being added to the kernel is an “enormous vote of confidence in the Rust programming language.” She explained that in the past other languages have been planned to make it into the kernel and ended up not getting put in. “I think having someone with the kind of intellectual gravity of Linus Torvalds saying ‘No, it’s going in there,’ that kind of says an awful lot about how reliable Rust already is and how much potential there is for the future as well,” she said.

Rumbul believes that there will be an increased interest in the language, which is still relatively new (It first made its debut in 2010) compared to some of the other languages out there to choose from. “I suspect that because Rust is now in the kernel, and it’s just being talked about much … more widely, that it will seem like an attractive prospect to a lot of people that are looking to develop their skills and their knowledge,” she said. Rumbul hopes people will also be inspired to participate in the language as contributors and maintainers, because those are some of the less popular roles within open source, but are extremely critical to the health of a language, she explained.
The Rust Foundation also launched a new security team in September to ensure best practices (including a dedicated security engineer). Their first initiative will be a security audit and threat modeling exercises.

“We want to basically shore up,” Rust operations director Marcey tells SD Times, “to ensure that Rust itself is actually as secure as we always say it is.”

In this year’s Stack Overflow Developer Survey, 86.73% of developers said they love Rust.

ZDNet believe it shows developers “experimenting less and sticking with what they know and what works.”

JavaScript remains the largest programming language community, SlashData found. According to its research, there are an estimated 19.6 million developers worldwide using JavaScript every day in everything from web development and mobile apps to backend coding, cloud and game design. Java, meanwhile, is growing rapidly. In the last two years, the size of the Java community has more than doubled from 8.3 million to 16.5 million, SlashData found. For perspective, the global developer population grew about half as fast over the same period….

Python also continued to grow strongly, adding about eight million new developers over the last two years, according to SlashData. It accredited the rise of data science and machine learning as “a clear factor in Python’s growing popularity”. Approximately 63% of machine-learning developers and data scientists report using Python, whereas less than 15% use R, another programming language often associated with data science.

Both the Kotlin and Rust communities doubled in size in the past two years, the article points out. But according to the survey, only 9% of developers were involved in blockchain technologies.

Yet 27% of respondents reported they were learning about (if not currently working on) cryptocurrency-based projects. ZDNet summarizes the findings:

Of the three blockchain technologies covered in the report, non-fungible tokens (NFTs) were found to be of least interest to developers: 58% showed “no interest” in NFTs, which SlashData said was “likely due to its perception as a novelty”.

The report found that one-quarter (25%) of developers currently work on, or are learning about, blockchain applications other than cryptocurrencies.

In a new interview, he says the site’s been accessed about 50 billion times over the past 14 years — and then shares his thoughts on the notion that programmers could be replaced by no-code, low-code, or AI-driven pair programming:

A: Over the years, there have many, many tools, trying to democratize software development. That’s a very positive thing. I actually love the fact that programming is becoming easier to do with these onramps. I was speaking at Salesforce recently, and they’ve got people in sales organizations writing workflows, and that’s low code. You’ve got all these folks who are not software engineers that are creating their own automations and applications.

However, there is this trade-off. If you’re making software easier to build, you’re sacrificing things like customizability and a deeper understanding of how this code actually works. Back in the day, you might remember Microsoft FrontPage [an early HTML web page editor] as an example of that. You were limited to certain basic things, but you could get web work done. So similarly, these tools will work for general use cases. But, if they do that, without learning the fundamental principles of code, they will inevitably have some sort of a limit. For example, having to fix something that broke, I think they’re going to be really dumbfounded.

Still, I think it’s important, and I’m a believer. It’s a great way to get people engaged, excited, and started. But you got to know what you’re building. Access to sites like Stack Overflow help, but with more people learning as they’re building, it’s essential to make learning resources accessible at every stage of their journey….

Q: Is Stack Overflow considering any kind of certification? Particularly, as you just mentioned, since it’s so easy now for people to step in and start programming. But then there’s that big step from “Yes, I got it to work,” but now “I have to maintain it for users using it in ways I never dreamed of.”

A: “It’s very much part of our vision for our company. We see Stack Overflow going from collective knowledge to collective learning. Having all the information is fine and dandy, but are you learning? Now, that we’re part of Prosus’s edtech division, we’re very much looking forward to offering educational opportunities. Just as today, we can get knowledge to developers at the right place and time, we think we can deliver learning at just the right place and time. We believe we can make a huge impact with education and by potentially getting into the certification game.

Q: Some of the open-source nonprofits are moving into education as well. The Linux Foundation, in particular, has been moving here with the LF Training and Certification programs. Are you exploring that?

A: This is very much part of our vision….

Stack Overflow’s CEO adds that the site’s hot topics now include blockchain, machine learning, but especially technical cloud questions, “rising probably about 50% year over year over the past 10 years…. Related to this is an increase in interest in containerization and cloud-native services.”

[A] growing movement to write software in a language called Rust is gaining momentum because the code is goof-proof in an important way. By design, developers can’t accidentally create the most common types of exploitable security vulnerabilities when they’re coding in Rust, a distinction that could make a huge difference in the daily patch parade and ultimately the world’s baseline cybersecurity….

[B]ecause Rust produces more secure code [than C] and, crucially, doesn’t worsen performance to do it, the language has been steadily gaining adherents and now is at a turning point. Microsoft, Google, and Amazon Web Services have all been utilizing Rust since 2019, and the three companies formed the nonprofit Rust Foundation with Mozilla and Huawei in 2020 to sustain and grow the language. And after a couple of years of intensive work, the Linux kernel took its first steps last month to implement Rust support. “It’s going viral as a language,” says Dave Kleidermacher, vice president of engineering for Android security and privacy. “We’ve been investing in Rust on Android and across Google, and so many engineers are like, ‘How do I start doing this? This is great’….”

By writing new software in Rust instead, even amateur programmers can be confident that they haven’t introduced any memory-safety bugs into their code…. These types of vulnerabilities aren’t just esoteric software bugs. Research and auditing have repeatedly found that they make up the majority of all software vulnerabilities. So while you can still make mistakes and create security flaws while programming in Rust, the opportunity to eliminate memory-safety vulnerabilities is significant….

“Yes, it’s a lot of work, it will be a lot of work, but the tech industry has how many trillions of dollars, plus how many talented programmers? We have the resources,” says Josh Aas, executive director of the Internet Security Research Group, which runs the memory-safety initiative Prossimo as well as the free certificate authority Let’s Encrypt. “Problems that are merely a lot of work are great.”

Here’s how Dan Lorenc, CEO of the software supply-chain security company Chainguard, explains it to Wired. “Over the decades that people have been writing code in memory-unsafe languages, we’ve tried to improve and build better tooling and teach people how to not make these mistakes, but there are just limits to how much telling people to try harder can actually work.

“So you need a new technology that just makes that entire class of vulnerabilities impossible, and that’s what Rust is finally bringing to the table.”

Microsoft and Google have each stated that software memory safety issues are behind around 70 percent of their vulnerabilities. Poor memory management can lead to technical issues as well, such as incorrect program results, degradation of the program’s performance over time, and program crashes. NSA recommends that organizations use memory safe languages when possible and bolster protection through code-hardening defenses such as compiler options, tool options, and operating system configurations. The full report is available here (PDF).

An earlier post pointed out that “There have been a good amount of changes that have had to have been made to the compiler to get GATs to work,” noting that the request-for-comments for this feature was first opened in 2016.

And Rust’s types team also created a blog post with more detail:
Note that this is really just rounding out the places where you can put generics: for example, you can already have generics on freestanding type aliases and on functions in traits. Now you can just have generics on type aliases in traits (which we just call associated types)….

In general, GATs provide a foundational basis for a vast range of patterns and APIs. If you really want to get a feel for how many projects have been blocked on GATs being stable, go scroll through either the tracking issue: you will find numerous issues from other projects linking to those threads over the years saying something along the lines of “we want the API to look like X, but for that we need GATs” (or see this comment that has some of these put together already). If you’re interested in how GATs enable a library to do zero-copy parsing, resulting in nearly a ten-fold performance increase, you might be interested in checking out a blog post on it by Niko Matsakis.

All in all, even if you won’t need to use GATs directly, it’s very possible that the libraries you use will use GATs either internally or publically for ergonomics, performance, or just because that’s the only way the implementation works…. [A]ll the various people involved in getting this stabilization to happen deserve the utmost thanks. As said before, it’s been 6.5 years coming and it couldn’t have happened without everyone’s support and dedication.
Rust 1.65.0 also contains let-else statements — a new kind of let statement “with a refutable pattern and a diverging else block that executes when that pattern doesn’t match,” according to the release announcement.

And it highlights another new feature:

Plain block expressions can now be labeled as a break target, terminating that block early. This may sound a little like a goto statement, but it’s not an arbitrary jump, only from within a block to its end. This was already possible with loop blocks, and you may have seen people write loops that always execute only once, just to get a labeled break.

Now there’s a language feature specifically for that! Labeled break may also include an expression value, just as with loops, letting a multi-statement block have an early “return” value.

Carmi applauds Go’s readability-over-writability culture, its consistent concurrency model (with lightweight threading), and its broad ecosystem of tools. But in a second essay Carmi lists his complaints — about Go’s lack of keyword-based visibility modifiers (like “public” and “private”), how any symbol declared in a file “is automatically visible to the entire package,” and Go’s abundance of global built-in symbols (which complicate the choice of possible variable names, but which can still be overriden, since they aren’t actually keywords). After a longer wishlist — including null-pointer safety features and improvements to error handling — Carmi introduces a third article with “A Proposition for a Better Future.”
I would have loved to see a compile time environment that mostly looks like Go, but allows developers to be a bit more expressive to gain maintainability and runtime safety. But at the same time, allow the Go language itself to largely remain the same and not evolve into something new, as a lot of us Gophers fear. As Gophers, why not have two tools in our tool set?

The essay proposes a new extended flavor of Go called Goat — a “new compile-time environment that will produce standard, compatible, and performant Go files that are fully compatible with any other Go project. This means they can import regular Go files but also be safely imported from any other Go file.”

“Goat implementation will most likely be delivered as a code generation tool or as a transpiler producing regular go files,” explains a page created for the project on GitHub. “However, full implementation details should be designed once the specification provided in this document is finalized.”

Carmi’s essay concludes, “I want to ignite a thorough discussion around the design and specification of Goat…. This project will allow Go to remain simple and efficient while allowing the community to experiment with an extended flavor. Goat spec should be driven by the community and so it needs the opinion and contribution of any Gopher and non-Gopher out there.”

“Come join the discussion, we need your input.”

Related link: Go principal engineer Russ Cox gave a talk at GopherCon 2022 that was all about compatibility and “the strategies Go uses to continue to evolve without breaking your programs.”

“She was also credited with the invention of the first assembly language, a programming language designed to be readable by users.”
In 1946 she joined a team of mathematicians under Andrew Booth at Birkbeck College undertaking calculations for the scientists working on the X-ray crystallography images which contributed to the discovery of the double helix shape of DNA….

To help the number-crunching involved Booth had embarked on building a computing machine called the Automatic Relay Calculator or ARC, and in 1947 Kathleen accompanied him on a six-month visit to Princeton University, where they consulted John von Neumann, who had developed the idea of storing programs in a computer. On their return to England they co-wrote General Considerations in the Design of an All Purpose Electronic Digital Computer, and went on to make modifications to the original ARC to incorporate the lessons learnt.

Kathleen devised the ARC assembly language for the computer and designed the assembler.

In 1950 Kathleen took a PhD in applied mathematics and the same year she and Andrew Booth were married. In 1953 they cowrote Automatic Digital Calculators, which included the general principles involved in the new “Planning and Coding”programming style.

The Booths remained at Birkbeck until 1962 working on other computer designs including the All Purpose Electronic (X) Computer (Apexc, the forerunner of the ICT 1200 computer which became a bestseller in the 1960s), for which Kathleen published the seminal Programming for an Automatic Digital Calculator in 1958. The previous year she and her husband had co-founded the School of Computer Science and Information Systems at Birkbeck.
“The APE(X)C design was commercialized and sold as the HEC by the British Tabulating Machine Co Ltd, which eventually became ICL,” remembers the Register, sharing a 2010 video about the machine (along with several links for “Further Reading.”)

Their methodology? “We extract language rankings from GitHub and Stack Overflow, and combine them for a ranking that attempts to reflect both code (GitHub) and discussion (Stack Overflow) traction.” Below are this quarter’s results:

1. JavaScript
2. Python
3. Java
4. PHP
5. C#
6. CSS
7. C++
7. TypeScript
9. Ruby
10. C
11. Swift
12. R
12. Objective-C
14. Shell
15. Scala
15. Go
17. PowerShell
17. Kotlin
19. Rust
19. Dart

Their analysis of the latest rankings note “movement is increasingly rare…. the top 20 has been stable for multiple runs. As has been speculated about in this space previously, it seems increasingly clear that the hypothesis of a temporary equilibrium of programming language usage is supported by the evidence…. [W]e may have hit a point of relative — if temporary — contentment with the wide variety of languages available for developers’ usage.”

And yet this quarter TypeScript has risen from #8 to #7, now tied with C++, benefiting from attributes like its interoperability with an existing popular language with an increased availability of security-related features. “There is little suggestion at present that the language is headed anywhere but up. The only real question is on what timeframe.”

Unlike TypeScript, Go’s trajectory has been anything but clear. While it grew steadily and reasonably swiftly as languages go, it has appeared to be stalled, never placing higher than 14th and having dropped into 16 for the last three runs. This quarter, however, Go rose one spot in the rankings back up to 15. In and of itself, this is a move of limited significance, as the further one goes down the rankings the less significant the differences between them are, ranking-wise. But it has been over a year since we’ve seen movement from Go, which raises the question of whether there is any room for further upward ascent or whether it will remain hovering in the slot one would expect from a technically well regarded but not particularly versatile (from a use case standpoint) language.

Like Go, Kotlin had spent the last three runs in the same position. It and Rust had been moving in lockstep in recent quarters, but while Rust enters its fourth consecutive run in 19th place, Kotlin managed to achieve some separation this quarter jumping one spot up from 18 to 17.