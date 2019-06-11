Programming/Development Leftovers
Broadcom is sampling its first 7-nm network switch chip. In tandem with the Trident 4, the company released as open-source a new network programming language in an effort to stave off competition from startup Barefoot Network’s P4.
Open-source language Python is already one of the most popular programming languages among developers. It ranks in third place behind mainstays Java and C, according to programming language index Tiobe.
I asked myself/google "python array shift right" and was reminded that collections and deque exist. I've used them before. Python has so many cool tools I forget about all the time. You can't penalize someone for not remembering every single thing.
sphinxcontrib-sqltable is a Sphinx extension for embedding database contents in documents
Last week at JSConf EU, we had the pleasure of announcing the Stencil One final release on stage, just a few weeks after we released the beta. Now I’m excited to go in-depth and explain what this moment means for Stencil and Ionic.
Since Stencil One’s release just last week, developers can use the compiler to generate standards-compliant Web Components, while also delivering concepts from popular frameworks into a build-time tool.
According to Ionic, the creator of Stencil, stencil takes features such as async rendering, reactive data-binding, Typescript and JSX and generates web components with all the features included.
Tibco has made a direct developer play designed to drive recognition of its technologies in areas where programmers are looking to build cloud-native applications.
Known for its integration, API management and analytics stack, Tibco (sometimes written as TIBCO for The Information Bus COmpany) has now enhanced TIBCO Cloud Integration, TIBCO Cloud Mashery and TIBCO Cloud Events.
Openwashing Leftovers/New Examples
Here's what you need to know about Software Composition Analysis now
How Teemill is making circular fashion stylish and open source
wav2letter++: Facebook's Fast Open-source Speech Recognition System
Called Habitat, Facebook’s new, open-source simulator was briefly mentioned some months ago but today received the full expository treatment, to accompany a paper on the system being presented at CVPR.
Facebook Quietly Changes Search Tool Used by Investigators, Abused By Companies
Facebook’s Graph Search allowed anyone to search a wealth of public data on Facebook in very specific ways, such as searching content for keywords in a particular point in time.
GitHub platform improvements are helping orgs keep their dependencies in check
GitHub hires Bitnami co-founder Erica Brescia as its first COO
GitHub, a Microsoft company, hired Bitnami co-founder Erica Brescia as its first COO to scale the company — weeks after VMware snapped up her startup.
Microsoft Backs Open Source API Marketplace Startup RapidAPI
Kernel and Linux Foundation in Pockets of Proprietary Software Vendors
AT&T and Nokia have developed a radio edge cloud (REC) appliance that the two companies plan to release into open source via the Linux Foundation. The REC will make it possible for third parties to develop apps and get access to the radio access network (RAN).
[...]
Murphy said that it is not easy to predict all the use cases for REC but added that having an open source edge cloud with open interfaces to the RAN control will allow operators to have more options.
-
One of the main purposes of Accord Project is, therefore, to provide a vendor-neutral “.doc” format for smart legal agreements.
Apple, in typical fashion, isn’t commenting on the announcement, but the CNCF notes that end-user memberships are meant for organizations that are “heavy users of open source cloud native technologies” and that are looking to give back to the community. By becoming a CNCF end-user member, companies also join the Linux Foundation .
It differs from Linus’s tree at: https://github.com/torvalds/linux in that it contains all of the different stable tree branches and stable releases and tags, which many devices end up building on top of.
So, mirror away!
Also note, this is a read-only mirror, any pull requests created on it will be gleefully ignored, just like happens on Linus’s github mirror.
If people think this is needed on any other git hosting site, just let me know and I will be glad to push to other places as well.
Security Leftovers
Industry Watch: Of open source, data breaches and speed
Open-source software helps developers work faster and smarter, as they don’t have to ‘re-invent the wheel’ every time create an application. They just need to be sure the license attached to that software allows them to use the component the way they want. They also need to stay on top of that application, so if the component changes, or an API changes, their application isn’t affected and they are still in compliance.
Data protection is also something organizations must get serious about. While the GDPR only affects users in the European Union, it’s only a matter of time before those or similar regulations are in place in the U.S. and elsewhere. Companies should get a jump on that by doing a thorough audit of their data, to know they are prepared to be compliant with whatever comes down from the statehouses or from Washington, D.C.
On the speed side, the benefits of Agile and DevOps are clear. These methodologies enable companies to bring new software products to market faster, with the result of getting a jump on the competition, working more efficiently and ultimately serving your customers.
Unfortunately, these efforts are usually done by different teams of developers, database administrators and security experts. If the Equifax and Facebook breaches have taught us anything, it’s that you can’t expect developers to be security experts, and you can’t expect DB admins to understand the ramifications on the business when data is misunderstood.
It will take a coordinated approach to IT to achieve business goals while not leaving the company — and its IP and PII data — exposed.
More than 30 security issues have been fixed in VLC, the popular open source media player, with developers praising an EU-funded bug bounty program for helping produce its most secure update yet.
VLC media player, created by the software non-profit VideoLAN, was found to have 33 vulnerabilities within various versions, including two that were considered critical.
An out-of-bounds write was one of the severe vulnerabilities found to affect all VLC versions, and a stack buffer overflow was also discovered in VLC 4.0.
Less severe vulnerabilities consisted of out-of-band reads, heap overflows, NULL-dereference, and use-after-free bugs.
An updated version, VLC 3.0.7, has since been released for users to download.
Asigra is trying to capture FreeNAS users with a free-to-try plugin version of its backup software.
The Asigra FreeNAS plugin released this week allows customers to turn their iXsystems FreeNAS storage systems into backup targets. It encrypts and deduplicates data before it is sent to the FreeNAS system. The plugin also detects and quarantines malware and ransomware so that it doesn't get backed up.
Let’s begin our cookbook by selecting our recipe. I’ve had some phenomenal baked goods, and I’ve had some not-so-phenomenal baked goods (there is rarely a bad baked good). But I’ve been surprised before, by a croissant from a diner that didn’t taste like the one from the local French bakery, or by a buttercream frosting at a supermarket that just didn’t have the same delicate touch as the one I make at home. In each case, I expected the same as I had before – by title – yet encountered a much different experience. When selecting your recipes, it’s important to understand which type of a particular food you are expecting to make, or you may be met with a different taste when you finish than you were hoping for when you began.
[...]
As with cooking, when incorporating open source components into applications, it’s important to understand origin and evolution of what you’re baking into your software. Carefully review your open source component versions, and evaluate the community’s activity in order to have the greatest chance possible to predict the possible technical debt you may inherit.
