Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • Codeplay Launches Open-Source 'SYCL Academy' To Learn This Increasingly Popular Standard

    While SYCL has been around for five years as a Khronos standard providing a single-source C++ programming model for exploiting OpenCL, it has yet to reach its prime but demand for it is picking up with Intel working to upstream their SYCL back-end in LLVM, SYCL becoming part of their programming model with oneAPI and Xe Graphics, and other vendors also jumping on the SYCL bandwagon. Codeplay has now provided an open-source SYCL learning code for those interested in this higher-level alternative to straight OpenCL programming.

  • Open-Source Build and Test Tool Bazel Reaches 1.0

    Derived from Google's internal build tool Blaze, Bazel is a build and test tool that offers a human-readable definition language and is particularly aimed at large, multi-language, multi-repositories projects. Originally open-sourced in 2015, Bazel has now reached 1.0.

    One of the major implications of reaching version 1.0 for Bazel is the promise of greater stability and backward-compatibility guarantees. This has been a historical pain point for Bazel users, who often found themselves in the situation of having to rewrite part of their build rules due to frequent breaking changes in Bazel or its ecosystem. Accordingly, the Bazel team has committed to following semantic versioning for future Bazel releases, meaning only major versions will be allowed to include breaking changes. Furthermore, the team committed to maintaining a minimum stability window of three months between major versions.

  • DevOps Deeper Dive: DevOps Accelerates Open Source Innovation Pace

    That rate of innovation has increased dramatically in the last few years. However, much of that innovation would not have been possible if large swaths of the open source community hadn’t been able to employ best DevOps practices to collaborate, said CloudBees CEO Sacha Labourey.

    [...]

    None of this shift has been lost on IT vendors. As the demand for proprietary code slackened, many found it profitable to offer support services for open source software. The more there is to consume, the more the support services contracts grew. Now every vendor from IBM to small IT services providers such as Fairwinds has launched open source projects that help drive demand for IT services expertise.

    “There’s pain around integrating a lot of disparate open source projects,” said Robert Brennan, director of open source software for Fairwinds. “Organizations may be getting software for free, but there’s usually not a lot of help around.”

    Now almost every IT vendor in the world is making software engineers available to work on open source projects. All that talent focused on open source projects has led to the development of new platforms such as Jenkins, GitHub, Kubernetes and, more recently, a raft of smaller projects. With the rise of containers and cloud-native applications, open source software projects are entering another era that will see many of those same software engineers leveraging DevOps practices more broadly to drive even more innovative projects at increasingly faster rates.

  • Find your next developer from open source communities

    Meanwhile, demand for data scientists is rising as companies seek AI-based solutions to stay competitive. Demand is reflected in salary offers. Companies competing to hire and retain data experts are offering on average more than US$100,000, making it one of the most highly paid professions in the States.

    For companies lacking the budget to hire or train in-house staff to fill the role, they may find themselves struggling with maintaining technological infrastructure or moving forward with plans for digitization.

    Therefore, open source learning and further development of communities could be the solution to this gap.

    An IBM grant to support open source communities such as Girls Who Code, a non-profit organization offering coding lessons for women in the US, is a step forward to filling in a shortage of software developers.

More in Tux Machines

Programming: Gitea, NBD, Eclipse, Electron, Perl and Spyder (Python)

  • Gitea 1.11.0: Open source self-hosting Git solution gets a new update

    Gitea helps you set up your own self-hosted Git service with the use of lightweight Go code. The latest version, 1.11.0, includes a long list of updates, bug fixes, and improvements, including changing the markdown rendering to goldmark, and a new contrib command. Is self-hosting the right solution for you? See how Gitea compares to other Git hosting solutions.

  • NBD: A popular HTTP-fetching npm code library used by 48,000 other modules retires, no more updates coming

    After eleven months of planning, the npm-distributed request module has been deprecated, meaning the popular JavaScript code library for making HTTP requests is no longer supported and won't receive further updates. The almost 48,000 other npm modules that include request as a dependency won't see any immediate effect, other than a deprecation warning from the npm command line client. But the maintainers of those modules should consider revising their code so it uses an alternative library for handling HTTP interactions. Request, now at version 2.88.2 and still downloaded almost 17m times a week, was created in 2009 by Mikeal Rogers, who presently handles community operations at open source biz Protocol Labs.

  • Still Increasing the Power of Hybrid IT Through Open Source

    Broadcom (perhaps still better known as CA) used this year’s Arcati Mainframe Yearbook to highlight the mainframe development revolution and the growth in open source tools. They said that tools, like the green screens of ISPF and the Eclipse desktop IDE, enhanced with proprietary plugins have served mainframe application developers well over the years. However, there are changes in the larger world of development that are creating the conditions for a revolution in mainframe tooling.

  • Tangle EE project joins Eclipse Foundation to bring distributed ledger apps to enterprise

    As the number of IoT devices proliferate, and machines conduct transactions with machines without humans involved, it becomes increasingly necessary to have a permissionless system that facilitates this kind of communication in a secure way. Enter the IOTA Foundation, a Berlin-based open-source distributed ledger technology (DLT) project, which has hooked up with the Eclipse Foundation to bring IOTA DLT to the enterprise via the Tangle EE project. For starters, this involves forming a working group.

  • Eclipse Partners with IOTA on Open Source Distributed Ledger Tech
  • What to know about software development security — why it’s still so hard and how to tackle it

    The right software security practices can prevent many future security problems, and there is an increasingly realisation that software development security needs a cradle-to-grave approach, not just focusing on solving problems once they become apparent. There is still a long way to go and no-one can claim this is easy to address: the increasing complexity of modern software development environments, not to mention the sheer volume of code and other digital assets being created, often in continuous, fast-paced environments, exacerbates the challenge. [...] Coding standards are particularly relevant for some of the more complex programming languages — C++ in particular — which while introducing unprecedented scope for innovation and flexibility, also allow for more interpretation, which can lead even the most skilled developer to inadvertently introduce an error. Again, automation is key, especially for huge codebases and complicated embedded software projects, so static code analysis is increasingly introduced to reduce manual effort and associated risks.

  • Electron 8 - First Release As OpenJS Foundation Incubator

    At the end of last year Electron joined the OpenJS Foundation as an incubator project. The release of Electron 8, less than two months later, is an indication that it is thriving in its new home. Initially developed for GitHub's Atom editor, Electron is a cross-platform desktop application development tool based on Node.js and Chromium enabling apps to be packaged for Mac, Windows, and Linux. Both Atom and Electron were open sourced in 2014. News that Electron was joining the OpenJS Foundation was announced in December 2019 at the Node+JS Interactive conference held in Montreal.

  • Modularity for Maintenance

    One of the best things about maintaining open source in the modern era is that there are so many wonderful, free tools to let machines take care of the busy-work associated with collaboration, code-hosting, continuous integration, code quality maintenance, and so on. [...] But... let’s say you1 maintain a few dozen Python projects. Being a good maintainer, you’ve started splitting up your big monolithic packages into smaller ones, so your utility modules can be commonly shared as widely as possible rather than re-implemented once for each big frameworks. This is great! However, every one of those numbered list items above is now a task per project that you have to repeat from scratch. So imagine a matrix with all of those down one side and dozens of projects across the top - the full Cartesian product of these little administrative tasks is a tedious and exhausting pile of work. If you’re lucky enough to start every project close to perfect already, you can skip some of this work, but that partially just front-loads the tedium; plus, projects tend to start quite simple, then gradually escalate in complexity, so it’s helpful to be able to apply these incremental improvements one at a time, as your project gets bigger.

  • Perl Weekly Challenge 47: Roman Calculator and Gapful Numbers

    These are some answers to the Week 47 of the Perl Weekly Challenge organized by Mohammad S. Anwar. Spoiler Alert: This weekly challenge deadline is due in a couple of days (February 9, 2020). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own. I have really very little time to complete this blog post in time for the deadline. My explanations will be minimal, sorry about that.

  • The Spyder Development Community and Quansight Labs Announce the Release of Spyder 4

    The Spyder Project and Quansight Labs announced the release of Spyder 4, the latest version of the most popular open source Scientific Python development environment. Spyder 4 boasts new features that users have been eagerly awaiting. Spyder 4 provides users an enhanced coding experience like general purpose editors and IDEs, while strengthening its specialized focus on scientific programming in Python. 

today's howtos

FOSS in Crypto Projects and Crypto-currencies

Security and FUD Leftovers

  • Fwupd 1.3.8 Brings More Improvements For Firmware Updating On Linux Systems

    Red Hat's Richard Hughes has released Fwupd 1.3.8 as the latest version of this Linux utility for performing firmware updates of various system components. With the meteoric rise of Fwupd and LVFS, more Fwupd releases are having to deal with quirks and other peculiarities of different hardware components seeing Fwupd support and v1.3.8 is no different. Fwupd 1.3.8 adds a plug-in to support updating the power delivery controllers by Fresco Logic, a fix for Synaptics multi-stream transport devices, various EFI fixes/improvements, more parent devices are detected for different Lenovo USB hubs, support for GNUEFI file locations, and other fixes.

  • Cyber-gangs using SSH identities to sell on the black market [Ed: How to associate secure shell, SSH, with "black market", skull and bones, just because of machines that are already cracked because of something totally unrelated]

    Malware campaigns equipped with the capability to exploit powerful, hidden backdoors are becoming commoditised, researchers from Venafi have warned. The research shows several high-profile hacker campaigns are integrating the misuse of SSH machine identities capabilities into their attacks. Now, any attacker with access to the dark web can gain access to the same techniques that took down the Ukrainian power grid against every business and government agency. Malware can target common SSH machine identities used to access and automate Windows, Linux and MacOS in the enterprise and out to the cloud.

  • SAMM v2 – OWASP releases revamped security assurance framework

    A revamped version of OWASP’s Software Assurance Maturity Model (SAMM) adds automation along with maturity measurements to the open source security-related framework. OWASP SAMM v2 – released on Tuesday after three years of refinement – is geared towards helping organizations that develop software to travel down the path towards becoming more secure. The approach is based on a community-led open source framework that “allows teams and developers to assess, formulate, and implement strategies for better security which can be easily integrated into an existing organizational software development lifecycle”. [...] The OWASP SAMM community includes security knowledgeable volunteers from both businesses and educational organizations. The global community works to create “freely-available articles, methodologies, documentation, tools, and technologies”.

  • Smack: Some more busy nights and 12 bytes of IV

    Anu brought up the fact that the OMEMO XEP is not totally clear on the length of initialization vectors used for message encryption. Historically most clients use 16 bytes length, while normally you would want to use 12. Apparently some AES-GCM libraries on iOS only support 12 bytes length, so using 12 bytes is definitely desirable. Most OMEMO implementations already support receiving 12 bytes as well as 16 bytes IV.