Webtagr - Technology News Summarizer

XFCE 4.20 Released: Experimental Wayland Support and Numerous Improvements

2024-12-15

After nearly two years of development, XFCE 4.20 has been officially released! This version focuses on preparing the codebase for Wayland, now offering experimental Wayland support for most components, though it's still in its early stages and recommended for advanced users. XFCE 4.20 also boasts numerous new features, bug fixes, and improvements, including improved icon scaling, a performance-enhanced icon view, and an upgraded Thunar file manager. Importantly, Wayland support is incomplete, with some components and features yet to be ported.

(alexxcons.github.io)

Development Desktop Environment

Building a Simple Object System from Scratch in Ruby

2024-12-15

This blog post details building a basic object system in Ruby without using classes. The author cleverly uses anonymous functions and hash tables to implement core OOP concepts like method lookup, prototypal inheritance, mixins, and metaprogramming. Starting with a constructor function, the post demonstrates simulating private variables and public interfaces, effectively recreating class-like behavior and inheritance. Through clear code examples, readers learn to create objects, define methods, implement inheritance and mixins, and even build a rudimentary `attr_accessor`-like metaprogramming feature. It's a practical guide to understanding object system fundamentals.

(metacircu1ar.github.io)

Development Object-Oriented Programming Metaprogramming

JP Camara's RubyConf 2024 Talk Now on YouTube

2024-12-15

JP Camara's presentation on Ruby concurrency from RubyConf 2024 is now available on YouTube. The talk summarizes his past year's research and writing, and features animated slides. The video is also available on RubyVideo.

(jpcamara.com)

Development

TeaVM 0.11.0 Released: New WebAssembly Backend

2024-12-15

TeaVM 0.11.0 has been released, featuring a brand new WebAssembly backend. The old WebAssembly backend, while functional, lacked adoption due to insignificant performance gains and a poor developer experience. The new backend, leveraging the WebAssembly GC proposal, addresses these issues, improving interaction with browser JS APIs and reducing binary file size. While currently slightly less feature-rich than the JS backend, it already supports JSO (Java-to-JS interaction API), aiming for parity in the next release. This release also includes bug fixes in BitSet implementation and adds support for various JS APIs, such as file reading, touch events, the Popover API, and Navigator.sendBeacon.

(teavm.org)

Development

Farewell to Endless Meetings: A New Approach to High-Velocity Software Development

2024-12-15

Tired of endless meetings and lengthy planning? This article introduces a high-efficiency software development method: code-centric, rapid iteration. The author uses baking as an example to illustrate the concept of achieving the optimal solution through rapid experimentation, frequent testing, and continuous improvement. This method emphasizes reducing documentation, expressing ideas directly in code, using mock data and hot-reloading tools to speed up development, and improving code readability through concise code style and naming conventions. The author advocates breaking down projects into independently executable files, minimizing restart time, and using default language tools for debugging. Although this method may seem like a "chaotic lab," it can efficiently complete projects and avoid the redundancy and inefficiency of traditional methods.

(mihaiolteanu.me)

Development agile development efficient programming

Vim: A Programming Language Beyond an Editor

2024-12-15

Vim is more than just a text editor; it's a language for interacting with your computer. Its concise and efficient command structure is easy to learn and remember, and also easy for a computer to interpret. While Vim itself is powerful, its core strength lies in the fact that its mode has been integrated into almost every mainstream code editor, allowing developers to flexibly choose their preferred editor interface while retaining Vim's efficient command language. Therefore, NeoVim, as the most complete and consistent implementation of the Vim language, is valuable for providing this efficient editing language, not just the editor itself.

(blog.jonas.foo)

Development editor

Programming Languages: Balancing Safety and Power

2024-12-15

This article explores the trade-off between safety and power in programming languages. The traditional view is that powerful languages, like C with its manual memory management, are inherently unsafe. However, the author argues this is outdated. Modern language research shows that greater expressiveness allows for both safety and power. The evolution of macros in Lisp, Scheme, and Racket exemplifies this, demonstrating how improved design can enhance macro capabilities while maintaining safety. Racket's macro system is presented as a best practice, combining hygienic code with powerful manipulation capabilities. The article concludes that safe and reliable systems build more capable and reliable software, and recommends resources for further learning about Racket macros.

(lambdaland.org)

Development programming languages safety macros

Python Dependency Management: A Raging Inferno

2024-12-15

This article delves into the complexities of Python dependency management, likening it to building a bonfire in a dry forest. The author argues that Python dependencies aren't simply a matter of `pip install`; they encompass project packages, system packages, the operating system, hardware, and the environment itself. Good dependency management is crucial for reproducibility—ensuring consistent results across different environments. The article details version control, environment isolation, definition files, lock files, and other key concepts. It then provides a comprehensive comparison of numerous tools, including pip, venv, virtualenv, pip-tools, Pipenv, Poetry, PDM, pyenv, pipx, uv, Conda, Mamba, conda-lock, and Pixi, analyzing their strengths, weaknesses, and use cases. Finally, the author offers tool recommendations based on different scenarios (administrative privileges, dependency types, operating systems, etc.) and looks ahead to future trends in Python dependency management.

(nielscautaerts.xyz)

Development Python dependency management reproducibility Python tools

LLVM C Library Speeds Up GPUs: Running C Code on GPUs

2024-12-14

The LLVM project has released an exciting GPU C library enabling developers to run libc and libm functions directly on the GPU within C/C++ code. The library supports two main modes: as a supplementary library for offloading languages like OpenMP, CUDA, or HIP; and by directly compiling C/C++ code for the GPU. The article details how to use both modes, including compilation options, linking, and specific builds for AMD and NVIDIA GPUs. This library allows developers to leverage the parallel processing power of GPUs, significantly improving performance without needing deep knowledge of complex GPU programming models.

(libc.llvm.org)

Development GPU programming C library

Buzee: Open-Source Full-Text Search App Released

2024-12-14

Buzee is a cross-platform, full-text search application built with Rust and Svelte. It allows for fast searching of local files, folders, browser history, and more, even extracting text from PDFs and images using OCR. Developed over two years, this project showcases a robust architecture using Tauri for performance, SQLite and Tantivy for indexing, and a clean Svelte frontend. While feature-rich, it still has some areas for future development, and the author is releasing it open-source for others to contribute.

(github.com)

Development full-text search

Tailscale Subnet Routers: A Simple Solution for Complex Network Connections

2024-12-14

Tailscale typically requires installing a client on every device, but this isn't always feasible for embedded devices or existing VPCs. That's where subnet routers come in. They enable devices to communicate using Tailscale's powerful NAT traversal technology, regardless of whether they're running Tailscale. This article explains how Tailscale subnet routers work, including installation and configuration on Windows and Linux. For large network migrations or connecting AWS VPCs, subnet routers offer a fast and easy way to get started. Personal use is free and doesn't count against device limits.

(tailscale.com)

Development Subnet Router NAT Traversal

Ultralytics Suffers Supply Chain Attack: A PyPI Security Incident Analysis

2024-12-14

The Python project Ultralytics recently suffered a supply chain attack. Attackers compromised the project's GitHub Actions workflows and stole a PyPI API token, resulting in tainted versions 8.3.41, 8.3.42, 8.3.45, and 8.3.46. The attack didn't exploit a PyPI vulnerability but targeted the GitHub Actions cache. PyPI, leveraging Trusted Publishing and Sigstore transparency logs, quickly identified and removed the malicious software. The incident highlighted shortcomings in API token and GitHub environment configurations. The article stresses securing software forges and build/publish workflows, providing developers with security recommendations: using Trusted Publishers, locking dependencies, avoiding insecure patterns, and enabling multi-factor authentication.

(blog.pypi.org)

Development supply chain attack PyPI security software security

Asynchronous Rust on Cortex-M Microcontrollers: A Deep Dive

2024-12-14

This article delves into the world of asynchronous Rust programming on Cortex-M microcontrollers. It explains the mechanics of Futures, cooperative scheduling, and asynchronous Rust executors, showcasing their efficiency in resource management. The innovative Embassy framework, designed to empower asynchronous programming on microcontrollers, is introduced. Through practical examples like a Blinky and Button program, the article illustrates the application of asynchronous Rust in embedded systems, comparing its advantages and disadvantages against traditional RTOS approaches. The conclusion highlights the significant benefits of asynchronous Rust in terms of resource utilization and concurrency.

(interrupt.memfault.com)

Development Asynchronous Rust Embedded Systems

Fern, a YC-backed Startup, is Hiring a Senior Frontend Engineer

2024-12-14

Fern, a Y Combinator-backed startup, is seeking a Senior Frontend Engineer with a salary of $168,000-$192,000 plus equity. Located in Williamsburg, Brooklyn, NY, this in-person role requires 4+ years of experience in frontend development, proficiency in JavaScript/TypeScript, React, and Next.js. Responsibilities include streamlining developer experience, managing frontend infrastructure, building user-facing features, and fostering strong customer relationships. Fern simplifies API usage and counts Cohere, ElevenLabs, Webflow, and Merge.dev among its clients.

(www.ycombinator.com)

Development Frontend Engineer

Svader: A Svelte Library for GPU-Rendered Components

2024-12-14

Svader is a library for creating GPU-rendered Svelte components using WebGL and WebGPU fragment shaders. Developers can write programs in fragment shaders to customize pixel colors and control rendering effects through parameter passing. Supporting Svelte 4 and 5, it offers WebGL and WebGPU rendering modes with built-in parameters like resolution, scale, and time. Svader simplifies GPU rendering with easy-to-use components and provides fallback rendering in environments lacking WebGL or WebGPU support.

(github.com)

Development

The Science of Routing Print Orders at Canva

2024-12-14

Canva's engineering team built a configurable rules system for graph traversal to optimize print order routing. Decoupling graph building, traversal, and decision-making ensures high availability and scalability. It uses relational databases for data management and asynchronously generates a cached graph for fast querying. A rules engine and a modified minimum-cost flow algorithm find the optimal route in milliseconds, minimizing transport distance and carbon emissions, enhancing user experience and operational efficiency.

(www.canva.dev)

Development graph traversal rules engine order routing

Go: When to Say No

2024-12-14

A developer, after years of using Go, is switching back to Java. He finds Go lacking in several areas: limited looping options, absence of higher-order functions, cumbersome error handling, overly restrictive coding style leading to verbose and hard-to-maintain code, and an immature package ecosystem. While acknowledging Go's suitability for infrastructure projects, he advises against its use in complex enterprise applications.

(brainbaking.com)

Development development

The PHP Static Typing Debate: Flexibility and Efficiency of Dynamic Languages

2024-12-14

In this article, Tony Marston vehemently criticizes the enforced static type checking changes introduced in PHP 8.1. He argues that this change violates the core design principles of PHP's dynamic typing, clashing with PHP's long-standing flexible approach to data type handling and imposing a significant workload on developers. The article delves into the advantages of PHP's dynamic type system, such as automatic type conversion and flexible data handling, pointing out that the performance benefits of static typing are negligible in modern hardware, while hindering development efficiency. Marston contends that PHP's dynamic type system is better suited for handling HTML frontend and SQL backend data, and that enforcing static type checking is counterproductive, negatively impacting the PHP community.

(www.tonymarston.net)

Development static typing dynamic typing

uv: A Blazing-Fast Python Package and Project Manager

2024-12-14

uv, a lightning-fast Python package and project manager written in Rust, replaces pip, pip-tools, pipx, poetry, pyenv, twine, and virtualenv. Boasting a 10-100x speed improvement, uv offers project management, tool management, Python version management, script support, and a pip-compatible interface. Features like global caching and workspace support streamline workflows. From project creation and dependency management to running scripts and building distributables, uv provides efficient and convenient solutions for all your Python development needs.

(docs.astral.sh)

Development package management project management

From New Grad to Meta Staff Engineer in 3 Years: Evan King's Success Story

2024-12-14

Evan King shares his journey of rapidly advancing from a new graduate to a Staff Engineer at Meta in just three years. His six key principles for success include: prioritizing speed and efficiency to free up time for growth; broadening perspective to think strategically like a higher-level engineer; embracing uncertainty and sharing ideas freely; focusing on problem-solving over technical complexity; building goodwill and strong relationships; and maintaining a positive attitude. While acknowledging the role of luck and timing, Evan emphasizes the importance of cultivating sustainable habits that compound over time, focusing on core competencies and strategically utilizing the extra bandwidth created by efficiency.

(www.developing.dev)

Development career growth promotion software engineering

Clojure Error Handling: No Silver Bullet, Only Choices

2024-12-14

Clojure offers a diverse range of error-handling approaches, with no single best practice. The article explores several methods: throwing native exceptions, using `ex-info` for data-carrying exceptions, returning error maps, and utilizing various libraries for more sophisticated error handling flows, such as the `anomalies` library or options like `pact` and `failjure`. The author emphasizes that the choice depends on the specific context and that a mix of approaches can coexist within a single project. Developers are empowered to select the most appropriate solution for their needs; Clojure embraces this freedom.

(www.daveliepmann.com)

Development error handling

HTMX v2.0.4 Release Notes: Bug Fixes and Improvements

2024-12-14

The HTMX v2.0.4 release notes detail numerous bug fixes and improvements. This release focuses on stability and compatibility enhancements, including fixes for nested shadow root issues, improved `hx-boost` behavior on forms, better support for Web Components and Shadow DOM, and updated extensions for improved performance and reliability. Adjustments to the `htmx.ajax` function and optimizations to `hx-trigger` event handling are also included.

(github.com)

Development Release Bug Fixes

PhD Advisor Automates Writing Improvement with Shell Scripts

2024-12-14

To improve his PhD students' writing, an advisor created three shell scripts to detect passive voice overuse, weasel words, and duplicate words. Integrated into their LaTeX build system, these scripts encourage conscious choices for clarity and precision, rather than blind adherence to grammar rules. The advisor advocates for programmers using automation to combat writing weaknesses and recommends resources like "Style: The Basics of Clarity and Grace".

(matt.might.net)

Development Shell scripts Technical writing Automation

macOS 15.2 Update Breaks System Replication: Users Face Data Backup Nightmare

2024-12-14

A critical bug in macOS 15.2 has broken the system replication feature, causing data backups to fail with a 'Resource Busy' error, specifically when attempting to copy Preboot or Recovery partitions. Developer Dave Nanian explains that the problem stems from Apple's own code and currently has no easy fix. Users are forced to rely on third-party backup solutions, utilizing a 'Backup - all files' method with a Smart Update to restore their data after a clean system install. This issue is causing significant user frustration, particularly as the holiday season approaches.

(www.shirtpocket.com)

Development system failure data backup

Farebox: A Multimodal Routing Project in Rust

2024-12-14

Farebox is a fast RAPTOR implementation in Rust designed for memory-constrained machines. It leverages Valhalla for transfers and first/last mile routing, supporting multi-agency and timezone-aware routing. The project aims to supplement OpenTripPlanner, providing infill service for areas not covered by existing instances. Memory mapping is used for timetables to enable planet-scale coverage with a single instance and reduce hosting costs. Future plans include GTFS-RT support and potentially rRAPTOR for simultaneous itinerary calculation across various departure times.

(github.com)

Development Routing

Luon Programming Language: A Statically Typed Lua

2024-12-14

Luon is a new, statically-typed programming language with a syntax similar to Oberon-based languages, incorporating concepts from Lua and targeting the LuaJIT VM. Essentially a statically-typed version of Lua, it allows for the reuse of existing Lua and C libraries via external procedure declarations. Luon addresses shortcomings in Lua's error handling and code structure, offering a compiler and integrated IDE supporting procedural, generic, and object-oriented programming. The project includes extensive examples and test cases and is under active development.

(github.com)

Development statically typed

SCCS: The Source Code Motel After 50 Years

2024-12-13

This article retrospectively examines the influence of the Source Code Control System (SCCS) over the past 50 years. Author Larry McVoy details SCCS's unique weave format, which allows for merging by reference, avoiding the inefficiencies of patch-based copying found in other systems. He explains how SCCS leverages this weave to retrieve any file version in constant time and preserves authorship across versions. While acknowledging shortcomings like long-term locks and file-orientation, McVoy highlights the efficiency of the weave format and its preservation of authorship as groundbreaking, laying the groundwork for later systems like BitKeeper.

(www.tuhs.org)

Development Source Code Management

Hexagonal Architecture in Rails: A Path to Decoupling

2024-12-13

This article explores implementing Hexagonal Architecture (Ports and Adapters pattern) in Rails applications. The author initially struggled with the pattern until realizing that 'adapter' directly refers to the Gang of Four Adapter Pattern. The article details inbound and outbound ports, and how adapters decouple application logic from external services (databases, logging, email, etc.). Rails controllers can serve as HTTP adapters, but the author stresses avoiding direct ActiveRecord usage. Instead, custom repositories access data, improving decoupling and maintainability. The article concludes by encouraging Rails developers to adopt Hexagonal Architecture for more robust and maintainable applications.

(the.codegardener.com)

Development Hexagonal Architecture

Repurposing Old Smartphones as Kubernetes Cluster Nodes with postmarketOS

2024-12-13

The author built a functional Kubernetes cluster using discarded smartphones and the postmarketOS operating system. The article details the process, including the reasons for choosing old smartphones (substantial computing power, built-in batteries), the advantages of postmarketOS (Alpine Linux-based, uses the mainline Linux kernel), and challenges encountered during setup (kernel modules, network configuration). Solutions to these challenges are thoroughly explained. The author successfully repurposed old smartphones as Kubernetes nodes, efficiently utilizing resources and promoting sustainability.

(blog.denv.it)

4

Development smartphone repurposing

Bypassing Windows Kernel Mitigations: A Deep Dive into Violet Phosphorus

2024-12-13

This post delves into bypassing modern Windows 10 and 11 kernel mitigations like SMEP and VBS. The author details Violet Phosphorus, a universal VBS/SMEP bypass technique, providing PoC code and a ROP chain. It explains SMEP and VBS, demonstrating how to exploit a vulnerability in the HackSysExtremeVulnerableDriver to use ROP gadgets and the MiGetPteAddress function to modify page table entries for kernel code execution. The author also shows how to use Kristal-G's SYSRET shellcode to return to user mode. This is a valuable resource for kernel exploit development and security researchers, categorized as Development.

(wetw0rk.github.io)

Development kernel exploit SMEP bypass VBS bypass

Category: Development