Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • JavaScript has utterly ruined the web, so why does Brendan Eich get congratulated? Bonus: Gemini rising.

    For some years now, the web has been getting fatter and fatter. You’d be hard pressed to find anyone who thinks it’s doing much more for the user than it did 20 years ago (except maybe for native media codecs instead of Adobe Flash). Overall, it’s turned into less of a decentralized and open domain for the free exchange of ideas and code and people’s web logs, and more into a corporate shithole of Google, Facebook, and Cloudflare.

    In Richard Stallman’s “The JavaScript Trap” essay, he wrote that “web apps” are a danger to computer users because they encourage the use of non-Free software when the user doesn’t consider the problem. That they are applications, that they are written in ways that obscure how they work, that they are copyrighted and proprietary, and…even worse, they run on someone else’s computer, and they can stop you from using them at all after you need them, and spy on you.

    I’ve never, personally, seen anything dumber than an office suite you have to be online to use, and apparently enough people agreed with me even if they won’t just switch to LibreOffice, that Microsoft backpeddled from their previous position that there would be no more desktop program, and announced new versions of the desktop Microsoft Office.

    In fact, Microsoft’s office programs today are a huge regression over even their own products 20 or 30 years ago, when there was no annoying product activator and this web app nonsense that requires you to be online to edit a document, and then be “encouraged” to save them all to your OneDrive account where the government has access to everything. Also, Microsoft is the second largest advertising network on the internet after Google, and now they can parse anything you’re stupid enough to save on their cloud. (Plus, if you want to use MS Office 95 forever because reasons, Wine runs it just fine.)

  • Godot Engine - Release candidate: Godot 3.3.4 RC 1

    While we're busy working on both the upcoming Godot 4.0 and 3.4 releases (with a dev snapshot for 3.4 beta 5 available now), we still cherry-pick important bug fixes to the 3.3 branch regularly for maintenance releases (see our release policy).

    Godot 3.3.3 was released a month ago, and a handful of important fixes have been queued in the 3.3 branch since then. Most notably, users of the GDScript LSP in Visual Studio Code have been experiencing crashes in 3.3.3, which are fixed in this new Godot 3.3.4 RC 1.

    Note: Version numbers can be confusing with three branches worked on in parallel - this release is 3.3.4, i.e. a maintenance update to the 3.3 branch. This is not the upcoming 3.4 feature release.

    As there is no new feature and only bug fixes, this RC 1 should be as stable as 3.3.3-stable and can be used in production if you need one of the fixes it includes.

    As usual, you can try it live with the online version of the Godot editor updated for this release.

  • An introduction to monitoring using the ELK Stack

    If you need centralized, comprehensive monitoring, putting Elasticsearch, Logstash, and Kibana together can be a useful combination.

  • Web::PageMeta - a mixed sync/async lazy Perl Moose HTTP-GET module | Jozef [blogs.perl.org]

    Announcing here Web::PageMeta which is lazy build-ed HTTP-GET and web-scrape-data module able to work both in classic code and also to behave non-blocking in async code. More info on my blog or on CPAN or on GitHub.

  • The new MoarVM dispatch mechanism is here! | 6guts

    Around 18 months ago, I set about working on the largest set of architectural changes that Raku runtime MoarVM has seen since its inception. The work was most directly triggered by the realization that we had no good way to fix a certain semantic bug in dispatch without either causing huge performance impacts across the board or increasingly complexity even further in optimizations that were already riding their luck. However, the need for something like this had been apparent for a while: a persistent struggle to optimize certain Raku language features, the pain of a bunch of performance mechanisms that were all solving the same kind of problem but each for a specific situation, and a sense that, with everything learned since I founded MoarVM, it was possible to do better.

    The result is the development of a new generalized dispatch mechanism. An overview can be found in my Raku Conference talk about it (slides, video); in short, it gives us a far more uniform architecture for all kinds of dispatch, allowing us to deliver better performance on a range of language features that have thus far been glacial, as well as opening up opportunities for new optimizations.

    Today, this work has been merged, along with the matching changes in NQP (the Raku subset we use for bootstrapping and to implement the compiler) and Rakudo (the full Raku compiler and standard library implementation). This means that it will ship in the October 2021 releases.

  • 10 Very Stupid Linux Ideas

    If you are reading this page then you are like all of us a Linux fan, also you are using the command line every day and absolutely love Linux. But even in love and marriage there are things that make you just a little bit annoyed. Here in this article we are going to show you some of the most stupid Linux commands that a person can find.

  • Infinite loop ssh (Using echo, sleep, ssh)
  • Infinite loop ssh
  • 8 Useful and Interesting Bash Prompts

    Many people don’t think of the command line prompt as a useful element, or even pay it much attention. However, a useful prompt can change the way you use the command line, and by extension, your system. This article shows you a number of useful and interesting Bash prompts with examples. Note that we begin with the prompts themselves, then offer some further instructions on how to work with them.

    Here we offer a few Bash prompts, and not all will be serious. For example, our first entry on the list could bring a little joy to you when using the command line!

  • Mozilla Attack & Defense: Fixing a Security Bug by Changing a Function Signature

    This post is aimed at people who are developers but who do not know C or low-level details about things like sign extension. In other words, if you’re a seasoned pro and you eat memory safety vulnerabilities for lunch, then this will all be familiar territory for you; our goal here is to dive deep into how integer overflows can happen in real code, and to break the topic down in detail for people who aren’t as familiar with this aspect of security.

  • diziet | Rust for the Polyglot Programmer

    Rust is definitely in the news. I'm definitely on the bandwagon. (To me it feels like I've been wanting something like Rust for many years.) There're a huge number of intro tutorials, and of course there's the Rust Book.

    A friend observed to me, though, that while there's a lot of "write your first simple Rust program" there's a dearth of material aimed at the programmer who already knows a dozen diverse languages, and is familiar with computer architecture, basic type theory, and so on. Or indeed, for the impatient and confident reader more generally. I thought I would have a go.

More in Tux Machines

Security Leftovers

  • Linux Fixes Spectre V1 SWAPGS Mitigation After Being Partially Borked Since Last Year - Phoronix

    This week's set of "x86/urgent" changes for the Linux 5.16-rc4 kernel due out later today has some Spectre V1 fixes after kernel commits last year ended up partially messing things up around its SWAPGS handling. These fixes in turn will also likely be back-ported to relevant stable kernel series. Thanks to an Alibaba engineer, Lai Jiangshan, are some important fixes around the Spectre V1 SWAPGS mitigation that are landing today in the mainline kernel.

  • Reproducible Builds: Reproducible Builds in November 2021

    As a quick recap, whilst anyone may inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries. The motivation behind the reproducible builds effort is therefore to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised. If you are interested in contributing to our project, please visit our Contribute page on our website.

  • Reproducible Builds (diffoscope): diffoscope 195 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 195. This version includes the following changes:

    [ Chris Lamb ]
    * Don't use the runtime platform's native endianness when unpacking .pyc
      files to fix test failures on big-endian machines.
    

Linux 5.16-rc4

Fairly small rc4 this week. Three areas stand out in the diff: some
kvm fixes (and tests), network driver fixes, and the tegra SoC sound
fixes.

The rest is fairly spread out: drm fixes, some filesystem stuff,
various arch updates, and some smattering of random driver fixes.

Nothing looks all that scary, although I certainly hope the kvm side
will calm down.

                  Linus
Read more Also: Linux 5.16-rc4 Released - "Nothing Looks All That Scary"

EFF Argument in Patent Troll Case to Be Livestreamed on Monday

At 10 am Monday, FOSS folks and others interested in software patent litigation will have a chance to have a firsthand look at how our courts address patent cases. The case involves a “notorious patent troll,” according to Electronic Frontiers Foundation, that is trying to hide information from Apple, which it’s suing. “At a federal appeals court hearing that will be livestreamed, attorney Alexandra H. Moss, Executive Director at Public Interest Patent Law Institute, who is assisting EFF in the case, will argue that a judge’s order to unseal all documents and preserve public access in the case of Uniloc USA, Inc. v. Apple Inc. should be upheld,” EFF said in a statement on Thursday. “Uniloc is entitled to resolve its patent dispute in publicly-funded courts, Moss will argue, but it’s not entitled to do so secretly.” EFF said that this is the second time the plaintiff, Uniloc, has appealed an order to be more transparent in this case. Read more

Gnuastro 0.16 released

Dear all,

I am happy to announce the 16th official release of GNU Astronomy
Utilities (Gnuastro version 0.16).

Gnuastro is an official GNU package, consisting of various
command-line programs and library functions for the manipulation and
analysis of (astronomical) data. All the programs share the same basic
command-line user interface (modeled on GNU Coreutils). For the full
list of Gnuastro's library, programs, and a comprehensive general
tutorial (recommended place to start using Gnuastro), please see the
links below respectively:

https://www.gnu.org/s/gnuastro/manual/html_node/Gnuastro-library.html
https://www.gnu.org/s/gnuastro/manual/html_node/Gnuastro-programs-list.html
https://www.gnu.org/s/gnuastro/manual/html_node/General-program-usage-tutorial.html

For a complete review of the new/changed features in this release,
please see [1] below (also available in the 'NEWS' file within the
source code tarball).

Here is the compressed source and the GPG detached signature for this
release. To uncompress Lzip tarballs, see [2]. To check the validity
of the tarballs using the GPG detached signature (*.sig) see [3]:

  https://ftp.gnu.org/gnu/gnuastro/gnuastro-0.16.tar.lz    (3.7MB)
  https://ftp.gnu.org/gnu/gnuastro/gnuastro-0.16.tar.gz    (5.9MB)
  https://ftp.gnu.org/gnu/gnuastro/gnuastro-0.16.tar.gz.sig (833B)
  https://ftp.gnu.org/gnu/gnuastro/gnuastro-0.16.tar.lz.sig (833B)

Here are the SHA1 and SHA256 checksums (other ways to check if the
tarball you download is what we distributed). Just note that the
SHA256 checksum is base64 encoded, instead of the hexadecimal encoding
that most checksum tools default to.

fe1f84bf1be270f1a62091e9a5f89bb94b182154  gnuastro-0.16.tar.lz
B4hftfYuyc7x3I6aEJ2SQlkp6x7zOOrPz/bK2koGuR8  gnuastro-0.16.tar.lz
1ae00673648fe8db5630f1de9d70b49fadb42d7d  gnuastro-0.16.tar.gz
kMEdJbsFrRNxDLX4EXntgXNgikJv3/2LIEWGLV/e4i0  gnuastro-0.16.tar.gz

For this release, Pedram Ashofteh Ardakani, Natáli D. Anzanello,
Sepideh Eskandarlou, Raúl Infante-Sainz, Vladimir Markelov and Zahra
Sharbaf directly contributed to the source of Gnuastro, I am very
grateful to all of them. I should also thank Alejandro Serrano
Borlaff, Fernando Buitrago, Mark Calabretta, Zohreh Ghaffari, Giulia
Golini, Leslie Hunt, Raúl Infante-Sainz, Matthias Kluge, Juan Miro,
Juan Molina Tobar, Markus Schaney, Zahra Sharbaf, Vincenzo Testa,
Ignacio Trujillo and Aaron Watkins for their very good suggestions or
bug reports that have been implemented in Gnuastro 0.16.

If any of Gnuastro's programs or libraries are useful in your work,
please cite _and_ acknowledge them. For citation and acknowledgment
guidelines, run the relevant programs with a `--cite' option (it can
be different for different programs, so run it for all the programs
you use). Citations _and_ acknowledgments are vital for the continued
work on Gnuastro, so please don't forget to support us by doing so.

This tarball was bootstrapped (created) with the tools below. Note
that you don't need these to build Gnuastro from the tarball, these
are the tools that were used to make the tarball itself. They are only
mentioned here to be able to reproduce/recreate this tarball later.
  Texinfo 6.8
  Autoconf 2.71
  Automake 1.16.4
  Help2man 1.48.5
  ImageMagick 7.1.0-9
  Gnulib v0.1-4944-g7fc3219bc
  Autoconf archives v2021.02.19-29-g0fbee2a

The dependencies to build Gnuastro from this tarball on your system
are described here:
  https://www.gnu.org/s/gnuastro/manual/html_node/Dependencies.html

Best wishes,
Mohammad
Read more