Tech News

Yesterday, Daniel Stenberg, the lead developer of curl announced that Google is planning to reimplement curl in libcrurl and it will be renamed as libcurl_on_cronet. https://twitter.com/bagder/status/1141588339100934149 The official blog post reads, “The Chromium bug states that they will create a library of their own (named libcrurl) that will offer (parts of) the libcurl API and be implemented using Cronet.” Daniel Stenberg explains the reason for reimplementation, “Implementing libcurl using Cronet would allow developers to take advantage of the utility of the Chrome Network Stack, without having to learn a new interface and its corresponding workflow. This would ideally increase ease of accessibility of Cronet, and overall improve adoption of Cronet by first-party or third-party applications.” According to him, the team might also hope that 3rd party applications can switch to this library without the need for switching to another API. So if this works then there is a possibility that the team might also create “crurl” tool which then will be their own version of the tool using their own library. Daniel Stenberg states in the post, “In itself is a pretty strong indication that their API will not be fully compatible, as if it was they could just use the existing curl tool…” He writes, “As the primary author and developer of the libcurl API and the libcurl code, I assume that Cronet works quite differently than libcurl so there’s going to be quite a lot of wrestling of data and code flow to make this API work on that code.” The libcurl API is quite versatile and has developed over a period of almost 20 years. There’s a lot of functionality, options and subtle behavior that may or may not be easy to mimic. If the subset is limited to a number of functions and libcurl options and they are made to work exactly the way they have been documented, then it could be difficult as well as time-consuming. He writes, “I don’t think applications will be able to arbitrarily use either library for a very long time, if ever. libcurl has 80 public functions and curl_easy_setopt alone takes 268 different options!” Read Also: Cisco merely blacklisted a curl instead of actually fixing the vulnerable code for RV320 and RV325 According to Stenberg, there’s still no clarity on API/ABI stability or how are they planning to ship or version their library. Stenberg writes, “There’s this saying about imitation and flattery but getting competition from a giant like Google is a little intimidating. If they just put two paid engineers on their project they already have more dedicated man power than the original libcurl project does…” So, the team from Google’s end finds and fixes issues in the code and API such that curl improves. This makes more users aware of libcurl and its API and the team behind curl make it easier for users and applications to do safe and solid Internet transfers. According to Stenberg, applications need to be aware of the APIs they work with to avoid confusion. He also highlighted that users might have been confused because of the names, “libcrurl” and “crurl” as they appear to be like typos. He added, “Since I don’t think “libcrurl” will be able to offer a compatible API without a considerable effort, I think applications will need to be aware of which of the APIs they work with and then we have a “split world” to deal with for the foreseeable future and that will cause problems, documentation problems and users misunderstanding or just getting things wrong.” “Their naming will possibly also be the reason for confusion since “libcrurl” and “crurl” look so much like typos of the original names,” he said. To know more about this news, check out the blog post by Daniel Stanberg. Google Calendar was down for nearly three hours after a major outage How Genius used embedded hidden Morse code in lyrics to catch plagiarism in Google search results Google, Facebook and Twitter submit reports to EU Commission on progress to fight disinformation  

Just two months ago, the team behind GCC (GNU Compiler Collection) made certain changes to GCC 9.1. And Last week, the team released GCC 9.1 with improved diagnostics, location and simpler C++ errors.  What’s new in GCC 9.1? Changes to diagnostics The team added a left-hand margin that shows line numbers. GCC 9.1 now has a new look for the diagnostics. The diagnostics can label regions of the source code in order to show relevant information. The diagnostics come with left-hand and right-hand sides of the “+” operator, so GCC highlights them inline. The team has added a JSON output format such that GCC 9.1 now has a machine-readable output format for diagnostics. C++ errors  The compiler usually has to consider several functions while dealing with C++ at a given call site and reject all of them for different reasons. Also, the g++‘s error messages need to be handled and a specific reason needs to be given for rejecting each function. This makes simple cases difficult to read. This release comes with a  special-casing to simplify g++ errors for common cases. Improved C++ syntax in GCC 9.1 The major issue within GCC’s internal representation is that not every node within the syntax tree has a source location. For GCC 9.1, the team has worked to solve this problem so that most of the places in the C++ syntax tree now retain location information for longer. Users can now emit optimization information GCC 9.1 can now automatically vectorize loops and reorganize them to work on multiple iterations at once. Users will now have an option, -fopt-info, that will help in emitting optimization information. Improved runtime library in GCC 9.1 This release comes with improved experimental support for C++17, including <memory_resource>. There will also be a support for opening file streams with wide character paths on Windows. Arm specific This release comes with support for the deprecated Armv2 and Armv3 architectures and their variants have been removed. Support for the Armv5 and Armv5E architectures has also been removed. To know more about this news, check out RedHat’s blog post. DragonFly BSD 5.4.1 released with new system compiler in GCC 8 and more The D language front-end support finally merged into GCC 9 GCC 8.1 Standards released!

Last week, Bryn Jackson, CEO of Spectrum, a real-time community-centered conversational platform, announced that the project is now acquired by GitHub. Bryn, along with Brian Lovin, and Max Stoiber founded the Spectrum community platform in February 2017. This community is a place to ask questions, request features, report bugs, and also chat with the Spectrum team for queries. In a blogpost Bryn wrote, “After releasing an early prototype, people told us they also wanted to use it for their communities, so we decided to go all-in and build an open, inclusive home for developer and designer communities. Since officially launching the platform late last year, Spectrum has become home to almost 5,000 communities!” What will Spectrum bring to GitHub communities? By joining GitHub, Spectrum aims to align to GitHub’s goals of making developer lives easier and of fostering a strong community across the globe. For communities across GitHub, Spectrum will provide: A space for different communities across the internet. Free access to its full suite of features - including unlimited moderators, private communities and channels, and community analytics. A deeper integration with GitHub Spectrum has also opened a pull request to add some of GitHub’s policies to Spectrum’s Privacy Policy, which will be merged this week. Though many users have not heard about Spectrum, they are positively reacting towards its acquisition by GitHub. Many users have also compared it with other platforms such as Slack, Discord, and Gitter. To know more about this news, read Bryn Jackson’s blog post. GitHub Octoverse: The top programming languages of 2018 GitHub has passed an incredible 100 million repositories Github now allows repository owners to delete an issue: curse or a boon?

October 15, 2020 13:00 ET | Source: Rookout According to the 2020 State of Software Quality report, two out of three software developers estimate they spend at least a day per week troubleshooting issues in their code, and close to one-third spend even more time. DEJ’s research shows that organizations are losing $2,129,000 per month, on average, due to delays in application […] The post Rookout Launches a ‘Live Debugging Heatmap’ To Find Applications On Fire appeared first on DevOps.com.

Last week, Google announced that its Cloud Healthcare API is now available in beta. The API acts as a bridge between on-site healthcare systems and applications that are hosted on Google Cloud. This API is HIPAA compliant, ecosystem-ready and developer-friendly. The aim of the team at Google is to give hospitals and other healthcare facilities more analytical power with the help of Cloud Healthcare API. The official post reads, "From the beginning, our primary goal with Cloud Healthcare API has been to advance data interoperability by breaking down the data silos that exist within care systems. The API enables healthcare organizations to ingest and manage key data and better understand that data through the application of analytics and machine learning in real time, at scale." This API offers a managed solution for storing and accessing healthcare data in Google Cloud Platform (GCP). With the help of this API, users can now explore new capabilities for data analysis, machine learning, and application development for healthcare solutions. The  Cloud Healthcare API also simplifies app development and device integration to speed up the process. This API also supports standards-based data formats and protocols of existing healthcare tech. For instance, it will allow healthcare organizations to stream data processing with Cloud Dataflow, analyze data at scale with BigQuery, and tap into machine learning with the Cloud Machine Learning Engine. Features of Cloud Healthcare API Compliant and certified This API is HIPAA compliant and HITRUST CSF certified. Google is also planning ISO 27001, ISO 27017, and ISO 27018 certifications for Cloud Healthcare API. Explore your data This API allows users to explore their healthcare data by incorporating advanced analytics and machine learning solutions such as BigQuery, Cloud AutoML, and Cloud ML Engine. Managed scalability Google’s Cloud Healthcare API provides web-native, serverless scaling which is optimized by Google’s infrastructure. Users can simply activate the API to send requests as the initial capacity configuration is not required. Apigee Integration This API integrates with Apigee, which is recognized by Gartner as a leader in full lifecycle API management, for delivering app and service ecosystems around user data. Developer-friendly This API organizes users’ healthcare information into datasets with one or more modality-specific stores per set where each store exposes both a REST and RPC interface. Enhanced data liquidity The API also supports bulk import and export of FHIR data and DICOM data, which accelerates delivery for applications with dependencies on existing datasets. It further provides a convenient API for moving data between projects. The official post reads, “While our product and engineering teams are focused on building products to solve challenges across the healthcare and life sciences industries, our core mission embraces close collaboration with our partners and customers.” Google will highlight what its partners, including the American Cancer Society, CareCloud, Kaiser Permanente, and iDigital are doing with the API at the ongoing Google Cloud Next. To know more about this news, check out Google’s official announcement. Ian Goodfellow quits Google and joins Apple as a director of machine learning Google dissolves its Advanced Technology External Advisory Council in a week after repeat criticism on selection of members Google employees filed petition to remove anti-trans, anti-LGBTQ and anti-immigrant Kay Coles James from the AI council  

Jarrett O’Brien Nonprofit Cloud Product Marketing Director, Salesforce Kristin Adderson December 10, 2020 - 4:00pm December 10, 2020 2020 has delivered so many unknowns in terms of how nonprofits operate, convene supporters, and plan for the future. All these unknowns have come with financial uncertainty—which forces leadership to make tough decisions and challenging pivots to keep their organizations thriving. These decisions are best made with strong conviction and a foundation of rock-solid data.  Eric Dayton, Director of Data at buildOn, faced many unknowns when he came home from Malawi on March 3rd, a week before the COVID shutdown. Fortunately, buildOn’s ongoing investment in their digital transformation helped the organization shift gears smoothly and chart a course of action during the early days of the pandemic.  Dayton shared how their investment in digital helped: “Data and transparency are leading tenets for buildOn and the communities we serve. If we hadn't dug deep and done all the work to digitize our mission over the last few years, we wouldn't be so well set up to succeed.” Dayton was able to help his organization quickly pivot their fundraising and programs to continue to achieve their goals. For many organizations, the right technology, data, and strategy can make all the difference. A misplaced metric can erode trust in a board or funder meeting, but the right one can get your program funded. Using robust data to inform your decisions can help your nonprofit become more agile—while lack of data can hold nonprofits back from making decisions at all. “We grew up in the 1990s and early 2000s. We were spreadsheet-based, with simple, digestible KPIs presented to main stakeholders in a basic Excel file,” shared Dayton. “That spreadsheet grew into a system teams relied on, but it didn’t function or scale well. Nonprofits think these manual systems are helping their business, but they’re actually the source of 90% of the organization’s problems, especially when it comes to analyzing large amounts of data.”  Digital-first thinking from buildOn supports a data-driven culture that empowers staff to lead with confidence and navigate uncertain times. And they’re not alone in finding success in a digital-forward approach: In our 3rd edition of the Nonprofit Trends Report, we saw 27% of organizations with high digital maturity exceed their fundraising goals during the pandemic, compared to organizations with low digital maturity exceeding only 7% of their goals.   Tableau Dashboard 3rd Edition of Nonprofit Trends Report showing nonprofit organizations that exceeded goals by digital maturity. In an environment that’s shifting and evolving constantly, nonprofit fundraising leaders are seeking answers to these urgent questions:  What is our revenue health, and how is it trending? Which effective fundraising strategies should we pursue? How are campaigns performing, based on actual dollars raised? To help fundraising professionals get answers to these questions, we are excited to share with you our new Tableau Dashboards for Nonprofit Fundraising, which leverage the power of Tableau and the Nonprofit Success Pack (NPSP). Product Manager Mike Best had clear directives for this initiative. “Our customers told us they wanted a holistic picture of their fundraising effectiveness that was not only easy to understand, but—just as important—easy to implement.”  Best worked with colleagues who previously worked in development operations, our customers, and analytics experts to help fundraising professionals get the information they needed deployed more quickly in their work.   For Eric Dayton at buildOn, that meant being able to move full speed ahead with Tableau for Fundraising to unlock their donor data. “We were able to quickly deploy Tableau Starter Dashboards for Salesforce Nonprofit Cloud to unlock our donor data, forecast more effectively, and visualize revenue performance. Analytics allow us to make data-driven decisions across teams, which will allow us to navigate 2021 with greater impact.” Here are three ways the Tableau Dashboards for Nonprofit Fundraising can help you unlock your data and make decisions for the future of your organization, with confidence.  1. Understand & visualize revenue health Are you fielding questions like, “How’s the forecast?” or “Are our average donor contributions going up or down?” Being able to easily visualize and share this information builds toward a more data-driven culture. Clean data that’s easy to see and interpret helps to streamline the decision-making process in times of uncertainty, and navigate that uncertainty with more ease.  The fundraising overview dashboard helps you quickly scan revenue from a benchmark of last year or your revenue goals for the end of this year, uncovering both risks and opportunities. You can then dive into monthly performance, based on the number of donors, location, average gift amount, and the value of each donor or type of campaign.   Tableau Dashboards for Nonprofit Fundraising Revenue overview. 2. Create effective fundraising strategies For example, once you know that revenue is going down in July, or you’re off course to hit an important goal, the next step is to figure out where you might be able to shift strategies and get back on track.  The next tab helps you compare key statistics around new, retained, reactivated, recurring, and lapsed donors. This worksheet gives you a quick snapshot of donors, revenue, average gift amount, and more. Fundraising leaders can even zone in on a type of donation—say mid-level—to scan where that money is coming from. Tableau Dashboards for Nonprofit Fundraising donor acquisition, retention, and churn. 3. Drive campaign performance Once you have a strategy to reach those donors, it’s incredibly valuable to have the capacity to see how those campaigns or changes to channel tactics are performing.  With the campaign efficacy dashboard, you can understand which campaigns drive the most revenue, benchmark against campaigns with similar strategies or launched in close proximity to each other, and glean campaign trends over time. Tableau Dashboards for Nonprofit Fundraising campaign efficacy. With Tableau Dashboards for Nonprofit Fundraising, you can democratize data and drive decisions that help your mission thrive in the new normal. Tableau helps you take the next step to give your people the power of data, whether they’re a fundraising leader reading a report on their phone or a funder visiting your website.  To learn more about Tableau and ways to integrate and scale your analytics, check out the Tableau Basics for Nonprofits trail on Trailhead.

Today, we are releasing the October 2020 Security and Quality Rollup Updates for .NET Framework. Security CVE-2020-16937– .NET Framework Information Disclosure Vulnerability An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system’s memory. To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application. The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory. To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE). CVE-2020-16937 Quality and Reliability This release contains the following quality and reliability improvements. ASP.NET Disabled resuse of AppPathModifier in ASP.Net control output. HttpCookie objects in the ASP.Net request context will be created with configured defaults for cookie flags instead of .NET-style primitive defaults to match the behavior of `new HttpCookie(name)`. CLR1 Added a CLR config variable Thread_AssignCpuGroups (1 by default) that can be set to 0 to disable automatic CPU group assignment done by the CLR for new threads created by Thread.Start() and thread pool threads, such that an app may do its own thread-spreading. Addressed a rare data corruption that can occur when using new API’s such as Unsafe.ByteOffset which are often used with the new Span types. The corruption could occur when a GC operation is performed while a thread is calling Unsafe.ByteOffset from inside of a loop. SQL Addressed a failure that sometimes occured when a user connects to one Azure SQL database, performed an enclave based operation, and then connected to another database under the same server that has the same Attestation URL and performed an enclave operation on the second server. Windows Forms Addressed a regression introduced in .NET Framework 4.8, where Control.AccessibleName, Control.AccessibleRole, and Control.AccessibleDescription properties stopped working for the following controls:Label, GroupBox, ToolStrip, ToolStripItems, StatusStrip, StatusStripItems, PropertyGrid, ProgressBar, ComboBox, MenuStrip, MenuItems, DataGridView. Addressed a regression in accessible name for combo box items for data bound combo boxes. .NET Framework 4.8 started using type name instead of the value of the DisplayMember property as an accessible name, this improvement uses the DisplayMember again. WCF2 Addressed an issue with WCF services sometimes failing to start when starting multiple services concurrently. 1 Common Language Runtime (CLR) 2 Windows Communication Foundation (WCF) Getting the Update The Security and Quality Rollup is available via Windows Update, Windows Server Update Services, and Microsoft Update Catalog. The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog. Microsoft Update Catalog You can get the update via the Microsoft Update Catalog. For Windows 10, NET Framework 4.8 updates are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog. Updates for other versions of .NET Framework are part of the Windows 10 Monthly Cumulative Update. **Note**: Customers that rely on Windows Update and Windows Server Update Services will automatically receive the .NET Framework version-specific updates. Advanced system administrators can also take use of the below direct Microsoft Update Catalog download links to .NET Framework-specific updates. Before applying these updates, please ensure that you carefully review the .NET Framework version applicability, to ensure that you only install updates on systems where they apply. The following table is for Windows 10 and Windows Server 2016+ versions. Product Version Cumulative Update Windows 10 Version Next and Windows Server, Version Next .NET Framework 3.5, 4.8 Catalog 4578967 Windows 10, version 20H2 and Windows Server, version 20H2 .NET Framework 3.5, 4.8 Catalog 4578968 Windows 10 2004 and Windows Server, version 2004 .NET Framework 3.5, 4.8 Catalog 4578968 Windows 10 1909 and Windows Server, version 1909 .NET Framework 3.5, 4.8 Catalog 4578974 Windows 10 1903 and Windows Server, version 1903 .NET Framework 3.5, 4.8 Catalog 4578974 Windows 10 1809 (October 2018 Update) and Windows Server 2019 4579976 .NET Framework 3.5, 4.7.2 Catalog 4578966 .NET Framework 3.5, 4.8 Catalog 4578973 Windows 10 1803 (April 2018 Update) .NET Framework 3.5, 4.7.2 Catalog 4580330 .NET Framework 4.8 Catalog 4578972 Windows 10 1709 (Fall Creators Update) .NET Framework 3.5, 4.7.1, 4.7.2 Catalog 4580328 .NET Framework 4.8 Catalog 4578971 Windows 10 1703 (Creators Update) .NET Framework 3.5, 4.7, 4.7.1, 4.7.2 Catalog 4580370 .NET Framework 4.8 Catalog 4578970 Windows 10 1607 (Anniversary Update) and Windows Server 2016 .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 4580346 .NET Framework 4.8 Catalog 4578969 Windows 10 1507 .NET Framework 3.5, 4.6, 4.6.1, 4.6.2 Catalog 4580327 The following table is for earlier Windows and Windows Server versions. Product Version Security and Quality Rollup Security Only Update Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2 4579979 4580469 .NET Framework 3.5 Catalog 4578953 Catalog 4578981 .NET Framework 4.5.2 Catalog 4578956 Catalog 4578984 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 4578962 Catalog 4578986 .NET Framework 4.8 Catalog 4578976 Catalog 4578989 Windows Server 2012 4579978 4580468 .NET Framework 3.5 Catalog 4578950 Catalog 4578978 .NET Framework 4.5.2 Catalog 4578954 Catalog 4578982 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 4578961 Catalog 4578985 .NET Framework 4.8 Catalog 4578975 Catalog 4578988 Windows 7 SP1 and Windows Server 2008 R2 SP1 4579977 4580467 .NET Framework 3.5.1 Catalog 4578952 Catalog 4578980 .NET Framework 4.5.2 Catalog 4578955 Catalog 4578983 .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 Catalog 4578963 Catalog 4578987 .NET Framework 4.8 Catalog 4578977 Catalog 4578990 Windows Server 2008 4579980 4580470 .NET Framework 2.0, 3.0 Catalog 4578951 Catalog 4578979 .NET Framework 4.5.2 Catalog 4578955 Catalog 4578983 .NET Framework 4.6 Catalog 4578963 Catalog 4578987   Previous Monthly Rollups The last few .NET Framework Monthly updates are listed below for your convenience: .NET Framework October 1, 2020 Cumulative Update Preview Update for Windows 10, version 2004 and Windows Server, version 2004 .NET Framework September 2020 Cumulative Update Preview Update .NET Framework September 2020 Security and Quality Rollup Updates The post .NET Framework October 2020 Security and Quality Rollup Updates appeared first on .NET Blog.

It seems big tech giants are getting pretty serious about protecting election integrity and adopting data protection measures. At the ongoing Microsoft Build 2019 developer conference, CEO Satya Nadella announced ElectionGuard, a free open-source software development kit (SDK) as an extension of Microsoft’s Defending Democracy Program. ElectionGuard SDK It is an open-source SDK and voting system reference implementation that was developed in partnership with Galois. This SDK will provide voting system vendors with the ability to enable end-to-end verifiability and improved risk-limiting audit capabilities for elections in their systems. It will be offered free to voting system vendors either to integrate into their existing systems or to use to build all-new election systems. “One of the things we want to ensure is real transparency and verifiability in election systems. And so this is an open source project that will be alive on GitHub by the end of this month, which will even bring some new technology from Microsoft Research around homomorphic encryption, so that you can have the software stack that can modernize all of the election infrastructure everywhere in the world,” CEO Satya Nadella said onstage today at Microsoft’s annual Build developer conference in Seattle. The ElectionGuard SDK and reference implementation will be available on GitHub in June, just ahead of the EU elections. Microsoft 365 for Campaigns Micrsoft365 for Campaigns provides security capabilities of Microsoft 365 Business to political parties and individual candidates. M365 for Campaigns will be rolled out to customers this summer for $5 per user per month. Any campaign using M365 for Campaigns will have free access to Microsoft’s AccountGuard service. Microsoft claims it'll be affordable, naturally, and "preconfigured to optimize for the unique operating environments campaigns face." Starting next month, M365 for Campaigns will be available for all federal election campaign candidates, federal candidate committees, and national party committees in the United States Microsoft Build is in its 6th year and will continue till 8th May. The conference hosts over 6,000 attendees with early 500 student-age developers and over 2,600 customers and partners in attendance. Watch this space for more coverage of Microsoft Build 2019. Microsoft introduces Remote Development extensions to make remote development easier on VS Code Docker announces a collaboration with Microsoft’s .NET at DockerCon 2019 How Visual Studio Code can help bridge the gap between full-stack development and DevOps [Sponsered by Microsoft]

Last week, Poetry, a dependency management and packaging tool for Python released their version 1 beta 1. Before venturing into details of this Poetry release, let’s have a brief overview about Python, its issues with dependency management, pipenv and Poetry in general. There’s no doubt that Python is loved by many developers. It is considered as one of the top-rated programming languages with benefits like extensive support library, less-complex syntax, high productivity, excellent integration feature, and many more. Though it has been rated as one of the fastest growing programming languages in 2019, there are some problems with Python, which if rectified, can make it more powerful and accessible to users. Python’s poor dependency management is one such issue. Dependency management helps in managing all the libraries required to make an application work. It becomes extremely necessary when working in a complex project or in a multi-environment. An ideal dependency management tool assists in tracking, updating libraries easier and faster, as well as to solve package dependency issues. Python’s dependency management requires users to make a virtual environment to have separate dependencies, manual addition of version number in every file, inability to parallelize dependency installation and more.  To combat these issues, Python now has two maturing dependency management tools called Pipenv and Poetry. Each of these tools simplify the process of creating a virtual environment and sorting dependencies.  The PyPA-endorsed Pipenv automatically creates and manages a virtualenv for user projects. It also adds/removes packages from the Pipfile as a user installs/uninstalls packages. Its main features include automatically generating a Pipfile and a Pipfile.lock, if one doesn't exist, creating a virtualenv, adding packages to a Pipfile when installed to name a few. On the other hand, Poetry dependency management tool uses only one pyproject.toml file to manage all the dependencies. Poetry allows users to declare the libraries that their project depends on and Poetry will automatically install/update them for the user. It allows projects to be directly published to PyPI, easy tracking of the state of dependencies, and more.  New features in Poetry v1 beta 1 The major highlight in Poetry v1 beta 1 is the new added support for url dependencies in the pull request checklist. This new feature is a significant one for Python users, as it can be added to a current project via the add command or by modifying the pyproject.toml file directly.  Other features in Poetry v1 beta 1 Support for publishing to PyPI using API tokens Licenses can be identified by their full name Settings can be specified with environment variables Settings no longer need to be prefixed by settings, when using the config command.  Users, in general, are quite happy with the Poetry dependency management tool for Python, as can be seen in the user reactions below from Hacker News.  A comment on Hacker News reads, “I like how transparent poetry is about what's happening when you run it, and how well presented that information is. I've come to loathe pipenv's progress bar. Running it in verbose mode isn't much better. I can't be too mad at pipenv, but all in all poetry is a better experience.” Another user says, “Poetry is very good. I think projects should use it. I hope the rest of the ecosystem can catch up quickly. Tox and pip and and pex need full support for PEP 517/518.” Another user comments, “When you run poetry, it activates the virtualenv before it runs whatever you wanted. So `poetry add` (it's version of pip install) doesn't require you to have the virtualenv active. It will activate it, run the install, and update your dependency specifications in pyproject.toml.  You can also do `poetry run` and it will activate the virtualenv before it runs whatever shell command comes after. Or you can do `poetry shell` to run a shell inside the virtualenv. I like the seamless integration, personally.” Łukasz Langa at PyLondinium19: “If Python stays synonymous with CPython for too long, we’ll be in big trouble” PyTorch 1.2 is here with a new TorchScript API, expanded ONNX export, and more NumPy 1.17.0 is here, officially drops Python 2.7 support pushing forward Python 3 adoption

Mozilla is constantly putting its efforts in developing new tools that ease the life of a data scientist. In March this year, it introduced Iodide, an experimental tool to create interactive documents using web technologies. And, yesterday, it has come up with another experimental tool called Pyodide to create a full Python data science stack that runs entirely in the browser. Why Pyodide is introduced? JavaScript, the most popularly-used web language, does not offer a mature suite of data science library. It also lacks a number of features for numerical computing such as operator overloading. Mozilla aims to change this and bring data science-related tools to JavaScript. Additionally, it is also argued that Python’s limitation of not being able to run in the browser can prove to be a threat to the language itself. Mozilla in the blog wrote, “with so much user interaction happening on the web or on mobile devices, it needs to work there or be left behind.” What is Pyodide? Pyodide provides a full, standard Python interpreter, which runs entirely in the browser. It has full access to all the APIs that a browser provides. While it is closely related to the Iodide project, Pyodide can also be used standalone in any context you want to run Python inside a web browser. Here’s an example of what you can do with this tool. This example shows a 3D plot of the density of calls to the City of Oakland, California “311” local information service. Here the data loading and processing is performed in Python. The plotting is taken care off by WebGL, a JavaScript API for rendering 2D and 3D graphics within a compatible web browser. Source: Mozilla For creating Pyodide, the team has used the source code of the mainstream Python interpreter, CPython and the scientific computing packages such as NumPy. They did some small set of changes to make these tools work in the new environment. And, finally, the code was compiled to WebAssembly using Emscripten’s compiler. Pyodide enables you to fetch things over the network using the browser’s APIs and will come with support for threading in the near future. However, there is very less chance that it will ever support features such as low-level networking sockets because of the browser’s security sandbox. Some of the big legends in Python have appreciated this project: https://twitter.com/gvanrossum/status/1118733186253479936 https://twitter.com/pwang/status/1118753387967909888 To know more in detail, check out the official announcement by Mozilla. Mozilla and Google Chrome refuse to support Gab’s Dissenter extension for violating acceptable use policy Mozilla developers have built BugBug which uses machine learning to triage Firefox bugs Mozilla introduces Iodide, a tool for data scientists to create interactive documents using web technologies  

Last week, Dan Abramov, one of the React developers, while announcing the release of React 16.8, shared that React Native 0.59 will be released with Hooks. The team was waiting for Hooks to land in React’s stable version before they support it in the next release of React Native. Today, they have released React Native 0.59 RC0, which along with React Hooks, ships with extracted React Native CLI, major QoL improvements, and more. Here are some of the major changes this version will come with: As mentioned earlier, React Native 0.59 will come with React Hooks. This feature allows you to “hook into” or use React state and other lifecycle features via function components. The React Native GitHub repo was quite big, and that is why the team decided to move some of the components to separate repos. As a result, the React Native CLI now has a separate repository. The team has also removed WebView from the React Native code. Now developers need to use its extracted version. Though the team has not shared which exact components will be deprecated in the release notes, this version will surely deprecate quite a few components. Along with these changes, many QoL improvements have been made on the native Android side such as 64 bits support via a new JSC, AppCompatActivity, etc. As this is not a stable release, developers are recommended not to upgrade to React Native 0.59 unless they want to collaborate in testing. To know more in detail, check out React Native’s release notes. The React Native team shares their open source roadmap, React Suite hits 3.4.0 React Native 0.57 released with major improvements in accessibility APIs, WKWebView-backed implementation, and more! JavaScript mobile frameworks comparison: React Native vs Ionic vs NativeScript

The Bazel team announced the release of Bazel 1.0, last week. The team calls this version a “stability milestone” as it tries to address the stability concerns associated with Bazel by switching to semantic versioning. Along with this change, Bazel 1.0 features new genrule support, C++ and Java-related improvements, gRPC connections with default TLS enabled, and more. Bazel is the open-source version of the Blaze tool that Google uses internally. It is a polyglot build system that enables you to automate software building and testing. It provides features like reproducibility via sandboxing, distributed caching, static analysis of build dependencies, uniform CLI for builds and tests, and more. Key updates in Bazel 1.0 Windows A genrule generates one or more files based on a user-defined Bash command. Starting with Bazel 1.0, genrule supports cmd_bash, cmd_ps, and cmd_bat attributes for better integration on Windows. You can now get a new generated DEF file from the def_file output group of cc_library. Execution Previously, tags were not being propagated from a Bazel’s target to the action’s execution requirements. In Bazel 1.0, this is possible with the help of the --experimental_allow_tags_propagation flag. A rule consists of a series of actions that Bazel performs on inputs to produce a set of outputs. Now all rules have a default exec_properties attribute just like the one on a platform rule. Starting with Bazel 1.0, all gRPC connections from Bazel will have TLS enabled by default. You can disable TLS by going to the grpc:// scheme in your URIs. Configurability The config_setting general rule matches an expected configuration state for the purpose of triggering configurable attributes. With Bazel 1.0 release, it can now check multiple values on "--foo=firstVal --foo=secondVal ..."-style flags. This release comes with --enable_platform_specific_config that enable flags in bazelrc according to your host platform. C++ The cc_* rules now support non-transitive defines via a local_defines attribute. This attribute returns the set of defines needed to compile a particular target. Bazel 1.0 comes with support for ThinLTO builds, the new link-time optimization (LTO) compilation type, on Linux for Clang versions 6.0 or above. You can enable ThinLTO via --features=thin_lto. Java The Java-Starlark API, java_common.create_provider is now removed. Also, the JavaInfo() legacy arguments including actions, sources, source_jars, use_ijar, java_toolchain, and host_javabase are removed. Starting with Bazel 1.0, maven_jar and maven_server do not permit the use of plain HTTP URLs without a specified checksum. If you are using maven_jar it recommends switching to rules_jvm_external for transitive dependency management. The team has also advised that developers check the compatibility of their codebase by running bazelisk --migrate or by building their code with Bazel 0.29.1 and a list of flags before they upgrade to Bazel 1.0. These were some of the updates in Bazel 1.0. Check out the official announcement to know what else has shipped in this release. Rust 1.38 releases with pipelined compilation for better parallelism while building a multi-crate project Pivotal open sources kpack, a Kubernetes-native image build service Mozilla releases WebThings Gateway 0.9 experimental builds targeting Turris Omnia and Raspberry Pi 4 Introducing Weld, a runtime written in Rust and LLVM for cross-library optimizations LLVM 9 releases with official RISC-V target support, asm goto, Clang 9, and more

Amazon team announced a newly added ‘bluetooth low energy support’ (BLE) feature to its  Amazon FreeRTOS. Amazon FreeRTOS is an open source, free to download and use IoT operating system for microcontrollers makes it easy for you to program, deploy, secure, connect, and manage small, low powered devices. It extends the FreeRTOS kernel (a popular open source operating system for microcontrollers) using software libraries that make it easy for you to connect your small, low-power devices to AWS cloud services or to more powerful devices that run AWS IoT Greengrass, a software that helps extend the cloud capabilities to local devices. Amazon FreeRTOS With the helo of Amazon FreeRTOS, you can collect data from them for IoT applications. Earlier, it was only possible to configure devices to a local network using common connection options such as Wi-Fi, and Ethernet. But, now with the addition of the new BLE feature, you can securely build a connection between Amazon FreeRTOS devices that use BLE  to AWS IoT via Android and iOS devices. BLE support in Amazon FreeRTOS is currently available in beta. Amazon FreeRTOS is widely used in industrial applications, B2B solutions, or consumer products companies like the appliance, wearable technology, or smart lighting manufacturers. For more information, check out the official Amazon freeRTOS update post. FreeRTOS affected by 13 vulnerabilities in its TCP/IP stack Amazon re:Invent 2018: AWS Key Management Service (KMS) Custom Key Store Amazon rolls out AWS Amplify Console, a deployment and hosting service for mobile web apps, at re:Invent 2018

Racket programming language has a new version update, Racket 7.0. Users might not see huge differences between the previous version of Racket, v6.12 released in January 2018. However, v7.0 differs in the internals significantly. Racket or Racket lang is a multi-paradigm programming language--with an emphasis on functional programming--in the Lisp-Scheme family. Though not a popular one, Racket is considered as one of the easiest programming language. Languages such as Python, C#, Assembly, and so on are often talked about in the easy-categories; however, Racket lang is also a great choice as a starter language. What’s new in Racket 7.0? Updated Runtime This version includes a substantial change in its current runtime system and supports multiple runtime systems. New macro expander Version 7.0 replaces about ⅛ of the core v6.12 implementation with a new macro expander that bootstraps itself. The expander turns out to be about 40% of the new code needed to replace Racket’s core with Chez Scheme. Most of the other 60% is also implemented, but it is not included in this release. However, Racket-on-Chez will be ready for production use later in the v7.x series. Updates to DrRacket, the programming environment for Racket DrRacket’s “Create Executable” option for the teaching language (Beginner Student, etc.) uses --embed-dlls to create single-file, standalone ".exe"s on Windows. Improved supports within TypedRacket TypedRacket is Racket’s gradually-typed sister language which allows the incremental addition of statically-checked type annotations. TypedRacket’s support for prefab structs is significantly improved. This supports using prefab structs more polymorphically and fixes significant bugs in the current implementation. Programs which currently use predicates for prefab structs on unknown data may need to be revised since previous versions of Typed Racket allowed potentially buggy programs to type check. Check out Typed Racket RFC 1 and prefab Changes doc for more details on this change and on how to fix programs affected by it. Typed Racket also supports #:rest-star in the ->* type constructor, which allows function types to specify rest arguments with more complex patterns of types, such as the hash function. Other features in the Racket 7.0 include: The syntax (#') form supports new template subforms: ~@ for splicing and ~? for choosing between subtemplates based on whether pattern variables have “absent” value (from an ~optional pattern in syntax-parse, for example). The syntax/parse/experimental/templatelibrary, where these features originated, re-exports the new forms under old names for compatibility. On Windows, an --embed-dlls flag for raco exe creates a truly standalone, single-file ".exe" that embeds Racket’s DLLs. Interactive overlays can be added to plots produced by plot-snip. This allows constructing interactive plots or displaying additional information when the mouse hovers over the plot area. Examples of how to use this feature can be found on Alex Harsanyi’s blog racket/plot provides procedures for displaying candlestick charts for use in financial time series analysis. Added contract-equivalent?, a way to check whether two contracts are mutually stronger than each other without the exponential slowdown that two calls to contract-stronger? brings. Lazy Racket supports functions with keyword arguments. Read more about Racket 7.0 on the Racket official blog. What is the difference between functional and object-oriented programming? Putting the Function in Functional Programming Elixir Basics – Foundational Steps toward Functional Programming

In order to advance open source hardware, the Linux Foundation announced a new CHIPS Alliance project yesterday. Backed by Esperanto, Google, SiFive, and Western Digital, the CHIPS Alliance project “will foster a collaborative environment that will enable accelerated creation and deployment of more efficient and flexible chip designs for use in mobile, computing, consumer electronics, and IoT applications.” The project will help in making open source CPU chip and system-on-a-chip (SoC) design more accessible to the market, by creating an independent entity where companies and individuals can collaborate and contribute resources. It will provide the chip community with access to high-quality, enterprise-grade hardware. This project will include a Board of Directors, a Technical Steering Committee, and community contributors who will work collectively to manage the project. To initiate the process, Google will contribute a Universal Verification Methodology (UVM)-based instruction stream generator environment for RISC-V cores. The environment provides configurable, highly stressful instruction sequences that can verify architectural and micro-architectural corner-cases of designs. SiFive will improve the RocketChip SoC generator and the TileLink interconnect fabric in opensource as a member of the CHIPS Alliance. They will also contribute to Chisel (a new opensource hardware description language), and the FIRRTL intermediate representation specification. SiFive will also maintain Diplomacy, the SoC parameter negotiation framework. Western Digital, another contributor will provide high performance, 9-stage, dual issue, 32-bit SweRV Core, together with a test bench, and high-performance SweRV instruction set simulator. They will also contribute implementations of OmniXtend cache coherence protocol. Looking ahead Dr. Yunsup Lee, co-founder, and CTO, SiFive said in a statement “A healthy, vibrant semiconductor industry needs a significant number of design starts, and the CHIPS Alliance will fill this need.” More information is available at CHIPS Alliance org. Mapzen, an open-source mapping platform, joins the Linux Foundation project Uber becomes a Gold member of the Linux Foundation Intel unveils the first 3D Logic Chip packaging technology, ‘Foveros’, powering its new 10nm chips, ‘Sunny Cove’.