Tech News - Application Development

Yesterday, the team at Gitlab released GitLab 11.5. GitLab, an application for the DevOps lifecycle helps the developer teams work together efficiently to secure their code. Group Security Dashboard and Operations-Focused Dashboard To strengthen security, the security teams need to have access to information about the security status of all their projects. It is important for them to understand what the most important task is to take up next. It is also equally important for directors of security in any organization, as they need to have a high-level view of possible critical issues which might affect the development. GitLab 11.5 introduced a new Group Security Dashboard launched at the group level. This security dashboard gives a summary of all the SAST (Static Application Security testing) vulnerabilities in the projects in a particular group, and also provides a list of actionable entries that could be used for starting a remediation process. This dashboard also has a new look and has new visualizations. The goal is to have a single tool that security teams can use instead of using multiple tools. GitLab 11.5 also comes with a new, operations-focused dashboard, which is responsible for providing a summary of the key operational metrics for each project where a user is interested. This dashboard comes with some interesting features, including, the most recent commit, time since the last deployment, and active alerts. A user can also set this dashboard as their preferred homepage. GitLab 11.5 brings control access to Gitlab Pages GitLab Pages is a feature that helps users to publish static websites directly from a repository in GitLab. GitLab Pages is also used to serve static content on the web easily. GitLab 11.5 brings control access to GitLab Pages. The access control permissions applied to issues and code can now also be applied to static webpages. This way the access can be restricted and given only to those permitted by the user. The users who lack permission will get a 404 when visiting the link for those webpages. Knative is a Kubernetes-based platform used for building, deploying, and managing modern serverless workloads. With GitLab 11.5, users can deploy Knative to their existing Kubernetes cluster by using the GitLab Kubernetes integration. Tasks such as routing and managing traffic, source-to-container builds, and scaling-to-zero have now become easy. GitLab 11.5 comes with improvements to Issue Boards cards Issue Boards is central place of collaboration in GitLab, where teams can organize, and view planned and ongoing work. In GitLab 11.5, issue cards have been redesigned and it now shows relevant information in a simple and organized manner. The issue cards now show the issue title, confidentiality, time-tracking information, due date, labels, weight, and assignee. To read full GitLab updates, check out the official post by GitLab. GitLab 11.4 is here with merge request reviews and many more features GitLab 11.3 released with support for Maven repositories, protected environments and more  GitLab raises $100 million, Alphabet backs it to surpass Microsoft’s GitHub

Just two days ago, the team at Google announced Season of Docs, a new program which will connect technical writers with open source projects. Season of Docs will help in bringing technical writers and open source projects together in order to work on open source documentation. https://twitter.com/GoogleOSS/status/1105138318826627072 According to Open Source Survey, documentation is valued in open source communities but it is still difficult to work on it. A person dealing with the documentation needs to know how to structure a documentation site so that people can easily understand the content and only technical writers can do that. Another plus point is that they are aware of the procedures of writing docs that can fit the needs of their audience. Technical writers can help in optimizing a community’s processes for open source contribution and onboarding new contributors. With Season of Docs, technical writers can spend a few months working closely with open source communities. Writes can work with their chosen open source project and also explore the latest technologies. Mentors from open source organizations can share their knowledge based on their communities’ processes and tools. The technical writers and mentors together can build a new doc set and improve the structure of the existing docs. They can also work on tutorials and further improve contribution processes and guides. According to the team, this project will raise awareness about open source, docs, and technical writing. The open source organizations can apply for participating in Season of Docs starting from 2nd to 23rd of April. Google will then publish the list of accepted mentoring organizations, along with their ideas for documentation projects from 30th April. In July, Google will announce the accepted technical writer projects. The technical writers will get a chance to work with mentors on the accepted projects and submit their work between 2nd September and 29th November. Google will then publish the list of successfully completed projects by 10th December. To know more about this news, check out Google’s blog post. Google Cloud Console Incident Resolved! Google confirms it paid $135 million as exit packages to senior execs accused of sexual harassment Researchers input rabbit-duck illusion to Google Cloud Vision API and conclude it shows orientation-bias  

Microsoft announced an open-source model for Component Firmware Update (CFU), for Windows developers. CFU enables delivering firmware updates for peripheral components through Windows Update by using CFU drivers. This protocol aims to enable system and peripheral developers to leverage the CFU protocol. It allows them to easily and automatically push firmware updates to Windows Update for their firmware components. CFU aims to bring smooth updates via Windows updates and verify the firmware version before download. CFU permits but does not specify authentication, encryption, rollback policies/ methods, or recovery of bricked firmware. Overview of CFU The CFU driver is the host and is created by the device manufacturer. It is delivered via a Windows Update. Then the driver is installed once the device is detected by Windows. Primary and sub-components A hierarchical system with a primary component and subcomponents is followed in a CFU compatible system. A primary component implements CFU on the device side and can receive updates for itself and the connected sub-components. A device may have multiple primary components with or without additional sub-components. Offers and payloads A CFU driver which is the host, may contain multiple firmware images for a primary component and its sub-components. A package in the host consists of an offer, a payload and other information. The offer contains information about the payload to allow the primary component in deciding if it is acceptable. A payload is the firmware image. Offer Sequence The primary component can accept, reject, or skip the offer of firmware update. On accepting, the payload is delivered immediately. On rejecting or skipping, the host cycles through all other offers in the list. Host independence The host’s (CFU driver) decisions are independent of the offers’ contents or payloads. It does not necessarily use any logic and simply sends the offers and the accepted payloads. Payload delivery On an offer being accepted, the host proceeds to download the firmware image or referred as the payload. Delivery is done in three phases—beginning, middle, and end. The payload is a set of addresses and fixed-size arrays of bytes. Payload validation and authentication Validation of the incoming firmware update is an important aspect. The primary component should verify bytes after each write ensuring that the data is stored properly before proceeding with the next set of data bytes. A CRC or hash should also be calculated on download, to be verified after the download is complete, ensuring the data wasn’t modified in transit. In addition, a cryptographic signature mechanism is recommended to provide end-to-end protection. An encryption mechanism can also be employed for confidential downloads. On image authentication, the properties should be validated against the offer and other rules the device manufacturer may specify. CFU does not specify any rules to be applied. Payload Invocation The CFU Protocol is run at the application level in the primary component. The component can continue to do other tasks as long it can receive and store the incoming payload without significant disruptions. The only real disruption occurs when the new firmware must be invoked. There are two recommended ways to avoid that disruption. A very generic approach is to use a small bootloader image to select one of multiple images to run when the device is reset. This is typically at boot time. The image selection algorithm is specific to the implementation. It is typically based on an algorithm which involves code version, and an indication of successful image validation. Another invocation method is to physically swap the memory of the desired image with the active address space. This is done upon reset. A disadvantage of this method is that it requires specialized hardware. The advantage being all images are statically linked to the same address space eliminating the need for a bootloader. CFU limitations There are some limitations of the protocol. It cannot update a bricked component that can no longer run the protocol. CFU does not provide any security. The CFU protocol requires extra memory to store the incoming images which helps in non-disruptive updates. Updating sub-component images larger than the component’s available storage requires dividing the sub-component image into smaller packages The CFU protocol allows pausing the download, so care needs to be taken for proper validation. CFU assumes that the primary component has set validation rules. If they need to be changed, the component must first be successfully updated by using the old rules first, only then new rules can be applied. For more details, visit the Microsoft website. How the Titan M chip will improve Android security Microsoft fixing and testing the Windows 10 October update after file deletion bug Paul Allen, Microsoft co-founder, philanthropist, and developer dies of cancer at 65

Last month, the team at Eclipse announced that Eclipse now supports Java 12. What are the latest changes in support with Java 12 Updated project compliance and JRE Eclipse comes with project compliance and JRE updated to 12 that changes the current project to be compatible with Java 12. Preview features Users can enable preview features in Java 12 by selecting Preferences > Java > Compiler > Enable preview features option. Users can further configure the problem severity of these preview features. Set enable preview features The issue with the Enable preview features option in preferences has been resolved. Configure problem severity of preview features Configure problem severity is now provided to update the problem severity of preview features in Java 12. Default case has been added Add 'default' option is now available to add a default case to the enhanced switch statement in Java 12. Missing case statements An option to add missing case statements has been provided for the enhanced switch statement in Java 12. Java Editor In the Java > Editor > Code Mining preference, users can now enable the Show parameter names option which will show the parameter name in method or constructor calls. Java views and dialogs An option to control the comment generation while creating module-info.java or package-info.java is now available. To know more about this news, check out the post by Eclipse. Eclipse 4.10.0 released with major improvements to colors, fonts preference page and more Eclipse IDE’s Photon release will support Rust What can Blockchain developers learn from Eclipse Attacks in a Bitcoin network – Koshik Raj

In October, Kotlin’s framework Ktor 1.0 beta was released. It delivered high performance and an idiomatic API. Yesterday Ktor 1.0 was released as the first major version of the Kotlin-based framework. Ktor, a JetBrains project, builds asynchronous servers and clients in connected systems coroutines and also delivers good runtime performance. Ktor version 1.0 includes few essential features like sessions, authentication, JSON serialization, popular template engines, Web sockets, metrics, and many others. Ktor 1.0 feature highlights Ktor 1.0 has two main parts, namely, HTTP server framework and a multiplatform HTTP client. HTTP server framework The HTTP server framework built on Netty, Jetty and Java servlets runs on the JVM. Netty and Jetty, the lightweight engines make the processing faster as it helps in receiving connections within a second. It is container-friendly and can easily be embedded into desktop/Android applications. It could be run in an application server, for example,Tomcat. Multiplatform HTTP client Multiplatform HTTP client is asynchronous and is built using coroutines and IO primitives which are responsible for driving the server. It is implemented as a multiplatform library. The client is used for building asynchronous microservice architectures and for connecting all the backend functionalities into asynchronous pipelines. The multiplatform HTTP client makes it easy to retrieve data without blocking application execution on mobile devices and web pages uniformly. It supports JVM, JS, Android and iOS. Features Ktor’s built-in support for serving static content is useful for serving style sheets, scripts, images, etc. Ktor provides a mechanism for constructing URLs and reading the parameters to create routes in a typed way. Ktor’s Metrics feature helps in configuring the Metrics to get useful information about the server and the requests. It also has a mechanism called session useful for persisting data between different HTTP requests. Session also helps servers to keep a piece of information associated with the client during a sequence of HTTP requests and responses. Ktor’s Compression feature is used for compressing outgoing content using gzip, deflate or custom encoder. This helps in reducing the size of the response. Ktor provides Call Logging feature which is used for logging client requests. Ktor 1.0 introduced WebSockets mechanism to keep a bi-directional, real-time and ordered connection between the server and the client. Major improvements Ktor 1.0 comes with improved performance and documentation It uses Kotlin 1.3.10 Ktor 1.0 has fixed client response cancelation via receive<Unit>() and response.cancel() In Ktor 1.0 there are improvements to test client and mock engine The DevelopmentEngine has been renamed to EngineMain There is an improved serialization client feature Bug fixes Fixes to Cookies dates, domains, and dupicate parameters processing. Websocket session lifecycle has been fixed in Ktor 1.0 Timeouts in WebSockets have been fixed with jetty To know more about this news, check out the announcement on Jetbrains blog. Kotlin 1.3 released with stable coroutines, multiplatform projects and more How to avoid NullPointerExceptions in Kotlin [Video] Implementing Concurrency with Kotlin [Tutorial]

This Wednesday, OpenChain announced that Microsoft has joined them as a platinum member and a board member to help drive open source compliance. Microsoft is a new addition to the list of many huge companies joining the OpenChain project including Uber, Google, and Facebook. OpenChain General Manager, Shane Coughlan announcing the collaboration said in a blog post, “We’re thrilled that Microsoft has joined the project and welcome their expertise. Microsoft is a strong addition not only in terms of open source but also in standardization. Their membership provides great balance to our community of enterprise, cloud, automotive and silicon companies, allowing us to ensure the standard is suitable for any size company across any industry.” Why Microsoft joined OpenChain? While building new products and services, companies make use of existing open source software provided by their supply chains. Working on these large-scale projects makes it difficult for them to ensure that the license requirements are met in a timely and effective manner. To make open source compliance simpler and more consistent for companies, the OpenChain Project develops standards and training materials. As a part of the OpenChain community, Microsoft will now work more closely with it to create future standards that will help bring even greater trust to the open source ecosystem. It has helped the OpenChain community in developing its upcoming OpenChain Specification version. David Rudin, Assistant General Counsel at Microsoft, said, “Trust is key to open source, and compliance with open source licenses is an important part of building that trust. By joining the OpenChain Project, we look forward to working alongside the community to define compliance standards that help build confidence in the open source ecosystem and supply chain.” Not only with  OpenChain, but Microsoft is also working with the Linux Foundation’s TODO Group, which is an open group of companies who collaborate to create practices, tools, and other ways for running open source programs. It also joined the Open Invention Network (OIN) last year in October and made its entire patent portfolio available to OIN members. Read the full announcement on OpenChain's website. Microsoft Cloud services’ DNS outage results in deleting several Microsoft Azure database records Microsoft announces Internet Explorer 10 will reach end-of-life by January 2020 Microsoft Office 365 now available on the Mac App Store

Update: Yesterday the GitHub team in a blog post stated what they have uncovered in their initial investigation, “On Monday at 3:46 pm UTC, several services on GitHub.com experienced a 41-minute disruption, and as a result, some services were degraded for a longer period. Our initial investigation suggests a logic error introduced into our deployment pipeline manifested during a subsequent and unrelated deployment of the GitHub.com website. This chain of events destabilized a number of internal systems, complicated our recovery efforts, and resulted in an interruption of service.” It was not a very productive Monday for many developers when GitHub started showing 500 and 422 error code on their repositories. This was because several services on GitHub were down yesterday from around 15:46 UTC for 41 minutes. Soon GitHub engineers began their investigation and all the services were back to normal by 19:47 UTC. https://twitter.com/githubstatus/status/1153391172167114752 The outage affected GitHub services including Git operations, API requests, Gist, among others. The experiences that developers reported were quite inconsistent. Some developers said that though they were able to open the main repo page, they could not see commit log or PRs. Others reported that all the git commands that required interaction with GitHub’s remotes failed. A developer commented on Hacker News, “Git is fine, and the outage does not affect you and your team if you already have the source tree anywhere. What it does affect is the ability to do code reviews, work with issues, maybe even do releases. All the non-DVCS stuff.” GitHub is yet to share the cause and impact of the downtime. However, developers took to different discussion forums to share what they think the reason behind GitHub outage could be. While some speculated that it might be its increasing user base, others believed it was because GitHub might be still moving “stuff to Azure after the acquisition.” Developers also discussed what steps they can take so that such outages do not affect their workflow in the future. One developer suggested not to rely on a single point of failure by setting two different URLs for the same remote so that a single push command will push to both. You can do something like this, a developer suggested: git remote set-url --add --push origin git@github.com:Foo/bar.git git remote set-url --add --push origin git@gitlab.com:Foo/bar.git Another developer suggested, “I highly recommend running at least a local, self-hosted git mirror at any tech company, just in these cases. Gitolite + cgit is extremely low maintenance, especially if you host them next to your other production services. Not to mention, if you get the self-hosted route you can use Gerrit, which is still miles better for code review than GitHub, Gitlab, bitbucket and co.” Others joked that this was a good opportunity to take a few hours of break and relax. “This is the perfect time to take a break. Kick back, have a coffee, contemplate your life choices. That commit can wait, that PR (i was about to merge) can wait too. It's not the end of the world,” a developer commented. Lately, we are seeing many cases of outages. Earlier this month, almost all of Apple’s iCloud services were down for some users. On July 2, Cloudflare suffered a major outage due to a massive spike in CPU utilization in the network. Last month, Google Calendar was down for nearly three hours around the world. In May, Facebook and its family of apps Whatsapp, Messenger, and Instagram faced another outage in a row. Last year, Github faced issues due to a failure in its data storage system which left the site broken for a complete day. Several developers took to Twitter to kill their time and vent out frustration: https://twitter.com/jameskbride/status/1153332862587944960 https://twitter.com/BobString/status/1153329356284055552 https://twitter.com/pikesley/status/1153332278774439941 https://twitter.com/francesc/status/1153336190390550528 Cloudflare RCA: Major outage was a lot more than “a regular expression went bad” EU’s satellite navigation system, Galileo, suffers major outage; nears 100 hours of downtime Twitter experienced major outage yesterday due to an internal configuration issue

The team at Qt and LG Electronics partner to provide webOS as the platform for embedded smart devices in the automotive, robotics and smart home sectors. The webOS, also known as LG webOS, is a Linux kernel-based multitasking operating system for smart devices. The webOS platform powers smart home devices including LG Smart TVs and smart home appliances, and can also deliver greater consumer benefits in high-growth industries such as the automotive sector. The system UI of LG webOS is written mostly using Qt Quick 2 and Qt technology. Last year in March, LG announced an open-source edition of webOS. I.P. Park, president and CTO of LG Electronics, said in a statement, “Smart devices have the potential to deliver an unmatched customer experience wherever we may be – in our homes, cars, and anywhere in between.” Park further added, “Our partnership with Qt enables us to dramatically enhance webOS, providing our customers with the most advanced platform for the creation of highly immersive devices and services. We look forward to continuing our long-standing collaboration with Qt to deliver memorable experiences in the exciting areas of automotive, smart homes and robotics.” LG selected Qt as its business and technical partner for webOS to meet the challenging requirements and also to navigate the market dynamics of the automotive, smart home and robotics industries. With this partnership, Qt will provide LG with end-to-end, integrated as well as a hardware-agnostic development environment for engineers, developers, and designers for creating innovative and immersive apps and devices. Also, officially, the webOS will become a reference operating system of Qt. This partnership will help the customers to leverage webOS’ set of middleware-enabled functionality that saves customer time and effort in their embedded development projects. Qt’s feature-rich development tools such as Qt Creator, Qt Design Studio and Qt 3D Studio will also support webOS. Juha Varelius, CEO of Qt, said to us, “LG has been a technology leader for generations, which is one of the many reasons they’ve become such a trusted partner of Qt.” Varelius further added, “With the company’s initiative to expand the reach of webOS into rapidly growing markets, LG is underscoring the massive potential of Qt-enabled connected experiences. By collaborating with LG on this initiative, we’re able to make it easy as possible for our customers to build devices that bring a new definition to the word ‘smart’.” Qt 5.13 releases with a fully-supported WebAssembly module, Chromium 73 support, and more Qt Creator 4.9.0 released with language support, QML support, profiling and much more Qt installation on different platforms [Tutorial]  

Many of you may remember GIMP from school if you weren’t using MS Paint instead. The open-source cross-platform image editor is free to use and to modify the source code. GIMP is associated with the non-profit GNOME, a Linux desktop environment. The $100K donation given to them is a part of the $400K donation made to GNOME by Handshake.org in early August. Now 25 percent of this donation will go to GIMP. After the release of GIMP 2.10.6, hopefully, this donation helps them to accomplish their next GTK3-ported GIMP 3.0 release. In May this year, an anonymous donor pledged $1M to the GNOME foundation over the course of next two years. This donation enabled them to put up job listings for four additional roles of Development Coordinator, Program Coordinator, DevOps/Sysadmin, and GTK+ core developer. Their website states “We thank both Handshake.org and GNOME Foundation for the generous donation and will use the money to do much overdue hardware upgrade for the core team members and organize the next hackfest to bring the team together, as well as sponsor the next instance of Libre Graphics Meeting.” Handshake.org was launched on August 2 this year. It is a decentralized certificate authority and peer-to-peer DNS service. Handshake.org is donating about $10 million to non-profits and free/open-source projects. Handshake’s purpose is not to replace the DNS protocol. But it aims at replacing the root zone file and root servers with a public commons. Their website states: “Handshake’s original incubators, Purse.io and Private Internet Access, provided enough support to build and launch the platform without additional funding. In the spirit of free software and radical gifting we’ve taken the validation value from this project and shared it with the world.” The details are posted on the official GIMP website. A Tour Around GIMP GNOME 3.30 released with improved Desktop performance, Screen Sharing, and more Creating a quick logo for a company with GIMP 2.6

The team at GitLab is now considering to move towards a single Rails repository by combining the two existing repositories. Although the GitLab Community Edition code would remain open source and MIT licensed and also the GitLab Enterprise Edition code would remain source available and proprietary. The challenges with having two repositories? The Ruby on Rails code of GitLab is currently maintained in two repositories. The gitlab-ce repository for the code with an open source license and the gitlab-ee repository for code with a proprietary license which is source available. Having two similar but separate repositories, can make feature development difficult and error-prone while making any change in GitLab. To demonstrate the problem, the team at GitLab has given a few examples: Duplicated work during feature development The frontend only Merge Request needed a backport to CE repository. Backporting requires creating duplicate work in order to avoid future conflicts and changes to the code to support the feature. A simple change can break master A minor change in CE repository failed the pipeline in the master branch. Conflicts during preparation for regular releases There might be conflicts during preparation for a regular release, e.g. 11.7.5 release. Merge requests for both the CE repository and EE repository need to be created. And when the pipelines pass, the EE repository would require a merge from the CE repository. This would cause additional conflicts, pipeline failures, and similar delays during which the CE distribution release also would get delayed. Steps taken by GitLab team to improve the situation Before 2016, merging the CE repository into the EE repository was done when the team was ready to cut a release and the number of commits was small so it could be done by one person. As the number of commits between the two repositories grew in 2016, so the task got divided between seven developers who were responsible for merging the code once a day. This worked fine for some time until delays started happening due to failed specs or difficult merge conflicts. The team then merged an MR that allowed the creation of automated MRs between the two repositories by the end of 2017. This task ran every three hours, which allowed for a smaller number of commits to be worked on. The number of changes going into CE and EE repositories grew to thousands of commits in some cases by the end of 2018. This made the automated MR insufficient. The Merge Train tool was then created to automate these workflows further and which automatically rejected merge conflicts and preferred changes from one repository over the other. What is the GitLab team proposing? The gitlab-ce distribution package consists of gitlab-ce repository which offers only the Core feature set.  The gitlab-ee distribution package consists of gitlab-ee repository. The change which the team is considering proposing would be to merge the gitlab-ce and gitlab-ee repositories into a single gitlab repository. The design for merging two codebases requires the work and process changes in detail. Though the proposed change would pertain only to the Ruby on Rails repository. Expected changes The gitlab-ce and gitlab-ee repositories may be replaced with a gitlab repository, with all open issues and merge requests moved into the single repository. All frontend assets such as JavaScript, CSS, images, views will be open sourced under the MIT license. The proprietary backend code will be located in the /ee repository. All the documentation that will be merged together will now clearly state which features belong to which feature set. The downsides The GitLab team was clear about the possible downsides of this approach: Users with installations from the source are currently cloning the gitlab-ce repository. The clone will also fetch the proprietary code in /ee directory. The database migration code is open source and does not require additional maintenance so there is no additional work required. The team is now exploring better ways to solve the problem of busy work and plans to bring improvements to the current proposal. To know more about this news, check out the post by GitLab. Introducing GitLab Serverless to deploy cloud-agnostic serverless functions and applications GitLab 11.7 releases with multi-level child epics, API integration with Kubernetes, search filter box and more Why moving from a monolithic architecture to microservices is so hard, Gitlab’s Jason Plum breaks it down [KubeCon+CNC Talk]

This Tuesday, Microsoft announced .NET Core 3 Preview 2 with new features in .NET Core 3 and C# 8. C# 8 The eighth iteration of C# is a major release and includes many new features. Declarations Statements don’t need to be indented now. Switch expressions C# 8 comes with switch expressions in which you can use the new syntax. Terser syntax returns a value as it is an expression. It’s fully integrated with pattern matching. Async streams The compiler and framework libraries should match correctly for async streams to work. You will need .NET Core 3.0 Preview 2 and Visual Studio 2019 Preview 2. Alternatively, you can also use the C# extension for Visual Studio Code. Floating point improvements in IEEE The goal is to expose all operations that are needed and they are behaviorally compliant with the IEEE spec. A fast in-box JSON Writer & JSON document Two new objects were added—System.Text.Json.Utf8JsonWriter and System.Text.Json.JsonDocument. Utf8JsonWriter The Utf8JsonWriter enables a high-performance, non-cached way to write UTF-8 encoded JSON text from common .NET types. JsonDocument System.Text.Json.JsonDocument is also added built on top of the Utf8JsonReader. JsonDocument provides enables parsing JSON data and builds a read-only Document Object Model (DOM). It can be queried to support enumeration and random access. Assembly Unloadability Assembly unloadability is a new ability of AssemblyLoaderContext. It is transparent and exposed with only a few new APIs. A loader context to be unloaded with this. This releases all of the memory for static fields, instantiated types, and the assembly itself. Visual Studio support Using .NET Core 3 for development requires using Visual Studio 2019. WPF and Windows Forms templates were added to the New Project Dialog for easier access via the command line. These were a select few updates from the new .NET Core 3 Preview 2, for a complete list of changes, visit the Microsoft Blog. Microsoft Connect(); 2018: .NET foundation open membership, .NET Core 2.2, .NET Core 3 Preview 1 released, WPF, WinUI, Windows forms open sourced What to expect in ASP.NET Core 3.0 .NET Core 3.0 and .NET Framework 4.8 more details announced

Yesterday, the team at Apache NetBeans released Apache NetBeans IDE 10.0, an integrated development environment for Java. This release focuses on adding support for JDK 11, JUnit 5, PHP, JavaScript, and Groovy. What’s new in Apache NetBeans IDE 10.0? JDK 11 Support Integration with the nb-javac project is now possible. This integration adds support for JDK 11. The CORBA modules have been removed. This release comes with a support for JEP 309, Dynamic Class-File Constants. It also supports JEP 323, Local-Variable Syntax  and LVTI for Lambda parameters. PHP Support PHP 7.3 It is now possible to add trailing commas in function calls under PHP 7.3. This release comes with support for Heredoc and Nowdoc Syntaxes. PHP 7.2 This release comes with support for trailing commas in list syntax and coloring for object types for PHP 7.2. PHP 7.1 This release comes with class constant visibility, multi-catch exception handling, nullable types, support for keys in list(), coloring for new keywords (void, iterable) for PHP 7.1. JUnit 5 JUnit 5.3.1 has been added as a new Library to NetBeans, so users can easily add it to their Java projects. JUnit 5 is now the default JUnit version for Maven projects without any existing tests. This release supports JUnit 5 @Testable annotation. This version also supports a default JUnit 5 test template. OpenJDK This release automatically detects JTReg from OpenJDK configuration. Various improvements such as limiting directories that are scanned for modules have been made to the OpenJDK project. Few users have compared Apache NetBeans IDE 10.0 with Eclipse and Intellij most of them are on the opinion that this release is better than the two and it works better. Read more about this release in detail on Apache NetBeans’ official blog. Apache NetBeans 9.0 is now available with Java 9 & 10 support Apache NetBeans 9.0 RC1 released! The NetBeans Developer’s Life Cycle

In the Kotlin 1.3 release, coroutines are now stable, scalability is better, and Kotlin/Native Beta is added. Coroutines are stable in Kotlin 1.3 Coroutines provide a way to write non-blocking asynchronous code that’s easy to understand. It is a useful tool for activities ranging from offloading work onto background workers to implementing complicated network protocols. The kotlinx.coroutines library hits is at 1.0. It provides a solid foundation for managing asynchronous jobs various scales including composition, cancelation, exception handling and UI-specific use cases. Kotlin/Native Beta Kotlin/Native makes use of LLVM to compile Kotlin sources into standalone binaries without any VM required. Various operating systems and CPU architectures including iOS, Linux, Windows, and Mac are supported. The support extends to even WebAssembly and embedded systems like STM32. Kotlin/Native has a fully automatic memory management and can interoperate with C, Objective-C, and Swift. It exposes platform APIs like Core Foundation, POSIX, and any other native library of choice. The Kotlin/Native runtime promotes immutable data and blocks any attempts of sharing unprotected mutable state between threads. Threads don’t exist for Kotlin/Native, they are abstracted away as a low-level implementation. Threads are replaced by workers which are a safe and manageable way of achieving concurrency. Multiplatform projects in Kotlin 1.3 Kotlin supports JVM, Android, JavaScript, and Native. Hence code can be reused. This saves effort and time which can be used to perform other tasks. The multiplatform libraries in Kotlin 1.3 cover everyday tasks such as HTTP, serialization and managing coroutines. Using the libraries is the easiest way to write multi platform code. You can also create custom multi-platform libraries which wrap platform-specific dependencies into a common API. Tooling support for Kotlin/Native and Multiplatform Kotlin 1.3 has tooling support for Kotlin/Native and multiplatform projects. This is available in IntelliJ IDEA Community Edition, IntelliJ IDEA Ultimate, and Android Studio. All of the code editing features such as error highlighting, code completion, navigation and refactoring are available in all these IDEs. Ktor 1.0 Beta Ktor is a connected applications framework. It implements the entire HTTP stack asynchronously using coroutines and has reached Beta. Other features Some other features in Kotlin 1.3 release include experimental support for inline classes, incremental compilation for Kotlin/JS, and unsigned integers. This release also features a sequence debugger for visualizing lazy computations, contracts to improve static analysis for library calls, and no-arg entry point to provide a cleaner experience for new users. To know more details about all the changes, visit the changelog. KotlinConf 2018: Kotlin 1.3 RC out and Kotlin/Native hits beta Kotlin/Native 0.8 recently released with safer concurrent programming 4 operator overloading techniques in Kotlin you need to know

Yesterday, the GNU APL version 1.8 was released with bug fixes, FFT, GTK, RE, user defined APL commands and more. GNU APL is a free interpreter for the programming language APL. What's new in GNU APL 1.8? Bug fixes, FFT (fast fourier transforms; real, complex, and windows), GTK (create GUI windows from APL), RE (regular expressions), User-defined APL commands, An interface from Python into GNU APL.With this interface one can use APL's vector capabilities in programs written in Python. People are excited to use the GNU APL 1.8 version. A user on Hacker News states that “1Wow, each of ⎕FFT, ⎕GTK and ⎕RE are substantial and impressive additions! Thank you, and congratulations on the new release!” Another user says that “APL can do some pretty cool stuff” Another user comments “I'd like to play with this as it is a free APL that I could use for work without paying a license (like Dyalog APL requires). J is another free array language, but it doesn't use the APL characters that I enjoy. I've had a little trouble in the past getting it to install (this was version 1.7) on Ubuntu. Granted I've never been an expert at installing from source, but a more in-depth installation guide or YouTube tutorial would help some. Thanks for doing this btw! I hope to eventually get to check this out!” Introducing Luna, world’s first programming language with dual syntax representation, data flow modeling and much more! Researchers highlight impact of programming languages on code quality and reveal flaws in the original FSE study Stack Overflow survey data further confirms Python’s popularity as it moves above Java in the most used programming language list

The creator of vim-go, Faith Arslan, announced on his personal blog, yesterday that he is taking an “indefinite sabbatical” from his vim-go projects. He had been working on the project for the past 4.5 years. Arslan says that he won’t be maintaining vim-go anymore and is uncertain about when he’ll be coming back to work on it again. For now, he’ll only be working on a select few small projects that don’t need him to actively maintain them. “I’m working for DigitalOcean..this is my full-time job. I have a family to take care of and just like any other grown-up in the world, you do what you have to do. However, there is no place for Go tooling and editors here. It’s a hobby and passion. But if a hobby feels like it becomes a second full-time job, something is very wrong. The time has come to end this craziness.”, says Arslan. What’s interesting is that Arslan is not the first from the open source community to go on a break. This seems to be an ongoing trend in the open-source community lately which started with Guido Van Rossum, Python founder, taking a ‘permanent vacation from being BDFL’, in July. He does continue to work in his capacity as a core developer. Guido's decision to take a break stemmed from the physical, mental, and the emotional toll that his role at work had taken on him over the past years. He had mentioned that he was “tired, and need a very long break”. Arslan’s reason seems fairly similar as he said, “ For the last one year, I’m struggling to maintain my side projects. I feel like I’m burnt out. Working on a side project is fun until it becomes your second full-time job. One thing that I’m sure is, I’m not happy how my day to day life is evolving around me”.   Another recent example is Linus Torvalds, who had been working on the Linux Kernel for almost 30-years. Torvalds opened up about going on a break over his ‘hurtful’ behavior that ‘contributed to an unprofessional environment’. “I need to take a break to get help on how to behave differently and fix some issues in my tooling and workflow”, said Torvalds. Even though Linus left to take time for self-reflection and was not burnt out, it is symptomatic of the same underlying issue. When one wants to accomplish a lot in a short period of time, one tends to find efficiencies where they can. Often efficient communication may not be effective as it may come across as terse, sarcastic or uncaring. Arslan mentioned that when he first started with vim-go, it was fun, rewarding and solved a lot his problems. It was his favorite editor and enabled him to write Go inside vim, in a very efficient and productive way. As he started with vim-go, he got the chance to work on and create many other smaller Go packages and tools. Some of these such as color and struct packages even became popular. “Again, it solved many problems and back then I wanted to use Go packages that are easy to use and just works out of the box. I also really like to work on Go tooling and editors. But this is not the case for many of my projects, especially vim-go. With the popularity of all these projects, my day to day work also increased”, ” says Arslan. The problem of burnout seems epidemic in the open source community. They work long hours, neglect themselves and their personal lives, and don’t always get to see the results that they should for such hard work. Arslan mentioned that it used to take him 10-20 hours extra per week, outside of his day job, to maintain these projects. He could “no longer maintain this tempo” as every day he used to receive multiple GitHub emails regarding pull requests, issues, feedbacks, fixes, etc which was affecting his well-being. It also didn’t make any sense to him “economically”. “It’s very hard for me to do this, but trust me I’m thinking about this for a long time. I cannot continue this anymore without sacrificing my own well being”, mentions Arslan. Who will look after vim-go now? Arslan’s sabbatical won’t be affecting vim-go’s performance as he has assigned the duty of maintaining vim-go to two of the full-time contributors, namely, Martin Tournoij and Billie Cleek. Billie Cleek, who worked with Arslan at DigitalOcean will be the lead of the vim-go project. Cleek has already made hundreds of contributions to vim-go (recently added unified async support for Vim and Neovim) and is well-versed with vim-go’s code base. “I don’t know if I could find anyone else that would make a great fit than him. I’m very lucky to have someone like him. The vim-go community will be in very good hands”, said Arslan. As far as the other popular Go projects and packages are concerned, Arslan will be going over them one last time and will archive the repos such as color, structs, camelcase, images, vim-hclfmt, and many others. This means that you’ll still be able to fetch these repos and use it within your projects. Arslan believes that most of these packages are in “a very good state” and doesn’t require any more additions. That being said, there are three projects that Arslan will still be maintaining such as gomodifytags, structtag, and motion. The gomodifytags project was Arslan’s most enjoyed project so far as it had zero bugs and simple design because.  These projects will be maintained in a “sleep mode” and Arslan will only be going over “serious issues”. “I have now so much time that I’ll be spending for myself...I have a side project that I’m working for a couple of months privately..(I can) play more with my son and just hang out all day, without doing a single thing. The weekends belong to me. I no longer have to worry about the last opened pull request’s to vim-go or my other Go projects..it just feels so refreshing. I suggest everyone do the same thing, take a step back and see what’s happening around you. It’ll help you to become a better yourself”, says Arslan. Public reaction towards Arslan’s decision is majorly positive: https://twitter.com/rakyll/status/1050053991088840704 https://twitter.com/idanyliuk/status/1050053303814541312 https://twitter.com/corylanou/status/1050132111745794052 For more coverage, read Arslan’s official announcement. Golang 1.11 is here with modules and experimental WebAssembly port among other updates Why Golang is the fastest growing language on GitHub Golang 1.11 rc1 is here with experimental port for WebAssembly!