An anonymous reader shares a report: When Kevin Modzelewski and his colleagues at Dropbox set out to create Pyston in 2014, they had a very simple objective: to lower the costs of running Python code on Dropbox's servers, by making the code itself faster. "We were growing exponentially, so our server cost was growing exponentially," Modzelewski tells TechRepublic. "If we could get Python running faster, we would spend less money running Python." The original cost reduction initiative at Dropbox snowballed into a bigger project for Modzelewski when the company moved away from Python in 2017 and cancelled the Pyston project. He had realized while working on the language that there was a strong demand for faster Python among the developer community, and while there were plenty of tools around for improving the performance in smaller applications, there were none designed for big, business logic-type applications such as Dropbox.

"There's a lot of tools out there for helping you run Python faster, but there weren't any that were a good fit for Dropbox's use case," says Modzelewski. "This was an area of the Python market where a lot of money was being spent, but not very many tools were being developed for helping. It was under served." Fast forward to today and Pyston is now in version 2.2, and has been open-sourced, with Modzelewski and fellow developer Marius Wachtler now leading the project as co-founders. The latest implementation promises a 30% performance improvement over Python 3.8.8, with a key benefit being that developers can simply drop their Python applications into Pyston and get going, without having to rewrite their code. It's also a "completely separate thing" to what Modzelewski and fellow developers built for Dropbox some seven years ago.

Microsoft on Tuesday announced an artificial intelligence system that can recommend code for software developers to use as they write code. From a report: Microsoft is looking to simplify the process of programming, the area where the company got its start in 1975. That could keep programmers who already use the company's tools satisfied and also attract new ones. The system, called GitHub Copilot, draws on source code uploaded to code-sharing service GitHub, which Microsoft acquired in 2018, as well as other websites. Microsoft and GitHub developed it with help from OpenAI, an AI research start-up that Microsoft backed in 2019.

Researchers at Microsoft and other institutions have been trying to teach computers to write code for decades. The concept has yet to go mainstream, at times because programs to write programs have not been versatile enough. The GitHub Copilot effort is a notable attempt in the field, relying as it does on a large volume of code in many programming languages and vast Azure cloud computing power. Nat Friedman, CEO of GitHub, describes GitHub Copilot as a virtual version of what software creators call a pair programmer -- that's when two developers work side by side collaboratively on the same project. The tool looks at existing code and comments in the current file and the location of the cursor, and it offers up one or more lines to add. As programmers accept or reject suggestions, the model learns and becomes more sophisticated over time. The new software makes coding faster, Friedman said in an interview last week. Hundreds of developers at GitHub have been using the Copilot feature all day while coding, and the majority of them are accepting suggestions and not turning the feature off, Friedman said.

mrflash818 writes: The Internet Security Research Group (ISRG) -- parent organization of the better-known Let's Encrypt project -- has provided prominent developer Miguel Ojeda with a one-year contract to work on Rust in Linux and other security efforts on a full-time basis. Rust is a low-level programming language offering most of the flexibility and performance of C -- the language used for kernels in Unix and Unix-like operating systems since the 1970s -- in a safer way. Efforts to make Rust a viable language for Linux kernel development began at the 2020 Linux Plumbers conference, with acceptance for the idea coming from Linus Torvalds himself. Torvalds specifically requested Rust compiler availability in the default kernel build environment to support such efforts -- not to replace the entire source code of the Linux kernel with Rust-developed equivalents, but to make it possible for new development to work properly. Using Rust for new code in the kernel -- which might mean new hardware drivers or even replacement of GNU Coreutils -- potentially decreases the number of bugs lurking in the kernel. Rust simply won't allow a developer to leak memory or create the potential for buffer overflows -- significant sources of performance and security issues in complex C-language code.

"Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones," reports CNET: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet. Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort.

Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages...

Google credits the Linux community programmers who began the Rust for Linux project. "The community had already done and continues to do great work toward adding Rust support to the Linux kernel build system," Google said in a blog post...

[Rust] has been the most loved programming language for five years running in Stack Overflow's annual developer survey. "Rust represents the best alternative to C and C++ currently available," Microsoft's security team concluded in 2019. The team said Rust would have prevented memory problems at fault in 70% of its significant security issues. And because Rust's checks happen while software is being built, the safety doesn't come at the expense of performance when the software is running.

The goal of the Linux on Rust project isn't to replace all of Linux's C code but rather to improve selective and new parts.

Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones. From a report: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet.

Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort. Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages.

From today's edition of Mike Melanson's "This Week in Programming" column: This week, Docker announced some changes to Docker Hub Autobuilds — the primary one of interest being that autobuilds would no longer be available to free tier users — and much of the internet let out a collective groan to the tune of "this is why we can't have nice things...!"

"As many of you are aware, it has been a difficult period for companies offering free cloud compute," wrote Shaun Mulligan, principal product manager at Docker in the company's blog post, citing an article that explores how crypto-mining gangs are running amok on free cloud computing platforms. Mulligan goes on to explain that Docker has "seen a massive growth in the number of bad actors," noting that it not only costs them money, but also degrades performance for their paying customers. And so, after seven years of free access to their autobuild feature, wherein even all of you non-paying Docker users could set up continuous integration for your containerized projects, gratis, the end is nigh. Like, really, really nigh, as in next week — June 18.

While Docker offered that they already tried to correct the issue by removing around 10,000 accounts, they say that the miners returned the next week in droves, and so they "made the hard choice to remove Autobuilds...." For its part, Docker has tried to again stave off the criticism, offering users a discount on subscriptions, and offering members of its open source program the ability to continue to use autobuilds for free...
Docker says they've also changed Autobuild "to take advantage of BuildKit by default for improved build performance," increased the number of parallel builds for subscribers, and increased the build instance types, "so you get a beefier machine to build on!" While the changes were apparently inspired by their struggles with cryptocurrency miners, "All of these improvements should see a faster and more stable build experience with lower queue times..."

"We really appreciate your support and the community's understanding as the whole industry battles against these abusive few."

A new extension for Microsoft's code-editing tool, Visual Studio Code, "allows you to open, edit, and commit back to source-control repos without having to clone them on your local machine," explains a new video.

A Microsoft blog post calls it "a new experience that we've been building in partnership with our friends at GitHub to enable working with source code repositories quickly and safely inside VS Code." In VS Code, we've offered integrated support for Git from the very beginning, and we've been supporting many other source control management (SCM) providers through extensions. This has allowed developers to clone and work with repositories directly within VS Code.

However, a large part of what developers do every day involves reading other people's code: reviewing pull requests, browsing open-source repositories, experimenting with new technologies or projects, inspecting upstream dependencies to debug applications, etc. What all of these have in common is that as a first step, you usually clone the repository locally and then open the code in your favorite code editor (which we hope is VS Code!). Yet, cloning a repository takes time, may lead you to review an outdated version of the repo if you forget to pull, and can sometimes be a security risk if you're unfamiliar with the code. The new Remote Repositories extension, published by GitHub, makes the experience of opening source code repositories in VS Code instant and safe. With this, you can quickly browse, search, edit, and commit to any remote GitHub repository (and soon, Azure Repos) directly from within VS Code, no clone necessary!

You can work on as many repos as you like without having to save any source code on your machine. Remote Repositories saves you time and local disk space and empowers you to stay entirely within VS Code for all your source control tasks.

For the first time, you can code, iterate and build apps on the iPad itself. 9to5Mac reports: Using Swift Playgrounds on iPadOS 15, customers will be able to create iPhone and iPad apps from scratch and then deploy them to the App Store. It remains to be seen how limited or not the development experience will be. It is probably notable that Apple chose not to rebrand this as "Xcode," signifying that you aren't going to be able to do everything you can do with Xcode on the Mac. TechCrunch highlights some of the other new features available in iPadOS 15: iPadOS 15 retains the overall look and feel of the current iPad operating system. The updates in the new OS are mostly centered around multitasking. The iPad's widget support gets a big update with iPadOS 15. The widgets are larger, more immersive and dynamic. And, iOS's App Library is finally available on the iPad, where it tweaks the overall user experience. The feature, added to the iPhone in 2020, presents the user with an organized view of the apps on the iPad.

Also added to iPadOS 15 is a new multitasking system. Called Split View, a drop-down menu at the top of the screen unlocks several multitasking, multiwindow options. The system seems much smoother than the current multiscreen option on iPad OS, which is clunky and hidden. With Split View a feature called Shelf makes it easy to switch between different screens and screen grouping.

A new column in Inc. argues that 14 years ago, Steve Jobs sent the most important email in the history of business — a one-sentence email to Bertrand Serlet, the company's senior vice president of Software Engineering, that's just recently been made public (through Apple's trial with Epic): It reveals a conversation about the things Apple needs to be able to accomplish in order to allow third-party apps on the iPhone. Until that point, the iPhone only ran 16 apps pre-installed on every device. Jobs had famously said told developers that if they wanted to create apps for the iPhone, they could make web apps that ran in Safari... Except web apps aren't the same as native apps, and users immediately set about finding ways to jailbreak their devices in order to get apps on them.

Apple had really no choice but to find a way to make it possible to develop apps through some kind of official SDK. Serlet lays out a series of considerations about protecting users, creating a development platform, and ensuring that the APIs needed are sustainable and documented. The list only has 4 things, but the point Serlet is trying to make is that it is important to Apple to "do it right this time, rather than rush a half-cooked story with no real support."

Steve Jobs' reply was only one sentence long: "Sure, as long as we can roll it all out at Macworld on Jan 15, 2008."

That's it. That's the entire response.

Serlet's email is dated October 2, 2007. That means Jobs was giving him just over three months... Three months to do what the software engineer no doubt believed were critical steps if Apple was going to support apps on a platform that would eventually grow to over 1 billion devices worldwide and become one of the most valuable businesses of all time. As if that wasn't enough pressure, two weeks later, on October 17, Jobs publicly told developers that there would be an SDK available by February of 2008. It turns out it would actually be made available in March, and the App Store would launch later in July of that year.

At the time, Apple's market cap was around $150 billion. Today, it's more than $2 trillion, largely based on the success of the iPhone, which is based — at least in part — on the success of the App Store. For that reason alone, I think it's fair to say — in hindsight — that one-sentence reply has no doubt proven to be the most important email in the history of business.

From today's edition of Mike Melanson's "This Week in Programming" column: If you've been using open source software for any amount of time, then you're well aware of the tangled web of dependencies often involved in such projects. If not, there's any number of tools out there that explore just how interconnected everything is, and this week Google has jumped into the game with its own offering — an exploratory visualization site called Open Source Insights that gives users an interactive view of dependencies of open source projects.

Now, Google isn't the first to get into the game of trying to uncover and perhaps untangle the dizzying dependency graph of the open source world, but the company argues that it is more so trying to lay everything out in a way that developers can see, visually, just how, well, hopelessly screwed they really are.

"There are tools to help, of course: vulnerability scanners and dependency audits that can help identify when a package is exposed to a vulnerability. But it can still be difficult to visualize the big picture, to understand what you depend on, and what that implies," they write.

The Open Source Insights tool — currently "experimental" — gives users either a table or graphical visualization of how a project is composed, allowing them to explore the dependency graph and examine how using different versions of certain projects might actually affect that dependency graph. One of the benefits, Google notes, is that it allows users to see all this information "without asking you to install the package first. You can see instantly what installing a package — or an updated version — might mean for your project, how popular it is, find links to source code and other information, and then decide whether it should be installed."

Currently, the tool supports npm, Maven, Go modules, and Cargo, with more packaging systems on the way soon...

An anonymous reader writes: This week the GitHub Yearbook went live, with 6794 "graduates" featured on a special web page showcasing "any student who has graduated, or plans to graduate, in 2021... This includes bootcamps, code camps, high school graduates, Master's graduates, Ph. D. Graduates, etc." (Students were added by submitting a pull request — as long as they'd also signed up for the GitHub Student Developer Pack.) The first 5,000 graduates received "swag," including a custom holographic card with their GitHub stats.

But Saturday sees a special ceremony where these students will "walk" the stage at GitHub Graduation (starting at 9 a.m. PST). "We'll be hearing from special guests, giving out exclusive swag, and highlighting student stories and projects from around the world," explains the event's web page.

Calling it "a day to celebrate our craft, our community, and how technology moves the world forward," a post on GitHub's blog invites viewers "to welcome them to a global community of innovative thinkers and impactful builders." It acknowledges the special challenges of 2021, saying "This year, thousands of students from around the world came together and redefined the world we live in, how we learn, and how we move forward," adding "We are honored to be part of the experience and eager to celebrate this milestone...."

"During a devastating year, these graduates shined a light on what is possible. We saw project after project showcasing not only their skills, but also their passion and perseverance. This class is unstoppable!"

Marco Arment, a widely respected programmer, app developer and commentator on Apple, has analyzed Apple's arguments and its thinking as officially portrayed in its lawsuit against Epic. He writes: Apple's leaders continue to deny developers deny developers of two obvious truths: 1. That our apps provide substantial value to iOS beyond the purchase commissions collected by Apple.
2. That any portion of our customers came to our apps from our own marketing or reputation, rather than the App Store.

For Apple to continue to deny these is dishonest, factually wrong, and extremely insulting -- not only to our efforts, but to the intelligence of all Apple developers and customers. This isn't about the 30%, or the 15%, or the prohibition of other payment systems, or the rules against telling our customers about our websites, or Apple's many other restrictions. (Not today, at least.) It's about what Apple's leadership thinks of us and our work. It isn't the App Store's responsibility to the rest of Apple to "pay its way" by leveraging hefty fees on certain types of transactions. Modern society has come to rely so heavily on mobile apps that any phone manufacturer must ensure that such a healthy ecosystem exists as table stakes for anyone to buy their phones. Without our apps, the iPhone has little value to most of its customers today.

If Apple wishes to continue advancing bizarre corporate-accounting arguments, the massive profits from the hardware business are what therefore truly "pay the way" of the App Store, public APIs, developer tools, and other app-development resources, just as the hardware profits must fund the development of Apple's own hardware, software, and services that make the iPhone appeal to customers. The forced App Store commissions, annual developer fees, and App Store Search Ads income are all just gravy. The "way" is already paid by the hardware -- but Apple uses their position of power to double-dip. And that's just business. Apple's a lot of things, and "generous" isn't one. But to bully and gaslight developers into thinking that we need to be kissing Apple's feet for permitting us to add billions of dollars of value to their platform is not only greedy, stingy, and morally reprehensible, but deeply insulting.

"To help realize the possibility of carbon-free applications, Microsoft, the consultancies Accenture and ThoughtWorks, the Linux Foundation, and Microsoft-owned code-sharing site, GitHub, have launched The Green Software Foundation," reports ZDNet: Announced at Microsoft's Build 2021 developer conference, the foundation is trying to promote the idea of green software engineering - a new field that looks to make code more efficient and reduce carbon emitted from the hardware it's running on... The foundation wants to set standards, best practices and patterns for building green software; nurture the creation of trusted open-source and open-data projects and support academic research; and grow an international community of green software ambassadors. The goal is to help the Information and Communication Technology sector to reduce its greenhouse gas emissions by 45% before 2030.

That includes mobile network operators, ISPs, data centers, and all the laptops being snapped up during the pandemic. "We envision a future where carbon-free software is standard - where software development, deployment, and use contribute to the global climate solution without every developer having to be an expert," Erica Brescia, COO of GitHub said in a statement. Microsoft president Brad Smith said "the world confronts an urgent carbon problem."

"It will take all of us working together to create innovative solutions to drastically reduce emissions. Microsoft is joining with organizations who are serious about an environmentally sustainable future to drive adoption of green software development to help our customers and partners around the world reduce their carbon footprint."
VentureBeat also points out that Microsoft "recently launched a $1 billion Climate Innovation Fund to accelerate the global development of carbon reduction, capture, and removal technologies."

But Bloomberg explores the rationale behind the new foundation: Data centers now account for about 1% of global electricity demand, and that's forecast to rise to 3% to 8% in the next decade, the companies said in a statement Tuesday, timed to Microsoft's Build developers conference... While it's tough to determine exactly how much carbon is emitted by individual software programs, groups like the Green Software Foundation examine metrics such as how much electricity is needed, whether microprocessors are being used efficiently, and the carbon emitted in networking. The foundation plans to look at curricula and developing certifications that would give engineers expertise in this space. As with areas like data science and cybersecurity, there will be an opportunity for engineers to specialize in green software development, but everyone who builds software will need at least some background in it, said Jeff Sandquist, a Microsoft vice president for developer relations.

"This will be the responsibility of everybody on the development team, much like when we look at security, or performance or reliability," he said. "Building the application in a sustainable way is going to matter."

Slashdot reader AleRunner writes: Ubuntu has announced that, with immediate effect Ubuntu's IRC channels are moving to libera.chat. The move follows a "hostile takeover" of Ubuntu's namespace by Freenode's new management that appears to be happening to many other distributions including Gentoo as well as other projects that have used Freenode [including channels associated with the programming languages Raku, Elixir, and Haskell].

For Ubuntu, and many other FOSS projects, Freenode has long been one of the major official forms of communication... With IRC channels often used for important system advice, and project communication, this becomes not just an inconvenience but even a security problem. For this reason Ubuntu's replacement network, libera.chat has a more clearly open organisational structure than Freenode had before being taken over.
"All told, it appears something like 700 irc.freenode.net channels have been seized and re-permissioned," reports The Register, "supposedly because the channels mentioned Libera Chat in violation of Freenode's advertising policy."

Wednesday Freenode owner Andrew Lee posted a blog post explaining that "in retrospect, we should have handled the action of closing down channels slightly differently..."

"The intent of doing this was not an attempt of a hostile takeover nor hijack like many people are saying. Since certain projects were disrupting their users' ability to chat on freenode via mass kicks, force closures, spam, we decided to enact this policy in those places which were deemed in violation and could cause an issue later...

"We believe we should have done this in a much more communicative way to circulate the right message and keep things transparent which of course did not happen. As we move forward I'd like to fully assure you that we will be working in complete commitment to restore projects, namespaces and channels that were closed on accident as a part of this event and we welcome them to use freenode as before as their very own homebase.

"Lastly, there are no excuses for this, and I'm willing to admit that I was wrong with Tuesday's move and apologize for the inconvenience that may have caused."

An anonymous reader quotes a report from Wired: On Tuesday, Microsoft and OpenAI shared plans to bring GPT-3, one of the world's most advanced models for generating text, to programming based on natural language descriptions. This is the first commercial application of GPT-3 undertaken since Microsoft invested $1 billion in OpenAI last year and gained exclusive licensing rights to GPT-3. "If you can describe what you want to do in natural language, GPT-3 will generate a list of the most relevant formulas for you to choose from," said Microsoft CEO Satya Nadella in a keynote address at the company's Build developer conference. "The code writes itself."

Microsoft VP Charles Lamanna told WIRED the sophistication offered by GPT-3 can help people tackle complex challenges and empower people with little coding experience. GPT-3 will translate natural language into PowerFx, a fairly simple programming language similar to Excel commands that Microsoft introduced in March. Microsoft's new feature is based on a neural network architecture known as Transformer, used by big tech companies including Baidu, Google, Microsoft, Nvidia, and Salesforce to create large language models using text training data scraped from the web. These language models continually grow larger. The largest version of Google's BERT, a language model released in 2018, had 340 million parameters, a building block of neural networks. GPT-3, which was released one year ago, has 175 billion parameters. Such efforts have a long way to go, however. In one recent test, the best model succeeded only 14 percent of the time on introductory programming challenges compiled by a group of AI researchers. Still, researchers who conducted that study conclude that tests prove that "machine learning models are beginning to learn how to code."

James Bond has a new home: Amazon and MGM announced a definitive merger agreement under which Amazon will acquire MGM for $8.45 billion. From a report: MGM, founded in 1924, complements Amazon Studios, which has primarily focused on producing TV programming, the companies said. Amazon will help "preserve MGM's heritage and catalog of films," and provide customers with greater access to these existing works, the companies said. For Amazon, snapping up MGM -- which has more than 4,000 movies and 17,000 TV shows in its catalog -- is a way to supercharge its Prime Video service with a slew of well-known entertainment properties. In addition, Amazon is anticipating being able to tap into Metro-Goldwyn-Mayer properties like the Pink Panther, Rocky, and, yes, the 007 franchises for new originals.

"The real financial value behind this deal is the treasure trove of [intellectual property] in the deep catalog that we plan to reimagine and develop together with MGM's talented team," Mike Hopkins, senior VP of Prime Video and Amazon Studios, said in announcing the deal. "It's very exciting and provides so many opportunities for high-quality storytelling." Hopkins noted that MGM productions collectively have won more than 180 Oscars and 100 Emmys. The studio has roughly 800 employees globally.

For over an hour on Saturday, retired Microsoft OS developer David Plummer answered questions from his viewers on YouTube.

Long-time Slashdot reader destinyland writes: He began with an update on a project to test the performance of the same algorithm using 30 different programming languages, and soon tells the story of how he was inspired to apply for his first job at Microsoft after reading Hard Drive: Bill Gates and the Making of the Microsoft Empire.

I decided that this is where I wanted to work, because these guys sound like me, they act like me, they are what I want to be when I grow up. And holy cow, they pay them well, apparently. So I wrote to everybody that I could find that had a Microsoft email address, which was about four people, because I had a software product people had been regisering on the Amiga. And one guy, Alistair Banks... responded and he hooked me up with a hiring manager directly in Windows that had an open slot that was hiring... And a couple of interview slots later, I wound up as an intern at MS-DOS working for Ben Slivka.

So you would think, "Oh, an intern on MS-DOS. What'd you do? Format disks?" No — it's amazing to me, actually. They give you as much work as they believe that you are capable of, and — they get you for all that you're worth, basically. They had me write a bunch of major features, like the Smart Drive cache for CD-ROMs was the first thing I wrote. Then I wrote DISKCOPY, making it work, single pass, bunch of features in MS-DOS. I re-wrote Setup to work on a single floppy disk by using deltas and patching in place, DOS 5 to turn it into DOS 6, something like, or maybe it was DOS 6 into 6.2... A whole bunch of features, within the span of, like, three months, which to me was fairly impressive at the time, I thought. And that only got me an interview...

Later he says that he'd like to see most of 16-bit Windows and all of MS-DOS open sourced, along with some select application code from that era.

I don't think there's any reason to hold back any of MS-DOS at this point. They have absolutely no reason to open source any of it, really — other than PR, because all it brings them is potential liability, complaints and angst, and probably nothing positive for putting the code out there and exposing it to ridicule. Because it's ancient code at this point. It's like, "Ha! Look what Microsoft did!" Well, yeah, I know Linux is cool now, but go look at Linux code from 1991 — and I worked on some of that code. Well, '93 I did. It's not the same as what you see today.

So yeah, MS-DOS probably looks archaic — although it's super tight, it doesn't have many bugs. It's just written differently than you would write code today, because you're targetting something that is a very different CPU and memory system and PC as a whole, and it's so much more limited that everybody's sacred, every cycle matters. That kind of thing that you don't worry about now. But I'd still like to see all the code from back then that's not embarrassing released.

And when asked what he misses most about being a Microsoft developer, he answers:

I miss going for lunch with the people that I went for lunch with, and talking to the people that I worked with. Because they were a lot like me, they had similar interests, they had similar abilities, they were people like me. We went for lunch, we ate food, it was awesome, and then we talked about cool things. And we did that every day. And now I don't get to do that any more. I get to do it rarely, because I take guys out for lunch and stuff, but it's not the same. So that's really what I miss.

And I miss somebody always feeding me something interesting to do. Because now I have to go out and find something that's interesting to do on my own. And I can't make everything be monetarily remunerative...

Python's creator Guido van Rossum shared his opinions on other programming languages during a new hour-long interview with Microsoft's principle cloud advocate manager. Some of the highlights:

• Rust: "It sounds like it's a great language — for certain things. Rust really improves on C++ in one particular area — it makes it much harder to bypass the checks in the compiler. And of course it solves the memory allocation problem in a near perfect way... if you wrote the same thing in C++, you could not be as sure, as compared to Rust, that you've gotten all your memory allocation and memory management stuff right. So Rust is an interesting language."

• Go and Julia: "I still think that Go is a very interesting language too. Of all the new languages, Go is probably the most Python-ic — or at least the general-purpose new languages. There's also Julia, which is sort of an interesting sort of take on something Python-like. It has enough details that look very similar to Python that then when you realize, 'Oh, but all the indexing is one-based and ranges are inclusive instead of exclusive,' you think, 'Argh!' Nobody should ever try to code in Julia and in Python on the same day.
  
  "My understanding is that Julia is sort of much more of a niche language, and if you're in that niche, it is superior because the compiler optimizes your code for you in a way that Python probably never will. On the other hand, it is much more limited in other areas, and I wouldn't expect that anybody ever is going to write a web server in Julia and get a lot of mileage out of it. And I'm sure in five minutes that will be on Hacker News with a counterexample."

• TypeScript: "TypeScript is a great language. You might have noticed that in the past six or seven years, we've been adding optional static typing to Python, also known as gradual typing. I wasn't actually aware of TypeScript when we started that project, so I can't say that we were inspired by TypeScript initially. TypeScript, because it sort of jumped on the JavaScript bandwagon — and because Anders is a really smart guy — TypeScript did a few things that Python is still waiting to figure out. So nowadays, we definitely look at TypeScript for examples. We have a typing SIG where we discuss extensions of the typing syntax and semantics and the type system in general for Python, and we definitely sometimes propose new features because we know that certain features were also originally initially lacking in TypeScript, and then added to TypeScript based on user demand, and [became] very successful in TypeScript. And so now we can see we are in that same situation.
  
  "Because JavaScript and Python are relatively similar... Much more so than Python and say C++ or Rust or Java. So we are learning from TypeScript, and occasionally, from my conversations with Anders, it sounds like TypeScript is also learning from Python, just like JavaScript has learned from Python in a few areas."

"The official Python software package repository, PyPI, is getting flooded with spam packages..." Bleeping Computer reported Thursday.

"Each of these packages is posted by a unique pseudonymous maintainer account, making it challenging for PyPI to remove the packages and spam accounts all at once..." PyPI is being flooded with spam packages named after popular movies in a style commonly associated with torrent or "warez" sites that provide pirated downloads: watch-(movie-name)-2021-full-online-movie-free-hd-... Although some of these packages are a few weeks old, BleepingComputer observed that spammers are continuing to add newer packages to PyPI... The web page for these bogus packages contain spam keywords and links to movie streaming sites, albeit of questionable legitimacy and legality...

February of this year, PyPI had been flooded with bogus "Discord", "Google", and "Roblox" keygens in a massive spam attack, as reported by ZDNet. At the time, Ewa Jodlowska, Executive Director of the Python Software Foundation had told ZDNet that the PyPI admins were working on addressing the spam attack, however, by the nature of pypi.org, anyone could publish to the repository, and such occurrences were common.

Other than containing spam keywords and links to quasi-video streaming sites, these packages contain files with functional code and author information lifted from legitimate PyPI packages... As previously reported by BleepingComputer, malicious actors have combined code from legitimate packages with otherwise bogus or malicious packages to mask their footsteps, and make the detection of these packages a tad more challenging...

In recent months, the attacks on open-source ecosystems like npm, RubyGems, and PyPI have escalated. Threat actors have been caught flooding software repositories with malware, malicious dependency confusion copycats, or simply vigilante packages to spread their message. As such, securing these repositories has turned into a whack-a-mole race between threat actors and repository maintainers.

An anonymous reader quotes a report from The Mercury News: Instead of learning a foreign language, Michigan students could take computer coding classes to replace the high school graduation requirement, under a bill that passed the state House Tuesday. Currently, the Michigan Merit Curriculum, which dictates the state's academic standards for graduation, requires students to take two world language credits to receive a high school diploma. Before the bill passed a vote, bill sponsor Rep. Greg VanWoerkom spoke about the value of coding in Michigan's prominent auto and tech industries, as well as it being a good alternative for those kids who struggle with traditional language classes.

"Besides being a hard skill, that employers actually want, coding. helps build soft skills. Coding promotes the use of logic, reasoning, problem solving and creativity," the Norton Shores Republican said. "Any professional coder will tell you that to be fluent in coding takes years of practice and a deep understanding of the language." In opposition to the bill, Rep Padma Kuppa said though she understands the importance of adding more technology education to curriculums, having had a career as a mechanical engineer, coding is not a foreign language. Students need both computer and tech skills and foreign language skills. "As technology helps the world become more interconnected, our ability to understand and work with others on technical projects around the globe is not only related to the ability to code, but to understand one another," the Troy Democrat said.