Changelog News

Developer news worth your attention

Jerod again! 👋

Where our digital & physical lives meet is an area of fascination to me. A recent example that I found evocative is a post by Raphael Pour titled, “Getting old” , which contains this singular image:

Ok, let’s get into the news.

🎧 Simply the best pods for devs

🎙️ The man behind the Sandwich (Adam Lisagor)
💚 The BSOD CrowdStrikes back (Robert Ross)
🚀 Deploying on a Friday (Michael Gat)
🪩 Going flat with ESLint (Josh Goldberg)
🤖 Hyperventilating over the Gartner AI Hype Cycle (Demetrios Brinkmann)
⏰ Aha moments reading Go’s source: Part 2 (Jesús Espino)

🇨🇭 The Swiss government goes open source

In a move that began way back in 2011 (!), Switzerland recently passed the “Federal Act on the Use of Electronic Means for the Performance of Official Duties” (EMBAG for short).

This new law requires all public bodies to disclose the source code of software developed by or for them unless third-party rights or security concerns prevent it. This “public money, public code” approach aims to enhance government operations’ transparency, security, and efficiency.

This is something that every tax-funded government on Earth should do, IMHO, and “public money, public code” is such a simple & powerful way of stating the aim.

🍪 Google reverses course on third-party cookies

Anthony Chavez, VP of Privacy Sandbox at Google:

Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time. We’re discussing this new path with regulators, and will engage with the industry as we roll this out.

Let me also introduce a new experience that lets people make an informed choice that applies across their web browsing: stop using Google Chrome!

🦾 “Open source” AI is the path forward

(Scare quotes added by me, because Zuck uses the term “open source” sans OSI approval)

Mark Zuckerberg, announcing the release of multiple Llama 3.1 models:

Today, several tech companies are developing leading closed models. But open source is quickly closing the gap. Last year, Llama 2 was only comparable to an older generation of models behind the frontier. This year, Llama 3 is competitive with the most advanced models and leading in some areas. Starting next year, we expect future Llama models to become the most advanced in the industry.

In the linked post, He outlines why he believes “open source” is the best development stack, why “open sourcing” Llama is good for Meta & why “open source” AI is good for the world.

🔓 Anyone can access deleted and private repository data on GitHub

This sounds… not ideal

You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way.

They’re calling it Cross Fork Object Reference (CFOR). It occurs when one repository fork can access sensitive data from another fork, even if said fork is private or has been deleted. The how is detailed in the linked post, but the most interesting / concerning thing is that it’s not a bug, it’s a feature? After notifying GitHub, they replied:

Thanks for the submission! This is an intentional design decision and is working as expected as noted in our documentation. We may make this functionality more strict in the future, but don’t have anything to announce right now.

Perhaps a good takeaway of this is: don’t use private forks (just in case)

💰 Go ahead, commit your .env file!

Thanks to 1Password for sponsoring Changelog News

1Password makes it easy and secure to share configs & secrets across your team.

You can replace secrets in your .env file with secret references & use the 1Password CLI to inject them when you start your app (that’s how we do it). Now when new members join your team, they can download the .env to get up & running with your development secrets in minutes. We use 1Password and we think you and your team should too.

Just for our readers they’re doubling their free trial to 28 days (vs 14 days). Check it out!

🌐 The New Internet

Tailscale co-founder/CEO, Avery Pennarun, explains how they didn’t set out to be a networking company. They set out to fix the problem of developers scaling what they don’t need to scale. Then they remembered the beautify of their ’90s era LANs:

We looked at a lot of options, and talked to a lot of people, and there was an underlying cause for all the problems. The Internet. Things used to be simple. Remember the LAN? But then we connected our LANs to the Internet, and there’s been more and more firewalls and attackers everywhere, and things have slowly been degrading ever since.

The solution they’re presenting is to remove the everything that’s not essential complexity and, boldly, “fix the internet”

If we fix the Internet, a whole chain of dominoes can come falling down, and we reach the next stage of technology evolution…

We’ve built a giant centralized computer system, with a few megaproviders in the middle, and a bunch of dumb terminals on our desks and in our pockets. The dumb terminals, even our smart watches, are all supercomputers by the standards of 20 years ago, if we used them that way. But they’re not much better than a VT100. Turn off AWS, and they’re all bricks.
It’s easy to fool ourselves into thinking the overall system is distributed. Yes, we build fancy distributed consensus systems and our servers have multiple instances. But all that runs centrally on cloud providers.

I have to stop quoting now or I’ll run up our AWS bill. Also this might come off as a Tailscale ad, which it is not. (They do sponsor us sometimes, but this is not sponsored at all.) It’s simply a well-written explanation of a well-conceived vision.

🎞️ Clip of the week: Happy Eyeballs

I like learning new things. I also like Daniel Stenberg. You too?

✊ Jellyfin: We’re good, seriously

Jellyfin project leader, Joshua Boniface:

We have quite a budget collected over the last 5 years, and while we’re really happy to see so many in the Jellyfin community contribute to us, we want to ask you to stop!
No, really. We don’t actually need your money. At least, not here and now.
We have over $24,000 in the bank, and with average monthly expenses of only ~$600, that’s over 40 months (3.3 years) of runway! So, we have plenty of money for the near future.

I think I can safely say I’ve never seen this before…

💰 Intel Innovation 2024 – Accelerate the Future!

Thanks to Intel for sponsoring Changelog News

Registration is now open for Intel Innovation 2024 in San Jose, CA!

This event is all about you – the developer and technologist community – and the critical role you play in tackling the toughest challenges across the industry. Ignite your passion for AI and beyond, grow your skills to maximize your impact, and network with your peers as we unleash the next wave of advancements in technology.

Hear from industry experts, technologists, entrepreneurs & fellow developers along with Intel leaders:

CEO Pat Gelsinger
CTO Greg Lavender

Don’t miss early bird pricing! It ends August 2nd…

🧑‍🎨 Where is the programming inspo?

Avdi Grimm asks a very good question for his fellow programmers:

If metaphors play such a central role in creating powerful abstractions, why do we not deliberately set about exposing ourselves to as many potential metaphors as possible? Why is there no “metaphor of the day” blog?
If programming is creative work, why do so few programmers attend writers-workshop-like activities such as Code Retreats, where the same code is written over and over, each time with different creative constraints?
If we are “creatives”, why don’t we feed our creative centers the way other creatives do?

📐 Also (potentially) interesting

That’s the news for now, but this is issue #105, so that means it’s time once again for some Changelog++ shout outs!

SHOUT OUT to our newest members: Nicholas C, Chris T, Benjamin S, Ciaran J, Matthew M & Jared G!

We appreciate you for supporting our work with your hard-earned cash.

(If Changelog++ is new to you, it is our membership program you can join to ditch the ads, get closer to the metal with bonus content, receive a free sticker pack in the mail, directly support our work & get shout outs like the ones above. ☝)

Have a great week, forward this to a friend who might dig it & I’ll talk to you again real soon. 💚

–Jerod