Google reverses on third-party cookies, Zuck on "open source" AI, GitHub open private data, the New Internet, Jellyfin, programming inspo & more

Changelog News

Developer news worth your attention

Jerod again! šŸ‘‹

Where our digital & physical lives meet is an area of fascination to me. A recent example that I found evocative is a post by Raphael Pour titled, ā€œGetting oldā€ , which contains this singular image:

A git diff displays a config change, increasing editor font size from 8 to 9 points

Ok, letā€™s get into the news.


šŸŽ§ Simply the best pods for devs

šŸŽ™ļø The man behind the Sandwich (Adam Lisagor)
šŸ’š The BSOD CrowdStrikes back (Robert Ross)
šŸš€ Deploying on a Friday (Michael Gat)
šŸŖ© Going flat with ESLint (Josh Goldberg)
šŸ¤– Hyperventilating over the Gartner AI Hype Cycle (Demetrios Brinkmann)
ā° Aha moments reading Goā€™s source: Part 2 (JesĆŗs Espino)

šŸ‡ØšŸ‡­ The Swiss government goes open source

In a move that began way back in 2011 (!), Switzerland recently passed the ā€œFederal Act on the Use of Electronic Means for the Performance of Official Dutiesā€ (EMBAG for short).

This new law requires all public bodies to disclose the source code of software developed by or for them unless third-party rights or security concerns prevent it. This ā€œpublic money, public codeā€ approach aims to enhance government operationsā€™ transparency, security, and efficiency.

This is something that every tax-funded government on Earth should do, IMHO, and ā€œpublic money, public codeā€ is such a simple & powerful way of stating the aim.

šŸŖ Google reverses course on third-party cookies

Anthony Chavez, VP of Privacy Sandbox at Google:

Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and theyā€™d be able to adjust that choice at any time. Weā€™re discussing this new path with regulators, and will engage with the industry as we roll this out.

Let me also introduce a new experience that lets people make an informed choice that applies across their web browsing: stop using Google Chrome!

šŸ¦¾ ā€œOpen sourceā€ AI is the path forward

(Scare quotes added by me, because Zuck uses the term ā€œopen sourceā€ sans OSI approval)

Mark Zuckerberg, announcing the release of multiple Llama 3.1 models:

Today, several tech companies are developing leading closed models. But open source is quickly closing the gap. Last year, Llama 2 was only comparable to an older generation of models behind the frontier. This year, Llama 3 is competitive with the most advanced models and leading in some areas. Starting next year, we expect future Llama models to become the most advanced in the industry.

In the linked post, He outlines why he believes ā€œopen sourceā€ is the best development stack, why ā€œopen sourcingā€ Llama is good for Meta & why ā€œopen sourceā€ AI is good for the world.

šŸ”“ Anyone can access deleted and private repository data on GitHub

This soundsā€¦ not ideal

You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way.

Theyā€™re calling it Cross Fork Object Reference (CFOR). It occurs when one repository fork can access sensitive data from another fork, even if said fork is private or has been deleted. The how is detailed in the linked post, but the most interesting / concerning thing is that itā€™s not a bug, itā€™s a feature? After notifying GitHub, they replied:

Thanks for the submission! This is an intentional design decision and is working as expected as noted in our documentation. We may make this functionality more strict in the future, but donā€™t have anything to announce right now.

Perhaps a good takeaway of this is: donā€™t use private forks (just in case)

šŸ’° Go ahead, commit your .env file!

Thanks to 1Password for sponsoring Changelog News

1Password makes it easy and secure to share configs & secrets across your team.

You can replace secrets in your .env file with secret references & use the 1Password CLI to inject them when you start your app (thatā€™s how we do it). Now when new members join your team, they can download the .env to get up & running with your development secrets in minutes. We use 1Password and we think you and your team should too.

Just for our readers theyā€™re doubling their free trial to 28 days (vs 14 days). Check it out!

šŸŒ The New Internet

Tailscale co-founder/CEO, Avery Pennarun, explains how they didnā€™t set out to be a networking company. They set out to fix the problem of developers scaling what they donā€™t need to scale. Then they remembered the beautify of their ā€™90s era LANs:

We looked at a lot of options, and talked to a lot of people, and there was an underlying cause for all the problems. The Internet. Things used to be simple. Remember the LAN? But then we connected our LANs to the Internet, and thereā€™s been more and more firewalls and attackers everywhere, and things have slowly been degrading ever since.

The solution theyā€™re presenting is to remove the everything thatā€™s not essential complexity and, boldly, ā€œfix the internetā€

If we fix the Internet, a whole chain of dominoes can come falling down, and we reach the next stage of technology evolutionā€¦

Weā€™ve built a giant centralized computer system, with a few megaproviders in the middle, and a bunch of dumb terminals on our desks and in our pockets. The dumb terminals, even our smart watches, are all supercomputers by the standards of 20 years ago, if we used them that way. But theyā€™re not much better than a VT100. Turn off AWS, and theyā€™re all bricks.

Itā€™s easy to fool ourselves into thinking the overall system is distributed. Yes, we build fancy distributed consensus systems and our servers have multiple instances. But all that runs centrally on cloud providers.

I have to stop quoting now or Iā€™ll run up our AWS bill. Also this might come off as a Tailscale ad, which it is not. (They do sponsor us sometimes, but this is not sponsored at all.) Itā€™s simply a well-written explanation of a well-conceived vision.

šŸŽžļø Clip of the week: Happy Eyeballs

I like learning new things. I also like Daniel Stenberg. You too?

Happy Eyeballs Algorithm video thumbnail


āœŠ Jellyfin: Weā€™re good, seriously

Jellyfin project leader, Joshua Boniface:

We have quite a budget collected over the last 5 years, and while weā€™re really happy to see so many in the Jellyfin community contribute to us, we want to ask you to stop!

No, really. We donā€™t actually need your money. At least, not here and now.

We have over $24,000 in the bank, and with average monthly expenses of only ~$600, thatā€™s over 40 months (3.3 years) of runway! So, we have plenty of money for the near future.

I think I can safely say Iā€™ve never seen this beforeā€¦

šŸ’° Intel Innovation 2024 ā€“ Accelerate the Future!

Thanks to Intel for sponsoring Changelog News

Registration is now open for Intel Innovation 2024 in San Jose, CA!

This event is all about you ā€“ the developer and technologist community ā€“ and the critical role you play in tackling the toughest challenges across the industry. Ignite your passion for AI and beyond, grow your skills to maximize your impact, and network with your peers as we unleash the next wave of advancements in technology.

Hear from industry experts, technologists, entrepreneurs & fellow developers along with Intel leaders:

  • CEO Pat Gelsinger
  • CTO Greg Lavender

Donā€™t miss early bird pricing! It ends August 2ndā€¦

šŸ§‘ā€šŸŽØ Where is the programming inspo?

Avdi Grimm asks a very good question for his fellow programmers:

If metaphors play such a central role in creating powerful abstractions, why do we not deliberately set about exposing ourselves to as many potential metaphors as possible? Why is there no ā€œmetaphor of the dayā€ blog?

If programming is creative work, why do so few programmers attend writers-workshop-like activities such as Code Retreats, where the same code is written over and over, each time with different creative constraints?

If we are ā€œcreativesā€, why donā€™t we feed our creative centers the way other creatives do?


šŸ“ Also (potentially) interesting


Thatā€™s the news for now, but this is issue #105, so that means itā€™s time once again for some Changelog++ shout outs!

SHOUT OUT to our newest members: Nicholas C, Chris T, Benjamin S, Ciaran J, Matthew M & Jared G!

We appreciate you for supporting our work with your hard-earned cash.

(If Changelog++ is new to you, it is our membership program you can join to ditch the ads, get closer to the metal with bonus content, receive a free sticker pack in the mail, directly support our work & get shout outs like the ones above. ā˜)

Have a great week, forward this to a friend who might dig it & Iā€™ll talk to you again real soon. šŸ’š

ā€“Jerod