Oracle

Largest Local Government Body In Europe Goes Under Amid Oracle Disaster (theregister.com) 110

Birmingham City Council, the largest local authority in Europe, has declared itself in financial distress after troubled Oracle project costs ballooned from $25 million to around $125.5 million. The Register reports: Contributing to the publication of a legal Section 114 Notice, which says the $4.3 billion revenue organization is unable to balance the books, is a bill of up to $954 million to settle equal pay claims. In a statement today, councillors John Cotton and Sharon Thompson, leader and deputy leader respectively, said the authority was also hit by financial stress owing to issues with the implementation of its Oracle IT system. The council has made a request to the Local Government Association for additional strategic support, the statement said.

In May, Birmingham City Council said it was set to pay up to $125.5 million for its Oracle ERP system -- potentially a fourfold increase on initial estimated expenses -- in a project suffering from delays, cost over-runs, and a lack of controls. After grappling with the project to replace SAP for core HR and finance functions since 2018, the council reviewed the plan in 2019, 2020, and again in 2021, when the total implementation cost for the project almost doubled to $48.5 million. The project, dubbed Financial and People, was "crucial to an organisation of Birmingham City Council's size," a spokesperson said at the time. Cotton said the system had a problem with how it was "tracking our financial transactions and HR transactions issues as well. That's got to be fixed," he said.

Earlier this year, one insider told The Register that Oracle Fusion, the cloud-based ERP system the council is moving to, "is not a product that is suitable for local authorities, because it's very much geared towards a manufacturing/trading organization." They said the previous SAP system had been heavily customized to meet the council's needs and it was struggling to recreate these functions in Oracle.

Programming

Are Scrums a Cancer? (devops.com) 293

Santiago Valdarrama teaches machine learning. He posted this week on Twitter and LinkedIn that "Scrum is a cancer." Some highlights: I've been writing software for 25 years, and nothing renders a software team useless like Scrum does... We spent more time talking than doing... We spent more time estimating story points than writing software... Imagine having a manager, a scrum master, a product owner, and a tech lead. You had to answer to all of them and none simultaneously...

I believe in Agile, but this ain't agile... The result was always the same: It didn't work. Scrum is a cancer that will eat your development team. Scrum is not for developers; it's another tool for managers to feel they are in control.

DevOps.com shares some reactions, including the developer who calls Scrum "a life-sucking batch of meetings that are good for one thing: Taking developers who can't or don't want to see the overall business/architecture picture and getting useful work out of them."

But later in the week, Valdarrama revisited the issue with a follow-up post. "After 3,400 replies, I learned a few things." First, the most common jobs among the people who told me I was wrong were "Agile Coach" and "Scrum Master...."

Second, Scrum can't fail because Scrum is whatever you want Scrum to be. There's no right way to do Scrum, so if it doesn't work for you, you aren't as bright as you thought you were.

Third, Scrum isn't agile, except when it is. But it's much better than Waterfall, except when it isn't. And it's better than nothing and everything at the same time.

Fourth, many people got triggered by my comparison of Scrum and communism...

Finally, by far, most people hate Scrum with passion.

Thanks to Slashdot reader RUs1729 for sharing the link.
Games

Saints Row Developer Volition Has Been Shut Down (gamedeveloper.com) 50

After 30 years of operations, the developer behind 2001's Red Faction and Saints Row, Volition, is being shut down. Its parent company Embracer broke the news on LinkedIn, attributing the decision to a "restructuring program." Game Developer reports: Founded in June 1993 by Mike Kulas and Matt Toschlog, Volition was originally known as Parallax Software. Its debut title was 1995's Descent, which was followed by a sequel the following year. Starting with 1998's Descent: Freespace -- The Great War, the studio would go by its current name.

Volition's "big break" game came in the form of 2001's Red Faction. That game spawned multiple sequels (ending with 2011's Red Faction: Armageddon) and a movie spinoff. Its other big franchise, Saints Row, began in 2006 and enjoyed the longer tenure: with several sequels, a soft reboot (2017's Agents of Mayhem), and 2022's full-on reboot, simply titled Saints Row. Other titles developed by the studio include 2002's Summoner 2 and The Punisher from 2004.

During the 2010s, Volition was a key developer from THQ that survived the transition over to Deep Silver. That company later rebranded to Plaion (formerly Koch Media) and itself had a "small restructure" as of 2022. Saints Row 2022, the final game from Volition, will be available on PlayStation Plus' Extra tier starting September 6.

Google

Google Launches BigQuery Studio, a New Way To Work With Data (techcrunch.com) 9

An anonymous reader quotes a report from TechCrunch: Companies increasingly see the value in mining their data for deeper insights. According to a NewVantage survey, 97.6% of major worldwide organizations are focusing investments into big data and AI. But challenges stand in the way of executing big data analytics. One recent poll found that 65% of organizations feel they have "too much" data to analyze. Google's proposed solution is BigQuery Studio, a new service within BigQuery, its fully managed serverless data warehouse, that provides a single experience to edit programming languages including SQL, Python and Spark to run analytics and machine learning workloads at "petabyte scale." BigQuery Studio is available in preview as of this week.

"BigQuery Studio is a new experience that really puts people who are working on data on the one side and people working on AI on the other side in a common environment," Gerrit Kazmaier, VP and GM of data and analytics at Google, told TechCrunch in a phone interview. "It basically provides access to all of the services that those people need to work -- there's an element of simplification on the user experience side." BigQuery Studio is designed to enable users to discover, explore, analyze and predict data. Users can start in a programming notebook to validate and prep data, then open that notebook in other services, including Vertex AI, Google's managed machine learning platform, to continue their work with more specialized AI infrastructure and tooling.

With BigQuery Studio, teams can directly access data wherever they're working, Kazmaier says. And they have added controls for "enterprise-level" governance, regulation and compliance. "[BigQuery Studio shows] how data is being generated to how it's being processed and how it's being used in AI models, which sounds technical, but it's really important," he added. "You can push down code for machine learning models directly into BigQuery as infrastructure, and that means that you can evaluate it at scale."

Programming

More Developers Are Using the Rust Programming Language, Survey Finds (rust-lang.org) 117

This month the official Rust blog announced: For the 6th year in a row, the Rust Project conducted a survey on the Rust programming language, with participation from project maintainers, contributors, and those generally interested in the future of Rust. This edition of the annual State of Rust Survey opened for submissions on December 5 and ran until December 22, 2022... [W]e had 9,433 total survey completions and an increased survey completion rate of 82% vs. 76% in 2021...

- More people are using Rust than ever before! Over 90% of survey respondents identified as Rust users, and of those using Rust, 47% do so on a daily basis — an increase of 4% from the previous year.

- 30% of Rust user respondents can write simple programs in Rust, 27% can write production-ready code, and 42% consider themselves productive using Rust. Of the former Rust users who completed the survey, 30% cited difficulty as the primary reason for giving up while nearly 47% cited factors outside of their control.

- The growing maturation of Rust can be seen through the increased number of different organizations utilizing the language in 2022. In fact, 29.7% of respondents stated that they use Rust for the majority of their coding work at their workplace, which is a 51.8% increase compared to the previous year.

- There are numerous reasons why we are seeing increased use of Rust in professional environments. Top reasons cited for the use of Rust include the perceived ability to write "bug-free software" (86%), Rust's performance characteristics (84%), and Rust's security and safety guarantees (69%). We were also pleased to find that 76% of respondents continue to use Rust simply because they found it fun and enjoyable. (Respondents could select more than one option here, so the numbers don't add up to 100%.)

- Of those respondents that used Rust at work, 72% reported that it helped their team achieve its goals (a 4% increase from the previous year) and 75% have plans to continue using it on their teams in the future.

- But like any language being applied in the workplace, Rust's learning curve is an important consideration; 39% of respondents using Rust in a professional capacity reported the process as "challenging" and 9% of respondents said that adopting Rust at work has "slowed down their team". However, 60% of productive users felt Rust was worth the cost of adoption overall...

- Of those respondents who shared their main worries for the future of Rust, 26% have concerns that the developers and maintainers behind Rust are not properly supported — a decrease of more than 30% from the previous year's findings. One area of focus in the future may be to see how the Project in conjunction with the Rust Foundation can continue to push that number towards 0%.

- While 38% have concerns about Rust "becoming too complex", only a small number of respondents were concerned about documentation, corporate oversight, or speed of evolution. 34% of respondents are not worried about the future of Rust at all.

This year's survey reflects a 21% decrease in fears about Rust's usage in the industry since the last survey.

Programming

Creators of Python, Java, TypeScript, and SmallTalk Will Make a Joint Appearance for Charity (pydata.org) 45

The creators of four programming languages will appear together onstage for a historic conversation on September 19th.

- Adele Goldberg — Smalltalk
- Guido Van Rossum — Python
- Anders Hejlsberg — Turbo Pascal, C#, TypeScript
- James Gosling — Java

The announcement describes it as "a conversation about programming language design." The charity event brings together this unique group of computer science pioneers, unlike any event held before. These great minds come together for what will surely be a fantastic night of discussion as the panel delves into the past and future of programming language creation.
It's a fundraiser for two groups. NumFOCUS is a nonprofit charity sponsoring nearly all the major tools in the Python data science stack (including jupyter, numpy, pandas, and matplotlib), and it's also the group behind PyData conferences on open source data tools. And the Last Mile Education Fund offers financial support for low-income underrepresented students. It's being billed as the "inaugural charity event" of PyData Seattle.

This happened once before in 2019, when Puget Sound Programming Python arranged a four-way discussion with Python creator Guido van Rossum, Java creator James Gosling, Perl creator Larry Wall, and Anders Hejlsberg (Turbo Pascal, C#, TypeScript). They held a 90-minute discussion about "language design, the universe, and everything" as a benefit for CSforALL (a group promoting computer science classes at every grade level). During that discussion Gosling shared how Java "started out as kind of 'Do a better C', and it got out of control. The rest of the project really ended up just providing the context." And Anders Hejlsberg told the audience that TypeScript was inspired by massive "write-only" JavaScript code bases.

In their discussion on variable typing and its use in IDEs, Gosling mocked what he called the "real men use vi" mentality, leading to a lively back and forth. Perl's Larry Wall later acknowledged the importance of types and the careful consideration that went into implementing them for Perl 6, but also shared his unique perspective as a long-time designer of programming languages. "I think IDEs make language developers lazy."

At the end of the event, they all agreed that the most rewarding part of language design was the people — the excitement, the gratitude, and to see that community helping others in its community.
Programming

Amazon's Honeycode No-Code App Builder Is No-More (honeycodecommunity.aws) 36

"Amazon launches cloud service to help non-coders build apps," read the 2020 headline at CNBC — both mobile and web applications.

But long-time Slashdot reader theodp has the rest of the story: Customers have told us that the need for custom applications far outstrips the capacity of developers to create them," Amazon Web Services explained as it jumped on the low-code and no-code bandwagon in 2020...

But just three years later, Amazon posted a "Dear Valued Customer" letter announcing it's pulling the plug on Honeycode at the end of February: "To our valued customers: Thank you for participating in the Amazon Honeycode beta program... After careful consideration, we have made the decision to end the beta service, effective February 29, 2024. Starting today, we are no longer accepting new customer sign-ups to the Honeycode beta. However, as an existing customer, you will be able to use Honeycode and your Honeycode apps as normal (and add team members to your existing account) until February 29, 2024, when the service will be discontinued. After this date, you will no longer be able to use Honeycode or any of the apps you created in Honeycode."

Amazon advises the "valued customers" it's leaving stranded to use Honeycode's "Export Data" option ("a handy way to get your info organized into a CSV file(s)", although "formulas will not export"). They also warn that "We will retain your data until April 29, 2024. If you do not take any action, your data will be deleted on April 30, 2024."

Amazon adds that the spirit of Honeycode (RIP, 2020-2024) will live on in its other products: "We are incorporating lessons from the Amazon Honeycode beta into current services, and remain committed to supporting no/low code services including Amazon SageMaker Canvas (2021-?), AWS Amplify Studio (2021-?), and AWS AppFabric (2023-?).

Programming

Is 'CS In Every School' the 2024 Presidential Campaign's 'Chicken In Every Pot'? (msn.com) 104

Long-time Slashdot reader theodp writes: During the U.S. presidential campaign of 1928, a circular published by the Republican Party claimed that if Herbert Hoover won there would be "a chicken in every pot". Times change. When talk turned to education at Wednesday night's 2024 Republican U.S. Presidential Candidate Debate, candidate Asa Hutchinson promised there will be 'CS in every school' if he wins (YouTube).

"Look at Arkansas," the former Arkansas Governor explained. "We have to compete with China. I built computer science education. We led the nation in Computer Science education, going from 1,100 students to 23,000 students taking it. This is how you compete with China. As President of the United States, I will make sure we go from 51% of our schools offering computer science to every school in rural areas and urban areas offering computer science for the benefit of our kids and we can compete with China in terms of technology."

In his last year in office, Hutchinson served as Chair of the National Governors Association (NGA) and rallied the nation's Governors around tech CEOs' demands for more K-12 CS education to culminate his year-long CS evangelism initiative, which the NGA noted enjoyed the support of Amazon, Google, and Microsoft. Hutchinson's pitch to the Governors included a video challenging them with a question. "Will it be American students who learn to code," Hutchinson asked, "or will industry be required to go overseas to find the talent that we need here in the United States of America?"

Later in the debate former New Jersey governor Chris Christie said entrepreneur/candidate Vivek Ramaswamy "sounds like ChatGPT."
Programming

72-Year-Old C++ Creator Bjarne Stroustrup Shares Life Advice (youtube.com) 47

72-year-old Bjarne Stroustrup invented C++ (first released in 1985). 38 years later, he gave a short interview for Honeypot.io (which calls itself "Europe's largest tech-focused job platform") offering his own advice for life: Don't overspecialize. Don't be too sure that you know the future. Be flexible, and remember that careers and jobs are a long-term thing. Too many young people think they can optimize something, and then they find they've spent a couple of years or more specializing in something that may not have been the right thing. And in the process they burn out, because they haven't spent enough time building up friendships and having a life outside computing.

I meet a lot of sort of — I don't know what you call them, "junior geeks"? — that just think that the only thing that matters is the speciality of computing — programming or AI or graphics or something like that. And — well, it isn't... And if they do nothing else, well — if you don't communicate your ideas, you can just as well do Sudoku... You have to communicate. And a lot of sort of caricature nerds forget that. They think that if they can just write the best code, they'll change the world. But you have to be able to listen. You have to be able to communicate with your would-be users and learn from them. And you have to be able to communicate your ideas to them.

So you can't just do code. You have to do something about culture and how to express ideas. I mean, I never regretted the time I spent on history and on math. Math sharpens your mind, history gives you some idea of your limitations and what's going on in the world. And so don't be too sure. Take time to have a balanced life.

And be ready for the opportunity. I mean, a broad-based education, a broad-based skill set — which is what you build up when you educate, you're basically building a portfolio of skills — means that you can take advantage of an opportunity when it comes along. You can recognize it sometimes. We have lots of opportunities. But a lot of them, we either can't take advantage of, or we don't notice. It was my fairly broad education — I've done standard computer science, I've done compilers, I've done multiple languages... I think I knew two dozen at the time. And I have done machine architecture, I've done operating systems. And that skill set turned out to be useful.

At the beginning of the video, Stroustrup jokes that it's hard to give advice — and that it's at least as difficult as it is to take advice.

Earlier this year, Bjarne also told the same site the story of how he became a programmer by mistake — misreading a word when choosing what to study afer his high school exams. Stroustrup had thought he was signing up for an applied mathematics course, which instead turned to be a class in computer science...
Java

Scientists Strengthen Concrete By 30 Percent With Used Coffee Grounds (engadget.com) 84

According to a team of researchers from RMIT University in Australia, coffee grounds can be used as a silica substitute in the concrete production process to yield a significantly stronger chemical bond than sand alone. Engadget reports: "The disposal of organic waste poses an environmental challenge as it emits large amounts of greenhouse gases including methane and carbon dioxide, which contribute to climate change," lead author of the study, Dr Rajeev Roychand of RMIT's School of Engineering, said in a recent release. He notes that Australia alone produces 75 million kilograms of used coffee grounds each year, most of which ends up in landfills. Coffee grounds can't simply be mixed in raw with standard concrete as they won't bind with the other materials due to their organic content, Dr. Roychand explained. In order to make the grounds more compatible, the team experimented with pyrolyzing the materials at 350 and 500 degrees C, then substituting them in for sand in 5, 10, 15 and 20 percentages (by volume) for standard concrete mixtures.

The team found that at 350 degrees is perfect temperature, producing a "29.3 percent enhancement in the compressive strength of the composite concrete blended with coffee biochar," per the team's study, published in the September issue of Journal of Cleaner Production. "In addition to reducing emissions and making a stronger concrete, we're reducing the impact of continuous mining of natural resources like sand," Dr. Roychand said.

Apple

Apple's Vision Pro Labs Are Drawing Audible Gasps From Developers, Says Company (zdnet.com) 81

According to a recent Apple press release, some developers are reacting with an "audible gasp" when first using the company's upcoming Vision Pro headset. ZDNet reports: Michael Simmons, who's led the team behind popular productivity apps Fantastical and Cardhop described his experience as "like seeing Fantastical for the first time. It felt like I was part of the app." By the time his test session was over, the big takeaway was that "Experiencing spatial computing not only validated the designs we'd been thinking about -- it helped us start thinking not just about left to right or up and down but beyond borders at all." "The first time you see your own app running for real, that's when you get the audible gasp," adds David Smith, podcaster and developer of Widgetsmith.

"It instantly got me thinking about how 3D offerings and visuals could come forward in our experiences," says Chris Delbuck, principal design technologist at Slack, in the Apple press release. Delbuck had first planned to test the iPadOS version of Slack on the Vision Pro, only to realize how much more potential there was in upgrading the UX to suit VisionOS' added layer of depth.

The Almighty Buck

Epic's New Program Lets Developers Keep Their Revenue In Exchange For Exclusivity (theverge.com) 24

An anonymous reader quotes a report from The Verge: Epic Games will let developers keep 100 percent of their net revenues from the Epic Games Store for six months if they choose to make their games or apps exclusives for that time through its new First Run program, the company announced on Wednesday. Typically, Epic lets developers keep 88 percent of their revenues, with the company taking a 12 percent cut. For developers who launch a product through First Run, the split will return to 88 / 12 once the six months are up.

Developers who choose to participate in the Epic First Run program will see a few other benefits as well. Epic says First Run games and apps will be presented to Store users with "new exclusive badging, homepage placements, and dedicated collections" and will be featured in "relevant store campaigns including sales, events, and editorial as applicable." The program is open now, and the first products that will be eligible to be part of the program must launch on or after October 16th. [...] However, developers can be a part of First Run and still release their products on their own stores.
Here's what Epic says about which products are eligible: "A new release game or app which has not been previously released on another third-party PC store or included in a subscription service available on another third-party PC store. Games or apps with a pre-existing exclusivity deal with the Epic Games Store are not eligible for the program."
AI

Meta Releases Code Llama, a Code-Generating AI Model (techcrunch.com) 20

Meta, intent on making a splash in a generative AI space rife with competition, is on something of an open source tear. From a report: Following the release of AI models for generating text, translating languages and creating audio, the company today open sourced Code Llama, a machine learning system that can generate and explain code in natural language -- specifically English. Akin to GitHub Copilot and Amazon CodeWhisperer, as well as open source AI-powered code generators like StarCoder, StableCode and PolyCoder, Code Llama can complete code and debug existing code across a range of programming languages, including Python, C++, Java, PHP, Typescript, C# and Bash.

"At Meta, we believe that AI models, but large language models for coding in particular, benefit most from an open approach, both in terms of innovation and safety," Meta wrote in a blog post shared with TechCrunch. "Publicly available, code-specific models can facilitate the development of new technologies that improve peoples' lives. By releasing code models like Code Llama, the entire community can evaluate their capabilities, identify issues and fix vulnerabilities." Code Llama, which is available in several flavors, including a version optimized for Python and a version fine-tuned to understand instructions (e.g. "Write me a function that outputs the fibonacci sequence"), is based on the Llama 2 text-generating model that Meta open sourced earlier this month. While Llama 2 could generate code, it wasn't necessarily good code -- certainly not up to the quality a purpose-built model like Copilot could produce.

Bitcoin

Bitcoin Developers Push Back Against Craig Wright's Claim to Billions of Dollars in Bitcoin (coindesk.com) 82

Long-time Slashdot reader UnknowingFool writes: In 2021, Craig Wright sued 12 bitcoin developers who refused help him recover 111,000 bitcoins he claimed were lost in a hack. His company, Tulip Trading, wanted the developers to put in a backdoor mechanism in bitcoin that would override the ownership of the coins, arguing it was the developers "fiduciary duty" to assist him. The developers allege (PDF) that Tulip and Wright never owned the coins and the evidence of ownership provided is "fabricated." Tulip Trading "never owned the digital assets and has commenced this claim fraudulently and in reliance on fabricated documents," the developers' lawyers said in a statement. "Dr. Wright has a long history of fraud, forgery, and dishonesty ... [and is using] the English courts as an instrument of fraud."
Java

IBM Says Its Generative AI Tool Can Convert Old COBOL Code To Java (theregister.com) 108

IBM is introducing the watsonx Code Assistant for Z, a tool that uses generative AI to translate COBOL code to Java. This tool is set to be available in Q4 2023 and aims to speed up the translation of COBOL to Java on IBM's Z mainframes. The Register reports: According to IBM, there are billions of lines of COBOL code out there as potential candidates for modernization (a report last year estimated the total figure at 775-850 billion lines). For this reason, the generative AI features in watsonx Code Assistant for Z are intended to help developers to assess and determine the code most in need of modernization, allowing them to more speedily update large applications and focus on critical tasks.

IBM wants to provide tooling for each step of the modernization process, starting with its Application Discovery and Delivery Intelligence (ADDI) inventory and analysis tool. Other steps include refactoring business services in COBOL, transforming the code to Java code, and then validating the resulting outcome with the aid of automated testing. The resulting Java code emitted by watsonx Code Assistant for Z will be object-oriented, but will still interoperate with the rest of the COBOL application IBM claimed, as well as with key services such as CICS, IMS, DB2, and other z/OS runtimes.

Microsoft

Microsoft Announces Python In Excel 92

theodp writes: On Tuesday, Microsoft announced the Public Preview of Python in Excel, which "runs securely on the Microsoft Cloud".

From the Home Office in Redmond: "Python is one of the most popular programming languages today, loved by businesses and students alike and Excel is an essential tool to organize, manipulate and analyze all kinds of data. But, until now, there hasn't been an easy way to make those two worlds work together. Today, we are excited to introduce the Public Preview of Python in Excel -- making it possible to integrate Python and Excel analytics within the same Excel grid for uninterrupted workflow. Python in Excel combines Python's powerful data analysis and visualization libraries with Excel's features you know and love. You can manipulate and explore data in Excel using Python plots and libraries, and then use Excel's formulas, charts and PivotTables to further refine your insights...We're partnering with Anaconda, a leading enterprise grade Python repository used by tens of millions of data practitioners worldwide. Python in Excel leverages Anaconda Distribution for Python running in Azure, which includes the most popular Python libraries such as pandas for data manipulation, statsmodels for advanced statistical modeling, and Matplotlib and seaborn for data visualization....While in Preview, Python in Excel will be included with your Microsoft 365 subscription. After the Preview, some functionality will be restricted without a paid license."

Python creator Guido van Rossum, now a Microsoft Distinguished Engineer, helped define the architecture for Python in Excel and had this to say: "I'm excited that this excellent, tight integration of Python and Excel is now seeing the light of day. I expect that both communities will find interesting new uses in this collaboration, amplifying each partner's abilities. When I joined Microsoft three years ago, I would not have dreamed this would be possible. The Excel team excels!"
Programming

Can You Measure Software Developer Productivity? (mckinsey.com) 157

Long-time Slashdot reader theodp writes: Measuring, tracking, and benchmarking developer productivity has long been considered a black box. It doesn't have to be that way." So begins global management consulting firm McKinsey in Yes, You Can Measure Software Developer Productivity... "Compared with other critical business functions such as sales or customer operations, software development is perennially undermeasured. The long-held belief by many in tech is that it's not possible to do it correctly—and that, in any case, only trained engineers are knowledgeable enough to assess the performance of their peers.

"Yet that status quo is no longer sustainable."

"All C-suite leaders who are not engineers or who have been in management for a long time will need a primer on the software development process and how it is evolving," McKinsey advises companies starting on a developer productivity initiative. "Assess your systems. Because developer productivity has not typically been measured at the level needed to identify improvement opportunities, most companies' tech stacks will require potentially extensive reconfiguration. For example, to measure test coverage (the extent to which areas of code have been adequately tested), a development team needs to equip their codebase with a tool that can track code executed during a test run."

Before getting your hopes up too high over McKinsey's 2023 developer productivity silver bullet suggestions, consider that Googling to "find a tool that can track code executed during a test run" will lead you back to COBOL test coverage tools from the 80's that offered this kind of capability and 40+ year-old papers that offered similar advice (1, 2, 3). A cynic might also suggest considering McKinsey's track record, which has had some notable misses.

Programming

Rust Users Push Back as Popular 'Serde' Project Ships Precompiled Binaries (bleepingcomputer.com) 17

"Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary," reports Bleeping Computer.

"The move has generated a fair amount of push back among developers who worry about its future legal and technical implications, along with a potential for supply chain attacks, should the maintainer account publishing these binaries be compromised." According to the Rust package registry, crates.io, serde has been downloaded over 196 million times over its lifetime, whereas the serde_derive macro has scored more than 171 million downloads, attesting to the project's widespread circulation... The Serde ecosystem consists of data structures that know how to serialize and deserialize themselves along with data formats that know how to serialize and deserialize other things," states the project's website. Whereas, "derive" is one of its macros...

Some Rust developers request that precompiled binaries be kept optional and separate from the original "serde_derive" crate, while others have likened the move to the controversial code change to the Moq .NET project that sparked backlash. "Please consider moving the precompiled serde_derive version to a different crate and default serde_derive to building from source so that users that want the benefit of precompiled binary can opt-in to use it," requested one user. "Or vice-versa. Or any other solution that allows building from source without having to patch serde_derive... Having a binary shipped as part of the crate, while I understand the build time speed benefits, is for security reasons not a viable solution for some library users."

Users pointed out how the change could impact entities that are "legally not allowed to redistribute pre-compiled binaries, by their own licenses," specifically mentioning government-regulated environments.

The official response from Serde's maintainer: "The precompiled implementation is the only supported way to use the macros that are published in serde_derive. If there is implementation work needed in some build tools to accommodate it, someone should feel free to do that work (as I have done for Buck and Bazel, which are tools I use and contribute significantly to) or publish your own fork of the source code under a different name.

"Separately, regarding the commentary above about security, the best path forward would be for one of the people who cares about this to invest in a Cargo or crates.io RFC around first-class precompiled macros so that there is an approach that would suit your preferences; serde_derive would adopt that when available."
Programming

Why DARPA Hopes To 'Distill' Old Binaries Into Readable Code (theregister.com) 54

Researchers at Georgia Tech have developed a prototype pipeline for the Defense Advanced Research Projects Agency (DARPA) that can "distill" binary executables into human-intelligible code so that it can be updated and deployed in "weeks, days, or hours, in some cases." The work is part of a five-year, $10 million project with the agency. The Register reports: After running an executable through the university's "distillation" process, software engineers should be able to examine the generated HAR, figure out what the code does, and make changes to add new features, patch bugs, or improve security, and turn the HAR back into executable code, says GT associate professor and project participant Brendan Saltaformaggio. This would be useful for, say, updating complex software that was written by a contractor or internal team, the source code is no longer or never was to hand and neither are its creators, and stuff needs to be fixed up. Reverse engineering the binary and patching in an update by hand can be a little hairy, hence DARPA's desire for something a bit more solid and automatic. The idea is to use this pipeline to freshen up legacy or outdated software that may have taken years and millions of dollars to develop some time ago.

Saltaformaggio told El Reg his team has the entire process working from start to finish, and with some level of stability, too. "DARPA sets challenges they like to use to test the capabilities of a project," he told us over the phone. "So far we've handled every challenge problem DARPA's thrown at us, so I'd say it's working pretty well." Saltaformaggio said his team's pipeline disassembles binaries into a graph structure with pseudo-code, and presented in a way that developers can navigate, and replace or add parts in C and C++. Sorry, Java devs and Pythonistas: Saltaformaggio tells us that there's no reason the system couldn't work with other programming languages, "but we're focused on C and C++. Other folks would need to build out support for that." Along with being able to deconstruct, edit, and reconstruct binaries, the team said its processing pipeline is also able to comb through HARs and remove extraneous routines. The team has also, we're told, baked in verification steps to ensure changes made to code within hardware ranging from jets and drones to plain-old desktop computers work exactly as expected with no side effects.

Firefox

Firefox Finally Outperforming Google Chrome In SunSpider (phoronix.com) 40

Michael Larabel writes via Phoronix: Mozilla developers are celebrating that they are now faster than Google Chrome with the SunSpider JavaScript benchmark, although that test has been superseded by the JetStream benchmark. Last week a new Firefox Nightly News was published that outlines that "We're now apparently beating Chrome on the SunSpider JavaScript benchmark!" The provided numbers now show Firefox easily beating Chrome in this decade-old JavaScript benchmark. The benchmarks come from AreWeFastYet.com. Meanwhile for the newer and more demanding JetStream 2.0 benchmark, Google Chrome continues to win easily over Firefox. You can learn more about the latest Firefox Nightly build advancements via Firefox Nightly News.

Slashdot Top Deals