An anonymous reader shares this report from Tom's Hardware: When we think about Raspberry Pi, we normally picture single-board computers, but the Raspberry Pi Foundation was started to help kids learn about computers and it wants to help whether or not you own its hardware. The non-profit arm of Raspberry Pi this week released its new, browser-based code editor that's designed for young people (or any people) who are learning.

The Raspberry Pi Code Editor, which is considered to be in beta, is available to everyone for free right now at editor.raspberrypi.org. The editor is currently designed to work with Python only, but the organization says that support for other languages such as HTML, JavaScript and CSS is coming....

The Raspberry Pi Foundation already had a nice set of Python tutorials on its site, but it has adapted some of them to open sample code directly in the online editor....The Pi Foundation says that it plans to add a number of features to the Code Editor, including sharing and collaboration. The organization also plans to release the editor as an open-source project so anyone can modify it.
There's a pane showing your code's output when you click the "Run" button (plus a smaller pane for adding additional files to a project).

Tom's Hardware notes that "Since the entire programming experience takes place online, there's no way (at least right now) to use Python to control local hardware on your PC or your Raspberry Pi." But on the plus side, "If you create a free account on raspberrypi.org, which I did, the system will save all of your projects in the cloud and you can reload them any time you want. You can also download all the files in a project as a .zip file."

InfoWorld reports: Zig, a general purpose programming language that interacts with C/C++ programs and promises to be a modern alternative to C, has made an appearance in the Tiobe index of programming language popularity. Zig entered the top 50 in the April edition of the Tiobe Programming Community Index, ranking 46th, albeit with a rating of just 0.19%. By contrast, the Google-promoted Carbon language, positioned as an experimental successor to C++, ranked just 168th.
Tiobe CEO Paul Jansen argues that high-performance languages "are booming due to the vast amounts of data that needs to be processed nowadays. As a result, C and C++ are doing well in the top 10 and Rust seems to be a keeper in the top 20." Zig has all the nice features of C and C++ (such as explicit memory management enhanced with option types) and has abandoned the not-so-nice features (such as the dreadful preprocessing). Entering the top 50 is no guarantee to become a success, but it is at least a first noteworthy step. Good luck Zig!
Tiobe bases its monthly ranking of programming language popularity on search engine results for courses, third party vendors, and engineers. Here's what they's calculated for the most popular programming languages in April of 2023:

• Python
• C
• Java
• C++
• C#
• Visual Basic
• JavaScript
• SQL
• PHP
• Go

April's top 10 was nearly identical to the rankings a year ago, but assembly language fell from 2022's #8 position to #12 in 2023. SQL and PHP rose one rank (into 2023's #8 and #9 positions) — and as in March, the rankings now shows Go as the 10th most popular programming language.

Four new capabilities are planned for the JavaScript specification's next update, reports InfoWorld. Based on a list of finished proposals, InfoWorld expects the following in ECMAScript 2023: - Array find from last, a proposal for .findlast() and .findLastIndex() methods on array and typed array...

- Permitting symbols as keys in WeakMap keys, a proposal that extends the WeakMap API to allow the use of unique symbols as keys. Currently, WeakMaps are limited to allow only objects as keys.

- Change array by copy, a proposal that provides additional methods on Array.prototype and TypedArray.prototype to enable changes on the array by returning a new copy of it with the change.

- Hashbang grammar, a proposal to match the de facto usage in some CLI JS hosts that allow for Shebangs/Hashbang. These hosts strip the hashbang to generate valid JS source texts before passing to JS engines. This plan would move the stripping to engines and unify and standardize how that is done.

On Thursday patches were submitted for bringing Rust infrastructure to the Video 4 Linux 2 (V4L2) framework (within Linux's media subsystem) by Collabora's Daniel Almeida.

Phoronix reports: This provides just enough for working with a prototype VirtIO camera driver written in Rust along with a Rust sample driver. These initial patches are just intended to start the discussion around V4L2 Rust driver support and the actual upstreaming of the Rust support for these camera drivers may still be some ways down the line.

Multiple employees of Samsung's Korea-based semiconductor business plugged lines of confidential code into ChatGPT, effectively leaking corporate secrets that could be included in the chatbot's future responses to other people around the world. PCMag reports: One employee copied buggy source code from a semiconductor database into the chatbot and asked it to identify a fix, according to The Economist Korea. Another employee did the same for a different piece of equipment, requesting "code optimization" from ChatGPT. After a third employee asked the AI model to summarize meeting notes, Samsung executives stepped in. The company limited each employee's prompt to ChatGPT to 1,024 bytes.

Just three weeks earlier, Samsung had lifted its ban on employees using ChatGPT over concerns around this issue. After the recent incidents, it's considering re-instating the ban, as well as disciplinary action for the employees, The Economist Korea says. "If a similar accident occurs even after emergency information protection measures are taken, access to ChatGPT may be blocked on the company network," reads an internal memo. "As soon as content is entered into ChatGPT, data is transmitted and stored to an external server, making it impossible for the company to retrieve it."

The OpenAI user guide warns users against this behavior: "We are not able to delete specific prompts from your history. Please don't share any sensitive information in your conversations." It says the system uses all questions and text submitted to it as training data.

Longtime Slashdot reader Esther Schindler writes: When you learn a new tool/technology, you need to create a sample application, which cannot use real in-house data. Why not use something fun for the sample application's data, such as a Star Wars API or a data collection about World Cup contests? Esther Schindler, Slashdot user #16185, assembled a groovy collection of datasets that may be useful but also may be a source of fascinating internet rabbit holes. For those interested in datasets, Esther also recommends the Data is Plural newsletter and the website ResearchBuzz, which shares dataset descriptions as well as archive-related news and tools.

"Google Research maintains a search site for test datasets, too, if you know what you're looking for," adds Esther. There's also, of course, Kaggle.com.

The ACM's software engineering magazine Queue delves into the latest draft for "a new major revision of the C language standard, C23... due out this year," noting the highs, lows, and several useful new features. The most important, if not the most exciting, make it easier to write safe, correct, and secure code. For example, the new header standardizes checked integer arithmetic:

int i =...; unsigned long ul =...; signed char sc =...;
bool surprise = ckd_add(&i, ul, sc);

The type-generic macro ckd_add() computes the sum of ul and sc "as if both operands were represented in a signed integer type with infinite range." If the mathematically correct sum fits into a signed int, it is stored in i and the macro returns false, indicating "no surprise"; otherwise, i ends up with the sum wrapped in a well-defined way and the macro returns true. Similar macros handle multiplication and subtraction. The ckd_* macros steer a refreshingly sane path around arithmetic pitfalls including C's "usual arithmetic conversions."

C23 also adds new features to protect secrets from prying eyes and programmers from themselves. The new memset_explicit() function is for erasing sensitive in-memory data; unlike ordinary memset, it is intended to prevent optimizations from eliding the erasure. Good old calloc(size_t n, size_t s) still allocates a zero'd array of n objects of size s, but C23 requires that it return a null pointer if n*s would overflow.

In addition to these new correctness and safety aids, C23 provides many new conveniences: Constants true, false, and nullptr are now language keywords; mercifully, they mean what you expect. The new typeof feature makes it easier to harmonize variable declarations. The preprocessor can now #embed arbitrary binary data in source files. Zero-initializing stack-allocated structures and variable-length arrays is a snap with the new standard "={}" syntax. C23 understands binary literals and permits apostrophe as a digit separator, so you can declare int j = 0b10'01'10, and the printf family supports a new conversion specifier for printing unsigned types as binary ("01010101"). The right solution to the classic job interview problem "Count the 1 bits in a given int" is now stdc_count_ones().

Sadly, good news isn't the only news about C23. The new standard's nonfeatures, misfeatures, and defeatures are sufficiently numerous and severe that programmers should not "upgrade" without carefully weighing risks against benefits...
The article complains that C23 "transforms decades of perfectly legitimate programs into Molotov cocktails," citing the way C23 now declares realloc(ptr,0) to be undefined behavior. ("Compile old code as C23 only for good reason and only after verifying that it doesn't run afoul of any constriction in the new standard.") It also criticizes C23's new unreachable annotation, as well as its lack of improvement on pointers. "Comparing pointers to different objects (different arrays or dynamically allocated blocks of memory) is still undefined behavior, which is a polite way of saying that the standard permits the compiler to run mad and the machine to catch fire at run time."

The article even cites the obligatory XKCD cartoon. "Let's not overthink it; if this code is still in use that far in the future, we'll have bigger problems."

IEEE Spectrum reports on Codon, a Python compiler specifically developed to, as they put it, "turbocharge Python's Notoriously slow compiler."

"We do type checking during the compilation process, which lets us avoid all of that expensive type manipulation at runtime," says Ariya Shajii, an MIT CSAIL graduate student and lead author on a recent paper about Codon. Without any unnecessary data or type checking during runtime, Codon results in zero overhead, according to Shajii. And when it comes to performance, "Codon is typically on par with C++. Versus Python, what we usually see is 10 to 100x improvement," he says. But Codon's approach comes with its trade-offs. "We do this static type checking, and we disallow some of the dynamic features of Python, like changing types at runtime dynamically," says Shajii. "There are also some Python libraries we haven't implemented yet...."

Codon was initially designed for use in genomics and bioinformatics. "Data sets are getting really big in these fields, and high-level languages like Python and R are too slow to handle terabytes per set of sequencing data," says Shajii. "That was the gap we wanted to fill — to give domain experts who are not necessarily computer scientists or programmers by training a way to tackle large data without having to write C or C++ code." Aside from genomics, Codon could also be applied to similar applications that process massive data sets, as well as areas such as GPU programming and parallel programming, which the Python-based compiler supports. In fact, Codon is now being used commercially in the bioinformatics, deep learning, and quantitative finance sectors through the startup Exaloop, which Shajii founded to shift Codon from an academic project to an industry application.

To enable Codon to work with these different domains, the team developed a plug-in system. "It's like an extensible compiler," Shajii says. "You can write a plug-in for genomics or another domain, and those plug-ins can have new libraries and new compiler optimizations...." In terms of what's next for Codon, Shajii and his team are currently working on native implementations of widely used Python libraries, as well as library-specific optimizations to get much better performance out of these libraries. They also plan to create a widely requested feature: a WebAssembly back end for Codon to enable running code on a Web browser.

Gabi Dobocan, writing at auditing firm Sandworm: More than half of all new packages that are currently (29 Mar 2023) being submitted to npm are SEO spam. That is - empty packages, with just a single README file that contains links to various malicious websites. Out of the ~320k new npm packages or versions that Sandworm has scanned over the past week, at least ~185k were labeled as SEO spam. Just in the last hour as of writing this article, 1583 new e-book spam packages have been published. All the identified spam packages are currently live on npmjs.com.

After launching My Ad Center last fall, Google is now introducing the Ads Transparency Center as a "searchable hub of all ads served from verified advertisers." 9to5Google reports: The Ads Transparency Center will let you view all the advertisements a company has run using Google's networks. Each ad includes the date it last ran, format (text, video, etc.), and what region (country) it was shown in: "For example, imagine you're seeing an ad for a skincare product you're interested in, but you don't recognize the brand, or you're curious to understand if you recognize other ads from this brand. With the Ads Transparency Center, you can look up the advertiser and learn more about them before purchasing or visiting their site."

You can search by advertiser (with approximate ad quantity noted) or website, with filters for topics, time, and country. Once an advertiser is selected, Google will show the feed of ads with the ability to select for more details. You'll be able to access it directly here or from the My Ad Center, which lets you customize advertising that appears in Search, Discover, Shopping, and YouTube.

Apple set a June 5 date for the event where it plans to unveil a mixed-reality headset, the first major new product since its smartwatch debuted eight years ago. From a report: The company scheduled its annual Worldwide Developers Conference, better known as WWDC, to kick off on that Monday and run through Friday, June 9. It typically uses the first day of the conference to discuss its next-generation platforms and operating systems. This year's conference will be held as an "all-day experience" at headquarters in Cupertino, California. Central to the agenda this time around will be the headset, likely to be dubbed the Reality One or Reality Pro, Bloomberg News has reported. Apple will also showcase the accompanying xrOS operating system and a way for developers to write apps for the device.

GitHub, the popular developer platform, has laid off virtually its entire engineering team in India as the Microsoft-owned firm cuts its expenses amid weakening global market conditions. From a report: The developer firm has eliminated over 100 jobs in the South Asian market, a person familiar with the matter said. GitHub informed the employees about the job cut on Tuesday.

An anonymous reader shares a report: Back in 2019, Amazon announced Sidewalk, its low-bandwidth, long-range wireless network that uses the 900 MHz spectrum to connect Internet of Things (IoT) devices. It does this by creating a mesh network between Amazon's own Echo and Ring devices and sharing a small part of their owner's bandwidth. Ideally, this means Sidewalk will be able to connect devices that sit beyond the reach of a Bluetooth or Wi-Fi signal. Until now, though, only a select number of developers were able to build applications for the network. But that's changing today. The company is now shipping software and hardware development kits, as well as an easy-to-use test kit to test the available Sidewalk connectivity in your neighborhood.

Using the new test kit, developers will be able to check their local signal strength on a map to get a better sense of whether their devices will be able to connect to the network before they start working on a product. Amazon sent me one of these Ring-branded devices to try. Getting started with it involves little more than powering it up (it does have a battery for mobile usage) and logging into Amazon's web-based Sidewalk coverage service. From there, you can quickly see all of the raw data from the GPS-enabled test kit and get access to Amazon's U.S.-wide coverage map. To ensure user privacy, the coverage maps only show coverage within a 900m-by-900m square area. You will be able to see the exact location of your own device, but not other devices that report into the coverage map.

InfoWorld reports that TypeScript 5.0 is smaller, faster, and simpler: TypeScript 5.0, an update to Microsoft's strongly typed JavaScript variant, is now available as a production release, Microsoft announced March 16. With the upgrade, TypeScript has been rebuilt to use ECMAScript modules. TypeScript 5.0 also modernizes decorators for class customization.

ECMAScript modules reduce package size and boost performance. Decorators, an upcoming ECMAScript feature, allow for customizing classes and their members in a reusable way, Microsoft noted in a March 1 blog post. Decorators can be used on methods, properties, getters, setters, and auto-accessors. Classes can be decorated for subclassing and registration. While TypeScript previously supported experimental decorators, these were modeled on a much older version of the decorators proposal. TypeScript 5.0 will permit decorators to be placed before or after export and export default, a change made since the January 26 beta release of the new version.

Anyone have career advice for this anonymous Slashdot reader? I've had a great career from 1992 to today. I've been a front line coder for most of that, but also a team lead, a supervisor, a project manager, a scrum master, etc. My career has been marked by expediency — I did whatever needed doing at the time, in whatever tools necessary.

However, now I'm 52, and I'm getting tired of leadership and project management, and I would like to return to that front line again. The legacy skills I have are no longer in demand. (They aren't Cobol.) Here's the rub: I am happy to do the work nobody else wants to do. Dead languages, abandoned codebases with little documentation, precariously built systems with rickety infrastructure... I've worked in them before, and I would be fine doing it again.

I'm afraid of nothing, but I don't want to keep climbing the bleeding edge of the technical mountain. I'd be happy to be silently, competently keeping things moving. By 55 I would like to make that move. It's either that or retire, which is an option... but I love the technical work.
They're soliciting suggestions from other Slashdot readers. ("Where to focus? How to prep?") So share your own best advice in the comments.

How can an aging project manager return to coding on unpopular legacy codebases?

Alex Ellis: Earlier this month, Docker sent an email to any Docker Hub user who had created an "organisation", telling them their account will be deleted including all images, if they do not upgrade to a paid team plan. The email contained a link to a tersely written PDF (since, silently edited) which was missing many important details which caused significant anxiety and additional work for open source maintainers. As far as we know, this only affects organisation accounts that are often used by open source communities. There was no change to personal accounts. Free personal accounts have a a 6 month retention period. Why is this a problem?

1. Paid team plans cost 420 USD per year (paid monthly)
2. Many open source projects including ones I maintain have published images to the Docker Hub for years
3. Docker's Open Source program is hostile and out of touch

Why should you listen to me? I was one of the biggest advocates around for Docker, speaking at their events, contributing to their projects and being a loyal member of their voluntary influencer program "Docker Captains". I have written dozens if not hundreds of articles and code samples on Docker as a technology. I'm not one of those people who think that all software and services should be free. I pay for a personal account, not because I publish images there anymore, but because I need to pull images like the base image for Go, or Node.js as part of my daily open source work. When one of our OpenFaaS customers grumbled about paying for Docker Desktop, and wanted to spend several weeks trying to get Podman or Rancher Desktop working, I had to bite my tongue. If you're using a Mac or a Windows machine, it's worth paying for in my opinion. But that is a different matter. Having known Docker's new CTO personally for a very long time, I was surprised how out of touch the communication was. More: Docker: We apologize. We did a terrible job announcing the end of Docker Free Teams..

Microsoft's GitHub unit created one of the first widely deployed programs using OpenAI's language-generation tools -- an app called Copilot that helped software developers write computer code. Now GitHub is adding a chat and voice feature that will let programmers ask how to accomplish certain coding tasks. From a report: The new version announced Wednesday is called Copilot X, which GitHub Chief Executive Officer Thomas Dohmke said he demonstrated to one of his children by asking it how to program a snake game in Python. The chat window can provide explanations of what segments of code are meant to do, create ways to test the code and propose fixes for bugs. Developers can also give instructions or ask questions using their voice.

GitHub first previewed Copilot in 2021 and widely released it last year. The initial product contained a completion tool that suggested snippets of programming code as a software developer typed. It attracted hundreds of thousands of developers by November and its product name had become short-hand for Microsoft's strategy to deploy these kinds of assistive technologies to a wide array of its products, from Office software to security programs. Now that OpenAI's ChatGPT chatbot has made a splash in popular culture, companies are trying to follow Microsoft in embedding the research lab's tools into products and business strategies. At the same time, rivals such as Alphabet's Google are releasing chatbot competitors.

The Reg has seen two recent incidents of Russian developers being blocked from public development of FOSS code. One was a refusal on the Linux kernel mailing list, the other a more general block on Github. In the last week, these events have both caused active, and sometimes heated, discussions in FOSS developer communities. From the report: The GitHub account of developer Alexander Amelkin has been blocked, and his repositories marked as "archived" â" including ipmitool, whose README describes it as "a utility for managing and configuring devices that support the Intelligent Platform Management Interface." Unable to comment on Github itself, Amelkin described what happened on the project's older Soureforge page.

Amelkin works for Russian chipbuilder Yadro, which we described as working on RISC-V chips back in 2021. Microsoft is just obeying US law in this: according to the War and Sanctions database of the Ukrainian National Agency on Corruption Prevention, the NACP, Yadro is a sanctioned company. However, on LinkedIn, Amelkin disputes his employer's involvement. Over on Hacker News, commentators seem to be generally in favor of the move, although the discussion on LWN is more measured, pointing out both that there is little threat from server-management tools like this, but that Microsoft probably has no choice.

Amelkin is not alone. Over on the Linux Kernel Mailing List, a contribution from Sergey Semin has been refused with the terse notice: "We don't feel comfortable accepting patches from or relating to hardware produced by your organization. Please withhold networking contributions until further notice." Semin is a developer at chipmaker Baikal Electronics, a company whose website has been suspended for a year now, as we noted a year ago in a story that also mentions Yadro. We were reporting on Baikal's efforts to develop its own CPUs nearly a decade ago, mere months after the Russian annexation of Crimea. And once again, there is spirited debate over the move on the Orange Site.

Oracle today announced the availability of Java 20, the latest version of the popular programming language and development platform. From a report: The latest version of the 27-year-old language includes thousands of performance, stability and security improvements and features seven enhancement proposals to the Java Development Kit that are aimed at increasing developer productivity and enhancing performance, stability and security. Oracle has coordinated a disciplined rollout of new Java releases on a six-month cadence for the past five years and says it's the top contributor to the open-source project. Java is the world's third most widely used programming language, according to Tiobe Software BV, and is No. 1 in organizational development, according to Oracle. "The innovation pipeline has never been richer," said Chad Arimura, vice president of developer relations at Oracle. "The problem space is changing and developers have higher demands on their programming languages than ever."

Codon is a new "high-performance Python compiler that compiles Python code to native machine code without any runtime overhead," according to its README file on GitHub. Typical speedups over Python are on the order of 10-100x or more, on a single thread. Codon's performance is typically on par with (and sometimes better than) that of C/C++. Unlike Python, Codon supports native multithreading, which can lead to speedups many times higher still.
Its development team includes researchers from MIT's Computer Science and Artificial Intelligence lab, according to this announcement from MIT shared by long-time Slashdot reader Futurepower(R): The compiler lets developers create new domain-specific languages (DSLs) within Python — which is typically orders of magnitude slower than languages like C or C++ — while still getting the performance benefits of those other languages. "We realized that people don't necessarily want to learn a new language, or a new tool, especially those who are nontechnical. So we thought, let's take Python syntax, semantics, and libraries and incorporate them into a new system built from the ground up," says Ariya Shajii SM '18, PhD '21, lead author on a new paper about the team's new system, Codon. "The user simply writes Python like they're used to, without having to worry about data types or performance, which we handle automatically — and the result is that their code runs 10 to 100 times faster than regular Python. Codon is already being used commercially in fields like quantitative finance, bioinformatics, and deep learning."

The team put Codon through some rigorous testing, and it punched above its weight. Specifically, they took roughly 10 commonly used genomics applications written in Python and compiled them using Codon, and achieved five to 10 times speedups over the original hand-optimized implementations.... The Codon platform also has a parallel backend that lets users write Python code that can be explicitly compiled for GPUs or multiple cores, tasks which have traditionally required low-level programming expertise.... Part of the innovation with Codon is that the tool does type checking before running the program. That lets the compiler convert the code to native machine code, which avoids all of the overhead that Python has in dealing with data types at runtime.

"Python is the language of choice for domain experts that are not programming experts. If they write a program that gets popular, and many people start using it and run larger and larger datasets, then the lack of performance of Python becomes a critical barrier to success," says Saman Amarasinghe, MIT professor of electrical engineering and computer science and CSAIL principal investigator. "Instead of needing to rewrite the program using a C-implemented library like NumPy or totally rewrite in a language like C, Codon can use the same Python implementation and give the same performance you'll get by rewriting in C. Thus, I believe Codon is the easiest path forward for successful Python applications that have hit a limit due to lack of performance."

The other piece of the puzzle is the optimizations in the compiler. Working with the genomics plugin, for example, will perform its own set of optimizations that are specific to that computing domain, which involves working with genomic sequences and other biological data, for example. The result is an executable file that runs at the speed of C or C++, or even faster once domain-specific optimizations are applied.