"It's that time of year again when we come together to support and celebrate the open source technologies we use and love," announces a post on Digital Ocean's blog. Hacktoberfest is a monthlong celebration of open source software. It was started at DigitalOcean as a way to foster a sense of community and encourage more participation in open source projects. To reward Hacktoberfest contributors, we've designed a limited edition T-shirt for those who complete the challenge each year. This year, the first 50,000 participants will be eligible to receive the limited edition shirt...

One of the enticing elements of this celebration is that you don't have to leave the comfort of your office or home to participate. But each year, more and more Hacktoberfest events have been organized since we introduced the Event Kit. In 2018 alone, there were 251 Hacktoberfest events. All of these took place during October and happened in 50 countries. With October five days away, we're already expecting to exceed last year's number of events! Wow... if you're in or around New York City, we invite you to join us at the Hacktoberfest kickoff celebration at the DigitalOcean headquarters...

This year, we're also hoping to drive awareness of the negative impacts many people around the world are experiencing due to the many environmental crises we're faced with -- and encourage participation in projects that are targeting these causes. We've identified a handful of projects on GitHub that focus on supporting the environment, which you can find in our Climate section. We hope you'll consider contributing to some of the impactful work being done by activists, scientists, and mission-driven organizations around the globe... Let's join forces to make a difference!
Last year's Hacktoberfest saw 401,231 pull requests on GitHub, according to the blog post.

Matthew Garrett is a security developer at Google and a Linux contributor who in 2014 won the Free Software Foundation's annual "Advancement of Free Software" award. But now he's asking if we need to re-think what free software is: If users can pay Amazon to provide a hosted version of a piece of software, there's little incentive for them to pay the authors of that software. This has led to various projects adopting license terms such as the Commons Clause that effectively make it nonviable to provide such a service, forcing providers to pay for a commercial use license instead. In general the entities pushing for these licenses are VC backed companies who are themselves benefiting from free software written by volunteers that they give nothing back to, so I have very little sympathy. But it does raise a larger issue -- how do we ensure that production of free software isn't just a mechanism for the transformation of unpaid labour into corporate profit...?

At the same time, people are spending more time considering some of the other ethical outcomes of free software. Copyleft ensures that you can share your code with your neighbour without your neighbour being able to deny the same freedom to others, but it does nothing to prevent your neighbour using your code to deny other fundamental, non-software, freedoms. As governments make more and more use of technology to perform acts of mass surveillance, detention, and even genocide, software authors may feel legitimately appalled at the idea that they are helping enable this by allowing their software to be used for any purpose. The JSON license includes a requirement that "The Software shall be used for Good, not Evil", but the lack of any meaningful clarity around what "Good" and "Evil" actually mean makes it hard to determine whether it achieved its aims.

As stewards of the free software definition, the Free Software Foundation should be taking the lead in ensuring that these issues are discussed. The priority of the board right now should be to restructure itself to ensure that it can legitimately claim to represent the community and play the leadership role it's been failing to in recent years, otherwise the opportunity will be lost and much of the activist energy that underpins free software will be spent elsewhere. If free software is going to maintain relevance, it needs to continue to explain how it interacts with contemporary social issues. If any organisation is going to claim to lead the community, it needs to be doing that.

OneHundredAndTen writes: According to this Forbes article, the Pentagon is worried that many in the USA's military nerve center claim to use Agile methods, when in fact, they aren't. Those responsible for these things at the Pentagon have therefore come up with a Detecting Agile BS document, so people can tell when they are doing Agile vs. when they are doing BS Agile. The implicit conclusion seems to be the usual "if it doesn't work for you, you are not doing it right."
The article was written by the author of The Age of Agile: How Smart Companies Are Transforming the Way Work Gets Done, a 2018 book arguing "An unstoppable business revolution is under way -- and it is Agile. Companies that embrace Agile Management learn to connect everyone and everything...all the time. They can deliver instant, intimate, frictionless value on a large scale." The book's author is Stephen Denning, who spent four years as Program Director of Knowledge Management during his decades of management at the World Bank.

His Forbes article this week warns "effective software development at DoD is not just a narrow issue affecting a few software developers. Questions of national cyber security and the integrity of the upcoming U.S. presidential election may depend on it... Fresh thinking and Agile mindsets are urgently needed."

An anonymous reader quotes a report from Science Magazine: The U.S. Department of Justice (DOJ) released new rules yesterday governing when police can use genetic genealogy to track down suspects in serious crimes -- the first-ever policy covering how these databases, popular among amateur genealogists, should be used in law enforcement attempts to balance public safety and privacy concerns. The DOJ interim policy, which takes effect on 1 November, is intended to "balance the Department's relentless commitment to solving violent crime and protecting public safety against equally important public interests," such as privacy and civil liberties, a press release states. The policy says "forensic genetic genealogy" should generally be used only for violent crimes such as murder and rape, as well as to identify human remains. (The policy permits broader use if the ancestry database's policy allows such searches.) Police should first exhaust traditional crime solving methods, including searching their own criminal DNA databases.

Under the new policy, police can't quietly upload a fake profile to a genealogy website, as some have done in hopes of finding a suspect's distant relatives, without first identifying themselves. And the site itself must have informed its users that law enforcement agencies may search their data. The policy also bars police from using a suspect's DNA profile to look for genes related to disease risks or psychological traits. Another provision attempts to limit situations in which police secretly take a DNA sample from a suspect's relative -- from a discarded cup or tissue, for example -- to help home in on a suspect. The policy says the person must give their informed consent unless police have obtained a search warrant.

Developer Riley Testut is launching an alternative to Apple's App Store, called AltStore, that theoretically lets you "push the boundaries" of iOS without either jailbreaking or worrying that Apple will pull access. Engadget reports: AltStore works by fooling your device into believing that you're a developer sideloading test apps. It uses an app on your Mac or Windows PC to re-sign apps every seven days, using iTunes' WiFi syncing framework to reinstall them on your device before they expire. You only need a free Apple ID (a throwaway will do) to install apps that Apple would never allow, such as Testut's Delta emulator for Nintendo consoles.

In theory, there's not much Apple can do to easily shut things down. It could take down individual accounts, but you could just create another Apple ID if needed. Also, iOS only looks for an excessive number of app provisioning profiles, not the number of apps you have installed. So long as AltStore manages those profiles, Apple doesn't know if you're running one app or twenty. Testut told The Verge that measures to block AltStore would break key functionality for developers or iTunes syncing. AltStore is available in preview form now, with a formal launch due on September 28th. "People who back Testut's Patreon will also have the option to install almost any app, not just those in the store," the report adds.

wired_parrot shares a report from the BBC: Released in 1982, Entombed was far from a best-seller and today it's largely forgotten. But recently, a computer scientist and a digital archaeologist decided to pull apart the game's source code to investigate how it was made. An early maze-navigating game, Entombed intrigued the researchers for how early programmers solved the problem of drawing a solvable maze that is drawn procedurally. But they got more than they bargained for: they found a mystery bit of code they couldn't explain (Link to full paper). The fundamental logic that determines how the maze is drawn is locked in a table of possible values written in the games code. However, it seems the logic behind the table has been lost forever.

This week Stack Overflow's CEO/founder Joel Spolsky spoke to Clive Thompson, the tech journalist who just published the new book Coders: the Making of a New Tribe and the Remaking of the World . "It's a sort of ethnographic history of this particular tribe," explains a blog post at Stack Overflow, "examining how software developers fit into the world of business and culture and how their role in society has shifted in recent decades.

"The official conversation kicked off after a 15-minute tangent on Joel's collection of Omni magazine and the formative role this publication had for both men." Some excerpts: Clive: The question in my mind is, who is interested in this? What gets them bit by the bug so they are willing to crawl over all the broken glass that is the daily work.

Joel: In my time, it was the absolute control. Whatever code you wrote, that's what executed. There was no translation. It wasn't like, well the flour was kind of old, and I tried to make the souffle but it collapsed. Unlike so many things you will try to accomplish as a child or an adult, where you work on something but it doesn't turn out as you expect it to, with code it will do exactly what you told it. Even if that's not what you meant. You might suddenly realize you're obeying me to the point of making me angry.

Clive: The monkey's paw thing. I shouldn't have wished for that.

Joel: But the computer is still being completely obedient.

Clive: That thrill is a common thread I found in my research, from the 1960s through today. I will talk to people in their 80s who worked on machines the size of an entire room, and it's the same damn thing talking to a 15-year-old girl at an afterschool program working on a raspberry pi or P5. There is something unique about the micro-world that is inside the machine, qualitatively different from our real world.

Joel: It's sort of utopian. Things behave as they are supposed to. The reason I put a question mark on that, as programmers move higher and higher up the abstraction tree, that kinda goes away.

Clive: I think the rise of machine learning is an interesting challenge to the traditional craft of software development. Some of the people I spoke with for the book aren't interested in it because they don't like the idea of working with these indeterminate training systems... there is something unsettling about not really knowing what's going on with what you're building.

Joel: I just picked up Arduino a year ago and that was enormously fun because it was like going back to C, instead of all these fancy high-level languages where you don't know what they are going to do. It offered a really detailed level of control. If something doesn't work, you can figure it out, because everything is tractable.
They also discussed the future of coding -- and took a fond look back at its past. Spolsky remembers his first exposure to computers was an interactive terminal system connected to a mainframe that ran FORTRAN, BASIC, and PL/I programs. "Many, many years later I realized there was no way they had enough memory for three compilers and in fact what they had was a very simple pre-processsor that made Basic, FORTRAN, and PL/I all look like the same mush.

"It was a very crappy subset of each of those three languages."

An anonymous reader quotes Tom's Hardware: One Raspberry Pi can make a nice web server, but what happens if you put more than 1,000 of them together? At Oracle's OpenWorld convention on Monday, the company showed off a Raspberry Pi Supercomputer that combines 1,060 Raspberry Pis into one powerful cluster.

According to ServeTheHome, which first reported the story, the supercomputer features scores of racks with 21 Raspberry Pi 3 B+ boards each. To make everything run well together, the system runs on Oracle Autonomous Linux... Every unit connects to a single rebranded Supermicro 1U Xeon server, which functions as a central storage server for the whole supercomputer. The Oracle team also created custom, 3D printed brackets to help support all the Pis and connecting components...

ServeTheHome asked Oracle why it chose to create a cluster of Raspberry Pis instead of using a virtualized Arm server and one company rep said simply that "...a big cluster is cool."

intensivevocoder writes: Bryan Bogensberger's exit from npm, inc was quietly announced Friday afternoon in a press release stating that Bogensberger "resigned effective immediately to pursue new opportunities." This marked likely one of the few quiet actions in Bogensberger's tumultuous tenure as CEO of npm, the popular package manager of Node.js. Bogensberger started as CEO on January 9 this year, as part of a move announced by original author and co-founder Isaac Z. Schlueter as part of a plan to commercialize the service. Bogensberger's involvement with the company started in mid-2018, although he was not formally named CEO until 2019 pending the resolution of visa requirements. "Commercializing something like this without ruining it is no small task, and building the team to deliver on npm's promise is a major undertaking. We've sketched out a business plan and strategy for the next year, and will be announcing some other key additions to the team in the coming months," Schlueter wrote in January.

Facebook revealed Friday that it had suspended "tens of thousands" of apps that may have mishandled users' personal data, [Editor's note: the link may be paywalled; alternative source] part of an investigation sparked by the social giant's entanglement with Cambridge Analytica. From a report: The suspensions -- far more than the hundreds against which Facebook has taken action against in the past -- occurred for a "variety of reasons," the company said in a blog post, without elaborating. They were associated with about 400 developers. Facebook said it had investigated millions of apps and targeted those that Facebook said had access to "large amounts of information" or had the "potential to abuse" its policies. Facebook said some of the apps were banned for inappropriately sharing users' data, the same violation of company policy that led to the Cambridge Analytica scandal. It added that its investigation, now 18 months long, isn't yet complete.

Just how important will the ability to write computer code be to a successful career on Wall Street? From a report: According to R. Martin Chavez, an architect of Goldman Sachs Group's effort to transform itself with technology, "It's like writing an English sentence." As Chavez prepares to leave the company, the onetime commodities staffer who rose to posts overseeing technology and ultimately trading is reflecting on his "26-year adventure" in the industry. "The short, short description of it is making money, capital and risk programmable," he said in a Bloomberg Television interview. "There are certainly many kinds of manual activities that computers are just better at."

Chavez, 55, outlined strengths that can help humans stay relevant, such as their relationship skills and ability to assess risks. Yet he predicted that longstanding career dichotomies on Wall Street, like trader versus engineer, will go away. To keep working, people will need both of those skills. Even money is going digital, a shift that goes far beyond cryptocurrencies, he said, pointing to the success of Stripe as an example of creating new ways to move funds. Stripe, for its part, has become one of the most valuable companies in Silicon Valley.

An anonymous reader quotes a report from Ars Technica: Sega and Sports Interactive have announced that Football Manager 2020 will be sold in new eco-friendly package that uses much less plastic, and they're pushing for the rest of the entertainment industry to follow suit. The new packaging replaces the now-standard plastic DVD case used for most game discs with a folded, reinforced cardboard sleeve made of 100% recycled fiber. The shrinkwrap surrounding that package has also been replaced with a low-density LDPE polyethylene that's highly recyclable. Even the ink on the cardboard has been changed out for a vegetable-and-water-based version (so it's technically vegan if you're desperate for a snack).

The new packaging does cost a bit more to produce -- about 20 (British) cents per unit (or 30 percent), according to an open letter from Sports Interactive Studio Director Miles Jacobson. But those costs are somewhat offset by reduced shipping and destruction costs for excess units, he added. And as Spanish footballer Hector Bellerin says in a video accompanying the letter, "if there's no Earth, there's no money to spend." All told, Jacobson says the new packaging will save 55 grams of plastic per unit, or 20 tonnes across a print run of over 350,000. That's an extremely tiny dent in the estimated 335 million tons of plastic that is produced annually worldwide. But Jacobson hopes it could add up to a sizable dent if the entire industry follows suit for the tens of millions of discs it produces each year. "We're not the biggest game in the world," Jacobson said. "Imagine what happens if every other game, every film company, every music company switches to this packaging... So I'm throwing down the gauntlet here to ALL entertainment companies who use plastic for their Blu Ray, DVD and CD packaging."

A scam. A publicity stunt. Premature. These are just a few of the things Chinese developers are saying about the release of Huawei's supposed secret weapon: The Ark Compiler. From a report: Developers are even claiming the program feels incomplete. The reception has been so bad that one programmer told Abacus that he wondered whether it was released just for publicity. "Maybe they're doing it to help in the PR and trade war, adding leverage against the US," said Max Zhou, co-founder of app-enhancement company MetaApp and former head of engineering at Mobike. The Ark Compiler is a key component of Huawei's new operating system, HarmonyOS. The tool is meant to allow developers to quickly port their Android apps to the new OS, ideally helping to quickly bridge the gap of app availability. It is also said to be able to improve the efficiency of Android apps, making them as smooth as apps on iOS. As of right now, though, developers say promises are too good to be true.

Who should be responsible for maintaining and troubleshooting open-source projects? From a report: When you buy a product like Philips Hue's smart lights or an iPhone, you probably assume the people who wrote their code are being paid. While that's true for those who directly author a product's software, virtually every tech company also relies on thousands of bits of free code, made available through "open-source" projects on sites like GitHub and GitLab. Often these developers are happy to work for free. Writing open-source software allows them to sharpen their skills, gain perspectives from the community, or simply help the industry by making innovations available at no cost. According to Google, which maintains hundreds of open-source projects, open source "enables and encourages collaboration and the development of technology, solving real-world problems."

But when software used by millions of people is maintained by a community of people, or a single person, all on a volunteer basis, sometimes things can go horribly wrong. The catastrophic Heartbleed bug of 2014, which compromised the security of hundreds of millions of sites, was caused by a problem in an open-source library called OpenSSL, which relied on a single full-time developer not making a mistake as they updated and changed that code, used by millions. Other times, developers grow bored and abandon their projects, which can be breached while they aren't paying attention. It's hard to demand that programmers who are working for free troubleshoot problems or continue to maintain software that they've lost interest in for whatever reason -- though some companies certainly try. Not adequately maintaining these projects, on the other hand, makes the entire tech ecosystem weaker. So some open-source programmers are asking companies to pay, not for their code, but for their support services. Daniel Stenberg is one of those programmers. He created cURL, one of the world's most popular open-source projects.

In 107 days, Python 2 -- first released in 2000 -- will officially sunset, according to an announcement this week by "volunteers who make and take care of the Python programming language."

But according to TechRepublic, not everybody is ready: Given Python's popularity and ubiquity, the amount of business logic hinging on Python is quite vast, presenting an issue for organizations still clinging to Python 2. JPMorgan's Athena trading platform is one of those applications -- while access has only been available directly to clients since 2018, the Athena platform is used internally at JPMorgan for pricing, trading, risk management, and analytics, with tools for data science and machine learning. This extensive feature set utilizes over 150,000 Python modules, over 500 open source packages, and 35 million lines of Python code contributed by over 1,500 developers, according to data presented by Misha Tselman, executive director at J.P. Morgan Chase in a talk at PyData 2017.

Migrating 35 million lines of code from Python 2 to Python 3 is quite the undertaking -- and JPMorgan is going to miss the deadline, according to eFinancialCareers, stating that JPMorgan's roadmap puts "most strategic components" compatible with Python 3 by the end of Q1 2020 -- that is, three months after the end of security patches -- with "all legacy Python 2.7 components" planned for compatibility with Python 3 by Q4 2020.

Modern developer practices are needed to maintain a project of this scale -- fortunately, JPMorgan uses Continuous Delivery, with 10,000 to 15,000 production changes per week, according to Tselman.
The eFinancialCareers site argues that banks "have been dragging their feet," adding that JPMorgan is not the only bank that still hasn't migrated to Python 3.

The Python volunteers are pointing concerned individuals to the Python 2.7 Countdown Clock, and their announcement also links to a list of support and migration vendors, adding "If you can pay to hire someone to help you, post on the job board or hire a consultant. If you need free help from volunteers, look at this help page."

An anonymous reader quotes ZDNet: While Sun open-sourced some of Java as long ago as November 2006, actually using Java in an open-source way was... troublesome. Just ask Google about Android and Java. But for Java in the enterprise things have changed. On September 10, The Eclipse Foundation announced the full open-source release of the Jakarta EE 8 Full Platform and Web Profile specifications and related Technology Compatibility Kits (TCKs).

This comes after Oracle let go of most of Java Enterprise Edition's (JEE) intellectual property. Oracle retains Java's trademarks though -- thus Java EE's naming convention has been changed to Jakarta EE. But for practical programming and production purposes Jakarta EE 8 is the next generation of enterprise Java.... Jakarta EE 8 also includes the same APIs and Javadoc using the same programming model Java developers have always used. The Jakarta EE 8 TCKs are based on and fully compatible with Java EE 8 TCKs. All of this means enterprise customers will be able to migrate to Jakarta EE 8 without any changes to Java EE 8 applications.

Eclipse hasn't been doing this in a vacuum. Fujitsu, IBM, Oracle, Payara, Red Hat, Tomitribe, and other members of what was once the Java community have been working on Jakarta EE... All of the Jakarta EE Working Group vendors intend to certify their Java EE 8 compatible implementations as Jakarta EE 8 compatible. In other words, Jakarta is the future for Java EE.
Oracle is now working on delivering a Java EE 8 and Jakarta EE 8 compatible implementation of their WebLogic Server.

The Eclipse Foundation says Jakarta EE 8's release "provides a new baseline for the evolution and innovation of enterprise Java technologies under an open, vendor-neutral, community-driven process."

Google's previewing something new in the SDK for their Dart programming language: machine learning-powered automatic code completion.

ZDNet reports: ML Complete works with the editor to offer developers completions as they type their code. It's also meant to help developers quickly explore lists of completions that are likely to be what they want next, rather than having to sort through options alphabetically. "With code completions, developers can both avoid misspellings and explore APIs by typing the beginning of expected symbols and choosing from the offered completions," explains Google project manager Michael Thomsen in his article, 'Announcing Dart 2.5: Supercharged development'.

Google's take on AI-powered code completion for Dart relies on a model trained on a large body of Dart code on GitHub. The model is powered by Google's TensorFlow Lite deep-learning framework and can predict what developers will type next as they're editing code.
ML Complete is built into the Dart analyzer, meaning the preview is available in "Dart-enabled editors" including Android Studio, IntelliJ, and VS Code.

Almost a year ago, Discord launched its own games store and overhauled the Nitro subscription service to offer access to a library of games in addition to other chat and server related perks. From a report: The app's store has gone through several changes over the year, with games ultimately being sold directly through developers' Discord servers instead of the original dedicated portal. However, the library of games Nitro subscribers get access to is getting axed, and its because almost nobody actually played them, per Discord. "We learned a lot from all of you over the last year. Through your valuable feedback, it became clear that while we and some of you love these games, the truth is the vast majority of Nitro subscribers didn't play them," said the company in a blog post today.

"So, after careful consideration, we won't be hitting Continue when these contracts come up for renewal. The removal affects users who are registered for the $9.99 per month (or the $99.99 annual) Nitro subscription, who will no longer be able to play the almost 100-strong catalog of games -- seen on the left image -- from October 15, 2019. To those who may have been caught off guard by the announcement and want to cancel Nitro, Discord is also offering refunds on the subscription.

urdak writes: Four years ago, ScyllaDB introduced Scylla -- a new open-source NoSQL database, compatible with the popular Cassandra but 10 times faster. Today, the project announced support for the DynamoDB API as well. This will allow applications that use Amazon's DynamoDB to be migrated to other public or private clouds -- running on Scylla instead of DynamoDB. Beyond the added choice, large users may also see their cloud bills drastically reduced by moving to Scylla: ScyllaDB reported in the past that the total cost of running Scylla is only one seventh the cost of DynamoDB.

An anonymous reader shares a report: When Microsoft bought 6Wunderkinder, the developer of Wunderlist, in 2015, officials said they planned to shut down that task-management app at some point and replace it with its own To Do app. That move still hasn't happened. But this week, Microsoft is rolling out a redesign of To Do that attempts to make it look more like Wunderlist. On September 9, Microsoft introduced the redesigned To Do, which has smaller headers and more colors. The app is more customizable now with a variety of backgrounds, "including the beloved Berlin TV tower that was a feature in Wunderlist." The app can sync across Mac, iOS, Android, Windows and the Web. And it integrates with Microsoft work or school email accounts; hosted email accounts like Outlook, Hotmail or Live; Microsoft Planner; and Microsoft Launcher on Android. Just so it happens, last week Wunderlist founder Christian Reber said that he'd like to buy Wunderlist back from Microsoft. Today he tweeted "GREAT timing," in regards to Microsoft's To Do makeover.