Password Authentication for Web & Mobile Apps (book)

Learn how to make password authentication for web and mobile apps secure.

WebKit Features in Safari 17.0

Safary 17 adds <search> and <popover> elements, JPEG XL, various new CSS features, Storage API, newest Set methods (intersection, union, difference, etc.), URL.canParse, and more.

Racket->Rhombus: To Sexp or not to Sexp?

Racket developers have been working on a new language built on top of Racket called Rhombus.

I’ll provide a quick introduction to Rhombus, look into what makes it different from other Lisps, and provide some reflections on my initial experiences with trying out Rhombus with a side-by-side Racket-vs-Rhombus case-study on a simple “real-world” problem that I was working on. Can a man learn to live without parentheses? Let’s find out!

A look at Apple’s new Transformer-powered predictive text model

A bit of reverse engineered information on the internals of Apple’s predictive text model in macOS Sonoma/iOS 17.

Bun 1.0

Bun is a fast, all-in-one toolkit for running, building, testing, and debugging JavaScript and TypeScript, from a single file to a full-stack application. Today, it’s ready for production.

See also the announcement video.

Mojo is available for download

The first release of the Mojo SDK comes with everything you need to easily develop Mojo programs.

Includes the Mojo itself, VSCode extension and Jupyter kernel.

Not open source yet.

How to Write a Secure JWT Library If You Absolutely Must

Scott Arciszewski:

If you can get away with never using JWT, all the better. Unfortunately, you don’t always have a choice in the matter. Sometimes you need a JWT parser for the sake of interoperability or backwards compatibility. Other times, you need one for political reasons.

As one of JWT’s most vocal critics, and a cryptography/security nerd who obsesses over making tools that are easy to use and hard to misuse, I thought I would take a stab at the opposite of the above approaches. Rather than list off the known ways to implement JWT insecurely and muse about mitigation strategies, I will instead offer my strategy for building a JWT library from better security principles.

Making sense of probability

The examples on these page[s] are everyday, popular examples of probability problems that people normally get wrong or do not understand.

Baby's first wasm compiler

How to make a compiler from a toy language into WebAssembly.

Meta releases Code LLama

Code Llama is a state-of-the-art LLM capable of generating code, and natural language about code, from both code and natural language prompts.

femtolisp — a lightweight, robust, scheme-like lisp implementation

Almost everybody has their own lisp implementation. Some programmers’ dogs and cats probably have their own lisp implementations as well. This is great, but too often I see people omit some of the obscure but critical features that make lisp uniquely wonderful. These include read macros like #. and backreferences, gensyms, and properly escaped symbol names. If you’re going to waste everybody’s time with yet another lisp, at least do it right damnit.

C and C++ Prioritize Performance over Correctness

Russ Cox shows how clang optimizes everything away.

WTF is going on with R7RS Large?

The reaction to John Cowan’s resignation as chair of the R7RS Large working group has been somewhat wider than I think anyone expected, …

What’s happening? Is Scheme dying? Will R7RS carry on? Find out below!

Go 1.21 released

New min, max, and clear functions, slog package for structured logging, slices and maps, packages and other additions and improvements.

Go 1.22 will probably change the semantics of for loop variable capturing to a more reasonable one, and 1.21 provides a way to test your programs for this change.

Zig 0.11 released

Lots of changes.

LTS == 15 Years Not 5

High quality software written in the 1970s is still in production use today.

See my previous post on COBOL. We need new COBOL programmers to support these systems!

Those of us creating medical devices, software for factory lines, and systems that matter need a minimum of 15 years for an LTS especially if you have it in your fool head we should pay money for it. Over that course of time you cannot drop our operating system just because you want to. You cannot expect us to use the version you built last week, “move to a subscription model” or any of that.

Not sure why LTS support is needed for software that never gets upgraded anyway though:

Computers used in factory production systems are never “upgraded.” They will keep doing the tasks required to make that product until the line shuts down for good. In the medical device world this is mandated by federal law. It’s not uncommon for a company to get three units certified during the initial certification process then place two in storage. If one dies it is a minor paperwork thing to replace with an already certified unit.

Python no-GIL proposal is accepted

Steering Council accented the proposal to make the GIL (Global Interpreter Lock) optional.

CPython’s global interpreter lock (“GIL”) prevents multiple threads from executing Python code at the same time. The GIL is an obstacle to using multi-core CPUs from Python efficiently.

The proposal will be implemented gradually:

Short term, we add the no-GIL build as an experimental build mode, presumably in 3.13 (if it slips to 3.14, that is not a problem)

Long-term (probably 5+ years), the no-GIL build should be the only build.

LPython: Novel, Fast, Retargetable Python Compiler

LPython is a Python compiler that can compile type-annotated Python code to optimized machine code. LPython offers several backends such as LLVM, C, C++, WASM, Julia and x86. LPython features quick compilation and runtime performance, as we show in the benchmarks in this blog. LPython also offers Just-In-Time (JIT) compilation and seamless interoperability with CPython.

Introducing Austral: A Systems Language with Linear Types and Capabilities

Austral is a new systems programming language. You can think of it as Rust: The Good Parts or a modernized, stripped-down Ada. It features a strong static type system, linear types, capability-based security, and strong modularity.

I like the spec section about semicolons:

For many people, semicolons represent the distinction between an old and crusty language and a modern one, in which case the semicolon serves a function similar to the use of Comic Sans by the OpenBSD project.

COBOL Programming Course

The COBOL Programming Course is an open source initiative that offers educational COBOL materials and hands-on experience with modern tooling.

Cool! If you like SCREAMING IN CHATS, it might be for you.

COBOL is everywhere. You have probably used an application written in COBOL today. For example, consider the following statistics:

  • About 95% of ATM swipes use COBOL code.
  • COBOL powers 80% of in-person transactions.
  • Every day, COBOL systems handle $3 trillion in commerce.

How pervasive is COBOL? Consider these mind-boggling facts:

  • Every day there are 200 times more COBOL transactions executed than there are Google searches.
  • There are over 220 billion lines of COBOL programs running today, which equates to around 80% of the world’s actively used code.
  • 1,500,000,000 lines of new COBOL code are written each year.

That is, 4 million lines of extremely boring COBOL code written every day.

(Jokes aside, it’s nice to have such initiatives.)

tzf — get timezone via longitude and latitude

No need for expensive cloud APIs if you can do it locally for free:

TZF is a fast timezone finder package designed for Go. It allows you to quickly find the timezone for a given latitude and longitude, making it ideal for geo queries and services such as weather forecast APIs.

There are also links to tzf ports and bindings to other programming languages.

[ More Posts ]

Tags

ack · ag · ai · algorithm · android · animation · apple · austral · aws · basic · book · bootstrap · browser · bug tracking · bugs · bun · c · c++ · canvas · chatgpt · cloud · cobol · colors · compiler · compression · cpp · crdt · cryptography · css · dart · database · delphi · design · drama · elixir · embedded · erlang · flash · fonts · form · framework · front-end · games · git · go · golang · grep · history · hosting · html · image · indexeddb · ios · javascript · jpeg · ladybird · language · library · linux · lisp · localstore · logging · mac · mainframe · markup · mojo · mozilla · mozjpeg · node · nodejs · objective-c · offline · openbsd · optimization · package · practice · preact · products · python · racket · react · reactjs · repository · ruby · rust · scheme · search · security · server · space · sqlite · ssl · store · svelte · swift · swiftui · terminal · text · theme · theory · tls · tools · ui · utility · v8 · version control · video · vm · wasm · web · webapp · wirth · zig · zip