The Changelog: Software Development, Open Source - Bun, K8s is a red flag, "critical" open source packages, Rustlings & FP jargon in simple terms (News)
Episode Date: July 11, 2022Jarred Sumner's Bun comes out of the oven, Jeremy Brown doesn't want you prematurely optimizing, Armin Ronacher's not excited about his "critical" Python package, Daniel Thompson from Tauri thinks you... should check out Rustlings, and we draw a straight line between Functional Programming jargon and boujee Gen Z slang.
Transcript
Discussion (0)
Hello friends, I'm Jared and this is Changelog News for the week of Monday, July 11th, 2022.
Just one note before we get started, I was pleasantly surprised to hear that y'all enjoy
the little pop culture soundbites I've been sprinkling in, but it can be frustrating when
you miss a reference. So from now on, I'll name and
link to each soundbite's source material in the transcript. Okay, now to the news. Probably the
biggest piece of software to drop into our laps of late is Jared Sumner's fast all-in-one JavaScript
runtime, Bun. You can do none unless you got buns, hun.
You can do sidebends or sit-ups,
but please don't lose that native bundler, transpiler,
task runner, and built-in NPM client.
Bun is here to compete with Node and Deno
and is designed to be a drop-in replacement
for your current JS and TS apps.
The goal of Bun is to run most of the world's JavaScript outside of browsers,
which is ambitious to say the least, but it has early testers and users confessing to its
impressive speed. Jeremy Brown writes, Kubernetes is a red flag that signals premature optimization,
which is kind of weird because he spent much
of his life advocating for and selling a distribution of Kubernetes and consulting
services around it. Now, he didn't write this post merely to pick on Kate's. Do people say Kate's?
K8S. Kubernetes. He's not picking just on Kubernetes. He says he's, quote,
directing this post at every possible bit of premature optimization engineers make in the course of building software, end quote.
The overwhelming sentiment can be summed up in these two points.
One, your organization needs engineers to create an impact on the mission.
And two, try to do more with less.
Over the weekend, Armin Roniger blogged a blog called Congratulations,
we now have opinions on your open source contributions.
But I think he's being sarcastic about that congratulations bit.
He's not too excited about this.
You keep using that word.
I don't think it means what you think it means.
This post is in response to a change made in Python's PyPy package manager.
They are beginning to require two-factor auth for, quote, critical packages. About this and his newly
deemed critical package, Armin says, quote, once packages are within a certain level of adoption
compared to the global downloads, they are considered critical. Currently, if you maintain a
critical package, you need to enroll a multi-factor authenticator.
It appears that the hypothetical consequence of not enrolling into 2FA is not being able to release new versions.
My visceral reaction to this email was not positive.
I think we can all agree that increasing supply chain security is a noble goal for every package ecosystem, and on paper it makes sense for this requirement to not affect every package maintainer, Again, Armin says, It becomes that by adoption over time. Right now, the consequence of being a critical package is quite mild.
You only need to enable 2FA.
But a line has been drawn now, and I'm not sure why it wouldn't be in the index's best interest to put further restrictions in place.
End quote.
We can file this one under open source.
It's complicated.
Next up, Rustlings.
Small exercises to get you used to reading and writing Rust code.
This repo that's maintained by the Rust team has made changelog news in the past,
but Daniel Thompson of Towery, yes, that's how you pronounce it, Towery,
recommended it on the changelog, so we linked it up again.
Here's a clip of Daniel telling us how Towery is like a gateway to Rust.
Because you don't need to write Rust from
the beginning, it lowers the barrier to entry because you can say you have now built a Rust-based
application. And just being able to say this is kind of one of those visualization techniques of
getting better at things, is understanding that yes, you are capable of doing it. And the fact is people get
interested by it. Like over the three years we've been working on this project, a couple people have
very visibly improved in their rust. At the beginning, they're like, this is hard.
Everything is hard if you've never done it before. And having Tauri as a gateway to understanding,
well, okay, I need a compiler. Why do I need a compiler? Well, having a compiler is good because
it makes my app small. Great. So you get that out of the way. And then you discover that, oh,
maybe there's this special custom feature that you want to make. And you follow the instructions
and you write a couple lines of Rust and the compiler's like, oh, you did it wrong. And you're like, oh, okay,
what did I do? Oh, that's what I did wrong. And you figure it out. And suddenly you've
written a couple lines of Rust. Last one for today, jargon from the functional programming
world in simple terms. FP provides many advantages. And I can say that in my career,
as I learned and applied functional principles to my
code, even in OOP languages like Ruby and JavaScript, my software became easier to reason
about, less error-prone, and more maintainable. Unfortunately, all that FP jargon can be a real
sticking point. It can make you feel like a baby boomer trying to communicate with Gen Z.
Hey, you trying to flex on me, car? Pull up in a suit? I'm not trying to buy car insurance, bruh.
Okay, laugh and say, I'm dead.
What?
It's Gen Z, remember?
I'm dead.
If arity, currying, idempotent, monoid, monad,
or applicable functors have you cappin',
Say you cappin'.
You cappin'.
check out this glossary,
which includes definitions and example code.
That is the news for now.
We'll be back in your ears on Friday with that Towery episode.
It's a deep one, clocking in at almost an hour and 40 before mastering.
Stay tuned for that.
We'll talk to you then.