It will take deno at least a decade to do so
— Asfand Yar (@Asfand_687) March 30, 2021
Lest you fear that Deno has sold out, they reassure that “Deno will remain MIT licensed,” as they don’t believe that choosing what features will be offered to free versus paid users is the right path forward.
How, you might ask, do they plan to monetize then?
While the announcement doesn’t answer this question directly, it does say that they have been “hinting at commercial applications of this infrastructure for years” and that this is what they plan to pursue, building it with the Deno open source project, rather than attempting to monetize Deno directly.
Indeed, as everything seems to move toward serverless this, and serverless that, it seems that a serverless option for (essentially) Node.js would make some sense.
Not this week! I think now we’re on svelte and deno and graphql 😂
— Laurie (@laurieontech) March 31, 2021
This Week in Programming
- FSF’s Sinking Ship: Following up on last week’s column regarding the reaction around the controversial reinstatement of Richard M. Stallman (RMS) at the Free Software Foundation (FSF), an article over at ZDNet details how the FSF leaders and supporters are deserting the sinking ship. As we noted at the time, while there were letters of support to both ends of the issue, one consisted of many a notable name and organization, while the other, well… not so much. Not all support is made equal, essentially, and some support, indeed, comes with big strings attached. For example, ZDNet notes that “When Red Hat announced it would no longer be financially supporting the FSF, their words were heard.” The loss of support doesn’t end at Red Hat, and the article goes on to chronicle the various voices in the open source industry who have publicly called for change at the FSF in response to RMS’s reinstatement. “With internal dissent, harsh external criticism, and reduced financial resources, it’s hard to see the FSF continuing in any kind of meaningful fashion so long as Stallman remains on the board or in any other leadership position,” they conclude. Indeed, while petitions and tweet storms are one thing, funding is another entirely.
move fast and document things
— Taylor Barnett (@taylor_atx) March 31, 2021
- GitHub Tweaks Mobile Notifications: When GitHub first introduced its mobile app late last year, we commented on how their utopian vision of being able to do code reviews “while taking a walk or sipping coffee on their balcony” (their words) was perhaps less idyllic than it sounds. While we’re sure they weren’t listening to us, perhaps others chimed in with the same thoughts about work/life balance, and the company this week introduced new features around push notifications, scheduling, releases and more. While the app now allows users to get push notifications for when you’ve been requested to review a pull request, assigned a task, or requested to approve a deployment for a protected environment, it also now allows users to set up “Working Hours.” “Whether you’re setting some focus time for your side project after hours or just making sure you’re not checking in on work while you’re not actually working, this feature will allow you to specify a timeframe for pausing notifications,” they write. In addition to working hours, users can also customize their watch settings for an individual repository on mobile, enabling them to opt-in to a subset of actions they’d like to receive notifications for. Here’s to drinking your coffee and taking mental breaks in notification-less peace.
- Cherry-Picking Comes to GitHub Desktop: GitHub has also announced that GitHub Desktop now supports cherry-picking, which it says is one of the most requested features from the past year. The feature comes to GitHub Desktop 2.7, allows users to copy commits from one branch to another by drag-and-drop. Beyond this, GitHub says that there are “several goodies that come with cherry-picking,” including the ability to undo, perform conflict resolution, and cherry-pick via menu rather than drag-and-drop, if so desired.
Here’s a piece of information that will send a chill down the spine of anyone who’s ever designed a database schema:
Our new house that we just moved into… has two zip codes!
— Simon Willison (@simonw) March 31, 2021
- GitHub Ups Its Security Game: One final, quick update from the world of GitHub: the company has offered two updates to GitHub Advanced Security in the form of a beta of a new security overview and the recently-announced general availability of secret scanning for private repositories. The overview, as you might expect, gives a “high-level view of the application security risks a GitHub organization is exposed to,” while the secret scanning expansion includes an additional 35 partners.
- PHP Gets Rid of its Own Git: It appears that PHP suffered a supply chain attack this past week, according to a message to php.internals by PHP maintainer Nikita Popov, and the PHP teams has “decided that maintaining our own git infrastructure is an unnecessary security risk, and that we will discontinue the git.php.net server,” instead moving everything over to GitHub. The move has some implications for how developers will be able to contribute to PHP, which Popov briefly addresses in his message. Long story short, “While previously write access to repositories was handled through our home-grown karma system, you will now need to be part of the php organization on GitHub,” wrote Popov, noting that they would also need to enable 2FA. For a bit more reading on the topic, check out our own look at how the PHP supply chain attack shows open source’s virtues and vices.
Ever since I got my first shot of vaccine, I have a strong urge to install Internet Explorer 6 – is this normal?
— . (@cloud_opinion) March 31, 2021
Red Hat is a sponsor of The New Stack.
Feature image: The Deno logo.