Earlier this week, Donna Malayeri, a product manager for Google Cloud Run and a member of the Knative steering committee, offered an update on the Knative foundation status, writing that “since the start of the Knative project, there have been questions about whether Knative would be donated to a foundation, such as Cloud Native Computing Foundation (CNCF). Google leadership has considered this, and has decided not to donate Knative to any foundation for the foreseeable future.”
The word many people are using to describe the news is simply “disappointing”.
Must be disappointing for Red Hat and other vendors that have placed a bet on Knative for the future. https://t.co/x2q6f9NKMC
— Alex Ellis (@alexellisuk) October 2, 2019
Istio too. This is a really disappointing development.
— Joe Beda (@jbeda) October 1, 2019
Calling the announcement “a disappointing email,” Sebastien Goasguen responded by pointing out that “a foundation provides a neutral ground for competing parties to work together, develop software and build an ecosystem that is key to the long term viability of software” and that “without a neutral ground, the ‘community’ is just free labor that benefits the company in charge.” He goes on to further condemn the move, writing that “it is sadly clear that Knative is a Google project and intends to remain that way, this will not lead to creation of a strong community.”
And while Joe Beda points out that Istio, too, will remain under a less-than-vendor-neutral governance, others point out that not everything is completely black and white, with the CNCF having its own issues of steering committees not entirely balanced in their views — a point which Beda concedes.
@CloudNativeFdn is a great home for OSS.
Both Knative and Istio do have steering committees with multi-vendor representation. I can affirm that the Istio steering committee is conscientious about gaining diverse representation of working group leads.
— Lee Calcote (@lcalcote) October 2, 2019
Yeah. This is a problem with the cncf. We are pushing the to to have more members representing projects and end users. That is happening.
And projects themselves tend to be independent from the TOC and own their own governance. That tends to be less vendor centric.
— Joe Beda (@jbeda) October 2, 2019
Not to be left out of the conversation, Bouyant CEO and Linkerd maintainer William Morgan penned a response to the news, pointing out that while “Buoyant continues to be the primary sponsor of the project, and to date, the majority of code in Linkerd comes from folks who have been paid by Buoyant for their time and energy” he sleeps soundly at night because his role as CEO and maintainer never comes in conflict and “nothing about Buoyant’s business model requires us to maintain control over Linkerd.”
As for the “why” behind this move, a few folks have some theories to offer up — obviously having to do with retaining control and competitive advantage while maintaining a claim to open governance.
I think this has to do with it being baked heavily into Google products (cloud run). Though not sure what Google product istio is baked into behind the scenes..I think they want more control so they don't have to change their products in ways they don't want to.
— 🏳️⚧️ Pumpkwyn 🎃 (@kwyntastic) October 2, 2019
leverage all the innovation on #kubernetes but keep control on downstream projects by not contributing to foundation and using “open governance” is a strategy here
— Arun Gupta (@arungupta) October 2, 2019
Feels like a step in the direction of preserving control over the product with the most chance of helping GCP succeed. How long before future enhancements land on GCP first?
— John Patrick Dandison ☁☁☁ (@AzureAndChill) October 2, 2019
This Week in Programming
- TypeScript 3.7 Beta Adds Optional Chaining and More: The beta for TypeScript 3.7 just hit the airwaves, providing a feature-complete sneak peek of the next version of the statically-typed language, with features that the team is saying are among “some of our most highly-requested features.” The highlight feature of 3.7, they write, is Optional Chaining, a feature that “lets us write code where we can immediately stop running some expressions if we run into a null or undefined” buy using the ?. operator. The example given is “let x = foo?.bar.baz();” which is “a way of saying that when foo is defined, foo.bar.baz() will be computed; but when foo is null or undefined, stop what we’re doing and just return undefined.” In this instance, the operator is an option property access, but it can also be used for option element access and to access non-identifier properties, such as arbitrary strings, numbers and symbols. For a full detail, with some better code examples, click through to the post or read the proposal. Similarly, TypeScript 3.7 is introducing a nullish coalescing operator — ?? — which is essentially “a way to ‘fall back’ to a default value when dealing with null or undefined.” According to the beta release announcement, the final release of TypeScript 3.7 will be released near the start of November, with a release candidate available a few weeks earlier.
Why use a Cloud provider when we can run k8s ourselves and have full control?
A hour later: pic.twitter.com/Kva5kgsSnJ
— Robot Taylor :: 我不是機器人 (@robotterror) October 1, 2019
I like regex because I get the opportunity to re-learn how to write it every single time the opportunity presents itself.
Because I never remember how regex works.
— Kelly Vaughn 🐞 (@kvlly) September 30, 2019
- Rust’s Cargo Vulnerability in 1.25: One more bit of news for you Rust devs that you’ve surely seen by now, but if not it’s definitely worth mentioning. A Cargo vulnerability in Rust 1.25 was discovered earlier this week that makes it ignore the package key and download a wrong dependency. You can see the details of the vulnerability under CVE-2019-16760, which affects Rust 1.0 through Rust 1.25, but does not affect Rust 1.26 through Rust 1.30. For full details, make sure to check out the Rust blog post on the vulnerability. Oh, and a final note for you Rust folks, the team just launched the Inside Rust blog, which will get into the “nitty-gritty” of Rust development, for those of you who care.
- TensorFlow 2.0 Launches Tight Keras Integration: SDTimes writes up the details of this week’s TensorFlow 2.0 launch, which it says expands machine learning capabilities and offers updates to its Vision AI portfolio. TensorFlow 2.0, they write, “provides an ecosystem of tools for developers and researchers looking to push the boundaries of machine learning and build scalable machine learning-powered applications” and now “has a tight integration with the Python deep learning library Keras, eager execution by default, and Pythonic function execution,” which is all in the hopes of endearing TensorFlow to Python developers. For full details, make sure to check out Google’s blog post. For those of you transitioning from TensorFlow 1.0 to 2.0, a top comment on HackerNews predicts “an enormous clusterfuck of a transition” instead suggesting that “if you need to transition from TF1 to TF2, consider doing the TF1 to PyTorch transition instead.”
“everything in java is based on how classes interact. kind of like marxism.” -CS professor
— Nara Coldwater 🌽✨ (@NaraColdwater) September 30, 2019
- Got 99 APIs, But an Executable Ain’t One: I’m not sure I could do any better in explanation or writing than Mike Masnick over at TechDirt, so I’d likely to simply direct your attention to his story about a top Oracle lawyer attempting to gaslight the entire software community by insisting APIs are executable. It’s a case of lawyer-speak meeting technical reality and the arguments of numerous developers on Twitter. Here’s just a brief snippet before you go and read all about the terrible hijinx in this case: “Literally no one denies that software source code is subject to copyright. The question is whether or not an Application Programming Interface — an API — is subject to copyright. As we’ve been saying from the beginning, the most frustrating thing about this entire case is that you have non-technically savvy lawyers and judges simply refusing to comprehend that an API is not software. It’s not executable code. It’s not ‘source code’ for software. An API is a set of specifications for allowing the access of data, an application, or service. It’s a ‘method of operation,’ which is simply not subject to copyright law.” Read on for many more tweets from a lawyer who seems to argue that since she’s fooled the judge in the case, she’s technically correct.
- GitHub Offers New Workflow Editor for Actions: Finally, this week, what’s a ‘This Week in Programming’ without some GitHub news, right? (They really know how to keep that steady drumbeat going, don’t they?) Well, GitHub has unveiled a new workflow editor for GitHub Actions, which offers “inline auto-complete and lint as you type so you can say goodbye to YAML indentation issues and explore the full workflow syntax without going to the docs.”
The Cloud Native Computing Foundation, Oracle and Red Hat are sponsors of The New Stack.