This past week, many developers out there have spent their time doing the one thing seemingly favored by nine out of 10 developers: debating why one language is better than another. (See below for the perhaps unpopular one out of 10.)
Go vs Rust discussions are ridiculous. It should be more like: When to use Go. When to use Rust. When to use X…
— inanc (@inancgumus) September 19, 2019
In this week’s installment of “one language or another,” we have an entry from Loris Cro, developer advocate at RedisLabs, who poses the scenario where you write something in Go and someone subsequently asks the inevitable, “bone chilling” question — “Why Go and not Rust?”
Lest you thought this was a singular-minded offensive from a Go devotee, Cro immediately points out the similarity between the two languages, offering several points where Rust wins out:
Rust’s and Go’s messaging overlap.
Go is fast, but Rust is faster.
Go has an efficient garbage collector, but Rust has static memory management.
Go has great concurrency support, but Rust has provably-correct concurrency.
Go has interfaces, but Rust has traits and other zero-cost abstractions.
Nonetheless, writes Cro, Go is a language that is very good for writing services, is unapologetically simple, and is great for enterprise software. The key point of Cro’s argument about why one may choose Go over Rust has, primarily, to do with Go’s “simplicity” (not to be confused with “easy-to-use”), and the fact that the language is all about suppressing complexity at scale.
This post crystalizes so many of my own thoughts in a very logical, coherent way:
Here’s the big point: “Go is about suppressing complexity at scale.” I love the supporting discussion around how enterprise thinks differently (surprisingly?) about scale.https://t.co/0EylpV0wsd
— Matt Nunogawa (@amattn) September 16, 2019
Cro writes that “Rust is less compelling than Go for enterprise software development” for several reasons, including the speed of the Go compiler and the learning curve, in comparison to Java or C#. Of course, we’re skipping many of the detailed reasons, so as to give you reason to still hop over and give the blog post a gander, but we found the conclusion to hold a balanced piece of advice for language devotees: “Let’s avoid tying our identity to a single language and embrace practicality first and foremost. Tribal names like Rustacean or Gopher should be avoided, as they are inherently a marketing tool for inducing stronger branding.”
It brings us back to that initial tweet, doesn’t it? It often isn’t about one versus another, but rather when to use one, and when to use another. And as one Hacker News commenter pointed out, sometimes, the answer is both, and at the same time.
For those who think they can't learn how to code: try another language.
Then the iPhone came out, I tried iOS development, and everything started to click!
— Sahil Lavingia (@shl) September 17, 2019
This Week in Programming
- GitLab Commits To CI/CD & Ops: GitLab held its “first-ever user conference” this week, alongside news that the company has oodles more in funding. The New Stack was present and offers a detailed write-up on what to expect from the company from here on out, but suffice to say, CI/CD and other forms of Ops were among the words used. GitLab is planning on adding advanced integration with the Amazon Elastic Kubernetes Service (EKS), and a partnership with HashiCorp. GitLab will “make it easy for operations teams to manage their infrastructure configuration in GitLab, which then can be executed by TerraForm Cloud,” with HashiCorp’s Vault secrets management tool “giving developers a programmatic way to ensure the security of their distributed applications.” GitLab and VMware also partnered up to bring GitLab to the VMWare Cloud marketplace.
- GitHub’s Help Docs en Español: In an announcement where my brain immediately went, “Wait, that doesn’t already exist?” GitHub said ¡Hola! to help documentation in Spanish, writing that “with Latin America becoming one of our growing markets, we hope to alleviate some of the challenges of not speaking English and open up opportunities for more developers in Latin America and Spain.” The documents were also already available in Simple Chinese and Japanese, and now Spanish is available as well, though GitHub notes that if some sentences within a translated article are still in English, it’s likely new and in a queue waiting to be translated.
ATTENTION KUBERNETES ADOPTERS. THE SERVICE MESHES WILL CONTINUE UNTIL MORALE IMPROVES
— William Morgan (@wm) September 15, 2019
- GitHub Takes Some Steps in Software Security: In further GitHub news, the company made several announcements around steps it has taken toward securing software, together. “In the same way the pull request created a standard process for managing contributions, the ecosystem needs better-defined processes for managing vulnerabilities in open source code,” they write in a blog post. “This is what we’re setting out to build at GitHub.” To that end, GitHub announced the completion of its acquisition of Semmle. Semmle is a semantic code analysis engine that “allows developers to write queries that identify code patterns in large codebases and search for vulnerabilities and their variants” and has been used by many big names and is responsible for more than 100 CVEs in open source projects to date. Speaking of CVEs, GitHub has also become a CVE numbering authority for open source projects, which means it can now issue CVEs for security advisories opened on GitHub — all part of streamlining that security process. Finally, GitHub also announced that dependency graph support is now available for PHP repositories with Composer dependencies. With the current popularity of both PHP and its dependency manager Composer, GitHub decided to bring both its Dependabot capabilities, which are also available for package managers for other programming languages, including Maven, NPM, Yarn, Nuget and a few others.
- Microsoft Open Sources the C++ Standard Library: DevClass reports that Microsoft has turned to GitHub to open source C++ STL, which is now available under an Apache 2.0 license with LLVM exceptions. According to a Microsoft blog on the open sourcing of MSVC’s STL, the move will “allow our customers to follow our development as it happens, try out our latest changes, and help improve our pull requests by reviewing them.” Currently, Microsoft says it has no plans on open sourcing anything else in the MSVC toolset, but there is one catch — they’re “going to spend some time overhauling our build system, test infrastructure, and issue tracking, which will delay some work on C++20 library features.”
- Quarkus Adds a Web Interface: Quarkus, the open source “Kubernetes Native Java stack tailored for GraalVM & OpenJDK HotSpot, crafted from the best of breed Java libraries and standards,” has launched a new user-friendly web interface, according to JaxEnter, with the release of Quarkus 0.22.0. New features include improved Spring API support, with extensions for Spring Web API and Spring Data JPA API, a newly added template that makes it easier to propose changes to Quarkus, and the launch of the aforementioned code.quarkus.io, which “will help you create a pain-free application” with a web-based user interface that is “driven towards an easier user-experience and helps users bootstrap their application and discover its extensions, all inside of the browser.”
- Apple Requires “Sign In With Apple” Option For Some: iOS developers pay attention — ProgrammableWeb reports that Apple has updated its developer guidelines to require apps to also offer a “Sign in with Apple” option if other third-party sign-ins are also used. Those may include sign-ins such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login. If your app uses only your own sign in, then carry on, says Apple. To be sure you’re in compliance, check out the guidelines for exceptions.
I've been talked down to for being "not technical". Last week I launched a tech product, and this week I'm deep in R code analyzing study results.
If you're getting into tech, remember that "not technical" is gatekeeping and gaslighting, not a reflection on your capability.
— aubrey blanche (she/her) (@adblanche) September 18, 2019
The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Hightower.
GitLab, HashiCorp and VMware are sponsors of The New Stack.