The foodstuff feeds more than half the world -- but also fuels diabetes and climate change. From a report: According to Indonesian legend, rice was bestowed upon the island of Java by the goddess Dewi Sri. Pitying its inhabitants the blandness of their existing staple, cassava, she taught them how to nurture rice seedlings in lush green paddy fields. In India, the Hindu goddess Annapurna is said to have played a similar role; in Japan, Inari. Across Asia, rice is conferred with a divine, and usually feminine, origin story. Such mythologising is understandable. For thousands of years the starchy seeds of the grass plant Oryza sativa (often called Asian rice) have been the continent's main foodstuff. Asia accounts for 90% of the world's rice production and almost as much of its consumption.

Asians get more than a quarter of their daily calories from rice. The UN estimates that the average Asian consumes 77kg of rice a year -- more than the average African, European and American combined (see chart). Hundreds of millions of Asian farmers depend on growing the crop, many with only tiny patches of land. Yet the world's rice bowl is cracking. Global rice demand -- in Africa as well as Asia -- is soaring. Yet yields are stagnating. The land, water and labour that rice production requires are becoming scarcer. Climate change is a graver threat. Rising temperatures are withering crops; more frequent floods are destroying them. No mere victim of global warming, rice cultivation is also a major cause of it, because paddy fields emit a lot of methane, a potent greenhouse gas. The crop that fuelled the rise of 60% of the world's population is becoming a source of insecurity and threat.

Rising demand exacerbates the problem. By 2050 there will be 5.3bn people in Asia, up from 4.7bn today, and 2.5bn in Africa, up from 1.4bn. That growth is projected to drive a 30% rise in rice demand, according to a study published in the journal Nature Food. And only in the richest Asian countries, such as Japan and South Korea, are bread and pasta eating into rice's monopoly as the continental staple. Yet Asia's rice productivity growth is falling. Yields increased by an annual average of only 0.9% over the past decade, down from around 1.3% in the decade before that, according to data from the UN. The drop was sharpest in South-East Asia, where the rate of increase fell from 1.4% to 0.4%.

turp182 shares a report from Ars Technica: Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can't be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by General Bytes, a company with multiple locations throughout the world. These BATMs, short for bitcoin ATMs, can be set up in convenience stores and other businesses to allow people to exchange bitcoin for other currencies and vice versa. Customers connect the BATMs to a crypto application server (CAS) that they can manage or, until now, that General Bytes could manage for them. For reasons that aren't entirely clear, the BATMs offer an option that allows customers to upload videos from the terminal to the CAS using a mechanism known as the master server interface.

Over the weekend, General Bytes revealed that more than $1.5 million worth of bitcoin had been drained from CASes operated by the company and by customers. To pull off the heist, an unknown threat actor exploited a previously unknown vulnerability that allowed it to use this interface to upload and execute a malicious Java application. The actor then drained various hot wallets of about 56 BTC, worth roughly $1.5 million. General Bytes patched the vulnerability 15 hours after learning of it, but due to the way cryptocurrencies work, the losses were unrecoverable. [...] Once the malicious application executed on a server, the threat actor was able to (1) access the database, (2) read and decrypt encoded API keys needed to access funds in hot wallets and exchanges, (3) transfer funds from hot wallets to a wallet controlled by the threat actor, (4) download user names and password hashes and turn off 2FA, and (5) access terminal event logs and scan for instances where customers scanned private keys at the ATM. The sensitive data in step 5 had been logged by older versions of ATM software.

Going forward, this weekend's post said, General Bytes will no longer manage CASes on behalf of customers. That means terminal holders will have to manage the servers themselves. The company is also in the process of collecting data from customers to validate all losses related to the hack, performing an internal investigation, and cooperating with authorities in an attempt to identify the threat actor. General Bytes said the company has received "multiple security audits since 2021," and that none of them detected the vulnerability exploited. The company is now in the process of seeking further help in securing its BATMs.

Oracle today announced the availability of Java 20, the latest version of the popular programming language and development platform. From a report: The latest version of the 27-year-old language includes thousands of performance, stability and security improvements and features seven enhancement proposals to the Java Development Kit that are aimed at increasing developer productivity and enhancing performance, stability and security. Oracle has coordinated a disciplined rollout of new Java releases on a six-month cadence for the past five years and says it's the top contributor to the open-source project. Java is the world's third most widely used programming language, according to Tiobe Software BV, and is No. 1 in organizational development, according to Oracle. "The innovation pipeline has never been richer," said Chad Arimura, vice president of developer relations at Oracle. "The problem space is changing and developers have higher demands on their programming languages than ever."

"Google's Go language has re-entered the top 10 of the Tiobe index of programming language popularity, after a nearly six-year absence," reports InfoWorld: Go ranks 10th in the March edition of the index, after placing 11th the previous month. The language last appeared in the top 10 in July 2017.

The re-emergence of Go in the March 2023 index is being attributed to its popularity with software engineers and its strength in combining the right features, namely built-in concurrency, garbage collection, static typing, and good performance. Google's backing also helps, improving long-term trust in the language, Tiobe said.
The languages Go beat out include "assembly language" at #11, followed by MATLAB, Delphi/Object Pascal, Scratch, and Classic Visual Basic.

Here's the complete top-ten most popular programming languages, according to TIOBE:

• Python
• C
• Java
• C++
• C#
• Visual Basic
• JavaScript
• SQL
• PHP
• Go

Long-time Slashdot reader theodp shares his perspective on the 10th anniversary of Code.org: Remember this?" asks tech-backed Code.org on Twitter as it celebrates its achievements.... "It's the viral video that launched Code.org back in 2013!" Code.org also reminds its 1M Twitter followers that What Most Schools Don't Teach starred tech leaders Bill Gates, Mark Zuckerberg, Jack Dorsey, Tony Hsieh, and Drew Houston.

But 10 years later, the promise of unlimited tech jobs and crazy-fun workplaces promoted in the video by these Poster Boys for K-12 Computer Science hasn't exactly aged well, and may serve as more of a cautionary tale about hubris for some rather than evoke fond memories.

"Our policy at Facebook is literally to hire as many talented engineers as we can find," exclaimed Zuckerberg in the video. But ten years later, Facebook's policy is firing as many employees as it can — 11,000+ and counting. Houston, who sang the praises of working in cool tech workplaces in the video ("To get the very best people we try to make the office as awesome as possible"), went on to make remote work the standard practice at Dropbox, cut 11% of his employees, and reported a $575M loss on unneeded office space. Under pressure, Gates left Microsoft, Dorsey left Twitter, and Hsieh tragically left (Amazon-owned) Zappos, and the companies they co-founded recently unveiled plans for massive layoffs and halted ambitious office expansion plans as tech employees push back on return-to-the-office edicts.

Still, there's no denying the success of what the National Science Foundation called the "amazing marketing prowess" of tech giant supported and directed Code.org when it comes to pushing coding into American classrooms. The nonprofit boasts of having 80M+ student accounts, reported it had spent $74.7M to train 113,000+ K-12 teachers to deliver its K-12 CS curriculum, and has set its sights on making CS a high school graduation requirement in every state by 2030.

Interestingly, concomitant with Code.org's 10th anniversary celebration was the release of a new academic paper — Breaking the Code: Confronting Racism in Computer Science through Community, Criticality, and Citizenship — that provocatively questions whether K-12 CS, at least in its current incarnation, is a feature or a bug. From the paper: "We are currently seeing an unprecedented push of computing into P-12 education systems across the US, with calls for compulsory computing education and changes to graduation requirements.... Although computing creep narratives are typically framed in lofty democratic terms, the 'access' narrative is ultimately a corporate play. Broadening participation in computing serves corporate interests by offering an expanded labor supply from which to choose the most productive workers. It is true that this might benefit an elite subset of BIPOC individuals, but the macroeconomics of the global labor market mean that access to computing is unlikely to ever benefit BIPOC communities at scale. [...] There are several nonprofits invested in the growth of computing, many with mission statements that do explicitly cite equity (and sometimes racial equity, in particular). Some of the larger nonprofits, though, are mainly funded by (and thus ultimately serve) corporate interests (e.g., Code. org).

Three years after Rails was introduced in 2005, InfoWorld asked whether it might the successor to Java.

That didn't happen. So this week InfoWorld "spoke to current and former Ruby programmers to try to trace the language's rise and fall." Some responses: "Rails came along at the cusp of a period of transformation and growth for the web," says Matthew Boeh, a Ruby developer since 2006. "It both benefited from and fueled that growth, but it was a foregone conclusion that it wasn't going to be the only success story." Boeh recently took a job as a senior staff software engineer at Lattice, a TypeScript shop. "You could say that Ruby has been a victim of its own success, in that its community was a major driving force in the command-line renaissance of recent years," he says. "In the early '00s it was introducing REPL-driven development to people who had never heard of Lisp, package management to people who would have been scared off by Perl's CPAN, test-driven development to people outside the highly corporate Java world, and so on. This is all stuff that is considered table stakes today. Ruby didn't originate any of it, but it was all popularized and made accessible by Rubyists...."

"The JavaScript ecosystem in its current form would have been unimaginable in 2004 — it needed both the command line renaissance and the takeoff of the web platform," adds Lattice's Boeh. "Did you know it took a full decade, 1999 to 2009, to release a single new version of the JavaScript standard? We get one yearly now. Rails became a big deal in the very last time period where it was possible to be a full-stack developer without knowing JavaScript...."

[W]hen it comes to data science, Python has a leg up because of the ready availability of libraries like TensorFlow and Keras. "These frameworks make it easy for coders to build data visualizations and write programs for machine learning," says Pulkit Bhardwaj, e-commerce coach at BoutiqueSetup.net. JavaScript, meanwhile, has spawned seemingly endless libraries that developers can easily download and adapt for just about any purpose. "As a technologist, you can go on your own hero's journey following whatever niche thing you think is the right way to go," says Trowbridge. But when it comes to JavaScript, "these libraries are excellent. Why ignore all of that?"

Many of those libraries were developed by community members, which inspired others to contribute in a snowball effect familiar to anyone involved in open source. But one big player has had an outsized influence here. Python's TensorFlow, which Bhardwaj called a "game-changer," was released by Google, which has followed academia's lead and made Python its internal scripting language. Google, as the maker of the dominant web browser, also has an obvious interest in boosting JavaScript, and Trowbridge gives Google much of the credit for making JavaScript much faster and more memory efficient than it once was: "In some ways it feels almost like a low level language," he says. Meanwhile, Ruby is widely acknowledged to be lagging in performance, in part because it lacks the same sort of corporate sponsor with resources for improving it.

An anonymous reader quotes a report from MIT Technology Review: Many software projects emerge because -- somewhere out there -- a programmer had a personal problem to solve. That's more or less what happened to Graydon Hoare. In 2006, Hoare was a 29-year-old computer programmer working for Mozilla, the open-source browser company. Returning home to his apartment in Vancouver, he found that the elevator was out of order; its software had crashed. This wasn't the first time it had happened, either. Hoare lived on the 21st floor, and as he climbed the stairs, he got annoyed. "It's ridiculous," he thought, "that we computer people couldn't even make an elevator that works without crashing!" Many such crashes, Hoare knew, are due to problems with how a program uses memory. The software inside devices like elevators is often written in languages like C++ or C, which are famous for allowing programmers to write code that runs very quickly and is quite compact. The problem is those languages also make it easy to accidentally introduce memory bugs -- errors that will cause a crash. Microsoft estimates that 70% of the vulnerabilities in its code are due to memory errors from code written in these languages.

Most of us, if we found ourselves trudging up 21 flights of stairs, would just get pissed off and leave it there. But Hoare decided to do something about it. He opened his laptop and began designing a new computer language, one that he hoped would make it possible to write small, fast code without memory bugs. He named it Rust, after a group of remarkably hardy fungi that are, he says, "over-engineered for survival." Seventeen years later, Rust has become one of the hottest new languages on the planet -- maybe the hottest. There are 2.8 million coders writing in Rust, and companies from Microsoft to Amazon regard it as key to their future. The chat platform Discord used Rust to speed up its system, Dropbox uses it to sync files to your computer, and Cloudflare uses it to process more than 20% of all internet traffic.

When the coder discussion board Stack Overflow conducts its annual poll of developers around the world, Rust has been rated the most "loved" programming language for seven years running. Even the US government is avidly promoting software in Rust as a way to make its processes more secure. The language has become, like many successful open-source projects, a barn-raising: there are now hundreds of die-hard contributors, many of them volunteers. Hoare himself stepped aside from the project in 2013, happy to turn it over to those other engineers, including a core team at Mozilla. It isn't unusual for someone to make a new computer language. Plenty of coders create little ones as side projects all the time. But it's meteor-strike rare for one to take hold and become part of the pantheon of well-known languages alongside, say, JavaScript or Python or Java. How did Rust do it?

While Oracle's existing Java corporate licensing agreements are still in effect, "the Named User Plus Licensing (user licenses) and Processor licenses (server licensing) are no longer available for purchase," reports IT World Canada. And that's where it gets interesting: The new pricing model is based on employee count, with different price tiers for different employee counts. The implication is that everyone in the organization is counted for licensing purposes, even if they don't use Java software.

As a result, companies that use Java SE may face significant price increases. The change will primarily affect large companies with many employees, but it will also have a significant impact on medium-sized businesses. Although Oracle promises to allow legacy users to renew under their current terms and conditions, sources say the company will likely pressure users to adopt the new model over time.
The move is "likely to rile customers that have a fraction of employees who work with Java," Oracle partners told CRN, though "the added complexity is an opportunity for partners to help customers right-size their spending." Jeff Stonacek, principal architect at House of Brick Technologies, an Omaha, Neb.-based company that provides technical and licensing services to Oracle clients, and chief technical officer of House of Brick parent company OpsCompass, told CRN that the change has already affected at least one project, with his company in the middle of a license assessment for a large customer. He called the change "an obvious overstep."

"Having to license your entire employee count is not reasonable because you could have 10,000 employees, maybe only 500 of them need Java," Stonacek said. "And maybe you only have a couple of servers for a couple of applications. But if you have to license for your entire employee count, that just doesn't make sense...." Stonacek and his team have been talking to customers about migrating to Open Java Development Kit (JDK), a free and open-source version of Java Standard Edition (SE), although that was a practice started before the price change.

He estimated that about half of the customers his team talks to are able to easily move to OpenJDK. Sometimes, customers have third-party applications that are written for Java and unchangeable as opposed to custom applications that in-house engineers can just rewrite.... Ron Zapar, CEO of Naperville, Ill.-based Oracle partner Re-Quest, told CRN that even without a direct effect on partners from the Java license change, the move makes customers question whether they want to purchase Oracle Cloud offerings and other Oracle products lest they face future changing terms or lock-in.

theodp writes: In case there are any doubts that the hiring party is over at Amazon, the number of open jobs in the Software Development category has declined to 299 in January 2023 from 32,692 in May 2022, according to Amazon's Jobs site. Internet Archive captures of Amazon's Software Development jobs category show the number of open jobs declined from 32,692 in May to 31,840 in June, 30,124 in July, 24,747 in August, 17,141 in September, 2,829 in November, and 373 in December.

The number of Software Development job openings currently stands at 299 (164 of those in the U.S.), or less than 1% of the 32,692 May job openings. Declaring that "the U.S. isn't producing nearly enough students trained in computer science to meet the future demands of the American workforce," Amazon in May publicly called on Congress and legislatures across the U.S. to support and fund CS education in public schools to "create a much-needed pipeline of talent that will carry us into the future." And in July, Amazon CEO Andy Jassy joined other Tech Giant CEOs as signatories to a public letter calling for state governments and education leaders to bring more CS to K-12 students.

"The USA has over 700,000 open computing jobs but only 80,000 computer science graduates a year," the 'CEOs for CS' explained. "We must educate American students as a matter of national competitiveness." Days later, 50 of the nation's Governors accepted the challenge, signing a Compact To Expand K-12 Computer Science Education in their states and territories.

Last fall, a new Amazon-bankrolled $15 million CS curriculum aimed at dramatically boosting the number of high school students who take the Java-based AP CS A course was rolled out nationwide (Java founder and AWS employee James Gosling recently noted that "A lot of the guts of AWS is Java, and AWS has a pretty big Java team"). And in December, Amazon News reported that "600,000 students across 5,000 schools received computer science education through the Amazon Future Engineer 'childhood-to-career' program."

The next business day, the Financial Times reported that Amazon had delayed start dates for some university graduates who had been set to the join the company in May 2023, blaming the "macroeconomic environment" and telling students they would now not be able to begin until the end of 2023. The FT article followed an NY Times report on the shrinking Big Tech job market faced by CS students.

InfoWorld reports: JavaScript, Java, and Python skills are most in-demand by recruiters, according to a report published this week by tech hiring platforms CodinGame and CoderPad. But while the supply of those skills exceeds demand, the demand for TypeScript, Swift, Scala, Kotlin, and Go skills all exceed supply.

The State of Tech Hiring in 2023, a CodinGame-CoderPad report published January 10, draws on a survey of 14,000 professionals and offers insights into what 2023 may hold for tech industry recruiters and job seekers. The demand for JavaScript, Java, and Python skills is consistent with previous years, the report notes.

Among development frameworks, Node.js, React, and .NET Core proved to be the best-known and most in-demand.
InfoWorld summarizes some other interesting findings:

• "59% of developers do not have a university degree in computer science. Nearly one-third consider themselves primarily self-taught."

• "Developers' main challenges at work include unplanned changes to their schedule, unclear direction, and a lack of technical knowledge by team members."

• "Most teams are now hybrid between remote and on-site work. Only 15% work onsite 100% of the time."

"The Tiobe index gauges language popularity using a formula that assesses searches on programming languages in Google, Bing, Yahoo, Wikipedia, and other search engines," writes InfoWorld. And they add that this year the "vaunted" C++ programming language was the index's biggest gainer in 2022.

TIOBE's announcement includes their calculation that C++ rose 4.62% in popularity in 2022: Runners up are C (+3.82%) and Python (+2.78%). Interestingly, C++ surpassed Java to become the number 3 of the TIOBE index in November 2022. The reason for C++'s popularity is its excellent performance while being a high level object-oriented language. Because of this, it is possible to develop fast and vast software systems (over millions of lines of code) in C++ without necessarily ending up in a maintenance nightmare.
So which programming languages are most popular now? For what it's worth, here's TIOBE's latest ranking:


- Python
- C
- C++
- Java
- C#
- Visual Basic
- JavaScript
- SQL
- Assembly Language
- PHP


InfoWorld adds that "Helping C++ popularity was the publication of new language standards with interesting features, such as C++ 11 and C++ 20."

More from TIOBE: What else happened in 2022? Performance seemed to be important. C++ competitor Rust entered the top 20 again (being at position #26 one year ago), but this time it seems to be for real. Lua, which is known for its easy interfacing with C, jumped from position #30 to #24. F# is another language that made an interesting move: from position #74 to position #33 in one years' time. Promising languages such as Kotlin (from #29 to #25), Julia (from #28 to #29) and Dart (from #37 to #38) still have a long way to go before they reach the top 20. Let's see what happens in 2023.

An anonymous reader quotes a report from Ars Technica: Google's keynote at the RISC-V Summit was all about bold proclamations [...]. Lars Bergstrom, Android's director of engineering, wants RISC-V to be seen as a "tier-1 platform" in Android, which would put it on par with Arm. That's a big change from just six months ago. Bergstrom says getting optimized Android builds on RISC-V will take "a lot of work" and outlined a roadmap that will take "a few years" to come to fruition, but AOSP started to land official RISC-V patches back in September. The build system is up and running, and anyone can grab the latest "riscv64" branch whenever they want -- and yes, in line with its recent Arm work, Google wants RISC-V on Android to be 64-bit only. For now, the most you can get is a command line, and Bergstrom's slide promised "initial emulator support by the start of 2023, with Android RunTime (ART) support for Java workloads following during Q1."

One of Bergstrom's slides featured the above "to-do" list, which included a ton of major Android components. Unlike Android's unpolished support for x86, Bergstrom promised a real push for quality with RISC-V, saying, "We need to do all of the work to move from a prototype and something that runs to something that's really singing -- that's showing off the best-in-class processors that [RISC-V International Chairman Krste Asanovic] was mentioning in the previous talk." Once Google does get Android up and running on RISC-V, then it will be up to manufacturers and the app ecosystem to back the platform. What's fun about the Android RunTime is that when ART supports RISC-V, a big chunk of the Android app ecosystem will come with it. Android apps ship as Java code, and the way that becomes an ARM app is when the Android Runtime compiles it into ARM code. Instead, it will soon compile into RISC-V code with no extra work from the developer. Native code that isn't written in Java, like games and component libraries, will need to be ported over, but starting with Java code is a big jump-start.

In her opening remarks, RISC-V International (the nonprofit company that owns the architecture) CEO Calista Redmond argued that "RISC-V is inevitable" thanks to the open business model and wave of open chip design that it can create, and it's getting hard to argue against that. While the show was mostly about the advantages of RISC-V, I want to add that the biggest reason RISC-V seems inevitable is that current CPU front-runner Arm has become an unstable, volatile company, and it feels like any viable alternative would have a good shot at success right now. [...] The other reason to kick Arm to the curb is the US-China trade war, specifically that Chinese companies (and the Chinese government) would really like to distance themselves from Western technology. [...] RISC-V is seen as a way to be less reliant on the West. While the project started at UC Berkeley, RISC-V International says the open source architecture is not subject to US export law. In 2019, the RISC-V Foundation actually moved from the US to Switzerland and became "RISC-V International," all to try to avoid picking a side in the US-China trade war. The result is that Chinese tech companies are rallying around RISC-V as the future chip architecture. One Chinese company hit by US export restrictions, the e-commerce giant Alibaba, has been the leading force in bringing RISC-V support to Android, and with Chinese companies playing a huge part in the Android ecosystem, it makes sense that Google would throw open the doors for official support. Now we just need someone to build a phone.

YouTube's Doctor Volt repurposed a Blu-Ray drive, which are now easy to find on the cheap in the era of streaming content, to build a simple scanning laser microscope. Gizmodo reports: A couple of custom-designed and manufactured plastic parts were added to the mix to create a scanning bed for a sample that could move back in forth in one direction, while the laser itself shifted back and forth in the other. Unlike an optical microscope, where the entirely of an object is imaged at once, a scanning laser microscope takes light intensity measurements in increments, moving across an object in a grid and assembling a magnified image pixel by pixel. In this case, given the limitations of the Blu-Ray drive's spindle, which moves the sample being viewed back and forth, the image is assembled from 16,129 measurements (a 127x127 grid) and then scaled up to a 512x512 image.

A browser-based user interface written in Java allows focus adjustments and the scanning speed of the microscope to be modified, but at the slowest possible speed, the results are surprisingly good and recognizable. Certainly not comparable to what you'd get from lab equipment that costs tens of thousands of dollars, but for a re-purposed Blu-Ray drive you could get for less than $20 on eBay, this is an impressive hack.

"Java is no longer among the top three most popular programming languages in the TIOBE Index," reports the Register, "one of several not particularly definitive yardsticks by which such things are measured." According to Paul Jansen, CEO of Netherlands-based TIOBE Software, the rising popularity of C++ has pushed Java down a notch. The index's rankings are now:

- Python in first place
- C second
- C++ third, and
- Java fourth.

C++ stepped up to third, and Java fell to fourth. "C++ surpassed Java for the first time in the history of the TIOBE Index, which means that Java is at position 4 now," said Jansen in the December update for the TIOBE Index. "This is the first time that Java is not part of the top 3 since the beginning of the TIOBE Index in 2001."

The surge in C++, perhaps in part helped by the stable release of C++ 20 in December 2020, is particularly ironic in light of the language's recent dismissal by Microsoft CTO Mark Russinovich, which coincides with industry evangelism for Rust and its capacity for memory safety.
The article points out that other rankings still show a slighty higher popularity for Java. And ZDNet notes the other languages rising quickly in popularity over the last 12 months: In a year-on-year comparison in Tiobe's index, the languages now in the top 20 that made significant gains over the period are: Rust (up from 27 to 20), Objective-C (up from 29 to 19), science-specialized MATLAB (20 to 14), and Google's Go language (up from 19 to 12).

While the popularity of jQuery is decreasing, React.JS "is currently the most widely used client-side framework," reports ZDNet, citing SlashData's 23rd State of the Developer Nation report (compiled from more than 26,000 developers last summer from 163 countries).

ZDNet believe it shows developers "experimenting less and sticking with what they know and what works." JavaScript remains the largest programming language community, SlashData found. According to its research, there are an estimated 19.6 million developers worldwide using JavaScript every day in everything from web development and mobile apps to backend coding, cloud and game design. Java, meanwhile, is growing rapidly. In the last two years, the size of the Java community has more than doubled from 8.3 million to 16.5 million, SlashData found. For perspective, the global developer population grew about half as fast over the same period....

Python also continued to grow strongly, adding about eight million new developers over the last two years, according to SlashData. It accredited the rise of data science and machine learning as "a clear factor in Python's growing popularity". Approximately 63% of machine-learning developers and data scientists report using Python, whereas less than 15% use R, another programming language often associated with data science.
Both the Kotlin and Rust communities doubled in size in the past two years, the article points out. But according to the survey, only 9% of developers were involved in blockchain technologies.

Yet 27% of respondents reported they were learning about (if not currently working on) cryptocurrency-based projects. ZDNet summarizes the findings: Of the three blockchain technologies covered in the report, non-fungible tokens (NFTs) were found to be of least interest to developers: 58% showed "no interest" in NFTs, which SlashData said was "likely due to its perception as a novelty".

The report found that one-quarter (25%) of developers currently work on, or are learning about, blockchain applications other than cryptocurrencies.

In an press release published earlier today, the National Security Agency (NSA) says it will be making a strategic shift to memory safe programming languages. The agency is advising organizations explore such changes themselves by utilizing languages such as C#, Go, Java, Ruby, or Swift. From the report: The "Software Memory Safety" Cybersecurity Information Sheet (PDF) highlights how malicious cyber actors can exploit poor memory management issues to access sensitive information, promulgate unauthorized code execution, and cause other negative impacts. "Memory management issues have been exploited for decades and are still entirely too common today," said Neal Ziring, Cybersecurity Technical Director. "We have to consistently use memory safe languages and other protections when developing software to eliminate these weaknesses from malicious cyber actors."

Microsoft and Google have each stated that software memory safety issues are behind around 70 percent of their vulnerabilities. Poor memory management can lead to technical issues as well, such as incorrect program results, degradation of the program's performance over time, and program crashes. NSA recommends that organizations use memory safe languages when possible and bolster protection through code-hardening defenses such as compiler options, tool options, and operating system configurations. The full report is available here (PDF).

While listening to a podcast about the Go programming language, backend architect Aviv Carmi heard some loose talk about forking the language to keep its original design while also allowing the evolution of an "extended flavor."

If such a fork takes place, Carmi writes on Medium, he hopes the two languages could interact and share the same runtime environment, libraries, and ecosystem — citing lessons learned from the popularity of other language forks: There are well-known, hugely successful precedents for such a move. Unarguably, the JVM ecosystem will last longer and keep on gaining popularity thanks to Scala and Kotlin (a decrease in Java's popularity is overtaken by an increase in Scala's, during the previous decade, and in Kotlin's, during this one). All three languages contribute to a stronger, single community and gain stronger libraries and integrations. JavaScript has undoubtedly become stronger thanks to Typescript, which quickly became one of the world's most popular languages itself. I also believe this is the right move for us Gophers...
Carmi applauds Go's readability-over-writability culture, its consistent concurrency model (with lightweight threading), and its broad ecosystem of tools. But in a second essay Carmi lists his complaints — about Go's lack of keyword-based visibility modifiers (like "public" and "private"), how any symbol declared in a file "is automatically visible to the entire package," and Go's abundance of global built-in symbols (which complicate the choice of possible variable names, but which can still be overriden, since they aren't actually keywords). After a longer wishlist — including null-pointer safety features and improvements to error handling — Carmi introduces a third article with "A Proposition for a Better Future." I would have loved to see a compile time environment that mostly looks like Go, but allows developers to be a bit more expressive to gain maintainability and runtime safety. But at the same time, allow the Go language itself to largely remain the same and not evolve into something new, as a lot of us Gophers fear. As Gophers, why not have two tools in our tool set?
The essay proposes a new extended flavor of Go called Goat — a "new compile-time environment that will produce standard, compatible, and performant Go files that are fully compatible with any other Go project. This means they can import regular Go files but also be safely imported from any other Go file."

"Goat implementation will most likely be delivered as a code generation tool or as a transpiler producing regular go files," explains a page created for the project on GitHub. "However, full implementation details should be designed once the specification provided in this document is finalized."

Carmi's essay concludes, "I want to ignite a thorough discussion around the design and specification of Goat.... This project will allow Go to remain simple and efficient while allowing the community to experiment with an extended flavor. Goat spec should be driven by the community and so it needs the opinion and contribution of any Gopher and non-Gopher out there."

"Come join the discussion, we need your input."

Related link: Go principal engineer Russ Cox gave a talk at GopherCon 2022 that was all about compatibility and "the strategies Go uses to continue to evolve without breaking your programs."

RedMonk has released its latest quarterly rankings of popular programming languages, arguing that "The idea is not to offer a statistically valid representation of current usage, but rather to correlate language discussion and usage in an effort to extract insights into potential future adoption trends."

Their methodology? "We extract language rankings from GitHub and Stack Overflow, and combine them for a ranking that attempts to reflect both code (GitHub) and discussion (Stack Overflow) traction." Below are this quarter's results:

1. JavaScript
2. Python
3. Java
4. PHP
5. C#
6. CSS
7. C++
7. TypeScript
9. Ruby
10. C
11. Swift
12. R
12. Objective-C
14. Shell
15. Scala
15. Go
17. PowerShell
17. Kotlin
19. Rust
19. Dart

Their analysis of the latest rankings note "movement is increasingly rare.... the top 20 has been stable for multiple runs. As has been speculated about in this space previously, it seems increasingly clear that the hypothesis of a temporary equilibrium of programming language usage is supported by the evidence.... [W]e may have hit a point of relative — if temporary — contentment with the wide variety of languages available for developers' usage."

And yet this quarter TypeScript has risen from #8 to #7, now tied with C++, benefiting from attributes like its interoperability with an existing popular language with an increased availability of security-related features. "There is little suggestion at present that the language is headed anywhere but up. The only real question is on what timeframe." Unlike TypeScript, Go's trajectory has been anything but clear. While it grew steadily and reasonably swiftly as languages go, it has appeared to be stalled, never placing higher than 14th and having dropped into 16 for the last three runs. This quarter, however, Go rose one spot in the rankings back up to 15. In and of itself, this is a move of limited significance, as the further one goes down the rankings the less significant the differences between them are, ranking-wise. But it has been over a year since we've seen movement from Go, which raises the question of whether there is any room for further upward ascent or whether it will remain hovering in the slot one would expect from a technically well regarded but not particularly versatile (from a use case standpoint) language.

Like Go, Kotlin had spent the last three runs in the same position. It and Rust had been moving in lockstep in recent quarters, but while Rust enters its fourth consecutive run in 19th place, Kotlin managed to achieve some separation this quarter jumping one spot up from 18 to 17.

Greg Lavender, CTO of Intel, spoke to VentureBeat about the company's efforts to help developers build applications that can run on any operating system. From the report: "Today in the accelerated computing and GPU world, you can use CUDA and then you can only run on an Nvidia GPU, or you can go use AMD's CUDA equivalent running on an AMD GPU,â Lavender told VentureBeat. "You can't use CUDA to program an Intel GPU, so what do you use?" That's where Intel is contributing heavily to the open-source SYCL specification (SYCL is pronounced like "sickle") that aims to do for GPU and accelerated computing what Java did decades ago for application development. Intel's investment in SYCL is not entirely selfless and isn't just about supporting an open-source effort; it's also about helping to steer more development toward its recently released consumer and data center GPUs. SYCL is an approach for data parallel programming in the C++ language and, according to Lavender, it looks a lot like CUDA.

To date, SYCL development has been managed by the Khronos Group, which is a multi-stakeholder organization that is helping to build out standards for parallel computing, virtual reality and 3D graphics. On June 1, Intel acquired Scottish development firm Codeplay Software, which is one of the leading contributors to the SYCL specification. "We should have an open programming language with extensions to C++ that are being standardized, that can run on Intel, AMD and Nvidia GPUs without changing your code," Lavender said. Lavender is also a realist and he knows that there is a lot of code already written specifically for CUDA. That's why Intel developers built an open-source tool called SYCLomatic, which aims to migrate CUDA code into SYCL. Lavender claimed that SYCLomatic today has coverage for approximately 95% of all the functionality that is present in CUDA. He noted that the 5% SYCLomatic doesn't cover are capabilities that are specific to Nvidia hardware.

With SYCL, Lavender said that there are code libraries that developers can use that are device independent. The way that works is code is written by a developer once, and then SYCL can compile the code to work with whatever architecture is needed, be it for an Nvidia, AMD or Intel GPU. Looking forward, Lavender said that he's hopeful that SYCL can become a Linux Foundation project, to further enable participation and growth of the open-source effort. [...] "We should have write once, run everywhere for accelerated computing, and then let the market decide which GPU they want to use, and level the playing field," Lavender said.

The Document Foundation, the organization that tends the open source productivity suite LibreOffice, has decided to start charging for one version of the software. The Register reports: LibreOffice is a fork of OpenOffice and is offered under the free/open source Mozilla Public License Version 2.0. A Monday missive from the Document Foundation reveals the org will begin charging 8.99 euros for the software -- but only when sold via Apple's Mac App Store. That sum has been styled a "convenience fee ... which will be invested to support development of the LibreOffice project."

The foundation suggests paying up in the Mac App Store is ideal for "end users who want to get all of their desktop software from Apple's proprietary sales channel." Free downloads of LibreOffice for macOS from the foundation's site will remain available and arguably be superior to the App Store offering, because that version will include Java. The foundation argued that Apple does not permit dependencies in its store, so it cannot include Java in the 8.99 euro offering. The version now sold in the App Store supersedes a previous offering provided by open source support outfit Collabora, which charged $10 for a "Vanilla" version of the suite and threw in three years of support. The foundation's marketing officer Italo Vignoli said the change was part of a "new marketing strategy."

"The Document Foundation is focused on the release of the Community version, while ecosystem companies are focused on a value-added long-term supported versions targeted at enterprises," Vignoli explained. "The distinction has the objective of educating organizations to support the FOSS project by choosing the LibreOffice version which has been optimized for deployments in production and is backed by professional services, and not the Community version generously supported by volunteers."

"The objective is to fulfil the needs of individual and enterprise users in a better way," Vignoli added, before admitting "we know that the positive effects of the change will not be visible for some time. Educating enterprises about FOSS is not a trivial task and we have just started our journey in this direction."