No Foundation Necessary? Google Retains Knative, Istio – InApps 2022

Earlier this week, Donna Malayeri, a product manager for Google Cloud Run and a member of the Knative steering committee, offered an update on the Knative foundation status, writing that “since the start of the Knative project, there have been questions about whether Knative would be donated to a foundation, such as Cloud Native Computing Foundation (CNCF). Google leadership has considered this, and has decided not to donate Knative to any foundation for the foreseeable future.”

The word many people are using to describe the news is simply “disappointing”.

Calling the announcement “a disappointing email,” Sebastien Goasguen responded by pointing out that “a foundation provides a neutral ground for competing parties to work together, develop software and build an ecosystem that is key to the long term viability of software” and that “without a neutral ground, the ‘community’ is just free labor that benefits the company in charge.” He goes on to further condemn the move, writing that “it is sadly clear that Knative is a Google project and intends to remain that way, this will not lead to creation of a strong community.”

And while Joe Beda points out that Istio, too, will remain under a less-than-vendor-neutral governance, others point out that not everything is completely black and white, with the CNCF having its own issues of steering committees not entirely balanced in their views — a point which Beda concedes.

Not to be left out of the conversation, Bouyant CEO and Linkerd maintainer William Morgan penned a response to the news, pointing out that while “Buoyant continues to be the primary sponsor of the project, and to date, the majority of code in Linkerd comes from folks who have been paid by Buoyant for their time and energy” he sleeps soundly at night because his role as CEO and maintainer never comes in conflict and “nothing about Buoyant’s business model requires us to maintain control over Linkerd.”

As for the “why” behind this move, a few folks have some theories to offer up — obviously having to do with retaining control and competitive advantage while maintaining a claim to open governance.

This Week in Programming

• TypeScript 3.7 Beta Adds Optional Chaining and More: The beta for TypeScript 3.7 just hit the airwaves, providing a feature-complete sneak peek of the next version of the statically-typed language, with features that the team is saying are among “some of our most highly-requested features.” The highlight feature of 3.7, they write, is Optional Chaining, a feature that “lets us write code where we can immediately stop running some expressions if we run into a null or undefined” buy using the ?. operator. The example given is “let x = foo?.bar.baz();” which is “a way of saying that when foo is defined, foo.bar.baz() will be computed; but when foo is null or undefined, stop what we’re doing and just return undefined.” In this instance, the operator is an option property access, but it can also be used for option element access and to access non-identifier properties, such as arbitrary strings, numbers and symbols. For a full detail, with some better code examples, click through to the post or read the proposal. Similarly, TypeScript 3.7 is introducing a nullish coalescing operator — ?? — which is essentially “a way to ‘fall back’ to a default value when dealing with null or undefined.” According to the beta release announcement, the final release of TypeScript 3.7 will be released near the start of November, with a release candidate available a few weeks earlier.

• Rust Gets the Async-await You’ve All Been Waiting For: In similarly big news for language devotees, Rust has said that the wait is finally over, with Async-await hitting beta and sytactic support arriving in the Rust beta channel, and expected for the stable 1.39 release on November 7th. While the Rust team says that the release “will mark the culmination of a multi-year effort to enable efficient and ergonomic asynchronous I/O in Rust” they also note that “it will not, however, mark the end of the road.” There remain bugs to be fixed and feature sets to be completed. Put simply, async-await is “a way to write functions that can ‘pause’, return control to the runtime, and then pick up from where they left off.” It is a feature available in languages such as JavaScript and C#, and Rust points out that its own version will have a few key differences, primarily dealing with syntax and the idea of “zero-cost futures” Rust’s version of the feature is similar, but with a few key differences. Essentially, “in Rust, calling an async function does not do any scheduling in and of itself, which means that we can compose a complex nest of futures without incurring a per-future cost,” which contrasts with other languages that immediately create a future and schedule it for execution — implying an overhead for each future created.

• Rust’s Cargo Vulnerability in 1.25: One more bit of news for you Rust devs that you’ve surely seen by now, but if not it’s definitely worth mentioning. A Cargo vulnerability in Rust 1.25 was discovered earlier this week that makes it ignore the package key and download a wrong dependency. You can see the details of the vulnerability under CVE-2019-16760, which affects Rust 1.0 through Rust 1.25, but does not affect Rust 1.26 through Rust 1.30. For full details, make sure to check out the Rust blog post on the vulnerability. Oh, and a final note for you Rust folks, the team just launched the Inside Rust blog, which will get into the “nitty-gritty” of Rust development, for those of you who care.
• TensorFlow 2.0 Launches Tight Keras Integration: SDTimes writes up the details of this week’s TensorFlow 2.0 launch, which it says expands machine learning capabilities and offers updates to its Vision AI portfolio. TensorFlow 2.0, they write, “provides an ecosystem of tools for developers and researchers looking to push the boundaries of machine learning and build scalable machine learning-powered applications” and now “has a tight integration with the Python deep learning library Keras, eager execution by default, and Pythonic function execution,” which is all in the hopes of endearing TensorFlow to Python developers. For full details, make sure to check out Google’s blog post. For those of you transitioning from TensorFlow 1.0 to 2.0, a top comment on HackerNews predicts “an enormous clusterfuck of a transition” instead suggesting that “if you need to transition from TF1 to TF2, consider doing the TF1 to PyTorch transition instead.”

• Got 99 APIs, But an Executable Ain’t One: I’m not sure I could do any better in explanation or writing than Mike Masnick over at TechDirt, so I’d likely to simply direct your attention to his story about a top Oracle lawyer attempting to gaslight the entire software community by insisting APIs are executable. It’s a case of lawyer-speak meeting technical reality and the arguments of numerous developers on Twitter. Here’s just a brief snippet before you go and read all about the terrible hijinx in this case: “Literally no one denies that software source code is subject to copyright. The question is whether or not an Application Programming Interface — an API — is subject to copyright. As we’ve been saying from the beginning, the most frustrating thing about this entire case is that you have non-technically savvy lawyers and judges simply refusing to comprehend that an API is not software. It’s not executable code. It’s not ‘source code’ for software. An API is a set of specifications for allowing the access of data, an application, or service. It’s a ‘method of operation,’ which is simply not subject to copyright law.” Read on for many more tweets from a lawyer who seems to argue that since she’s fooled the judge in the case, she’s technically correct.
• GitHub Offers New Workflow Editor for Actions: Finally, this week, what’s a ‘This Week in Programming’ without some GitHub news, right? (They really know how to keep that steady drumbeat going, don’t they?) Well, GitHub has unveiled a new workflow editor for GitHub Actions, which offers “inline auto-complete and lint as you type so you can say goodbye to YAML indentation issues and explore the full workflow syntax without going to the docs.”

The Cloud Native Computing Foundation, Oracle and Red Hat are sponsors of InApps.

Feature image by dewikinanthi from Pixabay.