Programming Leftovers
-
Daniel Stenberg ☛ So the Department of Energy emailed me
"In support of the Office of Management and Budget (OMB) requirement to collect attestations per M-22-18, please complete the U.S. Department of Energy Secure Software Development Attestation Form (DOE Common Form). If you are unable to attest to all secure software development framework (SSDF) practices, please be sure to attach your Plan of Action and Milestones (POA&M). The software listed below has been identified as being associated with your company and requires DOE to collect an attestation for the software."
-
Dhole Moments ☛ Security Issues in Matrix’s Olm Library
I don’t consider myself exceptional in any regard, but I stumbled upon a few cryptography vulnerabilities in Matrix’s Olm library with so little effort that it was nearly accidental.
It should not be this easy to find these kind of issues in any product people purportedly rely on for private messaging, which many people evangelize incorrectly as a Signal alternative.
Later, I thought I identified an additional vulnerability that would have been much worse, but I was wrong about that one. For the sake of transparency and humility, I’ll also describe that in detail.
-
Rlang ☛ Mastering String Concatenation of Vectors in R: Base R, stringr, stringi, and glue
Welcome to another exciting R programming tutorial! Today, we will explore how to concatenate vectors of strings using different methods in R: base R, stringr, stringi, and glue. We’ll use a practical example involving a data frame with names, job titles, and salaries. By the end of this post, you’ll feel confident using these tools to manipulate and combine strings in your own projects. Let’s get started!
-
I Programmer ☛ Software Developer Jobs In Decline?
After a post-pandemic boom in well-paid jobs for software developers, job openings are now down on pre-pandemic levels and after many, well-publicized, layoffs from major tech companies in 2023, this year has already seen 60,000 job cuts across 254 companies.
The situation with regard to demand for software developers is well illustrated by this chart which plots an index of new job postings based on data from global recruitment firm, Indeed. The index starts on February 1, 2020, i.e. just as the Covid 19 pandemic was starting to spreading from China to the rest of the world. During 2020 the index first fell to around 65, but recovered in the second half of the year. By the beginning of 2021 it had recovered to its starting position but continued to rise at an increasing rate, reaching around 230 at the beginning of 2022.
-
Education
-
Undeadly ☛ The BSDCan 2024 Playlist is now complete
The BSDCan 2024 video playlist is now complete and available on both YouTube and Peertube.
-
-
Python
-
Buttondown LLC ☛ Texttools dot py
Texttools is a python script running a tkinter GUI. I used tkinter because it's a builtin; I would generally not recommend it if you have any better options. On the plus side, being a builtin means you don't need to install a package to use this yourself.
-
Paolo Melchiorre ☛ Python Software Foundation fellow member
I’m honored that the Python Software Foundation announced yesterday that I have been named a PSF fellow member.
-
LWN ☛ CircuitPython: Python for microcontrollers, simplified
CircuitPython is an open-source implementation of the Python programming language for microcontroller boards. The project, which is sponsored by Adafruit Industries, is designed with new programmers in mind, but it also has many features that may be of interest to more-experienced developers. The recent 9.1.0 release adds a few minor features, but it follows just a few months after CircuitPython 9.0.0, which brings some more significant changes, including improved graphics and USB support.
-