ProgrammingPro #44: uv Supercharges Python Installs, Google Dart 3.3 Flutters, C# Advanced Feature Flagging, and AI Risk Management
Bite-sized actionable content, practical tutorials, and resources for programmers
Welcome to this week’s edition of ProgrammingPro!
In today’s Expert Insight, we bring you an excerpt from the recently published book, Build Your Own Programming Language - Second Edition, that takes you through a case study of why the book’s author built their own programming language and why you may one day need to build one for yourself.
News Highlights: Astral's 'uv' supercharges Python package installs, while concerns surface over Python package security. Google Dart 3.3 enhances Flutter WebAssembly, and Loco provides Rust developers with streamlined MVC web development.
My top 5 picks from today’s learning resources:
🚩How to Implement Advanced Feature Flagging Techniques in C# Applications
💡Scaling Java Microservices to Extreme Performance Using NCache
NIST AI Risk Management Framework (AI RMF): Developer’s Handbook🛡️
But there’s more, so dive right in. And do let me know how you liked today's issue in this week’s survey.
Stay Awesome!
Divya Anne Selvaraj
Editor-in-Chief
🗞️News and Analysis🔎
Astral unveils ‘extremely fast’ Python package installer: uv, a Rust-based, high-performance Python package installer offers significantly faster performance than pip—up to 115x with a warm cache—and full compatibility with pip workflows. Read to learn more about capabilities and performance advantages.
Python packages caught using DLL sideloading to bypass security: ReversingLabs has discovered two Python packages on PyPI employing DLL sideloading, highlighting the increasing risk within software supply chains. Read to learn more.
Making cloud infrastructure programmable for developers: In this article, AWS's Chris Munns and Pulumi's Joe Duffy discuss the importance of IaC and Python for modern development. Read for insights into IaC's role in leveraging cloud infrastructure programmably.
Google Dart 3.3 released, with new model for JavaScript interop to support Flutter WebAssembly: This update aims to improve performance significantly, with experimental Wasm support showing potential speed gains. Read to learn more about this version including the strategic incorporation of AI capabilities.
Loco is a New Framework for Rust Inspired by Rails: The framework offers Rust developers the ability to create MVC-style web applications leveraging Rust's advantages. Read for insights into Loco's objectives.
Visual Studio’s new extensibility model improves, yet frustrates devs with long preview and limited capability: Introduced over two years ago, the model aims to enhance reliability and ease of installation for extensions, crucial for building upon the IDE's ecosystem. Read to understand why there needs to be a balance between innovation and compatibility in software development tools.
Rust developers fear language is getting too complex and prefer bug fixes to new features: Nearly 12,000 respondents in the recent State of Rust survey indicated a strong preference for reliability and efficiency improvements, with 67.9% prioritizing compiler bug fixes. Read to learn more.
🎓Tutorials and Learning Resources💡
Python
Unexpected python traps for beginners: This article humorously outlines common pitfalls that Python beginners may encounter, including inconspicuous string concatenation and unexpected behaviors of None. Read to learn best practices for avoiding these pitfalls.
Python Development Best Practices — The Overload decorator use case: This article explores the use of Python's overload decorator to enhance code readability and manage multiple function signatures. Read to learn how the decorator significantly improves code management.
Tracing System Calls in Python: This article introduces Cirron's Tracer, a tool for examining system calls made by Python code, illustrated by tracing a simple print statement and the import of the seaborn library. Read to learn how to use Cirron's Tracer to identify and analyze system calls in Python applications.
For more Python resources go to PythonPro
C/C++/C#
🎓Tutorial | How to Implement Advanced Feature Flagging Techniques in C# Applications: Utilizing feature flags allows developers to control the deployment of new features, conduct A/B testing, and manage application settings dynamically. Read for a detailed and example driven guide.
🎓Tutorial | Google Sheets In C# – How To Build Your Own Levels.Fyi!: This article takes you through the process of accessing and manipulating Google Sheets data via Google Drive in C# and .NET. Read for detailed code examples for setting up authentication and processing data in Google Sheets.
🎓Tutorial | Borrow Checker, Lifetimes and Destructor Arguments in C++: This article delves into advanced compile-time validation techniques in C++ using stateful metaprogramming, focusing on memory safety. Read for insights into stateful metaprogramming and its application in real-world scenarios.
🎓Tutorial | How to write unit tests in C++ relying on non-code files?: This article outlines strategies for unit testing C++ classes that interact with the filesystem, using HtmlTextConverter as an example. Read to learn how this approach simplifies testing classes with filesystem dependencies.
To C or not to C: This article explores the debate on the necessity of knowing C for programming proficiency. Read to learn how understanding C's foundational concepts can enrich your skill set across multiple languages.
Java
🎓Tutorial | Scaling Java Microservices to Extreme Performance Using NCache: This article covers integrating NCache as a distributed cache in microservice architectures and utilizing Hibernate for caching. Read to learn how to improve the scalability and performance of Java microservices.
💼Case Study | Aggregating a Billion Rows File in Under 6 Seconds: This case study showcases an efficient solution to the 1BRC, focusing on aggregating temperature records for cities from a massive dataset. Read to learn advanced data processing techniques using parallel computing, memory mapping, and more.
All Java conference talks from 2023 ordered by the number of views: This is a comprehensive list of over 230 Java conference talks from 2023, covering significant updates in the Java community. Read to access a curated selection of the most popular Java conference talks.
JavaScript and TypeScript
🎓Tutorial | Functional programming with JavaScript arrays: This article explains how JS's built-in functions such as forEach(), map(), filter(), and chain() enable functional programming techniques for handling arrays. Read to discover a more elegant and efficient approach to data manipulation.
Introducing SafeTest: A Novel Approach to Front End Testing for JavaScript: Unlike conventional methods, SafeTest allows for dynamic test loading without impacting app performance. Read to discover the library’s advanced features.
How Types Work in TypeScript – Explained with JavaScript + TypeScript Code: This article explains TypeScript's static typing system, comparing it with JavaScript to highlight TypeScript's advantages in enhancing type safety and code maintainability. Read to learn how to apply type annotations.
Go
🎓Tutorial | Go Echo Framework + DDD + CQRS: Part 1: This article details the setup of a structured project directory, creation of an HTTP server with Echo, and configuration and logging with Viper and Zap. Read to gain insights into starting a Golang application project with a focus on efficient architecture and design patterns.
Kubernetes CPU Limits and Go: This article delves into the significance of adjusting GOMAXPROCS. Read for insights into achieving better resource utilization and service efficiency in containerized environments.
Rust
🎓Tutorial | Translating OpenStreetMap data to HTML5 Canvas with Rust and WebAssembly: Initially utilizing screenshots from OpenStreetMap and a now-deprecated API, the project aims to represent Disney World theme park wait times in 3D. Read for insights into the practical application of Rust and WebAssembly.
Writing a scheduler for Linux in Rust that runs in user-space: This article introduces "scx_rustland," a Linux scheduler written in Rust operating in user-space. Read to learn about an innovative approach to scheduling in Linux using Rust and user-space mechanisms.
PHP
🎓Tutorial | AI for PHP: How To Automate Unit Testing Using AI Assistant: This article discusses automating unit testing in PHP with JetBrains AI Assistant integrated into PhpStorm. Read to learn how AI Assistant can generate draft unit tests and allow you to focus on refining tests rather than writing them from scratch.
SQL
🎓Tutorial | SQL query optimization - a comprehensive developer's guide: This comprehensive resource offers optimization strategies for you with best practices for enhancing database performance across PostgreSQL and MySQL. Read to learn how to improve database performance.
.NET
🎓Tutorial | Step-by-step Guide to Implementing Multi-Tenancy in WebAPI Using ASP.NET Core Identity: This guide outlines steps to implement multi-tenancy in ASP.NET Core WebAPI with ASP.NET Core Identity, highlighting the importance of security and scalability in financial services web applications. Read to learn how to ensure data isolation and security for each tenant.
Ruby
🎓Tutorial | Using Serial Ports with Ruby: This article introduces the UART gem for handling serial ports in Ruby, showcasing its application with a GMC-320 Geiger counter as an example. Read to learn how to effectively utilize the gem for serial port communications in Ruby.
Swift
How to determine where tasks and async functions run in Swift?: This article explores Swift's concurrency model, focusing on determining execution contexts for tasks and async functions. Read to be able to avoid unintended performance issues or main actor blockages in your Swift applications.
Kotlin
🎓Tutorial | Be Punctual! Avoiding Kotlin’s lateinit In Spring Boot Testing: This article discusses Kotlin's lateinit keyword, highlighting its purpose to bridge Java compatibility and prevent uninitialized non-nullable class members, which could lead to NullPointerExceptions. Read to learn strategies to avoid lateinit in Kotlin
🌟Best Practices and Code Optimization🚀
NIST AI Risk Management Framework (AI RMF): Developer’s Handbook: The NIST AI RMF offers a structured approach for managing risks in AI technologies, addressing algorithmic bias, data privacy, ethical considerations, and ensuring secure, reliable, and ethical AI use. Read to learn how to use the framework to develop and deploy secure, reliable, and ethically responsible AI systems.
Top Secrets Management Tools for 2024: This article reviews various secrets management tools for 2024, including Cyberark Conjur, Google Cloud Secret Manager, and more. Read to be able to choose the right solution for your needs.
Clean your codebase with basic information theory: This article covers practical examples of code compression and readability concerns. Read to learn techniques for optimizing code readability and efficiency by measuring entropy, compressing repetitive elements, and structuring codebases for better maintainability.
Observer Design Pattern in Notification Service for Building Scalable Applications with Loose Coupling: The pattern facilitates scalable application development through loose coupling, enabling efficient notification dissemination across components. Read to gain insights into implementing the Observer Design Pattern to enhance application scalability and maintainability.
Unit of Work Pattern in C# for Clean Architecture: This guide focuses on the role of the Unit of Work Pattern in separating business from data access logic for more maintainable code. Read to learn how to implement the pattern.
Give us feedback or request a resource for next week
🧠 Expert Insight 📚
Here’s an exclusive excerpt from “Chapter 1, Why Build Another Programming Language” in the book, Build Your Own Programming Language - Second Edition, by Clinton L. Jeffery.
Case study – requirements that inspired the Unicon language
This book uses the Unicon programming language, located at
http://unicon.org
, for a running case study. We can start with reasonable questions such as, why build Unicon, and what are its requirements? To answer the first question, we will work backward from the second one.
Unicon exists because of an earlier programming language called Icon, from the University of Arizona. Icon has particularly good string and list processing facilities and is used to write many scripts and utilities, as well as both programming language and natural language processing projects. Icon’s fantastic built-in data types, including structure types such as lists and (hash) tables, have influenced several languages, including Python and Unicon. Icon’s signature research contribution is its integration of goal-directed evaluation, including backtracking and automatic resumption of generators, into a familiar mainstream syntax. This leads us to Unicon’s first requirement.
Unicon requirement #1 – preserve what people love about Icon
One of the things that people love about Icon is its expression semantics, including its generators and goal-directed evaluation. A generator is an expression that is capable of computing more than one result; several popular languages feature generators. Goal-directed evaluation is a semantic to execute code in which expressions either succeed or fail, and when they fail, generators within the expression can be resumed to try alternative results that might make the whole expression succeed. This is a big topic beyond the scope of this section, but if you want to learn more, you can check out The Icon Programming Language, Third Edition, by Ralph and Madge Griswold.
Icon also provides a rich set of built-in functions and data types so that many or most programs can be understood directly from the source code. Unicon’s preservation goal is 100% compatibility with Icon. In the end, we achieved more like 99% compatibility.
It is a bit of a leap from preserving the best bits to the immortality goal of ensuring old source code will run forever, but for Unicon, we include that as part of requirement #1. We have placed a much firmer requirement on backward compatibility than most modern languages. While C is very backward compatible, C++, Java, Python, and Perl are examples of languages that have wandered away, in some cases far away, from being compatible with the programs written in them back in their glory days. In the case of Unicon, perhaps 99% of Icon programs run unmodified as Unicon programs. Unicon requirement #2 was to support programming in large-scale projects.
Unicon requirement #2 – support large-scale programs working on big data
Icon was designed for maximum programmer productivity on small-sized projects; a typical Icon program is less than 1,000 lines of code, but Icon is very high level, and you can do a lot of computing in a few hundred lines of code! Still, computers keep getting more capable, and modern programmers are often required to write much larger programs than Icon was designed to handle.
For this reason of scalability, Unicon adds classes and packages to Icon, much like C++ adds them to C. Unicon also improved the bytecode object file format and made numerous scalability improvements to the compiler and runtime system. It also refines Icon’s existing implementation to be more scalable in many specific items, such as adopting a much more sophisticated hash function. Unicon requirement #3 is to support ubiquitous input/output capabilities at the same high level as the built-in types.
Unicon requirement #3 – high-level input/output for modern applications
Icon was designed for classic UNIX pipe-and-filter text processing of local files. Over time, more and more people wanted to use it to write programs that required more sophisticated forms of input/output, such as networking or graphics.
Arguably, despite billionfold improvements in CPU speed and memory size, the biggest difference between programming in 1970 and programming in the 2020s is that we expect modern applications to use a myriad of sophisticated forms of I/O: graphics, networking, databases, and so forth. Libraries can provide access to such I/O, but language-level support can make it easier and more intuitive.
Support for I/O is a moving target. At first, with Unicon, I/O consisted of networking facilities and GDBM and ODBC database facilities to accompany Icon’s 2D graphics. Then, it grew to include various popular internet protocols and 3D graphics. The definition of what I/O capabilities are ubiquitous continues to evolve, varying by platform, but touch input and gestures or shader programming capabilities are examples of things that have become ubiquitous today, and maybe they should be added to the Unicon language as part of this requirement. The challenge posed by this requirement is increased by Unicon requirement #4.
Unicon requirement #4 – provide universally implementable system interfaces
Icon is very portable. I have run it on everything, from Amigas to Crays to IBM mainframes with EBCDIC character sets. Although the platforms have changed almost unbelievably over the years, Unicon still retains Icon’s goal of maximum source code portability: code that gets written in Unicon should continue to run unmodified on all computing platforms that matter.
For a very long time, portability meant running on PCs, Macs, and UNIX workstations. But again, the set of computing platforms that matter is a moving target. These days, to meet this requirement, Unicon should be ported to support Android and iOS, if you count them as computing platforms. Whether they count might depend on whether they are open enough and used for general computing tasks, but they are certainly capable of being used as such.
All those juicy I/O facilities that were implemented for requirement #3 must be designed in such a way that they can be multi-platform portable across all major platforms.
Having given you some of Unicon’s primary requirements, here is an answer to the question, why build Unicon at all? One answer is that after studying many languages, I concluded that Icon’s generators and goal-directed evaluation (requirement #1) were features that I wanted when writing programs from now on. However, after allowing me to add 2D graphics to their language, Icon’s inventors were no longer willing to consider further additions to meet requirements #2 and #3. Another answer is that there was a public demand for new capabilities, including volunteer partners and some financial support. Thus, Unicon was born.
Packt subscribers can continue reading for free here. Not a Packt library subscriber yet? Here’s a newletter exclusive 50% off your first month. Build Your Own Programming Language - Second Edition, by Clinton L. Jeffery was published in January 2024. You can buy the book here.
🛠️ Useful Tools ⚒️
modguard: a Python tool that enforces modular architecture by making package internals private by default, exposing only members marked as public, using static analysis for checks without affecting runtime.
gemma.cpp: a C++ inference engine for Google's Gemma foundation models, designed for lightweight, standalone use with minimal dependencies, targeting research and experimentation in modern LLM inference.
cve-rs: a Rust library that introduces common memory vulnerabilities like buffer overflows and segfaults in a memory-safe manner, allowing for the exploration of these issues without compromising program stability.
That’s all for today.
We have an entire range of newsletters with focused content for tech pros. Subscribe to the ones you find the most useful here. Complete ProgrammingPro archives can be found here. Complete PythonPro archives are here.
📢 If your company is interested in reaching an audience of developers, software engineers, and tech decision makers, you may want to advertise with us.
If you have any feedback, leave a comment below
.