ProgrammingPro #92: ByteDance's Trae AI Code Editor, Malicious Go Packages, Building AI Agents, and GPU Architecture
Welcome to a brand new issue of ProgrammingPro.
In today’s Expert Insight, we bring you an excerpt from the recently published book, TypeScript 5 Design Patterns and Best Practices, Second Edition, which discusses how developers transitioning from Java or Go often bring non-idiomatic patterns—such as Java’s verbose POJOs or Go’s explicit error-checking—both of which TypeScript simplifies with interfaces, factory functions, and exception handling.
News Highlights: ByteDance launches Trae, an AI-powered code editor with free DeepSeek R1 and Claude 3.7 Sonnet access; GitHub expands Advanced Security tools to Team subscribers; major AI updates include OpenAI's GPT-4.5 preview and Claude Code; and seven malicious Go packages deploy malware on Linux and macOS.
My top 5 picks from today’s learning resources:
But there’s more, so dive right in.
Stay Awesome!
Divya Anne Selvaraj
Editor-in-Chief
🗞️News and Analysis🔎
ByteDance Launches New AI Coding Tool Trae with DeepSeek R1 and Claude 3.7 Sonnet Free For All Users: Trae supports Visual Studio Code plugins, and provides Builder and Chat modes for generating applications and assisting with code.
GitHub unbundling its GitHub Advanced Security offering starting in April: Previously available only to GitHub Enterprise customers, these tools will now be accessible to GitHub Team subscribers, expanding security options for organizations of all sizes.
Feb 28, 2025: 10 AI updates from the past week: Updates include OpenAI's GPT-4.5 preview, Anthropic's Claude 3.7 Sonnet and Claude Code, Google’s Gemini 2.0 Flash-Lite and free Gemini Code Assist, and Microsoft’s Phi-4 models.
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems: Although still available on the official package repository, most corresponding GitHub repositories have been taken down.
OpenSSF Publishes Security Baseline for Open-Source Projects: The Open Source Project Security Baseline (OSPS) is a tiered security framework designed to help open-source maintainers improve project security by aligning with international cybersecurity standards.
TypeScript 5.8 reaches general availability: The version introduces granular checks for branches in return expressions, performance optimizations, and improved ECMAScript module support.
C++ creator calls for help to defend programming language from 'serious attacks': As cybersecurity experts advocate for languages with inherent memory safety features, Stroustrup has proposed the Profiles memory safety framework to enhance C++'s safety without a complete overhaul.
🎓Tutorials and Learning Resources💡
Legend:🎓 Tutorial/Course | 💼 Case Study | 💡 Insight/Analysis | 📜 Academic Paper |
📖 Open Source Book
Python
💡The Secret Life of
__init__.py: Why This Tiny File Holds the Key to Python’s Magic: Explains the purpose and functionality of the__init__.pyfile in Python, highlighting its crucial role in treating directories as packages and organizing modules efficiently within a Python project.🎓How to boost Python program performance with Zig: Covers both C-style shared libraries and native Python extensions, while highlighting tools like Pydust for easier development.
For more Python resources, go to PythonPro
C# and .NET
🎓Building Local AI Agents: Semantic Kernel and Ollama in C#: Details setting up the environment, creating a simple non-agentic agent, and running it to handle basic interactions, focusing on integrating Small Language Models.
💡Unlock new possibilities for AI Evaluations for .NET: Introduces the Microsoft.Extensions.AI.Evaluations library, now open source, designed to integrate AI evaluation processes into .NET applications.
🎓Poisson Regression Using C#: Demonstrates a technique useful for predicting counts in data approximating a Poisson distribution, such as call volumes and explains how to set up a model, train it with synthetic data, and interpret results.
C++ and C
💡C++26: no more UB in lexing: Discusses the resolution of undefined behaviors in C++ lexing through Corentin Jabot's proposal, P2621R3, which has been accepted to amend issues dating back to C++98.
🎓The correct way to do type punning in C++: Explains the proper use of
std::bit_castin C++20 for safe type punning, replacing older methods that risk undefined behavior, in this informative tutorial.🎓Abusing C to implement JSON Parsing with Struct Methods: Covers parsing various JSON components such as atoms, arrays, and objects, and includes tips on managing memory and debugging.
Java
💡Microbenchmarks: Java Locks vs Atomic: Compares Java concurrency tools—
synchronized,ReentrantLock, andAtomicLong—in microbenchmarks, finding thatAtomicLongis the fastest.🎓SQL Injection in JDBC: A Technical Deep Dive: Using technical examples, the article explains that PreparedStatement separates SQL commands from data inputs, avoiding direct concatenation that leaves room for injection.
💡How Java’s try-finally Blocks Work Without catch: Explains how Java's try-finally blocks ensure cleanup tasks are completed regardless of exceptions, using examples to demonstrate this fundamental behavior
JavaScript and TypeScript
💡JavaScript Fatigue Strikes Back: Discusses the evolving JavaScript ecosystem, highlighting the complexity of choosing the right framework amidst rapid developments and new features like server-side rendering.
🎓Preventing race conditions: My experience with LockManager in JavaScript: Describes using the LockManager API in JavaScript to effectively prevent race conditions across multiple browser tabs by ensuring exclusive function execution.
💡Michigan TypeScript Founder Successfully Runs Doom Inside TypeScript's Type System: Mitropoulos achieved the remarkable feat by using an extensive and optimized codebase that processed 177 terabytes of TypeScript types to render the game.
Go
💡The cost of Go’s panic and recover: Explains how using Go's panic and recover for control flow is non-idiomatic and can degrade performance due to heavy computational demands and the mechanisms' tendency to prevent compiler optimizations.
🎓Tips to debug hanging Go programs: Takes you through a detailed example involving the gokrazy/rsync tool and covers using SIGQUIT to print stack traces, attaching the Delve debugger for deeper analysis, and more.
Rust
🎓Demystifying monads in Rust through property-based testing: Explores monadic patterns in depth, offering practical Rust code examples and demonstrating how these patterns can significantly slow down the shrinking process.
🎓Socrates is a state machine: Explores using Rust's async/await syntax, which de-sugars into a state machine, to write state machines for sans I/O network protocol APIs, demonstrating the process with the 9p protocol example.
Swift
💡What is Structured Concurrency?: Explains the paradigm's benefits for simplifying asynchronous programming by improving code readability, maintainability, and error handling, contrasting it with previous methods that used closures and Grand Central Dispatch.
💡Clean Architecture + Swift 6: Discusses integrating Swift 6 features into an existing Clean Architecture setup for SwiftUI, detailing the transition to async/await for better asynchronous handling, and more.
PHP
💡The problem with indirections: Discusses the problematic overuse of indirections in programming, such as unnecessary variables, methods, and interfaces that complicate code and reduce maintainability.
🎓Selenium in PHP for Web Scraping: A Step-by-Step Guide!: Covers setup, code examples, and best practices for effectively extracting data from dynamic JavaScript-heavy websites.
SQL
📜Debunking the Myth of Join Ordering: Toward Robust SQL Analytics: Introduces Robust Predicate Transfer (RPT), a new approach to SQL join order optimization that ensures robustness against varying join orders in acyclic queries.
💡This Is Probably the Most Perfect Programming for Solving SQL Data Analysis Pain Points: Introduces esProc SPL as a superior alternative to SQL for complex data analysis tasks, highlighting its ability to process local file data directly without a database, and its simpler, procedural syntax.
Ruby
📖Open Source Book | I Love Ruby: A a comprehensive guide to learning Ruby covering installation, tools, basic to advanced programming concepts, and real-world examples and exercises.
💡What's The Deal With Ractors?: Delves into the functionality and practicality of Ractors in Ruby, emphasizing their design for in-process parallelism without fully eliminating the Global VM Lock (GVL).
Kotlin
💼Kotlin Multiplatform (KMP) Scalability Challenges on a Large Project: Delves into the challenges and benefits of migrating a product feature from native development to KMP, and offers insights into KMP's performance and integration into existing systems.
🎓Kotlin
inlinereifiedto Solve Type Erasure, and a Practical Guide onnoinline,crossinline, and More: Covers inline and reified keywords, explains their combined usage through practical examples, and discusses performance benefits and limitations.
🌟Advanced Concepts🚀
🎓Roadmap: Understanding GPU Architecture: Aims to explain the key architectural features of GPUs, how they compare to CPUs, and the implications for programming General-Purpose computing on GPUs (GPGPU).
🎓Building AI Agents from Scratch | Full Course: Compiles four lessons on agentic design patterns into a single course, covering reflection, tool use, planning (React), and multi-agent patterns. Each pattern is implemented from scratch using Python and Groq as the LLM provider.
💼Adopting Arm at Scale: Transitioning to a Multi-Architecture Environment: Details Uber's strategic scale-up from implementing Arm-based hosts in a primarily x86 infrastructure to a multi-architecture system involving thousands of services.
💼Implementing a virtual rail architecture: Explains how IBM adapted traditional leaf/spine networking with virtual rail redundancy to balance network performance and reliability, addressing issues like unbalanced queue-pairs, Ethernet port utilization, and redundancy failures.
💡Architectures of modern Front-end applications: Compares classical, modular, and Feature Sliced Design (FSD) architectures in modern front-end development, explaining their structures, benefits, and trade-offs.
🧠Expert Insight📚
Here’s an excerpt from “Chapter 10: Anti-Patterns and Workarounds" in the book, TypeScript 5 Design Patterns and Best Practices, Second Edition, by Theofanis Despoudis, published in February 2025.
Using idiomatic code from other languages
When developers transition to TypeScript from other languages, they often bring coding patterns and idioms that may not be ideal in TypeScript. Although many programming concepts are shared between many languages,
such as control loops, classes, and functions, there are many other concepts particular to one language that cannot be used in a different language.
In the next subsections, we show some obvious cases where using some idiomatic constructs from other languages will not work well with TypeScript, starting first with the Java language.
From the Java language
Java developers often use Plain Old Java Objects (POJOs) or JavaBeans. Let’s look at how this pattern might be inappropriately applied in TypeScript and then how to improve it.
POJO is a naming convention for creating a class that follows some rules, especially in the context of Java EE where object serialization is crucial for some operations. The more standardized version of POJOs is the JavaBean naming convention. When following this convention, you will need to adhere to the following rules:
Access levels: We mark all properties as
privateand we only allowgetterandsettermethods for access or modification.Method names: When defining
getters, you will need to prefix the method withget– for example,getName()orgetEmail(). When definingsetters, you will need to prefix the method withset– for example,setName()orsetEmail().Default constructor: You need to use a constructor with no arguments and it must be
public.Serializable: The class needs to implement the
Serializableinterface.
To understand why using POJOs in TypeScript is not ideal, we’ll show an example class in TypeScript for a typical Employee model:
Idiomatic-code.ts
class Employee {
constructor(private id: string, private name: string) {}
getName(): string {
return this.name
}
setName(name: string) {
this.name = name
}
getId(): string {
return this.id
}
setId(id: string) {
this.id = id
}
}
If you attempt to declare more than one constructor in TypeScript, then you will find that it’s not allowed, so you cannot provide both a no-argument constructor and another one with arguments. Additionally, TypeScript will complain if you provide a no-argument constructor as the property’s name and ID may have not been initialized.
You will see the following errors:
Figure 10.1 – TypeScript compiler message when it complains when you use a no-argument constructor
The concept of serialization applies to Java only, so it’s not relevant to TypeScript. However, you can serialize plain TypeScript objects using the JSON.stringify method as follows:
console.log(JSON.stringify(new Employee("Theo", "1")));
//{"id":"Theo","name":"1"}
You will find that this works only for basic cases and does not handle polymorphism, object identity, or when containing native JavaScript types such as Map , Set , or BigInt . However, in most cases, you can implement a custom object mapper or use a Factory Method to convert an object to JSON and vice versa.
The use of get /set methods is overly verbose and not needed most of the time. If you want to provide encapsulation, you can only have getter methods and if you want to modify an existing Employee class method, you just create a new Employee instance with the updated field name instead:
const theo = new Employee("Theo", "1");
new Employee(theo.getName(), "2");
Finally, you may opt out of using classes altogether as you can work with types, type assignments, and object de-structuring, as follows:
Idiomatic-code.ts
interface Employee {
readonly id: string;
readonly name: string;
readonly department: string;
}
function createEmployee(id: string, name: string,
department: string): Employee {
return { id, name, department };
}
function updateEmployee(employee: Employee,
updates: Partial<Employee>): Employee {
return { ...employee, ...updates };
}
const emp = createEmployee('1', 'John Doe', 'IT');
console.log(emp.name); // John Doe
const updatedEmp = updateEmployee(emp,
{ department: 'HR' });
console.log(updatedEmp.department); // HR
This approach uses an interface instead of a class for simple data structures and provides factory functions for creation and updates, promoting immutability. This form is more idiomatic TypeScript and is the preferred way to work with types.
Now let’s look at some of the idiomatic constructs from the Go language.
TypeScript 5 Design Patterns and Best Practices, Second Edition was published in February 2025. Packt library subscribers can continue reading the entire book for free or you can buy the book here!
Get the eBook for $31.99 $27.99
🛠️Useful Tools⚒️
onyx: An open-source Gen-AI and enterprise search platform that integrates with any LLM, connects to 40+ enterprise apps, and enables secure, scalable AI-powered research, chat, and custom agents.
globstar: An open-source static analysis tool that lets developers write and run custom checkers using tree-sitter queries or Go in a single binary, integrating easily into CI/CD pipelines.
drawdb: A free, browser-based database schema editor and SQL generator that lets you create, customize, and export diagrams effortlessly without an account.
That’s all for today.
We have an entire range of newsletters with focused content for tech pros. Subscribe to the ones you find the most useful here.
If your company is interested in reaching an audience of developers, software engineers, and tech decision makers, you may want to advertise with us.
If you have any suggestions or feedback, or would like us to find you a learning resource on a particular subject, just leave a comment below!