Apple releases open source language ‘Pkl’ for configuration management
Apple has unleashed Pkl (pronounced as ‘pickle’), a game-changing open source language designed for configuration management. Departing from the norm, Pkl simplifies the intricate task of handling settings through a user-friendly key-value format, unlike traditional imperative languages.
Simply put, instead of navigating complex scripts, users tell Pkl their desired outcomes, and the language handles the rest. “Imagine you have many settings for different things, like your phone brightness or Wi-Fi password. Instead of writing complicated instructions, you just tell Pkl what you want the outcome to be, and it takes care of the rest,” explained a spokesperson from Apple.
Beyond user-friendliness, Pkl prioritises data integrity and security through measures such as type checking, sandboxing, and the principle of least privilege. Versatile in configuring various systems and applications, Pkl has been an internal asset at Apple for years. Now, as an open source project, it invites community contributions and broader adoption.
Basic editor plugins for VS Code and Neovim further enhance the user experience, providing syntax highlighting and code folding. Apple’s move to release Pkl aligns with its commitment to open source software, seen in past contributions like the Swift programming language and Foundation libraries.
Pkl stands out as a promising tool, bridging the gap for efficient configuration management while embracing collaboration within the programming community.
NCS reports the progress made in securing open source software
The Office of the National Cyber Director (NCS) in the US government has released the End of Year Report on the Open Source Software Security Initiative (OS3I). The report outlines advancements in securing open source software, acknowledging the
challenges posed by vulnerabilities like the Log4Shell incident in 2021. It stresses the widespread use of open source code in various applications, emphasising the need for a transparent and collaborative development process.
The report underlines the US government’s commitment to open source security through the Open Source Software Security Initiative (OS3I). Efforts in 2023 focused on unifying the federal government’s stance, strategising secure approaches, promoting long-term investment, and building trust within the open source community.
A key challenge identified was the lack of best practices in secure development within open source projects. The Cyber Safety Review Board’s analysis of Log4Shell noted the absence of coordinated vulnerability response teams in these projects.
The report also highlights the difficulty companies face in identifying vulnerabilities within their open source code, compounded by inadequate contributions back to these projects. The National Science Foundation and the Cybersecurity and Infrastructure Security Agency (CISA) took steps in 2023 to fortify the open source ecosystem, emphasising memory-safe languages and software bill of materials.
A request for information on open source software security was also released, seeking expert opinions. Looking ahead, the OS3I will continue investing in secure software development and engaging the community for policy solutions.
The White House’s commitment to securing open source software remains steadfast, with the OS3I poised to enhance the ecosystem’s security in 2024 by incorporating insights gathered from the information request.
tea Protocol unveils Incentivised Testnet
The tea Protocol has announced the launch of its long-awaited Incentivised Testnet. This move is designed to seamlessly connect Web2 open source codebases to Web3, providing sustainability and equitable rewards for developers.
Beginning February 21st, this year, open source developers can actively participate in the tea Protocol, earning rewards for their contributions. The wider community, including non-developers, is also encouraged to engage in various incentivised activities on the blockchain.
Max Howell, the founder of tea and creator of Homebrew, stated, “The launch of the Incentivised Testnet for the tea Protocol is a landmark achievement for open source developers and advocates worldwide.”
The Incentivised Testnet serves as a crucial step in the tea Protocol’s journey toward a robust mainnet on the Base blockchain. This testing phase ensures the network’s efficiency, security, and overall success.
Key features of the Incentivised Testnet include a waitlist offering limited opportunities, detailed insights into $TEA tokenomics, comprehensive documentation access, teaRank for project visibility, and tea points accumulation for both developers and non-developers.
Joining the Incentivised Testnet provides an opportunity to be part of a pioneering movement in open source software, engaging with a forward-thinking community and understanding tea’s tokenomics.
China shifts to open source chips amid rising US export controls
China is strategically embracing open source chips, notably the RISC-V architecture, as the US tightens export controls on advanced semiconductors. The People’s Liberation Army’s (PLA) Academy of Military Sciences recently patented a high-performance chip, showcasing China’s bid to reshape the global chip market and withstand US sanctions.
RISC-V, an open source standard, is becoming integral to Beijing’s plan to reduce reliance on Western technology. The architecture, though a fraction of the chip market, offers geopolitical neutrality, noted the Shanghai government’s Science and Technology Commission.
Investments in RISC-V by Beijing and sanctioned entities have surpassed $50 million between 2018 and 2023, fostering breakthroughs in applications like self-driving cars and data storage centres. While ARM dominates the Chinese market, RISC-V is emerging as a strategic bet, with the performance gap narrowing.
China’s military involvement in RISC-V is evident, with research institutes linked to the PLA actively promoting the architecture. State-owned Dongfeng
Motor Corporation successfully developed an automotive MCU chip using RISC-V, demonstrating its versatility.
China’s measured investment in RISC-V underscores its commitment to establishing technological selfsufficiency, navigating around potential export restrictions. The move reflects a calculated strategy, as
China positions itself in the evolving landscape of global chip development.
ReactOS overhauls GUI install setup
ReactOS, often hailed as the ‘open source Windows’, has rolled out a substantial upgrade, primarily focusing on refining its graphical user interface (GUI) installation process. This comes on the heels of the November 2023 release, where ReactOS achieved 64-bit UEFI bootability across a wider array of devices. The recent update addresses the GUI-mode setup, offering users an alternative to the existing text-mode installer, known as ‘USETUP’.
ReactOS justified this move by emphasising the importance of a userfriendly interface. The project, aiming to be a viable Windows alternative, seeks to provide a streamlined experience comparable to its proprietary counterpart.
The GUI setup introduces a wizard-style interface, allowing users to navigate back and forth between different pages, departing from the linear approach of the text-mode USETUP. Displayed through a series of screenshots, the GUI design echoes the simplicity of classic Windows setups, reminiscent of Windows 95.
Users can easily choose the target directory for ReactOS installation through the ‘Advanced Options’.
However, the update comes with a caveat. Despite UEFI support, GPT (GUID Partition Table) functionality remains absent. ReactOS users anticipating GPT benefits will need to wait for future releases, as the current update does not address this limitation.
Progress announces an update to OpenEdge
Progress has unveiled the latest update to its application development platform, OpenEdge, marking a significant stride in infrastructure software. It serves over 100,000 customers worldwide and is a pivotal tool in enhancing critical business applications’ development, deployment, and management, ensuring they are more secure, scalable, and agile.
The platform is designed to cater to diverse professionals, from ABL (Advanced Business Language) developers and database administrators to security experts, by offering improved productivity tools, streamlined management capabilities, and advanced security measures.
The new version introduces significant enhancements to developer productivity. Integrating OpenTelemetry offers comprehensive observability through operational metrics and trace information, aiding in application management and performance optimisation. Additionally, incremental build support facilitates rapid development cycles by allowing quick rebuilds of affected codebase sections.
On the integration and management front, the platform brings forth improved monitoring and administration features. It enables real-time messaging and data streaming through Apache Kafka integration and introduces the OpenEdge Command Center (OECC) for simplified application management. The update also addresses database maintenance, allowing more tasks to be performed online, thus minimising downtime.
Security receives a substantial boost in the platform, with the introduction of Dynamic Data Masking (DDM) for data privacy compliance, Hardware Security Module (HSM) support for enhanced cryptographic security, and Transport Layer Security (TLS) 1.3 for improved encryption protocols.
The platform is a premier choice for developing enterprise applications requiring high performance and reliability across various industries, including healthcare, financial services, and manufacturing. The application development platform is now available, offering a comprehensive solution for modern business application needs.
Silicon Labs and Arduino partner to accelerate IoT development
Silicon Labs has announced a strategic partnership with Arduino. This collaboration aims to empower Arduino’s vast community of 33 million developers by facilitating the seamless development of Matter over Thread applications, marking a significant milestone in IoT (Internet of Things) innovation.
For the first time, Arduino will offer Matter software libraries, developed in collaboration with Silicon Labs. These libraries are now available on the xG24 Explorer Kit from Silicon Labs and the SparkFun Thing Plus Matter – MGM240P development board, which is based on the xG24. Rob Shane, vice president of mass market sales and applications at Silicon Labs, highlighted the synergy between the two companies, noting that this collaboration combines the ease of use and the powerful development environment of Arduino with the advanced security, energy efficiency, and processing power of Silicon Labs-based hardware.
The collaboration also unveils a treasure trove of resources for developers, including code samples, reference designs, and documentation, all accessible on the Arduino Core for Silicon Labs Devices GitHub page. This initiative is poised to accelerate Matter development for Silicon Labs developers, lowering the barriers to entry and making it easier than ever to create Matter devices. Arduino’s ecosystem, known for its hardware products, software solutions, and cloud services, thrives on its open source nature and the active participation of its community. Fabio Violante, CEO of Arduino, expressed enthusiasm about the partnership, emphasising its role in democratising Matter application development and fostering innovation in the IoT landscape.
The partnership aligns with Silicon Labs’ goal of simplifying IoT development, highlighting the company’s commitment to evolving its development tools.