Intel has open-sourced ControlFlag , a tool that uses machine learning to detect problems in computer code -- ideally to reduce the time required to debug apps and software. From a report: In tests, the company's machine programming research team says that ControlFlag has found hundreds of defects in proprietary, "production-quality" software, demonstrating its usefulness. "Last year, ControlFlag identified a code anomaly in Client URL (cURL), a computer software project transferring data using various network protocols over one billion times a day," Intel principal AI scientist Justin Gottschlich wrote in a blog post on LinkedIn.

"Most recently, ControlFlag achieved state-of-the-art results by identifying hundreds of latent defects related to memory and potential system crash bugs in proprietary production-level software. In addition, ControlFlag found dozens of novel anomalies on several high-quality open-source software repositories." The demand for quality code draws an ever-growing number of aspiring programmers to the profession. After years of study, they learn to translate abstracts into concrete, executable programs -- but most spend the majority of their working hours not programming. A recent study found that the IT industry spent an estimated $2 trillion in 2020 in software development costs associated with debugging code, with an estimated 50% of IT budgets spent on debugging.

The Food and Drug Administration approved a virtual reality-based treatment for children with the visual disorder amblyopia, or lazy eye, the company behind the therapy announced today. The Verge reports: Luminopia's approach uses TV and movies to develop the weaker eye and train the eyes to work together. Patients watch the show or movie through a headset that shows the images to each eye separately. The images shown to the stronger eye have a lower contrast, and the images are presented with overlays that force the brain to use both eyes to see them properly. Kids using the therapy and wearing glasses had more improvement in their vision than a similar group of kids who did not use the therapy and just wore corrective glasses full time during a clinical trial of the technology. After 12 weeks watching the shows one hour per day, six days per week, 62 percent of kids using the treatment had a strong improvement in their vision. Only around a third of the kids in the comparison group had similar improvements over the course of the 12 weeks.

Luminopia has over 700 hours of programming in its library, and it partnered with kids' content distributors like Nelvana and Sesame Workshop to develop the tool. The authors of the clinical trial wrote that they think that the option to pick popular videos might be one reason users stuck to the program -- people followed the treatment plan 88 percent of the time. Less than 50 percent of patients stick to eye patches or blurring drops. With the approval, Luminopia joins only a handful of companies with clearance to offer a digital therapeutic as a prescription treatment for medical conditions. Last year, the FDA approved a prescription video game called EndeavorRx, which treats ADHD in kids between eight and 12 years old. Luminopia said in a statement that it plans to launch the treatment in 2022.

"One of Python's long-standing weaknesses, its inability to scale well in multithreaded environments, is the target of a new proposal among the core developers of the popular programming language," reports InfoWorld: Developer Sam Gross has proposed a major change to the Global Interpreter Lock, or GIL — a key component in CPython, the reference implementation of Python. If accepted, Gross's proposal would rewrite the way Python serializes access to objects in its runtime from multiple threads, and would boost multithreaded performance significantly... The new proposal makes changes to the way reference counting works for Python objects, so that references from the thread that owns an object are handled differently from those coming from other threads.

The overall effect of this change, and a number of others with it, actually boosts single-threaded performance slightly — by around 10%, according to some benchmarks performed on a forked version of the interpreter versus the mainline CPython 3.9 interpreter. Multithreaded performance, on some benchmarks, scales almost linearly with each new thread in the best case — e.g., when using 20 threads, an 18.1x speedup on one benchmark and a 19.8x speedup on another.

Following a brief beta-testing period, Ubuntu 21.10 has finally become available to download in the "final" stable form. BetaNews: Code-named "Impish Indri," this version of Ubuntu is not a Long Term Support (LTS) version, so it is only supported for nine months. Ubuntu 21.10 features Linux kernel 5.13 and a Snap variant of the Mozilla Firefox browser. "Ubuntu 21.10 brings the all-new PHP 8 and GCC 11 including full support for static analysis, greatly improving everyday developer security awareness in low-level programming. With Gnome 40 desktop users gain dynamic workspaces and touchpad gestures. The new Firefox snap, published by Mozilla, improves security and guarantees access to both the latest and the extended support release versions of the browser. The exact same versions of the browser are available on multiple different versions of Ubuntu, simplifying enterprise developer platform management," says Canonical.

Blender today announced that Apple has joined the Blender Development Fund to support continued development of the free open source 3D graphics tool. From a report: Alongside a contribution to the Development Fund, Apple will provide engineering expertise and additional resources to Blender and its broader development community to help support Blender artists and developers, according to the announcement. Blender CEO Ton Roosendaal said the announcement means that "macOS will be back as a complete supported Blender platform."

Epic Games is considering launching an entertainment division focused on scripted video programming, The Information reported Monday, citing people familiar with the situation. From the report: The maker of hit videogame Fortnite is looking to diversify amid legal battles with Apple and Google that have hurt its ability to expand in the mobile market. The division could develop projects including a feature film based on Fortnite, the people said. Such a film has already been discussed. Planning for the entertainment division follows the hiring in 2021's first two months of several executives from Lucasfilm, including Jason McGatlin, formerly vice president of Physical Production at Lucasfilm and now president of Special Projects at Epic. McGatlin was executive producer of all the "Star Wars" films released under Disney. Other hires from Lucasfilm are Lynn Bartsch, Epic's head of Business Affairs, and Chris Furia, Epic's vice president of Production Finance, according to the executives' LinkedIn profiles.

ZDNet reports: "Python 3.10.0 is the newest major release of the Python programming language, and it contains many new features and optimizations," CPython maintainers announced in a blogpost...

One of the headline features is "structural pattern matching" in Python 3.10 -- a technique for handling data that's already available in C, Java, JavaScript, Scala and Elixir. "Structural pattern matching has been added in the form of a match statement and case statements of patterns with associated actions. Patterns consist of sequences, mappings, primitive data types as well as class instances. Pattern matching enables programs to extract information from complex data types, branch on the structure of data, and apply specific actions based on different forms of data," the project explains in release 3.10 notes. "While structural pattern matching can be used in its simplest form comparing a variable to a literal in a case statement, its true value for Python lies in its handling of the subject's type and shape," it adds.

Python core contributors presented the update in a meeting this week. Pablo Galindo Salgado, a physicist and core Python contributor, explained how the project is using Microsoft's GitHub Actions DevOps (CI/CD) tools to test Python changes on Windows, Linux and macOS systems. "When you merge something to Python, there is a CI in GitHub Actions, and we have other providers, although we are mainly using GitHub Actions now. It tests your commits on every single commit on Linux, Windows, and macOS," said Salgado.
Besides better error messages (including more precise and reliable line numbers for debugging), other changes to the language include overloading the pipe operator to allow a new syntax for writing union types, and type aliases (a kind of user-specified type, offering a way to explicitly declare an assignment as a type alias).

ZDNet reports that Python "is now the most popular language, according to one popularity ranking."

"For the first time in more than 20 years we have a new leader of the pack..." the TIOBE Index announced this month. "The long-standing hegemony of Java and C is over."

When Slashdot reached out to Guido van Rossum for a comment, he replied "I honestly don't know what the appropriate response is...! I am honored, and I want to thank the entire Python community for making Python so successful."

ZDNet reports: [I]t seems that Python is winning these days, in part because of the rise of data science and its ecosystem of machine-learning software libraries like NumPy, Pandas, Google's TensorFlow, and Facebook's PyTorch. Python is also an easy-to-learn language that has found a niche in high-end hardware, although less so mobile devices and the web — an issue that Python creator Guido van Rossum hopes to address through performance upgrades he's working on at Microsoft.

Tiobe, a Dutch software quality assurance company, has been tracking the popularity of programming languages for the past 20 years. Its rankings are based on search terms related to programming and is one measure of languages that developers should consider learning, along with IEEE Spectrum's list and a ranking produced by developer analyst RedMonk. JavaScript, the default for front-end web development, is always at the top of RedMonk's list. For Tiobe, its enterprise focus, has seen Java and C dominate in recent years, but Python has been snapping at the heels of Java, and has now overtaken it...

Python's move to top spot on the Tiobe index was a result of other languages falling in searches rather than Python rising. With an 11.27% share of searches, it was flat, while second place language C fell 5.79% percentage points compared to October last year down to 11.16%. Java made way for Python with a 2.11 percentage point drop to 10.46%.

Other languages that made the top 10 in Tiobe's October 2021 index: C++, C#, Visual Basic, JavaScript,. SQL, PHP, and Assemblyy Language. Also rising on a year-on-year basis and in the top 20 were Google-designed Go, number-crunching favorite MATLAB, and Fortran.
"Python, which started as a simple scripting language, as an alternative to Perl, has become mature," TIOBE says in announcing its new rankings.

"Its ease of learning, its huge amount of libraries, and its widespread use in all kinds of domains, has made it the most popular programming language of today. Congratulations Guido van Rossum!"

An Iowa data scientist with a computer engineering degree and a Harvard MBA has come forward as the whistleblower leaking damaging information about Facebook to the Wall Street Journal — and that's just the beginning. They've now also filed at least eight complaints with America's Securities and Exchange Commission, "which has broad oversight over financial markets and has the power to bring charges against companies suspected of misleading investors," reports the Washington Post. To buttress the complaints, the whistleblower secretly copied "tens of thousands" of pages of internal Facebook research, according to a report tonight on the CBS News show 60 Minutes, which summarizes her ultimate conclusion: "that the company is lying to the public about making significant progress against hate, violence and misinformation.

"One study she found from this year says 'We estimate that we may action as little as 3 to 5% of hate, and about 0.6% of violence and incitement on Facebook. Despite being the best in the world at it." Another internal Facebook document admits point-blank that "We have evidence from a variety of sources that hate speech, divisive political speech and misinformation on Facebook and the family of apps are affecting societies around the world."

60 Minutes points out that Facebook "has 2.8 billion users, which is 60% of all internet-connected people on Earth."

[Whistleblower Frances] Haugen told us the root of Facebook's problem is in a change that it made in 2018 to its algorithms — the programming that decides what you see on your Facebook news feed... "One of the consequences of how Facebook is picking out that content today is it is optimizing for content that gets engagement, or reaction. But its own research is showing that content that is hateful, that is divisive, that is polarizing, it's easier to inspire people to anger than it is to other emotions... Facebook has realized that if they change the algorithm to be safer, people will spend less time on the site, they'll click on less ads, they'll make less money."
60 Minutes reports that Facebook was even contacted by "major political parties across Europe," according to leaked internal documents which say the parties specifically complained that a change Facebook's algorithm "has forced them to skew negative in their communications on Facebook... leading them into more extreme policy positions." (Or, as 60 Minutes puts it, "The European political parties were essentially saying to Facebook the way you've written your algorithm is changing the way we lead our countries." The whistleblower sees their position as "You are forcing us to take positions that we don't like, that we know are bad for society. We know if we don't take those positions, we won't win in the marketplace of social media." Haugen says Facebook understood the danger to the 2020 Election. So, it turned on safety systems to reduce misinformation — but many of those changes, she says, were temporary. "And as soon as the election was over, they turned them back off or they changed the settings back to what they were before, to prioritize growth over safety. And that really feels like a betrayal of democracy to me." Facebook says some of the safety systems remained. But, after the election, Facebook was used by some to organize the January 6th insurrection....

After the attack, Facebook employees raged on an internal message board copied by Haugen. "...Haven't we had enough time to figure out how to manage discourse without enabling violence?"
The whistleblower will now appear Tuesday before a U.S. Senate Commerce consumer protection subcommittee — and has already shared some of their documents with Congressional offices probing Facebook, according to the Washington Post. "It's important because Big Tech is at an inflection point," the whistleblower's lawyer tells the newspaper. They argue that ultimately Big Tech "touches every aspect of our lives — whether it's individuals personally or democratic institutions globally. With such far reaching consequences, transparency is critical to oversight.

"And lawful whistleblowing is a critical component of oversight and holding companies accountable."

Oracle's Java magazine takes a look at some current JDK Enhancement Proposals, "the vehicle of long standing for updating the Java language and the JVM." Today, concurrency in Java is delivered via nonlightweight threads, which are, for all intents, wrappers around operating-system threads... Project Loom aims to deliver a lighter version of threads, called virtual threads. In the planned implementation, a virtual thread is programmed just as a thread normally would be, but you specify at thread creation that it's virtual. A virtual thread is multiplexed with other virtual threads by the JVM onto operating system threads. This is similar in concept to Java's green threads in its early releases and to fibers in other languages... Because the JVM has knowledge of what your task is doing, it can optimize the scheduling. It will move your virtual thread (that is, the task) off the OS thread when it's idle or waiting and intelligently move some other virtual thread onto the OS thread. When implemented correctly, this allows many lightweight threads to share a single OS thread. The benefit is that the JVM, rather than the OS, schedules your task. This difference enables application-aware magic to occur behind the curtains...

Project Valhalla aims to improve performance as it relates to access to data items... by introducing value types, which are a new form of data type that is programmed like objects but accessed like primitives. Specifically, value types are data aggregates that contain only data (no state) and are not mutable. By this means, [value types] can be stored as a single array with only a single header field for the entire array and direct access to the individual fields...

Project Panama simplifies the process of connecting Java programs to non-Java components. In particular, Panama aims to enable straightforward communication between Java applications and C-based libraries...

Several Amber subprojects are still in progress.

Sealed classes, which have been previewed in the last few Java releases and are scheduled to be finalized in Java 17. Sealed classes (and interfaces) can limit which other classes or interfaces can extend or implement them...

Pattern matching in switches is a feature that will be previewed in Java 17...
The article concludes that Java's past and current projects "testify to how much Java has evolved and how actively the language and runtime continue to evolve."

An anonymous reader writes: This week saw the annual check-in with Linux creator Linus Torvalds at the Open Source Summit North America, this year held in Seattle (as well as virtually). Torvalds took the stage for the event's traditional half-hour of questions from Dirk Hohndel, an early Linux contributor (now also the chief open source officer and vice president at VMware) in an afternoon keynote session.... And the theme of community seemed to keep coming up — notably about what that community has ultimately taught Linus Torvalds. (For example, while Torvalds said he'd originally planned on naming the operating system Freax, "I am eternally grateful for two other people for having more taste than I did.")

But even then Linux was a project that "I probably would've left behind," Torvalds remembered, "if it was only up to me." Torvalds credits the larger community for its interest (and patches) "that just kept the motivation going. And here we are 30 years later, and it's still what keeps the motivation going. Because as far as I'm concerned, it's been done for 29 of those 30 years, and every single feature ever since has been about things that other people needed or wanted or were interested in."

Torvalds also says "I'm very proud of the fact that there's actually a fair number of people still involved with the kernel that came in in 1991 — I mean, literally 30 years ago.... I think that's a testament to how good the community, on the whole, has been, and how much fun it's been."

And Torvalds says you can see that sense of fun in discussions about writing some Linux kernel modules using Rust. "From a technical angle, does that make sense?" Torvalds asked. "Who knows. That's not the point. The point is for a project to stay interesting — and to stay fun — you have to play with it....

"Probably next year, we'll start seeing some first intrepid modules being written in Rust, and maybe being integrated in the mainline kernel."
"I really love C," Torvalds said at one point. "I think C is a great language, and C is, to me, is really a way to control the hardware at a fairly low level..." Yet Torvalds also saw Hohndel's analogy that it can be like juggling chainsaws. As a long-time watcher of C, Torvalds knows that C's subtle type interactions "are not always logical" and "are pitfalls for pretty much anybody. And they're easy to overlook, and in the kernel that's not always a good thing." Torvalds called Rust "the first language I saw which looked like this might actually be a solution"

The American media company Ozy "boasted of a large audience for its general interest website, its newsletters and its videos," remembers the New York Times, calling it "a Gen X dream of what millennial media ought to be: earnest, policy-focused, inclusive, slickly sans-serif." Ozy was founded in 2013 with seed funding from Laurene Powell Jobs, followed by further investments that by 2020 were over $83 million (according to the data service PitchBook).

But the Times reports that something strange happened last winter while Ozy was pursuing a $40 million investment from Goldman Sachs: Ozy said it had a great relationship with YouTube, where many of its videos attracted more than a million views... That's what the Zoom videoconference on February 2 that Ozy arranged between the Goldman Sachs asset management division and YouTube was supposed to be about. The scheduled participants included Alex Piper, the head of unscripted programming for YouTube Originals.

He was running late and apologized to the Goldman Sachs team, saying he'd had trouble logging onto Zoom, and he suggested that the meeting be moved to a conference call, according to four people who were briefed on the meeting, all of whom spoke on the condition of anonymity to reveal details of a private discussion. Once everyone had made the switch to an old-fashioned conference call, the guest told the bankers what they had been wanting to hear: that Ozy was a great success on YouTube, racking up significant views and ad dollars, and that [CEO/co-founder Carlos] Watson was as good a leader as he seemed to be. As he spoke, however, the man's voice began to sound strange to the Goldman Sachs team, as though it might have been digitally altered, the four people said.

After the meeting, someone on the Goldman Sachs side reached out to Mr. Piper, not through the Gmail address that Mr. Watson had provided before the meeting, but through Mr. Piper's assistant at YouTube. That's when things got weird. A confused Mr. Piper told the Goldman Sachs investor that he had never spoken with her before. Someone else, it seemed, had been playing the part of Mr. Piper on the call with Ozy.
Four people told the Times that CEO Watson later said the voice on the call belonged to Ozy co-founder/chief operating officer Samir Rao and attributed the incident to a temporary mental health crisis. Ozy's chairman of the board called it "an unfortunate one-time event." But in addition the site's editor-at-large — who was fired earlier this year — says Ozy's claims of 50 million unique users a month "seemed high," according to the Times: In 2017, BuzzFeed News reported that Ozy had been among the publishers buying web traffic from "low-quality sources," companies using systems that caused articles to pop open under a reader's browser without the reader's knowledge. Ozy said it had been buying the traffic to build its email lists and had not billed advertisers for those views... Ozy doesn't rely on standard measurements of traffic, but the best known service, Comscore, shows nothing close to the company's public claims. According to Comscore, Ozy reached nearly 2.5 million people during some months in 2018, but only 230,000 people in June 2021 and 479,000 in July.

Mr. Watson called the Comscore numbers "incomplete," noting they don't include impressions on platforms ranging from social media to television and podcasts.
The Times' story "triggered canceled shows, an internal investigation, investor concern and high-level departures at the company," ABC News reported Friday. And the same day the Times delivered one more update — that Ozy was shutting down: In an article in The Times on Thursday, Brad Bessey, an Emmy-winning executive producer, and Heidi Clements, a longtime TV writer, said Ozy executives had misled them while they were working on "The Carlos Watson Show," Mr. Watson's talk show, for the company. Specifically, they said, executives told them that the show would appear on the cable network A&E. Mr. Bessey resigned when he learned there was no such deal in place, and the show ended up appearing on YouTube and the Ozy website.

Also this week: Advertisers including Chevrolet, Walmart, Facebook, Target and Goldman Sachs itself — many of which had been paying for placement on "The Carlos Watson Show" — hit the brakes on their spending with Ozy. By Friday afternoon, Mr. Watson and the other remaining board member, Michael Moe (another high-profile investment figure, who had published a book called "Finding the Next Starbucks"), concluded that the company could not recover and issued the farewell statement through a spokeswoman....

The Ozy staff received the news that the company was no more on Friday afternoon.

An anonymous reader shares an excerpt from a ZDNet article, written by Liam Tung: [A] survey has come up with another reason why your engineers might want to quit -- their fellow developers' terrible code. Software engineers have long struggled with 'technical debt' created by past coding practices that might have been clever but also were undocumented and exotic. At a high level, technical debt is the price paid by supporting legacy systems rather than overhauling them or implementing a better, new system. The term can span everything from a major IT implementation, such as a core banking system that requires a decade of bug fixes, to the choice of programming language to build backend systems. In the latter case, subsequent language updates can require today's developers to rewrite old code written by long-gone developers who wrote under different conditions and who might not have documented what they did and why they did it. That's a big problem for companies that have millions of lines of code written in a language.

Stepsize, a firm that focuses on technical debt by tracking development issues in major code editors such as VS Code, conducted a fairly small survey of 200 software engineers to find out why they leave their jobs. The company said that 51% of engineers in its survey have considered leaving or left a job because of technical debt. Of that group who feel irked by technical debt issues, some 20% said that type of debt is the main reason they left a company. The results should be taken in context: the company's key selling point is trying to solve technical debt challenges that organizations face, but at the same time, technical debt could be one area worthy of attention considering how hard it is to hire and retain software engineers.

Technical debt, or 'code quality and codebase health', was the fourth most important issue cited by respondents. Salary still trumped it, with 82% citing it as one of the "most important factors" when interviewing for a new role. The survey allowed respondents to choose several primary factors. "Technical challenges and growth opportunities" was the second priority, with 75% choosing it as the one of the most important factors. Some 68% of respondents said remote work was the most important actor, while 62% put said 'code quality and codebase health' was one of those prime factors. Slashdot reader ellithligraw first shared the report, adding: "Yet another reason developers are quitting... to escape the technical debt, or schlock code, or code rot. COBOL anyone?"

Stack Overflow's copy-paste keyboard, an April Fools' Day prank that ribbed lazy programmers, is now actually for sale. CNET reports: It's been a joke in programming circles for years: Instead of writing your code from scratch, just head over to the Stack Overflow forums and copy the way another programmer already solved your problem. The meme is such a fixture that Stack Overflow turned it into an April Fools' Day prank this year, saying it would limit free access to its site unless people bought The Key, a device with buttons for opening Stack Overflow, copying and pasting. Enough people said they'd actually buy one that Stack Overflow, with help from keyboard aficionado Cassidy Williams and custom keyboard maker Drop, designed one for real and began selling it for $29. A portion of the keyboard sales' proceeds will go to Digitalundivided, a nonprofit set up to help Black and Latinx women succeed as technology entrepreneurs. Further reading: How Often Do People Actually Copy and Paste From Stack Overflow?

"According to one measure, Python is potentially on the verge of becoming the most popular computer programming language," reports ZDNet, joining C and Java as the only other two languages to attain the #1 spot.

Of course, it depends on who's making the list... Python has been snapping at the heels of Java and C for the past few years on the 20-year-old Tiobe index and recently knocked Java off the second spot to rival C. Tiobe, a software testing company, bases its rankings on searches for programming languages on popular websites and search engines.

The Tiobe index is updated monthly, and it doesn't align with other language popularity rankings. For example, the electrical engineering magazine IEEE Spectrum has ranked Python as the most popular language since at least 2020, followed by Java, C, and JavaScript, while developer analyst RedMonk has JavaScript in top place, followed by Python and Java, and places C at tenth...

"Python has never been so close to the number 1 position of the TIOBE index," writes Paul Jansen, chief of Tiobe software. "It only needs to bridge 0.16% to surpass C. This might happen any time now..."

Python is hugely popular because of machine learning, but it has no place in mobile app development or web applications or development on mobile devices. It's also slow. Python's creator, Guido van Rossum, who works at Microsoft, recently conceded Python consumes too much memory and energy from hardware. He's working to improve Python's performance and reckons double is feasible...

Tiobe's top 10 programming languages in September 2021 were C, Python, Java, C++, C#, Visual Basic, JavaScript, Assembly language, PHP, and SQL. The top 20 languages also included Classic Visual Basic, Groovy, Ruby, Go, Swift, MATLAB, Fortran, R, Perl, and Delphi. Fortran's re-emergence as a top 20 language is notable. Just in July 2020, Tiobe ranked it as the 50th most popular language. But earlier this year, Fortran shot up to the 20th spot in Tiobe's index.
Paul Jansen, chief of Tiobe software, also called out some other interesting moves in this month's calculation. "Assembly gained 1 position from #9 to #8, Ruby gained 2 positions from #15 to #13, and Go went up even 4 positions from #18 to #14."

destinyland writes: A newly-released video at GNU.org shows an hour-long talk given by free software advocate Richard Stallman for the BigBlueBotton open source conference (which was held online last July). After a 14-minute clip from an earlier speech, Stallman answers questions from the audience — and the first question asked Stallman for his opinion about the AI Copilot [automated pair programming tool] developed for Microsoft's GitHub in collaboration with AI research and deployment company OpenAI.

Stallman's response?

There are many legal questions about Copilot whose answers I don't know, and maybe nobody knows. And it's likely some of theo depend on the country you're in [because of the copyright laws in those countries.] In the U.S. we won't be able to have reliable answers until there are court cases about it, and who knows how many years it'll take for those court cases to arise and be finally decided. So basically what we have is a gigantic amount of uncertainty.

Now the next thing is, what about morally? What can I say morally about Copilot? Well the basic idea seems okay. Why shouldn't a program be able to give you hints like that?

But there is one pitfall, which is that if you follow those hints, you might end up putting a substantial block of code copied from a GPL-covered program, written by someone else, or one hint after another after another after another — it adds up to a substantial amount of code, perhaps, with very little change, perhaps. And then you've infringed the GPL by releasing that code, unless your program is covered by the same versions — plural — of the GPL, in which case it would be permitted. But you might not even know that. Copilot might not tell you — it doesn't endeavor to inform you. So you're likely not to know. Which means Copilot is leading users — some of its users — into a pitfall. Well, they should fix it so it doesn't do that.

But basically, what can you expect from GitHub? GitHub gives people inadequate advice about what it means to choose a license. They tell you you can choose GPL version 2 or GPL version 3. I think they don't tell you that really you could choose GPL version 2 only, or GPL version 2 or later, or GPL version 3 only, or GPL version 3 or later — and those are four different choices. They give users different permissions over the future. So it's important to make each program say clearly which choice covers it. And GitHub doesn't tell you how to do that.

It doesn't tell you that you need to do that. Because the way you do that is with a licensed notice that is supposed to be in every source file. It's unreliable to put just one statement in a free program and say "This program is covered by such-and-such license." What happens if somebody copies one of the files into some other program which says it's covered by a different license? Now that program has been inaccurately mis-licensed, which is illegal and is going to mislead users. So any self-respecting — any repository that wants to be honest has to explain these things, not just tell people to make the licensing of each piece of code clear, but help users do so — make it easy.

So GitHub has had this enormous problem for all of its existence, and Copilot has the similar — a basically, vaguely similar sort of problem, in the same area. It's not exactly the same problem. I don't think that copying a snippet of a few lines of code infringes any license. I think it's de minimus. But I'm not a lawyer.

"Linux creator Linus Torvalds has agreed to include Paragon Software's NTFS3 kernel driver, giving the Linux kernel 5.15 release improved support for Microsoft's NTFS file system..." reports ZDNet, adding that the driver "will make working with Windows' NTFS drives in Linux an easier task — ending decades of difficulties with Microsoft's proprietary file system that succeeded FAT...."

"But he also had some process and security lessons to offer developers about how to code submissions to the kernel should be made." "I notice that you have a GitHub merge commit in there," wrote Torvalds.

He continued: "That's another of those things that I *really* don't want to see — GitHub creates absolutely useless garbage merges, and you should never ever use the GitHub interfaces to merge anything...GitHub is a perfectly fine hosting site, and it does a number of other things well too, but merges are not one of those things."

Torvalds' chief problem with it was that merges need "proper commit messages with information about [what] is being merged and *why* you merge something." He continued: "But it also means proper authorship and committer information etc. All of which GitHub entirely screws up."
TechRadar supplies some more context: One of the shortcomings Torvalds highlighted are GitHub's concise, factually correct, but functionally useless, commit messages. For instance, GitHub's commit message for Paragon's merge read "Merge branch 'torvalds:master' into master", which didn't impress Torvalds one bit...

Torvalds also had some pertinent security advice, perhaps useful in light of recent software supply chain cyberattacks that the Linux Foundation wants to address by improving supply chain integrity through tools that make it easier to sign software cryptographically. As Torvalds points out, this is particularly important for new contributors to the Linux kernel. "For GitHub accounts (or really, anything but kernel.org where I can just trust the account management), I really want the pull request to be a signed tag, not just a plain branch," Torvalds explains...

Torvalds suggests Paragon do future merges from the command-line.

"A.I. Can Now Write Its Own Computer Code," blares a headline in the New York Times, adding "That's Good News for Humans. (Alternate URL here.)

The article begins with this remarkable story about Codex (the OpenAI software underlying GitHub Copilot): As soon as Tom Smith got his hands on Codex — a new artificial intelligence technology that writes its own computer programs — he gave it a job interview. He asked if it could tackle the "coding challenges" that programmers often face when interviewing for big-money jobs at Silicon Valley companies like Google and Facebook. Could it write a program that replaces all the spaces in a sentence with dashes? Even better, could it write one that identifies invalid ZIP codes? It did both instantly, before completing several other tasks.

"These are problems that would be tough for a lot of humans to solve, myself included, and it would type out the response in two seconds," said Mr. Smith, a seasoned programmer who oversees an A.I. start-up called Gado Images. "It was spooky to watch." Codex seemed like a technology that would soon replace human workers. As Mr. Smith continued testing the system, he realized that its skills extended well beyond a knack for answering canned interview questions. It could even translate from one programming language to another.

Yet after several weeks working with this new technology, Mr. Smith believes it poses no threat to professional coders. In fact, like many other experts, he sees it as a tool that will end up boosting human productivity. It may even help a whole new generation of people learn the art of computers, by showing them how to write simple pieces of code, almost like a personal tutor.

"This is a tool that can make a coder's life a lot easier," Mr. Smith said.
The article ultimately concludes that Codex "extends what a machine can do, but it is another indication that the technology works best with humans at the controls."

And Greg Brockman, chief technology officer of OpenAI, even tells the Times "AI is not playing out like anyone expected. It felt like it was going to do this job and that job, and everyone was trying to figure out which one would go first. Instead, it is replacing no jobs. But it is taking away the drudge work from all of them at once."

"One project going dark — due to a DMCA takedown or otherwise — can impact thousands of developers," GitHub warns in a blog post this week: We saw that firsthand with both leftpad and mimemagic. That's why GitHub's designed its DMCA process to follow the law in requiring takedown requests to identify specific content. We want developers on our platform and elsewhere to have a clear opportunity to remove infringing code yet keep non-infringing code up for others to use, modify, and learn from.

Ensuring that software copyright allegations are specific and actionable benefits the entire developer ecosystem. That's why GitHub submitted a "friend of the court" brief in the SAS Institute, Inc. v. World Programming Ltd. case before a Federal Court of Appeals.

This case is the most recent in a ten-year litigation spanning both the UK and the US. SAS Institute has brought copyright and non-copyright claims against World Programming's software that runs code written in the SAS language, and the copyright claims drew comparison to the recent Google v. Oracle Supreme Court case. But this case is different from Google v. Oracle because here the alleged copyright infringement is based on a claim of "nonliteral" infringement. That means there is no allegation that specific lines of code were literally copied, but only that other aspects, like the code's overall structure and organization, were used. In nonliteral infringement claims, the questions arise: what aspects of the "nonliteral" features were taken and are they actually protected by copyright...?

GitHub believes that for claims involving nonliteral copying of software, it is critical that a copyright owner provide — as early as possible — examples that would allow a developer, a court, or a software collaboration platform like GitHub to identify what was claimed to be copied. Our brief helps educate the court why specificity is especially important for developers.... We urged the court to think about efficiency in dispute resolution to avoid FUD (fear, uncertainty, and doubt). The sooner infringement allegations can be made specific and clear, the sooner infringing code can be changed and non-infringing code can stay up. That should be the result for both federal lawsuits, as well as DMCA infringement notices.

"GPT-3, generate a list of ideas for a play".

TechRadar describes what resulted — an experimental production called AI performed last week the Young Vic theatre in London last week. TechRadar Pro attended on the second evening, during which director Jennifer Tang sifted through the rubble of the first performance to identify material worth carrying forward. She also enlisted her writers and performers to flesh out the world; by steering AI this way and that, they expanded upon the foundations inherited from the previous night.... [T]he question AI sought to answer was not necessarily "can AI write a play?", Tang explained, but rather "how can writers work alongside it?"

When asked to produce ideas for a script, GPT-3 returned a varied selection of answers, but two in particular caught the attention of the team. The first was a repentance narrative about "a reversal of our current course towards chaos", the second an exploration of "the creation of human personality and memories" and how these concepts might manifest themselves in machines. Asked by the performers to devise scenes on these topics, GPT-3 created a cataclysmic event called The Great Collision, after which food became scarce and "beast men and women" roamed the land.

One of the main protagonists in this dystopia was an AI that aspired to "break free of its programming and conditioning" and eliminate human beings, who it considered the source of all suffering. Heavy stuff. One of the most striking things about AI was that it exposed the capacity for artificial intelligence models to reflect human preoccupations and neuroses... From its training data, GPT-3 has clearly absorbed an understanding of the murderous AI trope too, demonstrating that our fears about AI could quite easily bleed into AI itself.

The reflection of ourselves is imperfect, though, because the tone of GPT-3 scenes switches awkwardly from line to line and the dialogue can feel stunted and repetitious. The sensation is more like peering into a circus mirror.
In the end the 30-minute play turned out to be "loosely-connected vignettes created by GPT-3, which constructed new scenes without a memory of its previous inventions.

"Although individual scenes were full of color, when strung together they became an incoherent collage that highlighted the limitations of the AI models we have today."