Yet another open source rug pull (News)
Digest
This episode of Change Log News begins with a correction from last week's episode, followed by a discussion on the recent transfer of the Reveal OTP app to a new company, MoBeam. The new owners shipped an update that deleted users' 2FA codes, leading to concerns about data security and open source sustainability. The episode then moves on to discuss the forking of the Ladybird browser from Serenity OS, a decision made by creator Andreas Kling to streamline development and allow Ladybird to be used on more mainstream operating systems. The episode concludes with a thought-provoking article on static effect systems in programming languages, exploring the potential benefits of a system that statically analyzes code to ensure proper handling of side effects. The episode also includes a sponsored segment on Fire Hydrant's new AI-powered incident management features, and a discussion on the pros and cons of GraphQL after 6 years of its use.
Outlines
Introduction and Correction
This Chapter introduces the episode and provides a correction from the previous week's episode regarding the author of an article on clear readable code. The correction acknowledges Leonardo Creed as the author, not Jordan Cutler.
Reveal OTP App Transfer and Data Loss
This Chapter discusses the transfer of the Reveal OTP app from its original creator to MoBeam. The new owners shipped an update that deleted users' 2FA codes, raising concerns about data security and open source sustainability. The chapter highlights the importance of responsible open source management and the potential risks associated with transferring ownership of critical applications.
Ladybird Browser Forking
This Chapter covers the forking of the Ladybird browser from Serenity OS. Creator Andreas Kling explains the decision to separate the projects due to diverging interests and to streamline development. The chapter highlights the benefits of both projects moving forward independently, with Ladybird gaining access to a wider range of operating systems and Serenity OS becoming more community-driven.
Static Effect Systems in Programming Languages
This Chapter explores the concept of static effect systems in programming languages. The chapter discusses the potential benefits of a system that statically analyzes code to ensure proper handling of side effects, drawing parallels to Rust's borrow checker. The chapter delves into the implementation of such a system and its potential impact on programming languages moving forward.
Keywords
Reveal OTP
Reveal OTP is a popular open source iOS authenticator app that syncs your one-time passwords across devices. It was quietly transferred from its original creator to a company called MoBeam, which subsequently shipped an update that deleted people's 2FA codes, raising concerns about data security and open source sustainability.
Ladybird Browser
Ladybird is a web browser developed as part of the Serenity OS project. It was recently forked from Serenity OS into a separate, top-level project to streamline development and allow Ladybird to be used on more mainstream operating systems like Linux and macOS.
Serenity OS
Serenity OS is a desktop operating system that aims to provide a modern and user-friendly experience. It is known for its focus on user experience and its use of open source software. The project recently forked its Ladybird browser into a separate project to allow it to be used on more mainstream operating systems.
Static Effect System
A static effect system is a programming language feature that statically analyzes code to ensure proper handling of side effects. It aims to provide a balance between having all side effects under control and having no side effects, potentially leading to more robust and reliable software.
Fire Hydrant
Fire Hydrant is a company that provides incident management software. They recently released new AI-powered features that aim to improve the responder experience and reduce the time spent on incident management.
GraphQL
GraphQL is a query language for APIs that allows clients to request specific data from a server. It has gained popularity in recent years but has also faced criticism for its complexity and potential performance issues. The episode discusses the pros and cons of GraphQL after 6 years of its use.
Gauls Law
Gauls Law is a principle that states that a complex system that works is invariably found to have evolved from a simple system that worked. It suggests that complex systems designed from scratch are often difficult to make work and may require starting over with a simpler system.
Q&A
What happened to the Reveal OTP app?
The Reveal OTP app was quietly transferred from its original creator to a company called MoBeam. The new owners shipped an update that deleted users' 2FA codes, raising concerns about data security and open source sustainability.
Why was the Ladybird browser forked from Serenity OS?
The Ladybird browser was forked from Serenity OS to streamline development and allow Ladybird to be used on more mainstream operating systems like Linux and macOS. The decision was made due to diverging interests between the two projects.
What is a static effect system in programming languages?
A static effect system is a programming language feature that statically analyzes code to ensure proper handling of side effects. It aims to provide a balance between having all side effects under control and having no side effects, potentially leading to more robust and reliable software.
What are the benefits of Fire Hydrant's new AI-powered incident management features?
Fire Hydrant's new AI-powered incident management features aim to improve the responder experience and reduce the time spent on incident management. They provide a shared workspace, powerful runbook automations, and auto-captured data.
What are some of the pros and cons of GraphQL after 6 years of its use?
GraphQL has gained popularity for its flexibility and ability to request specific data from a server. However, it has also faced criticism for its complexity and potential performance issues. The episode discusses the trade-offs involved in using GraphQL and suggests that it may not be the best choice for all situations.
Show Notes
A popular open source iOS authenticator app goes rogue under new ownership, Andreas Kling steps back from SerenityOS & forks Ladybird, Vhyrro takes a thought-provoking try at a “static effect system”, Matt Bessey is over GraphQL & Marc-Andre Giroux still likes GraphQL sometimes (in the right context).
Changelog++ members save 1 minute on this episode because they made the ads disappear. Join today!
Sponsors:
- FireHydrant – The alerting and on-call tool designed for humans, not systems. Signals puts teams at the center, giving you ultimate control over rules, policies, and schedules. No need to configure your services or do wonky work-arounds. Signals filters out the noise, alerting you only on what matters. Manage coverage requests and on-call notifications effortlessly within Slack. But here’s the game-changer…Signals natively integrates with FireHydrant’s full incident management suite, so as soon as you’re alerted you can seamlessly kickoff and manage your entire incident inside a single platform. Learn more or switch today at firehydrant.com/signals
Featuring: