The Changelog: Software Development, Open Source
Imagine Fly.io on your own VPS (News)
Mon, 23 Sep 2024
Mahmoud Mousa releases Sidekick, a tool for hosting side projects on a cheap VPS, Ryan Dahl, has had enough of Oracle bogarting "JavaScript" but not even using it, Thomas Rampelberg's kty is a sweet terminal for Kubernetes, Redis users are considering alternatives after their relicense & a bunch of smart JS folks wrote up nine Node.js pillars.
What up, nerds? I'm Jared, and this is Changelog News for the week of Monday, September 23rd, 2024. Have you heard of the dead internet theory? It posits that most social internet activity today is artificial and designed to manipulate humans for engagement. Let's set aside how hard it is to define most for now, if this theory is even approximately true.
What does it mean for those of us who work, play, and often live our lives on the internet? Might AI slop be the first salvo in the rise of the machines? Maybe ignorance is bliss. Or maybe, just maybe, the time is coming, and now is, to take the red pill. And I show you how deep the rabbit hole goes. Sorry, I've been watching too many clips of the Matrix lately, but I mean, come on.
Shootout in the lobby? Best shootout scene ever. Guns. Lots of guns. Okay, enough of that. Let's get into this week's news. Imagine Fly.io on your own VPS. Here's sidekick creator Mahmoud Moussa. Moussa. Moussa or Moussa. You decide. Quote, I'm tired of the complexity involved in hosting my side projects.
While some platforms, like Fly.io, stand out in the crowded field of Heroku replacements, I believe a simple VPS can be just as effective. That's why I created Sidekick, to make hosting side projects as straightforward, affordable, and production-ready as possible. You'll be surprised how much traffic an $8 per month instance on DigitalOcean can handle. End quote.
Grab a VPS or your own hardware if you prefer. Just need a public IP? Load it with Ubuntu, set up SSH access for yourself, and let Sidekick init take you from there to a deployed production application in minutes. Oracle, it's time to free JavaScript. Node and Deno creator, Ryan Dahl, has had enough of Oracle bogarting JavaScript, but not even using it.
Quote, Dear Oracle, you have long ago abandoned the JavaScript trademark, and it is causing widespread, unwarranted confusion. End quote. Rye goes on to detail exactly why Oracle's hold on the JavaScript trademark clearly fits the legal definition of trademark abandonment. At the end of the letter, there's a place to sign your John Hancock alongside 11,495 others, including yours truly.
John Hancock. It's Herbie Hancock. Yay! K-T-Y, which I'm going to assume is pronounced Kitty, is a terminal for Kubernetes. Kitty is the easiest way to access resources such as pods on your cluster, all without kubectl or kubectl, if you will. Once Kitty is installed on your cluster, SSH gives you a dashboard to interact with the cluster. With Kitty, you can...
Use your GitHub or Google account to log into the cluster. No more annoying kubectl auth plugins. Get a shell running in pods, just like you would when SSH'd into a host normally. Access the logs for running and exited containers in a pod. Forward traffic from your local machine into the cluster or from the cluster to your local machine. SCP or SFTP files from HOTS.
Access the cluster from any device that has an SSH client, from phones to embedded devices. It's now time for sponsored news. Secure every PR from vulnerable and malicious dependencies. Who has time to run a security audit on all of their dependencies? Socket does. Socket is a developer-first security platform that protects your code from both vulnerable and malicious dependencies.
The easiest way to get started with Socket is the two-click GitHub app install. From there, whenever a new dependency is added in a pull request, Socket analyzes the package's behavior and security risk and tells you at that moment, before the code is merged, whether or not you're introducing a vulnerable or malicious dependency.
You can run Socket in your CI-CD pipeline, as a CLI tool, or even as a web extension so you can spot malicious packages on the web. Socket helps developers and security teams to work more efficiently and cut through the noise to focus on real threats. Get actionable alerts for the supply chain risks that matter. Learn more and get started at socket.dev.
And thanks to Firas and our friends at Socket for sponsoring ChangeLog News. about 70% of Redis users are considering alternatives. Quote, according to a survey by open source database support biz Percona, the move to the Redis source available license and server side public license has motivated almost three quarters of the 151 developers and database managers questioned to look for alternatives.
End quote. The biggest question when Redis relicensed was which fork would make the most sense for the most people. It appears the Linux Foundation's Valky effort is leading that pack with 60% of respondents considering or actively testing it out. I love how much this topic effectively snipes the nerds, myself included.
The register's comment thread on this story is, unsurprisingly, almost entirely filled with arguments for or against the GPL. Lol. Big lol. Nine, Node.js pillars.
2.
3.
4.
Automate testing, code review, and conformance as much as possible. Five, avoid dependency creep. Six, de-risk your dependencies. Seven, avoid global variables, config, or singletons. Eight, handle errors and provide meaningful logs. And nine, use API specifications and automatically generate clients. Many of these are pillars of any well-factored application.
We have Matteo Collina and hopefully Natalia Venditto coming on JS Party in October to talk through all nine of them. That's the news for now, but also scan the companion changelog newsletter for even more stories worth your attention, like Avdi Grim on how to cope with technology FOMO.
All is not well in WordPresslandia as Matt Mullenweg lashes out against WP Engine and a database management TUI for Postgres. Oh, and I forgot to mention this here on news. During the month of September, we're trading free Changelog sticker packs for thoughtful five-star reviews and blog posts about our pods.
Just send proof of your review to stickers at changelog.com along with your mailing address and we'll ship the goods directly to your mailbox anywhere in the world. Let's do this. Have a great week. Leave us a five-star review if you want some stickers. And I'll talk to you again real soon.