Web Developer News News Recent news from

Standard, a Javascript Style Guide Library With 3M Downloads Per Month, Now Showing Ads When Installed Via NPM
Standard, a popular Javascript style guide library that is downloaded about three million times each month, is beginning to show ads when installed through npm, a developer announced this week. The move, which has been pegged as an experiment, comes as the developer looks to find sustainable ways to support contributions to the open source development. In a post, Feross Aboukhadijeh, a developer of Standard, said whenever Standard 14 is installed, "we'll display a message from a company that supports open source. The sponsorship pays directly for maintainer time. That is, writing new features, fixing bugs, answering user questions, and improving documentation." The announcement has sparked a debate in the community with some suggesting that there should be a better way to support the FOSS developers without seeing ads on the terminal.

Read more of this story at Slashdot.

Is Agile Becoming Less and Less Relevant?
OneHundredAndTen shares "an interesting Forbes article that posits that Agile software development is losing relevance, it is not the silver bullet that some claimed, and it has become a sort of religion -- 'If Agile doesn't work for you, you are not doing it right.'" Writer/data scientist Kurt Cagle even describes passing around "the holy hockey stick" while begging the scrum master for forgiveness, arguing that "like most religions it really didn't make that much sense to the outsider -- or even to the participants, when it got right down to it." Agile does not always scale well. Integration dependencies are often not tracked (or are subsumed into hierarchical stories), yet it tends to be one of the most variable aspects of any software development... [T]here are whole classes of projects where traditional Agile is counterproductive. Enterprise data projects, in particular, do not fit the criteria for being good Agile candidates... the kind of work that is being done is shifting from an engineering problem (dedicated short term projects intended to connect systems) to a curational one (mapping models via minimal technical tools). This transition also points to what the future of Agile will end up being. In many respects we're leaving the application era of development -- applications are thinner, mostly web-based, where connectivity to both data sets and composite enterprise data will be more important than complex client-based functionality. This is also true of mobile applications -- increasingly, smart phone and tablet apps are just thin shells around mobile HTML+CSS, a sea-change from the "there's an app for that" era. The client as relatively thin endpoint means that the environment for which Agile first emerged and for which it is most well suited -- stand-alone open source applications -- is disappearing. Today, the typical application is more likely a data stream of some sort, in which the value is not in the programming but in the data itself, with the programming consequently far simpler (and with a far broader array of existing tools) than was the case twenty or even ten years ago... While aspects of Agile will remain, the post-Agile world has different priorities and requirements, and we should expect whatever paradigm finally succeeds it to deal with the information stream as the fundamental unit of information.

Read more of this story at Slashdot.

UK Cybersecurity Agency Urges Devs To Drop Python 2
Python's End-of-Life date is 129 days away, warns the UK National Cyber Security Centre (NCSC). "There will be no more bug fixes, or security updates, from Python's core developers." An anonymous reader quotes ZDNet: The UK's cyber-security agency warned developers Thursday to consider moving Python 2.x codebases to the newer 3.x branch due to the looming end-of-life of Python 2, scheduled for January 1, 2020... "If you continue to use unsupported modules, you are risking the security of your organisation and data, as vulnerabilities will sooner or later appear which nobody is fixing." "If you maintain a library that other developers depend on, you may be preventing them from updating to 3," the agency added. "By holding other developers back, you are indirectly and likely unintentionally increasing the security risks of others... If migrating your code base to Python 3 is not possible, another option is to pay a commercial company to support Python 2 for you," the NCSC said. The agency warns that companies who don't invest in migrating their Python 2.x code might end up in the same position as Equifax or the WannaCry victims. "At the NCSC we are always stressing the importance of patching. It's not always easy, but patching is one of the most fundamental things you can do to secure your technology," the agency said. "The WannaCry ransomware provides a classic example of what can happen if you run unsupported software," it said. "By making the decision to continue using Python 2 past its end of life, you are accepting all the risks that come with using unsupported software, while knowing that a secure version is available."

Read more of this story at Slashdot. News Recent news from

IT Earnings Way Up at Job Site Elance
Google App Engine, HTML5, search engine optimization and social media marketing are among the fastest movers on Elance's list of hot job opportunities available online.

Say What? The Week's Top Five IT Quotes
Google Wave crashes, fighting to keep mainframe skills alive, beware the Outernet and more.

GPL Enforcement Notches Another Victory
The license at the heart of many open source projects is amassing a winning record when it comes to successfully pursuing enforcement lawsuits.