Good Morning! Google successfully completed a massive four-year project to migrate its entire codebase from Perforce to a custom-built system called Piper, demonstrating the feasibility of maintaining a monolithic codebase at scale. The international timekeeping community has decided to phase out leap seconds by 2035, a move that will significantly impact tech systems and require updates to time-handling code. A joint study by cybersecurity agencies revealed that over half of critical open source projects use memory-unsafe code, highlighting a widespread vulnerability in software infrastructure.

— Forrest Knight & Meghanadh Vasireddy

Google's Monumental Code Migration: From Perforce to Piper

Google had a big problem. All their code was on one Perforce server, and it was getting too full. They decided to make their own system called Piper to fix this.

It wasn't easy to switch. They had to:

• Move over 300 tools that used Perforce

• Keep important systems running during the change

• Make sure they didn't copy Perforce's design to avoid legal issues

The whole process took 4 years, finishing in 2012. The team had to talk to 25,000 engineers and get them to change how they worked.

The Big Move: When it was time to switch, they had to stop all code changes for a short time. It was risky, but it worked! They moved everything to Piper without any big problems.

After the switch, Google's systems were safer. They could also make new tools like Tricorder, which checks code for issues. This big change showed that it's possible to keep all your code in one place, even for huge companies.

The switch changed how big companies think about managing lots of code. It showed a new way to handle complex code systems, which many other companies now follow.

Read More Here

Goodbye Leap Second: What It Means for Tech

Context: Leap seconds were added in 1972 to keep atomic clocks in sync with Earth's spin. Now, experts have decided to get rid of them by 2035.

These extra seconds have caused trouble for computer systems. For example:

• Reddit crashed in 2012 due to a Linux bug

• Data centers saw big jumps in power use

The Change: Two ways of measuring time (UTC and UT1) will be allowed to drift apart until 2135. This gives scientists time to find better ways to keep time in sync.

Coders will need to update their programs to stop handling leap seconds. Google's "leap smear" method, which adds tiny bits of time throughout a day, might be a good way to handle time changes for now.

This is a big change in how we keep time. While it won't happen right away, it's important for tech people to know about it and start thinking ahead.

Read More Here

Memory-Unsafe Code Common in Key Open Source Projects, CISA Finds

CISA, FBI, ACSC, and CCCS worked together to study important open source projects. They looked at 172 projects that OpenSSF said were critical.

Main Findings:

• Over half (52%) of the projects use code that isn't safe for memory

• 55% of all the code lines use languages that can cause memory problems

• C and C++ are the main languages causing these issues

When programmers use languages that aren't safe for memory, they have to manage memory themselves. This can lead to problems like buffer overflows and use-after-free errors. Even projects that seem safe often rely on parts that aren't. Changing old code to safer options is tough. It takes a lot of time, money, and skilled people.

What They Suggest: Make plans to use safer code, put safety first when making software, and be careful about using code from other places.

Read More Here

🔥 More Notes

• A Developer's Descent: When the Job Search Became a Mental Health Crisis

• “Three Laws of Software Complexity (or: why software engineers are always grumpy)”

• “Beating NumPy's matrix multiplication in 150 lines of C code”

Youtube Spotlight

Claude 3.5 Sonnet vs GPT-4o: Side-by-Side Tests

Was this forwarded to you? Sign Up Here