开源日报 - Page 34 of 262 - Open Source Daily

开源日报第906期：《Google Guava》

25 9 月, 2020
开源日报每天推荐一个 GitHub 优质开源项目和一篇精选英文科技或编程文章原文，坚持阅读《开源日报》，保持每日学习的好习惯。
今日推荐开源项目：《Google Guava》
今日推荐英文原文：《Google Maps adds a COVID-19 layer》

今日推荐开源项目：《Google Guava》传送门：项目链接
推荐理由：谷歌Guava是一个顶级的通用Java库。与Apache Commons一样，它也是模块化的，包含许多独立的库。它涵盖了基本实用工具、集合、字符串操作、并发实用工具、图形库、散列等等。与Apache Commons library相比，Guava具有更好的设计。如果你想要创建或使用程序类库，可以首选Guava库。
今日推荐英文原文：《Google Maps adds a COVID-19 layer》作者：Corinne Reichert
原文链接：https://www.cnet.com/health/google-maps-adds-a-covid-19-layer/
推荐理由：截至美国东部时间22日11时23分（北京时间23时23分），美国累计新冠确诊病例超过686万例，累计死亡病例突破20万例。近期，美国新冠疫情指标又有抬头倾向，最近一周单日新增确诊病例和死亡病例均呈上升趋势。谷歌地图新添了有关新冠病毒的模块, 以帮助人们更好地做出出行决策.
Google Maps adds a COVID-19 layer
Google on Wednesday announced that it’s added a COVID-19 layer to the Google Maps app, which offers critical information designed to help you decide where to go and what to do while still staying safe.

A color-coded system will show you the density of new coronavirus cases in any given area and a label will tell you whether cases are trending up or down there, Google said Wednesday.

The new info is visible for all 220 countries and territories available on Google Maps. You can see it at country, state, province, county and city level data, depending on the area.

Here’s how to use it:
1. Open Google Maps
2. Tap the “layers” button on the top right corner of your screen (the area where you can switch to satellite or terrain views)
3. Click on COVID-19 info
4. A seven-day average of new coronavirus cases per 100,000 people will then show up for that area on the map.
Google says it’s getting the data “from multiple authoritative sources, including Johns Hopkins, The New York Times and Wikipedia.”

“These sources get data from public health organizations like the World Health Organization, government health ministries, along with state and local health agencies and hospitals,” Google added in a blog post.
下载开源日报APP：https://opensourcedaily.org/2579/
加入我们：https://opensourcedaily.org/about/join/
关注我们：https://opensourcedaily.org/about/love/
开源日报第905期：《网易云音乐+命令行 musicbox》

24 9 月, 2020
开源日报每天推荐一个 GitHub 优质开源项目和一篇精选英文科技或编程文章原文，坚持阅读《开源日报》，保持每日学习的好习惯。
今日推荐开源项目：《网易云音乐+命令行 musicbox》
今日推荐英文原文：《You Built Your Node App, But Are You Logging?》

今日推荐开源项目：《网易云音乐+命令行 musicbox》传送门：项目链接
推荐理由：这个项目成功用 Python 将有图形化界面的网易云音乐变成没有图形化界面的命令行程序，并且在功能上还没有做太多的阉割；尽管原来的网易云音乐也有快捷键功能，但是终究比不过专精此道的命令行程序，这个项目提供了比原版更加丰富的快捷键以方便用户的操作。
今日推荐英文原文：《You Built Your Node App, But Are You Logging?》作者：Juan Cruz Martinez
原文链接：https://medium.com/better-programming/you-built-your-node-app-but-are-you-logging-665c7b2bb06b
推荐理由：在创建 Node 应用时正确使用日志的姿势
You Built Your Node App, But Are You Logging?

Logging is a best practice. Here’s how to do it right
Logging is a crucial part of developing an application. When the app is in production, logs are necessary to identify the problem if something goes wrong. So if you are a developer, you should ask yourself this question: “Am I logging the right way?”

In this article, we are going to provide an answer to that question. We will discuss the best practices developers — especially Node.js developers — should follow when logging their application events.
Why Are Logs Important?
No matter how careful we are when developing an application, it’s a difficult task to make it 100% secure and bug-free. We try to find and solve most of the problems during development by testing and debugging. Still, we won’t be able to catch all of them.

Because of these remaining errors, applications running in production might behave in unexpected ways in certain situations. Sometimes, they can be really critical. They may even crash the application entirely. In such a case, can we run a debugger to figure out what went wrong with our application? No, it’s not the most practical idea.

Instead, we use application logs to understand how and why the application is behaving differently. For this, we have to set up our application to record information about its events and errors. And this is what we call logging. Logging helps us identify problems with an application running in production.
Logging Best Practices
Since logs are quite important, we need to follow logging practices that will help us easily identify problems and their causes.
1. Don’t use console.log
Developers tend to rely on Node’s console.log function to log application events since it’s easily accessible, needs no additional setup, and is simple to use. But if you want to take logging seriously — and you should — this is not the way to achieve it.

console.log prints its output to stdout. Other console functions, like console.err and console.warn, print outputs to stderr. You can’t configure console.log to transport the logs to a file or a database. You can’t turn logging on and off or switch between different logging levels (which we will talk about later) when the app is in production.

Simply put, console.log doesn’t provide enough features or configuration options to become an adequate logging tool. You should instead use a dedicated logging library to get the job done properly.
2. Use a dedicated logging library
A dedicated logging library, unlike console.log, provides a set of features to create logs that let us identify problems easily and enough configurations to make the best use of our logs.
- Most logging libraries support several logging levels like info, debug, warning, and error. These levels help filter logs according to our needs.
- The biggest advantage of using a logging library is being able to switch between logging levels even when the app is in production.
- They also support formatting logs with different colors for different levels of logs. Some libraries also support the formatting of different data types like JSON.
Winston and Bunyan are two of the most popular logging libraries available to Node developers.

In this article, we are going to use Winston in the code examples.
3. Source, timestamp, context — the most important parts of a log
Every log recorded by your application should consist of these three parts.
- Source: If we are debugging our application using the logs, it’s important to know where each event occurred. The source could be the name of the host, method, zone, or in microservices architecture, the name of the service.
- Timestamp: Recording the timestamp of the events that occurred is also important to logging. We might need to filter the logs recorded within a certain timeframe or sort the logs by the time they occurred. Hence, the timestamp is an essential part of an application log.
- Context and level: The context of a particular log is important when we are debugging the application. For example, if the application is registering a new user, there are several ways this operation could fail. The user might provide invalid data or could already be registered in the system. These failures are not occurring because our application is behaving faultily. But if this operation fails because the application couldn’t connect to the database, that signifies that something has gone wrong. Therefore, providing the context of the event with every log is crucial to make the best of logging. In addition, recording the level is also important to filter and identify different issues of the application based on how critical they are.
4. Use log levels properly
We use logging levels to sort them by urgency so that we can filter them accordingly.

Syslog standard provides specified levels, declared according to their severity, that we can use when logging.
- Emergency: The system is unusable.
- Alert: Action must be taken immediately.
- Critical: Critical conditions.
- Error: Error conditions.
- Warning: Warning conditions.
- Notice: Normal but significant conditions.
- Informational: Informational messages.
- Debug: Debug-level messages.
You can alter standard levels to create a list of levels that better suit your application. However, each log must be given a level to be able to filter them as required.
5. What not to do when logging
Logging should not generate any errors of its own.

We are trying to find errors in our application with the logs. We don’t need logs to add their own errors on top of that. So, make sure that logging operations are written in a way that does not generate errors of its own.

For example, the following code could throw an error when logging. You should avoid instances like this:
```
const logger = require("../logger")
exports.findUserByUsername = async (req, res) => {
    logger.info(`Invoking findUserById with the id ${req.params.username}`)
    //implementation
    logger.debug(`Finding user data from the database ${userModel.find({username: req.params.username})}`) //could throw an error.
}
```
Logging operations should also be stateless.

Logging operations should not generate any state changes in the application, like changing the database. You should avoid scenarios like this:
```
exports.saveUser = async (req, res) => {
    logger.info("invoking saveUser()")
    //implementation
    logger.debug(`saving user to the database ${userModel.save(req.body)}`) //changes application state
}
```
6. Use the appropriate logging level in production
Being able to log records of every level would be ideal when our app is in production. But it’s not always practical. If your application has heavy user traffic, logging every level of code would result in a huge performance dip.

We need to take a proactive approach to avoid this and log optimally. In a production-level application, the majority of the logs belong to the debug and info levels. So during the normal runtime, if we turn off debug and info logs, and log only the lower levels, we can avoid the performance issues that come with frequent logging.

In an application in production, we turn on the warning, error, and other lower levels of logs to identify if it is in critical status. We can turn on debug- and info-level logs only when an error is detected.

One of the benefits of using a logging framework is being able to change the logging level easily while in production.
7. Store the current logging level as an environment variable
To ensure that we can easily change between levels when needed, you should store the current logging level of the application as an environment variable. This gives us the ability to change the level when the application is still in production by simply changing the variable value.
```
//.en.
LOG_LEVEL = "warn"


//logger.js
const transports = {
  console: new winston.transports.Console({ level: process.env.LOG_LEVEL}),
};
const logger = winston.createLogger({
  transports: [
    Transports.console,
 ]
});
```
Summary
If you are building an application that is intended to go to production, logging is a crucial feature it should have. In this article, we discussed the best practices you should use when creating a logging system. With this knowledge, you can start building a great logging system for your application today.

Thanks for reading!
下载开源日报APP：https://opensourcedaily.org/2579/
加入我们：https://opensourcedaily.org/about/join/
关注我们：https://opensourcedaily.org/about/love/
开源日报第904期：《Ckplayer》

23 9 月, 2020

开源日报每天推荐一个 GitHub 优质开源项目和一篇精选英文科技或编程文章原文，坚持阅读《开源日报》，保持每日学习的好习惯。
今日推荐开源项目：《Ckplayer》
今日推荐英文原文：《Always Aim to Program for Simplicity》

今日推荐开源项目：《Ckplayer》传送门：项目链接
推荐理由：Ckplayer 是一款在网页上播放视频的开源软件，支持mp4,flv,m3u8及rtmp协议的直播，支持移动端，PC端。主要特点是：开源，功能强大，不依赖其它插件，适合二次开发。
今日推荐英文原文：《Always Aim to Program for Simplicity》作者：Zachary Minott
原文链接：https://medium.com/better-programming/always-aim-to-program-for-simplicity-49e434a424bd
推荐理由：不够简洁的代码就是写完以后不想再看一遍。
Always Aim to Program for Simplicity

Complexity can destroy the infrastructure of your code and kill your program

“Programming culture is broken on a global scale.” — Jonathon Blow
Stop trying to overcomplicate everything.

Just because you are faced with a complex problem doesn’t mean that it requires a complex solution. Unfortunately, many developers still write code that only they can understand or is very difficult for essentially anyone to understand.

That’s not how it’s supposed to be. Your programs should always take the simplest and most intuitive approach — not something that appears chaotic at first glance with overcomplicated logic, unnecessary levels of abstraction, and a broad purpose.

For instance, take this metaphor of a tree.

The Tree Metaphor
When you look at a tree, all you can really see are the leaves. But when you stand underneath a tree, you observe a new perspective that wasn’t seen before.

You can see exactly how the tree is structured and how every single branch is connected.

There is the base of the tree that serves as the foundation the tree stands upon.

From the base, larger branches of the tree emerge. Each of those branches then has even smaller branches connected to it, and even smaller branches connected to those smaller branches.

From those tiny branches, you can see how little twigs output little leaves, flowers, or maybe even fruit.

That’s how you should be able to perceive the code of your program — like a little network of different classes and functions where you can easily intuit what is connected to what, the purpose that each of those components serves, and what they are expected to output.

If your code executes efficiently and well enough, it’ll be able to grow leaves and fruit that the users you are targeting are able to enjoy.

Poorly written code, on the other hand, will cause the system you created to crumble, incapable of scaling even further or offering nothing fluid and tasty for your target audience to enjoy.

Reliability and Scalability Are Dependent on Simple Code
It appears that programmers lost their path and are straying further and further away from what engineering is really supposed to be.

With engineering, you’re supposed to make complex structures that appear simple and nimble — building a solid foundation for the programs that you write to stand upon.

The problem is that many programmers forget to build that solid foundation and think more in surface-level terms of just needing code that does X rather than diving deeper and creating code that can do X but is also readable, easily documented, well-designed, and scalable.

Just like the tree, the programs that you write need to be built with many small components (the branches) that can be beautifully formed together in creative ways to achieve the bigger solution (the tree as a whole).

If you just have a monolithic, overcomplicated mess of code that only you can understand, then you’re running the risk of not surviving the evolving features that the future will present.

Simplification of code doesn’t mean that you just need code that runs — despite that paradoxically seeming like the simpler approach.

It means that you must always keep the code that you write small, nimble, and composable.

More than anything, it means writing code specifically for the problem you are trying to solve and having to delete and refactor the code you write to be even smaller and simpler.

You need to first make it work, make it right, make it fast, and then reiterate that same cycle until you have the simplest solution.

Once you get to that simple solution, only then should you be considering the design principles you want to implement.

The founder of C++, Bjarne Stroustrup, states that in order to make code scalable and reliable:
“The first step is to simplify the code, have less code, and have code that is less likely to go wrong. It is not by runtime testing everything. It is not by big test frameworks that you are using [although we still do that]. The first step is actually to make sure that when you want to express something, that you can express it directly in code rather than going through endless loops and convolutions in your head before it gets down to code. When you express things directly, you can maintain it, it’s easier to find errors, it’s easier to make modifications, it’s easier to test it, and lo and behold, it runs faster.”

Remember That Complexity Kills Your Program
Imagine if a tree was an entanglement of complete randomness, where branches are coming out of the leaves, the base is in the middle of the tree, and the branches support the overall structure.

Obviously, that tree wouldn’t exist or even be capable of standing a chance against nature and gravity. It would crumble and fall apart in an instant.

Complexity can be seen in the same way, where although computers are extremely fast nowadays, complexity will kill everybody.

As genius game developer Jonathon Blow states:
“[Complexity] makes everything more complicated, makes users unhappy on multiple dimensions because they have to deal with more complex things, and because things work less well. It lowers the threshold of what we can even accomplish.”
Part of the problem lies in the way programming is taught today. People are taught frameworks rather than really understanding what code actually does and what it can actually be used for.

In that way, people are really learning how to use programs and frameworks that do all the work for them — like Unity and React — and are in turn making programmers used to simply following instructions rather than learning how to think. That doesn’t really teach them how a computer processes your code and how that memory is being allocated.

I didn’t really transcend to becoming a better programmer and designing optimal solutions until I learned what code is really doing under the hood.

Only after understanding those things did I really understand why it’s important to simplify everything that I write. It got me to really aim to design code in its most optimal and scalable fashion rather than just brute-force writing code that works and takes up mounds of memory and processing that would slowly chip away at the life force of my program over time.

Final Thoughts
You should always be aiming to code for simplicity. Always program to solve the problem that you are currently tackling and do it in a way that allows scalability.

You should be able to look at a piece of code and immediately discern what that piece of code does and how it is used in your overarching solution.

That being said, whatever code you write initially is just the first draft. You need to obsessively refactor your code and deconstruct your code to its simplest structure and purpose.

Do that and you’ll save yourself a lot of grief in the future and will be recognized as a better programmer because of it.

下载开源日报APP：https://opensourcedaily.org/2579/
加入我们：https://opensourcedaily.org/about/join/
关注我们：https://opensourcedaily.org/about/love/
开源日报第903期：《leek-fund》

22 9 月, 2020

开源日报每天推荐一个 GitHub 优质开源项目和一篇精选英文科技或编程文章原文，坚持阅读《开源日报》，保持每日学习的好习惯。
今日推荐开源项目：《leek-fund》
今日推荐英文原文：《Trump approves TikTok-Oracle deal》

今日推荐开源项目：《leek-fund》传送门：项目链接
推荐理由：leek-fund是一个vscode插件，它可以实时查看股票 & 基金数据，包括基金实时走势图和历史走势图, 自动刷新（每天 9~15 点之间轮询刷新数据）等实用特性. 还能一秒切换至代码编辑页面，摸鱼也不怕被老板抓包了。
今日推荐英文原文：《Trump approves TikTok-Oracle deal》作者：Edward Moyer, Queenie Wong, Andrew Morse
原文链接：https://www.cnet.com/news/trump-approves-tiktok-oracle-deal/
推荐理由：TikTok相关事件从疫情肆虐期间就引发了极大的关注, 首先是美国政府的强行制裁, 到后来和微软谈判收购事宜以及谈判的破裂, 现在和甲骨文公司达成收购意向. 最终, 川普同意了这笔交易, 希望这件事最后能够尘埃落定.
Trump approves TikTok-Oracle deal
President Donald Trump approved a deal for Oracle and Walmart to acquire stakes in the US operations of popular video app TikTok, postponing a potential ban that was scheduled to go into effect on Sunday.

Oracle will take a 12.5% stake in a new company, TikTok Global, while Walmart will have 7.5%. The company will be headquartered in the US and provide service to American users and most users in “the rest of the world.” Four of the company’s five board members will be American. Oracle will provide secure cloud services that satisfy national security concerns about the Chinese-owned app.

“Both companies will take part in a TikTok Global pre-IPO financing round in which they can take up to a 20% cumulative stake in the company,” TikTok said in a statement. “We will also maintain and expand TikTok Global’s headquarters in the US, while bringing 25,000 jobs across the country.”

Oracle and Walmart confirmed the deal in separate statements. Walmart’s statement said the initial public offering of TikTok Global would take place “in less than 12 months” and that the company will be listed on a US exchange. The partners have also pledged to develop an online educational initiative.

The deal, which still requires the approval of the Chinese government, came just hours before a ban on new downloads of TIkTok was set to take place. Commerce Secretary Wilbur Ross said Saturday that the ban would be pushed out to Sept. 27 at 11:59 p.m.

The agreement follows a tumultuous period for TikTok, which Trump has called a national security threat because it’s owned by ByteDance, a Chinese tech company. The administration alleges that the Chinese government could use data gathered by the TikTok app to “track the locations of Federal employees and contractors, build dossiers of personal information for blackmail, and conduct corporate espionage.” TikTok has repeatedly pushed back, noting that it wouldn’t turn over data to the Chinese government even if it were asked to.

The administration issued two executive orders concerning TikTok. An Aug. 6 order would have barred any US transactions with ByteDance and was set to go into effect on Sunday. A separate executive order, issued Aug. 14, ordered ByteDance to sell its US operations by Nov. 12.

Intelligence agencies have determined that Chinese authorities could collect data through TikTok, though there’s no evidence they’ve done so, according to The New York Times. The Wall Street Journal found that the TikTok app for Android surreptitiously collected device identifiers known as MAC addresses. The practice ended in November.

On his way to a campaign rally in North Carolina, Trump told reporters that he had given the TikTok-Oracle deal “my blessing,” Bloomberg reported. The news service reported that Oracle will have “full access” to TikTok’s source code and updates it can review to ensure no back doors exist. Chinese officials have indicated the government is willing to approve an agreement as long as ByteDance doesn’t have to give up the artificial intelligence algorithms behind the app, Bloomberg said.

Trump’s high-profile attacks on TikTok and ByteDance have already taken their toll on the app, which has an estimated 100 million users in the US. TikTok CEO Kevin Mayer, a former Disney executive, resigned in late August after just three months in the position. He told employees in a letter that the role he signed up for looks different because of the US administration’s pressure on ByteDance to sell its US business. Vanessa Pappas, TikTok’s US general manager, is the interim head of TikTok.

Two lawsuits have been filed over Trump’s executive orders. On Aug. 24, TikTok and ByteDance sued Trump and Ross, alleging the administration had violated the due process clause of the Fifth Amendment because the company wasn’t given a chance to be heard. The lawsuit also alleges the president acted beyond his legal authority because his administration hasn’t proved that TikTok poses a national security threat. The president’s order furthers Trump’s “campaign of anti-China rhetoric in the run-up to the US election,” the lawsuit says. It’s unclear what will happen with the lawsuit now that a deal has been approved.The White House didn’t immediately respond to a request for comment.

In a separate lawsuit filed on the same day, Patrick Ryan, a TikTok employee, alleged the administration’s actions could prevent the company’s 1,500 US workers from being paid. The Department of Justice later said employees could continue to be paid.

The US isn’t the only country that’s targeted TikTok and Chinese apps. India banned TikTok, along with WeChat and dozens of other Chinese apps in late June, citing national security concerns. The ban came after 20 Indian soldiers were killed during a clash with Chinese troops along a disputed Himalayan border.

TikTok is known for its quirky videos of people lip-syncing and dancing, in clips that run between 15 seconds and 1 minute. But it’s also become a hub for political talk ahead of the US presidential election. The app has logged more than 2 billion downloads as of April. TikTok had 689 million monthly active users globally as of July and was available in more than 200 countries. Uncertainty over TikTok’s future prompted some US users to direct their fans to their Instagram and YouTube accounts. Facebook, which is notorious for copying its rivals, released a TikTok competitor called Reels on Instagram in early August.

ByteDance purchased Musical.ly for around $1 billion in 2017 and that app, popular among US teens, was rebranded as TikTok.
下载开源日报APP：https://opensourcedaily.org/2579/
加入我们：https://opensourcedaily.org/about/join/
关注我们：https://opensourcedaily.org/about/love/

开源日报第906期：《Google Guava》

Google Maps adds a COVID-19 layer

开源日报第905期：《网易云音乐+命令行 musicbox》

You Built Your Node App, But Are You Logging?

Logging is a best practice. Here’s how to do it right

Why Are Logs Important?

Logging Best Practices

1. Don’t use console.log

2. Use a dedicated logging library

3. Source, timestamp, context — the most important parts of a log

4. Use log levels properly

5. What not to do when logging

6. Use the appropriate logging level in production

7. Store the current logging level as an environment variable

Summary

开源日报第904期：《Ckplayer》

Always Aim to Program for Simplicity

Complexity can destroy the infrastructure of your code and kill your program

The Tree Metaphor

Reliability and Scalability Are Dependent on Simple Code

Remember That Complexity Kills Your Program

Final Thoughts

开源日报第903期：《leek-fund》

Trump approves TikTok-Oracle deal