Best Programming Master

Return Policy Guide is a website that aggregates the policies of many major retailers, so if a customer is unhappy with his purchase, he can learn how to most effectively return the product and get his money back. The site handles a ton of data, from the individual policies themselves, to ads on the site, to user reviews and more. Ashutosh Panda, senior developer at the company, explained that his developers do not get a say about the data creation or input, but are responsible for the data they choose to use in their applications. RELATED CONTENT:  The SD Times Data Quality Project The first step to ensuring data quality is validation “We just give the developer a set of problems and then the solution we want from him,” Panda said. “That’s it. The process that he uses is absolutely upon him. So he is the one who makes the call as to which data to include, which data not to include, to get the best results. And so I would say that, yes, the developer is essential in this process,

There are three steps when it comes to setting up test automation in your development organization: Creation, maintenance and continuous. While these three steps may seem straightforward, Mark Lambert, vice president of strategic initiatives at Parasoft, explained there are specific challenges that arise with each step.   Creation: Here, organizations not only have to figure out how to create their test automation, but identify what things to automate because not everything can be automated, according to Lambert. Then, organizations need ways, practices and technologies to help them with the creation process. Maintenance : Once the tests are created, people have to consider how they are going to move forward with an Agile DevOps deployment. They need to maintain the test framework, make sure it is stable, and be able to make updates.  Continuous : One of the biggest challenges organizations face when trying to accelerate beyond their initial test automation practice is being able

The Free Software Foundation (FSF) has announced a call for feedback from the community. This feedback will be used to create an update to the FSF’s High Priority Free Software Projects (HPP). According the Foundation, the HPP initiative draws attention to specific area of development and projects of strategic impor tance, with the ultimate goal of freedom for all computer users. The list guides volunteers, developers, funders, and companies to projects that will best utilize their skills.  “The HPP list has enormous potential, and it’s important to get feedback from the community so it reflects the current state of free software,” said Zoë Kooyman, program manager at the FSF. “The HPP list provides focus to projects and developers, as well as to supporters looking to fund free software projects. Free software is the only answer to respecting users in the increasingly digital environment we all live and work in, and the HPP list can help guide software’s continued path to freedom.”

Halloween is upon us, and while much of the world is focused on scary creatures like ghosts, ghouls, or werewolves, DevSecOps teams have a few scary creatures of their own to deal with.  From the Dracula-like developer stuck in a world from centuries ago who is thwarting the creation of secure apps, to the DevOps ghosts that downplay the importance of app vulnerabilities, it’s important for DevSecOps teams to understand the threats that may be lurking in their own teams. First off, there are the Dracula-like developers who are stuck centuries in the past. According to Dennis Hurst, founder of Saltworks Security , these developers exist out of a desire not to change the way they write code. “We run into this a lot, of ‘we’ve always built an application this way, why do I need to security test it?’ And they’re not sort of realizing that these applications are now on the internet, they’re public facing, or they’re connected to things that are on the internet, or they’re running in a

MemSQL will now be known as SingleStore. The database provider for operational analytics and cloud-native applications believes the new name will better help describe its value proposition.  “We couldn’t be happier to call ourselves SingleStore, a name that aptly defines us and our ability to change how our customers use data. Companies around the world can use SingleStore to gain faster insights, eliminate complexity, and substantially lower the costs related to their data strategies,” said Raj Verma, SingleStore CEO.   SingleStore will provide a data platform for transactions and analytics capable of handling structured, unstructured and semi-structured data.  More information is available here .   .NET for Apache Spark 1.0 now available .NET for Apache Spark is an open-source package designed to bring .NET development to Apache Spark. The 1.0 version includes support for .NET apps targeting .NET Standard 2.0 or later; access to Apache Spark DataFrame APIs; and ability to write

This week’s featured open-source project is Bullet Train , which enables developers to manage feature flags across web, mobile, and server side applications.  The application consists of three components: the Server-Side REST API, the Front End Administration Web Interface, and Client Libraries.  The Server Side API is written in Python and is based on Django and the Django Rest Framework.  The application can also be run locally using Docker Compose if required, however, it’s beneficial to run locally using the above steps as it gives you hot reloading, according to the developers behind Bullet Train. Bullet Train aims to deliver continuous integration, help get builds out faster, and control who has access to new features. Rather than just switching features on and off, organizations can configure them for individual segments, users and development environments. First, users can create a feature branch in Git and a corresponding feature flag in Bullet Train. Next, once the code

The Scaled Agile Framework ( SAFe ) is a great tool for establishing agile and Lean best practices across an enterprise. It provides an overarching architecture for aligning development, quality assurance and other functions to produce a faster workflow and to boost performance across the board. There is an important missing link, though. To date the SAFe framework hasn’t incorporated site reliability engineering – a function of growing importance in today’s application-driven economy.  Site reliability specialists focus on the operational infrastructure so vital to keeping sites and services running. They work to improve availability, latency, performance, efficiency, change management, capacity planning and a host of other factors that influence service delivery and the user experience.  RELATED CONTENT:   Taming heterogeneous tooling into cohesion Value-Based DevOps: Building Software Profitably So why isn’t this important function included in SAFe? The framework focuses more

Microsoft has invested heavily in developer solutions, adding enhancements to Visual Studio like GitHub Codespaces, Git Integrations, and IntelliCode Team Completions. Now, the company is planning on creating a new extensibility model for Visual Studio extensions. According to Microsoft, this new model will make extensions more reliable, easier to write, and supported locally and in the cloud.  The company explained that one of the problems with extensions today is that in-proc extensions have minimal restrictions over how they can influence the IDE, which sometimes leads to them corrupting Visual Studio if the extension crashes. One of the biggest changes Microsoft will make is to make extensions out-of-proc, ensuring increased isolation between internal and external APIs and leading to fewer crashes. Extensions will also now be easier to write. “Inconsistent APIs, overwhelming architecture, and having to ask your teammates how to implement what should be a basic command are common

Tidelift has announced a new integration with Sonatype’s OSS index data. The integration aims to provide open-source vulnerability identification and remediation capabilities for Tidelift customers. According to the company, the Sonatype OSS Index aggregates data from CVE entries, a growing list of public vulnerability sources, and community contributions.  “In a recent Tidelift survey, 58% of the respondents cited ‘identifying and resolving open source security vulnerabilities’ as a key issue,” said Matt Rollender, the head of partnerships at Tidelift. “Giving our customers access to Sonatype’s OSS Index vulnerability data through the Tidelift Subscription directly addresses a key pain point for our growing client base.” MFC Wizards now supports Typelib and ActiveX MFC ActiveX Wizard creates an ActiveX control and the application hosting the ActiveX control is the automation client of that control.  Meanwhile with MFC Typelib Wizard, developers can create an MFC class from an in

Catchpoint today released a new solution that brings its end-user monitoring solution inside to organizations so they can spot and remediate problems with employee devices, applications and their network. The new Employee Experience Monitoring solution brings together RUM and endpoint analytics  with global user sentiment data and synthetic monitoring to help organizations with growing numbers of remote workers troubleshoot problems. It does this by placing an agent on the employee’s device to monitor the device itself —  CPU, memory and device metrics. Additionally, according to a company announcement, Catchpoint now offers end-user self-help to remediate challenges, improving the employees’ overall experience with the networks, devices and applications they use. This new solution enables active synthetic transaction monitoring from the endpoint, so the company can proactively diagnose issues such as unstable internet connections or issues with local WiFi access points. Nik Kout

The latest version of the open-source machine learning library PyTorch is now available. PyTorch 1.7 introduces new APIs, support for CUDA 11, updates to profiling and performance for RPC, TorchScript, and Stack tracers. New front end APIs include torch.fft, which is a module for implementing FFT-related functions; C++ support for nn.transformer module abstraction from the C++ frontend; and torch.set_deterministic, which can direct operators to select deterministic algorithms when available. These new APIs are all currently available in beta. Performance updates include the addition of stack traces to the profiler, which allows users to see not only the operator name in the profiler output table, but also where the operator is in the code.  In addition, TorchElastic is now a stable feature. TorchElastic provides a strict superset of the torch.distributed.launch CLI. It includes added features for fault-tolerance and elasticity. Other distributed training and RPC features include be

Google is updating its mobile platform Firebase with new building blocks to accelerate app development. The company made a number of announcements at its Firebase Summit 2020 this week. “Over the past few months, we’ve seen that apps not only improve the way we live, they  also enhance our ability to adapt to change. In 2020, more businesses and families have turned to apps to stay connected, productive, and entertained. At the same time, our developer community has stepped up to build and scale the apps people are relying on,” Francis Ma, director of product management for Firebase, wrote in a blog post . The announcements included: Authentication emulator for rapid iteration and local development The Emulator Suite that lets users run emulated versions of Firebase’s backend products for a faster and safer development experience now includes support for authentication, according to Ma.  The new auth emulator also enables developers to run integration tests that rely on authentic

The newly launched Tasktop Flow Institute online community for business leaders offers custom courses and content to gain practical knowledge and skills, as well as better understand value stream management and Tasktop Flow Metrics, according to the company.  “Becoming a software innovator means knowing how to measure what matters across your entire software portfolio,” said Mik Kersten, the CEO of Tasktop. “Meaningful and actionable measurement of flow is the critical piece needed to determine where organizations must address technical problems such as debt dead-ends, and where to allocate resources and talent. I’m proud that Tasktop is finally able to introduce The Flow Institute to help businesses meet this moment in a vibrant community built to share knowledge and expertise around flow.” The courses cover topics such as outcome-based recognition of software development and business goals, provide ongoing input and knowledge around the impact of product-based thinking, and more. 

GrammaTech has announced a new software composition analysis (SCA) product, CodeSentry, that is designed to detect vulnerabilities in application components including binaries, and create a detailed software bill of materials.  According to the company, it identifies blind spots and allows security professionals to measure and manage risk quickly throughout the SDLC.  With the bill of materials, CodeSentry can detect the components and vulnerabilities associated with them, including network components, GUI components, or authentication layers.  “Using third party components rather than building applications from scratch is an accepted practice for accelerating time to market and is fueling a massive growth in reusable code,” said Mike Dager, the CEO of GrammaTech. “Most organizations now recognize the security risks that third-party code poses to their applications and business, and the need for software composition analysis provided by CodeSentry, which inspects binaries for unmatc

The React framework Next.js is getting a major update for front-end development. Vercel, the Next.js company, announced Next.js 10 at its user conference today with new ways for front-end developers to create rich web experiences.  “Performance, or lack of it, is the most critical factor in the success or failure of the modern web site,” said Guillermo Rauch, CEO of Vercel. “Next.js 10 addresses the most critical pain points developers face when optimizing their workflows and websites to deliver high quality, highly-performant content at scale.” Top features in this release include automatic image optimization, internationalized routing and automatic language detection, quick-start e-commerce capabilities and continuous Web Vitals analytics. According to the company, Google’s Web Vitals is expected to become the next PageRank, which can impact a website’s success or failure. With Next.js 10, developers get real-world continuous user insights to help them understand where their site

Grafana Labs has made a number of updates to its observability portfolio this week at its virtual ObservabilityCON conference . The updates include the release of  Loki 2.0, Grafana Tempo, Grafana 7.3, new plugins, and Grafana Metrics Enterprise.  Loki 2.0 includes improvements to the query language, allowing users to transform logs and extract additional labels, according to the company. These improvements help keep Loki cost-efficient and easy-to-use, while also providing the ability to query, analyze, and aggregate log data in new ways. Grafana Tempo is a new open-source distributed tracing backend. It is designed to correlate metrics, logs, and traces, and make it easier and faster to troubleshoot by narrowing in on a specific trace. It is also deeply integrated with Grafana, Prometheus, and Loki, Grafana Labs explained. It can be used alongside any open source tracing protocol, such as Jaeger, Zipkin, and OpenTelemetry.  Grafana 7.3 offers a seamless experience between Grafana

According to a recent Deloitte report on post COVID-19 enterprise implications, “…the pandemic is reshaping the global business landscape and fundamentally changing how people around the world live and work… However, every new normal eventually gets replaced by a new new normal, so in our view it makes sense to call the post-COVID business environment the next normal.”  The report delved further into the changing business conditions and priorities emerging from the pandemic, highlighting the following among other takeaways:  Cloud computing is poised to accelerate, with 80% of respondents stating that cloud is now the most relevant technology  Next normal customer engagement strategies will be driven by digital channels and flexible customer experiences  These points reflect what we’re also seeing in the industry. Cloud offers organizations numerous opportunities to accelerate innovation, reduce costs and increase flexibility. By deploying our Digital Automation Intelligence

The latest version of the GraphQL Editor is now available. The main feature in the 3.0 release is the ability to facilitate and manage a GraphQL schema. The release also introduced a completely reworked hierarchy view and new Organizer Mode, allowing for even faster creation and navigation through the schema.  The new version also contains improvements to Faker, such as the ability to specify faker values from faker.js as well as to specify an array of values to choose a random value from that array. Other improvements were included for JAMStack, automatically generated documentation, live collaboration, and a GraphQL Editor guide. Additional details are available here . Applitools integrations with GitHub and Microsoft Applitools announced integrations with GitHub Actions and the Microsoft Visual Studio App Center for UI version control and fast build-test workflows. The integrations allow developers to seamlessly add Visual AI-powered testing to every build and pull request, re

Open-source software may be the backbone of software development, but finding open-source talent is proving to be difficult. In the latest Linux Foundation and edX 2020 Open Source Jobs Report , while 81% of respondents say hiring open-source talent is a top priority, 93% of hiring managers report trouble finding the skills. The report also revealed the top desired skill sets include Linux, DevOps, cloud and security. According to the foundation, these skills align with the technologies of highest importance to open-source professionals, which are cloud and containers, AI and machine learning, security, Linux, networking, and edge computing.  In order to address the open-source skills gap, more and more businesses are leveraging online open-source training for employees. Eighty percent of employers reported they now provide online training, which is up from 66% two years ago. According to the report, the increase in online training is due to the COVID-19 pandemic. Certifications are

The LF AI Foundation and ODPi merged to support a growing portfolio of technologies and to drive open source collaboration across AI and data. The LF AI Foundation supports open-source innovation in artificial intelligence, machine learning and deep learning while ODPi focuses on big data solutions.  Together, the organizations will make up the LF AI Data Foundation, and will enable additional collaboration and integration of AI/ML/DL and data. The effort will build and support an open community and a growing ecosystem of open source AI, data and analytics projects. It will also bring developers and projects together, orchestrated by a single Technical Advisory Council and several committees (Trusted AI, BI & AI) to provide a unified glance for end users on tools, interoperability, integration, standards, and the future of AI. “LF AI has been growing at the rate of one new project per month, including several data projects. It is a natural move to bring together the open AI and

Traditional application security is different in two key ways from what has come to be known as DevSecOps. First, modern software companies are integrating application security into their DevOps pipelines, so security becomes part of the flow. Second, it’s also about DevOps being built into application security. Patrick Carey, who leads product strategy in the Software Integrity Group at security solutions provider Synopsys , explained these differences. By building application security into your automated development environment, he said, security “is initiated through events, rather than necessarily a phase where somebody at the end of the line, whose job it is to make sure that you didn’t screw up and code a vulnerability,” does the testing. On the other side of that coin, building DevOps into AppSec, eliminates the gates created by traditional DAST or pen-testing tools, creating instead guardrails that allow the team to move forward with relatively low friction but to stay on tra

The new DataOps advisory service by DataKitchen aims to help customers achieve an enterprise DataOps transformation by leveraging industry-leading DataOps expertise and the company’s critical capabilities necessary to launch a successful and sustainable DataOps initiative. Customers can now choose from a menu of services such as Strategic DataOps, Technical DataOps, Maturity Model Assessment, DataOps Dojo and more.  “Many companies know that DataOps provides the foundation for analytic excellence, but struggle when it comes to designing and executing a DataOps plan. Our software is an important piece of the puzzle because it automates all the critical elements of a DataOps program – orchestration, testing, environment creation and management, and deployment,” said Chris Bergh, the founder and CEO of DataKitchen. Netlify team overview simplifies collaboration Netlify announced the release of Team Overview, a central dashboard in the Netlify UI that surfaces the most important inform

Recently, there’s been a new change proposal for Cassandra indexing that attempts to reduce the tradeoff between usability and stability: Making the WHERE clause much more interesting and useful for end-users. This new method is called Storage-Attached Indexing (SAI). It’s not the flashiest name, but what do you expect? Engineers aren’t known for naming things , but cool technology is never a joke. SAI has captured the attention of the Cassandra community , but why? Indexing data is not a new concept in the database world.  How we index our data can change over time based on the desired use cases and deployment models. Cassandra was built combining aspects of Dynamo and Big Table to reduce the complexity of read and write overhead by keeping things simple. The complexity of Cassandra has been mostly reserved to its distributed nature and as a result, created a tradeoff for developers. If you want the incredible scale of Cassandra, you have to spend the time learning how to data