Best Programming Master

Facebook announced its support for the Rust Foundation and stated that it is committed to sustaining and growing the Rust open-source ecosystem and community. According to Facebook, it currently has multiple teams throughout the company writing Rust code and even has a dedicated Rust team that is primarily responsible for the growth of Rust development inside the company as well as contributing to open source. “We are joining the Rust Foundation to help contribute to, improve and grow this language that has become so valuable to us and developers around the world. We look forward to participating with the other foundation members and the Rust community to make Rust a mainstream language of choice for systems programming and beyond,” said Joel Marcey, the open-source ecosystem lead at Facebook, and now board director at the Rust Foundation. Updated Google Play guidance Google is pre-announcing a policy change for app metadata and introducing new guidelines on store listing preview a

With the acquisition of my company, StackRox , by cloud-native technology vendor Red Hat , it seems like a good time to reflect on the state of cloud-native security.  Security in the cloud has been my life for the past five years, and it’s changed very quickly as new cloud-native platforms have taken over the industry.  We’ve had to create new tools and approaches to meet the new technologies and workflows of today’s cloud and will need to continue evolving them to meet the challenges of tomorrow’s. Before we get into the future of cloud-native security, though, let’s look at where we started in the distant past of … seven years ago. Our industry started with a focus on basic security hygiene for containers, which formed the basis for “container security.”  While container-related technologies had existed for over a decade, Docker provided the toolset that popularized the Linux container as a standard distribution format for applications, making it widely accessible and adopted.  W

One-Stop Anomaly Shop (OSAS) is a new open-source project from Adobe Security. OSAS is a security intelligence toolset for detecting anomalies. Researchers can use OSAS to experiment with data sets, control how they are processed, and shorten the path to finding a solution for detecting security threats.  “Logs are not always straightforward. Security-related logs are even more heterogenous and verbose, often presenting a large feature-space due to the unbound nature of attribute values. Often when using machine learning (ML) algorithms and models this large feature-space can create an adverse effect known as data sparsity. This means that most supervised and unsupervised ML algorithms will struggle to find structure within the data and are likely to overfit and handle previously unseen examples poorly,” Chris Parkerson, marketing lead for the Adobe Corporate Security Team, wrote in a post .  OSAS uses a two-step approach to data processing that reduces that effect. First it con

Atlassian announced a new DevOps experience at its Team ‘21 conference this week. Open DevOps is a development solution built on Jira designed to connect software development teams, tools and technologies.  “We believe that every software team should choose the best tools and technology without sacrificing the ability to collaborate across the company. That’s why our approach is open and integrated – open so teams can use the tools of their choice, and integrated so collaboration doesn’t come at the expense of velocity,” Suzie Prince, head of product, DevOps at Atlassian, wrote in a post .  Open DevOps combines Atlassian products and partner offerings such as Jira Software, Confluence, Bitbucket, Opsgenie, GitHub and GitLab. “GitLab and Atlassian are both strongly committed to meeting the needs of our users. We’re proud of the work we’ve done together with GitLab and Jira integration. Our joint customers gain the autonomy to remain in their chosen context and tool, without sacrif

The remote career platform Arc announced plans to help developers build their remote careers with a new platform and community. The new open remote platform aggregates more than 54,000 remote developer jobs from more than 13,000 companies hiring. Developers can also use the Arc community to ask questions, share experiences and discuss challenges.  RELATED CONTENT: 14 remote working mistakes that your team could be making “We believe you deserve an extraordinary career no matter where you live,” said Weiting Liu, founder and CEO of Arc. “And we believe remote work unlocks more equal access to opportunities for people all over the world. We are building the world’s best remote job search experience and community to help more developers build stronger, genuine remote careers and set themselves up for long-term success.”  The Bytecode Alliance grows Mozilla, Fastly, Intel and Microsoft have announced the incorporation and expansion of the Bytecode Alliance. The alliance aims to advanc

JetBrains today introduced TeamCity Cloud, a managed CI/CD service designed for DevOps teams that don’t want to deal with maintaining and scaling their own infrastructure.  The cloud version is based on the original TeamCity and it shares a lot of the same functionality including integration with popular development tools, test intelligence and easy configuration, the company explained. TeamCity Cloud’s test intelligence analyzes test history, reports flaky tests, visualizes trends, and lets teams know how their code quality changes over time. The new solution also lets teams configure their CI/CD pipelines through a web UI and offers the option to create them programmatically using Kotlin, which can handle pipelines of various complexities and scale.  According to JetBrains, the core key differences of TeamCity Cloud from the on-premise version is that it is maintained by the company and thus has fewer administration features.  Moving forward, JetBrains plans to add macOS supp

The University of Minnesota’s Computer Science and Engineering Department security researchers are facing intense scrutiny from the Linux community for intentionally trying to insert bugs into Linux patches. The buggy patches were a part of the research paper On the Feasibility of Stealthily Introducing Vulnerabilities in Open Source Software via Hypocrite Commits . The paper stated: “As proof of concept, we take the Linux kernel as target OSS and safely demonstrate that it is practical for a malicious committer to introduce use-after-free bugs. Furthermore, we systematically measure and characterize the capabilities and opportunities of a malicious committee. At last, to improve the security of OSS, we propose mitigations against hypocrite commits, such as updating the code of conduct for OSS and developing tools for patch testing and verification.” However, the experiment did not go over as planned and was not well received from the community. Linux kernel maintainer Greg Kroah-Ha

SmartBear has entered into a definitive agreement to acquire the application stability management provider Bugsnag.  Bugsnag offers full-stack stability and error monitoring technology that prioritizes application stability. “An accelerated shift to DevOps, among other existing digital transformation initiatives, has really taken off over the past year,” said Vineeta Puranik, the senior vice president of engineering at SmartBear. “Those shifts require testing to be performed earlier and by developers alongside testers. Bugsnag empowers development teams to make data-driven decisions around app quality, and the solution’s ease of use and seamless integrations make it a perfect fit for the SmartBear portfolio.” DevArt offers support for OAuth 2.0 Authentication and SOQL Queries DevArt announced that it now supports the common authorization standard OAuth 2.0, which requires that users only log in once to authorize a driver to access data and generate a refresh token. The authoriz

Red Hat announced new features coming to Red Hat Enterprise Linux (RHEL) 8.4, which will be released in a few weeks, at its Red Hat Summit virtual conference this week. According to the company, this release “refines the platform’s role as a lightweight, production grade operating system for edge deployments, adding new Linux container, deployment and management capabilities scaled for the needs of edge computing.” Red Hat recently released a report, “ The State of Enterprise Open Source ,” which showed that 72% of IT leaders are expecting open source to drive adoption of edge computing in the new two years. Red Hat Edge is a new effort being highlighted in RHEL 8.4 that aims to extend Red Hat’s cloud portfolio to the edge. This includes extending existing solutions like OpenShift, Advanced Cluster Management for Kubernetes, Ansible Automation Platform, Red Hat Integration, and Red Hat Data Services. Other features that will benefit edge adoption in RHEL 8.4 will include updates to

Gremlin has added Automatic Service Discovery to its chaos engineering platform in an effort to help companies improve resilience and reduce downtime by identifying the various services running across distributed systems.  “The rise in popularity of microservices necessitate services functioning as first-class citizens. The infrastructure layer is becoming more abstract and engineers are increasingly thinking about their systems as a collection of services,” said Matthew Fornaciari, the CTO and co-founder of Gremlin. “We want to replicate that mental model in Gremlin and reduce the cognitive load necessary to create controlled chaos.” Gremlin also built a new way to track reliability progress by enabling SREs and DevOps teams to click into a particular service and view the full history of events that were run over time.  More information is available here . WhiteHat Attack Surface Management announced WhiteHat Security released Attack Surface Management powered by Bit Discovery to

Cypress is by far the fastest growing cross-browser, front-end developer friendly test automation framework. It is an MIT-licensed open-source project, backed both by a strong community and by a commercial company that provides additional optional services. Cypress development is happening quickly, aiming to close some of the painful gaps in the cross-browser testing space. Cypress is growing so fast due to many reasons. Cypress is equipped with a set of capabilities that makes it easy to use ,which is appealing to developers and QAs alike who like to use JavaScript or TypeScript . Since the tests run inside the browser itself, an additional benefit of Cypress is the execution speed and debugging capabilities . While the tests run in the browser, Cypress also uses a node server as its proxy. The browser and the Cypress Node process constantly communicate to perform tasks on behalf of each other, like mocking the network requests from tests, and more. Cypress supports t

Pyodide, Mozilla’s open-source project for running Python inside a web browser, has become an independent and community-driven project with a new home on GitHub . The company also announced the new 0.17 release as part of its announcement.  The project aims to bring the Python runtime to the browser via WebAssembly along with NumPy, Pandas, Matplotlib, parts of SciPy and NetworkX.  According to Mozilla, Pyodide contains the CPython 3.8 interpreter compiled to WebAssembly, which allows Python to run in the browser and it can install any Python package with a pure Python wheel from the Python Package Index (PyPi). RELATED CONTENT:  Python named TIOBE’s programming language of 2020 The new version contains major maintenance improvements, a large redesign of the central APIs and careful elimination of error and memory leaks.  The type translation module was significantly reworked so that the round trip translations of objects between Python and JavaScript produce identical objects. P

The Angular team has announced it will be deprecating View Engine in Angular 12, but that this change won’t require most developers to take any action. View Engine is Angular’s legacy compilation and rendering pipeline. It is being replaced by Ivy, which has been the default pipeline for developers for the past year. The goal of Ivy is to make Angular simpler, faster, and easier to maintain.  When it first enabled Ivy in Angular 9 , the team developed a compatibility compiler called ngcc that ensures backward compatibility with libraries that use View Engine. This will ensure that even once the legacy compilation and rendering pipeline is deprecated, libraries that depend on it will still work.  “Over time with the new Ivy Library Distribution on, both library and application developers will start seeing fewer ngcc compilations and, therefore, have better development experience,” Minko Gechev, senior developer relations engineer at Google, wrote in a post .  According to the te

The initial preview of Microsoft’s GUI app support is now available for Windows Subsystem for Linux which lets developers use their favorite Linux GUI applications. According to the company, this will be useful for running Linux-only applications or Linux-specific use cases such as testing. It can also be used for building, testing and using Linux applications that use audio or the microphone with built in audio support. The new feature also enables support for GPU-accelerated 3D graphics. Additional details are available here . Godot 3.3 released Godot is a 2D and 3D cross-platform game engine. The latest 3.3 release comes with many improvements for Web exports and the Web editor was released in sync with the native version.  The release also introduced a new plugin API for iOS and  Android App Bundle (AAB), a publishing format that enables more efficient distribution of Android apps.  Godot 3.3 is compatible with Godot 3.2.x and is a recommended upgrade for all 3.2.x users. T

AWS released its new IDE, EMR Studio, designed to help data scientists and data engineers develop, visualize and debug applications written in R, Python, Scala and PySpark.  The IDE was first previewed at AWS re:Invent 2020 and since then, new features were added such as the ability to use the Amazon EMR console and AWS CloudFormation to create and configure a new EMR Studio for teams.  To help with debugging, the IDE provides fully managed Jupyter notebooks and tools like Spark UI (which can now be launched directly from an EMR Studio notebook) and YARN Timeline Service. The IDE is also suitable for developers who want to install custom kernels and libraries and run parameterized notebooks as part of scheduled workflows using orchestration services. Developers can set up the IDE to run on existing EMR clusters and also create new clusters using Cloud Formation templates or the AWS CLI for Amazon EMR.  The guided steps included on the Amazon EMR console can help with setting up s

Mobile engagement and communication company Sendbird announced new capabilities for developers to build chat features into their applications through Sendbird’s new Flutter SDK.  Sendbird also announced a new open-source version of its UIKit to make it easier to fully customize and extend the UIKit. “Developers will grow the next generation of unicorns, and Sendbird is doing everything we can to empower them by making it very simple to integrate compelling interactive experiences into modern apps,” said John Kim, the founder and CEO of Sendbird. Sencha Ext JS 7.4 announced Sencha announced version 7.4 of its Ext JS Web Application Development Platform, designed to enable companies to seamlessly design, develop and test feature-rich, cross-platform web applications. The new version introduces new features such as multi-level grouping, an advanced grouping panel, summaries for groups & totals, and a filterbar within the grid, the company explained. “As web development continues

Teller is an open-source productivity secret manager that aims to help developers with cloud-native apps and multiple cloud providers. The tool was built by developer-first cybersecurity company Spectral as a way to tackle the “last mile problem” of securing sensitive access and preventing data leaks.  With Teller, developers never have to leave their terminal to use secrets while developing, testing and building their apps, according to the company.  Users can also connect the project to any vault, key store or cloud service such as Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager and many more and eliminate the need for custom scripts and tokens in ‘.zshrc’ files.  Teller also doesn’t expose anything to unauthorized users through the use of ‘teller’ and ‘.teller.yml’ files.  Spectral explained this eliminates the complexities involved in manually exporting and setting up environment variables for running processes with demo or production-like setups. 

Canonical has released the latest version of Ubuntu . Ubuntu 21.04 includes native Active Directory integration, a smoother graphics experience, and a redesigned dark mode. “Native Active Directory integration and certified Microsoft SQL Server on Ubuntu are top priorities for our enterprise customers.” said Mark Shuttleworth, CEO of Canonical. “For developers and innovators, Ubuntu 21.04 delivers Wayland and Flutter for smoother graphics and clean, beautiful, design-led cross-platform development.” Active Directory administrators will now be able to manage Ubuntu workstations, which will help simplify compliance. In addition, administrators can configure settings from a domain controller and use a Group Policy client to specify security policies on connected devices. Wayland graphics are now also enabled by default. This, in combination with the new Flutter SDK, provides a smoother graphics experience, Canonical explained. The new Flutter SDK makes it easier for developers to pu

SmartBear , a leading provider of software development and quality tools, has integrated  TestComplete , its UI test automation tool, with  BitBar , its native mobile device cloud. TestComplete users are now able to create a codeless mobile test and then use these tests in BitBar across devices. Additionally, TestComplete increases support for testing enterprise applications like Salesforce, Oracle EBS, and SAP. As businesses continue to accelerate digital transformation, this new version of the company’s test automation tool helps ensure web and mobile apps work as expected across devices, as well as the availability of critical applications needed by businesses. “The DevOps motion is truly underway, and testing can no longer be a bottleneck,” said Prashant Mohan, Senior Product Manager at SmartBear. “Whether you are a developer, tester, or business analyst, you need to test, and you need to do it quickly. By scaling tests across several browsers and devices in a matter of clicks o

When I started in web development, the architecture of an application always radiated out from the database. Any application was firmly rooted by its data schema and the first step was sketching out the tables and relationships that would define how data was organized and retrieved. But that’s where the web was, not where it’s headed. Today, I’m struck by how little developers need to think about the database at all. Databases are still very much at the heart of the modern web, just as servers still dutifully power the expanding array of serverless offerings. But it’s today possible—and common—to author and deploy rich, interactive web applications without managing database infrastructure or even knowing how the data is ultimately stored. RELATED CONTENT:  Jamstack brings front-end development back into focus It’s a shift that’s been in the making: developing directly against the database became less common with the rise of web frameworks like Rails and the ORM. Even with these ab