News Aggregator

Java - Example Very Simple Player (JMF)

Aggregated on: 2022-07-12 16:21:29

package org.jmf.example; import javax.swing.JDialog; import javax.swing.JFrame; import javax.swing.UIManager; import javax.swing.UnsupportedLookAndFeelException; import javax.swing.plaf.metal.MetalLookAndFeel; public class ExampleJMF { public static void main(String[] args) { JFrame.setDefaultLookAndFeelDecorated(true); JDialog.setDefaultLookAndFeelDecorated(true); try { UIManager.setLookAndFeel(new MetalLookAndFeel()); } catch(UnsupportedLookAndFeelException e) { e.printStackTrace(); } new exampleFrame(); } } If you wonder what a JMF player is, you are in the right spot. We've noticed that many aspiring developers want to try it out but are unsure how it works. Hence, we decided to put together this guide to make things a tad easier for you. But before we dive into it, let’s answer this crucial question:

7 Ways to Dramatically Reduce Your Time in Code Review

Aggregated on: 2022-07-12 16:21:29

Code reviews can be painful. Software engineers often complain that the review process is slow, delays downstream tasks, and leads to context switching as you navigate back and forth between an open pull request (PR) and your next task. Code reviews can also be full of nitpicking and bikeshedding, making it a poor experience for everyone involved. To remedy this problem, some engineers have even gone as far as suggesting we get rid of pull requests and code reviews altogether. While that may work for small teams at startups, I don’t think this is the right solution for everyone, especially enterprise-level companies.

API Security Weekly: Issue 167

Aggregated on: 2022-07-12 15:51:29

This week, we have a long-standing vulnerability on a public-facing internal API on Uber, which allowed attackers to spoof emails. In addition, there’s an article by NordicAPIs on the RapidAPI report on the rise of partner-facing APIs, IBM’s views on the API security risk posed by the growth in omnichannel APIs, and finally (another) awesome API security mega guide. Vulnerability: Uber Bug Allows Attackers to Spoof Emails ThreatPost featured details of a vulnerability on a public-facing internal API on Uber allowing attackers to spoof emails so that they would appear to be from Uber.

What Is TTFHW?

Aggregated on: 2022-07-12 15:51:29

TTFHW is not the most common acronym you’ll hear in the tech and product domain. Even though it’s not extremely common, it can be argued that it is one of the most important acronyms for companies trying to scoop up and deliver value to new users. TTFHW, or Time To First Hello World, is likely something you’ve already thought about. Many product-led enthusiasts refer to it as the customers’ “aha!” moment. This is the moment when a customer first derives value from your platform. Something many programming languages and programmer tools refer to as a “Hello World” moment. It’s a make-or-break milestone and one that you obviously want every customer to experience. TTFHW is simply the amount of time it takes to get to that “aha!” moment.

Linux Kernel Bugs and How to Combat Them

Aggregated on: 2022-07-12 15:21:29

The importance of secure IT systems cannot be overstated. Every day, new cyber threats emerge. As well as online networks, operating systems can also be vulnerable. Although Linux is more secure than other operating systems, no operating system is 100% safe from attacks. In fact, there has been a rise in cyber attacks targeting Linux operating systems. High-value targets are often powered by Linux, making Linux security very important. For example, organizations who aim to stay HIPAA compliant in their communications need to make sure every piece of software they use—including their operating systems and even their digital workplace software—is as secure as possible.

From Ethereum to Aurora With Infura

Aggregated on: 2022-07-12 14:06:29

The promise of Web3 is enticing. Freedom from tech giants and giving power back to creators are lofty but worthy goals. Ethereum is the world’s largest and most-used public blockchain and has supported the growth of Web3 since it was launched in 2015. Being the first and most popular doesn’t come without challenges, especially when network demand is high. Slow and expensive transactions don’t exactly make for the best developer experience and the rise of L2s to ensure Ethereum scalability continues to be surprising. For developers that want to try other layer one chains, there are alternatives.

Securing Kubernetes Secrets With HashiCorp Vault

Aggregated on: 2022-07-12 05:06:28

As more and more organizations making the shift to cloud-native technologies, Kubernetes has become the de facto choice to orchestrate container-based applications. As applications grow in size, the number of microservices increases and so does the data they process. Hence, handling data, especially sensitive data becomes critical. Out of the box, Kubernetes supports "Secrets" objects to store sensitive information — like passwords, tokens, ssh keys, and so on — securely. Kubernetes secret eliminates the need to hard-code sensitive data in the application code. Secrets provide this sensitive information as data mount or expose them as environment variables.

Debugging Gson, Moshi, and Jackson JSON Frameworks in Production

Aggregated on: 2022-07-12 04:36:29

Parsing bugs are the gift that keeps giving in the age of APIs. We use a service; it works perfectly in debugging, QA, and so on. Then some user input that made its way to the web request, returns a result we just can’t parse. Unfortunately, there isn’t much we can do at this stage. We need to understand why the failure occurred and how we can workaround it and fix it. In production, that isn’t trivial. We could log all the calls we made and all the objects passed. But this will destroy our performance and send our log storage bill through the roof. It might also put us in violation of privacy laws, since the JSON data might include private user information. This is a common problem in production since a webservice might change and trigger a serialization failure at runtime. This is especially true in polyglot environments where a Java class mapped using an API like Jackson might fail on the deserialization of a NodeJS object.

BlackCat Ransomware That Breached More Than 60 Organizations

Aggregated on: 2022-07-12 04:06:28

The BlackCat ransomware that caused headaches for more than 60 organizations worldwide is now decryptable, thanks to the effort of security researchers. Yes, you read that correctly. The ransomware, first spotted in the wild in October 2019, can now be decrypted for free.

The State of Kubernetes Stateful Workloads at DreamWorks

Aggregated on: 2022-07-12 00:21:28

Running data on Kubernetes is becoming an industry standard, but DreamWorks was among the few very early adopters – starting in 2017 – that started the trend. DreamWorks currently runs 370 databases on over Kubernetes 1,200 pods making it one of the largest stateful infrastructures running on top of Kubernetes. Interviewed by DoKC Head of Content Sylvain Kalache, DreamWorks’ Data Service Lead Ara Zarifian discusses how the company manages stateful workloads on Kubernetes, key benefits, and challenges. Ara shares the innovative standards they developed for Kubernetes operators, a key element of running stateful workloads on Kubernetes. This innovation allowed them to grow the number of databases hosted on Kubernetes without needing to increase their DBAs headcount exponentially.

Six Useful T-SQL Configuration Functions and Their Use Cases

Aggregated on: 2022-07-11 21:21:28

SQL Server offers several types of system functions to meet our business requirements. One such type is configuration functions using which we can get the information about current configuration option settings. These functions operate in a non-deterministic way, which means they may return different values by running these functions with the same inputs. Today I will showcase the use cases of the below configuration functions in this article.

Top 6 AI Course to Learn in 2022

Aggregated on: 2022-07-11 20:51:28

Artificial intelligence is continuously evolving to benefit many different industries. Machines are wired using a cross-disciplinary approach based on mathematics, computer science, linguistics, psychology, and more. Algorithms often play a very important part in the structure of artificial intelligence, where simple algorithms are used in simple applications, while more complex ones help frame strong artificial intelligence. As technology advances, previous benchmarks that defined artificial intelligence become outdated. Machines that calculate basic functions or recognize text through optical character recognition are no longer considered to embody AI; since this function is now taken for granted as an inherent computer function. Artificial intelligence has become a useful skill under your belt, especially as employers are looking for certified AI professionals with diverse skill sets, explicitly those who can help their companies advance into the next generation. The applications for artificial intelligence are endless. The technology can be applied to many different sectors and industries. AI is being tested and used in the healthcare industry for dosing drugs and different treatments in patients, and for surgical procedures in the operating room. From self-driving cars to detecting unusual debit card usage or financial frauds, AI has entered the space in its length and breadth. With the surge in demand for specialized AI consultants, there are many ways available today to access the best AI certifications, across different platforms. There are many online platforms that provide online courses for AI. Irrespective of the expertise level you are at, a beginner or a professional seasoned player in the field, AI certifications have something meaty to offer to their audience. The following listed are the best AI certification courses that are doing the rounds worldwide in 2022:

Swagger Parser

Aggregated on: 2022-07-11 20:51:28

A parser is a program or library in Java that reads a file (JSON, XML, txt, etc.) and translates it to Java objects. We'll look at how to utilize Swagger Parser to extract data from a JSON file throughout this article. About Swagger JSON File Before starting the implementation part, let's have some basic understanding of the Swagger JSON file. It is a specification file that describes the REST APIs in accordance with the Swagger specification. The file describes details such as available endpoints, operations on each endpoint, input and output parameters for each operation, authentication methods (if present), and other information.

How to Make a Symbolic Link on Linux

Aggregated on: 2022-07-11 19:36:28

Symbolic links are a link on Linux systems that point to another file or folder. It means that navigating to one of these files may run a file that exists somewhere else, or it may bring you to a folder somewhere completely different, based on how it is defined. For example, a symbolic link called /etc/link maybe defined to bring you to /var/www/httpdocs. Types of Symbolic Links on Linux and Mac There are two types of symbolic links on Linux systems - hard links, and soft links.

Increasing Cloud-Native Sustainability With Observability

Aggregated on: 2022-07-11 19:06:28

This post is a version of a talk I recently delivered at Monitorama 2022 in Portland. I was recently at KubeCon EU in Valencia, and it amazed me that projects like Kubernetes have become such an essential part of many application stacks that it’s hard for many large teams to imagine building anything without it.

Stop Using OAuth 2.0 Scopes for Microservices Authorization

Aggregated on: 2022-07-11 19:06:28

I’ve talked to countless developers about how they’ve built and evolved their authorization systems over time. One common regret that keeps coming up involves getting burned by using OAuth2 scopes in a JWT as the sole basis for making authorization decisions. But authorization is not authentication and OAuth2 scopes were never intended to be an authorization mechanism. In practice, they are a really bad idea when used as a substitute for a real microservices-focused authorization architecture. So how has this anti-pattern emerged?

9 Useful Interactive CLI Tools for Linux

Aggregated on: 2022-07-11 18:36:28

If you are a software developer, sooner or later you’ll have to connect to a Linux machine to perform administrative tasks, access remote database servers, or deploy applications, among other things. Getting comfortable using the command-line interface (CLI) is a must if you want to be proficient with Linux. If you are looking into gaining confidence with Linux, here are 9 text-based user interface interactive tools that I found useful and that will help you get comfortable with the Linux CLI. You can explore these tools using your own Linux machine if you have one, or you can use Docker or a virtual machine to install Linux and play around with it. Even better, you can repurpose an old laptop and use it, for example, as a database server, Git, or CI environment running on Linux if you want.

12 Best Software Development Tools for This Year

Aggregated on: 2022-07-11 18:36:28

In the present-day world, everyone is surrounded by software and it is used in transportation, electrical grids, power plants, and so on. All of these systems run on an operating system; software that has many integrated features, powers all of these gadgets. Software is widely used in businesses. Software is also crucial for organizations because it allows them to stand out from the competition and increase their competitiveness. Software development can enhance customer experience, increase the number of feature-rich and innovative goods available on the market, and increase the security, efficiency, and productivity of organizations. A software development company can prove to be a valuable partner for business organizations. Experienced software developers design customized software depending on the needs of the users. Today, there are many software development tools available in the market that can be used to develop software. Some of the popular tools are:

What Is DevOps and Why You Should Have It

Aggregated on: 2022-07-11 18:06:28

More than 85% of companies acknowledge speed as one of the critical factors in software development. Unfortunately, only 10% confirm readiness for rapid development and deployment. The difference between knowing the value of speed and getting the most of it lies within the realm of approach. Are you familiar with companies like Amazon, Target, Etsy, Netflix, Google, and Walmart? There’s something that puts these famous brands in one line. It’s the DevOps approach for building and delivering software products most efficiently.

How Developers Need to Choose the Right Database for React Native App

Aggregated on: 2022-07-11 17:36:28

There are many coding languages that developers use to create online platforms, websites, and apps. One of these coding languages is React Native, which has become popular among the coding community. People from different backgrounds use React Native. Advanced iOS developers to React beginners use it in programming. Hire react native developers who can build UI, have knowledge of JavaScript and API services, can work on the frontend, and maintain cross-platform compatibility, infrastructure, and app integration. Why Do You Need to Be Careful While Selecting the Right Database for React Native? A developer is under a lot of stress to create an app that can be modified at any time. As a result, it might be challenging for developers to choose the correct technology stack for React Native that includes the right database.

Cloud Security Testing Checklist: Everything You Need to Know

Aggregated on: 2022-07-11 14:51:28

Cloud security is constantly evolving, and it's more important than ever to ensure your cloud infrastructure is secure. Cloud security testing is verifying that your cloud environment is secure and meets your organization's specific security requirements. We will go through the essentials of cloud security testing in this blog post. We'll also provide a comprehensive checklist you can use to ensure your cloud environment is safe from attack. Why Is Cloud Application Security the Greatest Requirement of Our Time? To protect your organization from these risks, you need to understand how to properly secure your cloud environment. Cloud security testing is the best way to verify that your environment is secure and meets your organization's specific security requirements.

Bring Streaming to Apache Cassandra with Apache Pulsar

Aggregated on: 2022-07-10 22:36:28

Twitch, YouTube, Instagram, Facebook — virtually every major brand nowadays uses live streaming to connect and engage their audience. For enterprises and developers building cloud-native applications, this growing trend creates a need for streaming technologies that can reliably handle the rush of massive amounts of data, while also being flexible and easy to manage for developers. One such technology is Apache Pulsar® — an open-source, distributed messaging and streaming platform that’s easy to deploy, simple to scale, and packed with developer-friendly APIs. So the next question is: how can you stream from Pulsar to Apache Cassandra®, the powerful NoSQL database designed to support data-heavy applications in the cloud? Join our beginner-friendly Pulsar workshop on YouTube and learn how to connect Pulsar with Cassandra for streaming! In this post, we’ll set the scene with an introduction to Pulsar and guide you through four hands-on exercises where you’ll use these free, cloud-native technologies: Katacoda, Kesque, GitPod, and DataStax Astra DB. Each exercise will also be linked to the step-by-step instructions on the DataStax Developers GitHub wiki.

Enabling NFT Royalties With EIP-2981

Aggregated on: 2022-07-10 20:51:28

With the finalization of the ERC721 standard, non-fungible tokens (NFTs) started receiving a large amount of attention. These provably unique assets are stored on the blockchain and introduce a new way to collect and trade art, music, profile pictures (PFPs), and more. In the summer of 2021, creating and selling NFTs became a quick way to accumulate wealth because of the boom in popularity. However, when reading the underlying specification, you'll notice no functionality for acquiring and splitting royalties in either the ERC721 or ERC1155 standards. These standards only deal with ownership state tracking, approvals, and direct transfers.

Understanding JWT

Aggregated on: 2022-07-10 20:21:28

Don't get fooled by too many articles out there that make JWT sound more complex and complicated than it actually is. In simple words, JWT is a simple format that aims to transfer claims between two parties in a compact and secure manner. A claim is a key-value pair that asserts something about a subject. The diagram below will give you a very simple idea of how a JWT is layered. It is a set of claims as a JSON object, that is secured by a JWS (JSON Web Signature) or a JWE (JSON Web Encryption) layer.

Captcha Implementation

Aggregated on: 2022-07-10 19:51:27

CAPTCHA helps protect you from spam and password decryption by asking you to complete a simple test that proves you are human and not a computer trying to break into a password-protected account. We can implement a captcha in Spring boot where a user can get an encoded image, and the corresponding readable captcha can be stored in the Database.

How Can You Benefit from Containerized Microservices?

Aggregated on: 2022-07-10 19:51:27

Microservices architecture is transforming the face of the IT industry. In the upcoming years, most applications are going to be run on microservices. The service and product industry is ditching the use of monolithic architecture for more complex applications, and slowly but surely is transitioning towards microservices. Microservices' advantages, like agile development and architecture, enable businesses to roll out new features faster, making it the obvious choice. Containerization technology goes hand in hand with microservices architecture. Not only does it support virtualization, but it also works flawlessly under any OS environment. It's natural that the two technologies work synchronously with one another. What other benefits do containerized microservices holds that can be leveraged by businesses? Let's find out!

Setting Up a Jenkins Instance With Configuration as Code (Using Yaml Configuration)

Aggregated on: 2022-07-10 19:06:27

Sometimes we want visibility, and we want to keep track of how our Jenkins instance is configured and parameterized. Making these changes from the Jenkins UI is pretty straightforward, but on the other hand, we don't keep track of history changes, and we need to jump from one menu item to another to get the big picture of how the setup is as a whole.

Prisoners of Retrospectives

Aggregated on: 2022-07-10 19:06:27

There are plenty of failure possibilities with Scrum. Given that Scrum is a framework with a reasonable yet short “manual,” this effect should not surprise anyone. What if, for example, not all of your Scrum team’s members feel enthusiastic about the Sprint Retrospective, the critical event when the Scrum team inspects itself? How can you help them become dedicated supporters instead? Join me and delve into how to avoid teammates feeling like prisoners of Retrospectives in less than two minutes. The Sprint Retrospective According to the Scrum Guide According to the Scrum Guide 2020, Retrospectives allow a Scrum team to inspect itself and adapt its practices:

Building an IoT Security Camera With Raspberry Pi and Render

Aggregated on: 2022-07-10 19:06:27

Most of the smart camera control systems available on the market are black boxes that we put in our homes. We don’t really know what’s going on inside them or how they’re updated. While there might be some reliable vendors, we want to explore how to create our own smart camera control system. In doing so, we’ll understand the fundamentals of IoT and potentially evolve this into a fully-fledged product. In this article, we will walk through how to create a smart camera control system to secure your room. We’ll cover the whole system and how to get it running:

How to Build a Full-stack App With Next.js, Prisma, Postgres, and Fastify

Aggregated on: 2022-07-10 18:06:28

In this article, we’ll learn how to build a Full-stack application using Next.js, Prisma, Postgres, and Fastify. We will build an attendance management demo application that manages employees’ attendance. The flow of the app is simple: an administrative user logs in, creates an attendance sheet for the day, then every employee signs in and out of the attendance sheet. What Is Next.js? Next.js is a flexible React framework that gives you building blocks to create fast web applications. It is often called the full-stack React framework as it makes it possible to have both frontend and backend applications on the same codebase doing so with serverless functions. What Is Prisma? Prisma is an open-source, Node.js and Typescript ORM that drastically simplifies data modeling, migrations, and data access for SQL databases. At the time of writing this article, Prisma supports the following database management systems: PostgreSQL, MySQL, MariaDB, SQLite, AWS Aurora, Microsoft SQL Server, Azure SQL, and MongoDB. You might also want to click here to see the list of all supported database management systems.

Web Scraping as an API Service

Aggregated on: 2022-07-10 17:36:27

Overview In systems-to-systems integrations, there comes an inevitable time when we have to employ some kind of web scraping tool to integrate with a particular application. Despite its not being our first choice, it is good to know what to use at such a time - in this article, I provide a gentle introduction to my favourite tool of this kind, called Playwright, followed by sample Python code that integrates it with an API service. Naturally, in the context of backend integrations, web scraping should be avoided and, generally, it should be considered the last resort. The basic issue here is that while the UI term contains the “interface” part, it is not really the “Application Programming” Interface that we would like to have.

How to Install SingleStoreDB in a Virtual Machine

Aggregated on: 2022-07-10 17:06:27

Abstract In this article, we'll see how to install SingleStoreDB in a Virtual Machine (VM) in a matter of minutes. Using a VM provides a no-risk, low-cost way to evaluate SingleStoreDB and gain immediate product knowledge and experience. Introduction SingleStoreDB can be deployed in various ways, such as on bare metal, in Virtual Machines, or in cloud-based environments. Full details of the different deployment options are described in the documentation. This article will show how to install SingleStoreDB in a VM.

Kubernetes Cluster Backups With Velero

Aggregated on: 2022-07-10 17:06:27

Velero is an open-source backup and restoration tool for Kubernetes cluster disaster recovery. It also supports the migration of cluster resources and persistent volumes backup. Manual or scheduled backups to the external storage ensure your data safety and protection. You can leverage Velero to achieve the following tasks:

Reading and Writing With a ConcurrentHashMap

Aggregated on: 2022-07-10 16:36:28

ConcurrentHashMap provides a Map implementation with thread-safe read and write operations. The Map and ConcurrentMap interfaces provide methods that ConcurrentHashMap takes advantage of to provide thread-safe interactions. Generally, I tend to solely really on the Map interface as it provides most of the same methods that ConcurrentMap has; however, depending on your use case, it might be beneficial to check out the ConcurrentMap methods yourself.

Accepting Crypto Payments in a Classic Commerce App

Aggregated on: 2022-07-09 21:06:27

E-commerce storefronts have been slow to offer crypto payment methods to their customers. Crypto payment plug-ins or payment gateway integrations aren't generally available, or they rely on third-party custodians to collect, exchange, and distribute money. Considering the growing ownership rate and experimentation ratio of cryptocurrencies, a "pay with crypto" button could greatly drive sales. This article demonstrates how you can integrate a custom, secure crypto payment method into any online store without relying on a third-party service. Coding and maintaining smart contracts needs quite some heavy lifting under the hood, a job that we’re handing over to Truffle suite, a commonly used toolchain for blockchain builders. To provide access to blockchain nodes during development and for the application backend, we rely on Infura nodes that offer access to the Ethereum network at a generous free tier. Using these tools together will make the development process much easier.

Apache BookKeeper: What Makes A Qualified Storage System for Apache Pulsar

Aggregated on: 2022-07-09 17:51:27

If you are familiar with messaging systems like Kafka and RocketMQ, you may know that services are typically closely related to storage in their architectures. Different from them, Apache Pulsar is designed with a two-layer architecture that separates storage from compute, which actually happens on its stateless brokers. Pulsar relies on Apache BookKeeper servers for persistent storage, also known as bookies. This blog focuses on the basics of BookKeeper and illustrates how it works to achieve high availability for the data it handles. What is Apache BookKeeper Originally developed at Yahoo, BookKeeper represents a reliable, high-performance storage system. It provides distributed, scalable storage services, featuring low latency and strong fault tolerance. These speak volumes about why it is capable of serving as Pulsar’s storage layer. BookKeeper stores data in ledgers, which are append-only and immutable. With a special replication protocol, BookKeeper stores log entries securely across multiple nodes in a concurrent way, which are highly available.

Security vs. Performance in the SQL World

Aggregated on: 2022-07-09 17:51:27

If you found yourself inside of the world of databases in one way or another, you already know a little about database security and performance. Database management systems certainly do come with benefits to your databases, but have you thought about what options you need to weigh from the security and performance perspectives for your choice to be the most effective? That’s what we’re going to explore in this post. Are Security and Performance Linked Together? One of the first things we would like you to consider is the fact that performance and security are very closely intertwined. The main reason that’s happening is that developers, juniors, and seniors alike, at some point in their careers start noticing that:

Adding Templates to a Video Editor

Aggregated on: 2022-07-09 17:21:27

This, I think, is the very reason why templates are gaining popularity in text, image, audio, and video editing, and more. Of all these templates, video templates are probably the most in-demand by users. This is because a video is a lengthy creation that may also require high costs. And therefore, it is much more convenient to create a video using a template, rather than from scratch — which is particularly true for video editing amateurs. The video template solution I have got for my app is a template capability of HMS Core Video Editor Kit. This capability comes preloaded with a library of templates that my users can use directly to quickly create a short video, make a vlog during their journey, create a product display video, generate a news video, and more.

Learn Microservices With Coding Over Cocktails

Aggregated on: 2022-07-09 16:51:27

Microservice architectures enable cross-functional teams to build, test, debug, deploy, and upgrade services independently, resulting in quicker deployment and troubleshooting. And if you’re curious to learn more about microservices, then you’ve come to the right place!

From Git to Fuse Engine

Aggregated on: 2022-07-09 16:21:27

Databend, developed with Rust, is a new, open-source data warehouse with a cloud-oriented architecture. It is committed to providing fast elastic expansion capabilities and a pay-as-you-go user experience. GitHub：https://github.com/datafuselabs/databend Introduction This article introduces the Databend base: Fuse Engine, a powerful columnar storage engine. The engine was designed by the Databend community with the following principles: Powerful performance, simple architecture, and high reliability.

Introduction to IAM in Google Cloud Platform (GCP)

Aggregated on: 2022-07-09 04:06:26

Identity and access management (IAM) is one of the most important security controls in cloud infrastructure environments like GCP. Since nearly every action performed is an API call — including the provisioning, deprovisioning, and manipulation of resources — all a malicious actor needs to get into your environment is the wrong binding of a permission to the wrong identity, or alternatively, a compromised identity. For this reason, it’s crucial to pay close attention to the permissions that grant access to resources in your GCP organization and make sure only the minimum number of permissions required to perform business functions are provided. In other words, you need to maintain least-privilege for all identities — both humans and services — at all times.

Release Management for Microservices: Multi vs. Monorepos

Aggregated on: 2022-07-09 04:06:26

Imagine a microservice application consisting of dozens of continuously-deployed autonomous services. Each of the application’s constellation of services has its own repository, with a different versioning scheme and a different team continually shipping new versions. Riddle me this: How can I tell the (whole) application’s version? Being that the change history is scattered among dozens of repositories, what’s the most efficient approach to keeping track of changes? And how do we manage application releases?

What Is HTTP 103?

Aggregated on: 2022-07-09 03:36:26

Recently, Google Chrome 103 was released with a bunch of new features. One of the notable features is the introduction of HTTP Status Code 103. This article will dive into the HTTP 103 status code with a quick demo. HTTP 103 From the Mozilla Developer Network Web Docs, HTTP 103 Early Hints is the information response status code primarily intended to be used with the Link header to allow the user agent to start preloading resources while the server is still preparing a response.

Using Infura’s New API With Lootbox

Aggregated on: 2022-07-08 18:51:26

I’ve only been in Web3 for about a year now, but I can honestly say that NFTs are the most exciting aspect of it for me. I’m not talking about Apes or Punks, however. PFP (profile picture) projects and art, although a cool and simple proof of concept for the technology, won’t create a better world. Instead, I’m excited about the actual utility of NFTs. Allowing gamers to own their assets, delivering fair royalty commissions to musicians and artists, and making concert tickets impossible to scalp while providing a sweet digital memento are some of the use cases I find interesting.

API Security Weekly: Issue 166

Aggregated on: 2022-07-08 18:51:26

This week, we have a comprehensive article on approaches to securing large API ecosystems, an interesting read on how to create OpenAPI definitions from HTTP traffic, how “Frankenstein APIs” are exposing businesses to additional risk, and why the continued API proliferation presents security challenges to organizations. Securing Large API Ecosystems First up this week is an excellent article from Michał Trojanowski in TheNewStack discussing the challenges facing the security of large API ecosystems. Trojanowski’s view is that security patterns applied to small-scale API deployments do not scale nor are they appropriate for larger-scale API deployments.

Common Table Expression in ClickHouse

Aggregated on: 2022-07-08 18:06:26

It is convenient to use CTE in the following cases: When one request can get data, and its size fits in memory space Multiple uses of the results of this query are required Creating recursive queries A bonus would be the improved readability of your SQL query.

Getting Ready for Microservices

Aggregated on: 2022-07-08 17:36:26

Your team decided it’s time to get rid of that old, clunky monolith (finally!). You had a good run with it, but the monolith has grown so big that you're spending more effort maintaining it than adding features. It's time to try a different approach. It seems microservices are very popular these days, so maybe it makes sense to dig a bit deeper there and see what all the fuss is about?

Gradle Tutorial: Crash Course [Video]

Aggregated on: 2022-07-08 17:36:26

Ever looked for a comprehensive tutorial for Gradle that is fun and entertaining at the same time? In this video tutorial below, you'll learn how to use Gradle like a professional. Cover topics including using the Gradle wrapper, using Gradle together with IDEs, and Gradle basics like build.gradle, settings.gradle, running commands (clean build), as well as understanding multi-project Gradle builds. By the end of it, there won't be many questions left when it comes to Gradle.

Optimizing Firmware: The Key to Shipping IoT Devices on Time

Aggregated on: 2022-07-08 16:06:26

Every product manager knows the complexities involved with shipping a device on time- complexities that result in 45% of products missing their launch date. Orchestrating mechanical engineering, electrical engineering, manufacturing, test automation, marketing, and more is difficult. Each one is challenging on its own, but all are made more complicated because most of these don’t move forward on the same timeline. Following a new product introduction (NPI) timeline while simultaneously focusing on firmware processes can help streamline development and increase the likelihood of meeting development goals. Inspired by Apple engineers, the NPI is a helpful guidepost consisting of six milestones and associated timeframes for teams aiming to ship a well-understood product as quickly as possible. Teams that fall into this category can expect that the timeframe from prototype to launch will be about 12-18 months, depending on the complexity of the device.

AI and Data Science in Aviation Industry

Aggregated on: 2022-07-08 15:36:26

A New York Times piece last year addressed the question, "Are you ready to fly without a human pilot?" which sparked a vigorous conversation on Facebook. Many users responded with comments that were quite emotional, and other users also volunteered their expertise on the aviation sector. Others claimed that people were more amenable to accepting autonomous automobiles than pilotless aircraft, maybe because driving feels safer than flying. Technologies like computer vision power the automation and self-driving cars, but are we close to commercial planes being controlled by AI systems instead of pilots? Prototypes of self-piloted passenger air vehicles by Boeing and Airbus have already done their first test flights. But for now, we can put aside futuristic scenes in which commercial airplanes fly without human control. It will take years of certification and testing before air travel becomes fully pilotless. The good news is that airlines do use AI or rather data science and machine learning to automate pr speed up operations. So we will discuss real-life use cases that don't aggravate your aerophobia with AI phobia.