In July 2013 Security Explorations discovered a vulnerability in Java by which attackers could elevate their access privileges. Oracle released a patch, but a simple modification was discovered that still makes the attack effective. Once known, Oracle released a patch as part of 8u77. In this article we investigate the little understood class loading process at the heart of the problem.
Jinq, a library to provide a DSL for database queries, has been made available for Java and Scala. The work is inspired by .NET's LINQ, and aims at enabling easy-to-write queries with support for type safety. As commented by Ming-Yee Iu, creator of the tool, work on Jinq started in 2006 under project name Queryll; however, the adoption of lambdas in Java 8 is what has realised its full potential.
LinkedIn has open sourced PalDB, an embeddable read-only key value store, 8 times faster than LevelDB and taking several times less memory than a hashset.
Stephen Colebourne and OpenGamma released v1.1 of ElSql, a library and DSL for managing SQL in external files. Colebourne is well known for his work as the spec lead of Java Time, a cornerstone of last year's Java 8 release, and for his creation of the Joda Time and Joda Money API's.
JVM monitoring vendor Plumbr has added slow query detection to its flagship product. With this addition, Plumbr now detects four types of problems: Memory Leaks, Garbage Collection Inefficiencies, Locked Threads and Expensive JDBC Operations.
Creating and working with well-designed aggregates is one of the least well understood tactical patterns found in Domain-Driven Design, Vaughn Vernon explains in two articles giving some guidelines to composing aggregate boundaries and alternatives to an ORM when storing them.
When organization use kanban mainly for visualization of the work they may be missing out on benefits, says Matthew Philip. Introducing a flow manager role can help teams to reflect and find solutions to the problems that they are facing, thus catalyzing change in the organization.
A prototype of MySQL 5.7 is shipping with an optional component called the MySQL HTTP Plugin. This plugin allows direct access to MySQL via a REST over HTTP interface, eliminating the need for a middle-tier server or database specific drivers.
Spring Data release train Evans is now generally available. The release train includes 11 Spring Data modules that help developers build data access layers on top of both relational and non-relational data stores.
When teams abandons an Object-Relational Mapper, ORM, it is often due to bad usage Jimmy Bogard stated in a recent presentation highlighting what he sees as incorrect and correct ways of using an ORM, including mapping and querying problems.
NHibernate 4.0 GA has been released. It comes with .NET 4.0 support, moving away from the Iesi.Collections library, and also supports some SQL Server 2012 features such as sequences and Query Paging.
At last month's OSGi DevCon in New York, the OSGi Alliance released OSGi Core Release 6. This adds a standard for representing Data Transfer Objects and a way of annotating interfaces indicating whether they are supposed to be implemented or used by clients. In addition, an osgi.native namespace and extension bundle activators have been added; read on to find out more.
Facebook has open-sourced Haxl, a library for efficient, concurrent data-access. The library leverages the traditional strengths of Haskell such as expressive type system, correctness and safety guarantees, as well as GHC's high performance run-time to solve the thorny issue of implicit, concurrent data access.
Rails 4.1 can now preload your application to improve startup time and comes with improvements for Action Pack, Active Record, and Action Mailer.
Agile retrospectives help teams to find and do actions to improve continuously. There are different ways to do follow up on the actions and to evaluate if actions are leading to better team performance and more value delivered to customers.