InfoQ Homepage Development Content on InfoQ
-
Critical REXML DoS Found - Monkey Patch Available as Fix
REXML was found to be vulnerable to XML entity explosion attacks. As frameworks like Rails parse incoming XML with REXML, these apps are in danger on all current 1.8.6, 1.8.7 and Ruby 1.9 versions, and other Ruby versions using standard REXML. The fix at the moment is a monkey patch for the REXML library.
-
NHibernate 2.0 has Arrived
NHibernate 2.0 was made official with the announcement of its general availability by Ayende Rahien. The announcement follows months of alphas and release candidates and now matches the features of Hibernate 3.2.
-
Newly Minted Bugs for .NET 3.5 SP1
Though less than a month old, the bug reports against .NET 3.5 SP 1 are starting to pile up. As Microsoft seems to have no sensible plan for notifying the public or delivering hot fixes, the best we can offer is a bug list gleamed from Microsoft Connect.
-
Pratik Patel on Enterprise JPA, Fetch Groups and Spring 2.5
JPA extension features like Fetch Groups offered by Apache OpenJPA framework can give enterprise Java developers more flexibility in designing JPA applications. Pratik Patel discussed JPA design techniques for developing real-world Java applications using JPA API and Spring 2.5 framework. He did a presentation at the recent Central Ohio Software Symposium on Enterprise JPA.
-
Article: Developing Portlets using JSF, Ajax, and Seam (Part 2 of 3)
This article, the second in a three-part series by Wesley Hales, expands upon the previous article by introducing RichFaces. It covers integrating RichFaces into the previous sample application, deploying a RichFaces portlet, and several features and capabilities of RichFaces.
-
LWUIT Released as GPL Open Source
Sun announced the GPL licensing of LWUIT earlier this month. LWUIT is a UI toolkit designed for mobile Java devices.
-
Interview: Neal Ford On Programming Languages and Platforms
In this interview made by Sadek Drobi during QCon San Francisco 2007, Neal Ford talks about the tendency of having multiple languages running on one of the two major platforms existing today: Java and .NET. He also presents the advantages offered by Ruby compared to static languages like Java or C#.
-
FxCop 1.36 Released
Microsoft has released a new version of FxCop, the popular static code analyzer and policy enforcement utility. This release fixes numerous bugs and adds support .NET Framework 3.5 language features. This release updates FxCop to have the same engine enhancements provided to VSTS Code Analysis in VS 2008 SP1.
-
Interview: Rustan Leino and Mike Barnett on Spec#
Greg Young sat down with Rustan Leino and Mike Barnett of Microsoft Research to discuss Spec#. Spec# is a superset of C# and allows developers to impose contracts on their own code and verify it. This benefits developers by allowing them to find their own errors sooner saving time and resources.
-
SQL Server 2008 Indexing Tips And Tricks
Bill Vaughn provides a roundup of SQL Server 2008 indexing tips and tricks, based on advice form Kimberly Tripp and Paul Randall. The tips cover Query Optimizer selectivity and query optimization.
-
AtomPub in the .NET World
With the advent of .NET 3.5 SP1 and Microsoft’s decision to support the Atom Publishing Protocol (AtomPub) for services offered by Microsoft's Live Platform, AtomPub is gaining momentum in the .NET world. In addition BlogSvc.net, an AtomPub server for WCF and .NET, features an implementation of the AtomPub protocol based on a provider model.
-
Ruby and Rails Software Stacks Overview
A growing number of fully fledged software stacks for Ruby is available, providing all the necessary software you need to run an application, including web and database servers. They come in different flavors: virtual machine images, Amazon EC2 images and installer based. We take a look at some of them to give you an overview.
-
Lutz Roeder's .NET Reflector Headed to Red Gate Software
The very popular .NET developer utility, .NET Reflector, written by Lutz Roeder is being taken over by Red Gate Software. The news was announced on Lutz's blog and the download was immediately available on the Red Gate web site.
-
Visual Studio 2008 SDK 1.1 Is Available
Microsoft has just released Visual Studio 2008 SDK 1.1 which allows developers to create extensions for VS 2008 SP1. As a result, Visual Studio Shell redistributable packages are now much smaller.
-
Is Database-as-a-Service a Bad Idea?
Data Management represents a strategic asset for Cloud Platforms as the most popular Data Services will likely command the largest platform market share. In a post this week, Arnon Rotem-gal-Oz argues that "Database-as-a-Service" is a bad idea. Would you trust your enterprise data to DaaS?