InfoQ Homepage Development Content on InfoQ
-
A Conversation about ZipSlip, NodeJS Security, and BBS Hacking
Earlier this year, the popular Bower package manager was found vulnerable to archive extraction, allowing attackers to write arbitrary files on a user's disk. As it turns out, the vector attacks used by this exploit have been known since the early days of BBS. InfoQ has taken the chance to speak with Liran Tal to learn more about software security, and NodeJS security in particular.
-
Apache Releases NetBeans 10.0 Featuring Enhanced Support for JDK 11
The Apache Software Foundation recently released NetBeans 10.0 featuring enhanced support for JDK 11, adding support for JUnit 5, and the reintegration of the PHP, JavaScript, and Groovy modules. Apache has committed to two releases in 2019 to include support for JDK 12 and JDK 13.
-
Retrospective 3.0 at Ocado Technology
Toni Tassani identifies retrospective pitfalls, such as stale and repetitive activities and raises risks: the retrospective as an excuse for not solving issues on the spot, identifying an experiment but not driving the impediment to resolution, Post-it theater. He suggests looking at retrospectives radically differently, leveraging continuous improvement techniques borrowed from Kanban.
-
Adiantum Brings Disk Encryption to Low-End Smartphones
Adiantum is a new encryption algorithm for low-end smartphones, smartwatches, and other Android Pie devices that are too slow to use the Advanced Encryption Standard (AES) standard for storage encryption.
-
FoundationDB's Record Layer Supports Relational Database Semantics, Schema Management and Indexing
FoundationDB NoSQL database's new Record Layer supports relational database semantics, schema management, primary and secondary indexes, and query capabilities. The FoundationDB team announced last month the open source release of the Record Layer.
-
Swift 5 Will Enforce Exclusive Access to Memory
Swift 5 will improve memory safety of Swift programs by ensuring variables cannot be accessed using a different name while they are being modified by another portion of the program. This change has important implications both on existing apps behaviour and on the Swift compiler itself.
-
AWS Identity and Access Management Gains Tags and Attribute-Based Access Control
Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".
-
Google’s Cloud-Native NoSQL Database Cloud Firestore Is Now Generally Available
Google announced that their NoSQL database in the cloud Cloud Firestore is now generally available. With the release, Google is also introducing a few new features, such as a StackDriver integration, bringing the service to more regions, and offering a lower pricing tier.
-
C# Futures: Pointer Math
Interoperability with native platforms often require very specific coding patterns that involve the manipulation of pointers. While this can be done via a shim written in C, the proposal titled Operators should be exposed for System.IntPtr and System.UIntPtr seeks to offer that ability directly in C#.
-
C# Futures: Static Delegates and Function Pointers
With each release of C#, it gains more low-level capabilities. While not useful to most business application developers, these features allow for high performance code suitable for graphics processing, machine learning, and mathematical packages. In these next two proposals, we see new ways to reference and invoke functions.
-
2019 State of Testing Survey: Call for Participation
The 2019 State of Testing survey is now seeking participation, and aims to provide insights into how the testing profession develops and to recognize testing trends. Anyone completing the survey will receive a complimentary copy of the State of Testing 2019 report once it is published.
-
Bruck: Quick Interface Layout Prototyping
Bruck is a new lo-fi prototyping system targeted at web designers that enables them to quickly build responsive, accessible layout prototypes for clients. Designers may prototype a large variety of layouts by composing up to 25 web components. Designers may additionally visualize in real time the composed layout in Bruck's online interactive playground.
-
C# Futures: Lambda Attributes
Attributes are a key part of .NET’s metadata processing capabilities. They are used by compilers, static analyzers, and runtime libraries for a variety of purposes. While normal functions/methods can have attributes, prior to this proposal lambdas and anonymous functions could not.
-
Experiences from Remote Mob Programming: Q&A with Sal Freudenberg
At Cucumber, mob programming is done remotely by using a cycle in which the driver pulls down the latest code and then shares their screen, the team mobs for 10 minutes or so and commits the code. Next, the driver’s role rotates. “Remote mobbing works really well for me”, says Sal Freudenberg, “because it lets me tailor my working environment and work in a spot where I feel comfortable.”
-
Dependabot Automatically Creates GitHub PRs to Fix Your Vulnerabilities
Leveraging GitHub Security Advisory API, Dependabot aims to help developers track their dependencies, monitoring the security of their programs, and making sure any potential vulnerabilities are removed as easily as possible by automatically creating PRs to resolve them.