BT

What Is New on ThoughtWorks Radar Nov 2015

| by Abel Avram Follow 9 Followers on Nov 14, 2015. Estimated reading time: 4 minutes |

ThoughtWorks has published their radar for the end of 2015, covering technologies in four areas: Languages & Frameworks, Platforms, Techniques, and Tools.

This month’s radar from ThoughtWorks starts by noting some major trends:

  • The use of Docker for deployment as a way of managing dependencies or providing horizontal scalability in the cloud
  • The growth in popularity of microservices and associated tools
  • JavaScript tooling gets settled and it is less chaotic
  • Security continues to be a general problem concerning everyone in the SDLC

From the four areas covered by the radar we mention just several items that drew our attention, grouped on the four recommendation rings of the quadrants: Adopt, Trial, Assess, and Hold.

Adopt

ThoughtWorks suggests adopting the following:

  • ECMAScript 6 – they recommend using it right away because even if not all its features are supported by all browsers, the use of a transpiler like Babel makes it possible to use.
  • Swift – in spite of some issues regarding “tool support, refactoring and testing”, ThoughtWorks is using the language internally for all Apple development, and the announcement it will be open sourced makes one even more confident to invest in the language.
  • Two-factor Authentication – this is a must in order to protect login credentials, the popular solution being the use of a time-based one-time password (TOTP) generated by free apps from Google or Microsoft
  • Decoupling Deployment from Release – ThoughtWorks makes a differentiation between the two: Deployment being “the act of deploying a change to application components or infrastructure” while Release should be used when “a feature change is released to end users, with a business impact.”

Trial

From the trial quadrant we are highlighting:

  • SignalR – ThoughtWorks suggests using this framework when needing a .NET WebSocket server because they have some reservations regarding WebSocket: allowing the server to initiate actions on the browser, departing from the “request/response model that underpins the World Wide Web today”, and the security risks associated, the standard not imposing “any cross-origin request policy.”
  • AWS Lambda – which allows one to start “very short-lived processes either in reaction to an event, or via a call from the related API Gateway.” This means one does not have to care for long-lived machines.
  • Fastly – a CDN used by Twitter or GitHub with a “feature set, speed and price point” which makes it “a very attractive option when you’re looking for an edge caching solution.”
  • HTTP Strict Transport Security (HSTS) – protecting site users from being downgraded by an attacker from a HTTPS connection to a HTTP one.
  • Docker for Builds – managing build-time dependencies, running the “compilation step in an isolated environment complete with dependencies without contaminating the build agent.”
  • Back-end for Front-end (BFF) – creating back-end services for each front end client type
  • iFrames for sandboxing – using iFrames for sandboxing untrusted JavaScript (read more on this initiative, AMP HTML)
  • NPM for everything – using NPM for all JavaScript tools
  • Browsersync – recommended for testing across multiple browsers and devices
  • Docker Toolbox – a replacement for boot2docker

Assess

ThoughtWorks suggests assessing the following technologies:

  • Material UI – React components that implement Google’s Material Design guidelines
  • React Native – a framework for building native mobile apps with React
  • AWS ECS – Amazon’s container service, while “overly complicated at the moment and lacks a good abstraction layer”, it is recommended if one needs to run a Docker container on AWS.
  • Kubernetes – containers deployment on a cluster of machines
  • Microsoft Nano Server – a stripped down version of Windows server, recommended for .NET solutions
  • Presto – an open source distributed SQL query engine with a “massively parallel processing architecture”, having support for Cassandra, Hive, MySQL and PostgreSQL
  • Bug Bounty – paying for hackers to find security weaknesses
  • Hosted IDE – the code and build tools are kept in the organization’s cloud for security reasons, while the IDE is loaded into the developer’s browser via VPN
  • Espresso – an Android functional testing tool
  • Gauge - a cross-platform test automation tool, open sourced by ThoughtWorks
  • Let’s Encrypt - a Certificate Authority providing certificates for free
  • RAML – an API modeling language that ThoughtWorks considers more lightweight than Swagger and “moves the focus from adding documentation to existing APIs to designing APIs.”
  • Visual Studio Code – a free cross-platform IDE from Microsoft

Hold

ThoughtWorks has placed a few technologies on hold, among them being:

  • Application servers – a better solution is embedded servers
  • Over ambitious API Gateways – ThoughtWorks considers that “API Gateways can provide utility in dealing with some generic concerns - for example, authentication and rate-limiting - but any domain smarts such as data transformation or rule processing should live in applications or services where they can be controlled by product teams working closely with the domains they support.”
  • SPDY – this is on hold because the technology itself has been incorporated into HTTP/2
  • Gitflow – ThoughtWorks explains why they put this one on hold: “We love the flexibility of Git underneath but abhor tools that encourage bad engineering practices. Very short-lived branches hurt less, but most teams we see using Gitflow feel empowered to abuse its branch-heavy workflow, which encourages late integration (therefore discouraging true continuous integration).”

To see all the technologies mentioned by ThoughtWorks’s radar we recommend reading the report (PDF) or accessing it online at ThoughtWorks Radar.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT