Categories
Featured Guest Post Language Microsoft Tech News Unicorns

TypeScript Team Releases TypeScript v4.6 With New Updates

Typescript team announces the availability of TypeScript 4.6. TypeScript is a language that builds on JavaScript and adds syntax for types. Types help describe what kinds of values you’re working with, giving your code better readability by telling the editor about any mistakes made in it before they become errors! You won’t need to worry much when using this tool because not only does TypeScript check out all possible errors but also gives many excellent features like completions so there’s no excuse not use them anymore.

In their beta version, TypeScript developers missed documenting two great features – control flow analysis for destructured discriminated unions and the addition of es2022 output target. They also made an additional noteworthy change since their beta – removing void 0 arguments in react-jsx mode. All these changes are available in the TypeScript 4.6.

The RC (Release Candidate) team finally captured the community’s suggestions for mismatched JSDoc parameter names, and these changes will be included in this update of TypeScript 4.6.

List of changes in TypeScript 4.6

To start using TypeScript, you can get it through NuGet or use npm with this command:

npm install typescript

References:

  • https://devblogs.microsoft.com/typescript/announcing-typescript-4-6/
  • https://devblogs.microsoft.com/typescript/announcing-typescript-4-6-rc/
Categories
Featured Language Meta Security Tech News Uncategorized Unicorns

This Open-Source Browser Extension Verifies Code Authenticity on The Web

WhatsApp has long protected your messages with end-to-end encryption as they transit from sender to recipient. But now, security-conscious users need to be confident that when WhatsApp Web receives these encrypted messages, it is also protected – in contrast, what happens when people download a mobile app onto their device instead of using the internet through a desktop browser or laptop hotspot, etc. WhatsApp has been on the rise as a popular messaging platform. With more users every day, it’s important for WhatsApp Web to be secure so that your messages are safe from hackers trying in on them. But now, Code Verify is bringing even more security to WhatsApp Web.

Code Verify works in partnership with Cloudflare, an internet infrastructure and security company, to provide independent third-party verification that your code is being served correctly. 

WhatsApp has come up with a way to make its messaging service even more secure. They are now offering it as an open-source so that other companies can use this for themselves and improve on what WhatsApp does best: encryption! 

Source: https://engineering.fb.com/2022/03/10/security/code-verify/

The team at Code Verify is passionate about making the web more secure, and they’ve come up with a way to enhance security by checking resources on the entire webpage. This process relies heavily upon Cloudflare as an independent third party that acts as a trusted source for verifying the integrity of all files being requested from websites across their network.

The Code Verify extension will be available on the official browser extensions stores for Google Chrome, Microsoft Edge, and Mozilla Firefox. The plugin doesn’t log any data or user information – it just checks if there are hints of malware in your WhatsApp web traffic so you can take action before anything happens. You can think of Code Verify as a traffic light for your WhatsApp Web code.

Reference: https://engineering.fb.com/2022/03/10/security/code-verify/

Download Extensions: Chrome | Edge | Firefox 

Categories
Featured Google Guest Post Java Language Tech News Uncategorized Unicorns

Google Open-Sources The App Engine Standard Java runtime

The introduction of Google App Engine in 2008 opened up a whole new world for developers – one without worrying about infrastructure management or scaling web applications. Java 8, 11 and 17 all run on this platform along with alternative JVM languages like Apache Groovy or Kotlin are also part of it.

But now, Google has finally opened-source the Java Source code for its Google App Engine Standard environment, which includes all of its production runtime features as well as APIs and local SDKs.

In the below picture representation, items in orange are public modules artifacts and items in yellow are internal ones. Modules ending with * are only used on the production server-side:

Source: https://github.com/GoogleCloudPlatform/appengine-java-standard
PackageDescription
com.google.appengine.apiProvides facilities for server lifecycle management, threading and namespaces/multitenancy.
com.google.appengine.api.appidentityProvides a service to sign arbitrary byte arrays using an internally-generated, rotated private key.
com.google.appengine.api.backendsProvides access to long-running, addressable servers.
com.google.appengine.api.blobstoreProvides management and persistent storage of large, immutable byte arrays.
com.google.appengine.api.capabilitiesProvides status information about the services available via the Google App Engine APIs.
com.google.appengine.api.datastoreProvides persistent storage, also accessible via JDO or JPA interfaces.
com.google.appengine.api.filesProvides a service for file storage and access.
com.google.appengine.api.imagesProvides facilities for the creation and manipulation of images.
com.google.appengine.api.logProvides access to request logs and application logs.
com.google.appengine.api.mailProvides a service to send email messages on behalf of administrators or authenticated users, also accessible via a JavaMail interface.
com.google.appengine.api.memcacheProvides fast but unreliable data storage, also accessible via a JCache interface.
com.google.appengine.api.modulesUtility functions for working with modules.
com.google.appengine.api.oauthProvides a method for clients to access server resources on behalf of a resource owner, as well as a process for end-users to authorize third-party access to their server resources without sharing their credentials.
com.google.appengine.api.quotaProvides measurement of API and CPU usage during requests.
com.google.appengine.api.searchProvides a service for indexing documents and retrieving them using search queries.
com.google.appengine.api.search.checkers 
com.google.appengine.api.search.query 
com.google.appengine.api.taskqueueProvides a mechanism to perform work initiated by a user request, outside of that request.
com.google.appengine.api.urlfetchProvides a service to make HTTP/S requests of other servers on the internet.
com.google.appengine.api.usersProvides facilities to check if a user has authenticated, retrieve their email address, and check if they are an administrator for this application.
com.google.appengine.api.utilsProvides common utility classes.
com.google.apphosting.apiProvides access to the ApiProxy, which dispatches API calls to backend services.

Github: https://github.com/GoogleCloudPlatform/appengine-java-standard

References:

  • https://cloud.google.com/appengine/docs/standard/java/javadoc
  • https://cloud.google.com/blog/topics/developers-practitioners/open-sourcing-app-engine-standard-java-runtime
  • https://www.infoq.com/news/2022/03/google-appengine-java/
Categories
Featured Guest Post Language Python Tech News Uncategorized USA

PyTorch Releases PyTorch 1.11, With TorchData, and functorch

Pytorch 1.11 is out! This release includes more than 3,300 commits since version 1.10 and 434 contributors- including PyTorch developers who worked tirelessly to make this happen. Alongside the new features are beta versions of TorchData and functorch.

The TorchData library provides easy-to-use, high performance data loading primitives so you can build your own flexible and efficient pipelines.

functorch is a new library that brings compositionally useful function transforms to Pytorch. It’s currently in beta and is heavily inspired by Google JAX

Distributed Data Parrallel (DDP) static graph optimizations are available in a stable release.

Github: https://github.com/pytorch/pytorch/releases/tag/v1.11.0

Reference: https://pytorch.org/blog/pytorch-1.11-released/

Check out the documentation and tutorials

Categories
Featured Guest Post Java Language Tech News Uncategorized

The Java Concurrency Model: Project Loom Introduces Lightweight and Efficient Virtual Threads Called Fibers

Lightweight and efficient virtual threads called fibers have been introduced by Project Loom, massively increasing resource efficiency while preserving the same simple thread abstraction for developers.

Loom is an up-and-coming project in the Java/JVM ecosystem (hosted by OpenJDK) that aims to offer a more practical approach than traditional threads. It does this with new language constructs for managing them and some lighter alternatives.

The project will accomplish this by adding these new constructs:

  • Virtual threads
  • Delimited continuations
  • Tail-call elimination

The Fiber class is a virtual thread that allows developers to use asynchronous Acrobatics. This under-the-hood work will make it easier for them, as well as provide an opportunity of moving forward with existing code without too much trouble or confusion about how things should be done differently now because there’s some new framework available called “Fiber.”

A very simple example of using fibers is shown below:

Thread.startVirtualThread(
  () -> {
    System.out.println("Hello World");
  }
);

Loom’s fibers are different than any other concurrent programming model, but they’re not meant to break your code. This is a rather Herculean task, given how much needs change in order for everything just to work better with fibers- but they’re committed! You don’t need any more than what’s already there; all your threads should continue working fine even after adopting this new system.

Project: https://wiki.openjdk.java.net/display/loom/Main

References:

  • https://blogs.oracle.com/javamagazine/post/going-inside-javas-project-loom-and-virtual-threads
  • https://www.infoworld.com/article/3652596/project-loom-understand-the-new-java-concurrency-model.html
Categories
Featured Guest Post Java Language Meta Tech News Unicorns

Meta Open-Sources A Compositional Deadlock Detector for Android Java

The research team at Meta has developed a new static analyzer that catches deadlocks in Java code for Android without ever running the app. What distinguished this work from past efforts is its ability to analyze revisions within large software libraries with hundreds of millions of lines–enough time and space so problems can be found before they manifest themselves as bugs or crashes. The proposed analyzer is open-sourced and forms part of the Infer static analysis framework.

Using abstract interpretation techniques, the proposed analyzer has been designed to summarize how each method behaves when acquiring locks and releasing them and whether it can run on the main thread or background task. This is done elegantly by compounding all behaviors into one summary that reflects what callers will be affected if their operation depends upon this particular piece of code being fast enough for them not to experience lags while running through various parts within your application’s workflow process.

This tool takes a different approach by not analyzing all source files in an app. Instead, it starts with the revisions’ modified methods first and uses that data for its analysis – which can be scalable because of this heuristic.

The team’s research proves that their analysis is sound and complete for a non-deterministic programming language, which means it can detect all deadlocks without false positives.

The static detection of deadlocks has been very valuable in analyzing and diagnosing. Our approach achieves this goal while also making it sufficiently scalable to deploy analyzers on large codebases.

Paper: https://discovery.ucl.ac.uk/id/eprint/10140070/1/deadlocks_final.pdf

Reference: https://engineering.fb.com/2022/03/08/android/deadlock-detector-for-android-java/

Categories
Featured Language Tech News Uncategorized

‘Ballerina’: An Open-Source Programming Language For The Cloud That Makes It Easier To Use, Combine, and Create Network Services

With Cloud computing becoming more and more popular, software developers are being expected to create cloud-based services. There’s a new programming language on the block called Ballerina, which makes it easier for them to integrate these technologies in both pro-code or low-code form.

Ballerina is a programming language that will change how you think about building and hosting network services. Ballerina’s new general availability release, dubbed Swan Lake, makes it easier than ever before for developers to create cloud-based applications with direct support.

The programming world is a complicated and confusing place. Software developers, data analysts, and DevOps engineers are working across many languages such as Java or Python to create cloud-based services using tools that were never designed for this purpose – it creates too much complexity, resulting in delays. But now Ballerina has come along: an enterprise-grade open-source language made just for these purposes so you can have both ease and simplicity when developing your next big application.

Ballerina, a project of WS02 is entirely open-source. All parts are developed and hosted on GitHub for everyone to use.

Github: https://github.com/ballerina-platform

Tutorial: https://ballerina.io/learn/by-example/

Portal: https://ballerina.io/

Reference: https://itwire.com/cloud/there-s-a-new-open-source-programming-language-for-the-cloud-and-you-need-to-know.html

Categories
Featured Java Language Tech News Uncategorized

Java Plans To Release Java Development Kit (JDK-18) in March 2022: Checkout the Features

Java Development Kit (JDK) 18 is scheduled for release on March 22, 2022. The new version of standard Java will have nine features with the feature set having been frozen as of December 9th. JDKs are released every six months and JDK 17 just came out in September so expect another one soon.

JDK 18 Features

Seven out of these nine features can be placed into Core Java Library. These seven include:

The rest the two out of these nine features can be placed under Java Tools.

References:

  • https://openjdk.java.net/projects/jdk/18/#Schedule
  • https://www.infoworld.com/article/3630510/jdk-18-the-new-features-in-java-18.html
  • https://www.infoq.com/news/2022/03/java-18-so-far/
Categories
Amazon Featured Java Language Python Tech News Unicorns

AWS’s CodeGuru Reviewer Now Has New Features To Spots Log4Shell-Like Bugs In Java And Python Code

The Amazon Web Services’ CodeGuru Reviewer Tool’s ‘detectors’ has been updated to seek out potential flaws like the recently disclosed Log4J bug.

Two new features are now available for CodeGuru Reviewer, an AWS scanner that uses machine learning to check code during reviews and suggest improvements. The tool aims to improve reviews in the context of continuous integration processes (CI/CD) developed by developers with source codes stored on GitHub or Bitbucket; after they commit their work onto these platforms, it will be easy for them to add CodeGuru Reviewer as a code reviewer.

This past year, the company added new features to help flesh out their security checks. The first is CodeGuru Reviewer Secrets Detector which detects risky hardcoded secrets in source code and configuration files for Java or Python applications like passwords (and API access keys).

With the new features for CodeGuru Review, which includes the ‘Detector Library,’ you can now detect common security flaws affecting Java and Python web applications as well as several detectors specifically aimed at Log4Shell-like log injection.

The detector library is a great resource for reviewing the many different types of vulnerabilities that can occur in your code. It contains information about each security issue, including its severity and how it may affect an application process or system functionality. With over 91 Java and 69 Python detectors to choose from, the library’s comprehensive security system has you covered.

References:

  • https://aws.amazon.com/blogs/aws/new-for-amazon-codeguru-reviewer-detector-library-and-security-detectors-for-log-injection-flaws/
  • https://www.zdnet.com/article/awss-ai-code-reviewer-now-spots-log4shell-like-bugs-in-java-and-python-code/
Categories
Language Swift Tech News Twitter Unicorns

Twitter Engineering Team Introduces A New Swift Package For Apache Thrift

Twitter is excited to announce the release of their new open-source, lightweight Thrift library for ApacheThrift and for communicating with backend servers. The company says that this will make it easier than ever before in developing software using Apple platforms and allow more people across all skill levels.

Thrift is an open-source interface description language similar to Google’s Protobuf. Thrifts and protofab are very similar; the main difference is that while prototypists use Serializer implementations for conversion purposes, at Twitter, they mainly rely on it to store data across services and communicate between ones where necessary.

Twitter wanted to use Swift in their new telemetry system because most features of the Twitter app are developed using that language. The library they previously used for Thrift only supported Objective-C, and it wasn’t intuitive or easy on anyone who had been coding exclusively with C.

Twitter Apache Thrift is a simple yet powerful package that you can add to any project in Xcode with ease. It doesn’t have any Foundation system framework dependencies, making it an ideal option for beginners!

Github: https://github.com/twitter/ios-twitter-apache-thrift

Reference: https://blog.twitter.com/engineering/en_us/topics/open-source/2022/introducing-twitter-apache-thrift