Dev News Digest: 2013

Wednesday, January 30, 2013

Dev News Digest for January 30, 2013

Stop Using MongoDB as a SQL Database

...numerous sites and blog posts some kind of tips or tutorials about MongoDB that includes the most SQL-ish structure that you wouldn’t do in MongoDB (of course not all situations fit this, but it’s a good approach in some cases)

I’m talking about embedded objects collections. In an usual SQL database you would do a JOIN to find all the objects that are connected to a simple row. We all have done that, but… In MongoDB, if it doesn’t mean content replication, this should be achieved through embedded collections (stored inside the document itself).

PhoneGap 2.3.0 with Windows Phone 8 Support

Adobe Systems has released PhoneGap 2.3.0 with full support for Windows Phone 8. It also includes support for InAppBrowser which enables you to view video files in full screen mode. PhoneGap is a tool that allows installing HTML5 app as native app on mobile device.

Tuesday, January 29, 2013

Dev News Digest for January 29, 2013

New services from Amazon EC2 Clould

High I/O instance with 2T SSD attached ($3.10)
Guaranteed (provisioned) IOPS (Input/Output Operations Per Second) for EBS (Elastic Block Storage) storage. Currently EBS speed can vary based on cloud load.
EBS Optimized instances with guaranteed network throughput for EBS
Flexible IP addresses for VPC (Virtual Private Cloud) instances
Separate security group for Elastic Load Balancer

4 Myths of Disaster Recovery

Myth – Disaster Recovery is Expensive and Resource Intensive. Reality - WIth new virtualization and automation technologies DR can be very affordable
Myth – After Planning, There is No Way to Accurately Run a Test. Reality - Virtualization allows recovery plans to be tested against significant failures multiple times to ensure the plan is consistently effective, without disrupting day-to-day activities.
Myth – Creating and Managing a Disaster Recovery Solution Requires “Special” Skills. Reality - Since this is all taken care of via automated processes, no special skills are required.
Myth – Disaster Recovery Plans Are like an Insurance Policy that Never Gets Used. Reality - Disaster recovery services are critical for keeping businesses running after system failures.

Hilarious NoSQL parody

MySQL vs MongoDB parody

Thursday, January 24, 2013

Dev News Digest for January 24, 2013

Five Clues That Your API isn't RESTful

It has a single endpoint (all requests are made to http://example.com/rest)
All requests are POSTs
Response metadata is in the body, not header (data along the lines of status = success in the body of the response)
There are verbs in the URL (/item/42/activate, use resource instead: /item/42/status)
The URL includes method names (URL has something like ?action=getRecentItems)

Side note: ..how useful an API is, and how RESTful it is, are entirely uncorrelated

Design Doesn't Emerge from Code

According to Uncle Bob (Martin)
“One of the more insidious and persistent myths of agile development is that up-front architecture and design are bad; that you should never spend time up front making architectural decisions. That instead you should evolve your architecture and design from nothing, one test-case at a time. Pardon me, but that’s Horse Shit...there are architectural issues that need to be resolved up front. There are design decisions that must be made early. It is possible to code yourself into a very nasty cul-de-sac that you might avoid with a little forethought.”

You can and should do iterative, incremental design and development starting with a plan of where you are going and how you think that you are going to get there.

Apache Lucene and Solr 4.1 Released

Apache Lucene and Solr PMC announced another version of the Apache Lucene library and Apache Solr search server - version 4.1. This is a major release both for Apache Lucene and Apache Solr.

How to Choose the Right Enterprise Service Bus (ESB)?

Data exchanges in and between companies increase a lot. The number of applications which must be integrated increases, too. As solution, an Enterprise Service Bus (ESB) can be used in almost every integration project – no matter which technologies, transport protocols, data formats, or environments such as Java or .NET are used. All integration projects can be realized in a consistent way without redundant boilerplate code. However, an ESB offers many further features, such as business process management (BPM), master data management, business activity monitoring, or big data. Plenty of ESB products are on the market which differ a lot regarding concepts, programming models, tooling, and open source vs. proprietary.

Wednesday, January 16, 2013

Dev News Digest for January 17, 2013

Software Documentation as a Guidebook

Working software over comprehensive documentation" is what the Manifesto for Agile Software Development says and it's incredible to see how many software teams have interpreted those five words as "don't write *any* documentation".
...
Unfortunately the code doesn't tell the whole story and not having a source of supplementary information about a complex software system can slow the team down as they struggle to navigate the codebase.

The Importance of Packages

Packages have several important usages:

Namespaces - helps avoid collisions
Organization - help locate classes. Following scheme is proposed: <organisational-prefix>.<application>.<deployment-unit>.<module>.<layer>.<optional further substructure if needed>. For example: com.mycompany.theCoolApp.server.user.persistence
Intermediate modeling block - represent a bigger-scale abstraction within the application
Architecture-revealing - helps understand architecture of the app
Promotes SRP
Managing Dependencies - for example allows cyclical dependencies between packages using JDepend.

Facebook announces Graph Search - a sign of things to come

Armed with the interconnected personal details of more than a billion people, Facebook Inc. is taking its first steps towards becoming the next major search force on the Internet.
...
Users will now be able to search for answers to specific questions related to their friends, such as “Movies my friends in Toronto like,” “Photos of my friends from 2009” or “Friends of friends who are single and men in Calgary.”

MongoDB adds Full-Text Search

The new text index provides a simple, fully consistent way to do basic search without deploying any extra services.

9 Software Security Design Principles

Key Aspects of Software Security

Integrity
Confidentiality
Availability

Security Design Principles

Least Privilege
Fail-Safe Defaults
Economy of Mechanism
Complete Mediation
Open Design
Separation Privilege
Least Common Mechanism
Psychological Acceptability
Defense in Depth

KeyboardJS 0.4.1 released

KeyboardJS, a library written to make working with the keyboard in JavaScript a lot easier.
For example it allows you to do this:

KeyboardJS.on('j + k', function () {
console.log('Both J and K are pressed');
});

What is the future for GWT?

While GWT is often thought of as an enterprise technology, 65% of the survey respondents are working on projects for use outside of their companies. That said, only 1% of the projects are games - the vast majority are business applications.
...
While the vast majority of the apps (over 98%) target desktop-based users, the number of these apps that also also target tablets (36%) eclipses the 26% of apps that also aim at mobile phones.

The main complaints with GWT are compile time (49%) and the lack of enough good quality UI widgets (34%). The biggest benefit of GWT is not having to deal with browser compatibility issues (60%). Despite the complaints, over 88% of the self selected respondents plan to use GWT on their next project. The report is available online in return for your name and email address.

Monday, January 14, 2013

Dev news digest for January 14, 2013

How NOT to Design Your API

People's feedback on article about Worst API pricatices.
Top description of bad APIs:

HTTP code 200 (OK) with body indicating bad results
Inconsistencies in naming, URL patterns
Bad documentation (like Facebooks)

The Importance of Threat Protection for RESTful Web Services

RESTful web services are closely aligned to the web itself and as such inherit all traditional threats from the web. Although network level threats are well understood and addressed by traditional firewall infrastructure, RESTful web services type APIs are also subject to content (or message) level threats: XML parsing libraries, JSON content, etc.

Trying to Understand CAP

The CAP theorem....states that such a system cannot guarantee at the same time Consistency, Availability and Partition tolerance. It is the cornerstone of modern NoSQL solutions that make various trade-offs between these qualities.

Consistency..roughly means that the clients get the same view of data
Availability is a property saying that every request to a non-failing node will return a (meaningful) response.
Partition tolerance means that the system will continue working even if any number of messages sent between nodes is lost.

Specific combinations of these qualities are discussed: P+C, A+P, A+C

"Lean Startup" Lessons for Big Companies

One of the most important things is to have cross-functional small teams in order to have small pockets within the company that work like startups
Another interesting aspect is that...how different employees have different skills and the ones good at innovating and starting projects are not necessarily the ones who are interested in or skilled for later stages of the project

Friday, January 11, 2013

Dev news digest for January 11, 2013

Links for good and bad practices when developing APIs

Java EE 7 Public Draft was Published.

In terms of completeness, the Web Profile offers a complete stack, with technologies addressing presentation and state management. (JavaServer Faces, JavaServer Pages), core web container functionality (Servlet), business logic (Enterprise JavaBeans Lite), transactions (Java Transaction API), persistence (Java Persistence API) and more.

Selecting your Collections Library

As often happens with of our articles – in 95% of your problems at hand the libraries introduced here will not add anything besides complicating your setup. But on the rare occasions when you need additional features or need to squeeze out the last bit of performance – it is good to be familiar with the landscape. And make an educated choice before writing a half-baked solution yourself.

NoSQL or Traditional Databases: Not Much Difference

I have spent considerable time tuning SQL statements and indexes, but in the end the best optimizations have always been those on the application and how the application uses the database. SQL Tuning almost always adds complexity and often is a workaround over bad application or data structure design. In the NoSQL world “SQL statement” tuning for the most part is a task of the past, but Data Structure Design has retained its importance! At the same time logic that traditionally resided in the database is now in the application layer, making application design even more important than before. So while some things have shifted, from an Application Performance Engineering Perspective I have to say: nothing really changed, it’s still about the application. Now more than ever!

Tuesday, January 8, 2013

Dev news digest for January 8, 2013

"Please Login to Your Facebook Account" - Behind a Data Mining Scam

Emails asking you to login to your facebook account can turn out to be pointing to phishing sites. They often your shortened links like http://bit.ly/10PMe. The site URL would look very similar to authentic site but with small difference like facebooURk.com

Copying Objects in Layered Applications

The User Interface has some representation of the data input by the user, it gets copied over into some kind of transport object (often suffixed TO (Arrrrgh)), which then gets copied over into the domain representation of the data, and finally gets copied over into the persistence representation.

That’s a lot of copying. Not good. In many cases this is just waste.

....

There are cases where you need to do some copying. For example when you transfer data between layers that are physically separate you have to serialize and deserialize them.

NoSQL Unit 0.7.3 Released

NoSQLUnit is a JUnit extension to make writing unit and integration tests of systems that use NoSQL backend easier.

Martin Fowler on Schemaless Data Structures

In recent years, there's been an increasing amount of talk about the advantages of schemaless data. Being schemaless is one of the main reasons for interest in NoSQL databases. But there are many subtleties involved in schemalessness, both with respect to databases and in-memory data structures. These subtleties are present both in the meaning of schemaless and in the advantages and disadvantages of using a schemaless approach.

Monday, January 7, 2013

Dev news digest for January 7, 2013

10 Considerations When Transferring Enterprise Applications to the Cloud

Security - Data at Rest/Transit
Software License Model
Performance
Disk I/O
Application Infrastructure Sharing
Hybrid Model
Network Connectivity
Prod /Non-Prod Environments
Storage
Open Source vs Proprietary

Be Careful With Cache Managers

If you are using spring and JPA, it is very likely that you utilize ehcache (or another cache provider). And you do that in two separate scenarios: JPA 2nd level cache and spring method caching.

When you configure your application, you normally set the 2nd level cache provider of your JPA provider (hibernate, in my case) and you also configure spring with the “cache” namespace. Everything looks OK and you continue with the project. But there’s a caveat. If you follow the most straightforward way, you get two separate cache managers which load the same cache configuration file. This is not bad per-se, but it is something to think about – do you really need two cache manager and the problems that may arise from this?

Probably you don’t. So you have to get rid of the redundant manager. To do that, you need to set your spring cache manager as shared.

Cassandra Gets Atomic Batches, Virtual Nodes, CQL Improvements

Cassandra 1.2 was recently released with several improvements:

Atomic batches for better transactional integrity, even if the coordinator fails mid-batch.
Virtual Nodes allows better control over clustering. You can also upgrade an existing node to vnodes
CQL3, with several improvements such as a new native binary protocol, support for collection types, a system keyspace.
Faster serialization through use of binary format instead of JSON
Cassandra 1.2 is designed to handle several terabytes of data per node, compared to upto 500 GB disk-space limit recommended in 1.0.

Are your Software Development Projects using Agile?

Gartner’s analysts (Thomas Murphy and David Norton) predict that by 2012 “agile development methods will be utilized in 80% of all software development projects”.

Spring 3.2 Released

Asynchronous MVC processing on Servlet 3.0, with Spring MVC handler methods being able to return Callables and DeferredResults
A ContentNegotiationStrategy is now available for resolving the requested media types from an incoming request.
A new @MatrixVariable annotation which adds support for extracting matrix variables (name-value pairs within path segments) from the request URI.
Improvements have been made to testing, with the inclusion of the formerly-standalone Spring MVC Test project, and support for loading WebApplicationContexts in the TestContext framework.
Spring now allows for @Autowired and @Value to be used as meta-annotations, so that a developer can build custom injection annotations in combination with specific qualifiers.
Spring provides an early CacheManager adapter for JCache, building against the JCache 0.5 preview. Full JCache support is expected next year, when Java EE 7 is released.

JAX-RS 2.0 and Bean Validation 1.1 First Java EE 7 JSRs to Win Public Approval

Java Enterprise Edition version 7 is well under way.

Oracle's JCP Program Office identifies the full Java EE 7 JSR feature list as:

JSR 107: JCACHE - Java Temporary Caching API
JSR 236: Concurrency Utilities for Java EE
JSR 338: Java Persistence 2
JSR 346: Contexts and Dependency Injection 1.1 for Java EE
JSR 352: Batch Applications for the Java Platform
JSR 349: Bean Validation 1.1
JSR 339: JAX-RS 2.0: The Java API for RESTful Web Services

Fastbook: Sencha Wants to Prove HTML5 Is “Ready”

Sencha has created Fastbook, an HTML5 application closely mocking Facebook’s native application and displaying similar performance both on iOS and Android in an attempt to demonstrate that “HTML5 is ready.”

Mark Zuckerberg, CEO of Facebook, said a few months ago that “the biggest mistake that we made as a company is betting too much on HTML5 as opposed to native because it just wasn’t there,” and the company decided to create native applications for iOS and Android, the later being launched less than a week ago. The general comment was that HTML5 is not “ready”, it is not fast enough, and there are difficulties developing it due to lack of proper tooling.

Welcome to Tech News Digest.

This blog is intended to provide a quick overview of important tech news for people that don't have time to sift through tons of news, let alone read them. Each news will be accompanied by a brief summary with a link to the news source in case more information is desired. An alternative to blogging such summaries would be sending them to a twitter stream, but i'm afraid 140 characters is not always enough to summarize content of an article.

I intend to follow these topics:

News for Software Developers (particularly Java)
News for Software Architects
Curious technology news and trends
Occasional digressions to unrelated subjects like economy, etc., which i will try to keep to the minimum.

Any comments and suggestions are welcomed.