InfoQ Homepage Architecture Content on InfoQ
-
New Exploit Breaks Current Spectre Defenses; Fixes Hard without Performance Impact
Researchers from the University of Virginia School of Engineering recently disclosed a new Spectre hardware exploit that can steal secrets via Intel/AMD micro-op caches and circumvents current Spectre defenses. Intel and AMD say no new guidance is needed. Researchers say suggested fixes are inconvenient to deploy or have performance drawbacks.
-
Find Solutions to Your Software Challenges at QCon Plus
Last November at QCon Plus, over 1,450 of your peers joined us at the virtual event in order to keep on top of software trends and find solutions to validate their technical roadmaps. Now is the time to book your attendance at the next event! With less than five weeks before QCon Plus May 2021, over 1,800 senior software engineers, architects, and team leads have already booked their spot.
-
.NET News Roundup - Week of April 26th, 2021
This past week was marked by Microsoft joining the Bytecode Alliance. InfoQ examined this and a number of smaller stories in the .NET ecosystem from the week of April 26th, 2021.
-
Gremlin Adds Automated Service Discovery for Targeting Chaos Experiments
Gremlin, a chaos engineering platform, recently announced automated service discovery. This new feature will auto discover services running within dynamic environments. These services are then available to target for chaos experiments. Gremlin has also added role based access control for their API keys.
-
Prisma ORM Tool Suite Is Ready For Production in Node.js and TypeScript Apps
Nikolas Burk, developer relations at Prisma — the database ORM — recently announced that all Prisma tools (Prisma Client, Prisma Studio, Prisma Migrate) are ready for production usage. Prisma Migrate graduated from preview this year and is now generally available.
-
Google Announces General Availability of the Automation Capability for Appsheet
Recently, Google announced the general availability of AppSheets Automation, an additional capability to AppSheet, the company’s no-code development platform. With Automation, customers can automate repetitive tasks and business processes.
-
Spotify's Journey to a Unified Codebase for Its Web and Desktop Clients
Spotify recently published an account of their journey towards a unified codebase for their web and desktop clients. Spotify's team was the owner of a web-player and a separate, full-featured desktop client. Due to having to implement many features twice, they were not shipping at the pace they wanted. Now Spotify created one codebase for both, resulting in an improved development cadence.
-
Sentry Migrates Its Frontend to Typescript - Lessons Learned
Mark Story and Priscila Oliveira recently shared lessons learned when converting Sentry’s frontend codebase (one-year effort, 100,000 lines of code) to TypeScript. The pair described a gradual conversion process in which TypeScript progressively replaced JavaScript, types were continuously refined as new TypeScript language features were released, and complex types were built incrementally.
-
Virtualizing Design Sprint and UX Workshops
Design sprint and UX workshops can be done virtually using a combination of remote whiteboards and communication platforms. It brings advantages like being able to invite international experts, having remote participants attend, less travelling, smaller carbon footprint, and lower costs.
-
JHipster 7.0: Java Application Generator Stretches beyond Spring Boot Roots
JHipster 7.0, released March 23, updated the data model editor JDL Studio to version 2, added Snyk security vulnerability scanning, and introduced the JHipster Control Center to manage microservices. The release also updated dependencies & defaults and was followed by version 7.0.1 on April 2.
-
GitHub Changes Token Format to Improve Identifiability, Secret Scanning, and Entropy
GitHub has recently moved to a new format for all of its tokens, including personal access, OAuth access, user-to-server and server-to-server, and refresh tokens. As GitHub engineer Heather Harvey explains, the new format aims to make tokens more easily identifiable, including when scanning repos for secrets, and to increase their entropy.
-
Couchbase Details Its Distributed ACID Transaction Architecture
Couchbase recently published a detailed explanation of its distributed multi-document ACID transaction implementation. In its blog post, Couchbase lays out how its DB engine supports the Monotonic Atomic View consistency model, which is a strengthened version of the Read Committed consistency model.
-
Cheryl Hung on Trends in Cloud Native and DevOps for 2021
In a recent keynote for The DEVOPS Conference, Cheryl Hung, VP ecosystem for the Cloud Native Computing Foundation (CNCF), shared her top 10 predictions for cloud native in the upcoming year. This includes improvements in cross cloud support, growth in GitOps and chaos engineering practices, and an increase in the adoption of FinOps.
-
10 Years after Inception, WebRTC Becomes an Official Web Standard
Web Real-Time Communications (WebRTC) recently became a web standard. This is a major milestone on a long journey for WebRTC that started in 2011 with Google open-sourcing key necessary technologies. The new standard will continue to evolve as the WebRTC Working Group strives to integrate new use cases — live processing of audio and video feeds, Internet of Things use cases, and more.
-
Two Hidden Instructions Discovered in Intel CPUs Enable Microcode Modification
Security researchers Mark Ermolov, Dmitry Sklyarov, and Maxim Goryachy discovered two undocumented x86 instructions that can be used to modify the CPU microcode. The instructions can only be executed when the CPU runs in debug mode, which makes them not easily exploitable, though.