News from the World of Software Development – May 2018

git desktopp

Welcome to the May edition of the software development news digest here at the Betica Blog. We regularly take a look at some interesting stories influencing the application engineering world. Hopefully, they provide a measure of insight to help your own coding projects.

If you are interested in checking out last month’s digest, simply click on the following link. We cover an AI routine that knows how to code. As always, thanks for reading!

GitHub imagining the Future of Collaborative Software Development

The ubiquitous source code repository giant, GitHub, naturally lies at the center of most software development shops’ workflow. This gives the organization a unique ability to influence the overall engineering process across the industry. Collaborative development is one such natural area given the organization’s distributed source control system. An article about GitHub’s importance appeared this week at The Next Web.

A collaborative spirit existed at GitHub from the beginning. The company released a public API for its source control application soon after going live. The software teams behind Ruby on Rails and Bitcoin leveraged it for source control as well as an example of the power of team development.

Ultimately, these two facts highlight the reason the open source movement is so influential throughout the tech industry. Since GitHub is essentially the standard for source code control, it played a large role in transitioning coding from a solitary task to something more social and interactive.  Aaron Upright noted as much in his article for The Next Web.

“Contrasted with alternatives like GitLab and BitBucket, GitHub has taken a best-of-breed approach. It’s essentially created a platform from which it’s possible integrate the products and tools that are better than what it feels it can create. It’s not building chat tools or CI functionality or project management on its own; instead, it makes it easy to integrate Slack, or Circle CI, or whatever else you might want,” commented Upright.

In short, GitHub makes it easy to collaborate when coding; setting an example for – as well as influencing – the rest of the industry.

Oracle finally to remove Java Serialization Security Hole

Serialization is one of the most important functions in software development, allowing data objects to be easily distributed as byte streams. Unfortunately, Java’s serialization routines, in place for decades, create a security hole easily exploited by nefarious agents. Oracle recently announced they plan to remove serialization from future versions of Java. News about the change appeared this week in InfoWorld.

The company plans on an approach allowing developers to use their own serialization engine. It interacts with a small framework included in a future version of the “platform once records” – Java’s nomenclature for data classes. It is expected to support JSON and XML as well as other formats.

Oracle feels they made a massive mistake with the current version of serialization implemented in 1997. They noted that nearly one-half of all Java security vulnerabilities are because of this engine. The company recently added a way to filter the classes being serialized as one way to mitigate the risk before the new serialization framework gets introduced.

Oracle provided no information on which upcoming version of Java is slated to include the reengineered serialization framework. Stay tuned!

That’s it for this month’s news digest. Keep coming back for additional software development insights from the Betica Blog.   

An Overview of the New MySQL 8.0

mysql desktop

MySQL remains a valid database option for companies looking for an alternative to Oracle or SQL Server. While it may not offer the enterprise-level horsepower of PostgreSQL, it still works well for many scenarios. This is likely why it maintains its status as the most popular open source database in the industry.

Recently, the folks behind MySQL released version 8.0 of the database. New features and functionality abound. Let’s take a high level overview of this new edition to see if there’s anything to help with your own software development projects.

The New Features in MySQL 8.0

The new version of MySQL added a whole host of enhanced SQL functionality. This includes support for window functions, common table expressions, as well as the NOWAIT and SKIP LOCKED statements. Most notably, window functions provide the ability to perform analytics on stored data; this is long-awaited feature as SQL Server added it in 2003.

They also added support for descending indexes which provides a performance improvement, especially when working with large datasets. The new GROUPING() function lets developers build datasets that distinguish super-aggregate rows from the results of GROUP BY queries. Both of these features were highly requested among the MySQL user community.

Boosting overall application performance becomes essential when using MySQL. Version 8.0 gives developers a new syntax for including optimizer hints. You simply place them using something similar to inline comment blocks after a SELECT, INSERT, UPDATE, REPLACE, or DELETE statement.

Additionally, the new version adds optimizer hints for a variety of INDEX and JOIN statements.  Now developers can control index merge behavior for each individual query or even the table order when performing a join. The MySQL development team feels the new optimizer hint syntax makes it easier to use while also boosting code readability.

MySQL adds Improved JSON Support

The JSON format is essential for web applications that rely on transferring objects expressed as a data structure. MySQL 8.0 improves its support for JSON in a myriad of ways. First, it adds extended syntax for ranges when using JSON path expressions.

The new JSON table functions lets you use regular SQL statements when working with JSON data. This is a boon for developers especially skilled in writing SQL queries. It essentially creates a relational view of JSON data.

Other new JSON features in MySQL 8.0 include aggregation and merge functions. A boost in sorting performance and the ability to perform partial updates are also welcome. The former helps to optimize large applications while the latter makes replication processes faster.

Other New MySQL 8.0 Features

Another significant new feature in MySQL 8.0 is support for GIS, including the Spatial Reference System. This lets applications using the database to easily calculate global distances given a LAT and LONG. The database now supports bitwise operations on binary data types, making the processing of IPV6 addresses easier.

The MySQL query optimizer also gets some improvements beyond the new hint syntax. Histograms and better handing of data buffering help engineers boost overall app and database performance. Finally, the database boasts improved reliability, availability, and reporting with an eye towards being used at companies following DevOps.

In short, MySQL 8.0 adds a host of new features making the database more attractive to organizations with high-demand applications. The improved DevOps support is also welcome. For more detailed information on MySQL 8.0, simply click on this link.

Thanks for reading this edition of the Betica Blog. Keep returning for additional insights on the software development world.

Pitfalls to avoid when adopting DevOps

devops2As DevOps continues to grow in popularity, some organizations still struggle with its successful implementation. Perhaps developers really don’t understand the practice and chafe at being forced to follow its concepts? Maybe the network engineers feel DevOps favors the software team, while automating many of their standard administrative tasks?

Whatever the reasons for its difficulty in adoption, getting things right offers many benefits to software shops of all sizes. DevOps plays a key role in boosting development efficiency to the point it becomes a competitive advantage. So, let’s take a look at a few common pitfalls to avoid when adopting DevOps.

Avoid these Mistakes when adding DevOps at your Software Shop

Rebecca Dodd, from the software development process experts at GitLab, wrote an article for DZone covering these major pitfalls to avoid during a DevOps implementation. She talked with a few people at GitLab responsible for project success with their customer base. They provided interesting food for thought on what issues hamper DevOps adoption.

Focusing Too Much on the Tools

GitLab noted that companies who make too much of an investment on their toolset tend to encounter difficulty when implementing DevOps. GitLab Technical Account Manager, John Woods, commented on the issue. “You think you have it all when you’ve got your issue tracker, version control system, CI/CD service, etc. However, what’s the cost of setting all those up and configuring them to ‘talk’ to each other?” said Woods. 

In essence, the time spent configuring and integrating multiple tools takes up valuable time and resources. GitLab calls this the “DevOps Tax.” Make it a point to ensure you use tools that support your DevOps policies and procedures; not the other way around.

In a similar fashion, some companies simply become too attached to their development tools. This adds difficulty if those tools aren’t really compatible with the unique DevOps methodology. GitLab notes some customers try to wrench decades-old tools into their fledgling modern workflow.

Ultimately, the smartest tack involves finding the right integrated toolset compatible with how software gets written in a DevOps world.

Deployment and Monitoring are as Important as Development and Testing

Another pitfall noted by Dodd involves companies not covering the entire SDLC when adopting DevOps. Instead, the only follow its principles for software development and QA, ignoring it for the deployment and monitoring processes. Ultimately, this isn’t a true DevOps implementation.

In most cases, companies leverage DevOps to achieve continuous integration or continuous delivery. Reaching these goals isn’t possible without a full adoption of the methodology. In short, go hard or go home!

Security needs to be part of the DevOps Equation

We previously talked about the importance of information security as part of any DevOps implementation. This is one of the reasons DevSecOps is a hot buzzword. In these days, cybersecurity needs to be a core concept within any software development practice – DevOps or not.

GitLab notes that companies adopting DevOps who still treat security as an afterthought ultimately struggle with its implementation. Valuable resources end up making security-related fixes at the last minute. Consider a DevSecOps approach.

Ultimately, steer clear of these pitfalls to ensure your DevOps adoption goes great!

Keep coming back to the Betica Blog for additional insights and dispatches from the wide world of software development. Thanks for reading!