Programmer Weekly (Issue 96 March 10 2022)

Programmer Weekly - Issue 96

March 10, 2022

Programmer Weekly

Welcome to issue 96 of Programmer Weekly. Let's get straight to the links this week.

From Our Sponsor

Spend more time perfecting your MongoDB queries and less time typing in a shell, with Studio 3T's Visual Query Builder, Aggregation Editor, and SQL Query. Then turn those queries into code automatically. That's just the start of the Studio 3T Toolbox -

Quote of the Week

 

"Functions should do one thing. They should do it well. They should do it only." - Robert C. Martin

News

Researchers at Carnegie Mellon University have developed a code-generating AI system that they claim can write in C better than OpenAI's Codex.

The National Science Foundation (NSF) just announced US$ 21 million to fund open source development through a new program: Pathways to Enable Open-Source Ecosystems (PEOSE).

The 2022 Java Developer Productivity Report is based on a survey of Java development professionals around the world. The survey focused primarily on the Java technologies and approaches used in developing Java applications today. We also included questions specific to performance issues, microservices, and CI/CD, as well as respondent demographics and organization firmographics.

Espionage tool is the most advanced piece of malware Symantec researchers have seen from China-linked actors.

Reading List

Everything you need to know about monorepos, and the tools to build them.

Learn how to automate your grocery shopping using the Robot Framework so that you spend less time shopping.

15 language-agnostic, actionable tips on REST API design.

Some of the tricks we used to speed up SELECT-s in PostgreSQL: LEFT JOIN with redundant conditions, VALUES, extended statistics, primary key type conversion, CLUSTER, pg_hint_plan + bonus

Thanks to SQLite VFS abstraction, it is possible to implement your own file system on which SQLite parks data and structures. Inspired by Phiresky's sql.js-httpvfs which uses HTTP Range requests to lazy load blocks of storage from a static web server, I changed few lines of code to point the VFS read() calls to a database seeded by peers as a torrent. A 300 MiB db with 2 million records can be queried from seeders for full text searches in less than 2 MiB traffic with the BitTorrent protocol, all inside the browser, in a static website. 

This report presents best practices for overall network security and protection of individual network devices, and will assist administrators in preventing an adversary from exploiting their network. While the guidance presented here is generic and can be applied to many types of network devices.

WebGPU is an upcoming Web API that gives you low-level, general-purpose access GPUs. Learn how having a modern API to talk to GPUs on the web is going to be very interesting.

Despite the fact that it is not a ‘real’ vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really shouldn’t), this could really be handy at some point in the future.

Why should you use HTTPS for development? How can you set it up? This article will explain (almost) everything.

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.

Watch and Listen

In the Pwn Zero To Hero series, we will be going on an adventure through the land of binary exploitation. We will cover things such as assembly, stack-based buffer overflows, format strings, return-oriented programming and heap exploitation.

In this course, we will build a live streaming app that allows you to stream with friends and be able to control their audio, video, and whether they are visible overall. On top of that this app will be able to push this stream out to most streaming platforms including Youtube and Twitch. 

Interesting Projects, Tools and Libraries

Faster, better, interactive cheatsheets.

Build APIs in 5 minutes with GraphQL. An instant GraphQL to SQL compiler. 

A static analyzer for Java, C, C++, and Objective-C.

A low code engine to create web services and dashboard. 

A handy way to handle sh/bash cli parameters. 

DevStream (CLI tool named dtm) is an open-source DevOps toolchain manager.

Web Extension for Firefox/Chrome/MS Edge and CLI tool to save a faithful copy of an entire web page in a single HTML file.

A server monitor tool for linux based machines using remote proc file system with script execution. 

Hermit manages isolated, self-bootstrapping sets of tools in software projects.

Our Other Newsletters

- A free weekly newsletter featuring the best hand curated news, articles, tools and libraries, new releases, jobs etc related to Python.

- A free weekly newsletter for entrepreneurs featuring best curated content, must read articles, how to guides, tips and tricks, resources, events and more.