Latest News Archives - SD Times https://sdtimes.com/category/latest-news/ Software Development News Fri, 12 May 2023 17:37:01 +0000 en-US hourly 1 https://wordpress.org/?v=6.1.1 https://sdtimes.com/wp-content/uploads/2019/06/bnGl7Am3_400x400-50x50.jpeg Latest News Archives - SD Times https://sdtimes.com/category/latest-news/ 32 32 Google removes waitlist for Bard, highlights recent and upcoming improvements https://sdtimes.com/ai/google-removes-waitlist-for-bard-highlights-recent-and-upcoming-improvements/ Fri, 12 May 2023 17:37:01 +0000 https://sdtimes.com/?p=51150 Earlier this year, Google announced Bard, a generative AI solution meant to compete with OpenAI’s ChatGPT. Previously the only way to use Bard was to get on the waitlist, but now the company is announcing that it is removing that waitlist and opening Bard up to all. With this announcement, Bard will be available in … continue reading

The post Google removes waitlist for Bard, highlights recent and upcoming improvements appeared first on SD Times.

]]>
Earlier this year, Google announced Bard, a generative AI solution meant to compete with OpenAI’s ChatGPT. Previously the only way to use Bard was to get on the waitlist, but now the company is announcing that it is removing that waitlist and opening Bard up to all.

With this announcement, Bard will be available in 180 countries and territories, and more will be added. 

Google also revealed that Bard now supports Japanese and Korean. Soon it will support 40 different languages.

RELATED CONTENT: Google announces updates to Android, Google Cloud, Workspaces, Google Play, and more at Google I/O

Since its initial launch, Google has also made some improvements to Bard, such as changing the large language model (LLM) to PaLM 2, which enables Bard to have more advanced math, reasoning, and coding skills. 

An upcoming update will add visuals to Bard. For example, the prompt “What are some must-see sights in New Orleans?” will provide images along with text. 

In addition to responses containing images, prompts will also be able to use images, with Google Lens being used to analyze photos. For example, you could upload a photo of your dog and ask Bard to write a funny caption for it, and it will analyze the photo, detect your dog’s breed, and write a few captions. 

Google will also be improving on the coding side of Bard, with new features like better citations that can be clicked through to see the source, dark mode, and an export button so that code can be run in Replit. 

It is also adding an export function to Gmail and Google Docs. “For example, let’s say — like me — you’re a die-hard pickleball fan. You can ask Bard to write an email invitation for your new pickleball league, summarizing the rules of the game and highlighting its inclusivity of all ages and levels. Just click the ‘draft in Gmail’ button so you can make those final tweaks before getting your pickleball league off the ground,” Sissie Hsiao, vice president and general manager for Google Assistant and Bard, wrote in a blog post

In the next few months, Google also has planned integrations with Adobe’s suite of products. It will integrate with Adobe Firefly, which is a set of generative AI models for image creation, and the results can be exported to Adobe Express. Other upcoming partners include Kayak, OpenTable, ZipRecruiter, Instacart, Wolfram, and Khan Academy.

“There’s a lot ahead for Bard — connecting tools from Google and amazing services across the web, to help you do and create anything you can imagine, through a fluid collaboration with our most capable large language models,” Hsaio wrote. 

The post Google removes waitlist for Bard, highlights recent and upcoming improvements appeared first on SD Times.

]]>
Patch the cloud native development talent gap with platform engineering https://sdtimes.com/cloud/patch-the-cloud-native-development-talent-gap-with-platform-engineering/ Fri, 12 May 2023 16:06:14 +0000 https://sdtimes.com/?p=51147 Cloud native technologies—with their malleable, modular microservice architectures—quickly generate transformative digital innovations that deliver high-demand customer capabilities and operational value breakthroughs.  But wait, how many Kubernetes experts do we have? We’ve got an industry-wide shortage of skilled software development and operations talent—and the complexity of cloud native development is exacerbating the problem. We’re not going … continue reading

The post Patch the cloud native development talent gap with platform engineering appeared first on SD Times.

]]>
Cloud native technologies—with their malleable, modular microservice architectures—quickly generate transformative digital innovations that deliver high-demand customer capabilities and operational value breakthroughs. 

But wait, how many Kubernetes experts do we have? We’ve got an industry-wide shortage of skilled software development and operations talent—and the complexity of cloud native development is exacerbating the problem. We’re not going to hire our way out of this mess!

Skill shortages stymie cloud native innovation

Even non-technical executives now understand the basic benefits of cloud native software. They know it has something to do with Kubernetes pushing out containers, so the resulting applications are more modular and take advantage of elastic cloud infrastructures.

There’s way more to it than that. The cloud native landscape is a beehive of open-source projects for configuration, networking, security, data handling, service mesh – at various maturity stages. There are also hundreds of vendors offering their development, management and support tools atop this ever-moving CN raft.

A developer’s learning curve is steep and continuous, since this year’s stack might no longer be relevant next year. Outsourcing is tough too, when the few consultants with a real knack for cloud native development are busy and expensive.

The only way to sustainably grow is through building cloud native development talent and capabilities from within, following the introduction and maturation of the space, as well as keeping tabs on the vendor and end user community at large.

While the market demand for digital offerings keeps doubling every couple years, IT budgets often get a budget belt-tightening as a reward for managing and scaling so much technology.

Smaller and leaner teams are expected to deliver twice the output with half the people. The need for specialized skill positions only increases as concepts like event-driven architecture, data lakehouses, real-time analytics, and zero-trust security policies turn into production-grade requirements. 

Why platform engineering matters

No matter what target environment they are contributing to, developers still spend most of their time coding within an IDE. Over the years, vendors have tried everything from low-code tools to process toolkits to lower the skills bar, but the pipelines don’t translate into easy wizards. 

Complex open-source tooling, third party service APIs, and code that is being mixed and matched from GitOps-style repos are driving cloud native development teams toward a new platform engineering approach.

Platform engineering practices seek to create shared resources for development environments–encouraging code, component, and configuration reuse. 

Common platform engineering environments can be represented within a self-service internal development portal or an external partner marketplace, often accompanied by concierge-style support or advisory services from an expert team that curates and reviews all elements in the platform.

It’s critical to govern the platform’s self-service policies for access permissions, code, logic, data, and automation at just the right level of control for the business it supports. 

Too much flexibility ends up creating overhead, as diverse stakeholders fail to distinguish between the relative value or usefulness of so many unvalidated and poorly categorized components of the platform.

Too much rigidity in policy design can create the opposite problem, where centralized governance and approval cycles for every element slow down solution delivery and take away the innovative freedom developers crave.

A modern approach to cloud native platform engineering can finally bring the principles of governance, consistency and reuse to the table.

Speedy innovation through infrastructure abstraction

Refreshingly—or maddeningly—there’s no single right way to ‘do’ cloud native. Even Kubernetes is by itself just an abstraction of container orchestration and only one option for going cloud native.

As an open-source movement, the CNCF purposely leaves the future approach open to interpretation by the community. It doesn’t dictate a particular language, or even a specific piece of infrastructure. 

That’s excellent, but it also leaves short-handed dev teams managing complex plumbing and experimenting with integration options, rather than building better functionality. That’s where platform engineering practices can save the day.

The decision to create a platform is a commitment to help developers of varying skill levels abstract away the complexity of underlying cloud native architectures with interfaces and tools atop readily configured environments.

A platform engineering approach must offer ease of use, elimination of toil, and reduced cognitive load for development teams—helping orgs attract and retain the best talent.

The Intellyx Take

Truly innovative ideas that impact customers represent a core competitive differentiator, and should grow from within the enterprise. That’s difficult when the supply of skilled cloud native development resources is constrained.

Fortunately, platform engineering organizations and technology stacks can automate some of the most difficult work of delivering on the needs of API-driven microservices environments.

The post Patch the cloud native development talent gap with platform engineering appeared first on SD Times.

]]>
SD Times Open-Source Project of the Week: Cedar https://sdtimes.com/software-development/sd-times-open-source-project-of-the-week-cedar/ Fri, 12 May 2023 13:54:49 +0000 https://sdtimes.com/?p=51143 AWS open-sourced a language called Cedar that enables users to easily create and enforce access control policies.  It provides a unified framework for policy creation and management across multiple clouds, simplifies policy writing, and supports popular authorization models such as role-based and attribute-based access control. Additionally, AWS has adopted a verification-guided development process to ensure … continue reading

The post SD Times Open-Source Project of the Week: Cedar appeared first on SD Times.

]]>
AWS open-sourced a language called Cedar that enables users to easily create and enforce access control policies. 

It provides a unified framework for policy creation and management across multiple clouds, simplifies policy writing, and supports popular authorization models such as role-based and attribute-based access control. Additionally, AWS has adopted a verification-guided development process to ensure the security and safety of Cedar.

The open-sourcing of the project also includes the Cedar language specification and SDK which offers libraries for authoring and validating policies and authorizing access requests. 

Amazon Verified Permissions uses Cedar to allow you to manage fine-grained permissions in your custom applications. With Amazon Verified Permissions, you can store Cedar policies centrally, have low latency with millisecond processing, and audit permissions across different applications. 

The open-source libraries of Cedar allow users to test and validate policies on their own computers before deploying them with Amazon Verified Permissions. This makes it possible to use Cedar to run applications not connected to the network, allowing users to customize the libraries to meet their needs.

Additional details on the project are available here

The post SD Times Open-Source Project of the Week: Cedar appeared first on SD Times.

]]>
The Rage Cage https://sdtimes.com/test/the-rage-cage/ Thu, 11 May 2023 16:40:16 +0000 https://sdtimes.com/?p=51135 If you’re like us, there are things in the world — and specifically in the IT space — that get us all worked up. Today, SD Times brings you Scott Moore, a performance testing guru who’s not afraid to share his opinions on a wide range of topics relevant to our work and how we … continue reading

The post The Rage Cage appeared first on SD Times.

]]>
If you’re like us, there are things in the world — and specifically in the IT space — that get us all worked up. Today, SD Times brings you Scott Moore, a performance testing guru who’s not afraid to share his opinions on a wide range of topics relevant to our work and how we look at IT. Join him as he vents in “The Rage Cage.” (Note: The opinions expressed in “The Rage Cage” are those of Scott Moore and do not necessarily reflect the viewpoints of SD Times or its editors.)

 

Episode 1:  Is AI coming for your job?

 

 

The post The Rage Cage appeared first on SD Times.

]]>
Julia 1.9 delivers native code caching https://sdtimes.com/software-development/julia-1-9-delivers-native-code-caching/ Thu, 11 May 2023 16:06:14 +0000 https://sdtimes.com/?p=51130 Following three beta releases and three release candidates, version 1.9 of the Julia programming language has been released. This brings a number of updates, including the ability to cache native code, package extensions, and heap snapshots. With the introduction of native code caching, package authors can now utilize precompile statements or workloads with PrecompileTools in … continue reading

The post Julia 1.9 delivers native code caching appeared first on SD Times.

]]>
Following three beta releases and three release candidates, version 1.9 of the Julia programming language has been released. This brings a number of updates, including the ability to cache native code, package extensions, and heap snapshots.

With the introduction of native code caching, package authors can now utilize precompile statements or workloads with PrecompileTools in order to cache critical routines earlier on. Users also have the ability to build custom local “Startup” packages that load dependencies and precompile workloads specifically for their day-to-day work. 

However, the company stated that with this capability comes an increase in precompilation time by ten to fifteen percent, and cache files have grown because of the storage of more data and the use of a different serialization format.

Next, the introduction of package extensions automatically loads a module when a set of packages are loaded. The module is contained in a file in the ext directory of the parent package and loads the “weak dependency” and extend methods.

This feature is intended to reduce the amount of capabilities a customer is paying for that they do not actually use. Package extensions also allow for the precompilation of conditional code and the addition of capability constraints on weak dependencies.

Julia 1.9 also brings heap snapshots that can be examined using Chrome DevTools. To create a heap snapshot, the user must use the Profile package and call the take_heap_snapshot function. 

Additionally, to simplify the process of identifying the total number of objects retained, customers can utilize the all_one=true argument and every object’s size will be reported as one, so they can focus more on the number of objects. 

A new command flag had also been introduced, –heap-size-hint=<size>. With this, users can set a limit on memory usage and the garbage collector will then work harder to clean up memory that is not used.

“Julia is incredibly attractive for people who have really demanding computational needs,” said Tim Holy, professor of neuroscience at Washington University School of Medicine and one of the core contributors behind the update. “You can think of previous versions of Julia like a jet airplane: a fantastic way to travel long distances, but probably not your preferred vehicle for going to the grocery store. Julia’s speed on big tasks arises from its ability to generate high-quality machine code; but generating such code takes time, and for a simple task it could mean spending more time generating code than running it. It’s a bit unfortunate for a new user, who has heard so much about Julia’s speed, to have their first experience be waiting for it to compile lots of package code before they can start doing anything useful. No matter how fast it runs once it’s ready, that’s not the best first impression.”

To read the full list of features, visit the website.

The post Julia 1.9 delivers native code caching appeared first on SD Times.

]]>
ASTQ Summit brings together test practitioners to discuss implementing automation https://sdtimes.com/test/astq-summit-brings-together-test-practitioners-to-discuss-implementing-automation/ Thu, 11 May 2023 14:54:59 +0000 https://sdtimes.com/?p=51127 Is automated testing worth the expense? Real test practitioners will show how test automation solved many of their quality issues when the Automated Software Testing and Quality one-day virtual event returns on May 16. Produced by software testing company Parasoft, among the topics to be discussed are metrics, how automation can significantly cut test time, … continue reading

The post ASTQ Summit brings together test practitioners to discuss implementing automation appeared first on SD Times.

]]>
Is automated testing worth the expense?

Real test practitioners will show how test automation solved many of their quality issues when the Automated Software Testing and Quality one-day virtual event returns on May 16. Produced by software testing company Parasoft, among the topics to be discussed are metrics, how automation can significantly cut test time, shifting testing left, the use (or not) of generative AI, the synergy between automation and service virtualization, and more.

“We’ve worked really hard to make sure that most of the sessions are coming from the practitioner community,” said Arthur Hicken, chief evangelist at Parasoft. “So people are telling you how they solved their problem – what metrics they use to solve the problems, what the main challenge was, what kind of results they saw, you know what pitfalls they’ve hit.”

As for AI in testing, Hicken said Parasoft has created AI augmentations at every aspect of the testing pyramid, which he acknowledged is getting “kind of long in the tooth,” before adding that it still is useful, helpful advice. “Whether it’s static analysis, unit test, API testing, functional testing, performance testing, UX testing, we’ll talk about how these different things will help you in your day-to-day job.”

He went on to say that he doesn’t believe the things he’s talking about are job killers. “I think they’re just ways to help. I haven’t met any software engineer that says, I don’t have enough to do, I’ve got to pad my work with something. I think just being able to get their job done will make their life better.”

On the subject of generative AI, Hicken says it can be quite smart about some things but struggles with others. So, the more clearly you can draw the boundaries of what you expect it to be able to do, and the more narrow you can scope it down, AI just does a better job.

This, he said, is true of testing in general. “Service virtualization helps you decouple from real-world things that you can’t really control or can’t afford to play with,” he said. “Most people don’t have a spare mainframe. Some people interact with real-world objects. We see that in the healthcare space, where faxes are part of a normal workflow. And so testing becomes very, very difficult.”

Further, he said, “As we use AI to start to increase the amount of testing, we’re doing the permutations, we run into a data problem, we just don’t have enough real data. So it starts synthesizing virtual data. So the service virtualization is a way to synthesize data to get broader coverage. And because of that, there’s always a temptation to use real-world data as your starting point. But in many jurisdictions, real-world data is a pretty big no-no. GDPR doesn’t allow it.”

So, in the end, the question remains: How do you know it was worth it? What did you do to measure? Hicken said, “I don’t believe there’s a universal quality measure or ROI measure; I believe there are lots of fascinating different things that you can look at that might be interesting for you. So I would say look for that.”

Hicken also noted, humorously, that if test automation did not deliver value, the speakers he sought out for ASTQ would not have returned his calls. 

There is still time to register to learn more about automated software testing and Parasoft.

The post ASTQ Summit brings together test practitioners to discuss implementing automation appeared first on SD Times.

]]>
Google announces updates to Android, Google Cloud, Workspaces, Google Play, and more at Google I/O https://sdtimes.com/software-development/google-announces-updates-to-android-google-cloud-workspaces-google-play-and-more-at-google-i-o/ Wed, 10 May 2023 23:31:22 +0000 https://sdtimes.com/?p=51124 Today at Google I/O 2023, Google’s developer conference, several updates to Google products and services were announced in order to offer developers improved experiences. Among these announcements was the launch of the Watch Face Format. This offers developers a new way to build watch faces for Wear OS smartwatches with a declarative XML format to … continue reading

The post Google announces updates to Android, Google Cloud, Workspaces, Google Play, and more at Google I/O appeared first on SD Times.

]]>
Today at Google I/O 2023, Google’s developer conference, several updates to Google products and services were announced in order to offer developers improved experiences.

Among these announcements was the launch of the Watch Face Format. This offers developers a new way to build watch faces for Wear OS smartwatches with a declarative XML format to design the appearance and behavior of watch faces.

According to Google, this means there is no need for the executable code involved in building a watch face, and there is also no code embedded in the watch face APK.  With this release, users can create analogue and digital watch faces, watch faces with complications, customizable watch faces, and more. 

Updates have also been made to Jetpack Compose, including the ability to bring Compose everywhere that the developer is building UI, whether that be on a phone, tablet, foldable device, watch, or TV. These changes are available in the May 2023 release and the most recent alpha versions of the Compose libraries.

Furthermore, the performance of Compose has been improved. The company stated that since October, modifiers have started to migrate to an improved system, and with this, text has seen a 22% performance gain that can be seen in the latest alpha release.

The alpha version of the UI framework for creating functional apps for Android TV Compose for TV has also been released. With this, apps can be built with less code, easier maintenance, and a modern Material 3 look. 

Next, Android Studio Hedgehog was launched in order to offer developers an AI powered conversational experience geared at heightened productivity. This offers improved tools when developing for multiple form factors, and helps to improve the quality of applications with new insights, debugging, and testing solutions.

Android for Cars also received updates intended to expand the reach developers have with users in the car.

Among these updates is the global rollout of Waze on the Google Play Store for all cars with Google built-in. Additional templates were also created for Android for Cars App Library in order to accelerate development time across several app categories, such as navigation.

This update also brings tools to port media apps across Android for Cars; new app categories for driving experiences; and video, gaming, and browsing in cars. 

Additionally, Google Play has been updated so that on top of the ability to tailor by country and pre-registration status, users can now customize listings for inactive users, so they have the chance to try out an app or game again.

Google also announced that custom store listing groups for Google Ads App campaign ad groups are set to be launched in the near future. This will allow for custom listings to be served to users coming from specific ads on AdMob and YouTube.

Next, Google Workspace adds Duet AI, combining all of Workspace’s generative AI features and allowing users to collaborate with AI so they can enhance their productivity. Duet AI is also coming to Google Cloud, enabling users to solve common work challenges with the AI collaborator.

There have also been several updates to Vertex AI, including three new foundation models that can be accessed through API, tuned through an AI in Generative AI Studio, or deployed to a data science notebook. 

Lastly, Google Cloud has launched the next-generation A3 GPU supercomputer. With this, Google Cloud offers users a complete range of GPU for the training and inference of machine learning models. 

For more information on these releases, visit the website

The post Google announces updates to Android, Google Cloud, Workspaces, Google Play, and more at Google I/O appeared first on SD Times.

]]>
Open Source Summit: AWS open sources Cedar, SPDX Release Candidate 3.0, and OpenSSF updates https://sdtimes.com/open-source/open-source-summit-aws-open-sources-cedar-spdx-release-candidate-3-0-and-openssf-updates/ Wed, 10 May 2023 19:11:10 +0000 https://sdtimes.com/?p=51119 Open Source Summit North America is taking place this week in Vancouver. The event, hosted by the Linux Foundation, is a celebration of the open source community. It has the support of many major players in the industry, with news announced during the event coming from AWS, Meta, and more.  Here are highlights of the … continue reading

The post Open Source Summit: AWS open sources Cedar, SPDX Release Candidate 3.0, and OpenSSF updates appeared first on SD Times.

]]>
Open Source Summit North America is taking place this week in Vancouver. The event, hosted by the Linux Foundation, is a celebration of the open source community. It has the support of many major players in the industry, with news announced during the event coming from AWS, Meta, and more. 

Here are highlights of the event so far: 

AWS open sources Cedar policy language and SDK  

The Cedar language enables you to set permissions in your applications using easy-to-understand policies. By making use of Cedar, application teams can decouple access control from application logic. 

It supports role-based access control and attribute-based access control, and was developed using verification-guided development, which ensures Cedar is correct and secure. 

The language’s SDKs are also being made available, which include libraries for creating and evaluating policies. 

AWS hopes that by open sourcing the language, they can foster more innovation in the industry around fine-grained access management and make access control more accessible to all. 

AWS also announces new open-source fuzzing framework

According to AWS, current fuzzing practices require large codebases to be refactored in order to work properly. The new framework, Snapchange, allows targets to undergo fuzz testing with minimal modifications.

Built in Rust, Snapchange enables developers to build fuzzers that replay snapshots of physical memory in a KVM virtual machine.

SPDX Release Candidate 3.0 now available

Software Package Data Exchange (SPDX) is an open source standard for communicating the information in a bill of materials. It is currently hosted by the Linux Foundation. 

In RC 3.0, there are now six unique profiles that are designed for popular use cases, with the goal being that SPDX better meets the needs of the industry. The profiles were created based on community input and include specifications for security, licensing, AI, datasets, and software packaging build processes. 

According to the Linux Foundation, the United States’ executive order on cybersecurity and Europe’s Cyber Resiliency Act served as inspiration for the need to have an international standard for supply chain security, which SPDX hopes to be. 

OpenSSF gets major funding from Google and Microsoft, new members

Through its Alpha-Omega Project, OpenSSF has recently received $2.5 million from Google and $2.5 million from Microsoft. 

OpenSSF also announced that Hitachi, Lockheed Martin, Salesforce, and SAP have become general members.

The foundation also announced that Omkhar Arasaratnam will be its new general manager and Brian Behlendorf will be chief technology officer. 

Meta joins the OpenJS Foundation

The OpenJS Foundation provides support for the open source JavaScript community. With Meta joining the foundation as a Gold Member, they will be able to contribute and advocate in the community further.

Meta had already been highly involved with the open source JavaScript community, through its projects React, Jest, and Flow. Jest is an open source testing framework, which Meta contributed to the OpenJS Foundation last year. 

“The broader JavaScript ecosystem benefits from Meta becoming an OpenJS Foundation member. In fact, we’ve already been working together in multiple different ways, and this makes official what has already been a great relationship,” said Shayne Boyer, OpenJS Foundation Board Director. “

The post Open Source Summit: AWS open sources Cedar, SPDX Release Candidate 3.0, and OpenSSF updates appeared first on SD Times.

]]>
Harness announces new feature to proactively identify errors https://sdtimes.com/monitor/harness-announces-new-feature-to-proactively-identify-errors/ Wed, 10 May 2023 16:11:36 +0000 https://sdtimes.com/?p=51114 The new Harness Continuous Tracking (CET) release is designed to provide developer-first observability for modern applications to proactively identify and solve errors across the SDLC.  The Harness CET provides several advantages to developers, such as minimizing the occurrence of defects that go undetected, removing the need for manual troubleshooting, and enabling quicker resolution of customer … continue reading

The post Harness announces new feature to proactively identify errors appeared first on SD Times.

]]>
The new Harness Continuous Tracking (CET) release is designed to provide developer-first observability for modern applications to proactively identify and solve errors across the SDLC. 

The Harness CET provides several advantages to developers, such as minimizing the occurrence of defects that go undetected, removing the need for manual troubleshooting, and enabling quicker resolution of customer problems. This enables teams to identify and resolve issues within a matter of minutes instead of weeks, resulting in enhanced satisfaction for both the developers and end-users.

“Our goal is to empower developers by providing a solution that addresses the pain points unmet by traditional error tracking and observability tools,” said Jyoti Bansal, CEO and co-founder of Harness. “Harness Continuous Error Tracking offers unparalleled visibility and context, enabling teams to quickly identify, diagnose, and resolve issues, ultimately ensuring a better experience for both developers and customers.”

The tool includes runtime code analysis that provides complete visibility into every exception’s source code, variables, and environment state. These issues are routed directly to the right developer for faster resolution. CET also provides the full context of errors including code variables and objects up to ten levels deep into the heap.

CET creates guardrails to ensure only high-quality code advances which prevents unreliable releases from being promoted to staging and production environments.

In addition, release stability allows developers to compare current or past releases to understand trends in new, critical, and resurfaced errors.

The tool integrates with monitoring solutions such as AppDynamics, Dynatrace, Datadog, New Relic, and Splunk. It also natively integrates into Harness build and deployment pipelines or it can be used as a standalone solution.

The post Harness announces new feature to proactively identify errors appeared first on SD Times.

]]>
GitHub launches new code search and code view https://sdtimes.com/software-development/github-launches-new-code-search-and-code-view/ Tue, 09 May 2023 19:28:49 +0000 https://sdtimes.com/?p=51109 GitHub released its new code search and code view to enable developers to quickly search, navigate and understand their code, and put critical information into context. The new code search engine has been remodeled to be two times faster than the old one and has more capabilities such as supporting substring queries, regular expressions, and … continue reading

The post GitHub launches new code search and code view appeared first on SD Times.

]]>
GitHub released its new code search and code view to enable developers to quickly search, navigate and understand their code, and put critical information into context.

The new code search engine has been remodeled to be two times faster than the old one and has more capabilities such as supporting substring queries, regular expressions, and symbol search.

Code Search understands a user’s code and brings relevant results at high speeds by searching across multiple repositories. Users can search using regular expressions, boolean operations, keyboard shortcuts, and more.

“Imagine that a user complains that they received an error message from your service saying ‘query is not satisfiable.’ You’re not sure which system produced this error message, or which repository the code is in,” ​​Colin Merkel, software engineer at GitHub, wrote in a blog post

“Without code search, you might have to clone a bunch of repositories and grep through them, or ask a knowledgeable coworker. But with code search, you can instantly search across all of an organization’s code at once.” 

As an example, if a company uses Kubernetes and their infrastructure team reports a shortage of memory in their cluster, one approach could be to search for YAML configuration files containing the term “memory” across the team’s code. The search results, which can be saved with a query such as “saved:blackbird lang:yaml memory,” would reveal the Kubernetes configuration files for the team’s services and their allocated memory. The search results could then be shared with the infrastructure team to initiate a discussion on the memory allocation for those services.

For teams using React, the prop dangerouslySetInnerHTML is a well-known feature that enables the direct injection of HTML into an element using a string. However, it can pose a security risk if the string being injected is untrusted. One way to identify potential vulnerabilities is by searching for the usage of this prop across GitHub’s codebase using a query such as “repo:github/github dangerouslySetInnerHTML.” The search results could reveal any occurrences of the prop, including some linter rules that forbid its use. 

GitHub also redesigned its code view to integrate search, browsing, and code navigation. The company stated that this launch is just the beginning and it is infusing intelligence into every aspect of software development moving forward. 

The post GitHub launches new code search and code view appeared first on SD Times.

]]>