And catching up with the week just past at Codescaling….
Google I/O brought us a beta version of Android Studio and a developer preview of Android L with images for emulators and the Nexus 5 and Nexus 7 (Wifi only). A new look and feel, lots more APIs and a general feeling that Google’s pulling their various efforts back into one cohesive while (for good or bad and for who is another discussion). At the other end of the scale though, a more interesting, if obvious, reveal was Urs Hölze, SVP at Google who during the Google I/O keynote pointed out the company has stopped using Map-Reduce based systems for analytics - “It’s great for simple jobs but it gets too cumbersome”. This of course was on the back of announcing Cloud Dataflow, a new pipelined analytics service, but It seems Google are drawing a line where Map-Reduce ends and a self-scheduling and organising analytics system is the future. We shall see if that line holds… Hadoop isn’t endangered despite what some may say mainly because its grown into its own ecosystem and platform for more than Map Reduce work… but the entire analytics world is ripe for disruption, especially on its hardest problem - analysis discovery.
Over at Eclipse there’s been a few announcements, like the Paho MQTT project reaching version 1.0. That includes implementations for a C, Python, JavaScript (in the browser) and Java MQTT client. MQTT is one of the protocols in the running to fill the numerous niches in the internet of things and Paho is Eclipse’s umbrella project to make sure it has an open source implementation for all.
The Eclipse release train also turned up for the synonymous IDE with the release of Eclipse Luna - Paho was on the release train along - which also brought us full Eclipse support for Java 8, a workspace with dark themes, split editors and default line numbering (to keep up with the hip editors), updated Equinox, a Java 8 capable memory analyser and a standalone C/C++ debugger. If you like Eclipse, you’ll love the improvements. A couple of bits have been dropped (Agent Modelling, EclipseLink persistence and SCA Tools) but lots more has been added including XWT (a declarative UI project) , Eclipse Sirius for modelling, Business Process Model and Notation (BPMN2) modelling and EMF clients and repositories for modelling.
Bootstrap keeps evolving - The latest version of the HTML/CSS framework, Bootstrap 3.2.- has scaling embeds, responsive utility classes, more tools and more bots. You can download it or pull it with npm. It does make for a quick way to get a clean modern looking site or app together.
Love Markdown? You might well have liked Mou, a markdown editor on the Mac. But development on that has stalled. Now in its place comes the open source MacDown which is already in heavy development and already looking quite feature rich. So, check it out. Of course, everyone does Markdown these days; I’m using various editors including WriteDown (very simple with a nice preview toggle) and Atom (good MarkDown preview plugin).
Moment.js was recently updated to version 2.7.0. The very useful date and time manipulation library for JavaScript has got itself four new languages, configurable relative times and various bug fixes both in general and for specific languages.
Maybe you will run it on Runtime.js an OS kernel thats being built in JavaScript only running on a V8 engine. A curious little bit of research - everything runs in ring 0 and relies on software for isolation, has sandboxed and limited resources for apps and V8 to build trusted native code - it also runs one V8 instance per core. You won’t be running it tomorrow, but it does feel like its an idea worth pursuing.
You’re probably more likely to be running Google’s JavaScript alternative Dart. That got an update too with Dart 1.5 which is focussed on mobile devices, bringing better debugging, and an update to the Polymer web components package. Full details in the release notes.
Of course the broken world of security rolls on. An IBM team found a stack buffer overflow in Android’s KeyStore. Thats probably the worst place to find a hole - a bit like finding the clasp on your keyring is faulty. A more controversial bug is the LZO/LZ4 hole. It’s an integer overflow in compression code and yes it could lead to code execution… if you are on a 32-bit system… and you are processing 16MB or greater blocks… and you’ve crafted the exploit to the particular implementation of LZO/LZ4 on the system. It’s a high barrier to jump but there’ll still be plenty of updates to numerous packages to close the door before there’s an exploit crafted to jump the high bar.
And thats it for this week…. thats quite a bit. Do let us know how you are finding the catchups in the comments.
This article was imported from the original CodeScaling blog