Google Web Toolkit dumps compatibility for sake of upgrades

See the original posting on JavaWorld

Google Web Toolkit (GWT), which lets developers build browser-based applications in Java and deploy them in JavaScript, is on track for major enhancements this year. The GWT road map calls for two upcoming upgrades, but the latter will break compatibility.

The technology was the subject of the GWT.create conference in Silicon Valley late last week, where Google senior engineer Ray Cromwell talked about its direction. With GWT 3.0 due around the fourth quarter of this year, plans call for breaking compatibility with previous releases so that developers can deprecate older technologies. Previously, compatibility was rigorously maintained.

“Now, because IE6, IE7, and IE8 are dead and there’s certain legacy things that we don’t want to support anymore because we need to target newer browsers and this new world of mobile, we want to deprecate these things,” Cromwell said. Developers who recompile apps to GWT 3.0 might find them failing and will need to edit code to get them to work. But GWT builders will continue developing the 2.x line. “We’re not going to leave those people out to rot,” said Cromwell.

To read this article in full or to leave a comment, please click here

Critical Java updates fix 19 vulnerabilities, disable SSL 3.0

See the original posting on JavaWorld

Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0, an outdated version of the secure communications protocol that is vulnerable to attacks.

The updates were part of Oracle’s quarterly Critical Patch Update, released Tuesday, which fixes 169 security issues across hundreds of products.

Fourteen of the 19 vulnerabilities fixed in Java affect client deployments and can be exploited from Web pages through malicious Java applets or Java Web Start applications. Four of them have the maximum severity score 10 in the Common Vulnerability Scoring System (CVSS) and two others come close, at 9.3, meaning they can lead to a full system compromise.

To read this article in full or to leave a comment, please click here

Ruby pioneers come clean on the language’s shortcomings

See the original posting on JavaWorld

Ruby, a dynamic language first released in 1995, has been praised for its simplicity and routinely shows up on lists of popular languages. It’s had its critics over the years as well, and two of the most prominent members of the Ruby community are not afraid to offer criticism of the language along with praise.

Ruby’s strengths

Matsumoto is a man of few words in when it comes to listing his language’s qualities and shortcomings. Ruby, he says, offers “concise, yet readable code.” It also provides “higher abstraction, like object-oriented programming, functional(-ish) programming, metaprogramming, etc.”

To read this article in full or to leave a comment, please click here

TypeScript: Industrial-strength JavaScript

See the original posting on JavaWorld

Historians who reflect on JavaScript’s emergence as a dominant programming language in the 21st century may find themselves quoting Donald Rumsfeld: “You go to war with the army you have, not the army you might wish to have.”

For growing numbers of programmers, JavaScript is the army we have. As we send it into the field to tackle ever more ambitious engagements both client and server side, we find ourselves battling the language itself.

JavaScript was never intended for large programs built by teams that use sophisticated tools to manage complex communication among internal modules and external libraries. Such teams have long preferred strongly typed languages like Java and C#. But those languages’ virtual machines never found a  home in the browser. It was inevitable that JavaScript alternatives and enhancements would target the ubiquitous JavaScript virtual machine.

To read this article in full or to leave a comment, please click here

Java focuses on modularity, real-time apps in 2015

See the original posting on JavaWorld

It’s full speed ahead for modular and real-time Java efforts early in the new year.

Interviewed at a Silicon Valley Java User Group meeting late last week, Ben Evans, a member of the Java Community Process Executive Committee, said the committee saw presentations last week on the modularity planned for Java 9 and Safety-Critical Java for use in real-time systems.

Modular Java, which had been planned for last year’s Java 8 release but was postponed until Java 9 (expected in 2016), has been redesigned. “The original design was quite complex [as far as modularity],” Evans said. “The current design is much more slimmed down and is much more just about reducing footprint and providing developers with the choice to not to have to ship a monolithic JDK [Java Development Kit].”

To read this article in full or to leave a comment, please click here

JavaScript, Java lead the way in RedMonk language rankings

See the original posting on JavaWorld

JavaScript is king when it comes to measuring language usage via GitHub and Stack Overflow.

The RedMonk Programming Language Rankings for this month have JavaScript, Java, and PHP topping the list. Published Wednesday, the rankings are based on an analysis that factors in the number of lines of code pertinent to a particular language in GitHub, as well as tags applicable to a language in Stack Overflow.

 

“By the narrowest of margins, JavaScript edged Java for the top spot in the rankings, but as always, the difference between the two is so marginal as to be insignificant,” said Stephen O’Grady, RedMonk principal analyst and author of the report. “The most important takeaway is that the language frequently written off for dead and the language sometimes touted as the future have shown sustained growth and traction and remain, according to this measure, the most popular offerings.”

To read this article in full or to leave a comment, please click here

Java seeks stronghold in networking for Internet of things

See the original posting on JavaWorld

Java could play a bigger part in networking for the Internet of things. The Kona Project, proposed on openjdk.java.net this week, would define and implement Java APIs for networking technologies and protocols commonly used in IoT.

 

“The primary goal of the project would be to define APIs that can be efficiently implemented and used on embedded devices,” said Oracle official Riaz Aimandi in a posting to the openjdk mailing list. “These APIs would be defined in such a way that they could be potentially used with Java ME (Micro Edition), although the project would initially focus on the implementation for Java SE (Standard Edition).” Current plans call for creating the project outside of the Java Community Process, the formal process for amending official Java specifications.

To read this article in full or to leave a comment, please click here

Try out JavaScript 6 features while you wait for the real thing

See the original posting on JavaWorld

If you’ve been itching to take advantage of the wealth of features offered by ECMAScript 6, aka JavaScript 6, but you’re tired of waiting for browsers and runtime engines to get fully caught up, there’s a potential solution.

6to5 is a transpiler that transforms ECMAScript 6 code into completely backward-compatible ECMAScript 5 code, with support for ES6’s most notable features, including arrow notation, classes, template strings, the “let” and “const” assignment, and constructs.

6to5 also preserves the readability of existing code so that the results are readable on their own terms and not the product of the UglifyJS minifier.

To read this article in full or to leave a comment, please click here

Google hitches cloud data analysis to Java SDK

See the original posting on JavaWorld

Google is offering a Java SDK to integrate with the Google Cloud Dataflow managed service for analyzing live streaming data as part of its effort to broaden support for the platform.

By sharing via open source, the SDK provides a basis for adapting Dataflow to other languages and execution environments, said Sam McVeety, Google software engineer, in a recent bulletin. “We’ve learned a lot about how to turn data into intelligence as the original FlumeJava programming models (basis for Cloud Dataflow) have continued to evolve internally at Google.”

To read this article in full or to leave a comment, please click here

Why 2015 will be the year of microservices

See the original posting on JavaWorld

The idea of building applications using services has always had appeal. Why code from scratch when you can assemble multiple applications that tap the same services via standard APIs? As long as those services are properly provisioned, you should be able to enjoy tremendous economies of scale.

In the past, attempts at implementing this notion collapsed under the weight of overengineering (particularly the CORBA and SOA trends). But one of the most interesting aspects of microservices — basically small, API-accessible, single-purpose programs — is that their use has been a grassroots, developer-driven phenomenon. This time, the services approach has legs.

To read this article in full or to leave a comment, please click here

Critical vulnerability in Git clients puts developers at risk

See the original posting on JavaWorld

A critical vulnerability in client software used to interact with Git, a distributed revision control system for managing source code repositories, allows attackers to execute rogue commands on computers used by developers.

The flaw affects the official Git client as well as third-party clients and software based on the original Git code. The issue only affects implementations running on Windows and Mac OS X, not Linux, because their file systems are case-insensitive — NTFS and FAT for Windows and HFS+ for Mac OS X.

“An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine,” engineers from GitHub, a code repository hosting service, said in a blog post Thursday.

To read this article in full or to leave a comment, please click here

Are your applications API-ly working together?

See the original posting on JavaWorld

When I was in engineering school, Computer Science classes covered many fascinating topics, ranging from the theory of programming languages to development methodology to actual coding projects. I was thus exposed to a variety of languages ranging from Pascal to Ada to Fortran to SQL to C — and to the latest innovation: C++ (Java wasn’t born yet). I’ll readily admit that coding wasn’t my forte, which may be why I am now a marketer of software rather than a developer.

Nevertheless, I recall that the paradigm that was emphasized the most in my C++ classes was its object-orientation, which promoted the development of code units that were autonomous and reusable. Having learned the basics of coding with forgiving Pascal, it was easy (and tempting) for me and my fellow students to replicate in C++ the same techniques, so it was really important for the teachers to ingrain these concepts in our minds. (Now, I must really sound like a dinosaur, but believe me there were even older languages and techniques! I never learned COBOL for example.)

To read this article in full or to leave a comment, please click here

Functional programming piques Ruby founder, picks up Python compiler

See the original posting on JavaWorld

The horizon for functional programming is expanding with two languages in development, including Streem, from the founder of the Ruby language, and Mochi, which leverages Python.

The brainchild of Ruby founder Yukihiro “Matz” Matsumoto, Streem is described on its GitHub page as a concurrent scripting language based on a programming model similar to shell and influenced by Ruby, Erlang, and other functional programming languages. “Streem is my experiment to implement a stream-based programming language,” Matsumoto, chief architect for Ruby at Heroku, said in an email on Sunday. “The primary motivation is to experiment [with ] concurrent programming with stream model that is higher abstraction [and a] stream-based programming model that might be [the] basis for the future Ruby 3.0 concurrent model.”
 

Currently, Matsumoto has no particular audience for Streem since it is still in development. “It’s far before [an alpha stage of development],” he said. “In fact, it was supposed to be my personal workplace for the experiment. I was so surprised so many people found it and talked about it. At the same time, I feel the huge possibility of stream programming. It can be used for text processing, data munging, distributed logging, and even Web programming.”

To read this article in full or to leave a comment, please click here

We all will be coders: Don’t fear the future of software development

See the original posting on JavaWorld

Software development is unrecognizable from what it was 20 years ago, and in 10 years it will be completely different again. Soon all new hires, regardless of their role, will know how to code, and as we all know, robots are capable of increasingly complex functions that threaten jobs in previously unheard of ways.

But, against this doom-and-gloom outlook, I’m here to tell you software developers everywhere: don’t worry. Our craft and our jobs are going to be OK. Here’s why.

First, a bit of background: the U.K. has introduced coding into the national school curriculum, the first G20 country to take this step. This means that in 10 years, all school graduates in the U.K. will know how to code. In the U.S., organizations like Code.Org are trying to encourage the same results through programs like the Hour of Code. I believe that more and more countries will adopt these programs, which will forever change the software development industry.

To read this article in full or to leave a comment, please click here

MongoDB gets its first native analytics tool

See the original posting on JavaWorld

Most companies realize they need to become more data driven in order to make better decisions and identify new opportunities. Many also recognize the need for new tools to analyze their data, much of it stored in operational systems.

At the same time, for their operational systems, a growing number of companies have adopted NoSQL databases, the most popular of which is the document database MongoDB. Unfortunately, document databases are nobody’s first choice for analytics, so people end up using ETL to move data from MongoDB to an RDBMS or Hadoop for analysis. ETL processing adds latency, however — perhaps too much latency if you want your business to be “data driven.”

To read this article in full or to leave a comment, please click here

Manipulating JARs, WARs, and EARs on the command line

See the original posting on JavaWorld

Learn how to do basic CRUD operations on JAR, WAR, and EAR files using the command line.

Although Java IDEs and numerous graphical tools make it easier than ever to view and manipulate the contents of Java archive (JAR, WAR, and EAR) files, there are times when I prefer to use the command-line jar command to accomplish these tasks. This is particularly true when I have to do something repeatedly or when I am doing it as part of a script. In this post, I look at use of the jar command to create, view, and manipulate Java archive files.

To read this article in full or to leave a comment, please click here

Tech conference leaders: What Node.js fork?

See the original posting on JavaWorld

See no evil, hear no evil?

While some attendees at the Intuit Node Day conference in Silicon Valley on Friday were willing to talk about the recent io.js fork of Node.js when asked, the issue was not a prime topic of discussion from the speaker’s podium. Surprisingly, the elephant in the room did not even come to the forefront until the final half-hour of the all-day event.

Instead, officials from such companies as PayPal, Intuit, and Netflix noted the growing importance of Node.js, or Node, the server-side JavaScript variant. Node core committer Trevor Norris, of software company NodeSource, talked about the upcoming 0.12 release of Node, which will feature the smalloc API, for allocating memory on an object, plus internationalization. But when asked his perspective on io.js afterward, Norris said he had none at the moment but was aware of the fork. “I am so buried in trying to get 0.12 out the door that I am taking no stance or anything on what’s going on with that.” A release candidate for 0.12 is expected Tuesday. “Once it’s out the door, I’ll start paying attention to other things.”(Norris, though has been listed as being part of the io.js initiative.)

To read this article in full or to leave a comment, please click here

Android’s Jack and Jill compilers head uphill to developers

See the original posting on JavaWorld

With Android 5.0 Lollipop now winging its way to phones, Google has quietly made changes to Android’s compiler tools as well. New for developers is a pair of compilers, code-named Jack and Jill, designed to speed up Android app creation.

Eric LaFortune, technical director of Saikoa, which creates software for optimizing and obfuscating Java and Android apps, found Jack and Jill in version 21.1 of the Android SDK Build Tools, released in October. According to LaFortune, Jack and Jill are part of “a new compiler toolchain to transform Java code into Dalvik bytecode,” in part using “a new intermediate representation called Jayce.”

To read this article in full or to leave a comment, please click here

Over 30 vulnerabilities found in Google App Engine

See the original posting on JavaWorld

Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.

The vulnerabilities could allow an attacker to escape from the Java Virtual Machine security sandbox and execute code on the underlying system, according to researchers from Security Explorations, a Polish security firm that found many vulnerabilities in Java over the past few years.

“There are more issues pending verification — we estimate them to be in the range of 30+ in total,” wrote Adam Gowdiak, the CEO and founder of Security Explorations, in a post on the Full Disclosure security mailing list that describes his company’s GAE findings. The Security Explorations researchers couldn’t fully investigate all of the issues because their test account on GAE was suspended, likely due to their aggressive probing, he said.

To read this article in full or to leave a comment, please click here

Storm or Spark: Choose your real-time weapon

See the original posting on JavaWorld

The idea of real-time business intelligence has been around for a while (see the Wikipedia page on the topic begun in 2006). But while people have been talking about the idea for years, I haven’t seen many enterprises actually embrace the vision, much less realize the benefits it enables.

At least part of the reason has been the lack of tooling for implementing BI and analytics in real time. Traditional data-warehousing environments were heavily oriented toward batch operations with extremely high latencies, were incredibly expensive, or both.
 

A number of powerful, easy-to-use open source platforms have emerged to change this. Two of the most notable ones are Apache Storm and Apache Spark, which offer real-time processing capabilities to a much wider range of potential users. Both are projects within the Apache Software Foundation, and while the two tools provide overlapping capabilities, they each have distinctive features and roles to play.

To read this article in full or to leave a comment, please click here

1 39 40 41 42 43 46