The document discusses caching and synchronization of server data across multiple views and users in Flex applications. It proposes storing all fetched entities from the server in a single cache, binding views to the cache, and updating views when the server sends a notice that an entity has changed. When an entity is requested but not in the cache, a wrapper object is returned and the entity is queued to be fetched. The approach requires unique entity keys, abilities to get entities by key or keys, and support for versioned entities on the server-side.
Zach Pinter - Caching and Synchronization with Flex360|Conferences
In this talk, I'll show how to combine weak references, hashes, binding and item renderers to produce an elegant solution to the problem of keeping objects synchronized and reducing calls to the server.
Outline:
*
The WeakReference class
o
Allows cached objects to be garbage collected
o
Briefly explain difference between hard references and soft references
*
The EntityWrapper class
o
Gives item renderers an object that they can immediately bind to while potentially waiting for the server to respond
*
The EntityCache
o
Central location for all VO objects currently referenced by the application
o
Used to coordinate updates to client-side data
+
Recursively scan an incoming object for VO objects that can be used to fill/update the cache
+
Looks at all properties, properties of properties, etc
o
When querying for a specific object by its id, first check the cache
+
A cache hit returns the object
+
A cache miss queues a call to the server
+
All cache misses in a given frame are grouped together to reduce server load
o
Deals with duplicate objects
+
If an entity is already represented by an object in the cache, update the existing object's properties and discard the new object
+
Use the cache to make sure there's only ever one authoritative object instance
#
Everything binds to the authoritative instance
#
When that instance gets updated, so does the rest of the application
*
Taking advantage of the behavior of item renderers inside lists
o
Only the visible rows are fetched, makes the app more responsive
o
(Optional) Talk about server-side datagrid sorting to make sure the client doesn't have to have all the data fetched locally
How to Design a Great API (using flask) [ploneconf2017]Devon Bernard
How do you build an API that developers love building and consumers love using?
There's a lot that goes into creating a great API. This presentation shares some tips & tricks, architectural patterns, and best practices that go into building a great engineering environment around your API.
Talk presented on Oct 18, 2017 at PloneConf2017.
Topics covered by this talk:
Intuitive Practices:
standardization, configuration/environment files, ORMs, SQLAlchemy, database migrations, Alembic, database seeds, requirements.txt, package management, dependency management, setup scripts
Durable Practices:
Unit Tests, virtual environments, flush vs commit, error rollbacks, request lifecycle, session lifecycle
Flexible Practices:
Directory structures, application factories, blueprints, python debugger
Reliable Practices:
Logging, progressive rollouts, slack hooks, cron health checks, api versioning, api analytics
Use Friendly Practices:
Endpoint design, endpoint documentation, debugging tools, postman
Speed Practices:
Python profiling, Bulk SQL Inserts, caching
Lean React - Patterns for High Performance [ploneconf2017]Devon Bernard
Modern web tools are enabling developers to build web apps in no-wifi and low-fi environments. This talk is about performance and how frontend engineers can create a better user experience while using less resources.
Talk presented on Oct 20, 2017 at PloneConf2017.
Topics:
Airplane mode for web apps:
Mobile and native apps get lots of praise for offline mode. But why aren’t we seeing more web-apps using this. Two reasons: persistent data and code storage. We can now provide offline apps with Web Workers and IndexedDB that also improve the smoothness and robustness of our web apps in high bandwidth environments.
Redux:
Persisting state, store middleware, store subscriptions, normalizing data, normalizr, pure reducers, redux dev tools
Components:
Data heavy pages, component blocks, component skeletons, component lifecycle, shouldComponentUpdate, virtual dom, chrome render tools, method binding
Actions:
ActionTypes, action chaining, promises, store.getState()
General:
env files, route wrappers, offline first, web workers, indexeddb, eslint, airbnb style guide
This document provides an overview of JRuby, which is a Ruby implementation that runs on the Java Virtual Machine (JVM). It discusses key aspects of JRuby like its compatibility with Ruby, access to Java libraries, integration with Java code, and usage in applications like Rails. Specific topics covered include JRuby fundamentals, dynamic typing, classes and modules, mixins, Java integration features, testing Java code from Ruby, and calling Ruby from Java using JSR-223.
Mining Software Archives to Support Software DevelopmentThomas Zimmermann
1. The document discusses mining software archives and repositories to help guide software developers and predict defects.
2. It describes the eROSE tool which mines past associations between code changes to suggest related files and locations to developers.
3. The BugCache model predicts future defects based on the hypothesis that defects are temporally local, with a cache that loads elements likely to have defects.
Kai – An Open Source Implementation of Amazon’s DynamoTakeru INOUE
This document provides an overview of Amazon's Dynamo database and Kai, an open source implementation of Dynamo. It describes Dynamo's motivation as providing scalable, fault-tolerant storage needed by Amazon's large-scale systems. Key features of Dynamo discussed include its use as a distributed key-value store, high availability even during failures, and eventual consistency. The document also outlines Dynamo's algorithms for partitioning, replication, and spreading membership changes using a gossip protocol. Kai is presented as a way to make these Dynamo capabilities openly available.
Kai – An Open Source Implementation of Amazon’s Dynamo (in Japanese)Takeru INOUE
This document outlines presentations on Amazon's Dynamo and Kai, an open source implementation of Dynamo. It discusses Dynamo's motivation, features, algorithms, and implementation. For Kai, it covers building and running Kai, its internals, and roadmap. Key aspects of Dynamo covered include consistent hashing for partitioning, gossip protocols for membership changes, vector clocks for versioning, and Merkle trees for synchronization.
This document provides an overview of key concepts for developing applications with Symfony2 including: setting up the framework, code flow, dependency injection, configuration, controllers, applications, Doctrine integration, caching, performance tips, asset management, testing, deployment, third party bundles, and resources for contributing to Symfony2. It discusses service definitions, controller choices, application choices, Doctrine examples, caching strategies, performance optimization techniques, testing approaches, deployment options, and how to work with third party bundles.
Zach Pinter - Caching and Synchronization with Flex360|Conferences
In this talk, I'll show how to combine weak references, hashes, binding and item renderers to produce an elegant solution to the problem of keeping objects synchronized and reducing calls to the server.
Outline:
*
The WeakReference class
o
Allows cached objects to be garbage collected
o
Briefly explain difference between hard references and soft references
*
The EntityWrapper class
o
Gives item renderers an object that they can immediately bind to while potentially waiting for the server to respond
*
The EntityCache
o
Central location for all VO objects currently referenced by the application
o
Used to coordinate updates to client-side data
+
Recursively scan an incoming object for VO objects that can be used to fill/update the cache
+
Looks at all properties, properties of properties, etc
o
When querying for a specific object by its id, first check the cache
+
A cache hit returns the object
+
A cache miss queues a call to the server
+
All cache misses in a given frame are grouped together to reduce server load
o
Deals with duplicate objects
+
If an entity is already represented by an object in the cache, update the existing object's properties and discard the new object
+
Use the cache to make sure there's only ever one authoritative object instance
#
Everything binds to the authoritative instance
#
When that instance gets updated, so does the rest of the application
*
Taking advantage of the behavior of item renderers inside lists
o
Only the visible rows are fetched, makes the app more responsive
o
(Optional) Talk about server-side datagrid sorting to make sure the client doesn't have to have all the data fetched locally
How to Design a Great API (using flask) [ploneconf2017]Devon Bernard
How do you build an API that developers love building and consumers love using?
There's a lot that goes into creating a great API. This presentation shares some tips & tricks, architectural patterns, and best practices that go into building a great engineering environment around your API.
Talk presented on Oct 18, 2017 at PloneConf2017.
Topics covered by this talk:
Intuitive Practices:
standardization, configuration/environment files, ORMs, SQLAlchemy, database migrations, Alembic, database seeds, requirements.txt, package management, dependency management, setup scripts
Durable Practices:
Unit Tests, virtual environments, flush vs commit, error rollbacks, request lifecycle, session lifecycle
Flexible Practices:
Directory structures, application factories, blueprints, python debugger
Reliable Practices:
Logging, progressive rollouts, slack hooks, cron health checks, api versioning, api analytics
Use Friendly Practices:
Endpoint design, endpoint documentation, debugging tools, postman
Speed Practices:
Python profiling, Bulk SQL Inserts, caching
Lean React - Patterns for High Performance [ploneconf2017]Devon Bernard
Modern web tools are enabling developers to build web apps in no-wifi and low-fi environments. This talk is about performance and how frontend engineers can create a better user experience while using less resources.
Talk presented on Oct 20, 2017 at PloneConf2017.
Topics:
Airplane mode for web apps:
Mobile and native apps get lots of praise for offline mode. But why aren’t we seeing more web-apps using this. Two reasons: persistent data and code storage. We can now provide offline apps with Web Workers and IndexedDB that also improve the smoothness and robustness of our web apps in high bandwidth environments.
Redux:
Persisting state, store middleware, store subscriptions, normalizing data, normalizr, pure reducers, redux dev tools
Components:
Data heavy pages, component blocks, component skeletons, component lifecycle, shouldComponentUpdate, virtual dom, chrome render tools, method binding
Actions:
ActionTypes, action chaining, promises, store.getState()
General:
env files, route wrappers, offline first, web workers, indexeddb, eslint, airbnb style guide
This document provides an overview of JRuby, which is a Ruby implementation that runs on the Java Virtual Machine (JVM). It discusses key aspects of JRuby like its compatibility with Ruby, access to Java libraries, integration with Java code, and usage in applications like Rails. Specific topics covered include JRuby fundamentals, dynamic typing, classes and modules, mixins, Java integration features, testing Java code from Ruby, and calling Ruby from Java using JSR-223.
Mining Software Archives to Support Software DevelopmentThomas Zimmermann
1. The document discusses mining software archives and repositories to help guide software developers and predict defects.
2. It describes the eROSE tool which mines past associations between code changes to suggest related files and locations to developers.
3. The BugCache model predicts future defects based on the hypothesis that defects are temporally local, with a cache that loads elements likely to have defects.
Kai – An Open Source Implementation of Amazon’s DynamoTakeru INOUE
This document provides an overview of Amazon's Dynamo database and Kai, an open source implementation of Dynamo. It describes Dynamo's motivation as providing scalable, fault-tolerant storage needed by Amazon's large-scale systems. Key features of Dynamo discussed include its use as a distributed key-value store, high availability even during failures, and eventual consistency. The document also outlines Dynamo's algorithms for partitioning, replication, and spreading membership changes using a gossip protocol. Kai is presented as a way to make these Dynamo capabilities openly available.
Kai – An Open Source Implementation of Amazon’s Dynamo (in Japanese)Takeru INOUE
This document outlines presentations on Amazon's Dynamo and Kai, an open source implementation of Dynamo. It discusses Dynamo's motivation, features, algorithms, and implementation. For Kai, it covers building and running Kai, its internals, and roadmap. Key aspects of Dynamo covered include consistent hashing for partitioning, gossip protocols for membership changes, vector clocks for versioning, and Merkle trees for synchronization.
This document provides an overview of key concepts for developing applications with Symfony2 including: setting up the framework, code flow, dependency injection, configuration, controllers, applications, Doctrine integration, caching, performance tips, asset management, testing, deployment, third party bundles, and resources for contributing to Symfony2. It discusses service definitions, controller choices, application choices, Doctrine examples, caching strategies, performance optimization techniques, testing approaches, deployment options, and how to work with third party bundles.
Doctrine MongoDB ODM is an object document mapper for PHP that provides tools for managing object persistence with MongoDB. It allows developers to work with MongoDB documents as objects and provides a query API and change tracking functionality to make common operations like inserting, updating, and deleting documents straightforward. Doctrine abstracts away the low-level MongoDB driver to allow developers to work with documents and references between documents using familiar object-oriented patterns.
This document provides an overview of Doctrine MongoDB ODM (Object Document Mapper). It discusses what Doctrine is, what MongoDB is, basic MongoDB terminology, how to connect to and perform CRUD operations in MongoDB from PHP, and how Doctrine MongoDB ODM provides an abstraction layer and object mapping functionality for MongoDB documents.
Persistent Memoization with HTML5 indexedDB and jQuery PromisesRay Bellis
The document describes a method for persistent memoization using HTML5 indexedDB and promises. It introduces memoization as caching function results to avoid repeated calculations or AJAX calls. It then shows how to implement basic memoization using a cache object. The rest of the document discusses using indexedDB for caching between sessions by storing results in a database with object stores. It walks through code that uses promises to lookup or calculate cached values, store new results in indexedDB, and return promises to the caller in a consistent way. The code returns a memoized function that will retrieve cached values from indexedDB if available or recalculate and cache for future calls.
This document discusses JNDI (Java Naming and Directory Interface) and how it provides a common way to access distributed and local resources for enterprise applications. It covers the basics of JNDI, including getting an initial context, looking up objects in the JNDI tree, adding and removing objects, and using JNDI for local data access and singletons. It also discusses how JNDI can be used with CORBA objects and for narrowing object references.
Hidden Treasures of the Python Standard Librarydoughellmann
The standard library contains many hidden gems that are not widely used, either because they are not publicized enough or because they are deep in a module that programmers haven't had cause to study or use. This presentation covers a few selected topics of this nature in about 25 minutes (leaving time for a couple of questions). Demonstration code is included for every item.
What do you mean, Backwards Compatibility?Trisha Gee
Lessons learnt developing the new Java driver for MongoDB. This is a totally different version of my backwards compatibility talk, delivered at JFokus.
This document discusses several popular Java libraries including:
- Dependency injection frameworks like Guice and Spring
- Logging with SLF4J
- Collections and utilities with Guava
- HTTP clients like OkHttp
- Reactive programming with RxJava
- REST with Retrofit
- Asynchronous programming with JDeferred
- Event handling with MBassador
- Code generation with Lombok and ByteBuddy
- Testing utilities like JUnitParams, Mockito, Jukito, and Spock
- Waiting assertions with Awaitility and REST testing with Rest-assured.
Custom deployments with sbt-native-packagerGaryCoady
sbt-native-packager offers a comprehensive approach to packaging artifacts with SBT. The user describes a generic layout, which can then be extended for different types of software and deployments. For example, it is flexible enough to describe both a Zip-based archive format, and an RPM package with appropriate Systemd configuration for a service.
This talk will cover the essentials needed to understand the design of sbt-native-packager, and how to extend its structure to create custom layouts and deployments.
The document discusses Key-Value Coding (KVC) and Key-Value Observing (KVO) in Cocoa. KVC allows accessing object properties by name and treats classes like dictionaries, while KVO allows objects to observe changes to properties on other objects. The document covers how KVC works under the hood using accessor methods, how to implement KVC compliant classes, and how to use KVO to observe property changes and receive notification of changes.
Chris Anderson is a CouchDB committer who helped start the project in 2005. CouchDB uses JSON documents with a flexible schema and provides an HTTP API for CRUD operations. It features an ACID storage engine, replication for high availability, and map-reduce views. Applications are built with CouchApps, which render JSON data as HTML and allow embedding logic via JavaScript. The future of CouchDB may include key-centric identity and peer-to-peer topologies to improve trust and performance.
The document discusses PHP and Oracle best practices and roadmaps. It covers Oracle's long-term commitment to PHP, popular PHP extensions for Oracle like OCI8 and PDO_OCI, and best practices for performance and scalability including connection management, statement caching, and transaction handling. It also previews upcoming PHP features in Oracle Database 11g and provides resources for PHP developers.
You're Off the Hook: Blinding Security SoftwareCylance
User-mode hooking is dead. It’s also considered harmful due to interference with OS-level exploit mitigations like Control Flow Guard (CFG). At BlackHat US 2016, the “Captain Hook” talk revealed there were multiple serious security issues in AV hooking — we will put the final nail in the coffin by showing how trivial it is to bypass user-mode hooks. We will demonstrate a universal user-mode unhooking approach that can be included in any binary to blind security software from monitoring code execution and perform heuristic analysis. The tool and source code will be released on GitHub after the talk.
Alex Matrosov | Principal Research Scientist
Jeff Tang | Senior Security Researcher
Industroyer: biggest threat to industrial control systems since Stuxnet by An...CODE BLUE
Industroyer is the first ever malware specifically designed to attack power grids. This unique and extremely dangerous malware framework was involved in the December 2016 blackout in Ukraine. What sets Industroyer apart from other malware targeting infrastructure, such as BlackEnergy (a.k.a. SandWorm), is its ability to control switches and circuit breakers directly via 4 different industrial communication protocols.
In addition to explaining why Industroyer can be considered the biggest threat to industrial control systems since the infamous Stuxnet worm, we will take a look at the 2016 power outage in the context of the other numerous cyberattacks against Ukrainian critical infrastructure in the recent years.
As the protocols and hardware targeted by Industroyer are employed in power supply infrastructure, transportation control systems, and other critical infrastructure systems, like water and gas, worldwide, the malware can be re-purposed to target vital services in other countries. This discovery should serve as a wake-up call for those responsible for security of these critical systems.
Anton Cherepanov
Anton Cherepanov is currently working at ESET as Senior Malware Researcher; his responsibilities include the analysis of complex threats. He has done extensive research on cyber-attacks in Ukraine. His research was presented on numerous conferences, including Virus Bulletin, CARO Workshop, PHDays, and ZeroNights. His interests focus on reverse engineering and malware analysis automation.
Róbert Lipovský
Róbert Lipovský is Senior Malware Researcher in ESET’s Security Research Laboratory, with 10 years’ experience with malware research. He is responsible for malware intelligence and analysis and leads the Malware Research team in ESET’s HQ in Bratislava. He is a regular speaker at security conferences, including Black Hat, Virus Bulletin, and CARO. He runs a reverse engineering course at the Slovak University of Technology, his alma mater and the Comenius University. When not bound to a keyboard, he enjoys sports, playing guitar and flying an airplane.
- The document discusses how Scala code is compiled to Java Virtual Machine (JVM) bytecodes. It begins with an introduction to Koichi Sakata, the presenter, and an overview that the session will look at JVM bytecodes for beginners.
- The presentation then asks if attendees know what happens when Scala code is compiled. It is explained that Scala code, like code from other JVM languages, is compiled to class files that contain JVM bytecodes.
- An example Java class file is opened in a binary editor to show the JVM bytecode format. It is explained that class files have a defined format with elements like magic number, version, and bytecode instructions.
20101017 program analysis_for_security_livshits_lecture04_nozzleComputer Science Club
The document discusses techniques for detecting heap spraying attacks at runtime using a tool called Nozzle. Nozzle analyzes heap objects to determine if they resemble NOP sleds used in heap spraying attacks. It calculates the "surface area" and normalized attack surface of objects to determine how likely an object is to be used in a spraying attack. Nozzle was able to detect real exploits with no false positives or negatives, though it incurred around 5-10% runtime overhead when sampling was used. The data collected by Nozzle could then be used for further analysis of malware behavior.
This document discusses the good parts of Javascript. It argues that while Javascript has some design mistakes and inconsistencies due to its rushed creation, it is a powerful and misunderstood language. The document highlights some of Javascript's good features, including functions as first-class objects, closures, objects and prototypal inheritance, and arrays. It advocates focusing on Javascript's strengths rather than its weaknesses.
This document provides an introduction to JRuby, which allows Ruby code to run on the Java Virtual Machine. It discusses key features of Ruby like dynamic typing and everything being an object. It then covers how to integrate Ruby and Java code through the Java integration layer, including calling Java from Ruby and converting interfaces. The document concludes by discussing using JRuby for applications, testing Java with RSpec, and build utilities.
Pyruvate, a reasonably fast, non-blocking, multithreaded WSGI serverPloneFoundation
Thomas Schorr, https://2020.ploneconf.org/speakers/thomas-schorr
Pyruvate is a non-blocking, multithreaded WSGI server with competitive performance, implemented in Rust.
It features non-blocking read/write based on mio (https://docs.rs/mio/), a rust-cpython (https://docs.rs/cpython/) based Python interface and a worker pool based on threadpool (https://docs.rs/threadpool/).
The sendfile system call is used for efficient file transfer.
Pyruvate integrates with the Python logging API using asynchronous logging.
PasteDeploy configuration and systemd socket activation are supported.
Beta releases are available for CPython (>=3.6) and Linux.
The talk will present the current state of the project and show how to use Pyruvate with Zope/Plone and other Python web frameworks.
Another focus will be on the roadmap towards a 1.0 release scheduled for end of this year.
https://gitlab.com/tschorr/pyruvate
https://pypi.org/project/pyruvate/
https://2020.ploneconf.org/talks/pyruvate-a-reasonably-fast-non-blocking-multithreaded-wsgi-server/
This document provides an overview and agenda for a presentation on MySQL Proxy. MySQL Proxy is a transparent proxy server that allows intercepting and modifying MySQL traffic. It uses the Lua scripting language to intercept queries, inject new queries, and alter results. The presentation covers the basic principles of MySQL Proxy and Lua scripting, demonstrates how to use Lua scripts to debug queries and add new functionality like load balancing. It also provides resources for tutorials, example scripts, and testing MySQL Proxy.
Doctrine MongoDB ODM is an object document mapper for PHP that provides tools for managing object persistence with MongoDB. It allows developers to work with MongoDB documents as objects and provides a query API and change tracking functionality to make common operations like inserting, updating, and deleting documents straightforward. Doctrine abstracts away the low-level MongoDB driver to allow developers to work with documents and references between documents using familiar object-oriented patterns.
This document provides an overview of Doctrine MongoDB ODM (Object Document Mapper). It discusses what Doctrine is, what MongoDB is, basic MongoDB terminology, how to connect to and perform CRUD operations in MongoDB from PHP, and how Doctrine MongoDB ODM provides an abstraction layer and object mapping functionality for MongoDB documents.
Persistent Memoization with HTML5 indexedDB and jQuery PromisesRay Bellis
The document describes a method for persistent memoization using HTML5 indexedDB and promises. It introduces memoization as caching function results to avoid repeated calculations or AJAX calls. It then shows how to implement basic memoization using a cache object. The rest of the document discusses using indexedDB for caching between sessions by storing results in a database with object stores. It walks through code that uses promises to lookup or calculate cached values, store new results in indexedDB, and return promises to the caller in a consistent way. The code returns a memoized function that will retrieve cached values from indexedDB if available or recalculate and cache for future calls.
This document discusses JNDI (Java Naming and Directory Interface) and how it provides a common way to access distributed and local resources for enterprise applications. It covers the basics of JNDI, including getting an initial context, looking up objects in the JNDI tree, adding and removing objects, and using JNDI for local data access and singletons. It also discusses how JNDI can be used with CORBA objects and for narrowing object references.
Hidden Treasures of the Python Standard Librarydoughellmann
The standard library contains many hidden gems that are not widely used, either because they are not publicized enough or because they are deep in a module that programmers haven't had cause to study or use. This presentation covers a few selected topics of this nature in about 25 minutes (leaving time for a couple of questions). Demonstration code is included for every item.
What do you mean, Backwards Compatibility?Trisha Gee
Lessons learnt developing the new Java driver for MongoDB. This is a totally different version of my backwards compatibility talk, delivered at JFokus.
This document discusses several popular Java libraries including:
- Dependency injection frameworks like Guice and Spring
- Logging with SLF4J
- Collections and utilities with Guava
- HTTP clients like OkHttp
- Reactive programming with RxJava
- REST with Retrofit
- Asynchronous programming with JDeferred
- Event handling with MBassador
- Code generation with Lombok and ByteBuddy
- Testing utilities like JUnitParams, Mockito, Jukito, and Spock
- Waiting assertions with Awaitility and REST testing with Rest-assured.
Custom deployments with sbt-native-packagerGaryCoady
sbt-native-packager offers a comprehensive approach to packaging artifacts with SBT. The user describes a generic layout, which can then be extended for different types of software and deployments. For example, it is flexible enough to describe both a Zip-based archive format, and an RPM package with appropriate Systemd configuration for a service.
This talk will cover the essentials needed to understand the design of sbt-native-packager, and how to extend its structure to create custom layouts and deployments.
The document discusses Key-Value Coding (KVC) and Key-Value Observing (KVO) in Cocoa. KVC allows accessing object properties by name and treats classes like dictionaries, while KVO allows objects to observe changes to properties on other objects. The document covers how KVC works under the hood using accessor methods, how to implement KVC compliant classes, and how to use KVO to observe property changes and receive notification of changes.
Chris Anderson is a CouchDB committer who helped start the project in 2005. CouchDB uses JSON documents with a flexible schema and provides an HTTP API for CRUD operations. It features an ACID storage engine, replication for high availability, and map-reduce views. Applications are built with CouchApps, which render JSON data as HTML and allow embedding logic via JavaScript. The future of CouchDB may include key-centric identity and peer-to-peer topologies to improve trust and performance.
The document discusses PHP and Oracle best practices and roadmaps. It covers Oracle's long-term commitment to PHP, popular PHP extensions for Oracle like OCI8 and PDO_OCI, and best practices for performance and scalability including connection management, statement caching, and transaction handling. It also previews upcoming PHP features in Oracle Database 11g and provides resources for PHP developers.
You're Off the Hook: Blinding Security SoftwareCylance
User-mode hooking is dead. It’s also considered harmful due to interference with OS-level exploit mitigations like Control Flow Guard (CFG). At BlackHat US 2016, the “Captain Hook” talk revealed there were multiple serious security issues in AV hooking — we will put the final nail in the coffin by showing how trivial it is to bypass user-mode hooks. We will demonstrate a universal user-mode unhooking approach that can be included in any binary to blind security software from monitoring code execution and perform heuristic analysis. The tool and source code will be released on GitHub after the talk.
Alex Matrosov | Principal Research Scientist
Jeff Tang | Senior Security Researcher
Industroyer: biggest threat to industrial control systems since Stuxnet by An...CODE BLUE
Industroyer is the first ever malware specifically designed to attack power grids. This unique and extremely dangerous malware framework was involved in the December 2016 blackout in Ukraine. What sets Industroyer apart from other malware targeting infrastructure, such as BlackEnergy (a.k.a. SandWorm), is its ability to control switches and circuit breakers directly via 4 different industrial communication protocols.
In addition to explaining why Industroyer can be considered the biggest threat to industrial control systems since the infamous Stuxnet worm, we will take a look at the 2016 power outage in the context of the other numerous cyberattacks against Ukrainian critical infrastructure in the recent years.
As the protocols and hardware targeted by Industroyer are employed in power supply infrastructure, transportation control systems, and other critical infrastructure systems, like water and gas, worldwide, the malware can be re-purposed to target vital services in other countries. This discovery should serve as a wake-up call for those responsible for security of these critical systems.
Anton Cherepanov
Anton Cherepanov is currently working at ESET as Senior Malware Researcher; his responsibilities include the analysis of complex threats. He has done extensive research on cyber-attacks in Ukraine. His research was presented on numerous conferences, including Virus Bulletin, CARO Workshop, PHDays, and ZeroNights. His interests focus on reverse engineering and malware analysis automation.
Róbert Lipovský
Róbert Lipovský is Senior Malware Researcher in ESET’s Security Research Laboratory, with 10 years’ experience with malware research. He is responsible for malware intelligence and analysis and leads the Malware Research team in ESET’s HQ in Bratislava. He is a regular speaker at security conferences, including Black Hat, Virus Bulletin, and CARO. He runs a reverse engineering course at the Slovak University of Technology, his alma mater and the Comenius University. When not bound to a keyboard, he enjoys sports, playing guitar and flying an airplane.
- The document discusses how Scala code is compiled to Java Virtual Machine (JVM) bytecodes. It begins with an introduction to Koichi Sakata, the presenter, and an overview that the session will look at JVM bytecodes for beginners.
- The presentation then asks if attendees know what happens when Scala code is compiled. It is explained that Scala code, like code from other JVM languages, is compiled to class files that contain JVM bytecodes.
- An example Java class file is opened in a binary editor to show the JVM bytecode format. It is explained that class files have a defined format with elements like magic number, version, and bytecode instructions.
20101017 program analysis_for_security_livshits_lecture04_nozzleComputer Science Club
The document discusses techniques for detecting heap spraying attacks at runtime using a tool called Nozzle. Nozzle analyzes heap objects to determine if they resemble NOP sleds used in heap spraying attacks. It calculates the "surface area" and normalized attack surface of objects to determine how likely an object is to be used in a spraying attack. Nozzle was able to detect real exploits with no false positives or negatives, though it incurred around 5-10% runtime overhead when sampling was used. The data collected by Nozzle could then be used for further analysis of malware behavior.
This document discusses the good parts of Javascript. It argues that while Javascript has some design mistakes and inconsistencies due to its rushed creation, it is a powerful and misunderstood language. The document highlights some of Javascript's good features, including functions as first-class objects, closures, objects and prototypal inheritance, and arrays. It advocates focusing on Javascript's strengths rather than its weaknesses.
This document provides an introduction to JRuby, which allows Ruby code to run on the Java Virtual Machine. It discusses key features of Ruby like dynamic typing and everything being an object. It then covers how to integrate Ruby and Java code through the Java integration layer, including calling Java from Ruby and converting interfaces. The document concludes by discussing using JRuby for applications, testing Java with RSpec, and build utilities.
Pyruvate, a reasonably fast, non-blocking, multithreaded WSGI serverPloneFoundation
Thomas Schorr, https://2020.ploneconf.org/speakers/thomas-schorr
Pyruvate is a non-blocking, multithreaded WSGI server with competitive performance, implemented in Rust.
It features non-blocking read/write based on mio (https://docs.rs/mio/), a rust-cpython (https://docs.rs/cpython/) based Python interface and a worker pool based on threadpool (https://docs.rs/threadpool/).
The sendfile system call is used for efficient file transfer.
Pyruvate integrates with the Python logging API using asynchronous logging.
PasteDeploy configuration and systemd socket activation are supported.
Beta releases are available for CPython (>=3.6) and Linux.
The talk will present the current state of the project and show how to use Pyruvate with Zope/Plone and other Python web frameworks.
Another focus will be on the roadmap towards a 1.0 release scheduled for end of this year.
https://gitlab.com/tschorr/pyruvate
https://pypi.org/project/pyruvate/
https://2020.ploneconf.org/talks/pyruvate-a-reasonably-fast-non-blocking-multithreaded-wsgi-server/
This document provides an overview and agenda for a presentation on MySQL Proxy. MySQL Proxy is a transparent proxy server that allows intercepting and modifying MySQL traffic. It uses the Lua scripting language to intercept queries, inject new queries, and alter results. The presentation covers the basic principles of MySQL Proxy and Lua scripting, demonstrates how to use Lua scripts to debug queries and add new functionality like load balancing. It also provides resources for tutorials, example scripts, and testing MySQL Proxy.
This document outlines Ugo Cei's presentation "Ruby for Java Programmers". The presentation will cover how to integrate Ruby and Java code, including using bridges like JRuby, XML-RPC, and SOAP. It will also demonstrate sample code for calling Java from Ruby and vice versa. The goal is to help Java programmers learn how Ruby can be used alongside or instead of Java in certain scenarios.
The document provides an overview and agenda for a JavaScript bootcamp presented by Alexei White of Nitobi. The bootcamp will cover JavaScript basics like lexical structure, data types, objects, and arrays. It will also cover more advanced topics like debugging, DOM manipulation, events, and Ajax. The document includes the schedule, which is divided into three parts that progress from basics to advanced concepts. It also lists recommendations for integrated development environments (IDEs) on both Windows and Mac platforms.
The document provides an overview and agenda for a JavaScript bootcamp presented by Alexei White of Nitobi. The bootcamp will cover JavaScript basics like lexical structure, data types, objects, and arrays. It will also cover more advanced topics like debugging, DOM manipulation, events, and Ajax. The document includes the schedule, goals of the bootcamp, and information about the presenter and Nitobi.
This is the Google Tech Talk that I gave August 17th, 2007 on building a JavaScript library. I derived much of the talk from my experiences in building the jQuery and FUEL JavaScript libraries.
Come hear about the highly available and massively scalable cloud storage service that is provided by Windows Azure. Learn how to create and access the different types of Windows Azure storage available, including blobs, tables, and queues.
The document discusses database synchronization between development and production sites for a music label with over 100 Drupal sites. It involves a two step process of first shifting IDs on the development database to prevent conflicts, and then merging content from the production database. The process is complicated by different tables and fields referencing IDs, as well as values stored in serialized PHP or database fields. Automating as much of the process as possible helps synchronize frequent website updates and launches.
The document describes the architecture and components of the Grizzly NIO framework. It shows the main threads and channels used in Grizzly including acceptor threads, worker threads, and selector threads. It provides examples of configuring Grizzly servers and deploying web applications on Grizzly.
Ruby 2.4.0 includes several performance improvements including faster instance variable access and integer handling. It also protects Proc and Env objects from garbage collection issues by making them write-barrier protected. The presenter proposed changes to Env object handling that allow protection without significant performance impacts, such as lightweight escape detection and conditional write barriers. Benchmark results showed performance gains from these changes and protection of Proc objects.
The document discusses networking concepts in Java including client-server and peer-to-peer models. It describes how sockets and streams allow Java programs on different computers to communicate by sending serialized objects over the network. The key classes for networking in Java are ServerSocket, which listens for new connections, and Socket, which represents a connection between two endpoints. Examples are provided to illustrate how to build both a server and client that can transfer objects between each other using input and output streams of a Socket.
Similar to Caching and Synchronization in Flex (20)
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/
Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit.
As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies.
In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
9. What about memory use?
public class WeakReference Allows cache values to be
{ garbage-collected if they’re not
being referenced anywhere else.
private var dic:Dictionary;
public function WeakReference(obj:*)
{
dic = new Dictionary(true); Text
dic[obj] = 1;
}
public function getValue():* {
for (var item:* in dic) {
return item;
}
return null;
}
}
9
10. The Cache
How do we add an entity to the cache?
public class EntityCache
{
public function updateEntity(entity:BaseVO, ...):BaseVO
{
//...
}
}
10
11. Recurse through properties
Adding a user to the cache also adds its address.
UserVO
id: 1
firstname: “Zachary”
lastname: “Pinter” EntityCache
address: 1: UserVO
AddressVO 2: AddressVO
id: 2
line1: “4444 W 44th Ave”
city: “Denver”
state: “CO”
11
12. Recurse through properties
Arrays behave the same way
UserVO
id: 1
firstname: “Zachary”
lastname: “Pinter”
addresses: [ EntityCache
AddressVO
1: UserVO
id: 2
label: “home” 2: AddressVO
line1: “4444 W 44th Ave” 3: AddressVO
city: “Denver”
state: “CO”
AddressVO
id: 3
label: “work”
line1: “5555 W 55th Ave”
city: “Denver”
state: “CO”]
12
13. Finding an object’s properties
Spring Actionscript (formally Prana)
http://www.pranaframework.org/
var type:Type = Type.forName(classname);
for each (var accessor:Accessor in type.accessors) {
if (accessor.isStatic == false && accessor.access.name == quot;readwritequot;) {
result.push(accessor.name);
}
}
return result;
13
14. Finding an object’s properties
Source generator
public class UserVO extends BaseVO {
public var username : String;
public var firstname : String;
public var lastname : String;
public var address : AddressVO;
override public function getProperties():Array {
return super.getProperties().concat(quot;usernamequot;,quot;firstnamequot;,quot;lastnamequot;,quot;addressquot;);
}
}
14
15. Updating the cache
What if the entity is already in the cache?
EntityCache EntityCache.updateEntity(
1: UserVO(instance A) UserVO(instance B)
id: 1 id: 1
firstname: “Robert” firstname: “Bob”
lastname: “Smith” lastname: “Smith”
)
Copy the properties from
instance B into instance A
EntityCache
Leave instance A in the
1: UserVO(instance A)
cache
id: 1
firstname: “Bob” Discard instance B
lastname: “Smith”
15
16. Updating the cache
What about arrays?
EntityCache
UserVO
id: 1
firstname: “Zachary”
lastname: “Pinter” EntityCache.updateEntity(
addresses: [ AddressVO(instance B)
AddressVO(instance A)
id: 2
id: 2
label: “home” label: “home”
line1: “4444 W 44th Ave” line1: “3333 W 33rd Ave”
city: “Denver” city: “Denver”
state: “CO” state: “CO”
AddressVO )
id: 3
label: “work”
line1: “5555 W 55th Ave”
city: “Denver”
state: “CO”]
16
17. Updating the cache
What about arrays?
UserVO
id: 1 Since we update the existing instance,
firstname: “Zachary” all references to it will see the update.
lastname: “Pinter”
addresses: [
AddressVO(instance A)
id: 2
label: “home”
line1: “3333 W 33rd Ave”
city: “Denver”
state: “CO”
AddressVO
id: 3
label: “work”
line1: “5555 W 55th Ave”
city: “Denver”
state: “CO”]
17
18. Updating the Cache
The flip side
UserVO
EntityCache id: 5
AddressVO(instance A) firstname: “Zachary”
lastname: “Pinter”
id: 2
addresses: [
label: “home” AddressVO(instance B)
line1: “5555 W 55th Ave” id: 2
city: “Denver” label: “home”
state: “CO” line1: “6666 W 66th Ave”
city: “Denver”
state: “CO”
Your cache already has an
AddressVO
AddressVO with id 2 in it, and you
id: 3
add a new UserVO to the cache that
label: “work”
references an updated instance of the
line1: “5555 W 55th Ave”
AddressVO
city: “Denver”
state: “CO”]
18
19. Updating the Cache
UserVO
EntityCache id: 5
AddressVO(instance A) firstname: “Zachary”
lastname: “Pinter”
id: 2
addresses: [
label: “home” AddressVO(instance A)
line1: “6666 W 66th Ave” id: 2
city: “Denver” label: “home”
state: “CO” line1: “6666 W 66th Ave”
city: “Denver”
state: “CO”
The AddressVO in the cache is AddressVO
updated and the AddressVO in id: 3
UserVO.addresses is replaced with label: “work”
the instance from the cache. line1: “5555 W 55th Ave”
city: “Denver”
state: “CO”]
19
20. Updating the Cache
Code looks something like this...
if (obj is Array) {
var arr:Array = obj as Array;
for (var i:int=0;i<arr.length;i++) {
if (arr[i] is BaseVO) {
var res:BaseVO = updateEntity(arr[i] as BaseVO,...);
if (res != null) arr[i] = res;
}
}
}
20
21. Updating the Cache
ArrayCollection’s are slightly trickier
if (obj is ArrayCollection) {
var ac:ArrayCollection = obj as ArrayCollection;
ac.disableAutoUpdate();
for (i=0;i<ac.length;i++) {
if (ac.getItemAt(i) is BaseVO) {
var res:BaseVO = updateEntity(ac.getItemAt(i) as BaseVO,...);
if (res != null) {
ac.setItemAt(res,i);
}
}
}
ac.enableAutoUpdate();
}
21
23. The Cache
How do we get an entity?
What happens if we ask for an entity that isn’t in the cache?
public class EntityCache
{
public function getEntity(id:String):EntityWrapper
{
//...
}
}
23
24. EntityWrapper
[Bindable]
When requesting an entity, a
public class EntityWrapper wrapper object is returned.
{
public var entityId:String; If that object is in the cache,
public var entity:BaseVO; EntityWrapper.entity will have a
value.
public function EntityWrapper(id:String)
{ If the object is not in the cache,
entityId = id;
} EntityWrapper.entity will be null
and a call to fetch the entity will
} be queued.
24
25. Using the Cache
userWrapper = cache.getEntity(userid.text);
<mx:Label text=quot;Username: {userWrapper.entity.username}quot;/>
25
26. Using the Cache - List Renderers
Benefits
‣ Faster initial query since you’re only grabbing the id’s
‣ Rows are lazy-fetched as you scroll
Drawbacks
‣ Sorting has to be handled by the server
26
27. Using the Cache - List Renderers
What’s the code for the item renderer look like?
override public function set data(val:Object):void
{
if(val != data){
if (!val) {
wrapper = null;
} else {
wrapper = cache.getEntity(val);
}
super.data = val;
}
}
27
30. Dictionary Keys
Only one cache, need to prevent collisions
Some Options:
‣ Globally unique sequence across all tables (UserVO with id 1, AddressVO with id 2)
‣ UUID’s (great for generating new id’s flex-side)
‣ Combine type with id (“UserVO-1”, “AddressVO-1”)
30