"Wix Serverless from inside", Mykola BorozdinFwdays
There were three Scala developers and a task - drastically improve Wix Node.JS development velocity. They created Wix Serverless, which, indeed, gives you blazingly fast development but does have servers. This talk is about inside cornerstones and the history of the framework, which gives developers the power of all Wix infrastructure in one function and deploys to production in seconds.
Vous êtes de retour des vacances et déjà... des changements dans .NET Core. Nous ferrons un suivi de ce qui se passe dans l'environnement afin de vous garder au courant des derniers changements.
"Wix Serverless from inside", Mykola BorozdinFwdays
There were three Scala developers and a task - drastically improve Wix Node.JS development velocity. They created Wix Serverless, which, indeed, gives you blazingly fast development but does have servers. This talk is about inside cornerstones and the history of the framework, which gives developers the power of all Wix infrastructure in one function and deploys to production in seconds.
Vous êtes de retour des vacances et déjà... des changements dans .NET Core. Nous ferrons un suivi de ce qui se passe dans l'environnement afin de vous garder au courant des derniers changements.
Generating Visual Studio Code Extensions for Xtext DSLsKarsten Thoms
This short talk was held in the Eclipse Modeling Symposium at EclipseCon Europe 2016. It shows a new Xtext Generator fragment that produces an extension for VS Code.
WinOps 2017 - Docker on Windows, the Beginner's GuideElton Stoneman
Session from WinOps 2017, introducing Docker on Windows, with an ops focus. Looks at how Windows containers work, demonstrates using a tool to extract an ASP.NET 3.5 App from a Windows Server VM, and running it in Azure.
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
Brandon Mitchell, Boxboat + Docker Captain -
How do you make your builds more performant? This talk looks at options to configure caching and mirroring of images that you need to save on bandwidth costs and to keep running even if something goes down upstream.
Docker on Windows - 101 to Production (half-day workshop)Elton Stoneman
Intro presentation from the Docker on Windows workshop at Container Camp UK, London 2017. Setting the scene with an overview of Docker containers on Windows, before moving on to the hands-on workshop.
Creating applications with Grails, Angular JS and Spring Security - G3 Summit...Alvaro Sanchez-Mariscal
Grails 3.1 enhances and improves the profile system introduced in Grails 3.0. One of the new profiles ease the creation and development of applications where the the front-end is an Angular JS application, and the backend is a Grails REST API.
In this session, Álvaro (member of the Grails team at OCI, Grails committer and author of several plugins) will demonstrate how to use the Angular profile to create an application using Grails 3.1, Angular JS and Spring Security REST.
With Grails 3, the plugin development experience changes a little bit compared to that of Grails 2. In this talk, Álvaro (member of the Grails team at OCI, Grails committer and author of several plugins) will cover several topics to understand how plugins work in Grails 3, focusing on best practices.
The session is structured as a set of tips and tricks with code samples in the following areas: modularisation, build system, testing and publishing.
.NET Conf 2019 Tel-Aviv Israel
There are cases where bugs are discovered only after the product is shipped and used by the end-users. The main reason for these bugs that appear only in the production environment is the use of real user scenarios with real user data. Production debugging is about solving customer-facing issues that aren't easily reproducible in the development or testing environments. When it comes to a cloud-hosted application, production debugging becomes even harder. The code is running on multiple hosts, a business flow can span many services. A remote debugging session with the cloud is dangerous and may introduce side effects to the currently running software, such as performance degradation, interruption of service, and data correctness issues.
In this lecture, we will see how we can remote debug our cloud staging environment, and how we can use Visual Studio Snapshot debugger to set Snapshots and Log points in our production environment.
To get even more insights, the audience will see a revolutionary tool and approach for a collaborative production debugging – OzCode Debugging as a Service (DaaS), where the DevOps and the Dev team can solve production problems together!
You will learn:
1. The difficulties of debugging a modern cloud-hosted application
2. Methods and tools for capturing the state and debugging cloud-hosted services
Generating Visual Studio Code Extensions for Xtext DSLsKarsten Thoms
This short talk was held in the Eclipse Modeling Symposium at EclipseCon Europe 2016. It shows a new Xtext Generator fragment that produces an extension for VS Code.
WinOps 2017 - Docker on Windows, the Beginner's GuideElton Stoneman
Session from WinOps 2017, introducing Docker on Windows, with an ops focus. Looks at how Windows containers work, demonstrates using a tool to extract an ASP.NET 3.5 App from a Windows Server VM, and running it in Azure.
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
Brandon Mitchell, Boxboat + Docker Captain -
How do you make your builds more performant? This talk looks at options to configure caching and mirroring of images that you need to save on bandwidth costs and to keep running even if something goes down upstream.
Docker on Windows - 101 to Production (half-day workshop)Elton Stoneman
Intro presentation from the Docker on Windows workshop at Container Camp UK, London 2017. Setting the scene with an overview of Docker containers on Windows, before moving on to the hands-on workshop.
Creating applications with Grails, Angular JS and Spring Security - G3 Summit...Alvaro Sanchez-Mariscal
Grails 3.1 enhances and improves the profile system introduced in Grails 3.0. One of the new profiles ease the creation and development of applications where the the front-end is an Angular JS application, and the backend is a Grails REST API.
In this session, Álvaro (member of the Grails team at OCI, Grails committer and author of several plugins) will demonstrate how to use the Angular profile to create an application using Grails 3.1, Angular JS and Spring Security REST.
With Grails 3, the plugin development experience changes a little bit compared to that of Grails 2. In this talk, Álvaro (member of the Grails team at OCI, Grails committer and author of several plugins) will cover several topics to understand how plugins work in Grails 3, focusing on best practices.
The session is structured as a set of tips and tricks with code samples in the following areas: modularisation, build system, testing and publishing.
.NET Conf 2019 Tel-Aviv Israel
There are cases where bugs are discovered only after the product is shipped and used by the end-users. The main reason for these bugs that appear only in the production environment is the use of real user scenarios with real user data. Production debugging is about solving customer-facing issues that aren't easily reproducible in the development or testing environments. When it comes to a cloud-hosted application, production debugging becomes even harder. The code is running on multiple hosts, a business flow can span many services. A remote debugging session with the cloud is dangerous and may introduce side effects to the currently running software, such as performance degradation, interruption of service, and data correctness issues.
In this lecture, we will see how we can remote debug our cloud staging environment, and how we can use Visual Studio Snapshot debugger to set Snapshots and Log points in our production environment.
To get even more insights, the audience will see a revolutionary tool and approach for a collaborative production debugging – OzCode Debugging as a Service (DaaS), where the DevOps and the Dev team can solve production problems together!
You will learn:
1. The difficulties of debugging a modern cloud-hosted application
2. Methods and tools for capturing the state and debugging cloud-hosted services
The Hacking Games - A Road to Post Exploitation Meetup - 20240222.pptxlior mazor
Stay safe, grab a drink and join us virtually for our upcoming "The Hacking Game - A Road to Post Exploitation" meetup
to learn how hackers can compromise the software supply chain, advanced data protection methods on WebLogic Server and
how to use AI in order to protect your software.
Agenda:
17:00 - 17:10 - 'Opening words' - by Gidi Farkash (CISO at Pipl Security)
17:10 - 17:40 - 'Tracking Attackers in Open Source Supply Chain - Lessons Learned' - by Jossef Harush Kadouri (Head of Software Supply Chain Security at Checkmarx)
17:40 - 18:20 - 'WebLogic - The Road to Post Exploitation' - by Amit German (Cyber Security Researcher at Pentera)
18:20 - 19:00 - 'AI In The Hands of Application Security' - by Brit Glazer (Head of Information Security at Unit)
Common Pitfalls of Functional Programming and How to Avoid Them: A Mobile Gam...gree_tech
This material is presented on CUFP 2013.
Functional programming is already an established technology is many areas. However, the lack of skilled developers has been a challenging hurdle in the adoption of such languages. It is easy for an inexperienced programmer to fall into the many traps of functional programming, resulting in a loss of productivity and bad software quality. Resource leaks caused by Haskell's lazy evaluation, for instance, are only the tip of the iceberg. Knowledge sharing and a mature tool-assisted development process are ways to avoid such pitfalls. At GREE, one of the largest mobile gaming companies, we use Haskell and Scala to develop major components of our platform, such as a distributed NoSQL solution, or an image storage infrastructure. However, only 11 programmers use functional programming on their daily task. In this talk, we will describe some unexpected functional programming issues we ran into, how we solved them and how we hope to avoid them in the future. We have developed a system testing framework to enhance regression testing, spent lots of time documenting pitfalls and introduced technical reviews. Recently, we even started holding lunchtime presentations about functional programming in order to attract beginners and prevent them from falling into the same traps.
It's Time to Debloat the Cloud with UnikraftScyllaDB
The cloud is undoubtedly a major success story, but while extremely convenient in terms of deployment and scalability, it's become increasingly clear that it is highly inefficient, with services deployed in the bloated, wasteful virtual machines (VMs). Worse, such VMs are kept on most if not all of the time, once again wasting resources, and driving up both cloud infrastructure bills and energy consumption.
We introduce Unikraft, a novel cloud operating system that allows for easily building cloud-ready images fully tailored to the needs of particular cloud applications. Unikraft images boot in a few milliseconds, suspend/resume in 10s of milliseconds, consume only a few MBs even when running mainstream applications (e.g., NGINX, SQLite, Redis, etc.) and can provide throughput higher than Linux. We will show Unikraft's ability to boot images just in time, as requests for services come in, and to go sleep thereafter, further saving resources. Unikraft is an open-source Linux Foundation project and can be found at www.unikraft.org.
HKG15-407: EME implementation in Chromium: Linaro Clear Key Linaro
HKG15-407: EME implementation in Chromium: Linaro Clear Key
---------------------------------------------------
Speaker: Matt Snoby
Date: February 12, 2015
---------------------------------------------------
★ Session Summary ★
An example of a key system from a Clear Key point of view. Linaro implemented a sample CDM plugin for Chromium capable to exercise the EME implementation of the browser. The presentation gives an insight to the EME/CDM implementation in Chromium and the guidelines to integrating various DRM systems. We will present call flows with example classes, experiences learned, and example of things to watch out for.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250835
Video: https://www.youtube.com/watch?v=dJqCbTfKrMk
Etherpad: http://pad.linaro.org/p/hkg15-407
Also see: http://www.slideshare.net/linaroorg/hkg15407-eme-implementation-in-chromium-linaro-clear-key
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
Piratng Avs to bypass exploit mitigationPriyanka Aash
"Put a low-level security researcher in front of hooking mechanisms and you get industry-wide vulnerability notifications, affecting security tools such as Anti-Virus, Anti-Exploitations and DLP, as well as non-security applications such as gaming and productivity tools. In this talk we reveal six(!) different security issues that we uncovered in various hooking engines. The vulnerabilities we found enable a threat actor to bypass the security measures of the underlying operating system. As we uncovered the vulnerabilities one-by-one we found them to impact commercial engines, such as Microsoft's Detours, open source engines such as EasyHook and proprietary engines such as those belonging to TrendMicro, Symantec, Kaspersky and about twenty others.
In this talk we'll survey the different vulnerabilities, and deep dive into a couple of those. In particular, we'll take a close look at a vulnerability appearing in the most popular commercial hooking engine of a large vendor. This vulnerability affects the most widespread productivity applications and forced the vendor to not only fix their engine, but also that their customers fix their applications prior to releasing the patch to the public. Finally, we'll demonstrate how security tools can be used as an intrusion channel for threat actors, ironically defeating security measures."
(Source: Black Hat USA 2016, Las Vegas)
Captain Hook: Pirating AVs to Bypass Exploit MitigationsenSilo
In this talk we reveal six(!) different security issues that we uncovered in various hooking engines. The vulnerabilities we found enable a threat actor to bypass the security measures of the underlying operating system. As we uncovered the vulnerabilities one-by-one we found them to impact commercial engines, such as Microsoft’s Detours, open source engines such as EasyHook and proprietary engines such as those belonging to TrendMicro, Symantec, Kaspersky and about twenty others.
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !Florent BENOIT
Développer dans le cloud en Java ? Yes we can !
Grace à Eclipse Che et Codenvy vous pouvez facilement compiler, executer ou développer votre projet Java. L'environnement d'execution utilise Docker
In recent years there has been a tremendous amount of progress and innovation around tools and applications available to web developers that improve the quality, efficiency and speed of our applications, and it is hard to keep up with all of it.
Real-World Docker: 10 Things We've Learned RightScale
Docker has taken the world of software by storm, offering the promise of a portable way to build and ship software - including software running in the cloud. The RightScale development team has been diving into Docker for several projects, and we'll share our lessons learned on using Docker for our cloud-based applications.
Similar to Protractor: The Hacker way (NG-MY 2019) (20)
「我是一個前端工程師,每次要進行頁面套版時,都要等後端工程師寫好 API 才能測試,我覺得很痛苦,但公司的後端我又叫不動,有沒有甚麼方法可以簡單的設計出 RESTful API,讓我可以立即套版使用?我不想每次都苦苦哀求後端工程師快點生出 API 給我!」這是之前某位學生告訴我的一段話,也想必是許多前端工程師的痛,現在,你可以不一樣!
我將在這場分享中講解如何利用 JSON Server 快速建立 RESTful API 服務,讓前端工程師可以在完全沒有後端開發能力的情況下,自行設計出任意格式的 API 讓自己使用。本次直播完全免費,當天還會簡單示範如何在 Angular 使用 Http 服務元件呼叫自製的 API!
全新 Windows Server 2019 容器技術及邁向與 Kubernetes 整合之路 (Windows Server 高峰會)Will Huang
Windows Server 2019 隨之而來的容器功能,帶領 Windows 容器化邁向另一個里程碑。本次演講將介紹全新容器功能,以及跟 Kubernetes 整合的歷程,並透過線上展示 Windows Server 2019 加入到 Kubernetes 叢集的完整步驟!
👉 Windows Server 高峰會
https://www.microsoft.com/taiwan/events/windows-server-2019/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
1. Make the Protractor GREAT again!
Protractor: The Hacker Way
Duotify Inc.
CTO / Will 保哥
https://blog.miniasp.com
2. The definition of Hacker
2
A computer hacker is any skilled computer
expert that uses their technical knowledge
to overcome a problem.
“
”
Hacker - Wikipedia
4. Protractor: Getting started
• Install Angular CLI globally
- npm install -g @angular/cli
• Generate an Angular app
- ng new demo1 --routing --style css
- cd demo1
• Update WebDriver to match your browser version
- npx webdriver-manager update
• Run E2E scripts (Protractor) (DO NOT use ng e2e directly)
- npx protractor e2e/protractor.conf.js
4
5. A basic E2E test case
• DESCRIPTION
- Make sure Will Huang (保哥) are shown on the Speakers page
• STEPS
1. navigate to https://2019.ng-my.org/
2. click the SPEAKERS on the main menu
3. click the Will Huang (保哥) on the speakers list
4. validate the DOM contains Will Huang (保哥)
5
9. What's the problem?
• Error message
- Failed: No element found using locator: By(link text, Speakers)
• Line number of the error in the source code
- Find it on the stack trace. (debugging experience are so bad.)
• The problem should be this line
- element(by.linkText('Speakers'));
• Root cause
- by.linkText and some other Locator API are case-sensitive!
- It will find the element by what it rendered.
9
10. by.linkText is case-sensitive!
• Problem
- element(by.linkText('Speakers'));
• Solution
- element(by.linkText('SPEAKERS'));
• Is that make any sense?
- It looks buggy, but it doesn't. It because it's End-to-End testing!
- What you write is not what your expected!
10
11. Fix the first bug and run it again
• The error message becoming vague
• You can still get the line number in the stack trace.
11
12. What's the problem?
• Error message
- Expected '' to contain 'Will Huang (保哥)'.
• Line number of the error in the source code
- Find it on the stack trace
• The problem should be this line
- element(by.xpath('//main[@id="team"]/my-
modal/section/div/div/div/div/div'))
• Root cause
- The animation cause the Locator API unable to find DOM
at that moment! 12
13. Overcome animation issues
1. Wait for 2 seconds till animation stopped
await browser.sleep(2000); // Magic number
2. Use ExpectedConditions to wait for DOM show up
await browser.wait(
EC.textToBePresentInElement(elem4, text4),
5000);
13
18. Protractor Recorder (Preview)
• Protractor Recorder is based on amazing Katalon Recorder
- It's free and open source.
• Features
- Tailored just for Protractor users
- Support TypeScript code generation
- Support async/await syntax ( SELENIUM_PROMISE_MANAGER: false )
- Support ExpectedConditions for better debugging experience
- Support non-Angular E2E testing
• Upstream PR is on the way
- Add protractor typescript template #23
19. Best practices
• by.linkText / by.buttonText are case-sensitive!
element(by.linkText('SPEAKERS')).click();
• Fixed window size for your E2E testing
browser.manage().window().setSize(1024, 768);
• DO NOT use ng e2e to run protractor in your daily job
ng e2e --dev-server-target= --webdriver-update=false
npx webdriver-manager update
npx protractor e2e/protractor.conf.js
19
27. The Will Will Web
網路世界的學習心得與技術分享
http://blog.miniasp.com/
Facebook
Will 保哥的技術交流中心
http://www.facebook.com/will.fans
Twitter
https://twitter.com/Will_Huang
Follow Me