Developer Catchup: ECMAScript 6, Scala Policy, JSON’d Postgresql and SHA-1 sunset

developercatchupECMAScript 6: It’s coming, for mid 2015, and its full of features. In this (https://www.youtube.com/watch?v=G21rdWfa_as), Alex Rauschmayer talks about all those features. If you prefer slides they are available too. It covers most of the language features (skipping promises and proxies), outlines the timetable for standardisation and how you can use ES6 features now. Bonus link, do checkout his blog.

Policy and Scala: Scala has been forked, and forked by one of its most active contributors. The fork, called Policy, is one of those forks which hopes to be folded back into the original because “The leadership of scala has shown itself unfit stewards of the core technologies and the total price paid by scala programmers (actual and potential) is too high. I failed for half a decade to change that from the inside. Now I’ll try from the outside”. The initial reception seems positive and the Hacker News thread is full of background. One to watch.

More JSON in Postgresql: Postgresql has some neat JSON support built into the database, but one developer wanted it somewhere else – in the logs. Michael Paquier shows how to make Postgresql emit JSON logs hooking in a JSON log function at runtime. The code can be found on GitHub in a repo of other plugins. Why JSON logs? Well, it does make it easy for a JSON aware system like Elasticsearch to analyse and search those logs.

SHA-1 Sunset Now: Back in 2005, SHA-1 was tagged as “weaker than it should be” as a crypto algorithm and its only got worse since them. So people are slowly stopping its use. Google has just announced its SHA-1 sunset which begins this month with Chrome 39 flagging sites with SHA-1 signatures that expire in 2017 and beyond as ‘secure with minor errors’. By end of 2014 that window will expand into 2016 and in 2015 those sites will come up with an straight error. Of course, thats just the Chrome and Chromium browsers… Google will have plenty of engineering to do to completely remove SHA-1 from their systems. Next time your doing crypto work, remember to have un-SHA1-ing on your todo list.