Elsewhere: NewsBits – Redis 5 RC 5

I’ve been doing my usual Friday news gathering for the day job and that means here is todays NewsBits…. Here’s what’s in it:

  • Redis 5.0 gets a new release candidate and controversy.
  • Updates for older MongoDB versions.
  • A guide to analyzing slow MongoDB queries.
  • Making MySQL‘s shell shine.
  • Google open up Dataset Search.
  • Firefox 62 lands, as does the new ESR release.
  • HTTP2 support no longer experimental in Node 10.10.
  • VS Code gets a new Settings UI.
  • Checkout pull requests with the latest Atom.
  • Where to get Java support in the future?
  • And whats it like migrating to Java 11?
  • And finally an SQL puzzler…

Click here to read Compose’s NewsBits (be meeeee!) for this week

Graduation Snippets – Docker 1.0, RHEL 7.0, Firefox 30.0

linuxsnippets150

Docker 1.0: The Docker container management platform has hit version 1.0 though the major work had been done by version 0.11 – this is the project’s graduation, acknowledging its ready for production. The actual packaging and management software is going to be referred to as Docker Engine now as the announcement is also the signal for Docker (the company) to roll out 1.0 of Docker Cloud, a platform for sharing Docker packaged apps. Actual changes in 1.0 are things like a new COPY command and an improved ADD command for developers and the ability to pause and resume running containers, added XFS support and performance improvements in container removal. Make a note too. Posts 2375 and 2376 are now officially the HTTP and HTTPS ports for Docker. Docker has changes how people think about package and run applications on Linux and all it would need is for major players to adopt Docker and … oh Google’s added App Engine support for Docker to go with its Compute Engine support and then there’s…

RHEL 7.0: Red Hat has rolled out version 7.0 of its enterprise Linux and 7.0 is looking like a cracking release. Top of their highlights, containers and Docker support, XFS as default file system and new caching file systems (Btrfs is still experimental), systemd and new management components and more capabilities to work with Windows domains. The release notes as with all Red Hat releases are comprehensive and cover things like the switch to GNOME 3 on the desktop (while retaining a classic shell). RHEL 7 is the commercially supported upstream for other distributions, most notably the CentOS distribution which is working on its CentOS 7 release – no dates on that yet but it is the first test of the new relationship between Red Hat and CentOS.

Firefox 30.0: Thirty… As Firefox versioning heads out of the twenties, the [release of Firefox 30.0] has brought sidebar button for toolbar, support for GStreamer 1.0, command-E find selected, various developer changes and five critical and two high security fixes. Now it is thirty, Firefox is well on its way to settling down to a boring life where change is mostly about moving the furniture about and keeping an eye on the neighbours. The place to look for excitement is Mozilla’s Servo browser, being developed in Mozilla’s Rust language and is developing steadily.

Java 8, Firefox 28 and wibbly wobbly timey wimey – Snippets

Javalogo

Java 8 lands: So, after what feels like an age and after its been through the thresher of reality, Java 8 has officially arrived. What’s changed? Lambda expressions, functional interfaces, default methods for interfaces, streams, a new Date API, repeatable annotations, the Nashorn JavaScript engine… there’s a good quick intro to some the language features but theres going to be plenty of settling in to do. For all the docs go to the release notes, downloads can be found on the Java SE downloads page. There’s also a NetBeans 8.0 release to go with the Java 8 release which includes JDK 8 support, including features like Lambdas and Streams, among many other enhancements.

Firefox 28 slips out: Quieter than ever, Mozilla’s Firefox 28 release has some interesting tweaks; VP9, the H.265 competitor, gets video decoding implemented; Mac OS X’s notification center becomes the destination for web notifications; WebM now gets Opus audio support; SPDY/2 is obsoleted by SPDY/3… oh and there’s 5 critical security fixes, three high, seven moderate and three low. If you’re running Firefox, you’ve probably updated already, if not you can download it for your system and language.

Wibbly wobbly timey wimey: An intruiging StackOverflow question asked why the difference between two times one second apart was over five minutes. The times were in 1927 and this was happening in a Shanghai locale – who knew there was an adjustment of 5 minutes 52 seconds to the clock there in that year? Well, one commenter did and it sheds light on how hard time can be to work with and how much information is wrapped up in those timezone files.

Firefox 26, Netflix’s Suro, Vagrants and Dockers and Websockets for all – Snippets

snippets03

  • Firefox 26 digs in: Today we’ll see the release of Firefox 26, latest in the overly regular Firefox release cycle. From the (currently beta) release notes, we can see the big changes. All but the Flash plug-in are now click-to-play by default, Windows users can update their Firefox without having to write into the Firefox folders, the password manager can handle password fields generated by scripts and on Linux, if the installed gstreamer can handle h264, so can Firefox. A couple of fixes, some developer enhancements and thats about it. There’s also a Firefox for Android update due today. The release notes note some performance improvements, the same password manager enhancement and some fixes. The developer page for Firefox 26 covers changes of interest to developers in more detail. Firefox 26 will be turning up in updates and for download later today.

  • Netfix’s Suro goes open: From the people who brought you a cloud full of monkeys… Netflix’s latest open source release is Suro, an application monitoring system used by the video stream vendor to track the behaviour of their Amazon AWS deployed applications. Originally based on Apache Chukwa and adapted to fit Netflix’s demands, Suro pulls the company’s monitoring data from the various app clusters and pushes it to S3 (for Hadoop based analytics), to Apache Kafka (and on to Storm, Amazon ElasticSearch and Druid and to other event processors. There’s a lot more detail in the announcement including in production stats and how the pipeline is used to analyse errors.

  • Vagrant meets Docker: The latest update to Vagrant, version 1.4 has been announced and the big improvement in system that has traditionally been used to create automatically reproducible development environment is the addition of Docker support. The Docker provisioner can install Docker and then lets Vagrant cirtual machine pull and configure Docker containers within it. There’s also some enhancements to the scriptability of Vagrant itself, the ability to require a particular version of Vagrant and support for standalone file sync plugins.

  • websocketd: And finally, have you wanted to make a shell script or other app into a WebSocket server but lacked a library or access to the code to do it? Websocketd might be the answer as it turns anything with console I/O into a WebSocket server in a style rather reminiscent of CGI. Remember, most command line applications are not suitable for being exposed to the raw web, but the app could get you out of a hole when prototyping.

And, for reference, everything mentioned today is open source software.

Multiprocess Firefox, Kexec and Secure Boot, Poisoning GCC and OpenNebula 4.4 – Snippets

Snippets.png

  • Firefox goes multiprocess: Some years back, Mozilla embarked on the Electrolysis project to give Firefox a multiprocess architecture, where each web page ran in its own process. This idea isolates web pages from crashing each other and should have performance benefits too; Google’s Chrome, for example, was built with such an architecture. Unfortunately, a year later Mozilla put that effort on hold to work on things which would give quicker returns. Well, now it’s 2013 and the project in back and already in the nightlies. A full write up on Multiprocess Firefox is available in Bill McCloskey’s blog which explains there’s no release date for this work yet, how to enable it if you want to try it out and how things will break and how add-ons are affected.

  • Kexec and Secure Boot: Matthew Garrett has written up why kexec is disabled in Fedora when booted with Secure Boot enabled. Worth a read as it shows why being able to swap kernels in such an environment is a bad thing.

  • Poison for GCC: One thing Microsoft have done well is providing red lights for dangerous function calls (like strcpy and sprintf) in their tools (by adding a header file banned.h). Now, Leaf Security Research are creating a version for GCC with a Github project to create a “gcc-poison.h” file. Using it could help developers find those nasty vulnerable, error-prone functions hidden in their code base.

  • OpenNebula 4.4 goes “Retina”: The other other open source cloud platform, OpenNebula, has just been updated to version 4.4, codenamed Retina (after the Retina Nebula – this project has the best codenames). The update supports multiple datastores with scheduling policies to spread loads across different VMs and their associated storage. For more details, check the release notes.

H.264 is heading to Firefox… is it an EME dry run?

header-logoCisco and Mozilla have made an announcement – Cisco will open source an H.264 implementation and Mozilla will incorporate support for a binary version of that open source code in Firefox in 2014. But what’s behind this move…

Firefox has wrestled with the H.264 video bear for some time now. Initially Mozilla took the position that there’d be no patented royalty-bearing standards implemented in Firefox and eschewed H.264 support in HTML5’s <video> tag for Google’s VP8-based WebM. This idealised position didn’t really get traction though and slowly the resistance to H.264 dropped, first on Android and then on Windows, with the removal of blocks which stopped system-level H.264 codecs that were already installed on the host operating system being used to play H.264 content. But on Linux, for example, where there was no system-level codec for playing H.264 by default and design, there was still no way to play H.264…

So that left Mozilla in an odd position of having a browser that may or may not be able to decode H.264 depending on platform. What would work is if Mozilla could lay its hands on an open source implementation of H.264 and then incorporate that into Mozilla. But that would trigger MPEG LA’s royalty gathering. And so Mozilla was at an impasse.

Until today, when in the synchronised “dance of the contribution”, Cisco first announced that it was releasing an open source (BSD licence) implementation of H.264 called OpenH264. Cisco’s motivation here is to get H.264 as the standard for interoperable web video in WebRTC for conferencing, which is dear to Cisco’s heart and business. Open source gets you so far, but Cisco needs H.264 in browsers like Firefox without passing on the costs. Cisco has said it will do that work by releasing binary modules of the OpenH264 codec and it will take the royalty cost on.

Ah, but how will it know how much distributing those modules will cost it when the MPEG LA chaps turn up for an audit? Brendan Eich, Mozilla CTO, explained that Mozilla won’t be bundling this binary module with the code. When Firefox needs the module, it will download it from Cisco and save it. Other apps will also apparently be able to make use of this downloadable module too. Eich does note that Firefox will still need AAC codecs on similar terms to the H.264 codec to complete the “industry de facto” stack for video and audio.

But here’s an interesting point. The debate about EME, the Encrypted Media Extensions for HTML5, has centred around the idea that the open web, and open web browsers, would be harmed by the presence of possible patent bearing, definitely closed source modules to perform encrypted video decoding. Now, here’s Mozilla, albeit with a different area of technology, working on how to include a platform-appropriate binary module into Firefox at runtime, as needed. It’s almost like a dry run for how EME decoders could be transparently downloaded and run. And that would be one less road-block for EME. Of course, this could also be the last thing on Mozilla’s collective mind, but the incorporation of an automatically downloaded binary module into Firefox will be a landmark in the history of the staunchly open source browser.

GNU Make 4.0, Firefox OS 1.1, SSL Pulse and Linux defined – Snippets

snippets03

  • GNU Make 4.0: GNU Make 4.0 is the latest version of the GNU Project’s version of the Make utility. The release’s headline feature is the integration of GNU Guile, the Scheme-based extention language recommended for GNU projects, into the compilation orchestrator. Other additions include an option to sync output to avoid jumbling results from parallel makes, tracing of targets, a switch to disable all debugging settings, various enhancements to the Windows version, the implementation of “::=” for POSIX portable make files and of “!=” for compatibility with BSD make files and the ability to write to a file directly. The announcement has details of where to download it and further information on the changes.
  • Firefox OS 1.1 on its way: The first proper update for Firefox OS, version 1.1 is heading to handsets soon. With MMS support, an API for Push Notifications, better app searching, enhanced contacts, faster app loading and scrolling (and it needs it), downloading of images and audio or video in the browser, autocorrect for the keyboard, a draft mode and attachment support for the email app and a lightly improved calendar app, there’s a lot of decent catching up with the rest of the pack. Mozilla say this will come with the second wave of Firefox OS phones, and appear for existing Firefox OS phones at the same time. We’ll be reporting on the update when it arrives on our ZTE Open.
  • Watching SSL: Wondering how widespread Forward Secrecy and RC4 are with SSL/HTTPS web sites? Wonder no more as the SSL Pulse report now tracks them too. Ivan Ristic explains whats being tracked in this blog post and how the results currently stack up.
  • Predefining Linux: An informative and interesing Stack Overflow moment as one person finds “linux” is defined as “1” and opens the door of the world of pre-defined symbols and other mystery meats that can be found in the larder of C compilers.