CodeIsGo.com

Let’s look at managing application state from a different perspective. If you’re a frontend developer or a backend developer, you probably deal with state management daily. XState is a JavaScript/TypeScript implementation of the finite state machine and statecharts that will make your life easier. By Michal Sevcik @nearform.

The article describes:

• The what, why and how of state machines
• What are state machines?
• What are statecharts?
• What are the benefits?
• Meet the XState
• Usage with React
• State machines diagrams

The difference between state machines and statecharts is that you can organise states in a hierarchy with statecharts. Simply put, you can create sub-states by nesting state machines.

State machines are a common way of describing states in a business process. They are an excellent communication tool because they are generally understood (or can be learned) by people with non-developer backgrounds. And diagrams certainly communicate information better than text. Good read!

Function execution platforms really gained rise as more people got tired of setting up full containerized environments for simple code execution. The costs, overall maintenance, and cascading consequences of failures meant more people were looking for a lean context to execute one-off workers in the cloud. By Jesse Martin.

The industry really rose to notoriety when AWS introduced AWS Lambda, a lambda being an anonymous function, and the service being that promise, as a service - these are anonymized functions that are not bound to a calling context, but respond to discrete events and take discrete inputs. They’re simple to reason about, simple to call, and most of all, they’re drastically more affordable to run, lending themselves really well to “pay for compute time”, not “pay for standby” which containers need to do.

The article pays attention to:

• The pros and cons of FaaS
• Choosing a FaaS Provider
• Comparing FaaS providers
  • AWS Lamdba
  • Google Cloud functions
  • Azure functions
  • Vercel
  • Gatsby Cloud functions
  • Netlify functions
  • Cloudflare Workers
  • Fly.io
  • Oracle Functions
  • IBM Functions
  • Tencent Cloud
  • Alibaba Cloud
  • Redhat Open Shift
  • No-Code / Low-Code providers

Serverless execution is here to stay. With the rough 80/20 analysis method, serverless will be a dominant strategy for many companies that want to control costs, embrace low-op approaches to infrastructure, and focus on domain logic, not managing their own servers. Good read!

As someone who loves to constantly measure myself and everything around me, I was excited to see MongoDB add dedicated time-series collections in MongoDB 5.0. Previously, MongoDB had been great for handling time-series data, but only if you were prepared to write some fairly complicated insert and update code and use a complex schema. In 5.0, all the hard work is done for you, including lots of behind-the-scenes optimization. By John Page.

Time-series data is not simply any data that has a date component, but specifically data where we want to look at how values change over a period of time and so need to compare data for a given time window or windows. On my bike, am I slowing down over time on a ride? Or does my speed vary with the road gradient?

Time-series data is where we have multiple related data points that have a time, a source, and one or more values. For example, I might be recording my speed on my bike and the gradient of the road, so I have the time, the source (me on that bike), and two data values (speed and gradient). The source would change if it was a different bike or another person riding it.

The article will walk you over:

• What is time-series data?
• Why time-series data needs special handling
• Time-series specific collections

You can just specify the time and source fields when creating a collection and MongoDB will reorganise my cycling data to make it three to five times smaller, as well as faster, to read and analyze. Good read!

Despite the growth of technology in our daily lives, the integration of digital technologies into education has been slower than anticipated. There seem to be a number of factors at work here, including problems with access to technology and the time and support needed to use technology successfully in the classroom. By Amber McLeod and Jo Blannin.

Teachers may also lack confidence in choosing and using technology or believe technology will not improve learning. Australia’s national museum for screen culture, ACMI, has released an online digital learning lesson bank to address these challenges. This is part of ACMI’s school program and resources database. Game Lessons offers digital games as lessons – 25 lesson plans comprising 75 digital lessons. These are created by expert teachers and include areas such as the arts, humanities, sciences, literacy and capabilities such as ethics.

Digital games such as Maths Rescue and Carmen Sandiego have been used in education for as long as computers have been available in classrooms. Playing fun games that interest and motivate students is a key aspect of digital-based learning. Games, however, include other educationally useful features. Follow the link to the full article learn more about these fatures. Great read!

Learn the basics of FastAPI, how to quickly set up a server and secure endpoints with Auth0. By Mark Halpin.

FastAPI is a relatively new Python framework that enables you to create applications very quickly. This framework allows you to read API request data seamlessly with built-in modules and is a lightweight alternative to Flask.

The article then deals with:

• Get started with FastAPI
• Create a private endpoint
• Set up Auth0 an API
• Add JSON Web Token (JWT) validation
• Validate an Auth0 access token

You will learn the basics of FastAPI by implementing two endpoints - one public, one private. You will see how simple it is to make requests to both of these endpoints. You will also create a verification class and saw how PyJWT helps you validate an Auth0 access token, and you will learn what JWKS is. Nice one.

I was writing a tiny website to display statistics of how much sponsored content a Youtube creator has over time when I noticed that I often write a small tool as a website that queries some data from a database and then displays it in a graph, a table, or similar. But if you want to use a database, you either need to write a backend (which you then need to host and maintain forever) or download the whole dataset into the browser (which is not so great when the dataset is more than 10MB). By phiresky’s blog.

So how do you use a database on a static file hoster? Firstly, SQLite (written in C) is compiled to WebAssembly. SQLite can be compiled with emscripten without any modifications, and the sql.js library is a thin JS wrapper around the wasm code.

In the past when I’ve used a backend server for these small side projects at some point some external API goes down or a key expires or I forget about the backend and stop paying for whatever VPS it was on. Then when I revisit it years later, I’m annoyed that it’s gone and curse myself for relying on an external service - or on myself caring over a longer period of time.

Hosting a static website is much easier than a “real” server - there’s many free and reliable options (like GitHub, GitLab Pages, Netlify, etc), and it scales to basically infinity without any effort. So I wrote a tool to be able to use a real SQL database in a statically hosted website!

sql.js only allows you to create and read from databases that are fully in memory though - so I implemented a virtual file system that fetches chunks of the database with HTTP Range requests when SQLite tries to read from the filesystem: sql.js-httpvfs. From SQLite’s perspective, it just looks like it’s living on a normal computer with an empty filesystem except for a file called /wdi.sqlite3 that it can read from. Of course it can’t write to this file, but a read-only database is still very useful.

Here’s a demo using the World Development Indicators dataset - a dataset with 6 tables and over 8 million rows (670 MiByte total). Good read!

The automotive industry is well known for its security standards regarding the road safety of vehicles. All processes regarding vehicle development – from drawing board to sales – were standardized and refined over the years. Both internal tests, as well as globally renowned companies like NHTSA or EuroNCAP, are working hard on making the vehicle safe in all road conditions – for both passengers and other participants of road traffic. By Adam Kozłowski and by Marcin Wiśniewski.

Safety engineering is currently an important part of automotive engineering and safety standards, for example, ISO 26262 and IEC 61508. Techniques regarding safety assessment, like FTA (Fault Tree Analysis), or FMEA (Failure Mode and Effects Analysis) are also standardized and integrated into the vehicle development lifecycle.

But the security is not limited to crash tests and driver safety. In parallel to the new ADAS systems, the connected car concept, remote access, and in general, vehicle connectivity moved forward. Secure access to the car does not only mean car keys but also network access and defense against cybersecurity threats.

And the threat is real. 6 years ago, in 2015, two security researchers hacked Jeep Cherokee driving 70mph on a highway by effectively disabling its breaks, changing the climate control and the infotainment screen display. The zero-day exploit allowing that is now fixed, but the situation immediately caught the public eye and changed the OEMs mindset from “minor, unrealistic possibility” to “very important topic”.

All of these resulted in the definition of the new standard called ISO 21434 Road vehicles — cybersecurity engineering. The work started last year, but currently, it’s at the “Approval” phase, so we can quickly go through the most important topics it tackles.

The document also lists the best practices regarding cybersecurity design:

• Principle of least privilege
• Authentication and authorization
• Audit
• E2E security
• Architectural Trust Levels
• Segregation of interfaces
• Protection of Maintainability during service
• Testability during development (test interface) and operations10
• Security by default

The requirements do not end on the architectural and design level. They can go as low as the hardware (identification of security-related elements, documentation, and verification for being safe, as they are potential entry points for hackers), and source code, where specific principles are also listed. Nice one!

A web server is a piece of software that accepts a network request from a user agent, typically a web browser, and returns either the appropriate response for the request or an error message. Two dominant solutions for HTTP servers today are Apache and Nginx. However, a new player in the space, Caddy Web Server, is gaining traction for its ease of use. By Ayooluwa Isaiah.

Nginx is currently being utilized on over 40 percent of the top 10,000 websites. When you consider that Cloudflare Server also utilizes Nginx under the hood for content delivery, the figure is even higher. Caddy is an open source web server platform designed to be simple, easy to use, and secure. Written in Go with zero dependencies, Caddy is easy to download and runs on almost every platform that Go compiles on. In terms of performance, Caddy has been shown to be competitive with Apache but behind Nginx both in terms of requests handled per second and stability under load.

The article then compares configuration and performance of Apache, Nginx and Caddy.

If your primary concern is performance, or you plan to serve a large amount of static content, Nginx is likely your best option. While Caddy is easy to configure and performant for most use cases, if you need flexibility and customization, Apache is your best bet. Easy read!

Using the microservices architecture has many benefits. It has become the norm for many large-scale applications. However, Microservices also comes with several challenges. One such challenge is handling transactions that span across multiple services. By Chameera Dulanga.

Therefore, we need a centralized communication and coordination mechanism to ensure all the transactions are completed successfully, and that’s where the Saga pattern comes in.

So, in this article, author will discuss how we can overcome this by using Saga Pattern:

• Why we need Saga Pattern?
• Introduction to Saga Pattern
• What is Saga Execution Controller?
• Implementing Saga Pattern
  • Orchestration-based Saga
  • Choreography-based Saga
• Build with independent components, for speed and scale

In this article, author discussed what is Saga pattern is and different approaches for implement it. The Saga pattern’s main advantage is to maintain data consistency when transactions span across Microservices. Good read!

If you’re making an HTTP request in Node.js there’s a good chance you’ll want to cancel it if it takes too long to receive a response. Or perhaps you have a slightly more complex situation where you’re making multiple requests in parallel, and if one request fails you want to cancel all of them. By Simon Plenderleith.

const controller = new AbortController();
const signal = controller.signal;

signal.addEventListener("abort", () => {
  console.log("The abort signal was triggered");
}, { once: true });

controller.abort();

Fortunately there’s a JavaScript API which gives us a standard way to cancel asynchronous tasks such as an in-flight HTTP request: the Abort API.

The article then goes and describes:

• The Abort API
• Cancelling an HTTP request with an AbortSignal
• Support for cancelling HTTP requests
• Libraries
• Node.js core API methods

An interesting note from author: I’m pretty sure we’re going to see a lot more of the Abort API as other libraries, as well as methods in Node.js core, add support for it. Good read!