CodeIsGo.com

It can be very frustrating when Go applications use less memory than what is available to them, and yet they still manage to run out of memory and crash. Go 1.19 introduced GOMEMLIMIT, which completely changes how you can manage memory limits in Go. By Etienne Dilocker.

In this article, author will invite you on a journey. He will cover:

• How memory allocations work in Go
• When the Garbage Collector runs, and what the implications are
• Why it was far too easy to run out of memory before Go 1.19
• What GOMEMLIMT is and why it can prevent premature OOM kills
• Run an experiment first without and then with GOMEMLIMI

Go 1.19 changes everything: The new GOMEMLIMIT feature can help you both increase GC-related performance as well as avoid GC-related out-of-memory (“OOM”) situations. Good read!

Managing individual business risks is difficult when silos exist. An enterprise risk management (ERM) framework consolidates risk management strategy across an entire organization, enabling better visibility, measurement, and management of business objectives. By Catherine Chipeta.

With a unified focus on addressing risk, compliance teams can universally improve regulatory compliance, governance, and risk management processes.

The main points highlighted in the article:

• What is ERM?
• Why is ERM important?
• How to choose an ERM framework
• Types of ERM frameworks
• 5-step guide: implementing an ERM framework

Do not forget to implement step that involves monitoring and reviewing your ERM program through data analytics to create an ongoing feedback cycle. Aggregating and filtering data manually is a time-consuming and complicated process, with room for human error. Risk optimization tools can help provide meaningful, accurate insights for faster, better-informed decision-making. Good read!

The goal of the Drogue IoT project is to make it easy to connect devices to cloud-based applications. This article will demonstrate how to implement firmware in Rust based on Drogue’s device support. This way, a device can communicate with the cloud using the low power LoRaWAN protocol. We will also illustrate how Node.js handles the server side. By Daniel Bevenius.

You will learn about:

• The purpose of Drogue IoT
• LoRaWAN network coverage
• Drogue device
• Drogue cloud
• Learn more in the LoRaWAN end-to-end workshop

LoRaWAN is a low-power wireless network that enables you to run a device on batteries for months, sending telemetry data to the cloud every now and then. To achieve this efficient connectivity, you need LoRaWAN network coverage, and The Things Network (TTN) provides exactly that. You can extend the TTN network by running your gateway if your local area lacks coverage. TTN provides a public service that allows you to exchange data between devices and applications.Source code is also provided. Great read for any IoT fan!

Have you ever had an idea to ask a bot to perform a simple interaction? Then this article is for you. By Lee Ford. A Webhook is a way for two applications that can communicate with each other. In our case, a simple bot and Teams.

Source: https://pnp.github.io/blog/post/make-a-bot-for-simple-interactions-in-teams-using-a-webhook/

The article then describes:

• Bot interaction idea
• Solution based on Webhook in Teams and Bot
• What is webhook
• OpenWeatherMap API
• Setup
• Bot
• Teams Webhook

The bot is where the magic happens. It is code hosted externally to Teams that can be called over HTTP (via the Webhook). What that code does, where it is hosted, is all up to you. For this scenario, there is an (written in TypeScript), which can be found here: Azure Function HTTP Trigger. Nice one!

Learn about AI ethics, a framework that guides data scientists and researchers to build AI systems in an ethical manner to benefit society as a whole. By @IBM.

Ethics is a set of moral principles which help us discern between right and wrong. AI ethics is a set of guidelines that advise on the design and outcomes of artificial intelligence. Human beings come with all sorts of cognitive biases, such as recency and confirmation bias, and those inherent biases are exhibited in our behaviors and subsequently, our data. Since data is the foundation for all machine learning algorithms, it’s important for us to structure experiments and algorithms with this in mind as artificial intelligence has the potential to amplify and scale these human biases at an unprecedented rate.

This article aims to provide a comprehensive market view of AI ethics in the industry today and provides following information on the subject:

• What are AI ethics?
• Establishing principles for AI ethics
• Primary concerns of AI today
• How to establish AI ethics
• Ethical AI organizations
• IBM’s point of view on AI Ethics
• AI ethics and IBM

Since ethical standards are not the primary concern of data engineers and data scientists in the private sector, a number of organizations have emerged to promote ethical conduct in the field of artificial intelligence. Good read!

Elixir is quite a flexible language, and it is possible to carry over many infrastructural patterns from other platforms like Ruby. However, by leaning on Erlang tooling, which predates many of the external infrastructural services that have become de-facto standards in modern web applications, we have the potential to boost performance and cut costs at the same time. By Eric Newbury.

Multi core concurrency platforms like the Erlang VM embrace an entirely different paradigm. The runtime boots up once on the host OS and reserves a pool of OS processes. It might not use all of them all the time—enabling the OS to prioritize other processes—but they are available to the Erlang VM whenever it needs to execute a parallel workload. From there, your application code can set up long-living BEAM processes (super lightweight abstractions that the BEAM can dynamically assign to its pool of OS processes to do work). With this paradigm, it is now feasible to run background work simultaneously with high throughput HTTP request handling.

The blog post goes on to elaborate on some of the common use cases of Redis in a tech stack and how we can use built-in services to do the same. In practice though, author has found one of the biggest barriers to letting go of Redis is the need for some kind of global state store so that your application code can horizontally scale up the number of nodes. Good read!

In this walkthrough, we are going to look at some of the Apache APISIX API Gateway built-in plugins for securing your Spring Boot REST APIs and demonstrate how to effectively use them. By Bobur Umurzokov.

APISIX API Gateway provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more.

The article reads about:

• Overview of API Security
• The API Gateway as a gatekeeper
• How does an APISIX gateway secure your APIs
• Clone the demo repository apisix-security-java-spring from GitHub
• Understand the structure of the project and docker-compose.yaml file
• Build a multi-container APISIX via Docker CLI
• Allow only whitelisted IP address access your API with IP restriction plugin in action
• Block direct access to some API resources with Uri-blocker plugin
• Make sure that only allowed users can request your API with Consumer restriction plugin

Blog post contains also conceptual knowledge about API Security, the important role of the API gateway in handling cross-cutting concerns, and how Apache APISIX can help you to simplify and accelerate the task of securing APIs. Code examples for containers is also included. Excellent read!

There are many different ways to provide styling for React components, such as importing plain CSS, using styled components, JS-in-CSS or CSS Modules. These all have various advantages and disadvantages. In this article I go through some considerations when using CSS Modules. Specifically I am interested in looking at this in a framework agnostic way. By Max Rohde.

To me, it seems CSS Modules provide the best solution overall for beginner to intermediate use. We can use the standard CSS syntax, which allows for effective copy and paste programming, and we can be assured of good client-side performance.

The article main parts:

• CSS modules basics
• CSS modules intelliSense
• Compile CSS modules
• CSS modules for server-side rendering (Node.js)
• CSS modules for client-side bundling

The easiest way to use CSS modules is to make us of the support provided in frameworks, such as Next.js or Create React App. However, there is a lot of implicit complexity in CSS modules that can lead to unexpected behaviour and bugs. Author tried to demonstrate that we can achieve anything we need with relatively few lines of code. The three libraries I provide are all very simple and consist of a single, short source file: node-css-require, esbuild-css-modules-server-plugin, esbuild-css-modules-client-plugin. Good read!

With the boom in cloud computing, new types of security threats have emerged. Confidential computing is a solution to the added IT security issues of working with the cloud. By Daniele Buono, James Bottomley, Hubertus Franke, Robert Senger.

With Confidential computing, a third type of data needs to be protected, called data in use. This means offering mechanisms to protect the physical memory (such as RAM) being used by a customer, so that no other tenants on that cloud have any way to access it. This is generally done by hardware mechanisms that provide protection to virtual machines (VMs). It can be done either by partitioning, where the CPU places hardware checks on the memory allocated to each VM and ensures these boundaries are not crossed, or with memory encryption, where the CPU automatically encrypts VM memory with different keys for different VMs. Some operations, like IBM Z Secure Execution, offer both.

Over the last decade, cloud computing has revolutionized the way the world computes. Many companies and organizations have moved from dedicated managed servers at properties they own to flexible solutions that can scale up or down based on the amount of power and storage they need at any given moment.

It’s our belief that confidential computing will become a ubiquitously adopted mechanism to strengthen security boundaries and enable increasingly sensitive workloads to be effectively deployed on public clouds. There are, however, considerable technology gaps that need to be addressed to get there. Some of the main questions that are still unanswered are things like figuring out how to attest to the trustworthiness of components inside secure enclaves, as well as the components that manage them. Good read!

As an adept at Functional Programming (FP), I feel at ease with expressing my data manipulation logic by chaining high order functions like map, filter, and sort operating on arrays and maps. Ballerina, being designed as a Data-Oriented programming language, supports this FP style of coding. By Yehonathan Sharvit.

The main points from the article:

• Ballerina has been designed as a Data-Oriented programming language and supports a functional programming coding style
• Expressing data manipulation logic with functions can be powerful
• Using arrow functions with type inference can make code compact and clear
• Ballerina query language is similar to SQL in the sense that a query expression is made up of clauses. Data manipulation expressed with Ballerina query language is easier to read in comparison with other functional programming expressions
• Ballerina “Table” data structure can be more effective than maps in representing indexed data collections

Ballerina query language is similar to SQL in the sense that a query expression is made up of clauses, like select, from, where, order by, join, etc… But, unlike in SQL, we are not limited to SQL operators to express our custom business logic: we are allowed to use any function inside our queries. Moreover, the Ballerina query language syntax makes it very convenient to manipulate data as it deals with records. Good read!