Computer software that provides services to software applications
POPULARITY
Wes talks with Peter Pistorius about RedwoodSDK, a new React framework built natively for Cloudflare. They dive into real-time React, server components, zero-cost infrastructure, and why RedwoodSDK empowers developers to ship faster with fewer tradeoffs and more control. Show Notes 00:00 Welcome to Syntax! 00:52 What is RedwoodSDK? 04:49 Choosing openness over abstraction 08:46 More setup, more control 12:20 Why RedwoodSDK only runs on Cloudflare 14:25 What the database setup looks like 16:15 Durable Objects explained – Ep 879: Fullstack Cloudflare 18:14 Middleware and request flow 23:14 No built-in client-side router? 24:07 Integrating routers with defineApp 26:04 React Server Components and real-time updates 29:53 What happened to RedwoodJS? 31:14 Why do opinionated frameworks struggle to catch on? 34:35 The problem with Lambdas 36:16 Cloudflare's JavaScript runtime compatibility 40:04 Brought to you by Sentry.io 41:44 The vision behind RedwoodSDK Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads
Gros épisode qui couvre un large spectre de sujets : Java, Scala, Micronaut, NodeJS, l'IA et la compétence des développeurs, le sampling dans les LLMs, les DTO, le vibe coding, les changements chez Broadcom et Red Hat ainsi que plusieurs nouvelles sur les licences open source. Enregistré le 7 mai 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-325.mp3 ou en vidéo sur YouTube. News Langages A l'occasion de JavaOne et du lancement de Java 24, Oracle lance un nouveau site avec des ressources vidéo pour apprendre le langage https://learn.java/ site plutôt à destination des débutants et des enseignants couvre la syntaxe aussi, y compris les ajouts plus récents comme les records ou le pattern matching c'est pas le site le plus trendy du monde. Martin Odersky partage un long article sur l'état de l'écosystème Scala et les évolutions du language https://www.scala-lang.org/blog/2025/03/24/evolving-scala.html Stabilité et besoin d'évolution : Scala maintient sa position (~14ème mondial) avec des bases techniques solides, mais doit évoluer face à la concurrence pour rester pertinent. Axes prioritaires : L'évolution se concentre sur l'amélioration du duo sécurité/convivialité, le polissage du langage (suppression des “rugosités”) et la simplification pour les débutants. Innovation continue : Geler les fonctionnalités est exclu ; l'innovation est clé pour la valeur de Scala. Le langage doit rester généraliste et ne pas se lier à un framework spécifique. Défis et progrès : L'outillage (IDE, outils de build comme sbt, scala-cli, Mill) et la facilité d'apprentissage de l'écosystème sont des points d'attention, avec des améliorations en cours (partenariat pédagogique, plateformes simples). Des strings encore plus rapides ! https://inside.java/2025/05/01/strings-just-got-faster/ Dans JDK 25, la performance de la fonction String::hashCode a été améliorée pour être principalement constant foldable. Cela signifie que si les chaînes de caractères sont utilisées comme clés dans une Map statique et immuable, des gains de performance significatifs sont probables. L'amélioration repose sur l'annotation interne @Stable appliquée au champ privé String.hash. Cette annotation permet à la machine virtuelle de lire la valeur du hash une seule fois et de la considérer comme constante si elle n'est pas la valeur par défaut (zéro). Par conséquent, l'opération String::hashCode peut être remplacée par la valeur de hash connue, optimisant ainsi les lookups dans les Map immuables. Un cas limite est celui où le code de hachage de la chaîne est zéro, auquel cas l'optimisation ne fonctionne pas (par exemple, pour la chaîne vide “”). Bien que l'annotation @Stable soit interne au JDK, un nouveau JEP (JEP 502: Stable Values (Preview)) est en cours de développement pour permettre aux utilisateurs de bénéficier indirectement de fonctionnalités similaires. AtomicHash, une implémentation Java d'une HashMap qui est thread-safe, atomique et non-bloquante https://github.com/arxila/atomichash implémenté sous forme de version immutable de Concurrent Hash Trie Librairies Sortie de Micronaut 4.8.0 https://micronaut.io/2025/04/01/micronaut-framework-4-8-0-released/ Mise à jour de la BOM (Bill of Materials) : La version 4.8.0 met à jour la BOM de la plateforme Micronaut. Améliorations de Micronaut Core : Intégration de Micronaut SourceGen pour la génération interne de métadonnées et d'expressions bytecode. Nombreuses améliorations dans Micronaut SourceGen. Ajout du traçage de l'injection de dépendances pour faciliter le débogage au démarrage et à la création des beans. Nouveau membre definitionType dans l'annotation @Client pour faciliter le partage d'interfaces entre client et serveur. Support de la fusion dans les Bean Mappers via l'annotation @Mapping. Nouvelle liveness probe détectant les threads bloqués (deadlocked) via ThreadMXBean. Intégration Kubernetes améliorée : Mise à jour du client Java Kubernetes vers la version 22.0.1. Ajout du module Micronaut Kubernetes Client OpenAPI, offrant une alternative au client officiel avec moins de dépendances, une configuration unifiée, le support des filtres et la compatibilité Native Image. Introduction d'un nouveau runtime serveur basé sur le serveur HTTP intégré de Java, permettant de créer des applications sans dépendances serveur externes. Ajout dans Micronaut Micrometer d'un module pour instrumenter les sources de données (traces et métriques). Ajout de la condition condition dans l'annotation @MetricOptions pour contrôler l'activation des métriques via une expression. Support des Consul watches dans Micronaut Discovery Client pour détecter les changements de configuration distribuée. Possibilité de générer du code source à partir d'un schéma JSON via les plugins de build (Gradle et Maven). Web Node v24.0.0 passe en version Current: https://nodejs.org/en/blog/release/v24.0.0 Mise à jour du moteur V8 vers la version 13.6 : intégration de nouvelles fonctionnalités JavaScript telles que Float16Array, la gestion explicite des ressources (using), RegExp.escape, WebAssembly Memory64 et Error.isError. npm 11 inclus : améliorations en termes de performance, de sécurité et de compatibilité avec les packages JavaScript modernes. Changement de compilateur pour Windows : abandon de MSVC au profit de ClangCL pour la compilation de Node.js sur Windows. AsyncLocalStorage utilise désormais AsyncContextFrame par défaut : offrant une gestion plus efficace du contexte asynchrone. URLPattern disponible globalement : plus besoin d'importer explicitement cette API pour effectuer des correspondances d'URL. Améliorations du modèle de permissions : le flag expérimental --experimental-permission devient --permission, signalant une stabilité accrue de cette fonctionnalité. Améliorations du test runner : les sous-tests sont désormais attendus automatiquement, simplifiant l'écriture des tests et réduisant les erreurs liées aux promesses non gérées. Intégration d'Undici 7 : amélioration des capacités du client HTTP avec de meilleures performances et un support étendu des fonctionnalités HTTP modernes. Dépréciations et suppressions : Dépréciation de url.parse() au profit de l'API WHATWG URL. Suppression de tls.createSecurePair. Dépréciation de SlowBuffer. Dépréciation de l'instanciation de REPL sans new. Dépréciation de l'utilisation des classes Zlib sans new. Dépréciation du passage de args à spawn et execFile dans child_process. Node.js 24 est actuellement la version “Current” et deviendra une version LTS en octobre 2025. Il est recommandé de tester cette version pour évaluer son impact sur vos applications. Data et Intelligence Artificielle Apprendre à coder reste crucial et l'IA est là pour venir en aide : https://kyrylo.org/software/2025/03/27/learn-to-code-ignore-ai-then-use-ai-to-code-even-better.html Apprendre à coder reste essentiel malgré l'IA. L'IA peut assister la programmation. Une solide base est cruciale pour comprendre et contrôler le code. Cela permet d'éviter la dépendance à l'IA. Cela réduit le risque de remplacement par des outils d'IA accessibles à tous. L'IA est un outil, pas un substitut à la maîtrise des fondamentaux. Super article de Anthropic qui essaie de comprendre comment fonctionne la “pensée” des LLMs https://www.anthropic.com/research/tracing-thoughts-language-model Effet boîte noire : Stratégies internes des IA (Claude) opaques aux développeurs et utilisateurs. Objectif : Comprendre le “raisonnement” interne pour vérifier capacités et intentions. Méthode : Inspiration neurosciences, développement d'un “microscope IA” (regarder quels circuits neuronaux s'activent). Technique : Identification de concepts (“features”) et de “circuits” internes. Multilinguisme : Indice d'un “langage de pensée” conceptuel commun à toutes les langues avant de traduire dans une langue particulière. Planification : Capacité à anticiper (ex: rimes en poésie), pas seulement de la génération mot par mot (token par token). Raisonnement non fidèle : Peut fabriquer des arguments plausibles (“bullshitting”) pour une conclusion donnée. Logique multi-étapes : Combine des faits distincts, ne se contente pas de mémoriser. Hallucinations : Refus par défaut ; réponse si “connaissance” active, sinon risque d'hallucination si erreur. “Jailbreaks” : Tension entre cohérence grammaticale (pousse à continuer) et sécurité (devrait refuser). Bilan : Méthodes limitées mais prometteuses pour la transparence et la fiabilité de l'IA. Le “S” dans MCP veut dire Securité (ou pas !) https://elenacross7.medium.com/%EF%B8%8F-the-s-in-mcp-stands-for-security-91407b33ed6b La spécification MCP pour permettre aux LLMs d'avoir accès à divers outils et fonctions a peut-être été adoptée un peu rapidement, alors qu'elle n'était pas encore prête niveau sécurité L'article liste 4 types d'attaques possibles : vulnérabilité d'injection de commandes attaque d'empoisonnement d'outils redéfinition silencieuse de l'outil le shadowing d'outils inter-serveurs Pour l'instant, MCP n'est pas sécurisé : Pas de standard d'authentification Pas de chiffrement de contexte Pas de vérification d'intégrité des outils Basé sur l'article de InvariantLabs https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks Sortie Infinispan 15.2 - pre rolling upgrades 16.0 https://infinispan.org/blog/2025/03/27/infinispan-15-2 Support de Redis JSON + scripts Lua Métriques JVM désactivables Nouvelle console (PatternFly 6) Docs améliorées (métriques + logs) JDK 17 min, support JDK 24 Fin du serveur natif (performances) Guillaume montre comment développer un serveur MCP HTTP Server Sent Events avec l'implémentation de référence Java et LangChain4j https://glaforge.dev/posts/2025/04/04/mcp-client-and-server-with-java-mcp-sdk-and-langchain4j/ Développé en Java, avec l'implémentation de référence qui est aussi à la base de l'implémentation dans Spring Boot (mais indépendant de Spring) Le serveur MCP est exposé sous forme de servlet dans Jetty Le client MCP lui, est développé avec le module MCP de LangChain4j c'est semi independant de Spring dans le sens où c'est dépendant de Reactor et de ses interface. il y a une conversation sur le github d'anthropic pour trouver une solution, mais cela ne parait pas simple. Les fallacies derrière la citation “AI won't replace you, but humans using AI will” https://platforms.substack.com/cp/161356485 La fallacie de l'automatisation vs. l'augmentation : Elle se concentre sur l'amélioration des tâches existantes avec l'IA au lieu de considérer le changement de la valeur de ces tâches dans un nouveau système. La fallacie des gains de productivité : L'augmentation de la productivité ne se traduit pas toujours par plus de valeur pour les travailleurs, car la valeur créée peut être capturée ailleurs dans le système. La fallacie des emplois statiques : Les emplois sont des constructions organisationnelles qui peuvent être redéfinies par l'IA, rendant les rôles traditionnels obsolètes. La fallacie de la compétition “moi vs. quelqu'un utilisant l'IA” : La concurrence évolue lorsque l'IA modifie les contraintes fondamentales d'un secteur, rendant les compétences existantes moins pertinentes. La fallacie de la continuité du flux de travail : L'IA peut entraîner une réimagination complète des flux de travail, éliminant le besoin de certaines compétences. La fallacie des outils neutres : Les outils d'IA ne sont pas neutres et peuvent redistribuer le pouvoir organisationnel en changeant la façon dont les décisions sont prises et exécutées. La fallacie du salaire stable : Le maintien d'un emploi ne garantit pas un salaire stable, car la valeur du travail peut diminuer avec l'augmentation des capacités de l'IA. La fallacie de l'entreprise stable : L'intégration de l'IA nécessite une restructuration de l'entreprise et ne se fait pas dans un vide organisationnel. Comprendre le “sampling” dans les LLMs https://rentry.co/samplers Explique pourquoi les LLMs utilisent des tokens Les différentes méthodes de “sampling” : càd de choix de tokens Les hyperparamètres comme la température, top-p, et leur influence réciproque Les algorithmes de tokenisation comme Byte Pair Encoding et SentencePiece. Un de moins … OpenAI va racheter Windsurf pour 3 milliards de dollars. https://www.bloomberg.com/news/articles/2025-05-06/openai-reaches-agreement-to-buy-startup-windsurf-for-3-billion l'accord n'est pas encore finalisé Windsurf était valorisé à 1,25 milliards l'an dernier et OpenAI a levé 40 milliards dernièrement portant sa valeur à 300 milliards Le but pour OpenAI est de rentrer dans le monde des assistants de code pour lesquels ils sont aujourd'hui absent Docker desktop se met à l'IA… ? Une nouvelle fonctionnalité dans docker desktop 4.4 sur macos: Docker Model Runner https://dev.to/docker/run-genai-models-locally-with-docker-model-runner-5elb Permet de faire tourner des modèles nativement en local ( https://docs.docker.com/model-runner/ ) mais aussi des serveurs MCP ( https://docs.docker.com/ai/mcp-catalog-and-toolkit/ ) Outillage Jetbrains défend la suppression des commentaires négatifs sur son assistant IA https://devclass.com/2025/04/30/jetbrains-defends-removal-of-negative-reviews-for-unpopular-ai-assistant/?td=rt-3a L'IA Assistant de JetBrains, lancée en juillet 2023, a été téléchargée plus de 22 millions de fois mais n'est notée que 2,3 sur 5. Des utilisateurs ont remarqué que certaines critiques négatives étaient supprimées, ce qui a provoqué une réaction négative sur les réseaux sociaux. Un employé de JetBrains a expliqué que les critiques ont été supprimées soit parce qu'elles mentionnaient des problèmes déjà résolus, soit parce qu'elles violaient leur politique concernant les “grossièretés, etc.” L'entreprise a reconnu qu'elle aurait pu mieux gérer la situation, un représentant déclarant : “Supprimer plusieurs critiques d'un coup sans préavis semblait suspect. Nous aurions dû au moins publier un avis et fournir plus de détails aux auteurs.” Parmi les problèmes de l'IA Assistant signalés par les utilisateurs figurent : un support limité pour les fournisseurs de modèles tiers, une latence notable, des ralentissements fréquents, des fonctionnalités principales verrouillées aux services cloud de JetBrains, une expérience utilisateur incohérente et une documentation insuffisante. Une plainte courante est que l'IA Assistant s'installe sans permission. Un utilisateur sur Reddit l'a qualifié de “plugin agaçant qui s'auto-répare/se réinstalle comme un phénix”. JetBrains a récemment introduit un niveau gratuit et un nouvel agent IA appelé Junie, destiné à fonctionner parallèlement à l'IA Assistant, probablement en réponse à la concurrence entre fournisseurs. Mais il est plus char a faire tourner. La société s'est engagée à explorer de nouvelles approches pour traiter les mises à jour majeures différemment et envisage d'implémenter des critiques par version ou de marquer les critiques comme “Résolues” avec des liens vers les problèmes correspondants au lieu de les supprimer. Contrairement à des concurrents comme Microsoft, AWS ou Google, JetBrains commercialise uniquement des outils et services de développement et ne dispose pas d'une activité cloud distincte sur laquelle s'appuyer. Vos images de README et fichiers Markdown compatibles pour le dark mode de GitHub: https://github.blog/developer-skills/github/how-to-make-your-images-in-markdown-on-github-adjust-for-dark-mode-and-light-mode/ Seulement quelques lignes de pure HTML pour le faire Architecture Alors, les DTOs, c'est bien ou c'est pas bien ? https://codeopinion.com/dtos-mapping-the-good-the-bad-and-the-excessive/ Utilité des DTOs : Les DTOs servent à transférer des données entre les différentes couches d'une application, en mappant souvent les données entre différentes représentations (par exemple, entre la base de données et l'interface utilisateur). Surutilisation fréquente : L'article souligne que les DTOs sont souvent utilisés de manière excessive, notamment pour créer des API HTTP qui ne font que refléter les entités de la base de données, manquant ainsi l'opportunité de composer des données plus riches. Vraie valeur : La valeur réelle des DTOs réside dans la gestion du couplage entre les couches et la composition de données provenant de sources multiples en formes optimisées pour des cas d'utilisation spécifiques. Découplage : Il est suggéré d'utiliser les DTOs pour découpler les modèles de données internes des contrats externes (comme les API), ce qui permet une évolution et une gestion des versions indépendantes. Exemple avec CQRS : Dans le cadre de CQRS (Command Query Responsibility Segregation), les réponses aux requêtes (queries) agissent comme des DTOs spécifiquement adaptés aux besoins de l'interface utilisateur, pouvant inclure des données de diverses sources. Protection des données internes : Les DTOs aident à distinguer et protéger les modèles de données internes (privés) des changements externes (publics). Éviter l'excès : L'auteur met en garde contre les couches de mapping excessives (mapper un DTO vers un autre DTO) qui n'apportent pas de valeur ajoutée. Création ciblée : Il est conseillé de ne créer des DTOs que lorsqu'ils résolvent des problèmes concrets, tels que la gestion du couplage ou la facilitation de la composition de données. Méthodologies Même Guillaume se met au “vibe coding” https://glaforge.dev/posts/2025/05/02/vibe-coding-an-mcp-server-with-micronaut-and-gemini/ Selon Andrey Karpathy, c'est le fait de POC-er un proto, une appli jetable du weekend https://x.com/karpathy/status/1886192184808149383 Mais Simon Willison s'insurge que certains confondent coder avec l'assistance de l'IA avec le vibe coding https://simonwillison.net/2025/May/1/not-vibe-coding/ Guillaume c'est ici amusé à développer un serveur MCP avec Micronaut, en utilisant Gemini, l'IA de Google. Contrairement à Quarkus ou Spring Boot, Micronaut n'a pas encore de module ou de support spécifique pour faciliter la création de serveur MCP Sécurité Une faille de sécurité 10/10 sur Tomcat https://www.it-connect.fr/apache-tomcat-cette-faille-activement-exploitee-seulement-30-heures-apres-sa-divulgation-patchez/ Une faille de sécurité critique (CVE-2025-24813) affecte Apache Tomcat, permettant l'exécution de code à distance Cette vulnérabilité est activement exploitée seulement 30 heures après sa divulgation du 10 mars 2025 L'attaque ne nécessite aucune authentification et est particulièrement simple à exécuter Elle utilise une requête PUT avec une charge utile Java sérialisée encodée en base64, suivie d'une requête GET L'encodage en base64 permet de contourner la plupart des filtres de sécurité Les serveurs vulnérables utilisent un stockage de session basé sur des fichiers (configuration répandue) Les versions affectées sont : 11.0.0-M1 à 11.0.2, 10.1.0-M1 à 10.1.34, et 9.0.0.M1 à 9.0.98 Les mises à jour recommandées sont : 11.0.3+, 10.1.35+ et 9.0.99+ Les experts prévoient des attaques plus sophistiquées dans les prochaines phases d'exploitation (upload de config ou jsp) Sécurisation d'un serveur ssh https://ittavern.com/ssh-server-hardening/ un article qui liste les configurations clés pour sécuriser un serveur SSH par exemple, enlever password authentigfication, changer de port, desactiver le login root, forcer le protocol ssh 2, certains que je ne connaissais pas comme MaxStartups qui limite le nombre de connections non authentifiées concurrentes Port knocking est une technique utile mais demande une approche cliente consciente du protocol Oracle admet que les identités IAM de ses clients ont leaké https://www.theregister.com/2025/04/08/oracle_cloud_compromised/ Oracle a confirmé à certains clients que son cloud public a été compromis, alors que l'entreprise avait précédemment nié toute intrusion. Un pirate informatique a revendiqué avoir piraté deux serveurs d'authentification d'Oracle et volé environ six millions d'enregistrements, incluant des clés de sécurité privées, des identifiants chiffrés et des entrées LDAP. La faille exploitée serait la vulnérabilité CVE-2021-35587 dans Oracle Access Manager, qu'Oracle n'avait pas corrigée sur ses propres systèmes. Le pirate a créé un fichier texte début mars sur login.us2.oraclecloud.com contenant son adresse email pour prouver son accès. Selon Oracle, un ancien serveur contenant des données vieilles de huit ans aurait été compromis, mais un client affirme que des données de connexion aussi récentes que 2024 ont été dérobées. Oracle fait face à un procès au Texas concernant cette violation de données. Cette intrusion est distincte d'une autre attaque contre Oracle Health, sur laquelle l'entreprise refuse de commenter. Oracle pourrait faire face à des sanctions sous le RGPD européen qui exige la notification des parties affectées dans les 72 heures suivant la découverte d'une fuite de données. Le comportement d'Oracle consistant à nier puis à admettre discrètement l'intrusion est inhabituel en 2025 et pourrait mener à d'autres actions en justice collectives. Une GitHub action très populaire compromise https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised Compromission de l'action tj-actions/changed-files : En mars 2025, une action GitHub très utilisée (tj-actions/changed-files) a été compromise. Des versions modifiées de l'action ont exposé des secrets CI/CD dans les logs de build. Méthode d'attaque : Un PAT compromis a permis de rediriger plusieurs tags de version vers un commit contenant du code malveillant. Détails du code malveillant : Le code injecté exécutait une fonction Node.js encodée en base64, qui téléchargeait un script Python. Ce script parcourait la mémoire du runner GitHub à la recherche de secrets (tokens, clés…) et les exposait dans les logs. Dans certains cas, les données étaient aussi envoyées via une requête réseau. Période d'exposition : Les versions compromises étaient actives entre le 12 et le 15 mars 2025. Tout dépôt, particulièrement ceux publiques, ayant utilisé l'action pendant cette période doit être considéré comme potentiellement exposé. Détection : L'activité malveillante a été repérée par l'analyse des comportements inhabituels pendant l'exécution des workflows, comme des connexions réseau inattendues. Réaction : GitHub a supprimé l'action compromise, qui a ensuite été nettoyée. Impact potentiel : Tous les secrets apparaissant dans les logs doivent être considérés comme compromis, même dans les dépôts privés, et régénérés sans délai. Loi, société et organisation Les startup the YCombinateur ont les plus fortes croissances de leur histoire https://www.cnbc.com/2025/03/15/y-combinator-startups-are-fastest-growing-in-fund-history-because-of-ai.html Les entreprises en phase de démarrage à Silicon Valley connaissent une croissance significative grâce à l'intelligence artificielle. Le PDG de Y Combinator, Garry Tan, affirme que l'ensemble des startups de la dernière cohorte a connu une croissance hebdomadaire de 10% pendant neuf mois. L'IA permet aux développeurs d'automatiser des tâches répétitives et de générer du code grâce aux grands modèles de langage. Pour environ 25% des startups actuelles de YC, 95% de leur code a été écrit par l'IA. Cette révolution permet aux entreprises de se développer avec moins de personnel - certaines atteignant 10 millions de dollars de revenus avec moins de 10 employés. La mentalité de “croissance à tout prix” a été remplacée par un renouveau d'intérêt pour la rentabilité. Environ 80% des entreprises présentées lors du “demo day” étaient centrées sur l'IA, avec quelques startups en robotique et semi-conducteurs. Y Combinator investit 500 000 dollars dans les startups en échange d'une participation au capital, suivi d'un programme de trois mois. Red Hat middleware (ex-jboss) rejoint IBM https://markclittle.blogspot.com/2025/03/red-hat-middleware-moving-to-ibm.html Les activités Middleware de Red Hat (incluant JBoss, Quarkus, etc.) vont être transférées vers IBM, dans l'unité dédiée à la sécurité des données, à l'IAM et aux runtimes. Ce changement découle d'une décision stratégique de Red Hat de se concentrer davantage sur le cloud hybride et l'intelligence artificielle. Mark Little explique que ce transfert était devenu inévitable, Red Hat ayant réduit ses investissements dans le Middleware ces dernières années. L'intégration vise à renforcer l'innovation autour de Java en réunissant les efforts de Red Hat et IBM sur ce sujet. Les produits Middleware resteront open source et les clients continueront à bénéficier du support habituel sans changement. Mark Little affirme que des projets comme Quarkus continueront à être soutenus et que cette évolution est bénéfique pour la communauté Java. Un an de commonhaus https://www.commonhaus.org/activity/253.html un an, démarré sur les communautés qu'ils connaissaient bien maintenant 14 projets et put en accepter plus confiance, gouvernance legère et proteger le futur des projets automatisation de l'administratif, stabiilité sans complexité, les developpeurs au centre du processus de décision ils ont besoins de members et supporters (financiers) ils veulent accueillir des projets au delà de ceux du cercles des Java Champions Spring Cloud Data Flow devient un produit commercial et ne sera plus maintenu en open source https://spring.io/blog/2025/04/21/spring-cloud-data-flow-commercial Peut-être sous l'influence de Broadcom, Spring se met à mettre en mode propriétaire des composants du portefeuille Spring ils disent que peu de gens l'utilisaent en mode OSS et la majorité venait d'un usage dans la plateforme Tanzu Maintenir en open source le coutent du temps qu'ils son't pas sur ces projets. La CNCF protège le projet NATS, dans la fondation depuis 2018, vu que la société Synadia qui y contribue souhaitait reprendre le contrôle du projet https://www.cncf.io/blog/2025/04/24/protecting-nats-and-the-integrity-of-open-source-cncfs-commitment-to-the-community/ CNCF : Protège projets OS, gouvernance neutre. Synadia vs CNCF : Veut retirer NATS, licence non-OS (BUSL). CNCF : Accuse Synadia de “claw back” (reprise illégitime). Revendications Synadia : Domaine nats.io, orga GitHub. Marque NATS : Synadia n'a pas transféré (promesse rompue malgré aide CNCF). Contestation Synadia : Juge règles CNCF “trop vagues”. Vote interne : Mainteneurs Synadia votent sortie CNCF (sans communauté). Support CNCF : Investissement majeur ($ audits, légal), succès communautaire (>700 orgs). Avenir NATS (CNCF) : Maintien sous Apache 2.0, gouvernance ouverte. Actions CNCF : Health check, appel mainteneurs, annulation marque Synadia, rejet demandes. Mais finalement il semble y avoir un bon dénouement : https://www.cncf.io/announcements/2025/05/01/cncf-and-synadia-align-on-securing-the-future-of-the-nats-io-project/ Accord pour l'avenir de NATS.io : La Cloud Native Computing Foundation (CNCF) et Synadia ont conclu un accord pour sécuriser le futur du projet NATS.io. Transfert des marques NATS : Synadia va céder ses deux enregistrements de marque NATS à la Linux Foundation afin de renforcer la gouvernance ouverte du projet. Maintien au sein de la CNCF : L'infrastructure et les actifs du projet NATS resteront sous l'égide de la CNCF, garantissant ainsi sa stabilité à long terme et son développement en open source sous licence Apache-2.0. Reconnaissance et engagement : La Linux Foundation, par la voix de Todd Moore, reconnaît les contributions de Synadia et son soutien continu. Derek Collison, PDG de Synadia, réaffirme l'engagement de son entreprise envers NATS et la collaboration avec la Linux Foundation et la CNCF. Adoption et soutien communautaire : NATS est largement adopté et considéré comme une infrastructure critique. Il bénéficie d'un fort soutien de la communauté pour sa nature open source et l'implication continue de Synadia. Finalement, Redis revient vers une licence open source OSI, avec la AGPL https://foojay.io/today/redis-is-now-available-under-the-agplv3-open-source-license/ Redis passe à la licence open source AGPLv3 pour contrer l'exploitation par les fournisseurs cloud sans contribution. Le passage précédent à la licence SSPL avait nui à la relation avec la communauté open source. Salvatore Sanfilippo (antirez) est revenu chez Redis. Redis 8 adopte la licence AGPL, intègre les fonctionnalités de Redis Stack (JSON, Time Series, etc.) et introduit les “vector sets” (le support de calcul vectoriel développé par Salvatore). Ces changements visent à renforcer Redis en tant que plateforme appréciée des développeurs, conformément à la vision initiale de Salvatore. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2025 : GOSIM AI Paris - Paris (France) 7-9 mai 2025 : Devoxx UK - London (UK) 15 mai 2025 : Cloud Toulouse - Toulouse (France) 16 mai 2025 : AFUP Day 2025 Lille - Lille (France) 16 mai 2025 : AFUP Day 2025 Lyon - Lyon (France) 16 mai 2025 : AFUP Day 2025 Poitiers - Poitiers (France) 22-23 mai 2025 : Flupa UX Days 2025 - Paris (France) 24 mai 2025 : Polycloud - Montpellier (France) 24 mai 2025 : NG Baguette Conf 2025 - Nantes (France) 3 juin 2025 : TechReady - Nantes (France) 5-6 juin 2025 : AlpesCraft - Grenoble (France) 5-6 juin 2025 : Devquest 2025 - Niort (France) 10-11 juin 2025 : Modern Workplace Conference Paris 2025 - Paris (France) 11-13 juin 2025 : Devoxx Poland - Krakow (Poland) 12 juin 2025 : Positive Design Days - Strasbourg (France) 12-13 juin 2025 : Agile Tour Toulouse - Toulouse (France) 12-13 juin 2025 : DevLille - Lille (France) 13 juin 2025 : Tech F'Est 2025 - Nancy (France) 17 juin 2025 : Mobilis In Mobile - Nantes (France) 19-21 juin 2025 : Drupal Barcamp Perpignan 2025 - Perpignan (France) 24 juin 2025 : WAX 2025 - Aix-en-Provence (France) 25-26 juin 2025 : Agi'Lille 2025 - Lille (France) 25-27 juin 2025 : BreizhCamp 2025 - Rennes (France) 26-27 juin 2025 : Sunny Tech - Montpellier (France) 1-4 juillet 2025 : Open edX Conference - 2025 - Palaiseau (France) 7-9 juillet 2025 : Riviera DEV 2025 - Sophia Antipolis (France) 5 septembre 2025 : JUG Summer Camp 2025 - La Rochelle (France) 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : Devfest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 28-31 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/
Lex chats with Jamie Burke - founder of Outlier Ventures, about the current state and future of Web3, decentralized finance, and the metaverse. Jamie highlights Outlier Ventures' impressive growth, with a portfolio of around 400 startups, and discusses successful projects like IOTA and Fetch.ai. The conversation delves into the open metaverse, emphasizing the importance of infrastructure and middleware in blending physical and digital realities. Jamie also explores the transformative role of AI in the metaverse and offers practical advice for entrepreneurs navigating this rapidly evolving landscape. Notable discussion points: 1.The “Post-Web” Is an Intent-Led Internet: Jamie Burke outlines a shift from today's attention-based web to an intent-driven internet, powered by AI agents, Web3 infrastructure, and DePIN. In this model, agents act on user intent, radically streamlining interactions and replacing much of today's web interface. 2. Web3 Will Be Run by Machines, Not People: Burke predicts that autonomous agents—not humans—will become the primary users of blockchains, making crypto “machine money.” As a result, products, brands, and processes matter less, while incentive systems and on-chain automation take center stage. 3. Founders Must Embrace Systems Thinking: In the Post-Web era, survival depends on designing self-optimizing systems, not just building products. Burke stresses that token engineering, incentive design, and value flow mapping will define the next generation of durable startups. MENTIONED IN THE CONVERSATION Topics: Web3, decentralized finance, metaverse, Open metaverse, Post web, Outlier Ventures, IOTA, Fetch.ai, accelerator program, AI, artificial intelligence, Agentic AI, agents, Web3, post-web, digital economy, blockchain technology ABOUT THE FINTECH BLUEPRINT
Pat Wadors, CHRO at Intuitive, joined us on The Modern People Leader. We talked about how to find and amplify the golden nuggets of your culture, the three layers of a great employee experience, why you need to “touch the elephant”, and what kids' stories can teach us about leadership.----
HR teams have more data than ever, but many still rely on guesswork when it comes to people decisions. In this episode, we unpack the rapid growth of the people analytics tech market, which ballooned from $1.7B in 2019 to $8.1B by last summer.Hosts Dani Johnson, Stacia Garr, and Priyanka Mehrotra walk through how this market has evolved, what's driving investment, and why the demand for better-connected, more useful insights keeps rising.We also dig into what's not working, like customer frustration, disappointing ROI, and the reality that AI in these tools often overpromises and underdelivers. Whether you're brand new to people analytics or looking to uplevel your HR tech strategy, this episode will help you move from “hoping for the best” to truly leading with insight. You will want to hear this episode if you are interested in...(0:00) Setting the stage: Why people analytics tech is worth revisiting.(4:31) The market's growth from $1.7B to $8.1B, and what's fueling it.(8:31) Three big shifts: use cases, democratization, and ethics.(13:40) Pandemic-driven surge: Why execs finally cared about people data.(14:57) What vendors are getting right: Partnerships and practical AI.(23:25) Where vendors are falling short: UX, ROI, and unmet promises.(29:30) The near-term future: Middleware, consolidation, and embedded insights.(36:00) AI expectations vs. reality: Trust, risk, and what vendors still miss.Resources & People MentionedVisier – https://www.visier.comCulture Amp – https://www.cultureamp.comOne Model – https://www.onemodel.coConnect with Dani, Stacia, and PriyankaDani JohnsonStacia GarrPriyanka Mehrotra on LinkedInConnect With Red Thread ResearchWebsite: Red Thread ResearchOn LinkedInOn FacebookOn TwitterSubscribe to WORKPLACE STORIES
www.iotusecase.com#IT-OT-Integration #IIoT-Konzept #SERVICE-Plattform-Architektur #MASCHINENBAUIn der 164. Episode des IoT Use Case Podcasts spricht Gastgeberin Ing. Madeleine Mickeleit mit André Hoettgen, Gruppenleiter Enterprise bei der Paul Horn GmbH, und Sarah Blomeier, IT-Salesmanagerin beim Integrationsspezialisten soffico, über skalierbare Digitalisierung in der Fertigung.Ausgezeichnet mit dem VDMA Award, setzt Paul Horn auf ein zukunftsweisendes IoT- und Servicekonzept. Im Zentrum steht die Middleware Orchestra von soffico, die IT- und OT-Systeme intelligent vernetzt.Die Folge gibt Einblicke in die technische Umsetzung gewachsener Systemlandschaften, den Aufbau standardisierter Architekturen sowie Use Cases wie die digitalisierte Werkzeug-Instandsetzung. Zudem geht es um Make-or-Buy-Entscheidungen und den Einsatz von KI für smarte Datenmappings.Podcast ZusammenfassungIn dieser Episode dreht sich alles um die Integration von IT- und OT-Daten in der Fertigungsindustrie – am Beispiel der Paul Horn GmbH, die für ihr innovatives IoT- und Servicekonzept mit dem VDMA Award ausgezeichnet wurde.Es wird aufgezeigt, wie es gelingt, gewachsene Systemlandschaften effizient zu vernetzen, Silos aufzubrechen und datenbasierte Entscheidungen möglich zu machen – ohne den gesamten Maschinenpark zu ersetzen.Ein zentraler Erfolgsfaktor ist die Middleware Orchestra von soffico, die als Datendrehscheibe fungiert. Sie verbindet IT-Systeme wie SAP oder CAD mit OT-Komponenten via OPC UA – und bildet so das Rückgrat einer modernen, serviceorientierten IT-Architektur.Die Folge liefert spannende Insights:Warum Konnektivität keine Einmallösung, sondern ein strategischer Asset istWie Paul Horn Standards setzt, um Skalierbarkeit sicherzustellenWie konkrete Use Cases (z. B. digitalisierte Werkzeug-Retouren im Service) zur Effizienzsteigerung beitragenWieso eine Make-or-Buy-Entscheidung zugunsten eines starken Partners oft nachhaltiger istUnd: Welche Rolle KI-gestützte Datenmappings in Zukunft spielen werdenEine Folge für alle, die Digitalisierung skalierbar und strategisch denken – mit Best Practices direkt aus der Fertigung.-----Relevante Folgenlinks:Madeleine (https://www.linkedin.com/in/madeleine-mickeleit/)Sarah (https://www.linkedin.com/in/sarahblomeier/)André (https://www.linkedin.com/in/ahoettgen/)soffico Website (https://soffico.de/)HORN Technologietage 2025 (https://www.horn-technologietage.de/)Community-Anmeldung (https://iotusecase.com/de/community/)Jetzt IoT Use Case auf LinkedIn folgen
Episode 118: In this episode of Critical Thinking - Bug Bounty Podcast we cover a host of news, including clientside tidbits, “Credentialless” iframes, prototype pollution, and what constitutes a polyglot in llms.txt.Follow us on XShoutout to YTCracker for the awesome intro music!====== Links ======Follow Rhynorater and Rez0 on X====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!You can also find some hacker swag!====== Resources ======p4fg passed 1 Million!/reports/:id.json - $25K CritHacking Crypto pt1The art of payload obfuscationAnalyzing the Next.js Middleware BypassNahamsec's Merch storellms.txt polyglot prompt injectionReact Router and the Remix'ed pathPre-Authentication SQL Injection in Halo ITSMPwning Millions of Smart Weighing MachinesMCP Server OauthCline“Credentialless” iframesTiny XSS PayloadsTypes of Pollution====== Timestamps ======(00:00:00) Introduction(00:05:56) Next.js Middleware bypass & Polyglots in llms.txt(00:16:35) CPDoS on React Router(00:24:26) Loose Types Sink Ships & Pwning Smart Scales(00:32:30) MCP Server Oauth & Cline(00:39:40) Clientside Tidbits & Prototype Pollutions
BlueSky was once a research initiative within Jack Dorsey's Twitter aimed at decentralizing the architecture or the platform social media writ large. Today, BlueSky is an independent platform with remarkable momentum. Following Elon Musk's acquisition of Twitter and subsequent policy shifts, BlueSky has experienced unprecedented growth, expanding from 3 million to 30 million users since February 2024.That “X-odus” of frustrated progressives to BlueSky has perhaps inadvertently shaped public perception of it as "Lib Twitter"—a characterization reinforced by its prominent progressive voices and more restrictive community moderation tools. However, this political framing obscures BlueSky's fundamental innovation: the AT Protocol, which reimagines social media as a decentralized ecosystem rather than a platform controlled by a master algorithm ruled by a CEO.Unlike conventional social networks, BlueSky's architectural philosophy challenges the centralized control model by introducing a "marketplace of algorithms" where users select or create their own content curation systems. Imagine a feed that skews left, one that skews right, or one that avoids politics altogether.This "algorithmic choice" approach could represent the biggest challenge yet to the centralized engagement machines that have dominated—and arguably degraded—our digital discourse. But can Bluesky outgrow its political bubbles and fulfill its techno-utopian promise? Or will it remain just another partisan bunker in our increasingly fragmented online world?Evan and Luke are joined by Jay Graber, CEO of Bluesky.
Luca Casanato, member of the Deno core team, delves into the intricacies of debugging applications using Deno and OpenTelemetry. Discover how Deno's native integration with OpenTelemetry enhances application performance monitoring, simplifies instrumentation compared to Node.js, and unlocks new insights for developers! Links https://lcas.dev https://x.com/lcasdev https://github.com/lucacasonato https://mastodon.social/@lcasdev https://www.linkedin.com/in/luca-casonato-15946b156 We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Luca Casonato.
Seth and Ken are back with an episode dedicated to a review of the recent Next.js middleware vulnerability and how that impacts application security both specifically and in general. Over-dependence on third party software accompanied by agile development can lead to devastating results when security flaws are identified. A followup and demo of using LLMs to analyze HTTP sessions for user enumeration flaws as a sneak peak of an upcoming talk by Seth for BSidesSLC.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw https://www.runzero.com/blog/next-js/ Microsoft Trust Signing Service Abused Attackers abut the Microsoft Trust Signing Service, a service meant to help developers create signed software, to obtain short lived signatures for malware. https://www.bleepingcomputer.com/news/security/microsoft-trust-signing-service-abused-to-code-sign-malware/
On this podcast, we regularly engage with questions about redesigning social media networks to make them more democratic, pluralist, and prosocial. One hypothesis people have about how to do that is through the decentralization of platforms and the introduction of middleware—tools built to give users more control over their social media experience and, thus, more autonomy in how they engage in public discourse. In this episode, you'll hear a discussion with one entrepreneur building middleware for Bluesky: Rudy Fraser, the founder of Blacksky Algorithms and a fellow at the Berkman Klein Center for Internet & Society at Harvard University.
Mark Zuckerberg sent shockwaves around the world when Meta announced the end of its fact-checking program in the U.S. on its platforms Facebook, Instagram, and Threads. Critics lamented the potential for more mis/disinformation online while proponents (especially conservatives) rejoiced, as they saw the decision as a rollback of political censorship and viewpoint discrimination. Beneath the hot takes lie bigger questions around who should control what we see online. Should critical decisions around content moderation that affect billions of users be left to the whims of Big Tech CEOs? If not, is government intervention any better—and could it even clear First Amendment hurdles? What if there is a third option between CEO decrees and government intrusion?Enter middleware: third-party software that sits between users and platforms, potentially offering a "third way" beyond what otherwise appears as a binary choice between. Middleware holds the potential to enable users to select different forms of curation on social media by third-parties—anyone from your local church to news outlets to political organizations. Could this technology put power back in the hands of users while addressing concerns about bias, misinformation, harassment, hate speech, and polarization?Joining us are Luke Hogg, Director of Technology Policy at FAI, and Renee DiResta, Georgetown University professor and author of "Invisible Rulers: The People Who Turned Lies Into Reality." They break down their new paper, “Shaping the Future of Social Media with Middleware,” on and explore whether this emerging technology could reshape our social media landscape for the better.
Internet scholar and activist Ethan Zuckerman is horrified by the American ban on TikTok. As a self-described “progressive” with a long and distinguished career advocating for internet freedom, Zuckerman expresses alarm at how the U.S. has moved from defending unfettered access to information in the 1960s to now being willing to ban popular Chinese platforms like TikTok and perhaps even DeepSeek. He suggests the ban stems from the anti-China hysteria and exaggerated fears about social media's impact on young people fueled by paranoid critics like Jonathan Haidt. If this trend toward online censorship continues, Zuckerman warns, America will become indistinguishable from other authoritarian states in its disdain for digital freedom. Here are the 5 KEEN ON takeaways from the interview with Zuckerman:* The TikTok ban represents a dramatic shift in American values - Zuckerman points out that the US has moved from defending unfettered access to information (even Communist propaganda) in 1965 to now being willing to ban popular platforms. He sees this as contradicting core First Amendment principles.* Anti-China sentiment and social media fears are driving policy - The push to ban TikTok stems from a combination of paranoia about Chinese influence and exaggerated concerns about social media's effects on youth. Zuckerman argues there's little evidence supporting claims of Chinese manipulation or widespread social media harm.* Young people view the TikTok ban as evidence of institutional disconnect - Students see the ban as proof that lawmakers don't understand modern technology or youth culture. Their response of moving to other Chinese platforms demonstrates their cynicism toward government actions.* Social media platforms have become too powerful to easily abandon - Despite disagreeing with the politics of platforms like Facebook and X, users remain because of network effects. Zuckerman himself confesses to still using these platforms to maintain connections, even while advocating for alternatives.* "Middleware" could offer a solution - Rather than banning platforms or creating new ones, Zuckerman (like Frank Fukuyama) advocates for tools that let users modify how they interact with existing platforms. However, he warns, major platforms like Meta actively resist these efforts through legal threats and technical barriers.Ethan Zuckerman is an associate professor of public policy, communication, and information, as well as director of the UMass Initiative for Digital Public Infrastructure, focused on reimagining the Internet as a tool for civic engagement. His research focuses on civic media, online community governance, digital public infrastructure, quantitative studies of media attention, technology, and social change. Before coming to UMass, Zuckerman was at MIT, where he served as director of the Center for Civic Media and as associate professor of practice in media arts and sciences at the MIT Media Lab. His research focuses on the use of media as a tool for social change, the role of technology in international development, and the use of new media technologies by activists. The author of Rewire: Digital Cosmopolitans in the Age of Connection, he will publish a new book, Mistrust: Why Losing Faith in Institutions Provides the Tools to Transform Them (W.W. Norton), in early 2021. In 2005, Zuckerman cofounded Global Voices, which showcases news and opinions from citizen media in more than 150 nations and 30 languages. Through Global Voices, and as a researcher and fellow for eight years at the Berkman Klein Center for Internet and Society at Harvard University, Zuckerman has led efforts to promote freedom of expression and fight censorship in online spaces. In 1999, Zuckerman founded Geekcorps, an international, nonprofit, volunteer organization that sent IT specialists to work on projects in developing nations, with a focus on West Africa. Previously, he helped found Tripod.com, one of the web's first "personal publishing" sites. In addition to authoring numerous academic articles, Zuckerman is a frequent contributor to media outlets such as The Atlantic, Wired, and CNN. He received his bachelor's degree from Williams College and, as a Fulbright scholar, studied at the University of Ghana at Legon.Named as one of the "100 most connected men" by GQ magazine, Andrew Keen is amongst the world's best known broadcasters and commentators. In addition to presenting the daily KEEN ON show, he is the host of the long-running How To Fix Democracy interview series. He is also the author of four prescient books about digital technology: CULT OF THE AMATEUR, DIGITAL VERTIGO, THE INTERNET IS NOT THE ANSWER and HOW TO FIX THE FUTURE. Andrew lives in San Francisco, is married to Cassandra Knight, Google's VP of Litigation & Discovery, and has two grown children.Keen On is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit keenon.substack.com/subscribe
Brooks Lybrand discusses the transformation of React Router from a simple routing library to a powerful framework option for React applications. Learn about React Router 7's new framework mode, upcoming middleware support, and the team's innovative approach to React Server Components. Brooks explains how the Remix team is working to bring proven patterns and web standards to the broader React community while building a foundation for future web development that leverages native web APIs.Chapter Marks0:00 - Intro0:37 - Guest Introduction & SNL Jacket Discussion1:12 - The Remix "Nap" Announcement3:25 - Understanding React Router's Evolution7:51 - React Router Framework Mode10:21 - Middleware Support Plans15:42 - React Server Components Integration19:14 - Server-Side Capabilities & RSC Benefits24:17 - Team Size and Structure25:13 - Remix Brand & Future Direction30:19 - Future of Web APIs32:03 - Austin Remix Meetup Discussion34:54 - Community Engagement and Open Source36:19 - Picks and Plugs LinksPeople & Profiles:Brooks Lybrand's social profilesTwitterBlueSkyMichael ChanJames PerkinsRyan FlorenceEvan Bacon (mentioned for RSC mobile demo)Tools & Projects:React Router 7Remix RunRemix DiscordVite 6Cursor AI (mentioned in Amy's pick)The dev.to article about Cursor settings that Amy referencedElgato XLR Deck (Brad's pick)OXO Silicon Measuring Cup (Amy's pick)Events & Communities:Epic Web Conf (March 2024, where Brooks will be speaking)React Miami (April 2024, where Brooks will be speaking)Remix Austin MeetupTechnical Resources:React Server Components documentationRemix Project RoadmapVite's Environment API documentationBooks:The Three-Body Problem book series (Brooks' pick)Additional Resources:Netflix's Three-Body Problem show (mentioned in relation to Brooks' pick)
L-R: Biju Suresh-Babu, Head of Banking & Financial Services, Fiorano; Akhil Rao, Managing Director, Nth ExceptionMost financial institutions are working on their ISO 20022 migration plans with some in advanced stages and already adopting the new rules for specific use cases. Others are still assessing their needs, but time is pressing. Structured data is not just a technical requirement but also a regulatory one. Robin Amlôt of IBS Intelligence discusses the progress on CBPR+ migration with Biju Suresh-Babu of Fiorano and Akhil Rao of Nth Exception.
In this episode of Category Visionaries, we explore PolyAPI's journey to revolutionize enterprise middleware. As a category maker in the integration space, PolyAPI is challenging traditional low-code/no-code approaches by enabling developers to build robust enterprise integrations using native programming languages. Through conversations with Darko Vukovic, we learn how his deep industry experience and strategic focus on developer-first principles are reshaping how enterprises approach connectivity and integration challenges. Topics Discussed: The evolution from enterprise integration platforms to native code development Building credibility in enterprise sales through transparency and documentation Creating a new market category between iPaaS and application development Strategic fundraising approaches for deep tech startups Future vision for AI-powered enterprise connectivity GTM Lessons For B2B Founders: Build credibility through transparency: Rather than hiding their product behind NDAs, PolyAPI published detailed demos and documentation early. Darko explained, "We think that our domain and our product set is just so hard to copy and replicate... so we were never worried about competitors catching wind of what we're doing." This transparency helped enterprise buyers see that PolyAPI wasn't vaporware. Target technical decision makers with depth: PolyAPI succeeded by focusing on enterprises that had already rejected low-code platforms and were building in-house solutions. This created a clear target market of sophisticated buyers who understood the limitations of existing solutions and were willing to adopt a new approach. Start marketing through 1:1 engagement: Instead of broad marketing campaigns, PolyAPI began with individual conversations to gather feedback, find alpha testers, and evolve into beta testing. This grassroots approach helped them refine their product and messaging before scaling up marketing efforts. Find investors who deeply understand your space: Out of 20 initial VC conversations, 19 passed, but Ross Mason (Mulesoft founder) immediately invested. Darko noted, "That kind of signal is really important because the one person who deeply understands the space was super excited to invest." This validated their approach and provided valuable strategic guidance. Build relationships with VCs continuously: Even six months after their latest round, PolyAPI is already preparing for Series A by maintaining relationships with 20+ VCs and working toward clear metrics. This ongoing engagement creates leverage for future fundraising by demonstrating consistent progress. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co
In dieser Episode spricht Host Florian Vette mit John Feldheim, Teamlead Marketplaces bei EMP Merchandising. John teilt spannende Einblicke die Marktplatzstrategie von EMP, einem führenden Anbieter von Rock-, Metal- und Entertainment-Merchandise sowie alternativer Streetwear. Im Gespräch geht es um die Geschichte von EMP, die hohe Markenbekanntheit und das Geschäftsmodell hinter dem Verkauf von zum Beispiel ACDC & Disney Merch. Mit über 32.000 Artikeln im Sortiment setzt EMP auf umfangreiche Automatisierung, um die vielfältigen Produktdaten effizient zu verwalten. Wie gelingt es EMP, diese Komplexität zu managen? Welche Rolle spielen dabei Middleware & Tools und wie optimiert das Team den Content für verschiedene Marktplätze? John verrät zudem, wie EMP von Eigenmarken wie Black Premium, Rock Rebel oder Gothicana profitiert und welche Rolle die Online Marktplätze für den Gesamtumsatz des Unternehmens spielen. Außerdem spricht John über die Herausforderungen und Chancen bei der Skalierung des Marktplatzgeschäfts und den Anschluss weiterer Marketplaces. Es geht um spannende Kooperationen mit bekannten Bands und Entertainment-Marken, warum Festivals für EMP ein entscheidender Touchpoint zur Zielgruppe sind und wie das Unternehmen es schafft, mit einem nur dreiköpfigen Marktplatzteam ein solches Pensum zu bewältigen.
Imagine being the service design lead of a healthcare network of 88,000 patients. Your team consists of five people. Sounds daunting, doesn't it? This is the work that Carol Massa does every day at Northwell Health, New York's largest healthcare network. She brings her wisdom and experience not only to this episode of the Rosenfeld Review, but to the inaugural Advancing Service Design Conference on December 3-4, 2024. Starting as a design student at SCAD, Carol's career path has taken her to management consulting and now to her pivotal position at Northwell's Enterprise Digital Service division. Carol discusses her team's unique approach to service design, acting as translators of human insights for digital services. Her team's work involves transforming research and data into actionable insights, creating playbooks, and facilitating collaboration across various departments. The focus is on enhancing patient and clinician experiences by streamlining administrative tasks through innovative digital tools. Throughout the conversation, Carol highlights the importance of building relationships and humanizing interactions. She shares insights on using familiar frameworks to engage clinicians and bridge gaps in communication, ensuring that all stakeholders understand the shared goals of improving patient care. What You'll Learn from this Episode: - The Role of Service Design in Healthcare: Understanding how service design can improve patient and clinician experiences within large healthcare systems like Northwell Health - Collaboration Across Disciplines: How a small service design team collaborates with various departments and stakeholders, including clinicians, engineers, and business strategists, to enhance service delivery - Translating Insights into Action: Techniques for translating complex data and human insights into actionable strategies and digital tools that address specific needs - Humanizing Interactions: The importance of building personal relationships and fostering open communication to bridge gaps - Prototyping and Testing Ideas: How rapid prototyping and testing can be used to validate ideas and improve processes, ensuring that new tools and services effectively meet user needs. - Adapting Existing Frameworks: Creative approaches to leveraging existing frameworks (like problems, goals, and tasks) in a way that resonates with different audiences, particularly in translating technical language for clinicians. Quick Reference Guide: 0:00 - Meet Carol 2:02 - Service design at Northwell 7:25 - The makeup of the service design team 9:49 - The operational tools and documentation the team uses 13:46 - An example of incorporating and automating a new operational process 17:36 - Why you need the Rosenverse 20:04 - Action-driven problems, goals, and tasks 24:35 - Breaking into established systems 29:02 - Carol's gift for listeners Resources and Links from Today's Episode: Advancing Service Design (inaugural conference) https://rosenfeldmedia.com/advancing-service-design/ Everyday Astronaut https://www.youtube.com/everydayastronaut
FOLLOW US: LinkedIn: https://www.linkedin.com/company/inside-commerce/ ABOUT THIS EPISODE: In this episode of the Inside Commerce podcast, Luke Hodgson from Commerce Thinking explains the common issues with ERPs and their integration with ecommerce platforms. The conversation explores the importance of understanding ERP systems for ecommerce leaders, the evolving role of ecommerce directors post-COVID, and the demand for ERP in new businesses. The discussion also delves into the role of middleware in ecommerce integrations, challenges related to peak order volumes, and strategies for maximising back office performance. Finally, we discuss the significance of technical leadership in ecommerce and provide practical advice for businesses facing integration issues. Key takeaways: E-commerce leaders must understand their ERP systems. The demand for ERP has evolved post-COVID. Middleware plays a crucial role in integration. Peak order volumes require careful planning and execution. Technical leadership is essential for e-commerce success. Brands are increasingly exploring alternatives to traditional ERP systems. Effective communication with partners is vital during peak periods. Breaking down problems into stages helps identify issues. A tech leader should facilitate collaboration among stakeholders. The right technical resources are crucial for successful ERP implementation.
CJ joins Scott and Wes to dive into why he's all-in on Hono, a fast and lightweight web framework for every JavaScript runtime. From familiar route creation to type-safe middleware, find out how Hono keeps things simple, powerful, and ready to use inside Next.js. Show Notes 00:00 Welcome to Syntax! 00:46 Brought to you by Sentry.io. 01:11 What is Hono? Watch CJ's Video Here 03:21 Syntax Meetup San Francisco. 04:02 Why I like Hono, and why you should try it. 04:08 Familiar route creation. Connect: an extensible HTTP server framework for node. 05:45 Supports every JS Runtime. 07:00 How a service worker works. 08:48 Helpers. 09:16 Middleware. 10:40 Sentry middleware. 10:55 JSX support. 13:21 Organizing route handlers while keeping Types. 14:24 Type safety. hono-open-api-starter. zod-openapi. 15:46 Defining base type. Pinojs 17:36 Validation. 18:52 Hono RPC client. 22:09 Hono inside of Next.js. 23:30 Testing. 25:22 The community. 27:34 Type support. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads
“Un middleware vient combler un manque d'interfaçage API entre deux applications”. Pour ce troisième épisode de la série spéciale Tech, Laurent Kretz questionne Kévin Couvet, le CTO de CosaVostra, sur le sujet du middleware. A quoi sert cet outil qui s'intercale entre deux applications (pour créer un réseau d'échange d'informations entre elles). et dans quels cas de figure peut-il être utile voire indispensable à un projet de refonte e-commerce ? Kevin nous aide à mieux comprendre l'utilité ainsi que les avantages du middleware et comment en faire bon usage.Dans cet épisode, on parle de :00:03:45 - Quand et pourquoi a-t-on besoin d'un middleware ; 00:06:25 - Avec quelle type de plateforme utiliser un middleware;00:07:10 - Comprendre ses avantages (centralisation des données, simplification de la gestion de l'interface, etc.) ; 00:09:40 - Estimer le prix d'un middleware en fonction de la complexité du projet de refonte. Et quelques dernières infos à vous partager : Suivez Le Panier sur Instagram lepanier.podcast !Inscrivez- vous à la newsletter sur leanier.io pour cartonner en e-comm ! Écoutez les épisodes sur Apple Podcasts, Spotify ou encore Podcast AddictLe Panier est un podcast produit par CosaVostra, du label Orso Media.
There are now episodes of Nice Games Club for each new day of the year! When you get to the last day of that year, you'll hear about Audio Middleware and Psychic Distance from us in the clubhouse.About the Fair - Minnesota State Fair0:17:06Audio MiddlewareAn example of audio tech conversations we've had in the past.Game Audio Tools and WorkflowsWwiseAudiokineticFMODFMOD0:51:32Psychic DistancePsychic Distance: what it is and how to use itEmma DarwinThis Itch of Writing
In dieser Episode spricht Host Florian Vette mit Andreas Stark, Head of Global E-Commerce bei STABILO. Andreas verantwortet die globale E-Commerce-Strategie des Unternehmens und gibt im Podcast tiefgehende Einblicke in die Direct-to-Consumer (D2C) Transformation bei STABILO. Gemeinsam werfen Andreas und Florian einen Blick auf STABILO als Marke und beleuchten, wie das Unternehmen seine Produkte aktuell verkauft. Andreas erklärt, welche Veränderungen durch den D2C-Fokus anstehen und warum dieser Schritt notwendig war. Was bedeutet das für das gesamte Sortiment? Und welche Rolle spielen Händler dabei zukünftig? Andreas spricht über die strategischen Entscheidungen in zentralen Bereichen wie Sortiment, Logistik, Preisgestaltung und Organisation. Welche Produkte schaffen es in den Online-Shop, wie sieht die Preispolitik aus, und wie wird STABILO in Zukunft auf Marktplätzen wie Amazon oder Kaufland vertreten sein? Andreas gibt uns exklusive Einblicke in die zentralen vs. länderspezifischen Steuerungen und erklärt, wie die Balance zwischen lokaler und globaler Strategie funktioniert. Ein weiteres zentrales Thema ist die neue Organisationseinheit, die seit Mitte diesen Jahres die D2C-Aktivitäten koordiniert, sowie die aktuellen Herausforderungen rund um Middleware- und SAP-Implementierungen. Am Ende der Episode erfahrt ihr, wie STABILO seine Multi-Channel-Strategie umsetzt und welche nächsten Schritte in der Transformation geplant sind.
Thomas Gillan, Chief Executive Officer, Br-dge Bringing together multiple payment technology solutions in one place, payment orchestrators like Br-dge work as independent, trusted partners for the broader ecosystem. These firms work behind the scenes to offer acquirers, platforms and gateways access to the latest technology, allowing merchants to get on with their actual business in the knowledge that their payment stack is futureproofed. Robin Amlôt of IBS Intelligence speaks to Thomas Gillan, CEO of payment orchestration firm Br-dge.
Avalonia XPF This episode of The Modern .NET Show is supported, in part, by Avalonia XPF, a binary-compatible cross-platform fork of WPF, enables WPF apps to run on new platforms with minimal effort and maximum compatibility. Show Notes Yeah, exactly. And it means you can, if you see it in its sort of native place, next time that you're writing something, maybe you don't go and change all your IEnumerables to IAsyncEnumerable because that's not worth doing. But maybe next time you're writing a new API you're like, "oh, you know what, I will use that newer API because it will give me better performance. And when I'm writing it, it's easy to just use the new thing and it's more applicable to this situation." — Andrew Lock Welcome to The Modern .NET Show! Formerly known as The .NET Core Podcast, we are the go-to podcast for all .NET developers worldwide and I am your host Jamie "GaProgMan" Taylor. In this episode, Andrew Lock joined us to talk about ASP .NET Core's new Minimal APIs paradigm. Along the We also talked about validation, and the third edition of his book "ASP .NET Core in Action" from Manning Publishing. So it's sort of interesting, the philosophy, because obviously validation was one of the things they had some pushback. In MVC You've got validation there by default, and clearly you always want to have validation of your arguments. So why didn't they include it in minimal APIs? And the answer basically is because there's more than one validation framework. There's the data annotation attributes... but then there's other frameworks like the fluent validation, for example, is a very popular one. And the only way that works in MVC is you have to sort of try and plug it in as an extra part and remove the old validation. And they didn't want to prioritize any particular style of doing validation. — Andrew Lock So let's sit back, open up a terminal, type in dotnet new podcast and we'll dive into the core of Modern .NET. Supporting the Show If you find this episode useful in any way, please consider supporting the show by either leaving a review (check our review page for ways to do that), sharing the episode with a friend or colleague, buying the host a coffee, or considering becoming a Patron of the show. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-6/navigating-the-aspnet-core-maze-from-middleware-to-minimal-apis-and-modern-c-sharp-with-andrew-lock/ Useful Links A discount code, good for 45% off all Manning Products: dotnetshow24 ASP .NET Core in Action Andrew's previous appearance on the show: Episode 17 - ASP .NET Core's Middleware Pipeline with Andrew Lock Andrew's blog OWIN version The .NET blog posts by Stephen Toub Episode 72 - Emulating a Video Game System in .NET with Ryujinx Express.js build Web APIs Using Python & FastAPI with @KJayMiller Andrew's series of blog posts on Source Generators Andrew on: X (formally known as Twitter) LinkedIn Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in touch: via the contact page joining the Discord Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.
Allright, so in the middle of summer, and what better way to fight the summer heat than to have a cold one and talk about tech, right? We got together again and discuss the cool things that are happening (Java 22, Kotlin 2.0), and then we take a detour on looking at what's happening in the open source space (RedHat prunes Middleware, OCI Stops Funding Grails), and we try to figure out where would it end. So come and take a listen as we try to read the tea leaves and figure out where open source is going! https://www.javaoffheap.com/datadog We thank DataDogHQ for sponsoring this podcast episode DO follow us on twitter @offheap https://www.twitter.com/offheap News: Java 22 (Haven't recorded since then!) Jakarta EE 11 M3 Now Available New Features Jakarta Data Kotlin 2.0.x Quarkus is going to a foundation? RedHat prunes middleware to invest in AI Aqua IDE for test automation is GA OCI stops funding Grails Women who code ends Discussion: https://thenewstack.io/open-source-is-at-a-crossroads/ ? Conferences: Community Over Code NA Denver October 7-10 https://communityovercode.org/ Dev2Next Lone Tree, Colorado Sept 30 — Oct 3, 2024 https://www.dev2next.com/ JChampions Conference 2024 Videos Available JakartaOne LiveStream December
Today we are talking with Kyle Stutzman about how he co-founded Janusea, about their middleware solution and how it can make credit unions more agile and connect with their members. Season 1, Episode 16. Follow the Pod:https://twitter.com/fintechcombine To find out how Constellation can help your institution or fintech improve your digital experiences contact us at: https://constellation.coop https://twitter.com/ConstellationDP Follow Kris Kovacs: https://twitter.com/ManagementBytes https://www.linkedin.com/in/kriskovacs/ https://www.instagram.com/kriskovacs/ The Fintech Combine is Produced and Edited by Anson Beckler-Jones Follow Anson Beckler-Jones Instagram - @ansonandco Youtube - @ansonandco
Welcome back to another episode of the Laravel podcast! In this episode, we dive into the exciting release of Laravel 11 and discuss its impact since it has been out in the wild. Taylor also shares his insights on the release and other recent developments in the Laravel ecosystem, including the launch of Herd Pro. Additionally, we discuss the new hires at Laravel, including Andre Valentin, Chris Fadao, Mohammed Said, and Alyssa Mazzina and touch on the topic of open-source sustainability.Taylor Otwell's Twitter - https://twitter.com/taylorotwellMatt Stauffer's Twitter - https://twitter.com/stauffermattLaravel Twitter - https://twitter.com/laravelphpLaravel Website - https://laravel.com/Tighten Website - https://tighten.com/Laravel 11 - https://laravel.com/docs/11.x/releasesLaravel Careers - https://laravel.com/careersLaravel Reverb - https://laravel.com/docs/master/reverbLaravel Herd - https://herd.laravel.com/Laravel Herd for Windows - https://herd.laravel.com/windowsLaravel Valet - https://laravel.com/docs/11.x/valetChristoph Rumpel Forge Productivity Tweet: https://x.com/christophrumpel/status/1773738874264600608?s=20Andre Valentin Twitter - @theandreval Laravel Director of EngineeringChris Fidao Twitter - @fideloper Laravel Infrastructure EngineerMohammed Said Twitter - @themsaidAlyssa Mazzina Twitter - @alyssamazzinaLaragon - https://laragon.org/Django - https://www.djangoproject.com/Spatie - https://spatie.be/Laracon US - https://laracon.us/-----Editing and transcription sponsored by Tighten.
Today on Elixir Wizards Office Hours, SmartLogic Engineer Joel Meador joins Dan Ivovich to discuss all things background jobs. The behind-the-scenes heroes of app performance and scalability, background jobs take center stage as we dissect their role in optimizing user experience and managing heavy-lifting tasks away from the main application flow. From syncing with external systems to processing large datasets, background jobs are pivotal to successful application management. Dan and Joel share their perspectives on monitoring, debugging, and securing background jobs, emphasizing the need for a strategic approach to these hidden workflows. Key topics discussed in this episode: The vital role of background jobs in app performance Optimizing user experience through background processing Common pitfalls: resource starvation and latency issues Strategies for effective monitoring and debugging of task runners and job schedulers Data integrity and system security in open source software Background job tools like Oban, Sidekiq, Resque, Cron jobs, Redis pub sub CPU utilization and processing speed Best practices for implementing background jobs Keeping jobs small, focused, and well-monitored Navigating job uniqueness, locking, and deployment orchestration Leveraging asynctask for asynchronous operations The art of continuous improvement in background job management Links mentioned in this episode: https://redis.io/ Oban job processing library https://hexdocs.pm/oban/Oban.html Resque Ruby library for background jobs https://github.com/resque Sidekiq background processing for Ruby https://github.com/sidekiq Delayed Job priority queue system https://github.com/collectiveidea/delayed_job RabbitMQ messaging and streaming broker https://www.rabbitmq.com/ Mnesia distributed telecommunications DBMS https://www.erlang.org/doc/man/mnesia.html Task for Elixir https://hexdocs.pm/elixir/1.12/Task.html ETS in-memory store for Elixir and Erlang objects https://hexdocs.pm/ets/ETS.html Cron - https://en.wikipedia.org/wiki/Cron Donate to Miami Indians of Indiana https://www.miamiindians.org/take-action Joel Meador on Tumblr https://joelmeador.tumblr.com/ Special Guest: Joel Meador.
Join Wes and Scott for a hasty episode of Syntax as they unpack the power of middleware for developers, covering caching, authentication, A/B testing, error handling, and user redirection in a quick, punchy rundown to supercharge your backend skills! Show Notes 00:00 Welcome to Syntax! 00:41 Syntax on YouTube. 01:28 What is middleware? 05:04 Some real-world examples of middleware. 05:10 Authentication. 07:44 Redirecting users to a specific instance. 08:28 Logging + statistics. 09:41 Debugging. 10:00 Timers. 10:46 A/B testing. 11:59 Error handling + logging. 12:23 Caching. 13:02 Multi-tenant applications. 15:08 Where does it run? 18:07 What are the limitations? 21:52 Next.js middleware is one file only. NextJS Middleware 23:35 Sveltekit solution. Sveltekit Hooks 24:31 Connect style. Fastify Express Fastify Middle 25:28 One last thing, NPM Installing. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott:X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads
Steve Jamieson, founder and CEO of WorkingLive, talks with EisnerAmper's TechTalk host Fritz Spencer about helping companies achieve online sales success by meeting customers where they are—across multiple platforms. In this episode, Steve discusses how his multi-channel e-commerce solution leverages proprietary middleware technology to help independent distributors and affiliates more effectively track and sell their products amidst evolving consumer trends.
In this episode of the Laravel Podcast, we are diving into the highlights of Laracon EU including the unveiling of Laravel 11 and the introduction of Laravel Reverb. Taylor Otwell shares insights on the streamlined application structure and new features in Laravel 11. We also discuss the launch of Laravel Herd for Windows and Herd Pro, offering power user features for local development, and provide some exciting updates about the upcoming Laracon US.Taylor Otwell's Twitter - https://twitter.com/taylorotwellMatt Stauffer's Twitter - https://twitter.com/stauffermattLaravel Twitter - https://twitter.com/laravelphpLaravel Website - https://laravel.com/Tighten Website - https://tighten.com/Laracon EU Photo Gallery Tweet - https://x.com/LaraconEU/status/1755957896209113444?s=20Laravel Reverb - https://laravel.com/docs/master/reverbLaravel 11 - https://laravel.com/docs/master/releasesThiery Laverdure's Project - https://github.com/tlaverdure/laravel-echo-serverPusher - https://pusher.com/Ably - https://ably.com/Laravel Herd - https://herd.laravel.com/Adam Wathan Twitter - https://twitter.com/adamwathanJess Archer Twitter - https://twitter.com/jessarchercodesLuke Twitter Downing Twitter - https://twitter.com/lukedowning19Daniel Coulbourne Twitter - https://twitter.com/DCoulbourneJoe Dixon Twitter - https://twitter.com/_joedixonPhilo Hermans Twitter - https://twitter.com/Philo01?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5EauthorLaracon US - https://laracon.us/Laracon CFP Talk Submission Form - https://docs.google.com/forms/d/e/1FAIpQLSdlyTDvqeKNB3r-wVNmDBlE23oHKEL4m8lzL5nci0YPH_5WYA/viewform-----Editing and transcription sponsored by Tighten.
In the course of the talk I'll discuss current authentication challenges, the looming problem with cracking public key encryption, and short and medium term recommendations to help folks stay secure. About the speaker: Bill helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. This involves technology, policy, and procedures, and impacts acquisition/development through deployment, operations, maintenance, and replacement or retirement. During his five-decade IT career, Bill has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. At Trend Micro, Bill provided research and analysis of the current state and future trends in information security. He participates in the ISO/IEC 62443 standards body and the CISA ICSJWG on ICT security. He runs his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services. Bill has over 180 publications and has spoken at numerous events worldwide. Bill attended MIT, majoring in Mathematics. He is a member of CT InfraGard and ISACA.
This Week in Machine Learning & Artificial Intelligence (AI) Podcast
Today we're joined by Kyle Roche, founder and CEO of Griptape to discuss patterns and middleware for LLM applications. We dive into the emerging patterns for developing LLM applications, such as off prompt data—which allows data retrieval without compromising the chain of thought within language models—and pipelines, which are sequential tasks that are given to LLMs that can involve different models for each task or step in the pipeline. We also explore Griptape, an open-source, Python-based middleware stack that aims to securely connect LLM applications to an organization's internal and external data systems. We discuss the abstractions it offers, including drivers, memory management, rule sets, DAG-based workflows, and a prompt stack. Additionally, we touch on common customer concerns such as privacy, retraining, and sovereignty issues, and several use cases that leverage role-based retrieval methods to optimize human augmentation tasks. The complete show notes for this episode can be found at twimlai.com/go/659.
In this enlightening episode of Tech Talks Daily, I am joined by Neill Smith, Head of Infrastructure at the Agricultural Economy Directorate for the Scottish Government. We delve into the intricate journey of the Scottish Government's transition towards a more digital and cloud-centric approach. This episode offers a unique perspective on how a significant arm of the government, responsible for disbursing around $1 billion in subsidies to farmers, is navigating the complex landscape of modern technology. Neill Smith shares his insights on the challenges and opportunities presented by cloud migration, emphasizing the importance of understanding and adapting to the specific needs of each workload. He sheds light on the common misconceptions about cloud-first strategies and the importance of a nuanced approach in public sector digital transformation. We also explore the broader implications of this shift, including the rising expectations of citizens for digital services, the challenges of cloud skills shortages, and the importance of diversity in tech to foster innovative solutions. Neill's perspective on the role of culture and people in driving technological change is particularly thought-provoking. Furthermore, we discuss the Scottish Government's commitment to sustainability and how technology is being leveraged to promote greener farming practices. Neill highlights the use of cutting-edge technologies like AI and satellite imagery in agriculture, showcasing how these innovations can lead to more efficient and environmentally friendly practices. As we delve into the future of application delivery and the vision for a more digital government, this episode is a must-listen for anyone interested in how technology is reshaping the public sector. Neill Smith's expertise and experience offer invaluable insights into the journey of modernizing government services and the strategic deployment of cloud services. Join us for this episode of Tech Talks Daily, where we uncover the layers of digital transformation in the public sector and the visionary leadership driving this change. About Neill Smith: Neill Smith is a renowned expert in Cloud, Virtualization, Linux, and Middleware. As the Head of Infrastructure at The Scottish Government (ARE Directorate), he brings a wealth of experience and knowledge. A respected figure in the tech community, Neill has spoken at major technical conferences like AWS re:Invent, VMworld, and Gartner Infrastructure, Operations & Cloud Strategies. His insights into the intersection of technology, government, and industry are invaluable for understanding the future of digital governance.
Tommaso Demarie, CEO and co-founder of Entropica Labs, is interviewed by Yuval Boger. Tommaso and Yuval discuss Entropica Labs' focus on quantum computing middleware, aiming to support fault-tolerant quantum error correction, their software development tools, potential timelines for quantum computing advancements, and much more
This week's episode features two of our own, Megan Saylor and Doug Beers from Moser's Learning Services department. They're talking to us about Learning Management Systems. Megan is a Senior Consultant and Engagement Manager at Moser Consulting and has been with the company for 10 years. Her main focus has been in Middleware, as an LMS Systems Owner. She has been an EM for over 3 years and she is also currently an administrator of Moser's own LMS, called HRLearn, for both internal use and future client engagements! She is certified in BBST Foundations of Software Testing, ICAgile: Foundations of DevOps, Scaled Agile: SAFe Agilist, Learn Server Administration (Blackboard) and Presenting Powerful Presentations.Doug is a Senior Consultant for the Learning Services division at Moser Consulting and has been with the company for 9+ years. He is looking forward to expanding the Learning Services impact at Moser and to our clients through implementing learning management systems and content management. He is certified in Scaled Agile: Certified SAFe Agilist, BBST Foundations of Software Testing, and ICAgile: ICP Foundations of DevOps.
Resources ----------------- Slides: https://docsend.com/view/5j2vypm283qe... EIP: https://eips.ethereum.org/EIPS/eip-6672 Discussion: https://ethereum-magicians.org/t/eip-... PEEPanEIP Playlist - • PEEPanEIP ERC Playlist - • ERCs Follow at Twitter ---------------------------- BoYu Chu @chuboyu_ | Pooja Ranjan @poojaranjan19 Topics covered ------------------------- 0:00 - Promo 0:29 - Topic introduction 1:10 - Guest Introduction 1:44 - Presentation 1:55 - Team 2:34 - Motivation 4:08 - Problem statement 4:40 - ERC-6672 specs 6:30 - ERC6672 is not defining 8:30 - How do we handle redeem? 9:26 - What is missing? 11:02 - Rethink NFT properties - Intrinsic & Extrinsic properties 14:54 - Middleware between web2 and web3 15:18 - ERC6672 specification 16:47 - Benefits 18:09 - Usage guidelines 18:48 - Key consideration & guidelines 23:49 - Web3 Commerce 30:02 - What about non-6672 NFTs? 31:05 - The journey of EIP 33:15 - Thoughts 34:05 - Reach out the team 34:25 - End of presentation 35:00 - Is it soulbound or transferable? 38:30 - Project implementing this ERC 40:90 - Security consideration 42:32 - EIP documentation Contact Ethereum Cat Herders --------------------------------------------------- Discord: https://discord.io/ethereumcatherders Twitter: https://twitter.com/EthCatHerders Medium: https://medium.com/ethereum-cat-herders Website: https://www.ethereumcatherders.com/
Industrial Talk is onsite at IoT Solutions World Congress and talking to Nina Tucker, Vice President at Twin Oaks Computing about "Middleware and the importance to your digital transformation journey". Learn about Middleware along with Nina's unique insight into the Middleware technology on this Industrial Talk interview! Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2023. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy! NINA TUCKER'S CONTACT INFORMATION: Personal LinkedIn: https://www.linkedin.com/in/ninatucker/ Company LinkedIn: https://www.linkedin.com/company/twin-oaks-computing-inc-/ Company Website: https://www.twinoakscomputing.com/ PODCAST VIDEO: https://youtu.be/5D-2XQ3AnI0 THE STRATEGIC REASON "WHY YOU NEED TO PODCAST": OTHER GREAT INDUSTRIAL RESOURCES: NEOM: https://www.neom.com/en-us Hexagon: https://hexagon.com/ Arduino: https://www.arduino.cc/ Fictiv: https://www.fictiv.com/ Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html Industrial Marketing Solutions: https://industrialtalk.com/industrial-marketing/ Industrial Academy: https://industrialtalk.com/industrial-academy/ Industrial Dojo: https://industrialtalk.com/industrial_dojo/ We the 15: https://www.wethe15.org/ YOUR INDUSTRIAL DIGITAL TOOLBOX: LifterLMS: Get One Month Free for $1 – https://lifterlms.com/ Active Campaign: Active Campaign Link Social Jukebox: https://www.socialjukebox.com/ Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader): Business Beatitude the Book
Maxime: CEO and founder at LimaCharlie, middleware for cybersecurity application integration for incident response Previously worked for Google, Crowdstrike, and Canada's department of defense Check out the episode for our discussion on the challenges of building your own security workflows, automation adoption journeys, and how the larger cybersecurity automation world is evolving. https://limacharlie.io/
In the latest episode of BRAVE, Jeremy Au and Shiyan Koh analyze January Capital's monthly report on Southeast Asia, focusing on the region's marketplaces with low margins. They delve into how these marketplaces are leveraging embedded finance to increase their profit margins, while also considering the role of retention in simplifying their operations. Furthermore, the discussion also touches upon the shifting trends in the SaaS landscape of Southeast Asia. Download the January Capital report here. Read the transcript here at: www.bravesea.com/blog/january-capital-report WhatsApp Daily Insight: https://chat.whatsapp.com/CeL3ywi7yOWFd8HTo6yzde Spotify: https://open.spotify.com/show/4TnqkaWpTT181lMA8xNu0T Youtube: https://www.youtube.com/@JeremyAu/featured Apple Podcasts: https://podcasts.apple.com/sg/podcast/brave-southeast-asia-tech-singapore-indonesia-vietnam/id1506890464 Tiktok: https://www.tiktok.com/@jeremyau?lang=en Instagram: https://www.instagram.com/jeremyauz/ Twitter: https://twitter.com/jeremyau Visit our community at: www.bravesea.com
What's on the horizon for bank innovation and fintech in 2023? In this episode of the ABA Banking Journal Podcast — sponsored by xChange — ABA's Office of Innovation team explores top tech trends for the year ahead. Among other topics, they discuss the growing role of investment in foundational infrastructure like core processing, how APIs and middleware are helping banks innovate, declining consumer interest in crypto (although digital assets broadly remain an area of focus), what new AI tools like ChatGPT may mean for banking, the importance of digital identity in fraud prevention, and how banks are changing their strategies internally to promote innovation.
Hi, Spring fans! In this installment, Josh Long talks to Java Champion Gunnar Morling about messaging middleware, Debezium, and more.
Christian Ruppe co-founded a fintech firm when he was in college — and later he brought his experience in-house in the community banking space. On the latest episode of the ABA Banking Journal Podcast — sponsored by Jack Henry — Ruppe talks about Colony Bank's strategy to build middleware that will enable more rapid innovation. “Were not asking people to integrate with this vendor or that vendor,” says Ruppe. “We're giving them our documentation and asking them to integrate with us.” On the podcast, Ruppe also discusses: Why an API-based middleware will help accelerate innovation and product launches. The changing role of core platforms in a middleware environment. How his experience as a fintech co-founder affects his outlook as a community banker. How community banks can build cultures of integrated innovation.
Bill Malik helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. During his four-decade IT career, Bill Malik has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. He ran his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services for clients including Motorola, AIG, and Silver Lake Partners. Bill has over 160 publications and has spoken at numerous events worldwide. Malik has spent the past 5 years at Trend Micro where he works as Vice President of infrastructure strategies. Scott Schober is a #cybersecurity and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR. Subscribe and follow: Apple Podcasts: https://podcasts.apple.com/us/podcast... Google Podcasts: https://podcasts.google.com/feed/aHR0... iHeart Podcasts: https://www.iheart.com/podcast/70626340/ Amazon Music Podcasts: https://scottschober.com/wp-content/u... YouTube: https://www.youtube.com/channel/UCxqx... Twitter: @ScottBVS Instagram: https://www.instagram.com/scott_schober/ LinkedIn: https://www.linkedin.com/in/snschober Website: www.ScottSchober.com
Bill Malik helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. During his four-decade IT career, Bill Malik has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. He ran his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services for clients including Motorola, AIG, and Silver Lake Partners. Bill has over 160 publications and has spoken at numerous events worldwide. Malik has spent the past 5 years at Trend Micro where he works as Vice President of infrastructure strategies. Scott Schober is a #cybersecurity and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR. Subscribe and follow: Apple Podcasts: https://podcasts.apple.com/us/podcast... Google Podcasts: https://podcasts.google.com/feed/aHR0... iHeart Podcasts: https://www.iheart.com/podcast/70626340/ Amazon Music Podcasts: https://scottschober.com/wp-content/u... YouTube: https://www.youtube.com/channel/UCxqx... Twitter: @ScottBVS Instagram: https://www.instagram.com/scott_schober/ LinkedIn: https://www.linkedin.com/in/snschober Website: www.ScottSchober.com
Bloomberg Intelligence Senior Analyst Mandeep Singh is hosting HashiCorp co-founder and CTO, Armon Dadgar, to talk about how HashiCorp is building the middleware for the cloud and seeks to partner with hyperscale cloud vendors for all kinds of workloads and applications.
In this episode of Commitment Matters, Mary speaks with the Co-founders of ShortTrack, Steve Hargraves and Chris Hacker. If you'd like to learn more about the company, check out shorttrack.io. During their conversation, Steve, Chris, or Mary mentioned: ShortTrack offers security and automation for title agencies. The software delivers documents, digital orders, e-signing capabilities from your customers right into your software.The companies that have been most successful during the pandemic were those that adapted and accelerated their technology. You can modernize your title operations with e-closings, electronic signatures, email and text communication, and more.Innovation should come from products and opportunities that provide value, efficiencies, and security. Your new products and services should answer your customers' questions and provide a solution. Chris uses millennials as an example of innovation for ShortTrack. He says 63% of first-time homebuyers are millennials, so they looked at streamlining communication methods, and upping the digital services they offer to appeal to the demographic. Middleware provides communication between software platforms, so communication is consistent through your business. With middleware, data and documents can be shared and updated almost instantly. The more application communication you have, the better security you have. Since middleware is the connectivity between software applications, it's sure to keep data more secure by eliminating external communications, which is how ransomware attacks and phishing emails get to you.Steve and Chris say businesses who don't adapt their technology could get left behind, especially in the case of another pandemic or other world event.Customer portals provide security, while bridging communication between vendors' software platforms. Each company can operate on its own system, while still tracking shared customer data. This year, the National Association of Realtors is no longer providing digital forms to members. They are now being handled at the state/local level. Chris suggests checking with your local real estate association and monitoring your software to see how this would impact your business. If you'd like to contact the Commitment Matters podcast, email podcasts@ramquest.com. Don't forget to subscribe, rate, and review this podcast on Apple Podcast, Spotify, or wherever you listen to podcasts, or visit RamQuest.com/podcast to download the latest episode. Lastly, we love to see when and how you're listening. Share our posts, or create your own and tag them: #CommitmentMattersPodcast