Podcasts about web apis

Peter Pistorius, co-creator of RedwoodJS, talks about the evolution from RedwoodJS GraphQL to the new Redwood SDK, a React framework built for Cloudflare. They dive deep into serverless architecture, React Server Components, durable objects, AI-assisted development, and the challenges of modern deployment and hosting. Learn how Redwood SDK is empowering developers to focus on building and shipping, instead of managing infrastructure. Links https://rw-sdk.com http://peterp.org https://github.com/peterp https://bsky.app/profile/p4p8.bsky.social https://x.com/appfactory https://cursor.sh https://neon.tech Resources https://rwsdk.com We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Em, at emily.kochanek@logrocket.com (mailto:emily.kochanek@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket's Galileo AI watches user sessions for you and surfaces the technical and usability issues holding back your web and mobile apps. Understand where your users are struggling by trying it for free at LogRocket.com (https://logrocket.com/signup/?pdr).

Join Allen Wyma and Arnaud Lauret, author of The Design of Web APIs, Second Edition, as they discuss creating user-friendly, secure, and efficient APIs. 

Brooks Lybrand discusses the transformation of React Router from a simple routing library to a powerful framework option for React applications. Learn about React Router 7's new framework mode, upcoming middleware support, and the team's innovative approach to React Server Components. Brooks explains how the Remix team is working to bring proven patterns and web standards to the broader React community while building a foundation for future web development that leverages native web APIs.Chapter Marks0:00 - Intro0:37 - Guest Introduction & SNL Jacket Discussion1:12 - The Remix "Nap" Announcement3:25 - Understanding React Router's Evolution7:51 - React Router Framework Mode10:21 - Middleware Support Plans15:42 - React Server Components Integration19:14 - Server-Side Capabilities & RSC Benefits24:17 - Team Size and Structure25:13 - Remix Brand & Future Direction30:19 - Future of Web APIs32:03 - Austin Remix Meetup Discussion34:54 - Community Engagement and Open Source36:19 - Picks and Plugs LinksPeople & Profiles:Brooks Lybrand's social profilesTwitterBlueSkyMichael ChanJames PerkinsRyan FlorenceEvan Bacon (mentioned for RSC mobile demo)Tools & Projects:React Router 7Remix RunRemix DiscordVite 6Cursor AI (mentioned in Amy's pick)The dev.to article about Cursor settings that Amy referencedElgato XLR Deck (Brad's pick)OXO Silicon Measuring Cup (Amy's pick)Events & Communities:Epic Web Conf (March 2024, where Brooks will be speaking)React Miami (April 2024, where Brooks will be speaking)Remix Austin MeetupTechnical Resources:React Server Components documentationRemix Project RoadmapVite's Environment API documentationBooks:The Three-Body Problem book series (Brooks' pick)Additional Resources:Netflix's Three-Body Problem show (mentioned in relation to Brooks' pick)

Today we are talking about WEBAssembly, How it's used, and cool things you can use it for with Drupal with guest Matt Glaman. We'll also cover Darkmode JS as our module of the week. For show notes visit: https://www.talkingDrupal.com/478 Topics What is WebAssembly Progressive Web Aoos Open source Does it have a community Browser support How does it work Common use cases How can you use this with Drupal This was an early concept for Drupal trial Challenges Wordpress playground Pieces that do not work for PHP Are there risks Are there resources for people that want to use WebAssembly Do you see it being used with Drupal Resources WEBAssembly WEBAssembly history Browser support 2038 WordPress Playground https://playground.wordpress.net https://github.com/adamziel Slides from Barcelona: The Web APIs powering the Starshot trial: https://mglaman.dev/sites/default/files/2024-09/The Web APIs powering the Starshot trial experience.pdf https://www.youtube.com/watch?v=rJVM_uDGD5I&list=PLpeDXSh4nHjQOfQV-BUgoxHXlr4tHlhPO&index=64 Guests Matt Glaman - mglaman.dev mglaman Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Suzanne Dergacheva - evolvingweb.com pixelite MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted your Drupal site to provide a widget that allows visitors to go over to the dark side of your theme? There's a module for that. Module name/project name: Darkmode JS Brief history How old: created in May 2022 by Arthur Baghdasaryan (arthur.baghdasar) of Last Call Media Versions available: 1.0.7 which works with Drupal 9, 10, and 11 Maintainership Actively maintained Security coverage Number of open issues: 1 open issues which is a bug against the current branch, but is postponed, waiting for more info Usage stats: 89 sites Module features and usage The module is a wrapper for the DarkmodeJS library which gets 1,000 weekly downloads, according to NPM. That library does have its own demo / tutorial site, so if you want to understand the options it exposes, we will add a link in the show notes The module provides options to control where on the page you want the widget to appear, what colors it should use, whether or not to store a user's choices in cookies, and whether or not to automatically match a visitor's OS theme setting of light/dark Installing the module currently requires making some changes to your site's composer.json file, then configuring how you want the widget to appear, and then placing the block in your site theme The module also doesn't currently include a schema file for its configuration, which can cause challenges particularly for sites that run automated tests

Listen to this interview of Justus Bogner, Assistant Professor, Software and Sustainability Group, Vrije Universiteit, Netherlands. We talk about his coauthored papers Do RESTful API design rules have an impact on the understandability of Web APIs? (EMSE 2023) and RESTRuler: Towards Automatically Identifying Violations of RESTful Design Rules in Web APIs (ICSA 2024). Download this screenshot of the ICSA paper. In the screenshot, you see blue highlighting that matches content portrayed by Figure 1 as it's presented in the running text. There is definitely a lot to see, but even more that the writing goes into describing and explaining. For that reason, Justus and his coauthors have chosen to do that work using both figure and text. It is the interaction here between the two that makes their study design palpable and visual — a huge help to the reader trying to appreciate just how they have arrived at these three RQs! Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/new-books-network

Listen to this interview of Justus Bogner, Assistant Professor, Software and Sustainability Group, Vrije Universiteit, Netherlands. We talk about his coauthored papers Do RESTful API design rules have an impact on the understandability of Web APIs? (EMSE 2023) and RESTRuler: Towards Automatically Identifying Violations of RESTful Design Rules in Web APIs (ICSA 2024). Download this screenshot of the ICSA paper. In the screenshot, you see blue highlighting that matches content portrayed by Figure 1 as it's presented in the running text. There is definitely a lot to see, but even more that the writing goes into describing and explaining. For that reason, Justus and his coauthors have chosen to do that work using both figure and text. It is the interaction here between the two that makes their study design palpable and visual — a huge help to the reader trying to appreciate just how they have arrived at these three RQs! Learn more about your ad choices. Visit megaphone.fm/adchoices

Level up your vanilla JavaScript with these powerful Web APIs that every developer should know. In this episode, Matt and Mike dive into essential Web APIs that can take your web development skills to the next level. Discover how Web APIs differ from external APIs and explore their powerful capabilities—from manipulating the DOM and fetching data to enabling offline functionality for native app-like uses (ie PWAs). They'll cover must-know APIs like Fetch, Storage, and Service Worker, along with user experience (and native app-like) boosters like Geolocation and Notifications. Tune in to learn practical applications, security tips, and best practices that will help you create fast, interactive, and native-like web apps. Show Notes: https://www.htmlallthethings.com/podcasts/web-apis-that-every-javascript-developer-should-know Thanks to Wix Studio for sponsoring this episode! Check out Wix Studio, the web platform tailored to designers, developers, and marketers via this link: https://www.wix.com/studio

独立行政法人情報処理推進機構（IPA）および一般社団法人JPCERT コーディネーションセンター（JPCERT/CC）は7月30日、EC-CUBE 4系用プラグイン「EC-CUBE Web API プラグイン」における格納型クロスサイトスクリプティングの脆弱性について「Japan Vulnerability Notes（JVN）」で発表した。

Web API hacking has emerged as a critical focus area in the cybersecurity landscape. With the digital world heavily reliant on Application Programming Interfaces (APIs), their security is paramount. In this article, we will delve into the realm of web API hacking methodology, starting with the fundamentals and progressing into a comprehensive exploration of the tactics and instruments employed by both inexperienced and experienced experts. What is API? APIs, or Application Programming Interfaces, serve as the communication bridges allowing different software applications to interact. They are the unseen heroes behind the seamless functioning of our favorite apps, websites, and devices. For example, when you place an order on Amazon, an API facilitates the communication between Amazon's platform and your bank to process the payment securely. With APIs playing such a vital role in our digital lives, it is no surprise that they have become a prime target for cyberattacks. What is Web API Hacking? Web API hacking is a form of security testing that focuses on discovering weaknesses within APIs. By focusing on API endpoints, malicious actors seek to achieve unauthorized access to confidential information, disrupt services, or potentially assume control over entire systems. The prevalence of APIs in modern web applications means that web API security is critical to overall cybersecurity. Over 80% of all web traffic now relies on API requests, making them a high-value target for ethical hackers and malicious attackers. View More: What is Web API Hacking Methodology?

Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-288

Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Show Notes: https://securityweekly.com/asw-288

Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-288

Looking at use cases and abuse cases of Microsoft's Recall feature, examples of hacking web APIs, CISA's secure design pledge, what we look for in CVEs, a nod to PHP's history, and more! Show Notes: https://securityweekly.com/asw-288

Interactive Brokers' Web API delivers real-time access to Interactive Brokers' trading functionality, including live market data, market scanners, and intra-day portfolio updates. This podcast introduces WebSocket technology.

Schepp, Vanessa und Peter nehmen ein neues Safari-Release zum Anlass, ausschließlich über neue Web-APIs zu philosophieren. Kontroverse Themen wie der Digital Markets Act oder Peters randständige Featu…

Hackaday Editors Elliot Williams and Al Williams sat down to compare notes on their favorite Hackaday posts of the week. You can listen in on this week's podcast. The guys talked about the latest Hackaday contest and plans for Hackaday Europe. Plus, there's a what's that sound to try. Your guess can't be worse than Al's, so take a shot. You could win a limited-edition T-shirt. In technical articles, Elliot spent the week reading about brushless motor design, twin-t oscillators, and a truly wondrous hack to reverse map a Nintendo Switch PCB. Al was more nostalgic, looking at the 555 and an old Radio Shack kit renewed. He also talked about a method to use SQL to retrieve information from Web APIs. Quick hacks were a decided mix with everything from homemade potentiometers to waterproof 3D printing. Finally, the guys talked about Hackaday originals. Why don't we teach teens to drive with simulators? And why would you want to run CP/M -- the decades-old operating system -- under Linux?

You've built an awesome set of APIs and you have a wide array of devices and clients using them. Then you need to upgrade an end point or change them in a meaningful way. Now what? That's the conversation I dive into over the next hour with Stanislav Zmiev. We're talking about Versioning APIs. Episode sponsors Neo4j Sentry Error Monitoring, Code TALKPYTHON Talk Python Courses Links from the show Stanislav Zmiev: github.com Monite: monite.com Cadwyn: github.com Stripe API Versioning: stripe.com API Versioning NOtes: github.com FastAPI-Versioning: github.com Flask-Rebar: readthedocs.io Django Rest Framework Versioning: django-rest-framework.org pytest-fixture-classes: github.com Watch this episode on YouTube: youtube.com Episode transcripts: talkpython.fm --- Stay in touch with us --- Subscribe to us on YouTube: youtube.com Follow Talk Python on Mastodon: talkpython Follow Michael on Mastodon: mkennedy

In this episode of 'Whiskey, Web, and Whatnot', hosts RobbieTheWagner and Charles William Carpenter III debate podcast names, discuss the feasibility of creating a company, and share insights on tech projects like Biome and Shepherd. They also talk about the importance of leveraging built-in features in tech systems, their take on tech wars, thoughts about the future of JavaScript, and more. Accompanying their tech-related discussions are whiskey tasting notes on Sweetens Cove, Tennessee Straight Bourbon Whiskey. Key Takeaways [00:37] - The Reality of Being a CEO [01:39] - The Mystery of HTMX [02:16] - Whiskey Tasting: Sweetens Cove [03:06] - The Science of Whiskey Aging [03:21] - The Curious Case of Soft Water [03:42] - Pop Culture References and Whiskey [07:33] - Whiskey Rating and Review [15:52] - Tech Talk: GraphQL and Sidebar Placement [20:23] - The Future of OpenAI [26:47] - Social Media Algorithms and Engagement [29:12] - Ubuntu Server and Daily Use Challenges [30:08] - Exploring Framework Laptops and Modular Tech [30:52] - The Linux User Experience: A Developer's Perspective [32:32] - The Pros and Cons of Arch Linux [33:31] - The Future of Linux and the Framework Laptop [34:08] - The Struggles of App Development on Ubuntu [36:27] - The Rise of New JavaScript Runtimes [37:45] - Exploring Biome: A New Web API Framework [49:39] - The Future of Shepherd: A Library for Web APIs [55:19] - Christmas Shopping Habits and Affiliate Programs Connect with our hosts Robbie Wagner Chuck Carpenter Subscribe and stay in touch Apple Podcasts Spotify Google Podcasts Whiskey Web and Whatnot Whiskey Web and Whatnot Merch Enjoying the podcast and want us to make more? Help support us by picking up some of our fresh merch at https://whiskey.fund/⁠. --- Send in a voice message: https://podcasters.spotify.com/pod/show/whiskey-web-and-whatnot/message

Tracy Lee, Adam Rackis, Ben Lesh host Chance Strickland to discuss new web APIs, CSS, Tailwind and Atomic CSS pros and cons, React Server Component implementations, and so much more on this podcast. Sponsored by This Dot Labs Watch this Episode on YouTube. Read more on our blog.  

Thomas Steiner talks with us about Project Fugu, an effort from Google to enable new classes of applications to run on the web. What is Project Fugu? What are some of Thomas' favorite APIs to use? What is an IWA vs a PWA? And more! Show Notes 00:32 Welcome 01:52 Who is Thomas Steiner? 02:57 What is the overall goal of Project Fugu? 08:17 When might we see these APIs come to all browsers? 14:10 Do you have examples of companies pushing for an API? 18:53 What happens with the face detection API? 28:33 What is an IWA? 35:17 What is the web transport API for? 37:11 What is MIDI? 41:20 Nintendo Joycon hack 45:28 File handlers in a PWA 50:38 File System Observer API coming soon 56:26 Sick Picks Onnx HuggingFace Chrome for Developers Fugu API Tracker Google I/O 2023 LEGO Education SPIKE Igalia CapCut Descript Better Touch Tool Sick Picks Laser printers Shameless Plugs HowFuguIsMyBrowser Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott:X Instagram Tiktok LinkedIn Threads

Chris Woodruff, or as his friends call him, Woody, is a software developer and architect of over 25 years. Woody loves software engineering, especially allowing applications and services to communicate across networks and through Web APIs. He has been a Microsoft MVP in SQL, Data, and C# in the past, along with multiple years of being awarded the AWS Community Builder Award. Woody lives in Grand Rapids, Michigan, where he explores the many breweries in West Michigan and travels with his family. Woody is also a long-time bourbon fan and loves hunting for whiskey bottles.   Topics of Discussion: [4:46] The many positions Woody has held in his career. [7:14] The genesis behind Woody's new book, Practical Network Programming Using C#. Dive deep into #CSharp12 and #DotNET8. [9:24] The second book Woody is working on co-writing, on the patterns of developer relations. [14:10] The original intent of the internet was to protect the military. [15:22] What is a packet? [21:08] A brief history of web services. [24:00] Who was Roy Fielding? [28:48] Woody talks about using different applications, the WebSocket service, and Dapr. [35:36] You have to know about the transport across the network, as well as how to build the code and architect your application so that it utilizes the network efficiently. [40:14] We can expect the book out by May or June 2024.   Mentioned in this Episodes: Clear Measure Way Architect Forum Software Engineer Forum Programming with Palermo — New Video Podcast! Email us at programming@palermo.net Clear Measure, Inc. (Sponsor) .NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon! Jeffrey Palermo's Twitter — Follow to stay informed about future events! Architect Tips — Video podcast! Azure DevOps Chris Woodruff's Blog Chris Woodruff LinkedIn Chris Woodruff Twitter   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

The next generation of object-oriented programming in R arrives on CRAN, a novel use of R to automate R scripts and documents for Tidy Tuesday analyses, and a terrific presentation de-mystifying the world of web APIs in R. Episode Links This week's curator: Eric Nantz - @theRcast (https://twitter.com/theRcast) (Twitter) & @rpodcast@podcastindex.social (https://podcastindex.social/@rpodcast) (Mastodon) {S7} 0.1.0 (https://cran.r-project.org/package=S7): An Object Oriented System Meant to Become a Successor to S3 and S4 Creating template files with R (https://nrennie.rbind.io/blog/script-templates-r/) A Gradual Introduction to Web APIs and JSON (https://laderast.github.io/intro_apis_json_cascadia/#/title-slide) Entire issue available at rweekly.org/2023-W35 (https://rweekly.org/2023-W35.html) Supplement Resources S7 - A new object-oriented system in R https://rconsortium.github.io/S7/ Name of the game (issue 262): https://github.com/RConsortium/OOP-WG/issues/262 TidyX Episode 109 - R Classes and Objects - Making an S3 Object Part 1 https://www.youtube.com/watch?v=k9PGOx9Oqjo Mike's boston R user group talk (https://github.com/mthomas-ketchbrook/boston_useR_talk) Standard Notes (End-to-End Encrypted Notes App) https://standardnotes.com/ HedgeDoc https://hedgedoc.org/ fs - Provide cross platform file operations based on libuv https://fs.r-lib.org/ Room by Room Temperature Tracking (Jared Lander) https://www.jaredlander.com/2021/02/room-by-room-temperature-tracking/ Ted Laderas - A gRadual introduction to Web APIs and JSON https://www.youtube.com/watch?v=HA7KfdEsdpo Open Call for rOpenSci Champions Program 2023 Applications (deadline September 4th, 2023) https://ropensci.org/champions/ Supporting the show Use the contact page at https://rweekly.fireside.fm/contact to send us your feedback R-Weekly Highlights on the Podcastindex.org (https://podcastindex.org/podcast/1062040) - You can send a boost into the show directly in the Podcast Index. First, top-up with Alby (https://getalby.com/), and then head over to the R-Weekly Highlights podcast entry on the index. A new way to think about value: https://value4value.info Get in touch with us on social media Eric Nantz: @theRcast (https://twitter.com/theRcast) (Twitter) and @rpodcast@podcastindex.social (https://podcastindex.social/@rpodcast) (Mastodon) Mike Thomas: @mike_ketchbrook (https://twitter.com/mike_ketchbrook) (Twitter) and @mike_thomas@fosstodon.org (https://fosstodon.org/@mike_thomas) (Mastodon) Music Credits powered by OverClocked Remix (https://ocremix.org/) Fiesta Amongst the Trees - Ristar - Southwestern College Afro-Cuban Jazz Ensemble - https://ocremix.org/remix/OCR02125 Suco de Melancia - Final Fantasy 7 Voices of the Lifestream - Red Tailed Fox - https://ocremix.org/remix/OCR01671

In this episode we talk about Mark's book Testing Web APIs, API playground (with planted bugs) restful booker and open-source automation curriculum.Make sure to sign up for TestBash UK 2023 and buy Mark's book!

Die Google I/O hat letzte Woche stattgefunden. Jojo geht für uns im Detail durch die News, die dort zu Dart 3 und Flutter 3.10 gedroppt wurden. Fabi erzählt uns, was es mit der neuen Baseline für Web APIs auf sich hat und warum das im Development-Alltag interessant sein kann, um zu entscheiden, welche Web APIs man nutzen will, um möglichst viele User:innen & Devices zu unterstützen.Vue hat mit ihrer Version 3.3 viel für die Developer:innen-Erfahrung getan und Sebi erzählt uns dazu noch, was es mit dem neuen Browser Opera One auf sich hat.Zum Ende hin wird nochmal gemunkelt, was Apple wohl für AI Features auf der WWDC vorstellen wird. Einen kleinen Sneak Peek liefern sie mit neuen Accessibility Features wie der Möglichkeit, mit 15 Minuten Sprachinput die eigene Stimme auf dem iPhone zu synthetisieren und sie in Facetime Calls zu nutzen.Schreibt uns! Schickt uns eure Themenwünsche und euer Feedback: podcast@programmier.barFolgt uns! Bleibt auf dem Laufenden über zukünftige Folgen und virtuelle Meetups und beteiligt euch an Community-Diskussionen. TwitterInstagramFacebookMeetupYouTube

Nell'ultima preview di Visual Studio (17.6) sono state introdotto un pò di novità interessanti per quanto riguarda lo sviluppo di Web API. Minimal API sempre più presenti, ma non solo.https://devblogs.microsoft.com/visualstudio/web-api-development-in-visual-studio-2022/https://www.youtube.com/watch?v=fB2xhssN_EYhttps://marketplace.visualstudio.com/items?itemName=humao.rest-client

In this episode, Nick tells you everything you need to know about the three big announcements for Power Pages over the past two weeks. Ulrikke makes a mess of iterative empiricism; the topic of Neil Benson's latest episode on the Amazing Applications podcast. Also, no podcast episode without rants

Ten unique ways to create your own Web APIs in R, and how you can import local and remote data files in CSV and (yes) Excel formats with a selection of innovative R packages. Episode Links This week's curator: Jon Calder (@jonmcalder (https://twitter.com/jonmcalder)) (Twitter) Hello world examples with 10 different R web API frameworks (https://gist.github.com/psolymos/284b43b8dd0583b33ca7fc7dcf71082b) Reading Remote Data Files (https://kieranhealy.org/blog/archives/2023/03/25/reading-remote-data-files/) Entire issue available at rweekly.org/2023-W14 (https://rweekly.org/2023-W14.html) Supplement Resources Seeking community endorsement for an upgrade to 'Big Book of R' (https://oscarbaruffa.com/bigbookofrupgrade/) Supporting the show Use the contact page at https://rweekly.fireside.fm/contact to send us your feedback Get a New Podcast App and send us a boost! https://podcastindex.org/apps?elements=Boostagrams%2CValue Support creators with boostagrams using Podverse and Alby: https://blog.podverse.fm/support-creators-with-boostagrams-and-streaming-sats-using-podverse-and-alby/ A new way to think about value: https://value4value.info Get in touch with us on social media Eric Nantz: @theRcast (https://twitter.com/theRcast) (Twitter) and @rpodcast@podcastindex.social (https://podcastindex.social/@rpodcast) (Mastodon) Mike Thomas: @mike_ketchbrook (https://twitter.com/mike_ketchbrook) (Twitter) and @mike_thomas@fosstodon.org (https://fosstodon.org/@mike_thomas) (Mastodon)

Christopher Abbondandelo graduated with Web Development Evening Cohort 18. Through my experience helping to market SaaS products, I was constantly wondering how they actually worked. To better communicate the value of the software, I had to gain hands on technical experience and decided to enroll in NSS. I am thankful for my sales experience, but I am way more excited to be on the 'building' side of things rather than selling. I enjoy building Web APIs, user friendly react applications, and utilizing third party APIs. When I am not perfecting my technical craft, you can find me tying flies, enjoying a nice bourbon or walking my corgi Daisy!

Il web è open. È nato open, e le più grandi innovazioni che abbiamo visto nel corso della sua trentennale vita sono avvenute grazie alla sua natura open. HTML, JavaScript, CSS, le Web APIs, HTTP, le URI: sono tutte tecnologie open che stanno alla base del suo funzionamento. Oggi l'Open Web è a rischio, per l'avvento dei grandi gatekeeper, ma alcuni progetti tentano di mantenere il controllo nelle mani degli utenti, con sempre maggior forza: Drupal è uno di questi, e oggi ne parliamo.Con: Edoardo Dusi, Paolo Mainardi, Luca Lusso, Roberto Peruzzo/* Newsletter & Telegram */https://landing.sparkfabrik.com/continuous-delivery-newsletterhttps://t.me/continuous_delivery

Matt McLarty (@mattmclartybc) is the Global Field CTO at MuleSoft. He works closely with organizations to define digital strategies, as well as design and implement enterprise-grade API and microservices solutions. An experienced software architect, Matt has worked extensively in the field of integration and real-time data distribution. He is the co-author of the O'Reilly books Microservice Architecture and Securing Microservice APIs, co-author of the ebook Develop a Winning API Product Strategy, co-author of the HBR article “APIs Aren't Just for Tech Companies” and co-host of the APIs Unplugged podcast. Hosted on Acast. See acast.com/privacy for more information.

The ABAP platform offers powerful programming frameworks, like the ABAP RESTful Application Programming Model (RAP), that make a developer's life much easier when creating SAP Fiori applications and Web APIs on SAP HANA. But what happens when the application is not doing exactly what you are expecting, or when you just want to understand the ABAP logic behind an SAP Fiori app? In this webcast, you will learn about the rich features of the ABAP troubleshooting tools in Eclipse, like the new ABAP cross trace, the ABAP debugger, and the CDS analysis tools.

The ABAP RESTful Application Programming Model (RAP) offers a set of concepts, tools, languages, and powerful frameworks on the ABAP platform to both efficiently build innovative and cloud-ready SAP Fiori applications and Web APIs; and extend SAP standard apps in a lifecycle-stabile manner. RAP is available on SAP BTP ABAP Environment (aka Steampunk), SAP S/4HANA, and SAP S/4HANA Cloud. In this webinar, you will learn about the newly added RAP extensibility options and the easy exposure of business events in RAP-based applications. Guest Speakers: Marcel Hermanns, RAP Product Lead Gururaj Raman, Development Expert S/4HANA Product Engineering Dr. Martin Mueller, Product Owner RAP Business Events Daniel Wachs, Lead Architect RAP Extensibility Additional Links: https://blogs.sap.com/2022/09/05/embedded-steampunk-some-more-details-for-abap-developers/?campaigncode=CRM-XB22-MKT-DGEPDCST

The ABAP RESTful Application Programming Model (RAP) offers a set of concepts, tools, languages, and powerful frameworks on the ABAP platform to efficiently build innovative and cloud-ready SAP Fiori applications and Web APIs from scratch or by reusing existing code. RAP is available on SAP BTP ABAP Environment (aka Steampunk), SAP S/4HANA, and SAP S/4HANA Cloud. But which legacy ABAP code can be reused in RAP? What must developers do to ensure the transactional consistency of the SAP Logical Work of Unit (LUW) when working with RAP? These questions and more will be discussed in this webcast. Guest Speakers: Marcel Hermanns, RAP Product Owner Renzo Colle, RAP Lead Architect Volker Drees

Audio from the September 13, 2022 installment of “Polygon Alpha” with Dave Connor, co-founder & Ashar Shahid, core protocol developer at API3.LinkTree - https://linktr.ee/polygonalphapodcastPolygon Alpha Shorts - https://tinyurl.com/PolygonAlphaShortsYouTube - https://www.youtube.com/c/PolygonTVApple - Follow the show on Apple Podcast!Spotify - Follow the show on Spotify!RSS feed - https://api.substack.com/feed/podcast/863588.rssAPI3 - API3 is a collaborative project to deliver traditional API services to smart contract platforms in a decentralized and trust-minimized way. - It is governed by a decentralized autonomous organization (DAO), namely the API3 DAO. Therefore, its code is open source and its operations are transparent. - The vast majority of the external integrations that decentralized applications need are to commercial Web APIs that traditional businesses have built to monetize their data and services. - Therefore, what is widely known as the oracle problem is in practice an API connectivity problem. - Existing oracle solutions fall short because they fail to make this distinction, resulting in inferior solutions that depend on third-party oracles and ecosystems that exclude API providers. - By refining the definition of the problem, API3 aims to provide a much more optimal solution. - At its core, API3 brings the ability for API providers to easily run their own oracle nodes. - This allows them to provide their data on-chain, without an intermediary, to any decentralized app (dApp) interested in their services. - At the heart of this mechanism sits Airnode, an open-source oracle node. - It's designed to be easily deployed by any API provider with almost no maintenance. - Because of Airnode, dApp developers can write smart contracts to interact with the on-chain data of API providers. - Airnode is designed with mechanisms to remove the on-chain or off-chain concerns of API providers. - The set-and-forget framework of Airnode is all about ease of implementation.Host: Justin Havins aka Crypto TexanAV Engineer: Aaron PettijohnPolygon official channel:Website: polygon.technologyTwitter: twitter.com/0xPolygonTelegram Community: t.me/polygonofficialTelegram announcement: t.me/PolygonAnnouncementsReddit: www.reddit.com/r/0xPolygon/Discord: discord.com/invite/polygonFacebook: www.facebook.com/0xPolygon.Technology/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit polygonalpha.substack.com

This interview was recorded for the GOTO Book Club.gotopia.tech/bookclubRead the full transcription of the interview hereMike Amundsen - Author of "Restful Web API Patterns & Practices Cookbook" and (Co-)Author of Many More BooksAlianna Inzana - Vice President of Product at WeTransferDESCRIPTIONThe API ecosystem is evolving and the focus is changing from “how to design them” to “how to implement them”. Mike Amundsen, author of "Restful Web API Patterns & Practices Cookbook", and Alianna Inzana, VP of Product at WeTransfer, cover the recent changes while also touching on broader subjects like evolvable architectures. Join them in this conversation around restful web API.The interview is based on Mike's book "Restful Web API Patterns & Practices Cookbook"RECOMMENDED BOOKSMike Amundsen • Restful Web API Patterns & Practices CookbookMike Amundsen • Design and Build Great Web APIsMike Amundsen • RESTful Web ClientsRonnie Mitra & Irakli Nadareishvili • Microservices: Up and RunningRonnie Mitra, Irakli Nadareishvili, Matt McLarty & Mike Amundsen • Microservice ArchitectureRonnie Mitra, Mehdi Medjaoui, Erik Wilde & Mike Amundsen • Continuous API ManagementRonnie Mitra & many more • DataPower SOA Appliance Administration, Deployment, and Best PracticesJames Higginbotham • Principles of Web API DesignTwitterLinkedInFacebookLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket at gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted almost daily.

Dominique Gurnard, VP Cloud & IoT at Digimarc, ex CTO & Co-founder of EVRYTHNG, Co-chair of the GS1 Digital Link Standard, Web API work package leader of the EPCIS Standard, joins the Podcast to speak about their project with the European Union (EU), to create Digital Product Passports, how they utilize Blockchain/DLT for their products, how they wish to integrate crypto tokens in to this and much more.

[קישור לקובץ mp3] פודקאסט מספר 446 של רברס עם פלטפורמה - אורי ורן מארחים בסוף אוגוסט את אליעד מחברת noname לשיחה על APIs ועל איך לאבטח APIs ב-Web - ולא רק ב-Web.(אליעד) לא רק ב-Web - גם בין אפליקציות, השימוש ב-APIs ניהיה נרחב מאוד בזמן האחרון.(רן) מעולה - אז לפני שנדבר על APIs, נכיר קצת את אליעד - (אליעד) אז אני אליעד, כמו שאמרתם - אני בן 26, מתל אביב.עקרונית, רוב השנים עבדתי בתחום ה-IR - שזה Incident Responseשם' בעצם - הגעת לאירוע, חקרת אותובדקת מה התוקף עשה ברשת - מאיפה הוא הגיע, באילו קבצים הוא נגעוממש פעלת בכובע של - הייתי אומר “בלש משטרתי” כזה - של עולם האינטרנט . . . (אורי) אני נתפסתי לרגע ל . . . “רוב החיים עבדתי ב . . .” - טוב - אתה חצי מהגיל שלי . . . .(אליעד) רוב החיים שלי . . . (רן) אני דווקא הלכתי לכיוון שרלוק הולמס . . . (אליעד) כן . . . . אז זה בערך בחמש-שש השנים האחרונות, הייתי ב-Incident Response.לאחר מכן, רציתי לעשות טיפה שינוי בעבודה - והלכתי יותר לתחום המחקררציתי לחקור משהו שעכשיו מעניין - שעכשיו כולם משתמשים בווראיתי שכל התחום של ה-Cloud ו-APIs וכל הדברים האלה - זה… קרא עוד

This interview was recorded for the GOTO Book Club.gotopia.tech/bookclubRead the full transcription of the interview hereJames Higginbotham - Author of "Principles of Web API Design" and Executive API Consultant at LaunchAnyMike Amundsen - Author of "Design and Build Great Web APIs" and (Co-)Author of Many More BooksDESCRIPTIONJames Higginbotham, author of “Principles of Web API Design”, outlines the key points of creating and using APIs in today's world. In the conversation with Mike Amundsen, author of “RESTful Patterns and Best Practices for API's Cookbook” you discover the principles of James' ADDR process and how job stories and event storming contribute to a successful API launch. Furthermore, they touch upon key terms such as minimum viable portal and why API boundaries are so hot at the moment. The interview is based on James's book "Principles of Web API Design".RECOMMENDED BOOKSJames Higginbotham • Principles of Web API DesignMike Amundsen • Design and Build Great Web APIsMike Amundsen • RESTful Web ClientsRonnie Mitra & Irakli Nadareishvili • Microservices: Up and RunningRonnie Mitra, Irakli Nadareishvili, Matt McLarty & Mike Amundsen • Microservice ArchitectureRonnie Mitra, Mehdi Medjaoui, Erik Wilde & Mike Amundsen • Continuous API ManagementRonnie Mitra & many more • DataPower SOA Appliance Administration, Deployment, and Best PracticesTwitterLinkedInFacebookLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket at gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted almost daily.Discovery MattersA collection of stories and insights on matters of discovery that advance life...Listen on: Apple Podcasts Spotify Health, Wellness & Performance Catalyst w/ Dr. Brad CooperLooking for a catalyst to optimize your health, wellness & performance? You've found it!!Listen on: Apple Podcasts Spotify

Arnaud Lauret is currently working on the Postman Open Technology team. The team educates engineers and organisations to take advantage of APIs. Arnaud shares his knowledge on his blog apihandyman.io and has also written the book "The Design of Web APIs".Our  .tech series invites guests inside and outside of Form3, discussing current trends in the engineering world alongside shedding light into some of the engineering practices here at Form3. Get in touch with us via this short form if you'd like to be  a podcast guest. Interested in joining Form3? Check out our careers site. 

Paul Zehetmayr, LimeWire CEO, is an entrepreneur with a proven track record in business, and a background in programming and economy. Him and his brother Julian co-founded Stack Holdings, a Vienna-based SaaS portfolio company, including eversign, invoicely and ZeroSSL, used by over one million B2B customers worldwide. His previous company, apilayer, was acquired by the Texan company Idera in 2021. As the CEO of Stack Holdings, Paul not only led business development and growth, but also product development.Julian Zehetmayr, LimeWire CEO, is a founder covering business operations, market strategy and product development. He, alongside his brother Paul, is the co-founder and CEO of Stack Holdings, a company with two SaaS products: invoicely.com, eversign.com and ZeroSSL with more than one million B2B customers around the world. In 2021 he sold his company apilayer, which has a portfolio of productivity-boosting Web APIs & cloud-based microservice applications to leading Texan company Idera.In this conversation, we discuss:- The story behind the Limewire business pivot - The re-launch and repositioning of the brand - Recent private token sale - How the brand was once a major player in the media - Algorand partnership - co-CEO roles- NFTs and the music industry - How NFTs are affecting media  LimeWireWebsite: limewire.comTwitter: @limewireInstagram: @limewirePaul ZehetmayrTwitter: @PZehetmayrJulian ZehetmayrTwitter: @julianzehetmayr---------------------------------------------------------------------------------  This episode is brought to you by PrimeXBT.  PrimeXBT offers a robust trading system for both beginners and professional traders that demand highly reliable market data and performance. Traders of all experience levels can easily design and customize layouts and widgets to best fit their trading style. PrimeXBT is always offering innovative products and professional trading conditions to all customers.  PrimeXBT is running an exclusive promotion for listeners of the podcast. After making your first deposit, 50% of that first deposit will be credited to your account as a bonus that can be used as additional collateral to open positions.  Code: CRYPTONEWS50  This promotion is available for a month after activation. Click the link below:  PrimeXBT x CRYPTONEWS50

On this week's episode of Industry Relations Greg and Rob welcome Sam DeBord, CEO of RESO,  to the show as they dig deep into data standards and why Sam DeBord & RESO need the axe! The guys talk about how to survive week-long conferences as it is officially convention season in America. They talk with Sam about MLS, Web API, RESO, brokers and vendors, and much more!  Learn more about RESO's CEO Sam DeBord: https://www.reso.org/sam-debord/  

In today's episode of The DIVI Crypto Podcast, we are talking with Bryan Ritchie, the CEO of Simba Chain. Simba Chain allows you to make blockchain apps in a cloud environment without needing blockchain developers. SIMBA Chain lets you pick from 16 protocols and start making smart contracts with drag and drop tools. Simba Chain offers across the board privacy and security features that meet Government standards. The Department of Defense, the US Army and the US Navy all rely on us for secure, private blockchain solutions. Simba Chain is a chain free high-powered API system, using portable, flexible, and future-proof interfaces to smart contracts for designing trustless Web3 apps. The Simba Chain Platform auto-generates virtual REST APIs for smart contracts to easily integrate into clients' applications. Simba makes connecting to Blockchain as easy as MuleSoft does for enterprise systems, or as a Web API does for services or infrastructure. Simba offers a Smart Contract Designer (SCD) tool, allowing users to build smart contracts via a simple drag and drop UI. Users can stipulate data relationships of their digital assets and smart contracts, and the passage of said assets, even various versions of the smart contract, or allowing for the linking contracts on different chains together. Current supported chains are Ethereum, Quorum, Stellar, RSK, Binance, Avalanche, Hyperledger Fabric, Hyperledger Burrow, and Hyperledger Sawtooth. SIMBA QuickStart auto-generates Representational State Transfer (REST) APIs allow for access to smart contract methods that interact on the blockchain ledger and provides admittance control groups for reading or writing. Each of the API endpoints permit multiple data files to be connected and stored off-chain in a data store. Data comes into the platform as multipart attachments to the REST endpoints. They are then checked for access before being sent to the data bundling system. The bundling algorithm holds all files and makes hashcodes for assemblage into a manifest file. This is stored in the data store, with the hashcode enchained on the blockchain to vouch for the wholeness of the data placed into the platform. Simba is decentralized. This means that there is no single point of control, thus there is no single point of failure. It is immutable, and once data is stored, it can't be tampered with, altered, or deleted. It is customizable, where you bring your own logic, and our platform auto-generates your custom API. Lastly, Simba has low latency, using Microsoft Azure Government for lightening transactions. Company Information: https://simbachain.com/ https://twitter.com/SimbaChain https://www.linkedin.com/company/simbachain/ https://www.facebook.com/SIMBAChain/ https://www.instagram.com/simbachain/ https://www.youtube.com/simbachain https://github.com/SIMBAChain https://www.reddit.com/user/SIMBAChain/ https://discord.gg/bgfupJr -- DIVI is creating the world's first closed-loop, vertically-integrated cryptocurrency ecosystem. Much like Apple's ecosystem is anchored by iCloud, the DIVI Project blockchain serves as the core of the DIVI network of technologies. Thanks to a keen understanding of the divide that separates the mainstream from the crypto world, the DIVI team is able to create solutions to the industry's biggest problem: adoption by non-technical users. DIVI's user-friendly, one-click solutions aim to bring blockchain-based payments into modernity with great UX. In this podcast, we will cover all aspects of cryptocurrency, hot topics, and technology as worldwide adoption grows.

Steve drinks coffee and shares a BC Web API issue that he found.There are quite a few screen shots and text referenced in this episode, so if the audio only version is a bit confusing, head over to youtube.com/steveendow to watch Episode 89 to see what I'm talking about. https://www.youtube.com/watch?v=dgCpUT3yFhoMusic by Philip E Morris - Good Morning - https://soundcloud.com/philipemorris

Ok, we are really spinning our wheels now getting a new app idea pinned down, but the upshot is there are a lot of interesting subjects touched upon this week, including the "confirmation" of RealityOS, how people occlusion works in ARKit, a tangent about the history of Web API technologies, and much more. Plus, our Not a Sponsor this week could help you keep your food from spoiling! ## Topics Discussed: - RealityOS is Real! - How ARKit People Occlusion Works - What makes a good AR experience, according to Apple - AR Goggles Pricing and Design - A Tangent on XML, JSON, gRPC, and Web APIs - Ray casting and ray tracing - Not a Sponsor: GroceryTimer.app Intro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

Today on the Fortune Teller podcast, we are talking with Mason Burkhalter, Head of Operations at API3. API3 allows for the creation of trustless applications that interact with Web APIs. Instead of using legacy third-party oracle networks, API3 is moving towards first-party oracle options to provide more security, efficiency, regulatory compliance, and simplicity. The API3 data feeds are governed by an open DAO of stakeholders, industry experts and project partners. This lets dAPIs to be operated with maximal transparency, minimal trust in centralized operators, and without centralized attack surfaces. API token holders take a direct part in governing the project by staking API3 tokens into the API3 insurance staking contract, granting voting power in the API3 DAO. Third party oracles are both insecure and expensive. API3 data feeds are not exposed to data tampering and denial of service attacks by middlemen, as API3 does not have third-party node operators. Thus, API3 data feeds reach higher cost-efficiency, with fewer attack surfaces. Source-level decentralization of dAPIs is enabled by Airnode, a fully serverless oracle node to be deployed by any API provider for free, and with little day-to-day management. API3 provides dAPI users with an on-chain insurance, powered by the API3 token and Kleros' decentralized courts. API3's insurance gives dAPI users a quantifiable safety net in the event of a malfunction, and holds the API3 DAO directly responsible for the dAPIs' security, while it incentivizes a security-first governance approach for dAPIs, along with the API3 project as a whole. Furthermore, dAPIs can be bridged to any blockchain, being a multi-layer, cross-platform data solution. This allows for smart contracts on various platforms with more accurate access to premium real-world data. This multi-layer, cross-platform approach lets any smart contract platform leverage API3's ecosystem of dAPIs and data-integration tools by creating a bridge between API3 and the network. API3 allows for API providers to easily run their own oracle nodes. With this, API providers can provide their data on-chain, without an intermediary, to any decentralized app (dApp) interested in their services. Using a single first-party oracle creates centralization at the API level, and requires the API provider to be trusted. An oracle network makes the request to multiple independent oracles, reducing their responses to a single answer via predetermined consensus rules implemented as a smart contract. With these, individual malicious oracles cannot manipulate the outcome, creating a level of decentralization and trustlessness. In addition, the oracle network must be governed decentrally as well. Otherwise, a central entity can switch the oracles or APIs used, or replace the aggregator to manipulate the oracle network output. To learn more about API3, visit: https://api3.org/ https://www.linkedin.com/company/api3/ https://www.youtube.com/c/API3DAO/featured https://twitter.com/API3DAO -- The Fortune Teller podcast is a discussion between industry leaders in blockchain and financial technologies. The podcast focuses on the development of blockchain-based financial services and outlines the current state of the industry and future predictions for the adoption of decentralized finance. Go to www.teller.finance/

如果喜欢我们的节目，欢迎通过爱发电打赏支持：https://afdian.net/@pythonhunter 嘉宾 李辉 主播 laixintao 时间线 00:00:16 前情提要 00:01:57 李辉的职业规划 00:04:24 自由职业很自由，但是也有代价 00:07:45 收入不稳定的焦虑 00:10:30 工程经验的缺失 00:13:23 开源项目和公司项目运作的不同 00:16:24 自由职业工种：做外包 00:25:41 自由职业工种：编程咨询 00:29:06 自由职业工种：写文章 00:34:12 自由职业工种：翻译 00:39:40 自由职业工种：做视频课程 00:43:47 自由职业工种：写书 00:46:05 在不同的地方工作 00:47:38 社保是虾米？ 00:49:25 什么样的工作会让人感到快乐和充实？ 00:52:57 开源项目赞助 00:57:15 一个人工作效率更高？ 01:01:18 在家办公的氛围和孤独感 01:03:18 注意力和自制力问题 01:07:56 小马过河 链接 00:21:16 Upwork 00:22:20 fiverr 00:24:44 PeoplePerHour 00:29:50 李辉的 Twilio 文章 00:32:45 阮一峰的博客 00:36:29 The Design of Web APIs 00:37:39 Two Scoopes of Django P.S. 本期播客埋了一个音乐相关的彩蛋。 P.P.S 李辉两次提到的「稿税」应为「版税」。

Arnaud Lauret (the API Handyman), was featured on to API Intersection to discuss style guide best practices. As the author of the API Stylebook and the novel "Design of Web APIs," this Natixis Senior API Architect was the perfect guest for this topic. In our recent podcast episode, we covered the six major style guide tips that will improve your developer experience and level up your API design.  If you have a question to submit to our podcast, do it here: https://stoplight.io/question/. 1. Not All Who Design Are Developers "I often work with API designers who are not developers and have more of a business analyst background. So, I decided to add in specific use case documentation to better help them understand the guidelines and apply that to their API development," - Arnaud Lauret. Arnaud expressed how use case documentation is essential when working with API designers who don't have a developer background. The style guide focus for business-minded designers shouldn't be on the rules and rulesets, but on viewing the style guidelines as recipes. Arnaud alludes to designing APIs like shopping for a recipe and utilizing the guidelines as your shopping list to understand what components need to be designed. Make your style guides easy to understand and apply to the real world because not every designer that stumbles across it will have a technically-minded background.2. The Importance of Discoverability"What do you want to do with your APIs, and how do you want to do it? And what are the rules of your domain? Why do you name it like that? Is it? I say these things every day. If you want to be a good API design reviewer, you must not be afraid to ask stupid questions, and it's really for the better. If you don't have discoverability of your APIs, you could be in trouble," - Arnaud Lauret.One common problem with APIs is duplication of effort. If multiple teams are developing overlapping functionality, your company may have simply wasted it's investment, and worse, created duplication of maintenance needs going forward. Ensuring that new APIs are rationalized into a portfolio is essential (i.e. ensuring it makes sense, is reusable and doesn't duplicate something that already exists). However, making sure that new designs are made available to the rest of the organization provides additional assurance that teams will connect on overlaps before investing code time. Furthermore, sharing leverage of APIs builds reusability and overall synergy. If consumers of APIs can't find the right thing to use because it's not discoverable, you might end up with another source of duplicated effort. 3. Use Style Guide Automation to Drive Consistency "Teaching people to understand the concerns of consistency is necessary. At the beginning, most people don't care about it or aren't aware of it, so it needs to be addressed." - Arnaud Lauret. Automating style guides can quickly bring visibility to APIs which have design attributes which are inconsistent with the rest of the platform.. By eliminating (as much as possible) discussion about conventions which could be checked automatically, time is freed up to address bigger design questions than simple conventions. . Better yet, API reviews happen much faster, mitigating the risk that the API review process becomes a bottleneck to innovation.Arnaud explains that for consistency, there are things within your style guides that you can fully automate and that which you can partially automate that will save you a lot of time later on. For example, Arnaud partially automates questions using Spectral, Stoplight's open-source linting tool that provides automatic validation and linting warnings. Even with automation, building consistency takes time. Arnaud explains that it's often review after review, playing the long game to slowly but surely help people understand the critical role consistency plays in developing APIs. 4. Envision Governance from a Human Perspective "There are two ways to do a design review. You can be a jerk, acting as a gatekeeper and policing all the rules….or you can do it the right way by showing empathy for the designer," - Arnaud Lauret.It's critical to employ empathy when looking at governance from a global perspective and during an API design review. We've seen this theme trending in many conversations with API leaders, clearly it's great advice. When conducting an API design review, it's important not to enforce it as a method of control and job policing. As the reviewer, Arnaud notes that you need to take on the persona of a helping hand, explaining to designers that you are not there to tell them what they are doing wrong. Instead, you are there to explain design principles and provide value for how the API design can be modified or fixed. Based on the designers' context, discuss their needs and build it together. In the end, the API designer gets to make the final decision, as they are the domain expert. Arnaud finds this approach works exceedingly well. 5. Apply Your Design Thinking on a Larger Scale"The API design you are preaching and the tips you're using to create good style guides are actually principles that you can apply everywhere," - Arnaud Lauret. As one goes through the process of design thinking, the questions you're asking yourself and solutions you are solving can be applied everywhere, not just to style guide implementation and API design. In fact, those same principles of success can be applied to user experience in making things that are actually fulfilling, to solutions to existing programs, to mobile apps, and more. When developing any kind of system in general, there is a design component that people often get wrong: it has to be easy to understand. Many people will take a comprehensible system over a high-performing one any day. If you can understand how something works and how to replicate it, you're much more likely to use it and keep utilizing it in the future. Design thinking goes far beyond the world of APIs, but it's a great practice to apply the same concept to larger-scale programs, products, and technology teams. Digital and platform transformations often require infusing design thinking across the organization, API design is simply one facet.6. More Resources on Creating Successful Style GuidesFor more, check out our full podcast episode with Arnaud or his API Stylebook. As for other guides and resources around proper style guide creation, implementation, and API program scaling, see our list of resources below.  API Style Guide Best Practices  Style Guide Tooling  What to Include in Your Style Guide Style Guide Overview Do you have a question you'd like answered, or a topic you want to see in a future episode? Let us know here:https://stoplight.io/question/

Es ist wieder so weit: Wir haben uns eine neue Web-API rausgesucht, über die wir sprechen wollen. Der Schepp hat Ahnung und erklärt uns wie es geht. UNSER SPONSOR Diese Folge wird gesponsert von Fl…

GSoC 2018 Projects announced, tutorial FreeBSD jails with iocage, new Code of Conduct for FreeBSD, libhijack, and fancy monitoring for OpenSMTPD This episode was brought to you by Headlines Google Summer of Code 2018 (https://summerofcode.withgoogle.com/organizations/?sp-page=5) FreeBSD (https://www.freebsd.org/projects/summerofcode.html) FreeBSD Google Summer oF Code Ideas (https://wiki.freebsd.org/SummerOfCodeIdeas) You can join #freebsd-soc on the efnet IRC network to chat with FreeBSD developers interested in mentoring student proposals and projects, past FreeBSD/GSoC students, and other students applying to FreeBSD/GSoC this year. NetBSD (https://mail-index.netbsd.org/netbsd-advocacy/2018/02/12/msg000765.html) You can get a stipend (paid for by Google) and spend a few months getting to know and improving the insides of NetBSD or pkgsrc. ``` The schedule is: 12-27 March Applying 23 April Find out if you were accepted 14 May - 22 August Do the project! We have some suggestions for suitable projects: - ARM EFI bootloader - Using libFuzzer on base tools - Refactoring ALTQ (QoS implementation) and integrating with NPF - Testsuite for libcurses - Improve pkgin Other suggestions and details are at: https://wiki.netbsd.org/projects/gsoc/ ``` These projects are suggestions; you can come up with your own. Suggestions for other suitable projects are welcome. Feel free to contact, or chat around on IRC: irc.freenode.org #netbsd #netbsd-code #pkgsrc Haiku (https://summerofcode.withgoogle.com/organizations/4821756754264064/) Students: How to Apply for a Haiku Idea (https://www.haiku-os.org/community/gsoc/2018/students) Project Ideas (https://www.haiku-os.org/community/gsoc/2018/ideas) > If you have questions you can contact the devs on IRC: irc.freenode.org #haiku FreeBSD Jails with iocage (http://norrist.devio.us/iocage_freebsd.html) Introduction FreeBSD jails allow users to run multiple, isolated instances of FreeBSD on a single server. Iocage simplifies the management of FreeBSD Jails. Following this tutorial, the jails will be configured to bind to an IP address on the jail host's internal network, and the host OS will pass traffic from the external network to the jail. The jails will be managed with Iocage. Iocage uses ZFS properties to store configuration data for each jail, so a ZFS file system is required. Network setup These steps will: Set up the internal network. Enable the pf packet filter Configure pf pass internet traffic to and from the jail. PF is full featured firewall, and can do more than just pass traffic to an internal network. Refer to the PF documentation for additional configuration options. Run the following to configure the internal network and enable pf. sysrc cloned_interfaces+="lo1" sysrc ifconfig_lo1="inet 192.0.2.1/24" sysrc pf_enable="YES" Put the following in /etc/pf.conf ``` Variables ext_if should be set to the hosts external NIC extif = "vtnet0" jailif = "lo1" jailnet = $jailif:network NAT allows the jails to access the external network nat on $extif from $jailnet to any -> ($ext_if) Redirect traffic on port 80 to the web server jail Add similar rules for additional jails rdr pass on $ext_if inet proto tcp to port 80 -> 192.0.2.10 ``` Reboot to activate the network changes ZFS The best way to use ZFS on a VPS is to attach block storage as a new disk. If block storage is not available, you can optionally use a file as the ZFS device. Enable and start ZFS. sysrc zfs_enable="YES" service zfs start ZFS using Block storage List the available disks. If you are using a VPS, the block store will probably be the second disk. geom disk list Create a ZFS pool named jailstore. zpool create jailstore /dev/vtbd1 ZFS using a file Create the ZFS file. dd if=/dev/zero of=/zfsfile bs=1M count=4096 Create a ZFS pool named jailstore. zpool create jailstore /zfsfile Install iocage the easy way pkg install py36-iocage Skip to "Using iocage" Install iocage the hard way Swap file Smaller servers may not have enough RAM to build iocage. If needed, create a swap file and reboot. dd if=/dev/zero of=/swapfile bs=1M count=1024 echo 'swapfile="/swapfile"' >> /etc/rc.conf reboot Install some build dependencies pkg install subversion python36 git-lite libgit2 py36-pip Building iocage requires the FreeBSD source. svn checkout https://svn.freebsd.org/base/releng/11.1 /usr/src Get the latest FreeBSD ports tree. ``` portsnap fetch portsnap extract ``` + build iocage. cd /usr/ports/sysutils/iocage/ make install Using iocage ``` iocage activate jailstore iocage fetch iocage create -n www ip4_addr="lo1|192.0.2.10/24" -r 11.1-RELEASE iocage start www iocage console www ``` Once you have a shell inside the jail, install and start Apache. pkg install apache24 sysrc apache24_enable="yes" service apache24 start Port 80 on the jail will now be accessible on the hosts IP address. Multiple jails. Additional jails can be installed using the example above. Install the new jail with the iocage create command , but use a different IP address Expose the new jail to the network by adding additional rules to pf.conf. iXsystems SNIA Persistent Memory Summit 2018 Report (https://www.ixsystems.com/blog/snia-report-2018/) New FreeBSD Code of Conduct (https://www.freebsd.org/internal/code-of-conduct.html) The FreeBSD Project is inclusive. We want the FreeBSD Project to be a venue where people of all backgrounds can work together to make the best operating system, built by a strong community. These values extend beyond just development to all aspects of the Project. All those given recognition as members of the Project in whatever form are seen as ambassadors of the Project. Diversity is a huge strength and is critical to the long term success of the Project. To that end we have a few ground rules that we ask people to adhere to. This code applies equally to everyone representing the FreeBSD Project in any way, from new members, to committers, to the core team itself. These rules are intended to ensure a safe, harassment-free environment for all and to ensure that everyone feels welcome both working within, and interacting with, the Project. This document is not an exhaustive list of things that you should not do. Rather, consider it a guide to make it easier to enrich all of us and the technical communities in which we participate. This code of conduct applies to all spaces used by the FreeBSD Project, including our mailing lists, IRC channels, and social media, both online and off. Anyone who is found to violate this code of conduct may be sanctioned or expelled from FreeBSD Project controlled spaces at the discretion of the FreeBSD Code of Conduct Committee. Some FreeBSD Project spaces may have additional rules in place, which will be made clearly available to participants. Participants are responsible for knowing and abiding by these rules. Harassment includes but is not limited to: + Comments that reinforce systemic oppression related to gender, gender identity and expression, sexual orientation, disability, mental illness, neurodiversity, physical appearance, body size, age, race, or religion. + Unwelcome comments regarding a person's lifestyle choices and practices, including those related to food, health, parenting, drugs, and employment. + Deliberate misgendering. + Deliberate use of "dead" or rejected names. + Gratuitous or off-topic sexual images or behaviour in spaces where they're not appropriate. + Physical contact and simulated physical contact (e.g., textual descriptions like "hug" or "backrub") without consent or after a request to stop. + Threats of violence. + Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm. + Deliberate intimidation. + Stalking or following. + Harassing photography or recording, including logging online activity for harassment purposes. + Sustained disruption of discussion. + Unwelcome sexual attention. + Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others. + Continued one-on-one communication after requests to cease. + Deliberate "outing" of any private aspect of a person's identity without their consent except as necessary to protect vulnerable people from intentional abuse. + Publication of non-harassing private communication without consent. + Publication of non-harassing private communication with consent but in a way that intentionally misrepresents the communication (e.g., removes context that changes the meaning). + Knowingly making harmful false claims about a person. Interview - Benno Rice - benno@freebsd.org (mailto:benno@freebsd.org) / @jeamland (https://twitter.com/jeamland) News Roundup libhijack in PoC||GTFO 0x17! (https://www.soldierx.com/news/libhijack-PoCGTFO-0x17) Hijacking Your Free Beasties In the land of red devils known as Beasties exists a system devoid of meaningful exploit mitigations. As we explore this vast land of opportunity, we will meet our ELFish friends, [p]tracing their very moves in order to hijack them. Since unprivileged process debugging is enabled by default on FreeBSD, we can abuse PTrace to create anonymous memory mappings, inject code into them, and overwrite PLT/GOT entries. We will revive a tool called libhijack to make our nefarious activities of hijacking ELFs via PTrace relatively easy. Nothing presented here is technically new. However, this type of work has not been documented in this much detail, tying it all into one cohesive work. In Phrack 56, Silvio Cesare taught us ELF research enthusiasts how to hook the PLT/GOT. The Phrack 59 article on Runtime Process Infection briefly introduces the concept of injecting shared objects by injecting shellcode via PTrace that calls dlopen(). No other piece of research, however, has discovered the joys of forcing the application to create anonymous memory mappings in which to inject Code. This is only part one of a series of planned articles that will follow libhijack's development. The end goal is to be able to anonymously inject shared objects. The libhijack project is maintained by the SoldierX community. Previous Research All prior work injects code into the stack, the heap, or existing executable code. All three methods create issues on today's systems. On amd64 and arm64, the two architectures libhijack cares about, the stack is non-executable by default. jemalloc, the heap implementation on FreeBSD, creates non-executable mappings. Obviously overwriting existing executable code destroys a part of the executable image. The Role of ELF > FreeBSD provides a nifty API for inspecting the entire virtual memory space of an application. The results returned from the API tells us the protection flags (readable, writable, executable) of each mapping. If FreeBSD provides such a rich API, why would we need to parse the ELF headers? PLT/GOT hijacking requires parsing ELF headers. One would not be able to find the PLT/GOT without iterating through the Process Headers to find the Dynamic Headers, eventually ending up with the DT_PLTGOT entry. With FreeBSD's libprocstat API, we don't have a need for parsing ELF headers until we get to the PLT/GOT stage, but doing so early makes it easier for the attacker using libhijack The Future of libhijack Writing devious code in assembly is cumbersome. Assembly doesn't scale well to multiple architectures. Instead, we would like to write our devious code in C, compiling to a shared object that gets injected anonymously. This requires writing a remote RTLD within libhijack and is in progress. Writing a remote RTLD will take a while as doing so is not an easy task. Additionally, creation of a general-purpose helper library that gets injected would be helpful. It could aid in PLT/GOT redirection attacks, possibly storing the addresses of functions we've previously hijacked. This work is dependent on the remote RTLD. libhijack currently lacks documentation. Once the ABI and API stabilize, formal documentation will be written. Conclusion Using libhijack, we can easily create anonymous memory mappings, inject into them arbitrary code, and hijack the PLT/GOT on FreeBSD. On HardenedBSD, a hardened derivative of FreeBSD, libhijack is fully mitigated through PaX NOEXEC. We've demonstrated that wrapper-style Capsicum is ineffective on FreeBSD. Through the use of libhijack, we emulate a control flow hijack in which the application is forced to call sandbox_open and fdlopen on the resulting file descriptor. Further work to support anonymous injection of full shared objects, along with their dependencies, will be supported in the future. Imagine injecting libpcap into Apache to sniff traffic whenever "GET /pcap" is sent. In order to prevent abuse of PTrace, FreeBSD should set the security.bsd.unprivilegedprocdebug to 0 by default. In order to prevent process manipulation, FreeBSD should implement PaX NOEXEC. libhijack can be found at https://github.com/SoldierX/libhijack Introduction to POSIX shell (https://sircmpwn.github.io/2018/02/05/Introduction-to-POSIX-shell.html) What the heck is the POSIX shell anyway? Well, the POSIX (the Portable Operating System Interface) shell is the standard Unix shell - standard meaning it was formally defined and shipped in a published standard. This makes shell scripts written for it portable, something no other shell can lay claim to. The POSIX shell is basically a formalized version of the venerable Bourne shell, and on your system it lives at /bin/sh, unless you're one of the unlucky masses for whom this is a symlink to bash. Why use POSIX shell? The “Bourne Again shell”, aka bash, is not standardized. Its grammar, features, and behavior aren't formally written up anywhere, and only one implementation of bash exists. Without a standard, bash is defined by its implementation. POSIX shell, on the other hand, has many competing implementations on many different operating systems - all of which are compatible with each other because they conform to the standard. Any shell that utilizes features specific to Bash are not portable, which means you cannot take them with you to any other system. Many Linux-based systems do not use Bash or GNU coreutils. Outside of Linux, pretty much everyone but Hurd does not ship GNU tools, including bash1. On any of these systems, scripts using “bashisms” will not work. This is bad if your users wish to utilize your software anywhere other than GNU/Linux. If your build tooling utilizes bashisms, your software will not build on anything but GNU/Linux. If you ship runtime scripts that use bashisms, your software will not run on anything but GNU/Linux. The case for sticking to POSIX shell in shipping software is compelling, but I argue that you should stick to POSIX shell for your personal scripts, too. You might not care now, but when you feel like flirting with other Unicies you'll thank me when all of your scripts work. One place where POSIX shell does not shine is for interactive use - a place where I think bash sucks, too. Any shell you want to use for your day-to-day command line work is okay in my book. I use fish. Use whatever you like interactively, but stick to POSIX sh for your scripts. How do I use POSIX shell? At the top of your scripts, put #!/bin/sh. You don't have to worry about using env here like you might have been trained to do with bash: /bin/sh is the standardized location for the POSIX shell, and any standards-conforming system will either put it there or make your script work anyway. The next step is to avoid bashisms. There are many, but here are a few that might trip you up: [[ condition ]] does not work; use [ condition ] Arrays do not work; use IFS Local variables do not work; use a subshell The easiest way to learn about POSIX shell is to read the standard - it's not too dry and shorter than you think. Using standard coreutils The last step to writing portable scripts is to use portable tools. Your system may have GNU coreutils installed, which provides tools like grep and cut. Unfortunately, GNU has extended these tools with its own non-portable flags and tools. It's important that you avoid these. One dead giveaway of a non-portable flag is long flags, e.g. grep --file=FILE as opposed to grep -f. The POSIX standard only defines the getopt function - not the proprietary GNU getopt_long function that's used to interpret long options. As a result, no long flags are standardized. You might worry that this will make your scripts difficult to understand, but I think that on the whole it will not. Shell scripts are already pretty alien and require some knowledge to understand. Is knowledge of what the magic word grep means much different from knowledge of what grep -E means? I also like that short flags allow you to make more concise command lines. Which is better: ps --all --format=user --without-tty, or ps -aux? If you are inclined to think the former, do you also prefer function(a, b, c) { return a + b + c; } over (a, b, c) => a + b + c? Conciseness matters, and POSIX shell supports comments if necessary! Some tips for using short flags: They can be collapsed: cmd -a -b -c is equivalent to cmd -abc If they take additional arguments, either a space or no separation is acceptable: cmd -f"hello world" or cmd -f "hello world" A good reference for learning about standardized commands is, once again, the standard. From this page, search for the command you want, or navigate through “Shell & Utilities” -> “Utilities” for a list. If you have man-pages installed, you will also find POSIX man pages installed on your system with the p postfix, such as man 1p grep. Note: at the time of writing, the POSIX man pages do not use dashes if your locale is UTF-8, which makes searching for flags with / difficult. Use env LC_ALL=POSIX man 1p grep if you need to search for flags, and I'll speak to the maintainer of man-pages about this. FreeBSD Broadcom Wi-Fi Improvements (http://landonf.org/code/freebsd/Broadcom_WiFi_Improvements.20180122.html) Introduction Since 2015, I've been working on improving FreeBSD support for Broadcom Wi-Fi devices and SoCs, including authoring the bhnd(4) driver family, which provides a unified bus and driver programming interface for these devices. First committed in early 2016, bhnd(4) allowed us to quickly bring up FreeBSD/MIPS on Broadcom SoCs, but it has taken much longer to implement the full set of features required to support modern Broadcom SoftMAC Wi-Fi hardware. Thanks to the generosity of the FreeBSD Foundation, I've recently finished implementing the necessary improvements to the bhnd(4) driver family. With these changes in place, I was finally able to port the existing bwn(4) Broadcom SoftMAC Wi-Fi driver to the bhnd(4) bus, and implement initial support for the BCM43224 and BCM43225 chipsets, with additional hardware support to be forthcoming. Now that my efforts on FreeBSD/Broadcom Wi-Fi support have progressed far enough to be generally useful, I wanted to take some time to provide a brief overview of Broadcom's Wi-Fi hardware, and explain how my work provides a foundation for further FreeBSD Broadcom Wi-Fi/SoC improvements. A Brief Background on Broadcom Wi-Fi Hardware Broadcom's Wi-Fi devices are members of the Broadcom Home Networking Division (BHND) device family; other BHND devices include MIPS/ARM SoCs (including Wi-Fi SoCs commonly found in consumer access points), as well as a large variety of related networking hardware. BHND devices utilize a common set of Broadcom IP cores (or "functional blocks") connected via one of two on-chip bus architectures: Hardware designed prior to 2009 used Broadcom's “SSB” backplane architecture, based on Sonics Silicon's interconnect IP. Subsequent hardware adopted Broadcom's “BCMA” backplane, based on ARM's AMBA IP. The IP cores used in earlier SSB-based devices were adapted for compatibility with the new backplane. When BHND hardware is used in a PCI Wi-Fi card, or a SDIO Wi-Fi module, the device's dual-mode peripheral controller is configured to operate as an endpoint device on the host's peripheral bus, bridging access to the SoC hardware: Host access to SoC address space is provided via a set of register windows (e.g., a set of configurable windows into SoC address space mapped via PCI BARs) DMA is supported by the bridge core's sparse mapping of host address space into the backplane address space. These address regions may be used as a target for the on-chip DMA engines. Any backplane interrupt vectors routed to the bridge core may be mapped by the bridge to host interrupts (e.g., PCI INTx/MSI/MSI-X). The host is generally expected to provide drivers for the IP cores found on the SoC backplane; since these cores are found in both BHND SoCs and BHND Wi-Fi devices, it is advantageous to share driver and platform code between the two targets. Modernizing FreeBSD's Broadcom SoftMAC Wi-Fi Support FreeBSD support for Broadcom SoftMAC Wi-Fi adapters is provided by two partially overlapping PCI/CardBus drivers: Legacy Wi-Fi adapters are supported by bwi(4). This driver remains in-tree to support devices incompatible with v4 or later firmware (e.g. BCM4301, BCM4302, BCM4306 rev 1-2), all of which were released prior to December 2002. Modern Wi-Fi adapters are supported by bwn(4), with access to on-chip cores mediated by bhnd(4). Prior to my work porting bwn(4) to bhnd(4), access to on-chip cores was mediated by sibabwn, a PCI/WiFi-specific derivative of the legacy siba(4) SSB bus driver. There were two major limitations to sibabwn that have long blocked adding support for newer SoftMAC Wi-Fi chipsets: the newer BCMA interconnect found in post-2009 hardware was not supported by siba(4), and siba_bwn assumed a PCI/PCIe bridge, preventing its use on FreeBSD/MIPS Broadcom SoCs with interconnect-attached D11 cores. The new bhnd(4) driver family, written as a replacement for siba(4) and siba_bwn, provides: A unified bus driver interface for both SSB and BCMA on-chip interconnects A generic BHND bridge driver framework for host-connected BHND devices (e.g. Wi-Fi adapters, etc) A PCI/PCIe bridge core driver, for PCI-attached BHND devices. An abstract BHND NVRAM API, with support for the varied NVRAM formats found in BHND Wi-Fi adapters and SoCs. Drivers for common BHND platform peripherals (UARTs, SPROM/flash, PMUs, etc) By porting bwn(4) to bhnd(4), we are now able to support existing BCMA devices with MAC/PHY/Radio combinations readily supported by bwn(4), as was the case with the BCM43224 and BCM43225 chipsets. This also opens the door to porting additional PHY support from Broadcom's ISC-licensed Linux drivers, and will allow us to bring up bwn(4) on Broadcom WiSoCs supported by FreeBSD/MIPS. Monitor OpenSMTPD using Logstash and Grafana (https://www.tumfatig.net/20180129/monitor-opensmtpd-using-logstash-grafana/) Logs are usefull. Graphs are sexy. Here's a way to get a view on what happens to your OpenSMTPD traffic, using Web v2.0 tools ; namely Logstash & Grafana. For those who would not be aware of those tools, logstash is some kind of log-parser that can eat syslog formatted logs and write them into elasticsearch ; in “document” format. Grafana is a Web frontend that can dig into various databases and render graphics from requests. I won't go into the whole “how to install” process here. Installation is quite straight forward and online documentation is quite clear. What you need OpenSMTPD deals with emails and logs its activity via Syslog. Syslog is configured to send the logs to Logstash. Logstash has a set of rules configured to transform the text-oriented information into searchable document-oriented data. The transformed data is stored into Elasticsearch. Elasticsearch provides Web API to search and find stuff. Grafana connects to ELS to get data and draw the graphs. Beastie Bits CharmBUG Presentation - Writing FreeBSD Malware (https://www.meetup.com/CharmBUG/events/247995596/) March London *BSD meeting 13/03/18 (http://mailman.uk.freebsd.org/pipermail/ukfreebsd/2018-February/014180.html) FreBSD Ports Workshop (https://wiki.freebsd.org/MateuszPiotrowski/Ports/Workshop) The history of NetBSD/atari and support for ATARI compatible Milan / OSC2018Osaka (https://speakerdeck.com/tsutsui/osc2018osaka) SSH Mastery, 2nd Edition (https://www.tiltedwindmillpress.com/?product=ssh-mastery-2nd-edition) *** Feedback/Questions Stephen - Viewer Interview Question (http://dpaste.com/06WTRB9#wrap) pb - trust expanding your 280TB pool (http://dpaste.com/0TZV6CM#wrap) Tim - ZFS questions for the ZFS Man (http://dpaste.com/0759X1E#wrap) Daniel - ZFS full backup question (http://dpaste.com/1SJXSBQ#wrap) ***

Summary This week Paul Kinlan the lead for Chrome developer relations talks to us about Modern Web APIs including Web Share and Shape Detection! Paul talks us through the origin trials process which allows new APIs such as these to get into developers hands early, allowing platform developers to get all important feedback. We then get stuck into what Web Share is and how it works and chat about the possibilities of the Shape Detection API.   This Week in Web News Service Worker has moved into the development phase in WebKit! Axe-core the accessibility testing engine now supports ShadowDOM! FireFox 55 Released last week which includes Windows support for WebVR React Day Berlin which is happening on the 2nd December is now accepting talk proposals Chrome Beta 61 is now available including awesome features such as JS modules, WebShare & WebUSB Safari Technology Preview Release 37 is now available with initial support for sendBeacon among other things Chrome Team has released puppeteer, a modern Node API for controlling headless chrome   Resources Introducing the Web Share API Web Share API: Chrome Status Creating a share button web component Shape Detection: Chrome Status Mozilla Web APIs Running an origin trial Signing up for an origin trial Status for new Chrome Web APIs Following with Chrome Dev Group   Guests Paul Kinlan (@Paul_Kinlan)   Panel Justin Ribeiro (@justinribeiro) Leon Revill (@revillweb) Amal Hussein (@nomadtechie)   Follow The Web Platform podcast on Twitter for regular updates @TheWebPlatform.