What we use

Node.js® is a JavaScript runtime built on Chrome’s V8 JavaScript engine. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. Node.js’ package ecosystem, npm, is the largest ecosystem of open source libraries in the world.

As an asynchronous event driven JavaScript runtime, Node is designed to build scalable network applications. In the following “hello world” example, many connections can be handled concurrently. Upon each connection the callback is fired, but if there is no work to be done, Node will sleep.

This is in contrast to today’s more common concurrency model where OS threads are employed. Thread-based networking is relatively inefficient and very difficult to use. Furthermore, users of Node are free from worries of dead-locking the process, since there are no locks. Almost no function in Node directly performs I/O, so the process never blocks. Because nothing blocks, scalable systems are very reasonable to develop in Node.

If some of this language is unfamiliar, there is a full article on Blocking vs Non-Blocking.

More…

Backbone.js gives structure to web applications by providing models with key-value binding and custom events, collections with a rich API of enumerable functions, viewswith declarative event handling, and connects it all to your existing API over a RESTful JSON interface.

The project is hosted on GitHub, and the annotated source code is available, as well as an online test suite, an example application, a list of tutorials and a long list of real-world projects that use Backbone. Backbone is available for use under the MIT software license.

You can report bugs and discuss features on the GitHub issues page, on Freenode IRC in the #documentcloud channel, post questions to the Google Group, add pages to the wiki or send tweets to @documentcloud.

More…

« Symfony is a set of PHP Components, a Web Application framework, a Philosophy, and a Community — all working together in harmony. »

Symfony Framework

The leading PHP framework to create websites and web applications. Built on top of the Symfony Components.

Symfony Components

A set of decoupled and reusable components on which the best PHP applications are built, such as Drupal, phpBB, and eZ Publish.

Symfony Community

A huge community of Symfony fans committed to take PHP to the next level.

Symfony Philosophy

Embracing and promoting professionalism, best practices, standardization and interoperability of applications.

More…

Firebase gives you functionality like analytics, databases, messaging and crash reporting so you can move quickly and focus on your users.

Build apps fast, without managing infrastructure

Firebase gives you functionality like analytics, databases, messaging and crash reporting so you can move quickly and focus on your users.

Backed by Google, trusted by top apps

Firebase is built on Google infrastructure and scales automatically, for even the largest apps.

One console, with products that work together

Firebase products work great individually but share data and insights, so they work even better together.

More…

HTML5[a] is a markup language used for structuring and presenting content on the World Wide Web. It is the fifth and current major version of the HTML standard.

t was published in October 2014 by the World Wide Web Consortium (W3C)[2][4] to improve the language with support for the latest multimedia, while keeping it both easily readable by humans and consistently understood by computers and devices such as web browsers, parsers, etc. HTML5 is intended to subsume not only HTML 4, but also XHTML 1 and DOM Level 2 HTML.[5]

HTML5 includes detailed processing models to encourage more interoperable implementations; it extends, improves and rationalizes the markup available for documents, and introduces markup and application programming interfaces (APIs) for complex web applications.[6] For the same reasons, HTML5 is also a candidate for cross-platform mobile applications, because it includes features designed with low-powered devices in mind.

Many new syntactic features are included. To natively include and handle multimedia and graphical content, the new <video>, <audio> and <canvas> elements were added, and support for scalable vector graphics (SVG) content and MathML for mathematical formulas. To enrich the semantic content of documents, new page structure elements such as <main>, <section>, <article>, <header>, <footer>, <aside>, <nav> and <figure>, are added. New attributes are introduced, some elements and attributes have been removed, and others such as <a>, <cite> and <menu> have been changed, redefined or standardized.

The APIs and Document Object Model (DOM) are now fundamental parts of the HTML5 specification[6] and HTML5 also better defines the processing for any invalid documents.[7]

More…

Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation of a document written in a markup language.[1]Although most often used to set the visual style of web pages and user interfaces written in HTML and XHTML, the language can be applied to any XML document, including plain XML, SVG and XUL, and is applicable to rendering in speech, or on other media. Along with HTML and JavaScript, CSS is a cornerstone technology used by most websites to create visually engaging webpages, user interfaces for web applications, and user interfaces for many mobile applications.[2] 

CSS is designed primarily to enable the separation of presentation and content, including aspects such as the layout, colors, and fonts.[3] This separation can improve content accessibility, provide more flexibility and control in the specification of presentation characteristics, enable multiple HTML pages to share formatting by specifying the relevant CSS in a separate .css file, and reduce complexity and repetition in the structural content.

Separation of formatting and content makes it possible to present the same markup page in different styles for different rendering methods, such as on-screen, in print, by voice (via speech-based browser or screen reader), and on Braille-based tactile devices. It can also display the web page differently depending on the screen size or viewing device. Readers can also specify a different style sheet, such as a CSS file stored on their own computer, to override the one the author specified.

More…

The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, and 9.2.24.

Security Issues

Three security vulnerabilities have been fixed by this release:

CVE-2017-12172: Start scripts permit database administrator to modify root-owned files

CVE-2017-15098: Memory disclosure in JSON functions

CVE-2017-15099: INSERT … ON CONFLICT DO UPDATE fails to enforce SELECT privileges

CVE-2017-12172: Start scripts permit database administrator to modify root-owned files

Prior to this release, the startup log file for the postmaster (in newer releases, “postgres”) process was opened while the process was still owned by root. With this setup, the database owner could specify a file that they did not have access to and cause the file to be corrupted with logged data.

This fix ensures that the startup log file is opened as the user specified to run the PostgreSQL server. Any users who have made use of the start scripts will need to ensure the startup log files are owned by the user specified to run the PostgreSQL server.

CVE-2017-15099: INSERT … ON CONFLICT DO UPDATE fails to enforce SELECT privileges

Prior to this release, the “INSERT … ON CONFLICT DO UPDATE” would not check to see if the executing user had permission to perform a “SELECT” on the index performing the conflicting check. Additionally, in a table with row-level security enabled, the “INSERT … ON CONFLICT DO UPDATE” would not check the SELECT policies for that table before performing the update.

This fix ensures that “INSERT … ON CONFLICT DO UPDATE” checks against table permissions and RLS policies before executing.

More…

PHP is a server-side scripting language designed primarily for web development but also used as a general-purpose programming language. Originally created by Rasmus Lerdorf in 1994,[4] the PHP reference implementation is now produced by The PHP Development Team.[5] PHP originally stood for Personal Home Page,[4] but it now stands for the recursive acronym PHP: Hypertext Preprocessor.[6]

PHP code may be embedded into HTML or HTML5 markup, or it can be used in combination with various web template systems, web content management systems and web frameworks. PHP code is usually processed by a PHP interpreter implemented as a module in the web server or as a Common Gateway Interface (CGI) executable. The web server software combines the results of the interpreted and executed PHP code, which may be any type of data, including images, with the generated web page. PHP code may also be executed with a command-line interface (CLI) and can be used to implement standalone graphical applications.[7]

The standard PHP interpreter, powered by the Zend Engine, is free software released under the PHP License. PHP has been widely ported and can be deployed on most web servers on almost every operating system and platform, free of charge.[8]

The PHP language evolved without a written formal specification or standard until 2014, leaving the canonical PHP interpreter as a de factostandard. Since 2014 work has gone on to create a formal PHP specification.[9]

More…

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and ClearCase with features like cheap local branching, convenient staging areas, and multiple workflows.

The Git feature that really makes it stand apart from nearly every other SCM out there is its branching model.

Git allows and encourages you to have multiple local branches that can be entirely independent of each other. The creation, merging, and deletion of those lines of development takes seconds.

This means that you can do things like:

  • Frictionless Context Switching. Create a branch to try out an idea, commit a few times, switch back to where you branched from, apply a patch, switch back to where you are experimenting, and merge it in.
  • Role-Based Codelines. Have a branch that always contains only what goes to production, another that you merge work into for testing, and several smaller ones for day to day work.
  • Feature Based Workflow. Create new branches for each new feature you’re working on so you can seamlessly switch back and forth between them, then delete each branch when that feature gets merged into your main line.
  • Disposable Experimentation. Create a branch to experiment in, realize it’s not going to work, and just delete it – abandoning the work—with nobody else ever seeing it (even if you’ve pushed other branches in the meantime).

More…

MongoDB 3.6 introduces innovations that make you more productive with less code and operations, whether it’s rapidly delivering cutting-edge applications to market, ensuring an exceptional experience on a global scale, or unlocking the intelligence you need for your next move.

Speed to Develop

MongoDB makes developers at least 2X more productive, accelerating how quickly you can bring new apps and services to market. MongoDB 3.6 takes these productivity gains further, allowing you to focus more of your time on building rich apps and customer experiences, all with less code.

Always-on write availability

Retryable writes reduces the error handling you have to implement in your code. The MongoDB drivers will now automatically retry write operations in the event of transient network errors or primary replica elections, while the server enforces exactly-once semantics.

More…