Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • DevSecOps pipelines and tools: What you need to know

    DevOps is well-understood in the IT world by now, but it's not flawless. Imagine you have implemented all of the DevOps engineering practices in modern application delivery for a project. You've reached the end of the development pipeline—but a penetration testing team (internal or external) has detected a security flaw and come up with a report. Now you have to re-initiate all of your processes and ask developers to fix the flaw.

    This is not terribly tedious in a DevOps-based software development lifecycle (SDLC) system—but it does consume time and affects the delivery schedule. If security were integrated from the start of the SDLC, you might have tracked down the glitch and eliminated it on the go. But pushing security to the end of the development pipeline, as in the above scenario, leads to a longer development lifecycle.

    This is the reason for introducing DevSecOps, which consolidates the overall software delivery cycle in an automated way.

    In modern DevOps methodologies, where containers are widely used by organizations to host applications, we see greater use of Kubernetes and Istio. However, these tools have their own vulnerabilities. For example, the Cloud Native Computing Foundation (CNCF) recently completed a Kubernetes security audit that identified several issues. All tools used in the DevOps pipeline need to undergo security checks while running in the pipeline, and DevSecOps pushes admins to monitor the tools' repositories for upgrades and patches.

  • Interview with a Pornhub Web Developer

    Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser's video limits to pushing ads through WebSocket so ad blockers don't detect them, you have to be clever to innovate at the bleeding edge of the web.

    I was recently lucky enough to interview a Web Developer at the web's largest adult website: Pornhub. I wanted to learn about the tech, how web APIs can improve, and what it's like working on adult websites. Enjoy!

  • Indie game makers open up about the money they actually make

    The following 12 testimonies detail appropriately varied situations — the hopes and fears of these indie game makers — and how, ultimately, they’re able to continue sustaining themselves.

  • PHP version 7.2.24RC1 and 7.3.11RC1

    Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

    RPM of PHP version 7.3.11RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

    RPM of PHP version 7.2.24RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

More in Tux Machines

today's howtos

  • How to install Chromium on Ubuntu using SNAP
  • 3D using Godot

    It is time for another installment of Godot (previous entries: introduction, 2D). This time, I have dived into the world of 3D. The goal is to recreate parts of an old time favorite: Kosmonaut. Something I remember playing a lot on my dad’s 286 with amazing EGA graphics. The state of the game when writing can be seen in the short screen capture below. This is more of a tech demo status than a full game at the moment, but I hope you will still find it interesting. You can also get the complete source code. [...] Once we have a world with a track (the grid map), we add a player to the scene (the yellow blob in the image above – I need to learn Blender to create a proper ship). The player scene contains the ship – and the camera. This means that the camera follows the player automatically – very convenient. The player script is responsible for this ship’s movements based on user input. Inputs can either be pressed for a long time, used for sideways movement, or just tapped (i.e. the release is ignored), used for jumping. Each of the inputs are mapped to a keyboard key (or other input device) in the Project Settings dialog, under the Input Map tab. This feels a bit awkward to me and makes me lose the feeling of flow – but I don’t know how to do it better.

  • How to install OpenOffice on Linux
  • How To Install Free SSL Certificate for Apache on CentOS 8
  • Install VirtualBox 6 on CentOS 8
  • How to Install Odoo 13 on Ubuntu 18.04
  • How to Install Anaconda on Debian 10
  • Install Shutter Screenshot Tool via PPA in Ubuntu 19.10

Xfce 4.16 development phase starting

In the 4.14 cycle we tried to do a 1:1 port of what used to be our Gtk2 desktop environment, avoiding visual changes. In the 4.16 cycle we plan to harmonize the appearance of certain elements that either became inconsistent through the port or already were inconsistent before (e.g. toolbars or inline toolbars). We will also play with client-side decorations where we feel it makes sense (for instance replacing the so-called XfceTitledDialog, that is used for all settings dialogs with a HeaderBar version). Before anyone gets too excited (both positively or negatively): It is not planned to redesign more complex applications (like Thunar) with Headerbars in 4.16. We will however try to keep the experience and looks consistent, which means gradually moving to client side decorations also with our applications (please note that client side decorations are not the same as HeaderBars!). Through this change e.g. “dark modes” in applications will look good (see the part about the Panel below). Now before there is a shitstorm about this change I would kindly ask everyone to give us time to figure out what exactly we want to change in this cycle. Also, switching to client-side decorations alone is not a big visual departure – feel free to also dig through the client-side decorations page if you want to read/see more on this. Read more

GNU/Linux Distros on Distrotest

  • Some New Operating Systems on Distrotest that Caught My Attention!

    Distrotest is one site that provides a variety of Linux distributions that can be run directly on the browser. Or you can also run it on a remote desktop client application, for example using Remmina. So, you can try various linux distributions online without having to install it or make a live CD. when I visited the distrotest. Apparently, there have been many new systems added. However, there are several new systems that caught my attention.

  • Forbes Raves Upcoming Linux Desktop Will 'Embarass' Windows 10 and macOS

    The article points out that Deepin is also a stand-alone desktop environment for any current Linux distribution -- and that it's one of the 248 operating systems available for online testing at DistroTest.net.

kwin-lowlatency 5.17 Brings A Better Experience To The KDE Desktop

Following this week's release of KDE Plasma 5.17, a new release of the independent kwin-lowlatency code has been re-based against version 5.17. Read more