Compose's Little Bits #22: CitusDB, SQL Injection, Parallel Aggregation, Dragons, Markdown and more


Citusdata goes open source with Citus 5.0, SQL Injections documented, Parallel Aggregation for PostgreSQL 9.6, Facebook's Dragon database, Markdown's mark, Atom's flight manual, PDFBox hits 2.0 and building a flood sensor system with LoRaWAN and a Raspberry Pi - all the links that caught the eye of Compose's technical content curator this week, in one place for you. These are Compose's Little Bits.


CitusDB goes open: In announcing Citus 5.0, the developers of the sharding solution for PostgreSQL also announced they were going open source (with an AGPL3 licence). The latest version of Citus is now implemented as PostgreSQL extensions which means the company no longer has to modify its own fork of the open source SQL database. The code is now up on the Citusdata's Github repository.

SQL Injection Cheat Sheet: The folks at Netsparker have updated a 2007 guide to SQL Injection techniques. The Cheat Sheet covers MySQL, Microsoft SQL Server, Oracle and PostgreSQL showing the types of statments that can be used and abused to get deeper into your database without authorisation.

Parallel Aggregation: Another PostgreSQL 9.6 future feature lands in the codebase in the form of parallel aggregation. A post from Depesz takes the feature out for a run and sees real improvements in run times as cores are made available to the server. A 2ndQuadrant posting has some more benchmarks which show how impressively efficient this implemenation is in terms of parallelization.

Facebook's Dragon: Just creating the lines that says which of your friends likes a particular page is a complex set of queries for the Facebook servers. The company's data backend TAO has worked well, but scale is all and now Facebook are talking about Dragon, a distributed graph query engine they are using. It approaches indexing the graph with an innate knowledge of the kinds queries which may be used so, for example, it is oriented towards queries about friends.


Markdown: Although not a standard, it seems that RFC7763 will embed the idea of Markdown, the lightweight and sometimes controversial markup language designed for writers, as part of the web as it sets out to register text/markdown as a flag for Markdown content.

Atom Flight: A new release of the Atom Flight Manual has been made available to users of Github's powerful editor. What's more interesting is the blog post which explains how they've migrated from O'Reilly's Atlas platform which is being discontinued, to an all open source publishing platform using Github repositories (natch!), aong with the Nanoc static site generator and Publisher. Pull requests and updates can now happen on the Flight Manual Repo which can also generate the documentation on your local system.

PDF in a box: The Apache PDFBox project has reached version 2.0 and continues to give Java developers everthing they need to create and manipulate PDF files. The new version has full Unicode font support, better signing and encryption support, better resilience when parsing PDF files and rendering improvements.


Pi-Powered LoRaWan: Over at DesignSpark, Andrew Back explains how they put together a Raspberry Pi Powered LoRaWan Gateway. LoRaWAN – Long Range Wide Area Network - lets you build wireless networks which move data at up to 50Kbps with a range of many kilometers and this particular gateway is going to be used in a crowd-sourced flood sensor systems.

Dj Walker-Morgan
Dj Walker-Morgan was Compose's resident Content Curator, and has been both a developer and writer since Apples came in II flavors and Commodores had Pets. Love this article? Head over to Dj Walker-Morgan’s author page to keep reading.

Conquer the Data Layer

Spend your time developing apps, not managing databases.