These are the database, cloud, developer and security news bits for the week ending August 11th brought to you by Compose. In this edition:
- CouchDB's new version replicates smarter.
- The first beta for Elasticsearch 6.
- The third beta for PostgreSQL 10.
- A new hero appears with PgHero 2.0.
- Minor updates for etcd and MongoDB.
- Amazon joins the CNCF - Cloud Native Computing Foundation.
- Git gets new features.
- Learn the truth about load averages.
- Plus security updates for PostgreSQL, Git, Subversion, and Mercurial.
- And finally, Pwnies!
Here are the NewsBits:
CouchDB - CouchDB 2.1 has arrived adding a scheduler to CouchDB's signature feature, replication. This means when replication gets complex, rather than a brute force approach, you can tune the scheduler and get back efficient control of the replication. The new feature is supported in the now all React Fauxton UI.
Elasticsearch - The first beta of Elasticsearch 6 has been published and before you rush to try it, Elastic warn that indices created with this version of the database won't be compatible with the GA version when it arrives. That's not a surprise as there's a whole new sequencing infrastructure which assigns operations integer ids to speed up synchronization between replicas and to implement optimistic locking. Lots to look forward.
PostgreSQL 10 - Like a regular drumbeat, PostgreSQL 10 Beta 3 has arrived. Again, it's lots of fixes as the Postgres community put this year's forthcoming edition through its paces. Expect more betas.
PgHero - PgHero is a great way to analyze the performance, get index suggestions and check the health of PostgreSQL databases. Now, two years after PgHero 1.0 comes PgHero 2.0 making it easier to dig out those dodgy queries by offering more details about queries and their history. It can also show query annotations what the most common sources of a query is. Add to that a new Space saver view and you've got an even better monitoring tool.
Updates - etcd 3.2.5 and MongoDB 3.4.7 have appeared. Both are backward compatible, bug fix releases.
CNCF - Amazon have joined the CNCF as a top tier member of the industry organization. The Cloud Native Computing Foundation provides a home high importance open source Cloud projects like Kubernetes, containerd and linkerd. Amazon's VP of Cloud Architecture Strategy, Adrian Cockroft says he'll be representing Amazon on the CNCF top table.
Git - The ubiquitous source code control tool, Git, gets a feature update. Version 2.14 has lots of small enhancements, such as enabling
git clone with no-tags,
reset learning about sub-modules and more configurable colors to name a few. There's also a load of fixes and lots of work behind the scenes. But... see the SSH URLs in Security Bits
Load averages - Want to understand load averages well? Brendan Gregg's Linux load averages posting offers much enlightenment on the reality (and myths) that surround the numbers that shed light on the how your systems are managing their workloads.
SSH URLs - Git, Subversion and Mercurial have all been found to have a flaw handling ssh:// URLs which can lead to local applications being executed. The Git developers announced Git 2.14.1 availability. There's also updates for Mercurial and Subversion.
PostgreSQL - Updates for all current PostgreSQL versions were announced by the PostgreSQL developers. The new 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22 releases incorporate fixes for empty passwords, user mapping password disclosure and some ignored access controls along with around fifty other fixes.
DNA - Researchers from the University of Washington are showing how DNA can be a carrier for malware. In a new paper(pdf), they explore the idea of encoding an exploit of a DNA sequencer into the DNA it may be sequencing.
The 2017 Pwnie awards have been announced. Read through these awards for a pretty good round up of the high and lowlights of IT security in the last year.
If you have any feedback about this or any other Compose article, drop the Compose Articles team a line at firstname.lastname@example.org. We're happy to hear from you.