NewsBits: PostgreSQL paging, MongoDB Go update and MySQL 8's version skip

Published

Welcome to NewsBits where you'll find the database, cloud, security, and developer news from around the net for the week ending March 16th:

And now, those bits in full:

Database bits

pspg - The exceptionally useful pspg pager for PostgreSQL command line users has reached version 1.0. Pspg replaces less when displaying results in the psql command line and gives a columnar aware scrollable display.

MongoDB/Go - It's still alpha, but MongoDB Inc's own Go driver is moving along in development. The second alpha version of the Go package has now been released and, as promised, the API looks very much like MongoDB's other drivers rather than the Go idiomatic mGo. That said, a more idiomatic experience is on the roadmap for alpha 3.

MySQL 8.0 versioning - The next release of MySQL 8 will see the version number jump from 8.0.4 to 8.0.11. The version number jump is part of a process of synchronizing the version numbers of all the MySQL 8 components, including tooling, backup, and monitoring. This may be in a run up to GA for MySQL 8 which has been at release candidate stage since the publication of 8.0.3 last September. That said, the release notes show slots reserved for 8.0.11 and 8.0.12...

ProxySQL - ProxySQL, the GPL-licensed MySQL proxy has been updated to ProxySQL 1.4.7. The new version builds on its existing Query Rules with a new Fast Routing option which helps select rules based on user and schema.

MongoDB on a Pi - An interesting look at running MongoDB 3.2 on a Raspberry Pi. Versions of MongoDB 3.2 and later need 64-bit support and as yet, there's no official 64bit distribution for the Pi. In the interim, Andy Felong has created instructions on how to run MongoDB on Debian Buster in 64bit mode. Worth a read to see how to pack MongoDB into the small memory of the Pi.

Scylla/KairosDB - Building a time series database? Why not use KairosDB with Scylla instead of Cassandra? In Learn How to Build a Time Series Database the Scylla blog looks at Brian Hawkins presentation about his experiences doing time series with that combination.

Cloud Bits

Service Fabric - Microsoft announced its Service Fabric runtime is now open source this week. Service Fabric is the platform Microsoft uses for deployment and management of stateful and stateless distributed applications and the platform its Azure cloud uses. It is now MIT licensed and up on Github with build tools for Linux; Windows build tools are coming.

Security Bits

PostgreSQL - If you have a database that's accessible from the internet, lock it down. That's a standing rule that's reinforced by this tale of PostgreSQL malware found by Imperva. Once the attacker brute forces their way through the password protection to a superuser level rights user the underlying Linux system can also be compromised. The superuser has access to the filesystem and with various techniques can write code to it and execute it by manipulating the database. In this case, the payload was a crypto-miner hidden in a picture of Scarlett Johansson.

Samba 4.0 - Bit of an issue if you are using Samba as an AD DC with LDAP. CVE-2018-1057 is about a flaw which allowed any user to change any other user's password. There's Samba updates, 4.7.6, 4.6.14, and 4.5.16, that fix the problem. Check the Samba wiki for more help working around the issue.

Developer Bits

Writing System Software - Redis creator, Salvatore Sanfilippo is running a video series called Writing System Software which dives into the complexities of creating reliable system-level code. You get to spend time with @antirez in his terminal as he talks about how Redis works and the thinking behind that.

Atom 1.25 - The Atom editor gets its latest update in the form of Atom 1.25. It's now possible to use Atom where you need your editor to block while you change a file... such as when you are editing git commit messages. Just use atom --wait to get the blocking. There are updates to the Github support and Python and HTML support but the most interesting change is in the code-folding. A new tree-sitter parser allows code to be folded by content, not by indentation levels, making for much smarter folding of code.

Rust - Interested in getting going with Rust? Learning Rust is a site which does a good job of working through the essentials and more in a good clear style.

Python 2.x - It needed to be said in absolute terms, and now Guido van Rossum, BDFL of Python, has said it: "Let's not play games with semantics. The way I see the situation for 2.7 is that EOL is January 1st, 2020, and there will be no updates, not even source-only security patches, after that date. Support (from the core devs, the PSF, and python.org) stops completely on that date." - Python developers should mark that date in their diary and Python 2.7 users should move "migrate to Python 3" to the top of their to-do list.

And finally, if you like Mr Robot and you're reading this, you'll probably like this talk from Elastic{On}2018 which shows how Elasticsearch and Kibana were used in the series to make the hacking analysis feel real.

NewsBits. News in bits, every Friday at Compose.


Read more articles about Compose databases - use our Curated Collections Guide for articles on each database type. If you have any feedback about this or any other Compose article, drop the Compose Articles team a line at articles@compose.com. We're happy to hear from you.

Dj Walker-Morgan
Dj Walker-Morgan is Compose's resident Content Curator, and has been both a developer and writer since Apples came in II flavors and Commodores had Pets. Love this article? Head over to Dj Walker-Morgan’s author page to keep reading.

Conquer the Data Layer

Spend your time developing apps, not managing databases.