NewsBits: Updates for PostgreSQL, Redis, JanusGraph, MongoDB and CouchDB


Welcome to NewsBits where you'll find the database and developer news from around the net for the week ending August 10th.

Now, those bits in full:

Database Bits


PostgreSQL 10.5, 9.6.10, 9.5.14, 9.4.19 and 9.3.24 PostgreSQL updates have been released by the developers. The updates headline two security fixes. The first, CVE-2018-10915, is a libpq issue which failed to properly reset states between connecting. This means that extensions like dblink and postgres_fdw connections could be reused by untrusted users (if you have them on your database). The other, CVE-2018-10925 involves memory disclosure and unauthorized access to database columns with "INSERT ... ON CONFLICT DO UPDATE" (aka PostgreSQL's version of Upsert). Both are important, but not critical flaws.

There's around 40 bugs fixed, most of which affect all versions, from VACUUM, XML Support and GIN index upgrades to pgdump and pg_upgrade. And there's also updated time zone data both current and historical.

PostgreSQL 11 beta 3 was also released alongside the updates for the stable versions. Many fixes have been applied to the update as the developers shake down the code, along with the fixes in the stable version updates. The draft release notes cover what's coming in PostgreSQL 11.

PostgreSQL and GPUs: Over on the OpenShift blog there's a look at how to configure a PostgreSQL database with PG-Strom, an extension to PostgreSQL which uses GPUs to accelerate scanning and joins. The article then dives into benchmarking the performance of the database so you can see where the GPU comes into play and where it doesn't.


Redis 4.0.11 has arrived. The announcement by Antirez notes fixes for disconnection times between masters and slaves, a rare replication bug, rare random loops in RANDOMKEY, EXISTS consitency and a 5.0 feature backport to stop security problems with a sentinel. The issues have apparently been around for a while and are not critical, but upgrading is "a good idea".

Redis 5.0 RC4 has also emerged, with critical fixes for users of 5.0's banner new feature, Streams. 5.0's improvements in RC4 include an enhanced RESTORE command, more CLIENT management commands, faster INFO commands, better MEMORY reporting and faster ZADD. Antirez is now on his summer vacation.


JanusGraph 0.3.0 landed quietly at the end of July, though the documentation took a few days to catch up. This big revision of the graph database sees many changes and enhancements, including updates to TinkerPop, Spark and Scala support, Elasticsearch authentication and a custom analyzer for Lucene.


MongoDB 4.0.1 is a minor update to the most recent major version of MongoDB. The release notes highlight Ubuntu 18.04 support, regular expression support for verbs restored and saner bind_ip handling of badly formatted lists. The MongoDB Jira has full details of all the fixes.


Apache CouchDB 2.2 brings a new pluggable storage engine framework, updated Erlang (but not yet to Erlang 21), better replication performance and reliability, a smarter LRU cache and the ability to post multiple queries in one call to the document replicating database. The CouchDB announcement also notes the improved documentation and enhancements to the Fauxton console. Full details are in the What's New in 2.2.x documentation.

Developer Bits

Dart 2

If you thought Google's Dart web platform had gone away, think again as Dart 2 Stable has been released. Billed as a "rebirth of Dart", the language has had some pretty major changes which were announced as Dart 2 back in February and incorporated into Flutter, the mobile web framework. Whether this new version of the language and focus on being a JavaScript generating compiler will make Dart stand out is yet to be seen, but it's always good to see competition in tools.


MKDocs is a Python-based, theme-able, static site generator for documenters. And now MkDocs 1.0 has arrived with internally refactored pages, files and navigation elements, a rebuild search plugin, support for YAML metadata and, among other changes, support for Python 3.7.


The Julia language has reached version 1.0 and, as is expected of 1.0 versions of language, is now comitted to a stable language API. Julia is an open sourced language which tries to bridge the worlds of Ruby, Python, R, Perl and Matlab yet remain simple to learn. It's speciality is numerical computing and it uses LLVM to generate native code. Julia 1.0 adds a package manager, an official representation of missing values in the language (missing), an enhanced string type that can hold arbitrary data too, named tuples, a smarter optimizer, simpler scoping rules and API's that have been checked for consistency. And so the developers have delivered on the 1.0 release they thought they were ready to do in 2012. Good things take time to mature.

And Finally...

If you are bored of everything getting smaller all the time, the Monster6502 may be the CPU for you. It's a transistor scale version of the classic 6502 processor which powered the Apple II, Atari 800s, Commodore 64s, the BBC Micro and many other classic computers. At 12 inches by 15 inches its way bigger than any of those computers but its fully functional and rich in LEDs which show it working. The project has been going for over two years but we were reminded of it as we saw its creators, Evil Mad Scientist, were showing it at the Vintage Computer Festival West 2018.

NewsBits. News in bits, every Friday at Compose.

Dj Walker-Morgan
Dj Walker-Morgan was Compose's resident Content Curator, and has been both a developer and writer since Apples came in II flavors and Commodores had Pets. Love this article? Head over to Dj Walker-Morgan’s author page to keep reading.

Conquer the Data Layer

Spend your time developing apps, not managing databases.