IT |
ITmedia 総合記事一覧 |
[ITmedia ビジネスオンライン] 小学館、オーディオブック市場に本格参入 文学作品の掘り起こしに注力 |
https://www.itmedia.co.jp/business/articles/2206/25/news040.html
|
itmedia |
2022-06-30 23:20:00 |
AWS |
AWS Database Blog |
Automate Amazon RDS for PostgreSQL horizontal scaling and system integration with Amazon EventBridge and AWS Lambda |
https://aws.amazon.com/blogs/database/automate-amazon-rds-for-postgresql-horizontal-scaling-and-system-integration-with-amazon-eventbridge-and-aws-lambda/
|
Automate Amazon RDS for PostgreSQL horizontal scaling and system integration with Amazon EventBridge and AWS LambdaYou may have a workload where you want to automate scaling such as a reporting application with unpredictable increases in queries or an application with database utilization increasing at predictable times like end of month reporting Scaling a database to appropriately handle workload demand is important to help manage cost operations performance security and reliability With Amazon … |
2022-06-30 14:26:48 |
AWS |
AWS Japan Blog |
AWS PrivateLink を用いた Red Hat OpenShift Service on AWS のプライベートクラスター |
https://aws.amazon.com/jp/blogs/news/red-hat-openshift-service-on-aws-private-clusters-with-aws-privatelink/
|
erviceonawsprivatecluster |
2022-06-30 14:49:59 |
Google |
Official Google Blog |
Countering hack-for-hire groups |
https://blog.google/threat-analysis-group/countering-hack-for-hire-groups/
|
Countering hack for hire groupsAs part of TAG s mission to counter serious threats to Google and our users we ve published analysis on a range of persistent threats including government backed attackers commercial surveillance vendors and serious criminal operators Today we re sharing intelligence on a segment of attackers we call hack for hire whose niche focuses on compromising accounts and exfiltrating data as a service In contrast to commercial surveillance vendors who we generally observe selling a capability for the end user to operate hack for hire firms conduct attacks themselves They target a wide range of users and opportunistically take advantage of known security flaws when undertaking their campaigns Both however enable attacks by those who would otherwise lack the capabilities to do so We have seen hack for hire groups target human rights and political activists journalists and other high risk users around the world putting their privacy safety and security at risk They also conduct corporate espionage handily obscuring their clients role To help users and defenders we will provide examples of the hack for hire ecosystem from India Russia and the United Arab Emirates and context around their capabilities and persistence mechanisms How Hack For Hire Operations WorkThe hack for hire landscape is fluid both in how the attackers organize themselves and in the wide range of targets they pursue in a single campaign at the behest of disparate clients Some hack for hire attackers openly advertise their products and services to anyone willing to pay while others operate more discreetly selling to a limited audience For example TAG has observed Indian hack for hire firms work with third party private investigative services ーintermediaries that reach out for services when a client requires them ーand provide data exfiltrated from a successful operation This is detailed in depth in today s Reuters investigation into the Indian hack for hire ecosystem We have also observed Indian hack for hire firms work with freelance actors not directly employed by the firms themselves The breadth of targets in hack for hire campaigns stands in contrast to many government backed operations which often have a clearer delineation of mission and targets A recent campaign from an Indian hack for hire operator was observed targeting an IT company in Cyprus an education institution in Nigeria a fintech company in the Balkans and a shopping company in Israel Recent Hack for Hire CampaignsIndiaSince TAG has been tracking an interwoven set of Indian hack for hire actors with many having previously worked for Indian offensive security providers Appin and Belltrox One cluster of this activity frequently targets government healthcare and telecom sectors in Saudi Arabia the United Arab Emirates and Bahrain with credential phishing campaigns These credential phishing campaigns have ranged from targeting specific government organizations to AWS accounts to Gmail accounts Sample AWS phishing emailSample AWS phishing pageTAG has linked former employees of both Appin and Belltrox to Rebsec a new firm that openly advertises corporate espionage as an offering on its company website Rebsec s offerings as per the company s websiteRussiaWhile investigating a credential phishing campaign that targeted a prominent Russian anti corruption journalist we discovered the Russian attacker targeting other journalists politicians across Europe and various NGOs and non profit organizations But what stuck out during this investigation was the breadth of targeting which also included individuals that had no affiliation with the selected organizations and appeared to be regular everyday citizens in Russia and surrounding countries This hack for hire actor has been publicly referred to as Void Balaur These campaigns were similar regardless of target consisting of a credential phishing email with a link to an attacker controlled phishing page The lures ranged from fake Gmail and other webmail provider notifications to messages spoofing Russian government organizations After the target account was compromised the attacker generally maintained persistence by granting an OAuth token to a legitimate email application like Thunderbird or generating an App Password to access the account via IMAP Both OAuth tokens and App Passwords are revoked when a user changes their password Russian hack for hire phishing emailRussian hack for hire phishing siteDuring our early investigation TAG discovered the attacker s public website no longer available advertising account hacking capabilities for email and social media services The site claimed to have received positive reviews on Russian underground forums such as Dublikat and Probiv cc Over the past five years TAG has observed the group targeting accounts at major webmail providers like Gmail Hotmail and Yahoo and regional webmail providers like abv bg mail ru inbox lv and UKR net Pricing list from hacknet service com in United Arab EmiratesTAG is also tracking a hack for hire group now based in the United Arab Emirates that is mostly active in the Middle East and North Africa They have primarily targeted government education and political organizations including Middle East focused NGOs in Europe and the Palestinian political party Fatah Amnesty International has also reported on their campaigns The group commonly uses Google or OWA password reset lures to steal credentials from targets often using the MailJet or SendGrid API to send phishing emails Unlike many hack for hire actors that use open source phishing frameworks like Evilginx or GoPhish this group uses a custom phishing kit that utilizes Selenium a self described suite of tools for automating web browsers Previously described by Amnesty this phishing kit has remained under active development over the past five years Google Security Alert phishing pageAfter compromising an account the actor maintains persistence by granting themselves an OAuth token to a legitimate email app like Thunderbird or by linking the victim Gmail account to an attacker owned account on a third party mail provider The attacker would then use a custom tool to download the mailbox contents via IMAP This group also has links to the original developers of H Worm also known as njRAT In Microsoft filed a civil suit against the developer Mohammed Benabdellah for the development and dissemination of H Worm Benabdellah who also goes by the moniker Houdini has been actively involved in the day to day development and operational deployment of the credential phishing capabilities used by this group since its inception Protecting Our UsersAs part of our efforts to combat serious threat actors we use results of our research to improve the safety and security of our products Upon discovery all identified websites and domains were added to Safe Browsing to protect users from further harm We encourage any high risk user to enable Advanced Protection and Google Account Level Enhanced Safe Browsing and ensure that all devices are updated Additionally our CyberCrime Investigation Group is sharing relevant details and indicators with law enforcement TAG is committed to sharing our findings as a way of raising awareness with the security community and with companies and individuals that might have been targeted We hope that improved understanding of the tactics and techniques will enhance threat hunting capability and lead to stronger user protections across the industry With contributions from Winnona DeSombreIndicators of CompromiseUAE hack for hire Group Domains myproject login shopmysite log shopsupp help meaccount noreply xyzgoolge ltdgoolge helpaccount noreply infoaccount server xyzkcynvd mail commail goolge comkcynve mail comIndian hack for hire Group Domains dtiwa app linkshare team app linkmipim app linkprocesss app linkaws amazon app inkclik sbsloading sbsuserprofile liverequestservice liveunt log comwebtech portal comid apl infornanage icloud comapl onlgo gl ioRussian hack for hire Group Domains login my oauth mail ruoauth login accounts mail rumy oauth accounts mail rulogin cloud myaccount mail rumyaccounts auth rusecurity my account rusource place preference rusafe place smartlink rusafe place experience rupreference community place ru |
2022-06-30 16:00:00 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
CloudWatch Logs Insights でWAFログ抽出 |
https://qiita.com/zagvym/items/fe75321586ea765a6ed3
|
cloudfront |
2022-06-30 23:32:59 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
AWS SESメール受信先にSlackチャンネルを指定しようとしたがダメだった |
https://qiita.com/zagvym/items/23945b662119bda5a788
|
awsses |
2022-06-30 23:29:47 |
Docker |
dockerタグが付けられた新着投稿 - Qiita |
dockerでnginx 関連メモ |
https://qiita.com/ytmycat17yo/items/a6586872f1157bcd3e95
|
docker |
2022-06-30 23:35:40 |
Docker |
dockerタグが付けられた新着投稿 - Qiita |
PHP on Laravel + nginx + mysql + phpMyadmin 環境をdocker-composeで作るぞ!記事 |
https://qiita.com/R-igaras/items/23ef553c97e7c8ac1bd5
|
avelnginxmysqlphpmyadmin |
2022-06-30 23:06:54 |
技術ブログ |
Developers.IO |
CloudWatch Logsの機能「Vended Logs」について調べてみた |
https://dev.classmethod.jp/articles/looked-into-cloudwatch-logs-vended-logs/
|
ashissan |
2022-06-30 14:59:47 |
技術ブログ |
Developers.IO |
AWS Step FunctionsからS3 Bucket内のデータに対するAthenaクエリを実行して結果を取得する(AWS CDK v2) |
https://dev.classmethod.jp/articles/run-athena-queries-on-data-in-s3-bucket-from-aws-step-functions-to-get-results/
|
awscd |
2022-06-30 14:53:14 |
技術ブログ |
Developers.IO |
新しいヘッドレスCMS NewtのAppテンプレートを使用して、プロジェクトを作成する |
https://dev.classmethod.jp/articles/newt-apptemplate/
|
cmsnewt |
2022-06-30 14:51:41 |
技術ブログ |
Developers.IO |
ボードビュー上のカード内表示についてラベルを付けて情報を読み取りやすくしてみた |
https://dev.classmethod.jp/articles/arranged-notion-board-view-properties/
|
githubproject |
2022-06-30 14:45:49 |
技術ブログ |
Developers.IO |
Unity上コードで2D Textureを切り出してみた |
https://dev.classmethod.jp/articles/crop_2d_textures_in_unity/
|
dtexture |
2022-06-30 14:25:44 |
技術ブログ |
Developers.IO |
Tera TermでSSMセッションマネージャーを通してSSHアクセスしてみる |
https://dev.classmethod.jp/articles/teraterm-ssm-session-manager-ssh/
|
inomasoinomasosan |
2022-06-30 14:07:11 |
技術ブログ |
Developers.IO |
CI/CDサービスからCDKでデプロイする際、差分がないはずなのにno changeにならない原因と対策 |
https://dev.classmethod.jp/articles/why-cdk-diffs-in-cicd-environment/
|
nochange |
2022-06-30 14:07:06 |
海外TECH |
Ars Technica |
Cuphead expansion pack review: As good as DLC gets |
https://arstechnica.com/?p=1863647
|
cuphead |
2022-06-30 14:24:28 |
海外TECH |
MakeUseOf |
How Does a Drive-By NFC Hack Work? |
https://www.makeuseof.com/tag/drive-nfc-hack-work/
|
security |
2022-06-30 14:45:15 |
海外TECH |
MakeUseOf |
6 Interesting Career Options in 3D Printing |
https://www.makeuseof.com/interesting-career-options-3d-printing/
|
potential |
2022-06-30 14:45:15 |
海外TECH |
MakeUseOf |
A Breakdown of the Synth Components in Ableton's Learning Synths Playground |
https://www.makeuseof.com/ableton-learning-synths-playground-synth-components-breakdown/
|
playground |
2022-06-30 14:30:14 |
海外TECH |
MakeUseOf |
5 Windows Registry Hacks to Improve Your Gaming Performance |
https://www.makeuseof.com/windows-registry-hacks-gaming/
|
windows |
2022-06-30 14:15:14 |
海外TECH |
DEV Community |
Checking out dbForge’s SQL Complete for SQL Server (Part 1) |
https://dev.to/alejandrocobar/checking-out-dbforges-sql-complete-for-sql-server-part-1-13bo
|
Checking out dbForge s SQL Complete for SQL Server Part InstallationYou can get dbForge SQL Complete by clicking the Get Trial button If you go for the SQL Tools Professional Trial it will also include the whole suite of SQL Server Management Studio extensions which adds a whole lot of extra value Note SQL Complete is an add in for SQL Server Management Studio so I would recommend having the latest version installed although if you have an older version e g then it will probably work as well Since SQL Complete is not a stand alone tool the first thing you must do is open SQL Server Management Studio and establish a connection against a target SQL Server instance of your choosing Once in there you can fire up a new query window and start laying out a query just to see what it does In my case I m currently connected to my database called “test which only has table right now As I m writing my SELECT statement you can see that SQL Complete is listing that table for me in the context menu which is very helpful when your databases are flooded with dozens of objects Now if you don t want to type the whole name of the desired table then you can simply select it and it will complete it within your query For demonstration purposes I have created a new table called “table and re tried writing the same SELECT statement again However this time I noticed that only “table was showing in the context menu it showed only after I dropped the connection to the instance and re established it so that you are fully aware As you can see in the screenshot it is showing as expected There s one additional detail that I would like to bring up and it is that if you select a particular table with the arrow keys on your keyboard then it will list you all the fields with their respective data types It will also tell you which fields conform the Primary Key and an estimate of the row count That feature by itself is a massive productivity booster for all of us SQL Server DB Developers Just out of pure curiosity I have created a third table called “table with fields id and NVARCHAR fields just to see how SQL Complete presents a wide table With my on going curiosity I want to try with an even wider table fields to see the behavior It will display as much as your screen can handle It would be neat to include a scrollable view for the context menu for cases like this though but I m sure that the Devart team will address it if the demand for it is high enough because they are constantly improving their suite of tools for the greater good I would like to make a tiny pause here and take back what I mentioned earlier in regards to the need to re establish a connection to the SQL Server instance so that my newly created table would appear in the context menu It turned out that after I created my tables “table and table I got up from my seat for a few minutes and when I got back the tables were there without the need for me to re establish my connection Now let me move on to an INSERT statement to see what we get Interestingly enough here you get a scrollable view for all the fields if you have wide tables With that detail out of the way I want you to notice that next to each field name there s a white unmarked checkbox so if you start clicking them you will see how your INSERT statement is being completed for you it s just SQL Complete living up to its name Now if you move on to the VALUES section of your INSERT statement and start filling in the values then SQL Intellisense will indicate which column you are specifying the value for This visual feedback alone is worth every penny For the UPDATE statement you pretty much get the same treatment as you are typing it you will be getting the help from SQL Complete to write a valid statement Moving to the DELETE statement as soon as I enter the word DELETE then I m presented with options If I pick the “DeleteFrom option you will notice that SQL Complete will layout a full skeleton for a formal DELETE statement that you simply have to accommodate to your own case Moving on to a SELECT with a JOIN statement this is what I m able to see when I reach the part where I have to specify the fields to perform the match As you can see it is suggesting to me that the JOIN can be done using the id fields of both tables and it will also show the participating tables along with their respective fields Moving on to the last section of this article I want to show you a feature that SQL Complete also has baked in If you right click on any database you will see a section called “SQL Complete and then an option called “Find Invalid Objects After you click that option you will see something like this If I hit the “Analyze button or link this is what I ll get For this particular demonstration I have created on purpose a Stored Procedure that is trying to do something on a table that doesn t exist within my “test database just to show you that SQL Complete will not only let me know that there s something wrong with my Stored Procedure but it will also pin point where the issue is Once again hats off to the Devart team Final thoughts I have definitely just shown you the surface of what SQL Complete has to offer so if you d like to dig deeper then I highly recommend you check the documentation center for even more information I will continue with the coverage of SQL Complete in a second part so that the content is presented to you in a digestible format If your workflow revolves heavily around DB Development for SQL Server then SQL Complete is definitely the tool to have to boost your productivity SQL Complete is the perfect complement whether you are an experienced senior or a not so experienced junior database developer |
2022-06-30 14:36:21 |
海外TECH |
DEV Community |
JavaScript News and Updates of June 2022 |
https://dev.to/plazarev/javascript-news-and-updates-of-june-2022-116o
|
JavaScript News and Updates of June Hello everyone Hope that sunny summer weather does not cool off your interest in the latest developments in the JavaScript world Expecially since many noteworthy updates have been released in June and I m excited to share them with you Today you will learn about the main results from the Developer Survey key features in Angular recent releases from DHTMLX why GitHub discontinues the Atom editor reasons behind the Vue js backporting and current activities of the React team In the second part you ll find a pack of useful articles that cover some tricky aspects of JavaScript Let s roll News and Updates Key Findings from the Latest Stack Overflow Developer SurveyThe Stack Overflow platform has recently published the results of its popular annual Developer Survey This year more than developers from all over the world took part in this research project and shared their views on various aspects of a programmer s life But we ll focus on the most intriguing part of the survey technology rankings JavaScript is still the most widely used and moderately dreaded programming language among the respondents to which we have become accustomed React and Node js were named the most common chosen web tools But you ll probably be surprised to know the place of Svelte as the most loved web framework is taken by Phoenix a top tool in the Elixir ecosystem The numbers provided in the survey also say that Docker has become as important for professional developers as Git Find more interesting facts in the full Developer Survey Introducing Angular Angular is still one of the most widely used front end framework despite a high level of competition in this segment To maintain developers interest to the product at a high level the Angular team regularly updates the framework with new features and improvements So meet Angular This major update includes a range of novelties but two of them deserve our special attention The first long awaited feature is the possibility to apply strict typing for Angular Reactive forms It will help to detect many common errors in TypeScript code Thus Angular developers will be able to create much safer forms especially when dealing with deeply nested complex cases But bear in mind that this feature is not applicable to template driven forms Another big feature added in v is the concept of Angular stand alone components Such components will free developers from the necessity to use ngModules Now they just can add dependencies directly to components rather than modules This novelty has the potential to significantly simplify the process of building Angular apps but currently it is in developer preview and may change in future versions To become familiar with other new things provided in Angular check out this article published in the Angular blog DHTMLX Strengthens its Project Management LineDHTMLX is a well known provider of business oriented JavaScript components and this month the company has reminded the dev community of itself with two interesting releases First of all the DHTMLX team enriched its product line with a new task management tool JavaScript To Do List In addition the DHTMLX Kanban library has been updated to v DHTMLX To Do List is a simple yet powerful widget that allows implementing a multifunctional to do list that will function equally well in browsers of desktops and touch devices This product has a user friendly interface consisting of two main sections a toolbar and a list The first UI element serves for adding projects and conveniently reviewing them while the second one helps to plan tasks for each project and monitor their completion There are plenty of useful features for managing tasks For instance you can split complex tasks into subtasks assign tasks to particular employees specify due dates categorize tasks with tags manipulate tasks with the keyboard use different modes for showing tasks completion and more Thanks to a flexible API it is possible to change the toolbar structure or add custom controls to it and style any part of your to do list in accordance with any project requirements The release of DHTMLX Kanban despite its minor status offers a range of important features designed to facilitate more productive work with large projects containing hundreds of tasks The most notable changes introduced in v are built in and custom sorting settings lazy rendering separate scrollbars for Kanban columns and custom context menus for cards Moreover now you can also make use of the enhanced toolbar API and enjoy improved work on mobile devices There is also one great feature that is related to both of the DHTMLX products discussed above The thing is that they can be easily integrated with each other as well as with other popular DHTMLX libraries Gantt Scheduler Suite Using these components together you will be able to create a comprehensive business application without any compatibility issues Time to Say Goodbye to Atom Text Editor If you are still using the Atom editor for working with your code it is time to start thinking about a worthy substitute for this tool The thing is that GitHub has announced that its popular editor will be discontinued at the end of the year This decision is caused by the company s inclination to concentrate efforts on enhancing the developer experience in the cloud by developing and promoting such technologies as Microsoft Visual Studio Code and GitHub Codespaces Interestingly when Microsoft purchased GitHub in new owners were interested in keeping the Atom project alive But priorities have changed and the Atom repository will be archived On December More details are provided in this post At the same time we cannot exclude the possibility that Atom will be further supported independently of GitHub by the web community via new forks Atom is still quite popular among developers since it allows working with syntax of programming languages including JavaScript and supports plugins written in JS Therefore it may be too early to give up on Atom We ll have to wait and see Vue Team Resorts to BackportingEvan You together with his team gives the finishing touches to Vue despite the fact that Vue now being the default version of the framework Why is that The point is that many developers still cannot migrate to v because of various bottlenecks such as dependency compatibility browser support requirements etc Therefore it was decided to help those who still have to use Vue x by backporting some of the key features from Vue As a result some features from Vue will be available in v that is currently in beta At the same time it should be noted that v will be the last release of Vue x It will be supported for months by the end of to give developers enough time for migration to Vue Learn more details about the upcoming release in this post React Team Goes Public About Current ActivitiesIt is very frustrating when your favorite JavaScript framework does not receive significant updates for a long time and nobody knows when that will happen React admirers know how it feels for sure They had been waiting for the release of React for several years without getting much info on the process until it was delivered a couple of months ago Now the React development team plans to start sharing more information on their undertakings with the community on a regular basis Read the first portion of news from the React team in this blog article Useful Tips and Articles JavaScript Coding TricksJavaScript is regularly updated with new features that allow developers to do a lot of good stuff But in practice it is hard to make the most of new functions right away because of limited knowledge of their practical application Fortunately it is possible to save time and benefit from the successful experience of others You can do it by reading this article provided by the professional front end developer This material sheds light on some tricks that will help you to work effectively with the features recently added to JavaScript Interesting Thoughts on SPA vs MPA DilemmaWhen it comes to making up your mind about the architecture type for a web project developers commonly choose between two popular options a single page app SPA or a multi page app MPA Although the choice is reduced to two options it still can be a problem If you are facing the same dilemma you should visit the blog of a professional developer Nolan Lawson Recently he has posted a series of great articles that will help you to better understand the pros and cons of both approaches Addressing the Problem of Installing Packages GloballyIt is well known that npm packages can be installed in two ways locally or globally But many experienced developers consider it a bad practice to install npm packages globally and discourage their young colleagues from doing so There are many reasons for that unsuitability for working on several projects possible breaking changes security concerns etc Dr Axel Rauschmayer the expert in JavaScript language and web development has recently published an informative article where you can find the description of alternative options to global installs Using Web Animations API for JS Timing IssuesWhen writing code in JavaScript it is frequently needed to execute a task or any function at a certain time In such a case it is natural for web developers to use special timing functions also known as JavaScript timers But there may be a better way for addressing JS timing issues It is claimed that you can create effective workarounds for dealing with this problem using the Web Animations API The author of this article gives more details on this uncommon approach Learning about Svelte Origins from the InsideDuring the last few years Svelte has gained the reputation of the most loved JavaScript framework Indeed it is really hard to find a reason why not to love this easy to use and truly reactive tool If you ve already joined the army of Svelte admirers or just want to learn more about it you will certainly enjoy watching the documentary titled Svelte Origins You will learn many interesting things about Svelte from its creator Rich Harris and members of the Svelte community who contributed to the development of the framework That s it for now Thanks for reading and see you soon |
2022-06-30 14:33:42 |
海外TECH |
DEV Community |
Firebase/Firestore is becoming too complicated of a product. Am I the only one? |
https://dev.to/obedtandadjaja/firebasefirestore-is-becoming-too-complicated-of-a-product-am-i-the-only-one-3ljj
|
Firebase Firestore is becoming too complicated of a product Am I the only one Does anyone feel like Firestore is becoming too complicated for the average user I used Firestore for my most recent project and the amount of customization and options is just overwhelming From security rules cache vs server fetch snapshots pending writes etc The product is not as beginner friendly as it used to be before Am I the only one who feels this way |
2022-06-30 14:29:09 |
海外TECH |
DEV Community |
Paracetamol.js💊| #158: Explica este código JavaScript |
https://dev.to/duxtech/paracetamoljs-158-explica-este-codigo-javascript-3g2l
|
Paracetamol js Explica este código JavaScript Explica este código JavaScript Dificultad Básicoconst perro id nombre Dogge edad color cafe cola false console log Object keys perro console log Object values perro A id nombre edad color cola Dogge cafe false B Dogge cafe false id nombre edad color cola C Ninguno de los anterioresRespuesta en el primer comentario |
2022-06-30 14:19:52 |
海外TECH |
DEV Community |
Developing high-performing applications with Python’s FastAPI |
https://dev.to/abtosoftware/developing-high-performing-applications-with-pythons-fastapi-3j9l
|
Developing high performing applications with Python s FastAPIThe original version of this article was published on our company s blog Python is extremely popular among professionals and used all over the globe It is an object oriented programming language with a dynamic semantic But what makes this programming language that popular FastAPI is one of the reasons According to the findings of JetBrains web development is one of the programming language s most popular use cases Python is mostly chosen for developing web apps because of its many additional libraries helpful frameworks and simplicity Python s FastAPI in briefLet s look closer at one of the fastest Python web frameworks available Combining Python and FastAPI leads to amazing results and chances to develop fast websites FastAPI is a modern fast high performant web framework with built in support for async endpoints for building APIs with Python based on standard Python type hints FastAPI was developed by Sebastián Ramírez First stable release was on December and the last one on May It was written in Python and last year FastAPI was recognized as the third most loved web framework in Stack Overflow Developer Survey It is used by large companies like Uber and Netflix to develop some of their applications The benefits of using Python s FastAPIFastAPI gives the following benefits Open standardsFastAPI is based on open standards such as OpenAPI for API creation including declarations of path operations body requests parameters security and more Interactive documentationInteractive API documentation and exploration web user interfaces Two included by default Swagger UI ReDoc Standard PythonIt s all based on standard Python type declarations No new syntax to learn Just standard modern Python Editor support auto completion works everywhereFastAPI is ShortIt has sensible defaults for everything with optional configurations everywhere All the parameters can be fine tuned to do what you need and to define the API you need ValidationFastAPI uses Python type annotations So you get it out of the box with no need to use additional layer for validation Security and authentication integratedHTTP Basic OAuth also with JWT tokens API keys in Headers Query parameters Cookies etc Dependency InjectionFastAPI comes with its own built in dependency injection system that helps to integrate components when building your API Unlimited plugin supportFastAPI is thoroughly tested How to work with Python s FastAPI Check it out with the following examples The installationThe first step is to install base packages we are going to work with pip install fastapi uvicorn standard Creating a base classLet s create a class for FastAPIServer from fastapi import FastAPI from hypercorn asyncio import servefrom hypercorn config import Config as HyperCornConfigfrom application actions action handler import ActionHandlerclass FastAPIServer def init self action handler ActionHandler self hypercorn config HyperCornConfig self fastapi FastAPI self action handler action handler async def run server self self hypercorn config bind self add routes await serve self fastapi self hypercorn config def add routes self self fastapi add api route path endpoint self say hello methods GET Dependency injectionAdd say hello function with authentication to the FastAPIServer from fastapi security import OAuthPasswordBeareroauth scheme OAuthPasswordBearer tokenUrl api login You should add the path operation function and mount it to the path api login Also we can add HTTPException and raise it from the endpoint from fastapi import HTTPExceptioncredentials exception HTTPException status code status HTTP UNAUTHORIZED detail Could not validate credentials headers WWW Authenticate Bearer from fastapi import Depends async def say hello self token str Depends oauth scheme current user await self get current user token if current user is False raise self credentials exceptionDependency injection is very useful when you need to have shared logic the same code logic again and again share database connections enforce security authentication as shown in the example role requirements etc Path and Query parametersYou can mount a few endpoints to the same path by using additional parameters For example self fastapi add api route path profiles endpoint self get profiles list methods GET self fastapi add api route path profiles me endpoint self get my profile methods GET self fastapi add api route path profiles user id endpoint self get user profile methods GET Path operations are evaluated in order so if you put “ profiles user id above “ profiles me me will be tracked as user id user id is called path parameters It can be declared with type or without it async def get user profile self user id int …async def get user profile self user id As a parameter type can be used any of standard Python types or Pydantic types Except path parameters you can use Query parameter Take a look from fastapi import Query async def get profiles list self search text str Query None alias search text …Adding CORSMiddlewareIf your back end server and web are running on the different origins you should add CORS Cross Origin Resource Sharing to your FastAPI server It can be done by using middleware which is also supported by FastAPI from fastapi middleware cors import CORSMiddlewareself fastapi add middleware CORSMiddleware allow origins allow credentials True allow methods allow headers Why choose Python s FastAPI FastAPI is the best solution for developing web applications using third party inside path operation function or for applications with microservices architecture Such an API will be very fast because when your app receives the request and starts processing it in the microservice or by passing data to some other API it should wait for a response Asynchronous supports the processing of other requests during the time when the system is waiting for a response Our team at Abto Software utilizes Python software development for fast prototyping and building highly scalable web applications Fullstack Python web development services and client server programming amp administration are what we do on a daily basis To name Data science Big data analysis solutionsHigh load web portalsData driven ERP systemsCloud based solutionsAPIs and automation pluginsand more To get more information you can read the original article on our R amp D blog |
2022-06-30 14:14:30 |
海外TECH |
DEV Community |
Dash Platform Sprint 85 Review – Summary |
https://dev.to/dcgcrew/dash-platform-sprint-85-review-summary-ldf
|
Dash Platform Sprint Review SummaryHey welcome to Dash Platform th Sprint review Here s a short summary of what has been done for the last two weeks TenderDash GoalsBackports Tendermint master branch and design withdrawal transitionsWhat We PlannedPre release with ABCI doneFinalize withdrawal transactions using vote extensions doneTenderdash is ready for a new prerelease that will include vote extensionsValidator key verification in progressPull request is ready for review postpone until Jul BonusActualization PR about integration of go bindings for BLS v in progressWhat s NextFinish working on the integration of go bindings for BLS vPre release ABCI including improvements for vote extensionsUpdate vote extension part in ABCI specResearch same block execution signing current state instead of previous one in ABCI GroveDB GoalGrovedb Costs Batches and Multi query ProofsGroveDB tasksFeaturesMulti query proof generation and verification in progressProof of path absence doneProof documentation in progressBatches v in review Cost for storage in progressCosts for storage rationaleOn GroveDB level costs were approximate On subtrees Merk level costs became more accurate but don t represent any possible changes on storage levelA big part of costs API includes storage operations data if we collect these metrics starting directly from storage usage we ll have better results and easier maintenanceWhat s NextStandardize root tree to AVL treeEfficient referencesFinish current tasks SDK Sprint GoalsRework chain synchronization process SPV SDK repository documentation update Stabilizing dashmateWhat We PlannedUpdate SDK docs in progressDashmate upgraded to work with Docker Compose v doneAdd flag for faucet wallet storage directory doneInvestigate dashmate setup issues in progressWallet synchronizationReworking wallet synchronization process in progressReplace x hash JS library with wasm one doneReact App POC donedash spv library optimizations in progressWhat s NextRework chain synchronization process SPV SDK repository documentation update Protocol Sprint GoalsFee calculation distribution pools and proofsWhat We PlannedFee calculationPredict worst case fees for state transition validation in progressCollect operations without execution to calculate fee in RS Drive in progressFixed non deterministic fees for data contract cache done GroveDB Batches integrationIntegrate GroveDB batches into RS Drive doneWhat We PlannedFee Distribution PoolsImplementation in reviewIntegration with JS Drive in progressProofsSimplify public key to identity structure and remove getIdentityIdsByPublicKeyHash doneProvide proofs from DAPI doneOthersAllow char document type and property name in DPPLog synchronize masternode identities in DriveFixed uncertain transaction rollbackWhat s NextContinue on fee systemRelease Platform vABCI integration Rust Port UpdateProgressThis sprint was a little bit different in terms from what we did before We ve started the first efforts on the integration of DPPWrote tests to ensure that the binary serialization is in line with the JS implementationPorted some code serialization code from RS Drive over to DPP so the backend team can check what effort is needed to plug DPP in RS Drive |
2022-06-30 14:05:54 |
海外TECH |
DEV Community |
Testando datas mais facilmente com Jest |
https://dev.to/andersonmalheiro/testando-datas-mais-facilmente-com-jest-18cp
|
Testando datas mais facilmente com JestQuem desenvolve em Javascript Typescript e outras linguagens também sabe a dor de cabeça que étrabalhar com datas Uma coisa écerta do juninho ao sênior em algum momento vocêvai precisar formatar uma data e não vai saber ou vai ficar muito estressado porque o diabo da data que vocêcriou estáficando com horas a menos kkk O primeiro problema énormal Jáo segundo se deve a forma como o Node trabalha com timezones Nesse caso ao criar um objeto Date com o comando new Date e tentar utilizar algum método como toString o Node vai trazer esse valor acrescido ou subtraído do valor timezone da nossa máquina normalmente aqui no Brasil seria de horas Por isso ocorre de criarmos uma data e ao tentarmos exibí la o valor retornado ser a data do dia anterior às h Exemplo const date new Date date toString deveria retornar Sat May mas retorna Fri May Para resolver esse problema na execução de testes com Jest e evitar programações alternativas podemos fazer uma simples configuração que lhe salvarávários fios de cabelo Vamos lá Primeiramente precisamos criar um arquivo de configuração global para o jest não éo jest config O nome não importa mas nesse exemplo vamos chamá lo de globalJestSetup ts e ele teráuma simples função exportada como default Nesse arquivo estamos simplesmente dizendo para o Jest sempre utilizar a timezone UTC assim ao trabalhar com datas não haveráo problema de termos o valor diferente dependendo da timezone Feito isso agora sóprecisamos adicionar esse arquivo nas configurações do Jest no arquivo jest config como mostrado na imagem abaixo utilizando o atributo globalSetup Lembrando que o nome que vocêdeu ao arquivo deve ser igual ao usado na configuração do Jest E ébasicamente isso Agora ao fazer seus testes as datas sempre terão o valor que vocêesperava hehe independente do ambiente em que eles sejam executados Bônus Vocêpode adicionar um teste que verifica se essa configuração funcionou realmente |
2022-06-30 14:01:05 |
Apple |
AppleInsider - Frontpage News |
Epic Games-funded polls claim public want open App Store |
https://appleinsider.com/articles/22/06/30/epic-games-funded-polls-claim-public-want-open-app-store?utm_medium=rss
|
Epic Games funded polls claim public want open App StoreThe Coalition for App Fairness has commissioned a pair of polls showing that the majority of respondents want App Store competition and antitrust legislation Coalition for App FairnessFounded in by Epic Games Spotify and others the Coalition for App Fairness CAF is a lobbying group created specifically to advocate against Apple s App Store policies It has been calling for Apple to allow third party app stores alternative payment systems and less restrictive terms Read more |
2022-06-30 14:51:46 |
Apple |
AppleInsider - Frontpage News |
M2 MacBook Air could hit shelves on July 15, with preorders on July 8 |
https://appleinsider.com/articles/22/06/30/m2-macbook-air-could-hit-shelves-on-july-15-with-preorders-on-july-8?utm_medium=rss
|
M MacBook Air could hit shelves on July with preorders on July Apple s new M MacBook Air could find its way to customers and storefronts by mid July While we know that Apple plans on releasing the new MacBook Air in July the company did not provide a date when it announced the updated model at WWDC According to a retail source who spoke to MacRumors the new M MacBook Air will be available starting on Friday July with preorders going live on Friday July Read more |
2022-06-30 14:36:55 |
海外TECH |
Engadget |
Supreme Court ruling guts the EPA’s ability to enforce Clean Air Act |
https://www.engadget.com/supreme-court-ruling-guts-epa-ability-to-enforce-clean-air-act-145027419.html?src=rss
|
Supreme Court ruling guts the EPA s ability to enforce Clean Air ActIn yet another historic reversal of long standing precedent the US Supreme Court on Thursday ruled along party lines to severely limit the authority of the Environmental Protection Agency in regulating carbon emissions from power plants further hamstringing the Biden administration s ability to combat global warming nbsp The case West Virginia v Environmental Protection Agency No centered both on whether the Clean Air Act gives the EPA the power to issue regulations for the power industry and whether Congress must quot speak with particular clarity when it authorizes executive agencies to address major political and economic questions quot a theory the court refers to as the “major questions doctrine Developing |
2022-06-30 14:50:27 |
海外TECH |
Engadget |
Months after launch, the DJI Mavic 3 is a much better drone |
https://www.engadget.com/dji-mavic-3-update-hands-on-video-141505594.html?src=rss
|
Months after launch the DJI Mavic is a much better droneWhen it launched last year the DJI Mavic grabbed a lot of headlines with features like a big Four Thirds sensor and a second X telephoto camera But it also drew some criticism for going on sale with key features like ActiveTrack and QuickShots still not available That meant that I and others couldn t assess those features in our early Mavic reviews And because of that potential buyers couldn t get a full picture of the drone before paying up to for one Following three major firmware updates in December January and May all the promised functions and more are finally here Now I m going to test them out using the same exact drone to see how well they work At the same time I ll discuss this trend of selling products before key features are available is this good or bad ActiveTrack Quickshots and other AI featuresLast year I tested the mainstream Mavic not the Cine model in the Fly More combo package with my drone pilot friend Samuel Dejours At the time we rated it highly for things like video quality obstacle avoidance long battery life and more However the coolest AI features were nowhere to be seen This time we ve got three firmware updates with the most recent coming from the end of May Most of the AI features like QuickShots ActiveTrack MasterShots and others arrive in January We re also going to check out the “Nifty update that arrived in May allowing the Mavic to fly closer to obstacles with a smoother trajectory Prior to Nifty we tested the Mavic s ActiveTrack and APAS obstacle avoidance and found it couldn t keep up with the smaller and cheaper DJI Mini Pro Some of that is down to the Mini Pro s size and agility but the Mavic also seemed conservative when approaching obstacles Steve Dent EngadgetIn Normal mode we found that ActiveTrack worked well as long as it didn t have to deal with many obstacles It usually flew at the angle and distance set giving us stable and predictable shots So it was already a decent tool for solo creators but it didn t do the things DJI showed in its Mavic launch video like zipping around trees while filming a guy on a mountain bike With Nifty mode though it loses that shyness When used with ActiveTrack it s willing to approach obstacles very closely while following your subject That makes it possible to film in tricker situations and get far more dramatic shots as it passes behind under and over impediments It does make things more unpredictable though of course You can never tell what route it s going to take to avoid obstacles and sometimes it gets lost in the woods literally It will also deviate from your pre selected path as you d expect but then stay there at a new altitude or camera angle Still this often results in some interesting and unexpected shots Steve Dent EngadgetHowever the extra AI derring do can put the Mavic in harm s way as you re warned when you turn on Nifty mode not ideal with a drone It might be a good idea to get DJI s Care Refresh accident protection insurance if you use it frequently An earlier release of DJI s app warned that “you will be liable for any adverse consequences when using the feature but it no longer says that in the latest version Where Nifty is most useful is with manual piloting we discovered By engaging it Samuel was able to fly in tighter spaces without the drone chickening out while still getting basic obstacle protection That allowed him to concentrate on the subject while the drone swooped around and passed closely by obstacles resulting in some pretty thrilling footage The January update also introduced QuickShots letting you do pre programmed camera movements like Dronie Helix Rocket Circle Boomerang and Asteroid On top of that the May update lets you shoot Log or HLG while using QuickShots except for Asteroid mode Steve Dent EngadgetThese features are great for social media selfies and actually not bad for grabbing some quick footage For instance if you want a perfect looking orbit you don t need perfect piloting skills just let the drone and obstacle detection do the job Just make sure you re in a relatively clear area MasterShots is a similar feature letting you capture a series of pre programmed moves It then joins those shots together to create a little video set to music It was updated in January with K fps shooting manual exposure adjustment and more Panorama offers wide angle degree and Sphere modes a neat but slightly cheesy feature for occasional use Finally the latest version of Hyperlapse does a flying time lapse with some cropping to reduce shakes and jitter It can produce some dramatic shots particularly for cityscapes with cloud cover and other dynamic situations The latest version optimizes stability making for smoother shots but they re not perfectly smooth if there s a lot of wind Camera and GPS updatesNext we ll get into the bulk of updates that arrived in late May mostly focused on camera improvements Many of the changes are designed to make the X telephoto camera more useful The biggest change is the addition of fps shooting for K and p up from fps before It also introduces manual controls letting you adjust the ISO and shutter speeds DJI also introduced burst shooting and RAW capture Those things do make the tele camera more useful and allow for more options in post But they don t address the relatively low resolution and mediocre optics At the same time the main camera got a few key updates like fps slow motion at p with a significant crop HLG for in camera HDR capture and a three times digital zoom The latter is a welcome update as it offers higher quality and more options HLG Log fps slow mo than the tele camera Combined with earlier updates that added improved color accuracy and more you can take full advantage of the larger sensor It s now good enough to replace much bigger drones that pack physical cameras in some cases at a much lower cost And while the tele camera doesn t offer the best quality for content creation it s great for things like bird spotting industrial work and more Finally it s worth noting that DJI appears to have fixed the GPS issue that caused a slow home lock on startup a problem that has plagued users since launch Wrap upSteve Dent EngadgetWith all of that the Mavic finally delivers on its potential and DJI s marketing It does beg the question of why it went on sale without those things in the first place though I saw plenty of complaints from potential buyers YouTubers and others to that effect I m personally fine with it though DJI is generally reliable with promised updates other than the Ronin D RAW video debacle Key features like image quality were present from day one so buyers could immediately use the Mavic to create content and make money QuickShots ActiveTrack and a lot of the other AI features are nice but certainly not mandatory for many pro usersThe biggest problem was that users couldn t assess missing features ahead of purchase To solve that companies like DJI should at least have them ready in beta for reviewers so we can give potential buyers a flavor of them Details like that can weigh heavily on a buying decision for such an expensive product Samuel feels the same way He was able to exploit the Mavic for professional use filming cityscapes events weddings parties and more Image quality was the most important factor for him and while he did want the AI features he was willing to wait I think many other pros would feel the same let us know what you think in the comments below |
2022-06-30 14:15:05 |
Cisco |
Cisco Blog |
Transform your network operations with the cloud-delivered power of Nexus Cloud |
https://blogs.cisco.com/datacenter/transform-your-network-operations-with-the-cloud-delivered-power-of-nexus-cloud
|
Transform your network operations with the cloud delivered power of Nexus CloudMore than ever enterprises want the agility of a cloud delivered service to maximize the full potential of their hybrid cloud and cloud networking investments Cisco delivers on that ask with Nexus Cloud With Nexus Cloud and Nexus Dashboard our customers now have the operational tools to accelerate their digital transformation |
2022-06-30 14:59:37 |
金融 |
RSS FILE - 日本証券業協会 |
株券等貸借取引状況(週間) |
https://www.jsda.or.jp/shiryoshitsu/toukei/kabu-taiw/index.html
|
貸借 |
2022-06-30 15:30:00 |
金融 |
金融庁ホームページ |
高速取引行為の動向に関する資料について更新しました。 |
https://www.fsa.go.jp/news/r2/sonota/20210630/20210630.html
|
高速 |
2022-06-30 16:00:00 |
金融 |
金融庁ホームページ |
金融仲介機能の発揮に向けたプログレスレポートについて公表しました。 |
https://www.fsa.go.jp/news/r3/ginkou/20220630-4/20220630.html
|
Detail Nothing |
2022-06-30 16:00:00 |
ニュース |
BBC News - Home |
Logan Mwangi murder: Mum, stepdad and teen sentenced |
https://www.bbc.co.uk/news/uk-wales-61952430?at_medium=RSS&at_campaign=KARANGA
|
logan |
2022-06-30 14:42:25 |
ニュース |
BBC News - Home |
UK defence spending to rise as dangers increase - PM |
https://www.bbc.co.uk/news/uk-61999145?at_medium=RSS&at_campaign=KARANGA
|
secretary |
2022-06-30 14:23:23 |
ニュース |
BBC News - Home |
Supreme Court limits Biden's power to cut emissions |
https://www.bbc.co.uk/news/science-environment-62000742?at_medium=RSS&at_campaign=KARANGA
|
biden |
2022-06-30 14:43:06 |
ニュース |
BBC News - Home |
Giant jellyfish washes up on Wallasey beach |
https://www.bbc.co.uk/news/uk-england-merseyside-61984591?at_medium=RSS&at_campaign=KARANGA
|
merseyside |
2022-06-30 14:30:44 |
ニュース |
BBC News - Home |
Police domestic abuse victim: I just felt despair |
https://www.bbc.co.uk/news/uk-61995624?at_medium=RSS&at_campaign=KARANGA
|
officers |
2022-06-30 14:15:33 |
ニュース |
BBC News - Home |
Logan Mwangi: Juror traumatised by murder trial evidence |
https://www.bbc.co.uk/news/uk-wales-61270062?at_medium=RSS&at_campaign=KARANGA
|
logan |
2022-06-30 14:24:27 |
ニュース |
BBC News - Home |
Wimbledon: Katie Boulter and Heather Watson win, Alastair Gray beaten |
https://www.bbc.co.uk/sport/tennis/61997315?at_medium=RSS&at_campaign=KARANGA
|
Wimbledon Katie Boulter and Heather Watson win Alastair Gray beatenBritish wildcard Katie Boulter enthrals Wimbledon s Centre Court with a stunning fightback to beat runner up Karolina Pliskova |
2022-06-30 14:46:25 |
ニュース |
BBC News - Home |
Jos Buttler named England white-ball captain after Eoin Morgan retirement |
https://www.bbc.co.uk/sport/cricket/61994862?at_medium=RSS&at_campaign=KARANGA
|
morgan |
2022-06-30 14:37:45 |
ニュース |
BBC News - Home |
Wimbledon 2022: Watch the moment Katie Boulter beats Karolina Pliskova. |
https://www.bbc.co.uk/sport/av/tennis/62000930?at_medium=RSS&at_campaign=KARANGA
|
Wimbledon Watch the moment Katie Boulter beats Karolina Pliskova Watch the moment Britain s Katie Boulter creates a huge upset at Wimbledon by beating last year s finalist Karolina Pliskova at Wimbledon |
2022-06-30 14:50:46 |
ニュース |
BBC News - Home |
Wimbledon 2022: Watch both Lorenzo Sonego and Hugo Gaston hit brilliant trick shots. |
https://www.bbc.co.uk/sport/av/tennis/62000927?at_medium=RSS&at_campaign=KARANGA
|
Wimbledon Watch both Lorenzo Sonego and Hugo Gaston hit brilliant trick shots Watch Italy s Lorenzo Sonego and France s Hugo Gaston demonstrate brilliant skill with back to back hot dogs during a rally at Wimbledon |
2022-06-30 14:31:07 |
北海道 |
北海道新聞 |
テニス、女子複の加藤組ら敗れる ウィンブルドン第4日 |
https://www.hokkaido-np.co.jp/article/700265/
|
女子 |
2022-06-30 23:32:49 |
北海道 |
北海道新聞 |
NY株、一時500ドル超安 米経済の減速懸念 |
https://www.hokkaido-np.co.jp/article/700297/
|
経済 |
2022-06-30 23:44:00 |
北海道 |
北海道新聞 |
米、1千億円追加軍事支援 バイデン氏、ウクライナに |
https://www.hokkaido-np.co.jp/article/700246/
|
軍事支援 |
2022-06-30 23:25:55 |
北海道 |
北海道新聞 |
物価高騰、高まる不安 後志の有権者 年金減と二重苦/再値上げも検討 |
https://www.hokkaido-np.co.jp/article/700231/
|
高騰 |
2022-06-30 23:31:20 |
北海道 |
北海道新聞 |
銚子電鉄、6年ぶり黒字 純利21万円、副業が好調 |
https://www.hokkaido-np.co.jp/article/700271/
|
千葉県銚子市 |
2022-06-30 23:15:00 |
北海道 |
北海道新聞 |
いじめ加害生徒を校長権限で懲戒 旭川市教委、条例骨子案で検討 |
https://www.hokkaido-np.co.jp/article/700267/
|
旭川市内 |
2022-06-30 23:04:44 |
仮想通貨 |
BITPRESS(ビットプレス) |
【金融庁】「金融機関の信託業務の兼営等に関する法律施行規則の一部を改正する内閣府令(案)」等の公表について |
https://bitpress.jp/count2/3_17_13281
|
内閣府令 |
2022-06-30 23:10:58 |
コメント
コメントを投稿