投稿時間:2023-07-20 00:26:23 RSSフィード2023-07-20 00:00 分まとめ(31件)

カテゴリー等 サイト名等 記事タイトル・トレンドワード等 リンクURL 頻出ワード・要約等/検索ボリューム 登録日
IT 気になる、記になる… Beats、史上最もパワフルで高精度なオーバーイヤーヘッドフォン「Beats Studio Pro」を発表 ー 8月9日に発売へ https://taisy0.com/2023/07/19/174281.html beats 2023-07-19 14:28:09
AWS AWS Management Tools Blog Schedule automated operations for your Terraform managed resources on AWS https://aws.amazon.com/blogs/mt/schedule-automated-operations-for-your-terraform-managed-resources-on-aws/ Schedule automated operations for your Terraform managed resources on AWSIntroduction Do you have AWS resources deployed with Terraform where you would like to perform specific operations on schedule while avoiding drift in state Terraform is an infrastructure as code tool that helps you build change and version cloud and on premise resources safely and efficiently This post describes a pattern that can be used to … 2023-07-19 14:57:44
AWS AWS Messaging and Targeting Blog Amazon Simple Email Service adds email delivery features to revised free tier https://aws.amazon.com/blogs/messaging-and-targeting/amazon-simple-email-service-adds-email-delivery-analysis-features-to-revised-free-tier/ Amazon Simple Email Service adds email delivery features to revised free tierOn August st Amazon Simple Email Service SES will launch a revised more flexible free tier that allows AWS customers to try more SES features without commitment or cost SES customers will be able to send or receive up to messages each month for a year after they begin using SES free of … 2023-07-19 14:26:48
AWS AWS - Webinar Channel Analytics in 15: 99 Percent Fault Tolerance with Amazon Redshift Multi-AZ https://www.youtube.com/watch?v=1MZeP8kT9h0 Analytics in Percent Fault Tolerance with Amazon Redshift Multi AZData warehouse workloads are increasingly business critical analytics applications that require the highest levels of availability and resiliency with a low RTO Recovery Time Objective for minimal impact to applications Join this session to learn about Amazon Redshift s reliability capabilities that support running data warehouses in multiple Availability Zones simultaneously and continue operating in unforeseen failure scenarios 2023-07-19 14:53:55
AWS AWS - Webinar Channel AWS ML Heroes in 15: Choose a Foundation Model For Your Use Case Pt1 https://www.youtube.com/watch?v=Ws6zV4_sOVY AWS ML Heroes in Choose a Foundation Model For Your Use Case PtAmazon Bedrock is a fully managed service that makes Foundation Models FMs from Amazon and leading AI startups available via an API so you can choose from a wide range of FMs to find the model that s best suited for your use case In part one of this two part series you ll learn the best use cases for Amazon Titan Text Anthropic s Claude Cohere Command and Meta LLaMa Join us on September th for part two where we ll cover Amazon Titan Embeddings Stable Diffusion and AI Labs Jurassic 2023-07-19 14:50:04
AWS lambdaタグが付けられた新着投稿 - Qiita 【AWS Lamba】コンテナイメージから Lambda関数を作成する https://qiita.com/sakuchi/items/02ecf0e6b7d7da6c1984 busterasbuilderworkdir 2023-07-19 23:48:06
python Pythonタグが付けられた新着投稿 - Qiita あ...ありのまま今起こったことを話すぜ! の続きを HuggingFace Transformers で予測するッ! https://qiita.com/maskot1977/items/ca486c279e1676402cb3 huggingface 2023-07-19 23:37:36
python Pythonタグが付けられた新着投稿 - Qiita pytestで関数のモックと標準出力のテストをする https://qiita.com/tonnsama/items/f72f72453a7bce9058c5 pytest 2023-07-19 23:29:23
python Pythonタグが付けられた新着投稿 - Qiita Lama2のアプリ(申請不要) https://qiita.com/jingwora/items/db5d4aa2dacb04734cdc microsoft 2023-07-19 23:27:21
python Pythonタグが付けられた新着投稿 - Qiita 意外と「国土基本図図郭」のポリゴンを生成するライブラリがなかったのでPythonで作ってみた! https://qiita.com/nokonoko_1203/items/7d8271333f040817a388 作ってみた 2023-07-19 23:09:04
Ruby Rubyタグが付けられた新着投稿 - Qiita 管理者 商品詳細ページ https://qiita.com/mirimu/items/e996bfa3eb3503264bd5 efshowitemitemfind 2023-07-19 23:46:39
AWS AWSタグが付けられた新着投稿 - Qiita 【AWS Lamba】コンテナイメージから Lambda関数を作成する https://qiita.com/sakuchi/items/02ecf0e6b7d7da6c1984 busterasbuilderworkdir 2023-07-19 23:48:06
Ruby Railsタグが付けられた新着投稿 - Qiita 管理者 商品詳細ページ https://qiita.com/mirimu/items/e996bfa3eb3503264bd5 efshowitemitemfind 2023-07-19 23:46:39
技術ブログ Developers.IO [アップデート] Lambda 関数が再帰ループを検出して停止するようになりました https://dev.classmethod.jp/articles/detecting-and-stopping-recursive-loops-in-aws-lambda-functions/ lambda 2023-07-19 14:39:36
海外TECH MakeUseOf What Is Diagram for Figma and What Can You Do With It? https://www.makeuseof.com/what-is-diagram-for-figma/ diagram 2023-07-19 14:30:18
海外TECH MakeUseOf How to Fix the “Local Security Authority Protection Is Off” Security Warning on Windows https://www.makeuseof.com/local-security-authority-protection-off-security-windows/ windows 2023-07-19 14:15:18
海外TECH MakeUseOf Getting Started With Redis in Node.js https://www.makeuseof.com/redis-node-js-getting-started/ powerful 2023-07-19 14:01:17
海外TECH DEV Community How to build and deploy a modern-day Next.js application https://dev.to/livecycle/how-to-build-and-deploy-a-modern-day-nextjs-application-mgn How to build and deploy a modern day Next js application IntroductionMaking websites is not what it used to be Over the past ten years it has changed from being a very straightforward area controlled by HTML CSS and JavaScript to a vast ecosystem of tools and frameworks each with its own distinct features and capabilities You need to have a solid understanding of several cutting edge technologies if you want to become an expert in modern web development The complexity of today s development environment necessitates an agile mind and a strong commitment to lifelong learning from data fetching to authentication rendering to backend and containerisation This article is for people who are ready to step up their game and genuinely understand the practices of a modern JavaScript developer Next js Auth js Databases GraphQL Docker and Preevy will all be covered in this guide We ll look at the server side rendering and static site creation with Next js Auth js will assist us in unravelling the secrets of robust and secure user authentication We ll reimagine how we interact with APIs and handle data via the perspective of GraphQL Docker will show us the tremendous containerisation options and Preevy will provide us with the ability to provision a preview environment for our application Finally we will do a production deployment on Vercel and Netlify so that we can experience what it s like to have an application up and running on different platforms Are you ready to push the boundaries test your knowledge and possibly even redefine your perception of what current web development involves Then strap in for a detailed review of understanding contemporary web programming We will start by going over an introduction of each technology and then we will build an app to reinforce what we have learned The main aim of this article will be to create a simple application and then demonstrate the relationship between the tools With this knowledge you will be able to see how straightforward it is to deploy your Next js applications online regardless of how basic or complex the codebase is In the upcoming sections we will go through these topics related to building modern Next js applications Using Next js for web app developmentAdding authentication with Auth jsDatabases for persisting state and storing dataGraphQL the modern alternative to REST APIsHaving a Docker development environmentSetting up Preevy to provision preview environmentsBuilding and deploying our application Using Next js for web app developmentNext js is a framework for building server side rendered React apps making it suitable for generating quick and dynamic web applications It s significant for web app development because it helps with things like page routing server side rendering and quick loading times which are critical for generating a great user experience Additionally it is simple to use and has a growing community of developers who are always striving to improve it It has already replaced Create React App as the number one React build tool Building a web application is just one stage of the development process we also have to think about making our applications secure using authentication Let s now learn about Auth js a new modern way to add an authentication layer to our applications Adding authentication with Auth jsAuth js is created by Vercel and is an open source community project It was originally called NextAuth js until they rebranded and it is designed to be an authentication layer for the web Auth js helps developers to configure an authentication flow for their online projects It is compatible with an extensive list of authentication providers along with additional choices With Auth js we can integrate many different providers into our applications giving us the power to use them to log in and out Some of the most well known provider options include Google GitHub Facebook Instagram and many more It currently supports frameworks like Next js Svelte js and Solid js with many more on the way Let s now dive into databases and see why they are a good storage option for our data Databases for persisting state and storing dataWhen it comes to storing information many people choose databases Databases have become a crucial aspect of most applications whether you want to store user data or keep track of the state They assist you in organising your data and ensuring that it is secure and accessible when needed Databases can be used for a variety of purposes ranging from analytics to powering websites and apps As a result they have become an indispensable tool for developers and businesses Several databases are available each with unique features that can either be or might not prove suitable for our needs The most common is RDBMS relational database management systems which stores data in tables with various columns that can be connected together NoSQL databases on the other hand provide more scalability and flexibility and additional possibilities for customising how your data is stored Whatever choice you use databases are an essential resource for preserving state and storing data Their ability to simplify and automate activities makes them worthwhile to consider when developing apps or services And their dependability assures that your data will be protected and accessible for a long time Now that we have an introduction to databases let s move on to learning about GraphQL and why it s the perfect modern alternative to REST APIs GraphQL the modern alternative to REST APIsGraphQL is increasingly replacing conventional REST APIs as the preferred protocol Instead of dealing with a vast and often burdensome payload of data this powerful tool allows developers to request only what they need from an API GraphQL also allows developers to query several resources at the same time via nesting which can result in quicker and more efficient development It also offers good documentation support making it simple to understand and use which makes GraphQL an appealing alternative for modern development Utilising GraphQL ensures that your technical stack is robust and up to date with current trends With GraphQL it is possible for it to be used on both the client and server sides This means that you can choose to create a backend which will fetch the data from the API or you could have it running on the frontend so that you can skip creating a backend altogether In this tutorial we will use it on the front so there will be no need to create an Express js backend server Another essential part of modern developer technical stacks is Docker Let s keep reading and see how Docker can help us with our projects Having a Docker development environmentDocker development involves more than just setting up a single development environment It is about ensuring that your whole development process can be efficiently replicated reused and automated With the proper configuration you ll be able to swiftly and consistently build various settings eventually saving time and money in the long run Docker allows developers to bundle their apps into containers that contain all of the essential code and dependencies for running them in production You no longer need to wonder whether it works locally and will also work when it goes live These containers are lightweight and easy to move across servers allowing you to test new features without affecting old ones Everything is carefully wrapped up together The last section we will cover before we start building our app will be Preevy Let s learn how this new tool can help us to provision our preview environments Setting up Preevy to provision preview environmentsPreevy is created by LiveCycle and is used to assist development teams in improving their code review operations by offering a simple and affordable approach to building temporary environments for each branch These are also referred to as Preview Environments Before merging changes on a branch we can use preview environments to test check and see changes With Preevy the difficulty of installing preview environments is decreased considerably allowing all developers with a basic understanding of Docker to use it We can create a development version via a URL which is typically appended to each pull merge request With this setup we will have a version which is only for development and not production to play around with We will need to create an account with Amazon AWS so that we can use AWS Lightsail for the deployment When using the aws lightsail driver Preevy can deploy virtual machines on AWS Lightsail AWS Lightsail is Amazon s low cost option for cloud based virtual machines AWS lightsail deployment time for a VM is typically under minutes and its monthly cost can be as cheap as making them perfect for large scale preview settings We now have a much greater understanding of what makes up a modern JavaScript full stack application It s time for us to start building our app so let s get to it Building and deploying our applicationThe app that we are going to build is an e commerce website like Amazon It will be a basic example with a few page routes two of which will require GitHub or Google authenticated sign in before you can see the data on the pages We will be using hard code data in place of a database layer just to make things easier in this project If this was a production level application then we would set up a real database layer There is no CRUD functionality this app has page routing and the logic for logging in and out of authenticated routes It is easy enough to create your own more advanced applications once you understand these fundamentals In addition we are also going to be using the most up to date and latest App Router feature in Next js which replaces the older Pages Router setup So we get a feel for using the latest syntax and codebase Next js has available to us Vercel will get priority in the code because they are the creators of Auth js although we will cover Netlify deployments later Firstly ensure that you are aware of the prerequisites and that you have your developer environment set up PrerequisitesNode jsNext jsAuth jsApollo GraphQLDockerAmazon Web Services AWS for AWS Lightsail deployments with PreevyAWS CLI PreevyGitHub and Google account for setting up authenticationVercelNetlifyWith the prerequisites out of the way let us now start building our app in the upcoming section Building the appFirstly navigate to a directory on your computer like on the desktop so that we have a location to use for creating our project Now run these commands to set up our project using Next js mkdir store projectcd store projectnpx create next app my appThese are the settings I used Would you like to use TypeScript with this project …No YesWould you like to use ESLint with this project …No YesWould you like to use Tailwind CSS with this project …No YesWould you like to use src directory with this project …No YesUse App Router recommended …No YesWould you like to customize the default import alias …No YesNow we are going to create the files and folders that we will be using for this project run the following commands touch dockerignore env gitignore docker compose ymlcd my apptouch env local Dockerfilecd src appmkdir account account account account rewardsmkdir api api auth api auth nextauth mkdir components delivery graphql queries utilstouch account account page js account account page module csstouch account rewards page js account rewards page module csstouch api auth nextauth route jstouch components MainMenu js components mainmenu module css components Provider jstouch delivery page js delivery page module csstouch graphql route jstouch queries clientQueries jstouch utils cors js utils withApollo jstouch not found js page module csscd We should now be in the root folder for my app so now we will install some packages for the project so run these commands here npm i apollo client apollo server as integrations next graphql graphql tag next authWith our basic setup done for our project we can now focus on adding the code to our files which we will do now This step can be tedious but we will be almost done afterwards this is the longest step We will save the env and env local files until last because they require some extra steps to be done first Open the store project folder in your code editor and add this code to the dockerignore file and the gitignore file in the root folder See for more about ignoring files dependencies node modules pnp pnp js testing coverage next js next out production build misc DS Store pem debugnpm debug log yarn debug log yarn error log local env files env local vercel vercel typescript tsbuildinfonext env d tsNext add this code to the docker compose yml file version services my app container name my app build context my app dockerfile Dockerfile environment NEXTAUTH URL NEXTAUTH URL NEXTAUTH SECRET NEXTAUTH SECRET GITHUB ID GITHUB ID GITHUB SECRET GITHUB SECRET GOOGLE ID GOOGLE ID GOOGLE SECRET GOOGLE SECRET volumes my app src app src my app public app public restart always ports Put this code in the Dockerfile FROM node alpineWORKDIR app Install dependencies based on the preferred package managerCOPY package json yarn lock package lock json pnpm lock yaml RUN if f yarn lock then yarn frozen lockfile elif f package lock json then npm ci elif f pnpm lock yaml then yarn global add pnpm amp amp pnpm i Allow install without lockfile so example works even without Node js installed locally else echo Warning Lockfile not found It is recommended to commit lockfiles to version control amp amp yarn install fiCOPY src srcCOPY public publicCOPY next config js Next js collects completely anonymous telemetry data about general usage Learn more here Uncomment the following line to disable telemetry at run time ENV NEXT TELEMETRY DISABLED Note Don t expose ports here Compose will handle that for us Start Next js in development mode based on the preferred package managerCMD if f yarn lock then yarn dev elif f package lock json then npm run dev elif f pnpm lock yaml then pnpm dev else yarn dev fiNow we will replace the code inside of next config js with this so the app router feature is configured type import next NextConfig const nextConfig output standalone module exports nextConfig experimental appDir true module exports nextConfig Moving on let s do the files inside of the src app directory now Add this to account account page js use client import useSession signIn signOut from next auth react import useQuery from apollo client import GET ACCOUNT from queries clientQueries import withApollo from utils withApollo import MainMenu from components MainMenu import styles from page module css const Account gt const loading error data useQuery GET ACCOUNT const data session status useSession const userEmail session user email if loading return lt gt lt MainMenu gt lt div className container gt lt h gt Loading lt h gt lt div gt lt gt if error return lt gt lt MainMenu gt lt div className container gt lt h gt Oh no there is an error lt h gt lt div gt lt gt if status loading return lt div gt Please wait lt div gt if status authenticated return lt gt lt MainMenu gt lt div className container gt lt div className styles signinflow gt lt p gt Signed in as userEmail lt p gt lt button onClick gt signOut className styles signinflowbtn gt Sign out lt button gt lt div gt loading amp amp error amp amp lt div gt data account map account gt lt div key account id gt lt h gt account name lt h gt lt p gt User ID account id lt p gt lt p gt Country account country lt p gt lt p gt Giftcard ID account giftCardId lt p gt lt p gt Address account address lt p gt lt div gt lt div gt lt div gt lt gt return lt gt lt MainMenu gt lt div className container gt lt div className styles signinflow gt lt button onClick gt signIn className styles signinflowbtn gt Sign in lt button gt lt p gt You are not currently signed in Sign in here to view your profile lt p gt lt div gt lt div gt lt gt export default withApollo Account Put this in account account page module css signinflow background color padding rem color ffffff signinflowbtn border none padding rem background febd font weight bold cursor pointer margin rem For the rewards page add this to account rewards page js use client import useSession signIn signOut from next auth react import useQuery from apollo client import GET REWARDS from queries clientQueries import withApollo from utils withApollo import MainMenu from components MainMenu import styles from page module css const Rewards gt const loading error data useQuery GET REWARDS const data session status useSession const userEmail session user email if loading return lt gt lt MainMenu gt lt div className container gt lt h gt Loading lt h gt lt div gt lt gt if error return lt gt lt MainMenu gt lt div className container gt lt h gt Oh no there is an error lt h gt lt div gt lt gt if status loading return lt div gt Please wait lt div gt if status authenticated return lt gt lt MainMenu gt lt div className container gt lt div className styles signinflow gt lt p gt Signed in as userEmail lt p gt lt button onClick gt signOut className styles signinflowbtn gt Sign out lt button gt lt div gt loading amp amp error amp amp lt div className styles vouchercontainer gt data rewards map vouchers gt lt div key vouchers id className styles voucher gt lt div gt lt div gt lt p gt Type vouchers savingType lt p gt lt p className styles voucherdescription gt vouchers description lt p gt lt div gt lt div gt lt div gt lt div gt vouchers info map data gt lt div gt lt p gt Expiration Date data valid lt p gt lt p gt Code lt span className styles vouchercode gt data code lt span gt lt p gt lt div gt lt div gt lt div gt lt div gt lt div gt lt div gt lt gt return lt gt lt MainMenu gt lt div className container gt lt div className styles signinflow gt lt button onClick gt signIn className styles signinflowbtn gt Sign in lt button gt lt p gt You are not currently signed in Sign in here to view your rewards lt p gt lt div gt lt div gt lt gt export default withApollo Rewards This goes in account rewards page module css signinflow background color padding rem color ffffff signinflowbtn border none padding rem background febd font weight bold cursor pointer margin rem vouchercontainer display flex flex flow row nowrap justify content center margin top rem voucher background ffffff border px solid black padding rem width voucherdescription color rgb font weight bold vouchercode color rgb font weight bold media screen and max width px vouchercontainer flex flow row wrap We will add this code to api auth nextauth route js import NextAuth from next auth import GithubProvider from next auth providers github import GoogleProvider from next auth providers google export const handler NextAuth providers GithubProvider clientId process env GITHUB ID clientSecret process env GITHUB SECRET GoogleProvider clientId process env GOOGLE ID clientSecret process env GOOGLE SECRET export handler as GET handler as POST The components folder is next Put this code in components MainMenu js import Link from next link import styles from mainmenu module css export default function MainMenu return lt nav className styles mainmenu gt lt Link href className styles link gt e store lt Link gt lt Link href delivery className styles link gt Delivery lt Link gt lt Link href account rewards className styles link gt Rewards lt Link gt lt Link href account account className styles link gt Account lt Link gt lt nav gt Remaining in the same folder this is for components mainmenu module css mainmenu background color fe padding rem display flex flex flow row nowrap justify content space around link color ffffff text decoration none And this is going into components Provider js use client import SessionProvider from next auth react const Provider children gt return lt SessionProvider gt children lt SessionProvider gt export default Provider The file inside of delivery page js gets this code use client import MainMenu from components MainMenu import styles from page module css export default function Nutrition return lt gt lt MainMenu gt lt div className container gt lt h gt Frequently Asked Questions lt h gt lt div className styles faqcontent gt lt h gt Is free shipping on purchases over available on all products lt h gt lt p gt Things sold and delivered by e store are eligible as are things sold by marketplace sellers when e store is the dispatcher You can combine qualifying goods worth less than to produce an order worth more than and qualify for free delivery lt p gt lt div gt lt div className styles faqcontent gt lt h gt How can I order and pick up from an e store Hub Locker or Gateway lt h gt lt p gt When you re all set to place your order choose e store Hub as your delivery address We will send you an acknowledgement message with a barcode once your delivery arrives Simply go to your chosen Locker or Gateway to pick up your package Have your pickup message of confirmation with the barcode available when you arrive You will scan the barcode yourself at the Locker at the Gateway the store clerk will check it before handing you your product There is no need to provide identification while picking up lt p gt lt div gt lt div gt lt gt And the CSS for delivery page module css faqcontent margin bottom rem Let s do our GraphQL route file with our data Put this in graphql route js import ApolloServer from apollo server import startServerAndCreateNextHandler from as integrations next import gql from graphql tag import allowCors from utils cors const account id rfdjkryewfgh name Mark Thomas country United States giftCardId dfviuhbbwerdfvhwedfqdfqwf address Maple Avenue Austin TX const rewards id savingType Voucher description Save at checkout info valid code wdfeqwhfewhfh id savingType Voucher description Save at checkout info valid code erfgerwgergewgewg id savingType Voucher description Save at checkout info valid code fgwerfyytga id savingType Voucher description Save at checkout info valid code erdfrgdfsgerwerwge id savingType Voucher description Save at checkout info valid code gerwffjhey Define the GraphQL schema and resolversconst typeDefs gql type Rewards id String savingType String description String info Rewards type Rewards valid String code String type Account id String name String country String giftCardId String address String type Query rewards Rewards account Account const resolvers Query rewards gt rewards account gt account Create the Apollo Serverconst server new ApolloServer typeDefs resolvers const handler startServerAndCreateNextHandler server context async req res gt req res export async function GET request return handler request export async function POST request return handler request export default allowCors handler Following that file we have this code with our GraphQL queries which goes in queries clientQueries js import gql from apollo client const GET ACCOUNT gql query account id name country giftCardId address const GET REWARDS gql query rewards id savingType description info valid code export GET ACCOUNT GET REWARDS Almost done just a few files remain Now onto the utility files Add this code to utils cors js const allowCors fn gt async req res gt res setHeader Access Control Allow Credentials true res setHeader Access Control Allow Origin res setHeader Access Control Allow Origin req headers origin res setHeader Access Control Allow Methods GET OPTIONS PATCH DELETE POST PUT res setHeader Access Control Allow Headers X CSRF Token X Requested With Accept Accept Version Content Length Content MD Content Type Date X Api Version if req method OPTIONS res status end return await fn req res export default allowCors Now this code will go inside of utils withApollo js import ApolloClient InMemoryCache ApolloProvider from apollo client import useMemo from react import SessionProvider from next auth react export function initializeApollo initialState null const apolloClient new ApolloClient Local GraphQL Endpoint uri http localhost graphql Add your Preevy GraphQL Endpoint uri Add your Vercel GraphQL Endpoint uri Add your Netlify GraphQL Endpoint uri cache new InMemoryCache restore initialState return apolloClient export function useApollo initialState const store useMemo gt initializeApollo initialState initialState return store export default function withApollo PageComponent const WithApollo apolloClient apolloState session pageProps gt const client useApollo apolloState return lt SessionProvider session session gt lt ApolloProvider client client gt lt PageComponent pageProps gt lt ApolloProvider gt lt SessionProvider gt On the server if typeof window undefined WithApollo getInitialProps async ctx gt const apolloClient initializeApollo let pageProps if PageComponent getInitialProps pageProps await PageComponent getInitialProps ctx if ctx res amp amp ctx res finished When redirecting the response is finished No point in continuing to render return pageProps const apolloState apolloClient cache extract return pageProps apolloState return WithApollo Let s finish the last few files now Replace all the CSS in globals css with this one before after margin padding box sizing border box html font size px body background eee font family Istok Web sans serif container margin auto width max width rem padding rem Replace the code in layout js with this code import globals css import Istok Web from next font google const istok Istok Web subsets latin weight export const metadata title e store App description Generated by create next app export default function RootLayout children return lt html lang en gt lt body className istok className gt children lt body gt lt html gt This goes into not found js use client import MainMenu from components MainMenu export default function NotFound return lt gt lt MainMenu gt lt div className container gt lt h gt Page Not Found lt h gt lt div gt lt gt We will put this code in our homepage file which is the page js file in the app folder so replace it with this code you see here use client import styles from page module css import MainMenu from components MainMenu export default function Home return lt gt lt MainMenu gt lt div className container gt lt main className styles maincontent gt lt div className styles contentbox gt lt h gt Sony WH XM Noise Cancelling Wireless Headphones lt h gt lt p gt For total convenience these Bluetooth headphones can be paired with two devices at the same time lt p gt lt div gt lt div className styles contentbox gt lt h gt PlayStation Console lt h gt lt p gt The PS console unleashes new gaming possibilities that you never anticipated lt p gt lt div gt lt div className styles contentbox gt lt h gt Xbox Series X lt h gt lt p gt Introducing Xbox Series X the fastest most powerful Xbox ever lt p gt lt div gt lt div className styles contentbox gt lt h gt SanDisk Extreme Pro TB Portable NVMe SSD lt h gt lt p gt A forged aluminum chassis acts as a heat sink to deliver higher sustained speeds in a portable drive that s tough enough to take on any adventure lt p gt lt div gt lt div className styles contentbox gt lt h gt Apple MacBook Pro laptop M Pro lt h gt lt p gt Take on demanding projects with the M Pro or M Max chip lt p gt lt div gt lt div className styles contentbox gt lt h gt Samsung Inch BU UHD Crystal K Smart TV lt h gt lt p gt Immerse Yourself In Exceptional Colour All In K Dynamic Crystal Colour delivers a new level of UHD allowing you to experience a billion shades of colour for a lifelike vivid picture lt p gt lt div gt lt main gt lt div gt lt gt And lastly this goes into the page module css file in the app folder contentbox background color ffffff padding rem width max width rem margin rem rem rem maincontent display flex flex flow row nowrap justify content center padding rem media screen and max width px maincontent flex flow row wrap Thats it The main files are completed It s time to deal with those ENV files now this is where we will set our environment variables so that we can get the authentication working on restricted routes The account and rewards page will have an authentication layer on them Authentication setupOur application uses Auth js for authentication It s possible to have many different sign in providers for your application This app is set up to use GitHub and Google logins You need an ID and secret key from GitHub and Google which we will then put in our ENV files Read the documentation and find your ID and secrets In my opinion it is much easier to do it with GitHub and you only need one of them to work so that you can see the authentication working in the app GitHub Auth setupGoogle Auth setupMake sure that you pay attention to the Authorization callback URL It will look different depending on where your app is running and you will need to update or change it on GitHub and Google otherwise the authenticated pages won t get access See the examples below for GitHub Localhost URL http localhost api auth callback githubPreevy URL Vercel URL When you have your ID and secrets add them to both ENV files so env and env local We need two because one is for local development and the other is for production Just copy the same code into both See the example below and modify it with your ID and secrets Just two more things to mention we need a secret for our NEXTAUTH SECRET variable it can be anything you want Just randomly generate a string of characters like you would for a secure password The NEXTAUTH URL is required for Preevy deployments without it the authentication will go to localhost when it s deployed online which is incorrect and will stop the page loading In some cases we can get the authentication to work without having the NEXTAUTH URL variable in the ENV file altogether But it will only work on localhost Docker and Vercel so it s safer to just keep it in there We have set NEXTAUTH URL to http localhost because that is where we will run our app first NEXTAUTH SECRET yoursecret NEXTAUTH URL http localhost GITHUB ID yourid GITHUB SECRET yoursecret GOOGLE ID yourid GOOGLE SECRET yoursecret The NEXTAUTH URL variable will need to be changed depending on where our app is hosted and running See the examples here Localhost URL NEXTAUTH URL http localhost Preevy URL NEXTAUTH URL Vercel URL NEXTAUTH URL Everything should be complete now so let s run our app Running our app locallyTo run our app locally go inside the my app folder and run this command npm run devThe GraphQL Apollo Server endpoint is here http localhost graphql so we can test our GraphQL queries in development We can also change this endpoint inside of the file in the directory utils withApollo js This becomes important when our app is online on Preevy and Vercel To run our app inside of Docker first make sure Docker is running on your computer Stop the other local development server from running first because you can t have two applications using port Then run this command inside of the store project root folder with the docker compose yml file docker compose upNow let s see how to get it to work as a preview environment on Preevy Creating a preview build on PreevyYou can follow the Preevy set up in the official documentation and take a look at the Preevy GitHub for more setup instructions In this tutorial we are using AWS Lightsail as our cloud host The main Preevy commands are preevy init Add a flag and an id like preevy up id Make sure that you add an id flag and a number afterwards otherwise it could throw an error Update the Authorization callback URL on GitHub and Google so it matches the Preevy URL that was generated and don t forget to change the NEXTAUTH URL variable in the ENV file to the generated Preevy URL like this example NEXTAUTH URL Also can change the GraphQL endpoint inside of the file in the directory utils withApollo js to the URL endpoint for Preevy Run the command preevy up id to push the latest changes again We have done so much already it s now time to finish it off with deployment so let s work on that in the final section Deploying our app on VercelThe Vercel setup is pretty straightforward Firstly create a repository on GitHub I named mine store project and then run the GIT commands inside of the my app folder to push it to GitHub See this GIT code example here git initgit add git commit m first commit git branch M maingit remote add origin git push u origin mainThen sign into Vercel and Add a new project Next import the repository you just created On the next screen configure your project and there is an option for environment variables so add all the environment variables in the ENV file to Vercel and then hit the deploy button Our app should be live on Vercel However the authenticated routes won t work yet we have to make some updates to the code like before Update the Authorization callback URL on GitHub and Google so it matches the Vercel URL that was generated this is the first step to get the authenticated pages working See the example here Homepage URLAuthorization callback URLNext update the NEXTAUTH URL variable on Vercel to the URL that Vercel generated for your app You will find it under Settings gt Environment Variables see the image for reference And finally like before don t forget to also change the GraphQL endpoint inside of the file in the directory utils withApollo js to the URL endpoint for Vercel export function initializeApollo initialState null const apolloClient new ApolloClient Local GraphQL Endpoint uri http localhost graphql Add your Preevy GraphQL Endpoint uri Add your Vercel GraphQL Endpoint uri Add your Netlify GraphQL Endpoint uri cache new InMemoryCache restore initialState return apolloClient Now push the latest changes back to GitHub so that Vercel can rebuild your codebase with the new Vercel URL Assuming you did everything correctly you should now see working authenticated routes for your app deployed on Vercel So with Vercel deployment complete let s do Netlify now Deploying our app on NetlifySign into Netlify and then import an existing project Next connect to your GitHub and import the project you created Once again add in those ENV variables and hit deploy And just like before our app should be live on Netlify We have the same problem as before though the authenticated routes won t work yet we have to make some updates to the code like the previous section Firstly like in the Vercel example update the Authorization callback URL on GitHub and Google so it matches the Netlify URL that was generated for your app Next update the NEXTAUTH URL variable on Netlify to the URL that Netlify generated for your app You will find it under Site settings gt Environment Variables see the image for reference And just like we did before don t forget to also change the GraphQL endpoint inside of the file in the directory utils withApollo js to the URL endpoint for Netlify export function initializeApollo initialState null const apolloClient new ApolloClient Local GraphQL Endpoint uri http localhost graphql Add your Preevy GraphQL Endpoint uri Add your Vercel GraphQL Endpoint uri Add your Netlify GraphQL Endpoint uri cache new InMemoryCache restore initialState return apolloClient Finally push the latest changes back to GitHub so that Netlify can rebuild your codebase with the new Netlify URL Assuming you did everything correctly you should now see working authenticated routes for your app deployed on Netlify If the authenticated route goes to http localhost api auth callback github or http localhost api auth callback google then in the Deploys section on Netlify press the Trigger deploy button and select Clear cache and deploy site and that should fix the error We are done Our application is complete and we have a version deployed online on Vercel and Netlify good job It might not be obvious but it s worth noting that the authentication part of our app will only work on Vercel or Netlify not both at the same time We would have to duplicate the codebase and create a unique app for them on GitHub and Google to get them to work at the same time ConclusionTo summarise current web development is an ever changing profession that necessitates a grasp and command of a variety of tools and technologies The ones we ve looked at in this article Next js Auth js databases GraphQL Docker and Preevy aren t exhaustive but they re nonetheless important in modern web development settings Vercel and Netlify are some of the many serverless deployment platforms that make it easy for us to deploy our production applications online so that the world can access them With its hybrid static and server rendering Next js provides a solid platform for developing scalable high performance apps Auth js simplifies the difficult work of user authentication allowing developers to quickly add secure login features Our database study revealed the need for organised data storage and retrieval and GraphQL shone as an alternative to REST for developing flexible and efficient APIs Docker an essential technology for building isolated environments is at the heart of today s software development and deployment cycle Finally Preevy an emerging player in the pre provisioning preview environment for static sites can accelerate development build testing considerably Each of these technologies has distinct advantages and applications The true value of these tools however is in their combination when utilised successfully together these tools can allow developers to design extremely efficient performant secure and scalable online applications Mastering these technologies is no easy task it takes time effort and a lot of practice However the payoff is well worth the effort By becoming proficient in these tools you are not only providing yourself with the abilities required to flourish in the present web development scene but you are also preparing yourself for the future as these technologies advance and influence the world of web development So keep researching keep learning and bear in mind that mastery in web development is a path of ongoing learning and adaptability 2023-07-19 14:41:17
海外TECH DEV Community Is manual testing a good choice in 2023? https://dev.to/campkathleen3/is-manual-testing-a-good-choice-in-2023-g60 Is manual testing a good choice in Many organizations still embrace the manual testing domain because there is a certain sort of assurance provided in specific product or application development scenarios The platform of manual testing has its tactical value in the software development process The dynamically changing Graphic User Interface GUI designs are easily tested using this platform The manual tester can easily interact with the application or product that is being developed and judge the product or application from a real user s perspective and thus conduct user experience testing more effectively What is manual testing It is a testing method that ensures the software product or application is being developed as per the requirement specification document The bugs and issues that are encountered are fixed accordingly Manual testing is carried out manually with a manual tester Following are the key factors that depict why manual testing will be a good choice in The significance of user experience Through the automation platform human behavior cannot be fully emulated For the purpose of carrying out user experience testing manual testing comes into perspective because such user behaviors can be imitated and the software product or application that is being built is analyzed according to the requirements and needs of the users In order to scale up user experience UX activities the platform of manual testing is required Hence a well defined manual test strategy must be charted out Small scale projects It is considered to be a resource intensive process for an automated testing system to be constructed and deployed Automated testing will have higher overhead costs when compared to manual testing Though automated tests such as cypress automation testing is good but then it is resource intensive and can be used effectively in large scale projects For carrying out small scale development projects a manual test is considered to be a feasible and cost effective option Manual testing is cheaper compared to automated testing Though automated tests such as cypress automation testing are valuable testing options but those organizations with tight budget constraints cannot go for it As automation tests are expensive to conduct and the maintenance costs can also be high hence the platform of manual tests can be leveraged Effective testing can be done According to preset rules the software s behavior and functioning can be evaluated through fixed and predetermined procedures by the automated testing platform This process is carried out at a faster pace and if any customization is mistakenly not taken into consideration then it can result in minute defects getting ignored These defects bugs can be removed by adding an additional layer of security through a manual testing platform The future of manual testing Manual testing is tactically significant because of its operational and modification developments There will be a need for manual testers who are interested in learning new technologies and scaling up their testing skills Many organizations consider those developers valuable who have a certain amount of expertise in manual testing Development concepts such as sorting algorithms should be learned and implemented by manual testers Those developers who can perform unit and functional testing are preferred Upon that a bug free software product or application can only be released with at least some amount of human intervention For sustainability manual testing is considered to be an important parameter Conclusion If you are looking forward to implementing manual testing for your specific project then do get connected with a professionally acclaimed software testing services company that will provide you with a tactical testing strategy that is in line with your project specific requirements 2023-07-19 14:39:19
海外TECH DEV Community The Ultimate Comparison: Ant Design vs Material# Ant Design vs Material UI: Which React UI Library to Choose https://dev.to/idurar/the-ultimate-comparison-ant-design-vs-material-ant-design-vs-material-ui-which-react-ui-library-to-choose-2mkd The Ultimate Comparison Ant Design vs Material Ant Design vs Material UI Which React UI Library to ChooseWe are Proudly using it as an Ant Design check it out IDURAR Open source ERP CRM built with Node js React jsIDURAR is Open Source ERP CRM Invoice Inventory Accounting HR Based on Mern Stack Node js Express js MongoDb React js with Ant Design AntD and ReduxGitHub Repository React is a popular JavaScript library that is widely used for building user interfaces When it comes to building React projects having a UI library with pre built components can save developers a lot of time and effort Two of the most commonly used React libraries are Ant Design and Material UI Both libraries offer a comprehensive set of pre built components and have a large community of developers In this article we ll compare Ant Design and Material UI in terms of design principles components and features customization options and performance and scalability We ll also discuss use cases for each library and their pros and cons so that you can decide which library is best suited for your project Background on Ant DesignAnt Design is an open source design system that was launched by Alibaba Group in It has gained immense traction among React developers due to its comprehensive set of pre built UI components and its use of Chinese user interface design principles and guidelines The library contains an array of components such as form controls navigation elements and data visualization tools that are essential for creating beautiful designs with ease One of the advantages of using Ant Design is its simplicity The library presents a set of hooks and components to be utilized with functional components inside React Furthermore you can access a large collection of modification options that allow you to alter the appearance and behaviour aspects of these elements as you wish Ant Design also offers excellent documentation which makes it easy for developers to get started The documentation is well organized and the code snippets are easy to understand Additionally the library has a large community of developers who contribute to its development making it a reliable and robust library for React projects Example IDURAR GitHub Repository IDURAR Website Background on Material UIMaterial UI is another popular open source library for building React applications It was launched in and has since become one of the most widely used UI libraries for React Material UI provides a comprehensive set of pre built components that are based on Google s Material Design guidelines These components are highly customizable and can be used to create modern and responsive user interfaces One of the benefits of using Material UI is its focus on accessibility The library offers a range of accessibility features such as support for screen readers and keyboard navigation Additionally Material UI has excellent documentation and a large community of developers who contribute to its development Material UI also offers a wide range of customization options allowing developers to easily modify the appearance and behaviour of their components The library has an extensive set of CSS classes and styles that developers can use to customize their components Additionally Material UI supports theming which allows developers to create a consistent look and feel throughout their application Example Crema Website Material UI GitHub Repository Design PrinciplesAnt Design and Material UI have different design principles that are reflected in their components and styles Ant Design uses Chinese design principles and guidelines while Material UI is based on Google s Material Design guidelines Ant Design s design principles are centred around simplicity elegance and consistency The library aims to provide a set of UI components that are easy to understand and use Ant Design s components are designed to be highly customizable allowing developers to easily modify the appearance and behaviour of their components Material UI s design principles are focused on material design which is based on the use of grid based layouts responsive animations and transitions The library s components are designed to be highly modular allowing developers to easily combine them to create complex UIs Material UI components are also highly customizable and the library has an extensive set of CSS classes and styles that developers can use to modify the appearance of their components Components and FeaturesAnt Design and Material UI both offer a wide range of pre built components for building user interfaces Ant Design has a comprehensive set of components such as form controls navigation elements and data visualization tools Material UI also offers a wide range of components including buttons forms dialogues and data tables One of the advantages of Ant Design is its support for internationalization in The library provides built in support for multiple languages making it easy to create applications that can be used by people from all over the world Ant Design also offers a range of data visualization components such as charts and graphs which can be used to create informative and visually appealing interfaces Material UI components are highly modular which makes it easy to create complex UIs by combining different components The library also offers a wide range of customization options allowing developers to modify the appearance and behaviour of their components Additionally Material UI has a built in grid system that makes it easy to create responsive layouts Customization OptionsBoth Ant Design and Material UI offer a wide range of customization options for their components Ant Design provides a large collection of modification options that allow you to alter the appearance and behaviour aspects of its components as you wish The library also supports theming which allows developers to create a consistent look and feel throughout their applications Material UI also offers a wide range of customization options The library has an extensive set of CSS classes and styles that developers can use to modify the appearance of their components Additionally Material UI supports theming allowing developers to create a consistent look and feel throughout their applications Performance and ScalabilityWhen it comes to performance and scalability both Ant Design and Material UI are highly performant and scalable Ant Design has been optimized for performance and its components are designed to be highly efficient Additionally the library is lightweight and has a small footprint which makes it a good choice for applications that require fast load times Material UI also has good performance and scalability The library s components are optimized for performance and the library has been designed to be highly efficient Additionally Material UI has been designed to work well with other libraries and frameworks making it a good choice for large scale applications Use CasesAnt Design and Material UI are both great choices for building React applications However they have different use cases Ant Design is a good choice for applications that require a consistent and elegant design The library s components are highly customizable which makes it easy to create unique and visually appealing interfaces Additionally Ant Design s support for internationalization makes it a good choice for applications that need to be used by people from all over the world Material UI is a good choice for applications that require a modern and responsive design The library s components are highly modular which makes it easy to create complex UIs Additionally Material UI s support for accessibility makes it a good choice for applications that need to be accessible to people with disabilities Pros and ConsBoth Ant Design and Material UI have their pros and cons Ant Design s pros include its simplicity elegant design and support for internationalization However the library s cons include its lack of customization options and its limited support for accessibility Material UI s pros include its focus on accessibility its extensive set of customization options and its modular design However the library s cons include its large footprint and its potential for performance issues in large scale applications ConclusionWhen it comes to choosing between Ant Design and Material UI there is no clear winner Both libraries offer a comprehensive set of pre built components and have a large community of developers Choosing between the two libraries ultimately depends on your project s requirements If your project requires a consistent and elegant design Ant Design may be the better choice If your project requires a modern and responsive design Material UI may be the better choice Additionally if accessibility is a concern Material UI may be the better choice due to its focus on accessibility 2023-07-19 14:15:34
海外TECH DEV Community GitHub Pages Wizardry: A Beginner's Guide to Deploying Your Website on a Custom Domain 🪄 https://dev.to/nessakodo/github-pages-wizardry-a-beginners-guide-to-deploying-your-website-on-a-custom-domain-5154 GitHub Pages Wizardry A Beginner x s Guide to Deploying Your Website on a Custom Domain 🪄Hey devs prepare to enchant the web with your website GitHub Pages is our spellbook and together we ll get your project deployed to a custom domain in no time First Things First Initializing gh pagesBefore we dive into the enchanting world of GitHub Pages make sure you ve already created the gh pages branch Don t worry it s not as complicated as casting spells Just follow these commands git checkout orphan gh pagesgit reset hardgit commit allow empty m Initializing gh pages branch git push origin gh pagesgit checkout mainAlright now you ve got the GitHub Pages potion ready to work its magic ‍ ️ Hostinger amp GitHub Web Magic Unleashed Note This guide is tailored to using a domain bought on Hostinger for your GitHub Pages project While other domain services may follow a similar process remember that each magical journey may have its unique twists if you re using something other than Hostinger But fear not the fun remains the same Please keep in mind that when deploying your project with GitHub Pages the deployed page s URL is typically formatted as yourname github io projectname using your GitHub username and repository name However by utilizing a repository named yourusername github io you can host your project directly under your custom domain without the need for a project name in the URL Step A Magical Visit to Hostinger Domain DNS ️To embark on our journey we first need to visit the realm of Hostinger domain DNS settings Don t worry you won t need a special invitation Just go to replace yourdomain com with your actual domain of course This is where the real magic begins Step Abracadabra Deleting Old Records ️In the domain s mystical records you ll find a CNAME spell already cast But we ll need to delete this existing record to make room for our GitHub Pages magic While we re at it any default A type records should vanish into thin air as well Step Summoning New CNAME SpellsNow it s time to weave some new spells We need two CNAME incantations The first spell will point www yourdomain com to github io The second spell will point yourdomain com to github io Simply chant the following while making the additions Spell CNAME Type CNAME Name www Points to github io TTL can be left as default This is for when someone types www yourdomain com Spell ALIAS For APEX domains or when someone simply types yourdomain com enter another CNAME with Name and Points to github io The DNS records will automatically set an ALIAS type and voilà Step Enchanting the GitHub Pages IP Addresses ️We re not done yet To make sure your GitHub Pages site can be seen far and wide we ll add the necessary IP addresses Recite these magical lines and watch the changes take effect Feel free to use the below code to copy amp paste Step Sealing the Deal with Your Custom Domain ️We re almost there The final step is to add your custom domain to GitHub Pages Head over to your GitHub repository open the Settings tab and then the Pages tab Now cast your custom domain spell into the Custom domain field Casting Custom Domain Spell Custom Domain Spell Successful Oh and one more thing If you re using a special static site generator like wielding a powerful wand you ll need to manually add your custom domain to the public folder Create a spellbinding file named public CNAME notice the capital letters no extensions with the incantation of your domain yourdomain com The Finale Reveal Your Enchanted Website Once you ve completed these mesmerizing steps your website will come alive Your visitors can now explore your creations by visiting How magical is that Troubleshooting Unraveling MysteriesIf you re facing a puzzling issue with your custom domain fear not I ve encountered a few tricky situations during my own magical journeys Here are some secret remedies that might help you too Secret Remedy create docs CNAME 🪄In the root of your project create a folder named docs Inside the docs folder conjure a file named CNAME with no other spells but the name itself Secret Remedy create index html 🪄As an extra measure in the root folder create an empty file named index html it s fine if you already have one add a new one anyway Remember these remedies are primarily for deploying a React app to GitHub Pages and then to a custom domain But don t hesitate to give them a try if you re using other enchanting spells Now go forth beginner developers and let your websites shine bright like the stars in the code filled sky Happy coding For further information visit the GitHub documentation for using a custom domain with GitHub pages Conclusion ️Congratulations brave developers on completing this enchanting journey of hosting and deploying with Hostinger amp GitHub Pages You ve harnessed the power of GitHub Pages to share your creations with the world and with Hostinger s domain magic your website now proudly stands under your custom domain As you continue your coding adventures remember that hosting and deploying are just the beginning of an exciting quest in the vast realm of web development Embrace the joy of learning the thrill of exploration and the camaraderie of the coding community So go forth fellow adventurers and let your websites soar high spreading the magic of your creativity across the web Until we meet again on another coding quest happy coding and may the web be ever in your favor I hope that in some way this has helped you in your development journey If you have any questions or would like to be in touch feel free to message me or comment below Instagram Twitter Discord ʕっ•ᴥ•ʔっThanks for reading Love NESSA KODO 2023-07-19 14:14:43
海外TECH DEV Community What is OWASP Top 10, and do you need it to secure your application? https://dev.to/aikidosecurity/what-is-owasp-top-10-and-do-you-need-it-to-secure-your-application-2840 What is OWASP Top and do you need it to secure your application In the rapidly shifting digital landscape application security is a necessity One of the most effective ways to bolster your application s security is by evaluating it with the OWASP Top But what exactly is the OWASP Top and why should it matter to you What is the OWASP Top The Open Web Application Security Project OWASP is a nonprofit foundation that strives to make software on the web more secure Their Top is a widely recognized report that outlines the most critical web application security risks It s essentially a checklist of the most common weaknesses that could make your application a target for cyber threats Why should you care about the OWASP Top The OWASP Top is all about risk management Addressing the vulnerabilities highlighted in the OWASP Top helps you mitigate the risk of a security breach develop safer code and create a more secure application Following the OWASP Top is also a smart move to adhere to regulatory standards and give users faith in your commitment to security best practices If your application handles sensitive data your users want to know that it is safe The OWASP checklist is updated about every three or four years and the last update was in Some consolidation renaming and rearranging occur each time as vulnerabilities and threats rise and fall in severity Being aware of current dangers can help you to know where to start and what critical risks need immediate attention Let s take a look at the most recent checklist OWASP Top Web Application Security Risks Broken Access ControlRestrictions on what authenticated users are allowed to do are often not enforced Hackers can exploit these flaws to access unauthorized functionality and or data They might be able to access other user accounts view sensitive files modify or destroy data and change access rights They could even end up with admin rights to the entire system The OWASP Top stresses one essential rule here except for public resources deny by default Cryptographic FailuresMany web applications don t properly protect sensitive data such as credit cards authentication credentials health records and other personal data Attackers can steal or modify weakly protected data to conduct credit card fraud identity theft or other crimes For businesses intellectual property and other business secrets need to be kept safe Make sure to evaluate the protection needs of data in transit and at rest And regularly assess all protocols and algorithms for weaknesses InjectionInjection flaws occur when an application sends untrusted data as part of a command or query Attackers can trick the interpreter into executing unintended commands or accessing unauthorized data leading to data loss corruption or unauthorized access Source code review will help you here as will rigorous use of application security testing tools before deploying to production Insecure DesignOWASP firmly recommends that security needs to start before any coding takes place Design or architectural flaws can doom an application even if it is securely implemented This pre coding phase needs to include more threat modeling secure design patterns and principles and reference architectures It has to involve the balancing of business and technical requirements alongside a cold hard look at business risk profiling Security MisconfigurationThis risk refers to improper implementation of controls to keep application data safe such as errors in security settings software updates server configuration files or application features and pages You can go a long way towards mitigating these risks by keeping a tight ship in the form of a minimal platform Don t include unnecessary features frameworks and components The bottom line according to the OWASP Top is to disable default accounts and passwords make sure that error handling doesn t reveal too much info and keep everything patched and updated Vulnerable and Outdated ComponentsComponents such as libraries frameworks and other software modules run with the same privileges as the application If a vulnerable component is exploited an attack can mean serious data loss or even a complete server takeover You need to know the versions you re using both on the client and server side scan for vulnerabilities regularly and keep track of security bulletins But most importantly OWASP says don t just patch every month or quarter as this leaves your application exposed and at risk Identification and Authentication FailuresIf your application s authentication and session management functions are not implemented correctly attackers can compromise passwords keys or session tokens or exploit other implementation flaws to assume other identities The OWASP Top warns against weak passwords reusing session identifiers weak recovery processes or permitting automated attacks If you can multi factor authentication is the way to go here along with a range of straightforward common sense authentication measures Software and Data Integrity FailuresSoftware and data integrity failures can happen when applications depend on untrusted sources like plugins or libraries Also having insecure CI CD pipelines can lead to unauthorized access or even system compromise Another risk comes from auto update features that don t do enough to verify integrity and insecure ways of organizing data structures To prevent these risks your team should use digital signatures These can confirm the safety of software or data Make sure to only use trusted repositories for libraries and dependencies You should also implement software supply chain security tools to check for known vulnerabilities OWASP suggests maintaining a review process for code and configuration changes and setting up proper access control for the CI CD pipeline Finally don t send unsigned or unencrypted serialized data to clients unless you ve checked it for integrity or added a digital signature Security Logging and Monitoring FailuresInsufficient logging and monitoring combined with missing or ineffective integration with incident response allows attackers to attack systems maintain persistence pivot to more systems and tamper with extract or destroy data Among other measures the OWASP Top suggests that you should log all events like logins and failed logins warnings and errors should generate clear log messages and logs should never only be stored locally Making logging and alerting events visible to a user is also a source of risk Server Side Request ForgeryServer Side Request Forgery SSRF issues occur when a web app fetches data from a remote source without checking the user given URL This can let attackers trick an app into making requests to unwanted places even past network security measures OWASP believes that these issues are becoming more common as modern web apps often need to fetch URLs The risks are becoming more serious because of the use of cloud services and complex systems Again the deny by default approach at the network access level is your friend here And there are a range of application layer measures to take as well I ve written a blog about a real life use case feel free to check it out Why use OWASP Top The OWASP Top is not just a list of problemsーit s a guide to solutions Each item on the checklist includes a section on how to prevent the vulnerability and example attack scenarios that provide developers with practical steps to improve their application s security Securing your application is an ongoing process and new threats emerge all the time By staying vigilant and making security a priority you can keep your application secure and your users safe And for companies the OWASP Top isn t just a checklistーit s a conversation starter It s a tool that brings security to the forefront of the development process fostering a culture of security awareness within your organization By focusing on the OWASP Top you re not just enhancing your application s security you re making security a core part of your development process Aikido automatically scans your environment and gives you your OWASP Top scoreIf you re a cloud native company Aikido now makes it easy for you to scan your development environment for OWASP Top coverage Our testing tools and security reports give you a clear OWASP Top score and an analysis of the measures taken to prevent each vulnerability You can share the reports with stakeholders and use them to get a quick snapshot of what security practices you need to focus on Scan your environment with Aikido right now to get your OWASP Top score 2023-07-19 14:07:39
Apple AppleInsider - Frontpage News Apple TV+ getting new 'Born to be Wild' & 'Endangered Planet' nature docuseries https://appleinsider.com/articles/23/07/19/apple-tv-getting-new-born-to-be-wild-endangered-planet-nature-docuseries?utm_medium=rss Apple TV getting new x Born to be Wild x amp x Endangered Planet x nature docuseriesUpcoming Apple TV docuseries Born to be Wild and Endangered Planet will give audiences a new look into the lives of some of the rarest animals on earth Apple TV Born to be Wild follows six rare young animals for several years as they are raised in captivity to ultimately be re released into the wild The hope is that the animals will be crucial players in helping to save their species Read more 2023-07-19 14:43:18
Apple AppleInsider - Frontpage News Meta's AR glasses are three years behind Apple Vision Pro https://appleinsider.com/articles/23/07/19/metas-ar-glasses-are-three-years-behind-apple-vision-pro?utm_medium=rss Meta x s AR glasses are three years behind Apple Vision ProThe latest setback to Facebook owner Meta s plans for an Apple Vision Pro style headset means a public release is now not expected until Meta s Quest Pro headsetMeta tried stealing Apple s thunder by making a very early pre announcement of a Meta Quest headset days before the unveiling of the Vision Pro It also though tried stealing some thunder in by ordering the entire output of augmented reality displays being made by Plessey Read more 2023-07-19 14:08:13
Apple AppleInsider - Frontpage News Beats Studio Pro arrives with Spatial Audio, massive battery life https://appleinsider.com/articles/23/07/19/beats-studio-pro-arrives-with-spatial-audio-massive-battery-life?utm_medium=rss Beats Studio Pro arrives with Spatial Audio massive battery lifeThe long rumored Beats Studio Pro has become a reality with the over ear headphones providing Active Noise Cancellation and bringing the AirPods Personalized Spatial Audio to the Apple subsidiary Beats Studio Pro family and color choicesRepeatedly appearing in leaks through early the Beats Studio Pro are the latest headphones to emerge from the Apple owned Beats by Dre Rather than in ear devices like the Beats Studio Buds the Pro instead offers a similar package of features in an over ear headphone configuration Read more 2023-07-19 14:31:54
海外TECH Engadget The best mobile gaming controllers for 2023 https://www.engadget.com/best-mobile-game-controllers-140023505.html?src=rss The best mobile gaming controllers for Mobile gaming is serious business now The biggest titles out there are games like Fortnite and Genshin Impact helped along by legions of kids getting their first smartphone Lots of game publishers are putting out console quality experiences on mobile and it s taken time for gaming accessories to catch up But they have and now mobile gamers have a number of controller options to suit their play style We ve sorted through the leading options to highlight the pros and cons of each controller so you can decide which one is the best one for your needs For players who prefer PlayStation style controllers BitDo Pro BitDo has built itself a reputation for versatile gamepads that can work with multiple systems from the Nintendo Switch to the Raspberry Pi And while the Pro is one of our top controllers for the Switch it s also a pretty great option for Android and iOS as well The advantage to using these with your phone is also the free BitDo software that gives you extensive customization options for the buttons it even has more options than you ll find on Nintendo s system Of course being a Bluetooth gamepad means it s easy enough to jump back and forth making this a good investment for people who own multiple portable devices like a Switch Pros PlayStation like design is comfortable configuration software is robust controller is available in multiple colorsCons Not small and would be best carried around in a caseFor players who like Xbox style controllers SteelSeries Nimbus and Stratus While the PlayStation s DualShock design has gained its share of devotees over the years the Xbox gamepad is the stereotypical image of the gamepad in many people s minds as well as the Discord logo So it makes sense that there are a lot more mobile gaming options with that shape and the best ones come from SteelSeries the Nimbus for Apple made devices and the Stratus for Google based devices Android and Chromebook The two controllers are for the most part identical They have shoulder buttons and triggers the d pad is the same and they both include sturdy phone mounts for attaching your device at the top ーthe type that clamps in place automatically Unlike a clamp from a more generic company the one SteelSeries provides with both controllers won t fight you during the process of mounting your phone Pros More players are likely to be familiar with Xbox style controllers both models include sturdy clamps for clipping your phone to the controller Cons You have to buy a different controller based on what OS you re using the controller with the clamp attached is unwieldyFor players who want to turn their Android phone into a Switch or Steam Deck like device Razer KishiLet s be honest the form factor is a big reason that devices like the Switch are so popular They re comfortable to hold well balanced and really put the screen front and center You don t really get that with a phone clamp or table stand Luckily Razer s Kishi is a super affordable option that s easy to slide your phone into ーthough the setup admittedly wasn t as quick for me as the SteelSeries options But at least the direct connection it forms with the phone using USB C or Lightning if you re on an iPhone is faster than Bluetooth The Kishi s biggest advantages ーbesides Razer s high end build quality ーare its passthrough charging so you never need to detach it to charge your phone and the size it folds down to when you do take it off your device It s smaller than the SteelSeries controllers making it ideal for throwing into a small bag Pros Provides a direct connection to a phone instead of relying on Bluetooth folds up compactly when not in useCons Phone with Kishi attached may feel bulkyFor players who want to turn their iPhone into a handheld console Backbone OneThe new Backbone One is similar to Razer s Kishi and made specifically for Apple devices though at a higher cost due to being newer and from a smaller company My colleague Mat Smith was a big fan of the One when he tried it and in my own use it has a few advantages over the Razer device namely a cleaner design and a more sweat friendly matte texture It also features Apple specific buttons ones that are much bigger and thus easier to hit than the ones on the Kishi Pros Nice matte finish specifically made for iPhone usersCons Expensive only works with iPhonesFor players who want the most portable controller possible or the cutest BitDo Zero If you have big hands the BitDo Zero is definitely not for you and your hands will likely cramp if you spend too long playing with this diminutive Bluetooth controller But for everyone else it s definitely worth a look if only because it s so small there s no reason to keep it on you at all times in case of an emergency Not that we could tell you what constitutes a gaming emergency but if one does come up you ll be glad to have this on hand It truly is keychain sized so you can clip it on your backpack or slide it into a Switch carrying case with ease And we love the bright colors which are based on the Switch Lite design and should blend in with your spring and summertime apparel Pros Cute and tiny comes with a strap for attaching to a bagCons Too small for gamers with big handsThis article originally appeared on Engadget at 2023-07-19 14:30:19
海外TECH Engadget Beats Studio Pro review: Upgraded sound makes all the difference https://www.engadget.com/beats-studio-pro-review-upgraded-sound-makes-all-the-difference-140058369.html?src=rss Beats Studio Pro review Upgraded sound makes all the differenceAfter almost six years Beats is back with new over ear noise canceling headphones A significant update from the Studio Wireless the new Studio Pro is a familiar formula that s been reconfigured from the inside out A second generation version of Beats own audio chip powers this new model delivering improvements to active noise cancellation ANC spatial audio with dynamic head tracking and wired audio modes via USB C connection Small design tweaks and slightly better battery life are also on the spec sheet while the price remains for Beats flagship headphones DesignTo refresh the aesthetics Beats enlisted the help of Samuel Ross a fashion and product designer who has worked with Hublot Nike Oakley and others The result is an updated look with new colors materials packaging and branding While the tweaks are subtle and the folding design remains the same overall there are a few notable changes to point out First Studio Pro is available in four new colors and even the black option now has a matte finish Where the headband hinge used to have a contrasting color for most of the variants that s now a tone on tone finish and the model name has been removed The iconic lowercase “b logo remains on both sides though Another key change is to the earpads Beats and Ross opted for a seamless design here with cushions made of a new UltraPlush memory foam though they re still wrapped in leather Beats is clear the clamping force from previous Beats models remains the same unfortunately and the weight hasn t changed Indeed the new ear pads help to a degree but after about an hour of use I start to feel the pressure that s been an issue with Beats headphones for years Since Beats headphones first debuted the company s models have become mainstays for gym goers and pro athletes You won t catch warm ups for many professional sports events without at least one person wearing Beats headphones Still the company hasn t issued a proper IP rating for sweat and water resistance Beats says it s confident the Studio Pro will be just fine for workouts but it s also clear that earpad replacements won t be available through the company You ll need to find a third party supplier should they get too grimey Physical on board controls are back on the Studio Pro On the outside of the left ear cup a multi function button in the center handles single double and triple taps to control music and calls A long press here will activate your voice assistant even though the headphones support hands free Siri on Apple devices Above and below this center button are the volume controls while the noise modes are toggled with a double press of the power button on the right ear cup If you re in USB C audio mode two taps of that button will cycle between three EQ presets specifically designed for wired use Signature Entertainment and Conversation A line of five LEDs below the power control blinks when you re in pairing mode and gives you a battery life estimate with a single press when the headphones are powered on Software and featuresPhoto by Billy Steele EngadgetBeats continues its move away from Apple s audio chips with the Studio Pro These headphones contain the company s own second gen platform instead but a lot of the features that Apple silicon offers are still here Hands free Siri one touch pairing iCloud pairing Apple Watch hand off and Find My compatibility are all baked into iOS Multipoint pairing and automatic switching between devices isn t available on iOS iPad and Mac right now but Beats says it may arrive later There s no need to download a separate app on iOS to access the settings though they re also available in the Control Center For Android users the Beats app offers one touch pairing via Google Fast Pair automatic connection to Android or Chrome devices through your Google account seamless device transitions Find My Device customization and widgets Beats has added Transparency Mode to the Studio Pro giving its over ear headphones a very useful tool that was missing from the Studio The company s audio chip also powers Spatial Audio with dynamic head tracking While the previous model supported immersive sound it didn t offer head tracking or the ability to personalize audio the latter of which Apple debuted last year For the first time Beats has enabled USB C wired audio on the Studio Pro In addition to listening to high resolution and lossless tunes you can also take calls while the headphones are actively charging The Studio Pro has a built in digital to analog converter DAC that can accommodate sample rates up to bit kHz That s enough to handle the high res streaming from Apple Music Amazon Music HD and Tidal Beats has also included three USB C sounds profiles for wired listening Signature Entertainment and Conversation As the names suggest each one is tailored to music movies TV shows and calls adjusting the frequency curve for what the company thinks is the best in each scenario And yes there s still mm playback which can be used with ANC and Transparency Mode as needed Sound qualityPhoto by Billy Steele EngadgetInside Beats swapped out the drivers for new mm units A two layer diaphragm combines with micro vents and fine acoustic mesh to streamline the airflow and minimize distortion The company says the new drivers can provide “near zero distortion even at high volumes which is an up to percent improvement from the Studio That claim holds true as the Studio Pro doesn t distort when you crank it up to the eye watering full volume However what the new components have done to improve clarity while providing a more balanced sound profile is more impressive In its early days Beats had a reputation for being too heavy handed with the bass While that hasn t been the case for a while the company still has a propensity to highlight low end For the Studio Pro there s still ample bass when a track calls for it but that boom doesn t come at the sacrifice of mids and highs or more importantly detail Even the driving thump of the kick drum on TesseracT s “War of Being has noticeable texture throughout the song It s not just a repetitive boom Overall the attention to clarity and the even handed tuning across the EQ curve gives the Studio Pro quite immersive sound out of the box Everything seems open and airy with even the instruments in chaotic metal tracks remaining perfectly discernible Turn on something softer like Charles Wesley Godwin s Live From The Church or Nickel Creek s Celebrants country and bluegrass respectively and you immediately hear the layers of acoustic instruments and finer detail unique to each Those records can sound like you re in the room while they re being recorded on the best sounding headphones and there s a sense of that on the Studio Pro As you might expect this latest Beats model excels with hip hop tracks The droning bass lines on albums like Killer Mike s MICHAEL lay a thick foundation for the rest of the song to be built While Spatial Audio returns chances are it won t sway your buying decision The integration is similar to previous Beats and Apple earbuds and headphones with Personalized Spatial Audio added in this time around The technology still simulates the sound of speakers capable of moving with you if you have head tracking enabled If you ve experienced Spatial Audio before you know exactly what to expect slightly louder more airy tunes where the technology s immersive nature can vary from album to album and genre to genre When it hits though like on Pearl Jam s “Even Flow older tracks have new life With boygenius The Record though I can t tell the difference when Spatial Audio is on I m also less sold on the dynamic head tracking Beats added on the Studio Pro Photo by Billy Steele EngadgetThen there are the new USB C EQ profiles When you re connected to a computer or other compatible device ANC and Transparency mode are disabled Instead the power button on the Studio Pro cycles through wired presets for music entertainment and calls That LED array below the power control indicates which profile you re on and will be essential until you memorize the audible tones for each one Signature and Conversation work best for music and calls respectively while I m less impressed by the Entertainment setting All three are fine but those two are the ones I found myself coming back to in wired mode Like Spatial Audio content in Dolby Atmos mileage can vary listening to lossless tunes via Apple Music Some albums are noticeably better with wired USB C while others sound nearly identical to streaming over Bluetooth Although Beats doesn t quantify with a number it says ANC performance is improved on the Studio Pro when compared to the Studio Fully adaptive active noise cancellation uses outward facing mics to monitor your environment while inward pointing units catch any sounds that might sneak through due to fit The company explains that the ANC boost is also partially due to updated microphones all around as they have higher sensitivity and a better signal to noise ratio While the Studio Pro doesn t beat the noise blocking powers of Bose or Sony the ANC on the Studio Pro is noticeably better than the Studio especially for things like television noise and human voices And similar to the previous model the latest Beats headphones analyze audio up to times per second to maintain pristine clarity Lastly let s discuss Transparency Mode While I welcome the inclusion here over not offering ambient sound at all I did have higher hopes It works fine but lacks the natural clarity of Apple s AirPods Max or AirPods Pro I thought Beats might come close since it works closely with Apple on several aspects of its products but that s not the case Apple remains truly unmatched when it comes to Transparency Mode It often sounds like you re not even wearing headphones at all mostly due to how natural your own voice sounds fed back through those devices Call qualityPhoto by Billy Steele EngadgetBeats says you can expect up to percent better voice clarity than the Studio Wireless thanks to voice targeting microphones and a machine learning algorithm The company explains that it trained the system on over hours of “real world environments in order to create a setup that can “precisely hone in on your voice Those are lofty claims for sure and part of them hold true The Studio Pro is great at cutting out constant background noise like a fan or A C unit Neither of those came through on calls when I was sitting right underneath one or the other It s better than the speakerphone like quality most headphones and earbuds offer but it isn t pristine Battery lifeWhen it comes to battery life Beats says you can expect up to hours with ANC off That s the same figure it promised on the Studio However with noise cancellation or Transparency Mode enabled the company offers two hours more than the previous model at hours There s still a quick charge feature here dubbed Fast Fuel that gives you up to four hours of use in just minutes During my tests with the Studio Pro I still had percent battery left after hours of use with either ANC or ambient sound active That s also doing a mix of music podcasts streaming TV and taking calls I powered the headphones completely off several times during that span as well and I plugged them in via USB C for a few minutes to test those modes The competitionPhoto by Billy Steele EngadgetWhen it comes to flagship headphones at this price Beats biggest competition remains Sony and Bose Sony s X line has been our top pick for best wireless headphones for years as the company s mix of stellar sound powerful noise cancellation and a literal truckload of handy features is unmatched With the latest version the WH XM the company simply packs so much into their headphones that many others can t compete The Bose is that company s best option which is currently available for about less than Sony s XM Bose doesn t come close to Sony in terms of features but it does do slightly better when it comes to ANC performance If blocking out distractions is your primary goal the is worth a look Wrap upWhile Beats didn t completely redesign its over ear headphones for the Studio Pro its latest model is a significant update The company did well to incorporate features and technology other companies have introduced over the last five years and its relationship with Apple continues to enhance its products The improvements to ANC and sound quality alone are good but the fact that the company was also able to add in a wired USB C audio upgrades to Spatial Audio and better voice performance while keeping the price the same is notable There s no doubt these are still premium headphones but the Studio Pro positions Beats to better compete with the likes of Sony and Bose in a number of areas where it used to fall short Beats Studio Pro is available to order today in black brown navy and Sandstone color options for The headphones will be available at Apple retail stores and other resellers starting tomorrow July th This article originally appeared on Engadget at 2023-07-19 14:00:58
海外科学 NYT > Science She’s on a Mission From God: Suing Big Oil for Climate Damages https://www.nytimes.com/2023/07/19/climate/climate-lawsuit-puerto-rico.html She s on a Mission From God Suing Big Oil for Climate DamagesA lawyer started small with a creative tactic It grew into an effort that could force fossil fuel companies to pay hundreds of billions in damages 2023-07-19 14:04:50
ニュース BBC News - Home Rishi Sunak apologises to LGBT veterans for past armed forces gay ban https://www.bbc.co.uk/news/uk-66242611?at_medium=RSS&at_campaign=KARANGA people 2023-07-19 14:53:58
ニュース BBC News - Home Ukraine war: Russia strikes Ukraine grain after ending sea deal https://www.bbc.co.uk/news/world-europe-66242446?at_medium=RSS&at_campaign=KARANGA damage 2023-07-19 14:51:07
ニュース BBC News - Home Transgender guidance for schools to be delayed https://www.bbc.co.uk/news/uk-66243698?at_medium=RSS&at_campaign=KARANGA advises 2023-07-19 14:54:10

コメント

このブログの人気の投稿

投稿時間:2021-06-17 22:08:45 RSSフィード2021-06-17 22:00 分まとめ(2089件)

投稿時間:2021-06-20 02:06:12 RSSフィード2021-06-20 02:00 分まとめ(3871件)

投稿時間:2021-06-17 05:05:34 RSSフィード2021-06-17 05:00 分まとめ(1274件)