As a new Technology Radar release with a bunch of interesting techs, a few drew my attention.
- Applying product management to internal platforms: product mindset includes a roadmap, value to biz, and consumer experience enhancement.
- CI/CD infrastructure as a service: Our team has been using Jenkins hosted on-prem and started moving to Azure DevOps. It seems like a no-brainer. However, as the CI/CD runner can access source code and credentials, zero trust security must be implemented.
- Dependency pruning: Just a good practice to follow in this risker world.
- Run cost as architecture fitness function: Estimating cost change in advance of architectural change will be the way to avoid unexpected cost surges.
- Bounded low-code platforms: Use low-code tools for simple tasks only. After having been using Nintex K2 no-code tool for over one year now, this is exactly what I felt.
Other low-code solution examples are Mendix or Microsoft Power App.
- Demo frontends for API-only products: This may help to get stakeholders to head around the biz values of API products.
- Lakehouse: Data Lake and Data Warehouse in one solution. e.g. Databricks.
- Verifiable Credential:
- API-aided test-first development: Ask ChatGPT with the prompt of architecture and tech spec to generate an implementation plan for a feature. Then ask to test for it with a given acceptance criteria. The developer can implement a working code from there.
- Domain-specific LLMs: e.g. OpenNyAI for legal
- Prompt Engineering: creating a effective prompt for generative AI to get a best result.
- Reachability analysis when testing infrastructure: e.g. Azure Network Watcher
- Self-hosted LLMs: e.g. llama.cpp, GPT-J, GPT-JT, LLaMA
- Tracking health over debt: Rather than blindly tackling technical debt, assess technical health like development, operations and architecture. When the health becomes red, do some action. e.g. What good software looks like at REA | REA Group Ltd (rea-group.com)
- Zero trust security for CI/CD: CI/CD agents will have powerful access across the company system. It is worth giving extra security care. e.g. minimal access, access through OIDC, etc
- Webhooks need to be treated as credential.
- Lambda pinball architecture: Serverless architecture can be challenging to debug. Use it for the right place.
- Make some buffer when planning. Otherwise you will see what’s happening on congested highways.
- Contentful: Headless CMS. API-first approach. Separate the backend from the presentation.
- GitHub Action: Not sure which one to pick between GitHub Action and Azure DevOps.
- Dapr: Distributed Application Runtime. Alternative to Dotnet Akka.
- Immuta: data security platform.
- Matter: open standard for smart home tech.
- Passkeys: login without password
- FOSSA: Open Source License Compliance
- Gitleaks: open-source static application security testing, which detects hardcoded secrets.
- Mend SCA: finds vulnerable open-source dependencies.
- Mozilla SOPS: encrypt secrets in text files like app.config.
- Soda Core: open-source data quality and observability tool
- Steampipe: an open-source tool to query clouds with SQL.
- TruffleHog: open-source static application security testing
- Typesense: open-source, typo-tolerant search engine. High performance with small index size.
- Vite: a front-end build tool. Fast. Getting more traction.
- GitHub Copilot
Languages & Frameworks
- PyTorch: go to ML framework over TensorFlow.
- Mikro ORM: Typescript centric ORM.
- Stencil: library to build reusable components that work for any framework.
- Synthetic Data Vault: generate data for testing environment. The SDV uses a variety of machine learning algorithms to learn patterns from your real data and emulate them in synthetic data.
- .Net7 Native AOT: deploy with dependency on IL or JIT. This makes cold start really quick.
- .Net MAUI: Good candidate to upgrade from Xamarin. But not mature enough yet.
- nanoGPT: a framework for training medium-size generative pretrained transformers(GPT). Good to experience the building blocks of the GPT architecture.
- Qwik: JS framework for quick first-time website loading.