{"id":1330,"date":"2023-05-12T20:49:56","date_gmt":"2023-05-12T10:49:56","guid":{"rendered":"https:\/\/moneystock.net\/wp_e\/?p=1330"},"modified":"2023-05-12T20:50:23","modified_gmt":"2023-05-12T10:50:23","slug":"a-dotnet-developers-note-on-technology-radar-v28","status":"publish","type":"post","link":"https:\/\/moneystock.net\/wp_e\/2023\/05\/12\/a-dotnet-developers-note-on-technology-radar-v28\/","title":{"rendered":"A DotNet developer\u2019s note on Technology Radar V28"},"content":{"rendered":"<p>As a new Technology Radar release with a bunch of interesting techs, a few drew my attention.<\/p>\n<p>Techniques<\/p>\n<ul>\n<li><strong>Applying product management to internal platforms<\/strong>: product mindset includes a roadmap, value to biz, and consumer experience enhancement.<\/li>\n<li><strong>CI\/CD infrastructure as a service<\/strong>: Our team has been using Jenkins hosted on-prem and started moving to Azure DevOps. It seems like a no-brainer. However, as the CI\/CD runner can access source code and credentials, zero trust security must be implemented.<\/li>\n<li><strong>Dependency pruning<\/strong>: Just a good practice to follow in this risker world.<\/li>\n<li><strong>Run cost as architecture fitness function<\/strong>: Estimating cost change in advance of architectural change will be the way to avoid unexpected cost surges.<\/li>\n<li>Bounded low-code platforms: Use low-code tools for simple tasks only. After having been using Nintex K2 no-code tool for over one year now, this is exactly what I felt.<br \/>\nOther low-code solution examples are Mendix or Microsoft Power App.<\/li>\n<li>Demo frontends for API-only products: This may help to get stakeholders to head around the biz values of API products.<\/li>\n<li>Lakehouse: Data Lake and Data Warehouse in one solution. e.g. <a href=\"https:\/\/www.databricks.com\/\">Databricks<\/a>.<\/li>\n<li>Verifiable Credential:<\/li>\n<li><span style=\"text-decoration: underline;\">API-aided test-first development:<\/span> Ask ChatGPT with the prompt of architecture and tech spec to generate an implementation plan for a feature. Then ask to test for it with a given acceptance criteria. The developer can implement a working code from there.<\/li>\n<li>Domain-specific LLMs: e.g. OpenNyAI for legal<\/li>\n<li>Prompt Engineering: creating a effective prompt for generative AI to get a best result.<\/li>\n<li>Reachability analysis when testing infrastructure: e.g. Azure Network Watcher<\/li>\n<li>Self-hosted LLMs: e.g. llama.cpp, GPT-J, GPT-JT, LLaMA<\/li>\n<li>Tracking health over debt: Rather than blindly tackling technical debt, assess technical health like development, operations and architecture. When the health becomes red, do some action. e.g. <a href=\"https:\/\/www.rea-group.com\/about-us\/news-and-insights\/blog\/what-good-software-looks-like-at-rea\/\">What good software looks like at REA | REA Group Ltd (rea-group.com)<\/a><\/li>\n<li>Zero trust security for CI\/CD: CI\/CD agents will have powerful access across the company system. It is worth giving extra security care. e.g. minimal access, access through OIDC, etc<\/li>\n<li>Webhooks need to be treated as credential.<\/li>\n<li>Lambda pinball architecture: Serverless architecture can be challenging to debug. Use it for the right place.<\/li>\n<li>Make some buffer when planning. Otherwise you will see what&#8217;s happening on congested highways.<\/li>\n<\/ul>\n<p>Platforms<\/p>\n<ul>\n<li><a href=\"https:\/\/www.contentful.com\/\"><strong>Contentful<\/strong><\/a>: Headless CMS. API-first approach. Separate the backend from the presentation.<\/li>\n<li><strong>GitHub Action<\/strong>: Not sure which one to pick between GitHub Action and Azure DevOps.<\/li>\n<li>Dapr: Distributed Application Runtime. Alternative to Dotnet Akka.<\/li>\n<li>Immuta: data security platform.<\/li>\n<li><a href=\"https:\/\/csa-iot.org\/all-solutions\/matter\/\">Matter<\/a>: open standard for smart home tech.<\/li>\n<li><a href=\"https:\/\/fidoalliance.org\/passkeys\/\">Passkeys<\/a>: login without password<\/li>\n<\/ul>\n<p>Tools<\/p>\n<ul>\n<li>FOSSA: Open Source License Compliance<\/li>\n<li>Gitleaks: open-source static application security testing, which detects hardcoded secrets.<\/li>\n<li>Mend SCA: finds vulnerable open-source dependencies.<\/li>\n<li>Mozilla SOPS: encrypt secrets in text files like app.config.<\/li>\n<li>Soda Core: open-source data quality and observability tool<\/li>\n<li>Steampipe: an open-source tool to query clouds with SQL.<\/li>\n<li>TruffleHog: open-source static application security testing<\/li>\n<li>Typesense: open-source, typo-tolerant search engine. High performance with small index size.<\/li>\n<li>Vite: a front-end build tool. Fast. Getting more traction.<\/li>\n<li>ChatGPT<\/li>\n<li>GitHub Copilot<\/li>\n<\/ul>\n<p>Languages &amp; Frameworks<\/p>\n<ul>\n<li><strong>PyTorch<\/strong>: go to ML framework over TensorFlow.<\/li>\n<li>Mikro ORM: Typescript centric ORM.<\/li>\n<li><a href=\"https:\/\/stenciljs.com\/\">Stencil<\/a>: library to build reusable components that work for any framework.<\/li>\n<li>Synthetic Data Vault: generate data for testing environment. The SDV uses a variety of machine learning algorithms to learn patterns from your real data and emulate them in synthetic data.<\/li>\n<li>.Net7 Native AOT: deploy with dependency on IL or JIT. This makes cold start really quick.<\/li>\n<li>.Net MAUI: Good candidate to upgrade from Xamarin. But not mature enough yet.<\/li>\n<li><a href=\"https:\/\/github.com\/karpathy\/nanoGPT\">nanoGPT<\/a>: a framework for training medium-size generative pretrained transformers(GPT). Good to experience the building blocks of the GPT architecture.<\/li>\n<li>Qwik: JS framework for quick first-time website loading.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>As a new Technology Radar release with a bunch of interesting techs, a few drew my attention. Techniques Applying product management to internal platforms: product mindset includes a roadmap, value to biz, and consumer experience enhancement. CI\/CD infrastructure as a service: Our team has been using Jenkins hosted on-prem and started moving to Azure DevOps.&hellip; <a class=\"more-link\" href=\"https:\/\/moneystock.net\/wp_e\/2023\/05\/12\/a-dotnet-developers-note-on-technology-radar-v28\/\">Continue reading <span class=\"screen-reader-text\">A DotNet developer\u2019s note on Technology Radar V28<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[606,548,79],"tags":[],"class_list":["post-1330","post","type-post","status-publish","format-standard","hentry","category-architecture","category-c","category-web-development","entry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/posts\/1330","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/comments?post=1330"}],"version-history":[{"count":9,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/posts\/1330\/revisions"}],"predecessor-version":[{"id":1339,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/posts\/1330\/revisions\/1339"}],"wp:attachment":[{"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/media?parent=1330"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/categories?post=1330"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/moneystock.net\/wp_e\/wp-json\/wp\/v2\/tags?post=1330"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}