cloud, JavaScript

How To Build An Integration With JFrog Xray?

The trend of DevSecOps is not new but it’s growing fast. More and more organizations wish to integrate their security team in all the phases of development and operation. 

Many security products keep your code safe from vulnerabilities at different stages (dev, test, qa and prod). However, JFrog Xray is unique in its capabilities to perform analysis of all the binaries you are consuming in your project.

JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to (more) trust in your software. By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.

One of the best parts is that JFrog Xray is also fully automated through a rich REST API that lets it integrate with a CI/CD pipeline and allows other binary analysis tools to build on its unique capabilities.

Continue reading

Chrome 45 New Features

google-chrome-logoTime flies!
Since my last update on Chrome 44 we had the chance to see the market crash and quite a lot of new features that were baked into Chrome 45.
The main improvements you should take a closer look at:

  • A set of new ES2015 features including:
    • Arrow functions – Arrow functions are always anonymous and effectively turn function (arguments) { expression } into arguments => expression.
    • New methods on Array
    • New methods on TypedArray
    • Object.assign() copies the values (of all enumerable own properties) from one or more source objects to a target object.
      It has a signature of Object.assign(target, ...sources)
  • SMIL is deprecated – to learn more please check out the discussion.
  • This (long time) bug is fixed.
  • Web Bluetooth is now available in Chrome OS 45.
    It’s still in Developer Preview and the team is actively looking for developer 

Chrome for Android Media controls
On Android, native apps can show media controls in a system notification when playing audio, making it easy for users to control audio while multitasking. Chrome 45 brings this capability to the web by showing a notification with media controls when audio is playing in web content. The controls will automatically show up when <audio> or <video> tags play audio longer than 5 seconds. It will look like this: Continue reading

Chrome, webdev

Chrome’s Market Share And Service Worker

According to Stat Counter in the past 3 months Chrome made a progress in market share. It’s now got ~31% world wide. But if we dive a bit deeper into the chart below we can see that the situation on mobile is even better.


Take into consideration that Chrome + Android + UC Browser + Opera is ~70% of the market it’s a great news for web developers in terms of APIs. I hope to see soon the power of Service Worker and Push notifications in many more browsers. It’s the start of a new wave of web apps that look and feel similar to native apps. Continue reading

Business, Chrome, JavaScript, webdev

In-App Payments On The Web

payment-with-penThere are many examples of applications that are free but let you add features with in-app payments. Think of a game that is free to play, but offers additional levels or virtual goods for a certain price (a low one in most cases). It’s very common to see applications that are free at the ‘trial period’ and later gives premium users the option to buy a specific level that match their needs. It’s a good practice to give users your product or service without any barriers (e.g credit card information). If they find it useful, they will pay for it with a smile.

Few examples

  • A designing web app that give the options to buy more projects (or more shapes, tools, features).
  • A Customer Relationship Management (CRM) application, that offer certain capabilities for a price.
    The basic options to collect and manage your contacts will be free, but if you wish to send emails they will charge you.
  • A game that let you advances more quickly if you buy certain improvements. For example a ‘magic’ power that give you the ability to pass a difficult stage (e.g. the mighty eagle in Angry Birds).the mighty eagle from angry birds

Continue reading

Chrome, JavaScript, webdev

How To Create A RESTful API

Google APIs with picturesque app

If you wish to read the background on RESTful APIs It’s all started here.  You can look at some good examples for RESTful APIs from Google, Twitter and many others. In this post, I will try to focus on some important aspect that you want to keep in mind when you are building your next RESTful API. Btw, if you are looking on an efficient way to create it – Checkout my talk from last Google I/O. It’s over a year now, but still very relevant.

Main aspects to pay attention

Continue reading

JavaScript, webdev

YouTube Analytics Dashboard With Apps Script

player_apisThere are cases where you wish to collect statistics on your youtube videos or channel. There are few options to do it with YouTube API. As the YouTube’s API supports many languages you can choose the one that will work for your environment. In many of these options, you will need to develop a server side that will fetch the data and a front-end to present it and give the users option to query it. If you wish to dive deeper (e.g. specific metric on channel performance and videos statistics), you will need to work with YouTube Analytics API.

In this post, we will see a simple example to create a dashboard that will be updated on a daily basis. Since we wish to save ourselves from building (and maintaining!) a server side and a web app to access it, we will use the power of Google Apps Script (GAS) and Google sheets.

The Dashboard

Here you can find the “Dashboard example sheet”.
Feel free to copy it and work on your own version that is not in ‘read-only’ mode. Continue reading


Memcache Basics On Google App Engine

memcache on GAEThis week is packed with great content on “Google cloud platform”. I will summaries some of the talks we having in our office. The first talk I gave was on leveraging memcache when you developing with Google App Engine. Here is the summary:

What is Memcache?

Memcache is an in-memory key-value pairs data store. You can use the put(key, value) and get(key) in order to save and fetch data from it. key or value can be anything that is serializable. It’s important to remember that with GAE – Memcache is a shared service accessed via App Engine APIs. So it’s not a RAM base caching layer that you might have on a single server but a service that you will make a network call each time you write/read from it. Continue reading

Chrome, JavaScript, webdev

Yahoo Finance API With NodeJS

nodejs logoIn the past I’ve wrote this post on the different options you can use with Yahoo Finance API. It is time (4 years later!) to a followup post on how to gain more data but this time with NodeJS.
The first idea was to be able to gain information by using different parameters and downloading csv files from Yahoo finance. Something like this GET request will do the magic: and from there you can work with the data.

However, there are cases, where you wish to have information that is not part of this set of arguments. Here are two quick examples for such cases: Continue reading