In this April digest, we want to highlight some important news that can be useful for advanced developers, beginners, business owners, and designers.
April brings us an updated version of the well-known "Kubernetes The Hard Way" guide to manually configuring Kubernetes clusters. Kelsey Hightower announced this on his X account.
Meanwhile, Nginx users can upgrade to version 1.26.0 of the popular web server, and Linux fans will be interested in the recently released Fedora Linux 40 with updated desktop environments and improved artificial intelligence development capabilities.
Read more details and other new product news in the digest below!
Kelsey Hightower reported that the Kubernetes The Hard Way guide has been updated to support ARM64. The guide is now cloud vendor agnostic and only requires a set of ARM-based virtual machines or physical machines.
The Hard Way is a guide to creating a basic Kubernetes cluster with all management components running on a single node and two working nodes sufficient to learn the basic concepts. It is precisely optimized for a long, deep learning curve to understand all the tasks required to bootstrap a Kubernetes cluster.
Previous versions only worked with Google Cloud Platform, now the simulator is cloud service independent. Also, this guide requires four ARM64-based virtual or physical machines connected to the same network. In general, the knowledge gained from this guide can be applied to other platforms as well.
The updated guide uses kubernetes v1.28.x, containerd v1.7.x, cni v1.3.x, etcd v3.4.x. Kubernetes The Hard Way is a great way to get your hands on working with clusters.
After almost a year since the last (1.25.0) release, a new version of nginx has been released. Stable version 1.26.0 includes new features and bug fixes from the 1.25.x main branch, including experimental support for HTTP/3, HTTP/2 on a per-server basis, virtual servers in the stream module, streaming connections to listen sockets, and more.
According to W3Techs, 34.2% of all sites in the report use Nginx, which confirms the technology's widespread use. Let's examine the main changes in the 1.26.0 release.
Substantial changes have been made to work with HTTP/2:
Among other changes:
Nginx 1.26.0 is available for download on the official website.
Figma aims to improve the implementation of design systems by making code more accessible and useful to developers. To this end, it has launched a beta version of its Code Connect tools.
According to CEO Dylan Field, the new functionality is designed to reduce the barrier between designers and developers, resulting in greater consistency and structured implementation of ideas.
Code Connect is a new tool that allows you to customize the code snippets that appear in Dev Mode so that developers see the actual code of the design system instead of automatically generated CSS. The tool is a utility available through npm for JavaScript and TypeScript projects and through Swift Package Manager for SwiftUI projects.
Code Connect is available in Organization and Enterprise plans. The package and configuration instructions are available on GitHub, and developers can install it using a simple command-line interface.
Fedora Linux 40 has been released, marking a major milestone in the project's development. This release contains significant updates. Here is a list of some of the new features.
The new version of Fedora Linux 40 comes with the first-ever PyTorch package. This popular framework is used for deep learning. It currently supports CPU-only operation, with no GPU or NPU acceleration. Representatives of the distribution promise to further develop the framework in future releases, including GPU and specialized NPU accelerators.
The Fedora Linux 40 release is available for Fedora Workstation, Fedora Server, Fedora Silverblue, Fedora IoT, Fedora CoreOS, Fedora Cloud Base, Fedora Onyx, and Live Build distributions.
The well-known World-Check database contains information on undesirable persons such as terrorists, money launderers, untrustworthy politicians, etc. Corporations, banks, and various financial organizations use it as part of Know Your Customer (KYC) checks.
World-Check data includes full names, the person's area of criminal activity, and, in some cases, their specific job title. It also includes date and place of birth, known aliases, gender, and an explanation of why the person has been placed on the unreliable list.
Today, more than 5 million records from the database are in the hands of the hacker group GhostR, which is threatening to release the data to the public. A spokesperson for the London Stock Exchange Group (LSEG), which maintains the database, has confirmed the authenticity of GhostR's claims.
In the original message, a group of hackers said they would soon begin leaking the database. The first batch of information will include details on thousands of people, including "members of the royal family."
LSEG officials said the leak was not related to their systems, but to a third party that had copies of World-Check DB, and that work was underway to protect the data.
In 2020, Google said it would phase out third-party cookies over two years to improve user privacy. It's almost the middle of 2024, and Google has delayed the shutdown again.
Google said there were problems reconciling the views of stakeholders, regulators, and developers on the issue. It also notes that it is important that the UK's Competition and Markets Authority (CMA) has enough time to review the evidence, including the results of industry tests, which were requested from market participants by the end of June.
As a result, Google will likely stop supporting third-party cookies in Chrome in 2025, not 2022, as previously planned.
However, in early April, Google announced a new Chrome security feature called Device Bound Session Credentials (DBSC), which binds browser cookies to a user's specific device and protects against account hijacking through cookie theft. DBSC cryptographically binds authentication files to the device using keys generated by the device's Trusted Platform Module (TPM) chip.
Each session is now secured with a unique key, and only the public key is sent to servers for subsequent authentication. This prevents sites from tracking users in different sessions on the same device. Currently, DBSC can be tested by enabling "enable-bound-session-credentials" in Chrome. Google is working to enable this technology by default for Google Workspace and Google Cloud clients.
Have a great month, and see you in the next is*hosting digest!