[Last Week in .NET #64 – Xamarin? What’s Xamarin?]

This newsletter is a day late because Monday, am I right? With that aside, let’s get into what happened Last Week in .NET:

πŸŒ‡ Sunsetting of .NET Framework and .NET Core runners in Cake 2.0 Cake now requires .NET Core 3.1 or higher.

❗ Marten V4: Hard Deletes, Soft Deletes, Un-Deletes, All the Deletes you Meet Marten is a Document DB that sits atop Postgres; and 4.0 now has softdelete support and support to undelete softdeletes. Which.. is what makes them soft.

πŸƒβ€β™€οΈ ML.NET Updates & Announcing Notebook in Visual Studio I’m impressed that Microsoft chose to publish the painpoint “Afraid Microsoft will abandon the [ML.NET] framework”. Silly users, don’t you know that they don’t abandon it, they just stop developing for it? Secondly the answer to that painpoint doesn’t actually address the painpoint.

πŸ‘€ Webview UI Toolkit for Visual Studio Code This finally puts the ‘visual’ in Visual Studio Code.

πŸŒŸπŸ¦—Migrating our trusty ol’ .NET Framework applications to AWS, I couldn’t believe it So A Senior Specialist Solutions Architect at AWS (FranΓ§ois Bouteruche) put together this “story” about fictional migrations to AWS for .NET Teams, as an amalgamation of experiences he’s had… working for AWS. Migrating .NET customers to… AWS. The first paragraph makes it seem like this is an actual story, but it’s not. Disclaimer doesn’t come until Paragraph 2. I see you, AWS. This comes suspiciously close to astro-turfing, AWS.

πŸš€Join us November 8 for the Launch of Visual Studio 2022 Visual Studio 2022 launches on November 8th, as it states on the tin, but today you can download the Release Candidate.

😢Use of Github Enterprise Rob Prouse, Board member of the .NET Foundation, explains what happened with all member projects for the .NET Foundation. In case you missed last week’s newsletter, it was discovered that the .NET Foundation required member projects to allow a service account, dnfadmin to have owner rights on the repository, and then secretly went in and transferred ownership of those projects to the .NET Foundation on Github Enterprise. Rob refers to this as a ‘mistake’, as in “the current board thinks it should not have happened”. That response, of course, tells us nothing about why it did happen, which they’re convienently silent on.

πŸ‘‰Reed Cospey gives his Detailed thoughts on the State of the .NET Foundation. Reed is the Executive Director of the F# foundation, (Once again, someone that uses F# can’t resist telling us that), and he gives a great overview of the structural problems with the .NET Foundation — far better than my incoherent ramblings on the subject. It’s worth your time to read if you care about .NET adoption.

πŸ—£The .NET Foundation is holding a “Tell me Anything” session on October 27th. This is your chance to tell them how you feel about the .NET Foundation’s recent actions.

πŸ™…β€β™‚οΈ Visual Studio 2022 for Mac Preview will now sport a native Mac UI, and not a cross-platform UI. It’s good — we like performance, but it’s also bad because it feels like an offering like Xamarin shouldn’t have these issues.. Oh yea, and Microsoft purchased Xamarin, so they won’t even use their own product?

πŸ“΄ Microsoft says it is shutting down LinkedIn in China Which seems weird because the Chinese Government and LinkedIn have something in common: They both want to know who’s been looking at your profile on LinkedIn.

πŸ‘¨β€πŸŽ“ Governor Mike Parson threatens Jail time for reporter who right-click and Viewed Source on Missouri Government website and saw Social Security Numbers. He has since doubled down on being a moron.

πŸ“’.NET 6.0 RC 2 has been released This release has a Go-Live license, so use it in production.

πŸ“’.NET 5.0.11 has been released This release fixes CVE-2021-41355 which is a .NET Core Information Disclosure Vulnerability.

.NET Core 3.1.20 has also been released and it has that CVE fix as well as other bug fixes.

With Indigeonous People’s/Columbus day, it was a short week last week. There’ll be a lull before November when .NET 6 officially launches, and of course when it does so I’ll be there, to let you know what’s going on.

infinite steps to prod

What sits between us and users?

The IDE,
That spits out compiled code
That we send to a build server
That gets deployed to a dev server
That gets played with
That CI promotes to a test server
That gets kicked back by QA
That we fix and put the ticket back in QA
That we send to the Build server
That gets deployed to a Dev server
That gets played with
That CI promotes to a test server
That goes back to QA, YAY it passes their tests
That goes to staging
That is seen by a product manager
That has release notes created for it
That gets a press release by marketing
That gets deployed to production
That a customer uses and finds a bug with
That opens a support ticket in Zendesk
That gets put on a JIRA board
That gets prioritized and assigned to an engineer
That pulls that ticket into In Progress and opens

[Last Week in .NET #63] – .NET Foundation finds out the silent treatment doesn’t work, tries rolling heads

Two years of simmering discord came to a head last week as the .NET OSS maintainers openly revolted against the .NET Foundation for years of non-communication, the Executive Director resigned, and newly elected board members are left to pick up the pieces.

It was a wild week.

First, there was some discord due to the .NET Foundation saying a board member left ‘for personal reasons’ when in reality they left due to the nature of the .NET Foundation itself.

Second, during this brouhaha and when finding out the Executive Director merged a PR without communicating, the .NET community learned that their projects were moved to the Foundation’s Github Enterprise account without their consent, that the DNFAdmin service account was basically a trojan horse (an actual Trojan Horse, not the virus variety), and that even if they signed the ‘contributor model’ contracts, they may not own their own projects.

As I said, it was a wild week.

So, the Executive Director apologized, not for the lack of communication, or moving the projects to the .NET Foundation’s Github Enterprise account, or misstating why Rodney Littles II left the board, or for the fact that the foundation has not been up front with what it means to have a project join the .NET Foundation, but for… forcing through a PR on a project that the foundation ostensibly owned.

Naturally members of the community asked for the Executive Director’s resignation, and they got it. And we sit, a few days later, watching more communication from a single member of the board than we had from entire previous Boards of Directors, particularly around most of the painpoints the community mentioned previously. One of the board members spoke up during the incident but said nothing of consequence, except to say, “Likewise, I think that the community and projects may have not understood what they were agreeing to when they were brought under the .NET Foundation umbrella.”. That’s what we in the biz like to call an understatement. I’m also not the only person to call this entire thing a brouhaha.

And since I’m writing this newsletter, I get to have my say.

I don’t think Claire Novotny should have resigned as the Executive Director of the .NET Foundation. I believe her to be a scapegoat for the structural issues the .NET Foundation has, as I’ve written about and spoken about previously. We’ve had entire Boards of Directors come and go from the .NET foundation with nary a peep from them in public about their work, no after-action review or postmortem, nothing outside of their initial interview to become a member of the Board of Directors.

I believe if anyone should resign, it should be the Boards of Directors. They ultimately are responsible for what the Executive Director and what the .NET Foundation does, and while half the board is fresher than a prince from Bel-air, the other half aren’t, and in some form of irony, it’s only the new people who are speaking out. I think they’re Good People, but they either have no idea what they’re doing or they haven’t seen and felt the issue simmering for the last few years, in which case they most assuredly shouldn’t be representing the community in the .NET Foundation.

It really all comes back to a single question: What does the .NET Foundation do? or, taken further: Why does the .NET Foundation exist?. We haven’t really gotten an answer to that question yet; especially the vague “commercially friendly” mission statement.

I’m willing to bet the Board of Directors haven’t been taking minutes for their daily meetings over the past week, even though the bylaws require them to, and so I’ve taken to asking that the bylaws be amended to require that the minutes are shared for review by the membership of the foundation.

If the .NET foundation is going to exist, then it’s going to have a vision and a purpose. If you care about .NET and the future of .NET, you should be right there, holding their feet to the fire. Otherwise we’re going to get what we’ve always got, a mono-culture that seeks to fulfill Microsoft’s whims about .NET; not what the actual OSS community wants or needs of .NET.

With that bit of news in the can, let’s see what else happened Last Week in .NET:

πŸ“šπŸ”₯Facebook went down, and of course since it wasn’t DNS it had to be BGP. Honestly I can’t explain BGP to you. I’d like to, but I can’t. Back in the day when I was building a product to discover and map legacy networks, a network engineer took me aside to explain BGP to me and the nightmares didn’t stop for weeks. I’ve since blocked out most of it except for “it’s a way for networks to tell other networks how to route to them”. It’s astonishing that anything works and that we aren’t all finding a desert island to inhabit, away from people and technology.

πŸ§“ Maybe because of, but certainly related to in some form, I learned what a Basil Hayden Old Fashioned was from Adam Rackis, and it sounds delicious. Also if you’re making Old Fashioneds in your kitchen and you have a gas stove, you can use the burner to burn the inside and outside of the orange peel, which apparently helps with the flavors of the orange.

πŸ¦„ Either SQL is old or SQL is new again and I can’t figure out which because C# 9 loves some SQL keywords like is, or, and and. If a C# developer fell asleep between 2013 and 2022 they’re gonna be really confused as to the language they came back to.

πŸ“… I did it before it was cool, but Jetbrains released their .NET Annotated Monthly for October 2021, and if you really want a list of links in a monthly format, you could read this list, or just wait and not read LWiDN for a month and read it all at once.

πŸ“ž The iPhone 13 can finally photograph dark-skinned folks. This is why diversity in tech matters. 14 years of phone-based cameras for non-white people to get good photos. That’s far too long.

πŸ“¨ The Register covered Rodney Littles resignation from the .NET Board. They have also previously covered other tech issues like the various Stack Overflow community brouhahas. It’s still weird to me to see inside baseball topics show up in ‘traditional journalism’ that I have to assume that they just have people devoted to these topics.

πŸŒŸπŸ¦—The CVP for the Windows Developer Platform writes a blogpost on Developing for Windows 11, and because irony is dead, writes that “Windows 11 was built to unlock the full power of the PC”. Because Windows 1 through 10 weren’t?

❣ Did you know there was an alternative to Windows Explorer? I did not. Well version 2 of this alternative is out.

πŸ§€ They moved your cheese in .NET 6 New project templates won’t include the ceremony you remember. They’ll just have the new Minimal API templates because some people just like to watch the world burn.

If you want the old style templates, select .NET 5 when looking for Templates to get the ‘old’ templates back.

🧺 Implicit Usings in .NET 6 With this change you can now use a namespace that isn’t referenced by your .cs file; and so if you want any hope of figuring out where a namespace is from you’d better use an IDE because a text editor can’t tell you. This is a brilliant idea if your goal is to reinforce the necessity of an IDE… like Visual Studio.

🀯 A look at the upcoming improvements to LINQ in .NET 6. There’s Chunking, Range Support, a new Zip Overload, and much, much more.

πŸ“ The WinAppSDK team is actively looking for developer input. Better give it while the giving is good or you’ll just have to go back to Microsoft Connect and wait for them to ignore your issues for years until they finally just shut down the platform.

πŸ“Ή Dotnetos Conference 2021 carried a talk by Jared Parsons on performance features in C#. I don’t know how to pronounce Dotnetos, sooo. sorry.

πŸ“Ή Maoni Stephens does a deep dive from A .NET Object from allocation to collection. Any time Maoni speaks, you should watch it. It’s good stuff.

πŸ”‰ Mads Torgersen talks C# 10 and I’m starting to feel MCU’d out on the whole C# version number thing.

πŸ₯Œ And because we need a little fun in our lives, Corey Quinn shares ancient SysAdmin wisdom. Remember when SysOps were a thing? Those were the good ol’ days.

I hesitate to say that’s it for what happened Last Week in .NET… But that’s the standard way to close this thing out, so there you go. See you next week.

[Last Week in .NET #62] – Watermelon Sug — HOW HIGH ARE YOU

No releases last week, but there was drama. And because this is the internet, I’m going to share that with you. Let’s get to it.

πŸ‘‹ Chris Dixon had to have gotten the highest of highs before writing this screed on twitter that charitably would be panned as “VC with vested interest in getting people to buy into Web3 says everyone should buy into Web3.” I’m not sure what’s worse: That “web3” is what Web 1.0 was like before Chris and other VCs cashed out on the likes of Facebook, Instagram, WhatsApp, and Twitter, or that if we buy into his vision, in a new world of ‘blockchain’ and ‘NFTs’, we could somehow get back to that web 1.0.

Maybe we could just… I don’t know… go back to Web 1.0? It’s not like Web2.0 hid web1.0 in a basement and tied them up and stuffed a gag in their mouth. We don’t have to ‘find’ web1.0 on a milk carton somewhere. It still… it just works. Right now, today.

If you think I’m full of it and you’ve bought into beanie babies NFTs as the way forward, may I be the first to offer you an NFT of this week’s newsletter for the low, low price of $100,000 β‚Ώ2.0372698? I’m not saying it’s going to go up in value, but I’m not saying it won’t either.

Ξ² The Jetbrains Rider 2021.3 Early Access Program is open for people who hate the word ‘beta’. You can debug UWP, have support for .NET 6.0 and support for C# 10 features like file-scoped namespaces and global using statements. Global using statements are the devil.

πŸ†• The Add New File Extension is now available for Visual Studio 2022. I’m sorry, I need a moment. You mean to tell me we haven’t been able to add new files to projects this entire time and I just noticed? Oh, you mean we haven’t been able to add new arbitrary files because a file always has to confirm with Visual Studio’s idea of what a file is. Sort of like how to create a Dockerfile I used to just create a new .cs file and then remove everything from it and rename it to Dockerfile. Funny enough this is not a first party extension, and Mads Kristensen works for Microsoft, so that tells us that Microsoft still can’t fix this seemingly easy-to-fix user experience issue, and instead their own took to an extension to fix this ludicrious state of things.

🌨🌩 Stop adopting multicloud to acheive application resilience, says Honeycomb’s Charity Majors Put down that OKR for a minute and just read this. Your boss probably wants multi-cloud, and you probably don’t. Here are some points you can use in a future conversation with them without using my personal favorite reason, “It’s a dumb idea”.

πŸŽ‚ October 14, 2021 marks the 25th anniversary of SysInternals tools that I grew up with and maybe you did too. When they first started out I wondered why they weren’t first-party tools, and later Microsoft bought them and turned them into First party tools.

πŸ‘‰πŸ‘ˆ LambdaNetCoreSamples repo has an example of how to run .NET 6 Lambda functions in AWS using the Amazon.Lmabda.Runtime Support package So this isn’t an ‘official’ AWS repo, but it’s from Norm, who works for AWS, and it shows off AWS. This feels hinky to me but I realize I’m in the minority here.

πŸšͺ Microsoft Store: More apps, more open. Translation: “Please use our store. Thanks.”

πŸ“ˆ Do you wanna see a performance graph of .NET 5 vs. .NET Framework 4.8? Of course you do. From 20% CPU to 5% CPU. That’s… Really good. Here’s some blog posts where those performance improvements have been talked about.

😑 The Executive Director of the .NET Foundation found herself in hot water for merging her own PR in on a .NET Foundation member project and my take on this is a bit more nuanced than you might think. You joined the .NET Foundation, and gave the .NET Foundation contributor rights, or even the copyright to your project. What did you think was going to happen? That they wouldn’t use those rights? If you give someone your toy, you can’t get mad that they play with your toy. You gave it to them.

I’ve been following topics like this for a while, and have asked for an update on the related topic.

🧦 Khalid Abuhakmeh talks about Compressing Strings with .NET And C# and I have now written the word Brotli completely in context.

πŸ“Ž I gave Clippy AI and he wanted to die Very “The light inside is broken but I still work” energy from this one.

And that’s it for what happened Last Week in .NET.

[Last Week in .NET #61] – We named the dog Patches

🐢Patch Tuesday as Microsoft calls it, or just “Tuesday” for the rest of us, is the day when Microsoft drops their patches. So far, so good. The Exchange team, however, decided to delay their monthly updates from the third Thursday (September 21st) to the fourth thursday (September 28th), because they want to get another patch in to this cumulative update.

This is the equivalent of my wife saying “I have news when I get home, we should talk then”. It’s never the good kind of news, and that ride always takes longer than it usually does.

✨I don’t yell “Get off my lawn”. I don’t. I just chide these kids today for thinking their themes are something special. I grew up in the times of the WinAmp themes. These little piddling color changes mean nothing when you can have a Star Trek LCARs themed Winamp. Give me LCARS Visual Studio and then we can talk.

πŸ‘‹LaBrina Loving will be talking about “Building a Highly Scalable Game with Azure Serverless” On September 29th, 2021. It’s Azure’s Serverless conference, and it’s free. Sign up here.

🌩Azure has had a bad month of cloud vulnerabilities. ChaosDB (where the root keys to the kingdom were exposed, exposing all the customers that used Azure Cosmos DB, Azurescape (cross account container takeover), OMIGOD (Microsoft’s default installed agent running on your OS — that oh by the way they want you to patch, even though they installed it, and Log Analytics roleprivesc (privilege escalation for Azure Log Analytics Contributor role). One of these is not like the others.

πŸ¦„ Windows App SDK 1.0 Preview 1 (1.0.0-preview1) is not available. This is that project that seeks to unify the various methods of creating windows applications.

πŸ“¦.NET 6 will have a package validation tool to make the nuget experience even more decadant.

πŸŽ‰Announcing Azure Functions 4.0 public Preview with .NET 6 support and because this is the new Microsoft, those breaking changes that will inevitably come are hosted on their Github.

πŸš—Github shipped two security features: The Github Advisory Database supports Rust (they had to tell you about it), and npm access tokens now have an easy-to-identify format. The thread goes into deeper detail about what this means, but in the words of my spirit animal “All Good things, All good things”.

🚿What Color is your Function? Bob Nystrom asks, and this blog goes deep into the problem with async vs sync and why it extends across pretty much every language that uses asynchronous constructs (except JavaScript because they wanted to be different).

✌Two minutes of 8… new Microsoft products.

And that’s it for what happened Last Week in .NET

Eric Lippert on why Programming Languages Turn Out The Way They Do

​If you don’t know Eric Lippert, he was a member of the C# team for many years (And JScript– Remember JScript?) and Adam Rackis posed the following question on twitter:

Here’s Eric’s answer (it’s a tweet thread – so click the link to read the entire thread).Β 

It’s a wonderful answer that dives into those small little decisions we make that have outsized impacts.Β  As an example, he cites consultants changing course curriculum(s) yearly as a reason why some teams may get pressure not to add new features to their programming language!

To bring it back to what we talk about here:Β  Those little decisions combined with your company’s contexts — the business, technical, social, cultural, and financial states of mind your company is in – will have more of an impact on the ability for your systems to scale than any other factors. That’s why it’s crucial to fully understand these contexts before trying to make change in your system and company.

[Last Week in .NET #60]- Sourcing Your Packages

πŸ“£.NET Core 3.1.19 has been released Big news here is that Alpine 3.14 and Debian 11 β€œbullseye” are now supported. If you ever want to containerize your .NET applications, you’ll want to use Alpine if image size is a factor. Very small images. Very nice.

Something else that came across my radar while purusing these release notes is that “Arcade” is a thing. And it has nothing to do with gaming. Or adult stores (sorry, not sorry). Apparently it’s common build tooling for .NET Foundation projects. Now this project has probably been around with this name for years, but this is the first I’m seeing news about it.

πŸ“£.NET 5.0.10 has been released and it contains support for these docker images as well. It also has a few bug fixes in it. And in what is a break with tradition, no security fixes either.

πŸ“£Announcing .NET 6 Release Candidate 1. This is a “Go Live” release, meaning it’s supported for production workloads. There are lots of goodies in here, from JITing improvements in the form of PGO and crossgen2, to Source Builds, to W^X, to HTTP/3 (why are we skipping HTTP/2? Hit reply and let me know), and more. This isn’t ‘user facing’, but it will make your applications more secure and faster.

βœ… The .NET Foundation elections are underway and they look a lot less diverse than I was hoping. I don’t run because we don’t need the opinion of yet another white dude; and also because it would be foolish to elect me as my entire platform would be to grow an ecosystem that competes with Microsoft’s first-party offerings and get OSS people paid, and that would be seem to be at odds with the purpose of the .NET Foundation.

5️⃣Nick Chapsas: 5 open source .NET projects that deserve more attention. The five? NBomber, CSharpRepl, Verify, FluentDocker, Cupboard. If you want to know what these do, watch the video.

πŸ“‰Stack Overflow shows large drop in memory usage and increase in performance by upgrading from .NET 4.6.2 to .NET 5.0. Yaaas. Oh, and I’m sorry Webforms folks, you’re stuck on .NET 4.8.

πŸ›  Make Microsoft Edge Dev Tools Your Own I will say, for the record, I am not a fan of the consolidation of browsers around Chrome’s rendering engine. That said, however, Edge sucks a lot less since they moved to a version of Chromium. Anyway, this blog post tells you how to customize Edge Dev Tools; which for historical reasons I’ve never touched. I’ve been too scarred by Internet Explorer. I guess I’ll have to give this a try now.

πŸ€– Microsoft to let users completely remove account passwords and go passwordless We are about 10 years away from implanting security keys into our bodies. I’m not here for that.

πŸ›‘Use Azure Portal to create private link for managing Azure resources to which I am wondering: this didn’t already exist? Most of my experience is in AWS, and admittedly they’ve spoiled me; but I feel like this was in AWS years ago.

πŸ—ΊIntroducing Package Source Mapping. The big news here is that you can specify where packages should be pulled from — individually. No more “Try these in descending order, if you find it here, get it, if you don’t, try this one, and so on, and so on”. The stated reason is to avoid supply chain attacks; which would have been a stop-gap for the Solarwinds supply chain attack, but if I remember correctly they did patch an internal DLL anyway, sooo.

πŸ™ˆTravisCI exposes environment variables to everyone; half-asses their security response. If you use Travis CI (unlikely but possible), find another CI Vendor. Today.

And that’s it for what happened Last Week in .NET. For once Microsoft was not the main character for the security-fuck-up-of-the-week.

[Last Week in .NET #59] – Min/Max Life Changes

Saturday marked the 20th anniversary of the September 11, 2001 attacks; the effects of which changed the lives of billions of people. In a “very significant to me” moment but “incredibly insignificant to the world” view, I would never have met my wife or have the life and kids I have today if it weren’t for September 11th. A terrible event and aftermath that shaped reality as we know it. But this is not reminisce with George Stocker, it’s Last Week in .NET, so let’s get to it.

πŸ‘€Minimal APIs at a glance in .NET 6 Scott Hanselman digs into what minimal APIs are and how they work. ‘Minimally’ is apparently the right answer.

🍧David Fowler tweets a thread explaining the coolness behind Minimal APIs, and I’ve said it before and I’ll say it again. This is why I’m on twitter. This sort of thing would have been too minor to make a whole blog post out of, but is perfect for twitter.

🎩Amazon, Google, Microsoft, Cobra Command, and other tech companies are in a ‘frenzy’ to help ICE build its own data-mining tool for targeting unauthorized workers “Don’t be Evil” has a second part that isn’t usually vocalized: “unless we can make money being evil.”

🐈Matrix Resurrections: Official Trailer #1 is out 1999 called, and the Low rise jeans are coming back as well. This trailer made me very happy, and I hope the 4th iteration of the Matrix captures the magic the first one held.

βž–An Opinionated Look at Minimal API in .NET 6 a look at one of the possible ways to put minimal APIs into action. This is a first blush attempt, and while it may not be the solution, it at least gets us asking the right questions.

πŸ’©Github (2008) Merges ‘useless garbage’ says Linux Torvalds as new NTFS (1993) support added to Linux (1991) kernel 5.15 The creator of Git(2005) says that Github creates useless merges, while conversing on a listserve (1986) and accepting merge requests through Email (1971) .patch files. Does Linux surf the World Wide Web (1991)? I have to wonder.

As promised last week, this week was a light week. I’ll see you all next week.

[Last Week in .NET #57] – So, Azure your keys are safe?

The biggest news this week (and will likely trump any sort of news for the next couple of weeks in the Microsoft space) is that Azure has a vulnerability dubbed “ChaosDB” that exposed its customers keys to the world, leaving every single CosmosDB customer’s database data exposed for the taking. There’s a technical deep-dive into this vulnerability as well. I hope the Azure team is wearing their brown pants.

This is as bad as it gets. Good news though! They gave out a bounty of $40,000 to the finder of this vulnerability. Which values this vulnerability as akin to a Tesla Model 3 — and not even a fully decked out one.

β­• Apply rounded corners in desktop apps for Windows 11. In some cases, rounded corners will be applied to your applications automatically, in others, here’s what you can do to make them rounded. As Apple intended.

πŸ› Razer Bug lets you become a Windows 10 admin by plugging in a mouse. This is a pretty easy exploit to… well.. exploit, so if you’re using Razer mouses in a corporate context, you may want to rethink that decision.

πŸ€·β€β™‚οΈ The real names of features in Visual Studio. It’s a bit inside baseball, but still a wonderful walkthrough.

πŸ‘¨β€πŸ‘©β€πŸ‘§β€πŸ‘§ David Fowler writes to tell us that New .NET 6 APIS [are] driven by the developer community. In this blog post, David details new APIs available in .NET 6, and highlights the fact that well, they were authored by members of the community. I’m a fan of Parallel.ForEachAsync, as that seems rather useful for my needs.

πŸƒβ€β™€οΈ This is your warning: Get out of the Dev Channel for Windows 11 unless you want to experience some turbelance. If you want stability, use the beta channel or get out of the insider program entirely. If you want to see new builds of Windows 11 that may have the stability of Windows Vista, stay in the Dev channel.

πŸ™Œ Nicole Miller-Abuhakmeh is the new Community Manager for the .NET Foundation. This is a wonderful choice for CM, congrats Nicole and the .NET foundation.

πŸ™€ Looks like there’s another tactic available to exploit Proxyshell vulnerabilities. A few weeks ago, a researcher showed off an exploit of Microsoft Exchange Server dubbed ‘ProxyShell’ and it seems like the gift that keeps on giving to attackers. Bottom line: keep your Exchange servers up to date.

🎲 In .NET 6, FirstOrDefault(), LastOrDefault() and SingleOrDefault() now let’s you specify a default value. Sadly it has to be a compile-time constant so you can’t have something like new Random().Next() available.

πŸ—“ Microsoft Ignite is November 2-4, 2021 and is virtual again this year because people can’t bother to vaccinate.

✈ Github’s Copilot can get you in trouble 40% of the time and if you’re the type to use AI to write code, maybe you deserve to have problems.

🐢 Using SignalR in your Blazor applications This is an nice pairing of technologies. Like Chardonnay and Brie, or Hotdog and Chili. Ketchup is forbidden, Mustard is recommended, however.

And I say this with a twing of irony, but that’s it for what happened Last Week in .NET.

Houses, Forcing Functions, and Containers

In my last post, I talked about microservices compared to houses. A giant house with lots of stuff in it is hard to find anything. A small house with lots of stuff in it is hard to find anything. A small house with the right amount of stuff in that house makes it easy to find that stuff. In fact, labeling and putting everything in its place helps even more.

Jimmy Bosse wrote:

I think the nooks and crannies are a natural result of years of maintenance and the rotation of team members. Each class is essentially the most micro of services. Moving to a micro service feels like it’s neater just like moving to a new home is neater. You’ve just gone through all the crap and cleaned house in order to move. Over time those micro services will build their own books and crannies as features built under deadlines pile on team members move on to greener pastures. Entropy is coming for everything. No architecture can stop it.

Jimmy Bosse, “A house small enough to fit everything in”

I love this comment because who among us hasn’t had this happen multiple times? It’s almost a rite of passage to have your system live long enough to become the villain and there to be people that want to move to a new system. How many times have you or someone you’ve worked with advocated a rewrite with that same thought in mind?

That’s what we’re trying to stop, right? No one in the business ever wants the code rewritten, and the longer you spend in this industry the more you realize a rewrite is in the same vein as a self-licking ice cream cone: it sounds nice but when you think about it is on some level absurd and another level impossible. (Why do we rewrite software? So we can avoid rewriting software!)

That’s why I think event-driven architecture especially and services-oriented architecture (SOA) and microservices topologies in particular have a leg up on our past efforts. Our problem previously was there was no size constraint: all boundaries were soft boundaries. Since everything was deployed together in a monolith, eventually you’d end up with a big blob of software. With SOA, you now had to name those blobs and make a hard separation point at a network boundary, and of course there was more than one of them. This was better because of course we’d rather fight 10 chicken sized horses, than fight one horse-sized chicken. And then we got microservices and now we have 100 chicken-sized horses and we realized that was enough slices.

So there has to be a balance: You can’t just divvy items up and put them in containers and expect everyone to find what they’re looking for — especially if at some point you start naming that container “utility”, you have to actually spend time naming and planning, in any case. But at least with event-driven architecture you get two things you didn’t have previously: No one can reach into someone else’s box, and the network boundary is well-defined.

The bottom line is that entropy comes for us all; Jimmy’s right about that. We’ve tried soft boundaries, and they didn’t work. We tried hard boundaries and they seem to work a little better; but that coupling is a problem. With Event Driven architecture we can truly finally have a loosely coupled system enforced more easily than the soft boundaries we had before.

P.S. I got what appears to be a concussion over my vacation and so there’s a lot of weird association (and fogginess) going on in my mind right now. I’m going to proof-read this in the morning before I hit post; but if it’s too out there, don’t hold it too much against me.