Android 12 first preview includes new tools for improving user experience

The Android Development team has announced the release of the first preview for Android 12. Android 12 will introduce new tools for building improved user experiences, such as compatible media transcoding, along with privacy and performance optimizations. 

“With each version, we’re working to make the OS smarter, easier to use, and better performing, with privacy and security at the core. In Android 12 we’re also working to give you new tools for building great experiences for users,” Dave Burke, vice president of engineering for Android at Google, wrote in a post.

In addition to compatible media transcoding, which helps apps work with the latest video formats, Android 12 will introduce AVIF image support, foreground service optimizations, rich content insertion, audio-coupled haptic feedback, multi-channel audio, immersive mode API improvements for gesture navigations, improved Binder IPC calls, updates to the notifications UI, and faster, more responsive notifications. 

To improve privacy on Android devices, there are a number of new controls being introduced in this preview, with more to come in later preview releases, according to the Android team. New enhancements include adding SameSite cookie behaviors to WebView to give better transparency over how cookies are used across sites, restricted access to Netlink MAC, safer exporting of components, and safer handling of Intents. 

Android 12 also features advances in app compatibility. The Android team has invested more into doing more updates directly through Google Play system updates, so that it can make improvements without requiring a full system update. It is also working on making testing easier, restricting certain non-SDK interfaces, and optimizing Android for tablets, foldables, and TVs. 

Developers can test out Android 12 on any Pixel 3 / 3 XL, Pixel 3a / 3a XL, Pixel 4 / 4 XL, Pixel 4a / 4a 5G, or Pixel 5 device, or by using the Android Emulator in Android Studio. 

“Every day, Android apps help billions of people work, play, communicate, and create on a wide range of devices from phones and laptops to tablets, TVs, and cars. As more people come to rely on the experiences you build, their expectations can rise just as fast. It’s one of the reasons we share Android releases with you early: your feedback helps us build a better platform for your apps and all of the people who use them,” Burke wrote. 

The post Android 12 first preview includes new tools for improving user experience appeared first on SD Times.

Read more:


SD Times news digest: Sentry now supports Google Web Vitals, Google plans to shut down Android Things console, and GitHub removes non-essential cookies

The Google Web Vitals services are now included in the Sentry application monitoring solution. It includes agentless frontend performance monitoring for serverless, PHP, Node, and Ruby-based applications. 

“Customer issues happen at the application level, and that is where developers have the most control,” said Milin Desai, the CEO of Sentry. “That’s why we’re excited to bring Web Vitals to our continually growing support for application performance monitoring this year. Along with being able to identify poor-performing API calls and slow database queries, engineering teams can now see the performance metrics that are even more essential to knowing their code is healthy—from frontend to backend.”

Google plans to shut down Android Things console

On January 5th, 2021 the console will now longer allow the creation of new projects using NXP i.MX7D and Raspberry Pi 3B, Android announced in a post.

Exactly one year later, the console will be shut down completely with all data deleted. 

Android also stated that there are no plans to support Raspberry Pi 3B, even though it is a popular choice for new projects. 

GitHub removes non-essential cookies
GitHub announced that it’s getting rid of all non-essential cookies in an effort to prevent frequent cookie banners and to protect developer privacy.

Common cookies that are not essential for a website to work include those collected by third-party analytics, tracking, and advertising services, GitHub explained in a post.

Anchore announces new partner program for DevSecOps
Anchore, which has experts in continuous security and compliance for containers, launched a new partnership to help companies and governments build DevSecOps toolchains and processes. 

Existing partners in the program include  GitHub, GitLab, Atlassian, CloudBees, Red Hat, Microsoft, Carahsoft, and many others.

The program is split into three categories. The first is Solution Providers, which focuses on systems integrators, managed services providers, and security/compliance firms; the second is Channel Partners such as value resellers (VARs) that interact with clients. Lastly the program includes Technology Partners who integrate with Anchore. 

Apache weekly roundup
Last week Apache saw the release of Apache Knox 1.5.0, which is an application gateway for interacting with REST APIs and the UIs of Apache Hadoop deployments. 

The Apache Pulsar CVE-2020-17520 Pulsar Manager security bug that enables bypassing of the pulsar-manager’s admin permission mechanism by constructing special URLS was found. Apache recommends upgrading to Pulsar Manager 0.2.0 or later.

Other releases include Beam 2.26.0,  Flink 1.12.0 and 1.11.3, APISIX Dashboard 2.2, Camel 3.7.0, IoTDB 0.11.1 and many more. 

The full list of new releases from Apache are available here.

The post SD Times news digest: Sentry now supports Google Web Vitals, Google plans to shut down Android Things console, and GitHub removes non-essential cookies appeared first on SD Times.

Read more:


SD Times news digest: Android Enterprise Essentials, PhpStorm 2020.3, and gRPC support for Kong’s Insomnia 2020.5

Android Enterprise Essentials is a secure, mobile management service built by the Android team to protect business devices and data. 

It requires a lock screen and encryption on devices to prevent unauthorized access to company data, enforces mandatory malware protection by ensuring that Google Play Protect is always on and employees can’t download apps outside of the Google Play Store. 

It also provides the ability to wipe all company data from a device in case it’s lost or stolen. 

Additional details are available here.

PhpStorm 2020.3 released
The major release includes full support for PHP 8, static analyzers PHPStan and Psalm, Xdebug 3, Tailwind CSS, collaborative development via Code With Me, and more.

In PHP 8, function and method arguments can be passed by specifying a parameter name. 

Calls are now self-documented, and optional parameters have become truly optional because you can omit them.

Additional details on all of the changes in PhpStorm 2020.3 are available here.

gRPC support for Insomnia 2020.5
With gRPC support in the newly released Insomnia 2020.5, developers can make requests for gRPC backend services just like they can today with REST / GraphQL services from Insomnia.

“Currently, developers rely on a mix of tools to consume REST, GraphQL and gRPC services, all with different opinions on how requests need to be defined, sent, stored and shared. That’s why we’ve built gRPC support into Insomnia, so developers can have a single tool to define, send, store and share requests across REST, GraphQL – and now gRPC,” Kong, the company behind Insomnia, wrote in a blog post.

The 2020.5 release also includes environment variable hyphen support, GraphQL documentation reload on schema changes, as well as OAuth2 PKCE support and the ability to delete synced workspaces from API. 

New Confluent Cloud Connectors released for pervasive event streaming
Confluent announced new fully-managed connectors for Confluent Cloud to seamlessly integrate events across cloud, on-premises, or hybrid environments, and the launch of ksqlDB pull queries in Confluent Cloud for streamlined processing of event data.

With connectors for a full ecosystem of on-premises systems, cloud services, and enterprise tools, organizations can easily blend and analyze data from across their business, enabling more personalized customer experiences and improved operational efficiencies, according to the company. 

The post SD Times news digest: Android Enterprise Essentials, PhpStorm 2020.3, and gRPC support for Kong’s Insomnia 2020.5 appeared first on SD Times.

Read more:


SD Times news digest: Software Tree’s microservices framework, the Chaos compiler, and a Kotlin Android extensions update

Data integration company Software Tree introduced Gilhari, a microservices framework designed to simplify JSON persistence in relational databases. 

According to the company, developers can quickly develop high-performance, database-agnostic, and Docker-compatible RESTful solutions that need to interact with JSON data.

“Developers shouldn’t have to jump through hoops to adapt to modern computing trends,” said Damodar Periwal, the founder and president & CEO of Software Tree. “Gilhari moves in Docker containers. Gilhari talks REST. Gilhari helps developers glide smoothly into the promised land of the microservices-based application architecture while leveraging trusted relational databases for exchanging JSON data.”

The Chaos compiler v0.1.0 released
The Chaos language team announced a new compiler implemented in the compiler.c module. It takes the Abstract Syntax Tree (AST) that is built by the parser as input and spits out the C code. 

Chaos programs are compiled against the language’s source. It packs the Chaos runtime into the compiled binary.

The Chaos binary has a flag ‘-e,’ ‘–extra’ to inject extra flags into the C compiler command for advanced users. With this flag developers can increase their debugging possibilities.

More information is available here.

Kotlin Android Extensions update
Over the course of the next year, Android as well as JetBrains teams will jointly deprecate synthetics in favor of continuing to support its recommended option, View Binding.

Developers still using Parcelize can continue to use the same annotations and APIs, however, in the module-level Gradle file, developers can start using the standalone kotlin-parcelize plugin instead of android-kotlin-extensions.

View Binding for Android is an officially supported library that has deep integration with the Android build toolchain and provides similar functionality as Kotlin synthetics.

Linux Foundation offers open source diversity course
The new course called Inclusive Open Source Community Orientation (LFC102) delves into facts about diversity in tech, the importance of diversity for innovation, the basics of unconscious and societal bias, and how to recognize the different ways unconscious bias presents itself in technical environments. 

“Open source projects are best when they cultivate contributions from a wide range of individuals with different backgrounds from all over the world, so it is prudent for community members to ensure everyone feels welcome,” said Chris Aniszczyk, the CTO of the Cloud Native Computing Foundation (CNCF). “This course will guide open source projects on how to build inclusive communities, which is why we will be planning to require all CNCF project leadership to complete this training starting next year.”

LFC102 is free and complements the existing LFC101 – Inclusive Speaker Orientation course. 

Apache weekly roundup
Last week at Apache saw the release of Apache APISIX Dashboard 2.0 and Dashboard 2.1. Dashboard is a dynamic, real-time, high-performance Cloud-Native API gateway, based on the Nginx library and etcd.

Meanwhile, Apache ShardingSphere UI 5.0.0-alpha was released, which transforms ApacheShardingSphere from sub-database and sub-table middleware to distributed database ecology. 

Other releases this week included SkyWalking Python 0.4.0, Tuweni (Incubating) 1.3.0, Daffodil (Incubating) 3.0.0, and more. 

The full list of new releases is available here.

The post SD Times news digest: Software Tree’s microservices framework, the Chaos compiler, and a Kotlin Android extensions update appeared first on SD Times.

Read more:


SD Times news digest: Kotlin 1.4.20 released, Android releases its target API level requirements for 2021, Accusoft announces beta testing program

The update brings support for new JVM features like string concatenation via invokedynamic, improved performance and exception handling for KMM projects, and extensions for JDK Path: Path(“dir”) / “file.txt”.

Kotlin 1.4.20 also introduces a new configuration block for the browser target called commonWebpackConfig. Inside it, users can adjust common settings from a single point, instead of duplicating configurations for webpackTask, runTask, and testTask.

Also, to speed up build times, the Kotlin/JS Gradle plugin only installs the dependencies that are required for a particular Gradle task.

Additional details are available here.

Android releases its target API level requirements for 2021
Android announced that Google Play will require new apps to use the Android App Bundle publishing format to bring the benefits of smaller apps and simpler releases to more users and developers and to support ongoing investment in advanced distribution. 

From August 2021, the Google Play Console will require all apps to publish with the Android App Bundle format, and utilize Play Asset Delivery or Play Feature Delivery to deliver assets or features that exceed download size of 150MB.

From November 2021, updates to existing apps will be required to target API level 30 or above and adjust for behavioral changes in Android 11.

Accusoft announces beta testing program
Accusoft announced its beta release testing program which provides participants with real-time access to its latest product developments. 

Developers can also customize what types of betas they would like to opt into so they can focus on products most relevant to their business.

By signing up for the beta program now, developers can participate in the active beta for PrizmDoc Forms integration, which will allow them to repurpose or use their PDF forms to easily create, customize, and deploy as web forms anywhere. 

Apache weekly update
This week at Apache saw the release of Apache SkyWalking Cloud on Kubernetes 0.1.0 and SkyWalking Client JS version 0.2.0 in the application performance monitoring space. 

Apache also released Apache BookKeeper 4.11.1 that features upgrades to Netty, Vertx, and RocksDB, better error reporting in case of ZooKeeper related errors, and an error fix that prevented Garbage Collections in case of corrupted EntryLogger Files. 

Apache Log4j 2.14.0 was released and the CXF CVE-2020-13954 issue was found, which reflected XSS in the services listing page via the styleSheetPath.

Additional details on all of Apache’s releases are available here.

The post SD Times news digest: Kotlin 1.4.20 released, Android releases its target API level requirements for 2021, Accusoft announces beta testing program appeared first on SD Times.

Read more:


SD Times news digest: Apple to require developers to enter app privacy information in App Store Connect, Android’s mobile driving license, and Visual Studio Code 1.51

Apple announced that later this year users will be able to learn about some of the data types that certain apps collect, and whether that data is linked to them or used to track them. 

Starting on December 8th, developers will be required to summit this information when they add new apps and app updates to the App Store. 

Developers will need to identify all of the data that they or a third party collect, the app’s privacy practices should follow the App Store Review Guidelines and all applicable laws, and developers are responsible for keeping their responses accurate and up-to-date. 

Additional details are available here.

Android’s mobile driving license
Android announced support for the mobile Driving License ISO standard which allows for construction of Mobile Driving License (mDL) applications that users can carry in their phone and can use instead of the plastic card.

Once the mDL reader obtains the cryptographic key, it creates its own ephemeral key pair and establishes an encrypted and authenticated secure wireless channel such as BLE, Wifi Aware, or NFC.

With mDL, the phone doesn’t need to be handed to the verifier, all data is cryptographically signed by the issuing authority, and the amount of data presented by the mDL is minimized. 

Visual Studio Code 1.51 released
Visual Studio 1.51 focused on housekeeping GitHub issues and pull requests as documented in the issue grooming guide. 

VS Code now supports installing an extension VSIX file from the Explorer by right-clicking on a VSIX file and choosing the Install Extension VSIX context menu item. The release also added a “local echo” mode to the terminal, which attempts to predict modifications and cursor movements made locally and show them in the UI without requiring a round trip to the server.

The full list of changes and new features in the new version is available here. DevOps Pulse 2020 survey revealed rising observability challenges
The rising observability challenges stem from an increased adoption of cloud-native technologies such as microservices, serverless, and Kubernetes with 87% of respondents reporting that their main challenges lie in these environments. 

The most common difficulties running Kubernetes are monitoring and troubleshooting at 44%,  and other problematic areas include security (35%), networking (34%), and cluster management (30%), according to the report.

“On the other hand, the major change we have seen this year is that open source, driven by the Cloud Native Computing Foundation and other community projects, are increasingly integrated into most cloud-native stacks,” said Jonah Kowall, the CTO of “This presents a silver lining, as the new challenges are opportunities for innovation and creativity in the vibrant open source observability community.”

The post SD Times news digest: Apple to require developers to enter app privacy information in App Store Connect, Android’s mobile driving license, and Visual Studio Code 1.51 appeared first on SD Times.

Read more:


Google reveals most common app store violations and how to avoid them

The Google Play app safety team released a set of tips and guides in an effort to detail the boundaries of app content and functionalities allowed on the platform, as well as provide the latest guidance on how developers can promote and monetize apps.

According to the team, one of the common mistakes is apps that have buttons and menus that link out to the Play Store, whether that’s to apps by the same developer, or other apps that may be affiliated with the developer and not stipulating that these are ads or promotional links. 

One of the ways to avoid such mistakes is by explicitly calling these out by labeling the buttons and links as ‘More Apps’, ‘More Games’, ‘Explore’, ‘Check out our other apps’ to avoid getting flagged as deceptive/disguised ads, Android  explained.  

Other mistakes include writing spammy app descriptions in which developers stuff keywords into the app description in hopes of better discoverability and ranking against certain keywords and phrases. 

“Writing a clear app description intended and optimized for user’s readability and understanding is one of the best ways to avoid this violation,” Andrew Ahn, product manager on Google Play’s app safety team, wrote in a post

When it comes to apps that have been abandoned, broken, or not maintained on the App Store and provide buggy user experiences, the team recommends taking them down to mitigate the negative impact to the developer reputation and app enforcement. The unpublish action won’t affect existing users who already installed the app, and developers can always choose to re-publish them after addressing the broken experiences, the team explained.

Last but not least, app submissions that are just webviews of existing websites designed to drive traffic to the site are considered webview spam and are removed from Play, the team explained. 

The latest Google Play policies are updated and described in detail here.

The post Google reveals most common app store violations and how to avoid them appeared first on SD Times.

Read more:


SD Times news digest: Rookout’s live debugging heatmap, Ionic Vue, and Ignite UI for Blazor

The new Live Debugging Heatmap by Rookout is designed to visualize which applications are causing the most problems within a business. 

“We want to give meaningful insights in a quick and visually appealing way,” said Shahar Fogel, the CEO of Rookout. “We have unique insights into where software developers are spending the most time debugging frustrating applications, and can visualize this information so that management can quickly see where time, money, and resources are being exhausted.”

The heatmap includes quick installation via a hosted SaaS that takes minutes to configure, a leaderboard that shows how many bugs were found in production, and an ROI calculator that indicates how much time and money is being saved. 

Ionic Vue for building apps for iOS, Android, and Progressive Web App
Ionic Vue is a native Vue version of Ionic Framework that was written to take advantage of all the new features that recently shipped in Vue 3.

“The release of Ionic Vue demonstrates that any web developer can build performant, cross platform applications with Ionic Framework using the framework of their choice,” Ionic wrote in a blog post.

The company said it plans on releasing Server Side Rendering (SSR) support for Ionic Vue in the future. 

Ignite UI for Blazor
Users can now build rich Blazor WASM (web assembly) and Blazor Server (ASP.NET Core) applications using your existing C# skills and eliminate the need to use JavaScript.

Built on top of a high-performing and feature-rich data chart, the category chart filters the complexities of data visualization into a simplified API that anyone can use.

It also includes many other graphs and charts for any data visualization needs. The full list of charts is available here.

.NET Live TV announced
.NET Live TV aims to bring content to the developer community and innovates ways to interact in real-time. 

“.NET Live TV takes things to a whole new level with the introduction of new shows and a new website. It is a single place to bookmark so you can stay up to date with live streams across several Twitch and YouTube channels and with a single click can join in the conversation,” Microsoft wrote in a blog post.

Apache weekly update
Last week at the Apache Software Foundation saw the release of Teaclave (incubating) 0.1.0, an open-source universal secure computing platform to make computation on privacy-sensitive data safe and simple. 

Additional releases included Apache SkyWalking CLI 0.4.0, Jackrabbit Oak 1.22.5, as well as a new release of Apache Tomcat. 

Also, Apache celebrated 20 years of OpenOffice, the open source application and personal productivity suite.

The post SD Times news digest: Rookout’s live debugging heatmap, Ionic Vue, and Ignite UI for Blazor appeared first on SD Times.

Read more:


Android Partner Vulnerability Initiative launched to help manage security issues

The Android Security and Privacy Initiative (APVI) was launched to help developers manage security issues specific to Android OEMs. 

“The APVI is designed to drive remediation and provide transparency to users about issues we have discovered at Google that affect device models shipped by Android partners,” the Android team wrote in a blog post.

The APVI covers Google-discovered issues that could potentially affect the security posture of an Android device or its user and is aligned to ISO/IEC 29147:2018 Information technology — Security techniques — Vulnerability disclosure recommendations, according to the company. 

It also covers a wide range of issues that are not serviced or maintained by Google and are handled by the Android Security bulletins. 

“The APVI has already processed a number of security issues, improving user protection against permissions bypasses, execution of code in the kernel, credential leaks and generation of unencrypted backups,” Google stated. 

This includes an issue in which some versions of a third-party pre-installed over-the-air (OTA) update solution, a custom system service in the Android framework exposed privileged APIs directly to the OTA app. Google worked with the impacted OEMs to make them aware of this security issue and provided guidance on how to remove or disable the affected code.

Another fixed issue included a credential leak, in which a  popular web browser pre-installed on many devices included a built-in password manager for sites visited by the user. It also helped discover a ‘checkUidPermission’ method in the ‘PackageManagerService’ class that was modified in the framework code for some devices to allow special permissions access to some apps.

Google also has a number of other security features to help keep the Android platform and ecosystem safe such as the ability to report vulnerabilities in Android code via the Android Security Rewards Program (ASR) or to report vulnerabilities in third-party Android apps through the Google Play Security Rewards Program. 

“Until recently, we didn’t have a clear way to process Google-discovered security issues outside of AOSP code that are unique to a much smaller set of specific Android OEMs,” the team wrote. “The APVI aims to close this gap, adding another layer of security for this targeted set of Android OEMs.”

The post Android Partner Vulnerability Initiative launched to help manage security issues appeared first on SD Times.

Read more:


SD Times news digest: Moment.js is in maintenance mode, .NET 5.0 RC 1 released, and Android GPU Inspector open beta

The Moment.js team has announced the project is now consider in maintenance mode. This means that the working group behind the project will not be adding any new features or capabilities and will not change Moment’s API to be immutable.

“The modern web looks much different these days. Moment has evolved somewhat over the years, but it has essentially the same design as it did when it was created in 2011. Given how many projects depend on it, we choose to prioritize stability over new features,” the developers wrote in a post.

Users that already included Moment.js in their projects can continue to do so, but the developers discourage Moment from being used in new projects going forward.

.NET 5.0 RC 1 released
.NET 5.0 RC 1 includes improvements such as single file applications, smaller container images, more capable JsonSerializer APIs, a complete set of nullable reference type annotations and more.

RC 1 is a near-final release of .NET 5.0, and the first of two RCs before the official release in November.

The RC1 versions of ASP.NET Core and EF Core were also released today.

Additional details are available here.

Android GPU Inspector Open Beta
With the rollout of Android 11 on Pixel, Android GPU Inspector (AGI) has graduated from a limited developer preview to an open beta.

AGI is a graphics profiling tool that allows users to look into the GPU of Android devices to better understand graphics bottlenecks and optimize the performance of games and apps that leverage 3D graphics APIs, according to Android.

It shows system activities including high frequency GPU hardware counters, and, if using Vulkan, GPU activity information.

C11 and C17 support in MSVC
C11 and C17 are now becoming supported language versions in the MSVC compiler toolset starting with Visual Studio 2019 version 16.8 Preview 3.

Since C17 is essentially just a bug fix release of ISO C, with many defect reports being adopted, our support for C11 already includes all the relevant defect reports.

“For many years Visual Studio has only supported C to the extent of it being required for C++. Things are about to change now that a conformant token-based preprocessor has been added to the compiler,” Microsoft wrote in a blog post.

The post SD Times news digest: Moment.js is in maintenance mode, .NET 5.0 RC 1 released, and Android GPU Inspector open beta appeared first on SD Times.

Read more: