
Round 22 of the TechEmpower Frameworks has just finished.
And this time, there was a pascal framework in the race: our little mORMot!
Numbers are quite good, because we are rated #12 among 302 frameworks over 791 runs of several configurations.
2023-10-31
2023-10-31. Open Source › mORMot Framework
Round 22 of the TechEmpower Frameworks has just finished.
And this time, there was a pascal framework in the race: our little mORMot!
Numbers are quite good, because we are rated #12 among 302 frameworks over 791 runs of several configurations.
2023-09-08
2023-09-08. Open Source
You may have noticed that the OpenSSL 1.1.1 series will reach End of Life (EOL) next Monday...
Most sensible options are to switch to 3.0 or 3.1 as soon as possible.
Of course, our mORMot 2 OpenSSL unit runs on 1.1 and 3.x branches, and self-adapt at runtime to the various API incompatibilities existing between each branch.
But we also discovered that switching to OpenSSL 3.0 could led into big performance regressions... so which version do you need to use?
2023-07-20
2023-07-20. Open Source › mORMot Framework
Since its earliest days, our mORMot framework did offer extensive regression tests. In fact, it is fully test-driven, and almost 78 million individual tests are performed to cover all its abilities:
We just integrated those tests to the TranquilIT build farm, and its great LUTI tool. So we have now continuous integration tests over several versions of Windows, Linux, and even Mac!
LUTI is the best mORMot's friends these days.
2023-04-19
2023-04-19. Open Source › mORMot Framework
For most projects, we want to be able to pass some custom values when starting it.
The command line is then used to add this additional information.
We have ParamStr
and ParamCount
global functions, enough to retrieve the information. You may also use FindCmdLineSwitch
for something more easy to work with.
The Lazarus RTL offers some additional methods like hasOption
or getOptionValue
or checkOptions
in its TCustomApplication
class. Their are better, but not so easy to use, and not available on Delphi.
We just committed a new command line parser to our Open Source mORMot 2 framework, which works on both Delphi and FPC, follows both Windows and POSIX/Linux conventions, and has much more features (like automated generation of the help message), in an innovative and easy workflow.
2022-12-28
2022-12-28. Open Source › mORMot Framework
This is perhaps the last new feature of mORMot 2 before its first stable release: a very efficient custom URI routing for our HTTP/HTTPS servers.
At ORM and SOA level, there is by-convention routing of the URI, depending on the ORM table, SOA interface and method, and TOrmModel.Root
value. Even for our MVC web part, we rely on a /root/
URI prefix, which may not be always needed.
Relying on convention is perfect between mORMot clients and servers, but in some cases, it may be handy to have something smoother, e.g. to publish a truly REST scheme.
We introduced two routing abilities to mORMot 2, with amazing performance (6-12 million parsings per CPU core), via a new THttpServerGeneric.Route
property:
/root/interface.method
layout, or to a MVC web page;Article edited on 28th December:
Fixed performance numbers (much higher than reported), and introduced latest source changes.
2022-11-26
2022-11-26. Pascal Programming
A recent poll on the Lazarus/FPC forum highlighted a fact: pascal coders are older than most coders. Usually, at our age, we should be managers, not developers. But we like coding in pascal. It is still fun after decades!
But does it mean that you should not use pascal for any new project? Are the language/compilers/libraries outdated?
In the company I currently work for, we have young coders, just out-of-school or still-in-school, which joined the team and write great code!
And a recent thread in this very same forum was about comparing languages to implement a REST server, in C#, Go, Scala, TypeScript, Elixir and Rust.
Several pascal versions are about to be contributed, one in which mORMot shines.
2021-12-19
2021-12-19. Open Source › mORMot Framework
Generics are a clever way of writing some code once, then reuse it for several types.
They are like templates, or compiler-time shortcuts for type definitions.
In the last weeks, we added a new mormot.core.collections.pas unit, which features:
IList<>
List Storage;IKeyValue<>
Dictionary Storage.In respect to Delphi or FPC RTL generics.collections
, this unit uses interfaces as variable holders, and leverage them to reduce the generated code as much as possible, as the Spring4D 2.0 framework does, but for both Delphi and FPC. It publishes TDynArray
and TSynDictionary
high-level features like indexing, sorting, JSON/binary serialization or thread safety as Generics strong typing.
Resulting performance is great, especially for its enumerators, and your resulting executable size won't blow up as with the regular RTL unit.
2020-03-03
2020-03-03. Open Source › mORMot Framework
The more I think of it, the more I am convinced it is time to change how the
framework is versioned.
We have version 1.18 since years... difficult to follow... time to upgrade!
I would like to upgrade mORMot to version 2 - with a major
refactoring.
2019-10-30
2019-10-30. Open Source › mORMot Framework
I just finished my workshop at EKON 23.
Like every year, it was a great event to attempt to, and I enjoyed presenting 2
sessions and 1 workshop.
Sessions were about "Kingdom Driven Design" (KDD), which is the
name I used to define a cut-down version of "Domain Driven Design" (DDD).
Less paranoid, a bit less isolation, but perhaps more common sense for the less
sensitive projects.
Some presentations and code are now available!
2019-09-18
2019-09-18. Open Source › mORMot Framework
There are still some days to join EKON 23 conferences with the reduced price!
I will make 2 sessions, and 1 workshop, in English (my German is not good
enough), about practical project design and mORMot.
If you find DDD is a bit too much for you, but still want to write clean code,
check this!
2018-11-12
2018-11-12. Pascal Programming
I've uploaded two sets of slides from my presentations at EKON 22 : Object Pascal Clean Code Guidelines Proposal High Performance Object Pascal Code on Servers with the associated source code The WorkShop about "Getting REST with mORMot" has a corresponding new Samples folder in our […]
2016-10-18
2016-10-18. Open Source › mORMot Framework
In order to follow best practice, our .private
key files are
always protected by a password. A random value with enough length and
entropy is always proposed by the ECC
tool when a key pair is
generated, and could be used directly.
It is always preferred to trust a computer to create true randomness (and
SynCrypto.pas
's secure TAESPRNG
was designed to be
the best possible seed, using hardware entropy if available), than using our
human brain, which could be defeated by dictionary-based password
attacks.
Brute force cracking would be almost impossible, since
PBKDF2_HMAC_SHA256
Password-Based Key Derivation Function with
60,000 rounds is used, so rainbow tables (i.e. pre-computed passwords list)
will be inoperative, and each password trial would take more time than with a
regular Key Derivation Function.
The issue with strong passwords is that they are difficult to remember. If
you use not pure random passwords, but some easier to remember values with good
entropy, you may try some tools like https://xkpasswd.net/s which returns values like
$$19*wrong*DRIVE*read*61$$
.
But even then, you will be able to remember only a dozen of such passwords. In
a typical public key infrastructure, you may create hundredths of keys, so
remembering all passwords is no option for an average human being as (you and)
me.
At the end, you end up with using a tool to store all your passwords (last
trend is to use an online service with browser integration), or - admit it -
store them in an Excel
document protected by a password. Most IT
people - and even security specialists - end with using such a mean of storage,
just because they need it.
The weaknesses of such solutions can be listed:
The ECC
tool is able to work in "cheat mode", storing all
.private
key files generated passwords in an associated
.cheat
local file, encrypted using a cheat.public
key.
As a result:
.cheat
file, so you
only unleash one key at a time;.cheat
file content is meaningless without the
cheat.private
key and its master password, so you can manage and
store them together with your .private
files;cheat.public
key is needed when creating a key pair,
so you won't leak your master password, and even could generate keys in an
automated way, on a distant server;cheat.private
key will be safely stored in a separated
place, only needed when you need to recover a password;2016-01-09
2016-01-09. Open Source › mORMot Framework
Once your application is multi-threaded, concurrent data access should be
protected. We already wrote about how debugging multi-thread
applications may be hard.
Otherwise, a "race
condition" issue may appear: for instance, if two threads modify a variable
at the same time (e.g. decrease a counter), values may become incoherent and
unsafe to use. Another symptom of broken logic is the "deadlock", by which the whole
application appears to be blocked and unresponsive, when two threads have a
wrong use of the lock, so are blocking each-others.
On a server system, which is expected to run 24/7 with no maintenance, such
issues are to be avoided.
In Delphi, protection of a resource (which may be an object, or any
variable) is usually done via Critical
Sections.
A critical section is an object used to make sure, that some part of
the code is executed only by one thread at a time. A critical section
needs to be created/initialized before it can be used and be released when it
is not needed anymore. Then, some code is protected using Enter/Leave
methods, which would lock its execution: in practice, only a single
thread would own the critical section, so only a single thread would
be able to execute this code section, and other threads would wait until the
lock is released. For best performance, the protected sections should be as
small as possible - otherwise the benefit of using threads may be voided, since
any other thread would wait for the thread owning the critical section
to release the lock.
We will now see that Delphi's TCriticalSection
may have
potential issues, and what our framework proposes to ease critical
section use in your applications.
2015-12-11
2015-12-11. Open Source › mORMot Framework
We have seen previously how the ORM part of the framework is able to provide
an Audit
Trail for change tracking.
It is a very convenient way of storing the change of state of the data.
On the other side, in any modern SOA solution, data is not at the center any
more, but services.
Sometimes, the data is not stored within your server, but in a third-party
Service-Oriented Architecture (SOA).
Being able to monitor the service execution of the whole system becomes sooner
or later mandatory.
Our framework allows to create an Audit Trail of any incoming or outgoing service operation, in a secure, efficient and automated way.
2015-11-21
2015-11-21. Pascal Programming
There is a very trendy move, since a few years, to value so called "meta-programming".
In short, it is about the ability to treat programs as their data.
It is a very powerful paradigm in functional languages, and it was also
introduced to OOP languages, even in SmallTalk a long time
before this concept was trendy in Ruby, C# or Java.
In OOP compiled languages, reflection is used to achieve a similar behavior
at run-time, mainly via RTTI (Run-Time Type
Information).
Delphi supports
RTTI since its version 1, as it was heavily used e.g. for all UI
streaming.
In our framework, we rely on RTTI for its main features:
ORM, SOA
and
MVC - and even in some other parts, like
Desktop UI generation.
But RTTI could easily be abused.
Here are some thoughts, started as a comment in a
good old Mason's blog article about how RTTI performance may be a
bottleneck.
My comment was to get rid of RTTI, and follow a SOLID
implementation with explicit OOP code, like use of
interface
.
2015-06-01
2015-06-01. Open Source › mORMot Framework
One year ago, we published a set of slides about the main concepts implemented by our framework. Mainly about ORM (and ODM), NoSQL, JSON, SOA, MVC (and MVVM), SOLID, DDD, CQRS and some patterns like Stubs, Mocks, Factory, Repository, Unit-Of-Work. Worth a look, if you want to find out the benefits […]
2015-05-08
2015-05-08. Pascal Programming
There was some discussion about the new
TStringHelper
feature introduced in latest versions of
Delphi.
I was
told to be some kind of archaic guy, not able to see the benefit of
this.
Reducing opinions to a conservative/progressive approach - another famous 10
kinds of coders - is very reductive.
Of course, this was IMHO unfair and my point was that I have the feeling
that some decisions about the Delphi language and RTL are inadequate.
Some changes are welcome. I enjoy the introduction of generics - even if it is
was painful, and even buggy (do not use TList<T> with
managed record types in XE8!).
But some upcoming changes about the string
policy - breaking
everything just because we want to align with mainstream C# or Java habits -
are just non sense to me.
I really think that Embarcadero deciders like to shoot their own foot.
Or - certainly worse - our own feet!
I will post here some part of the discussion...
So that we may be able to share our ideas.
2015-05-03
2015-05-03. Pascal Programming
I've just updated the documentation part about the SOLID Design
Principles.
The former blog article
(almost 4 years old!) sounds like a bit deprecated now...
This is why I would extract here an updated version of this material.
Ensure you checked the corresponding part of the mORMot documentation, which is the updated reference, and probably the easiest to read - including links to all the other documentation.
The acronym SOLID is derived from the following OOP principles (quoted from the corresponding Wikipedia article):
If you have some programming skills, those principles are general statements you may already found out by yourself. If you start doing serious object-oriented coding, those principles are best-practice guidelines you would gain following.
They certainly help to fight the three main code weaknesses:
2015-04-12
2015-04-12. Open Source › mORMot Framework
Usually, in Delphi application (like in most high-level languages), errors
are handled via exceptions. By default, any Exception
raised on the server side, within an interface
-based service
method, will be intercepted, and transmitted as an error to the client side,
then a safe but somewhat obfuscated EInterfaceFactoryException
will be raised on the client side, containing additional information serialized
as JSON.
You may wonder why exceptions are not transmitted and raised directly on the client side, with our mORMot framework interface-based services, as if they were executed locally.
We will now detail some arguments, and patterns to be followed.
2015-03-31
2015-03-31. Open Source › mORMot Framework
As stated during
TSQLRecord fields definition, the ORM is able to maintain a revision
number for any TSQLRecord
table, so that it the table may be
easily synchronized remotely by another TSQLRestServer
instance.
If you define a TRecordVersion
published property, the ORM core
will fill this field just before any write with a monotonically increasing
revision number, and will take care of any deletion, so that those
modifications may be replayed later on any other database.
This synchronization will work as a strict master/slave replication
scheme, as a one-way on demand refresh of a replicated table.
Each write operation on the master database on a given table may be easily
reflected on one or several slave databases, with almost no speed nor storage
size penalty.
« previous entries - page 1 of 5