You should have noticed that Delphi 10.1 Berlin has been released. Our Open Source projects, including mORMot and SynPDF and their associated documentation have been updated to support this new revision. Any additional feedback is welcome, as usual!
Tag - blog
2016-04-09
AES-256 based Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)
2016-04-09. Open Source › mORMot Framework
Everyone knows about the pascal random()
function.
It returns some numbers, using a linear
congruential generator, with a multiplier of 134775813,
in its Delphi implementation.
It is fast, but not really secure. Output is very predictable, especially if
you forgot to execute the RandSeed()
procedure.
In real world scenarios, safety always requires random numbers, e.g. for
key/nonce/IV/salt/challenge generation.
The less predictable, the better.
We just included a Cryptographically
Secure Pseudo-Random Number Generator (CSPRNG) into our
SynCrypto.pas unit.
The TAESPRNG class would use real system entropy to generate
a sequence of pseudorandom bytes, using AES-256, so returning highly
unpredictable content.
2016-01-09
Safe locks for multi-thread applications
2016-01-09. Open Source › mORMot Framework
Once your application is multi-threaded, concurrent data access should be
protected. We already wrote about how debugging multi-thread
applications may be hard.
Otherwise, a "race
condition" issue may appear: for instance, if two threads modify a variable
at the same time (e.g. decrease a counter), values may become incoherent and
unsafe to use. Another symptom of broken logic is the "deadlock", by which the whole
application appears to be blocked and unresponsive, when two threads have a
wrong use of the lock, so are blocking each-others.
On a server system, which is expected to run 24/7 with no maintenance, such
issues are to be avoided.
In Delphi, protection of a resource (which may be an object, or any
variable) is usually done via Critical
Sections.
A critical section is an object used to make sure, that some part of
the code is executed only by one thread at a time. A critical section
needs to be created/initialized before it can be used and be released when it
is not needed anymore. Then, some code is protected using Enter/Leave
methods, which would lock its execution: in practice, only a single
thread would own the critical section, so only a single thread would
be able to execute this code section, and other threads would wait until the
lock is released. For best performance, the protected sections should be as
small as possible - otherwise the benefit of using threads may be voided, since
any other thread would wait for the thread owning the critical section
to release the lock.
We will now see that Delphi's TCriticalSection may have
potential issues, and what our framework proposes to ease critical
section use in your applications.
2015-12-11
Audit Trail for Services
2015-12-11. Open Source › mORMot Framework
We have seen previously how the ORM part of the framework is able to provide
an Audit
Trail for change tracking.
It is a very convenient way of storing the change of state of the data.
On the other side, in any modern SOA solution, data is not at the center any
more, but services.
Sometimes, the data is not stored within your server, but in a third-party
Service-Oriented Architecture (SOA).
Being able to monitor the service execution of the whole system becomes sooner
or later mandatory.
.jpg)
Our framework allows to create an Audit Trail of any incoming or outgoing service operation, in a secure, efficient and automated way.
2015-11-21
Try to avoid RTTI (ab)use
2015-11-21. Pascal Programming
There is a very trendy move, since a few years, to value so called "meta-programming".
In short, it is about the ability to treat programs as their data.
It is a very powerful paradigm in functional languages, and it was also
introduced to OOP languages, even in SmallTalk a long time
before this concept was trendy in Ruby, C# or Java.
In OOP compiled languages, reflection is used to achieve a similar behavior
at run-time, mainly via RTTI (Run-Time Type
Information).
Delphi supports
RTTI since its version 1, as it was heavily used e.g. for all UI
streaming.
In our framework, we rely on RTTI for its main features:
ORM, SOA
and
MVC - and even in some other parts, like
Desktop UI generation.
But RTTI could easily be abused.
Here are some thoughts, started as a comment in a
good old Mason's blog article about how RTTI performance may be a
bottleneck.
My comment was to get rid of RTTI, and follow a SOLID
implementation with explicit OOP code, like use of
interface.
2015-11-17
Benefits of interface callbacks instead of class messages
2015-11-17. Open Source › mORMot Framework
If you compare with existing client/server SOA solutions (in Delphi, Java,
C# or even in Go or other frameworks), mORMot's
interface-based
callback mechanism sounds pretty unique and easy to work with.
Most Events Oriented solutions do use a set of dedicated
messages to propagate the events, with a centralized Message
Bus (like MSMQ or
JMS), or a
P2P/decentralized approach (see e.g. ZeroMQ or NanoMsg). In practice, you are expected to
define one class per message, the class fields being
the message values. You would define e.g. one class to notify a
successful process, and another class to notify an error. SOA
services would eventually tend to be defined by a huge number of individual
classes, with the temptation of re-using existing classes in several
contexts.
Our interface-based approach allows to gather all events:
- In a single
interfacetype per notification, i.e. probably per service operation; - With one method per event;
- Using method parameters defining the event values.
Since asynchronous notifications are needed most of the time, method
parameters would be one-way, i.e. defined only
as const - in such case, an evolved algorithm would
transparently gather those outgoing messages, to enhance scalability when
processing such asynchronous events. Blocking request may also be defined
as var/out, as we will see below, inWorkflow
adaptation.
Behind the scene, the framework would still transmit raw messages over IP
sockets (currently over a
WebSockets connection), like other systems, but events notification would
benefit from using interfaces, on both server and client sides.
We will now see how...
2015-10-23
Letters of Hope
2015-10-23. Pascal Programming
As we already notified in this blog, Embarcadero has been finally bought by IDERA. Delphi users received a letter from Randy Jacops, IDERA CEO. Written in my mother language, in perfect French. Nice! The letter states that they have 20,000 customers... It sounds more realistic than the numbers […]
2015-10-05
Delphi 10 Seattle Win64 compiler Heisenbug: unusable target
2015-10-05. Pascal Programming
Andy reported that he was not able to validate its IDE fix pack for Delphi 10 Seattle, due to its Win64 compiler not being deterministic anymore. The generated code did vary, from one build to other. Sadly, on our side, we identified that the code generated by the Win64 compiler of Delphi 10 Seattle […]
2015-09-28
mORMot show case: Illustrated Spare Parts Catalog
2015-09-28. Open Source › mORMot Framework
Illustrated Spare Parts Catalog is, as its name suggests, a software for creating and publishing spare parts catalogs. It uses mORMot for client-server communication and ORM, and SynPdf for the reporting. Sounds like a powerful solution. It is also a testimony that you could use big databases (20 GB […]
2015-09-25
ORM TNullable* fields for NULL storage
2015-09-25. Open Source › mORMot Framework
In Delphi code, NULLable types do not exist as such. There is no
native int? type, as in C#.
But at SQL and JSON levels, the NULL value does exist and should be converted
as expected by the ORM.
In SQLite3 itself, NULL is handled as stated in http://www.sqlite.org/lang_expr.html
(see e.g. IS and IS NOT operators).
It is worth noting that NULL handling is not consistent among all existing
database engines, e.g. when you are comparing NULL with non NULL values... so
we recommend using it with care in any database statements, or only with proper
(unit) testing, when you switch from one database engine to another.
By default, in the mORMot ORM/SQL code, NULL will appear only in
case of a BLOB storage with a size of 0 bytes.
Otherwise, you should not see it as a value,
in most kinds of ORM properties.
Null-oriented value types have been implemented in our framework, since the object pascal language does not allow defining a nullable type (yet).
We choose to store those values as variant, with a set of
TNullable dedicated types, as defined in
mORMot.pas:
type TNullableInteger = type variant; TNullableBoolean = type variant; TNullableFloat = type variant; TNullableCurrency = type variant; TNullableDateTime = type variant; TNullableTimeLog = type variant; TNullableUTF8Text = type variant;
2015-09-21
Embarcadero bought by Idera
2015-09-21. Pascal Programming
Just a link found on Internet. Jefferies is also leading a US$425m covenant-lite credit to back Idera's acquisition of Embarcadero Technologies. Idera is backed by TA Associates. The deal, which launches on Thursday, includes a US$25m revolving credit, a US$300m first-lien term loan and a US$100m […]
2015-09-17
AVAST did detect ALL Delphi programs as dangerous
2015-09-17. Pascal Programming
Today, an avalanche of "false
postitive detection" of AVAST heuristic engine did occur.
Any executable built with Delphi XE8 or Delphi 10 Seattle was identified as a
Win32:Banker-MGC [Trj] threat!
Heuristic analysis is a method employed by many computer antivirus programs designed to detect previously unknown computer viruses, as well as new variants of viruses already in the "wild".
2015-09-16
Feedback from the Wild
2015-09-16.
We just noticed a nice feedback from a mORMot user. Vojko Cendak commented the well-known DataSnap analysis based on Speed & Stability tests blog article written by Roberto some months years (!) ago. It is not meant to be the final word, perhaps there was some tuning possible for RTC (which is […]
2015-09-14
Performance issue in NextGen ARC model - much better now
2015-09-14.
Back in 2013, I found out an implementation weakness in the implementation
of ARC weak references in the RTL.
A giant lock
was freezing all threads and cores, so would decrease a lot the performance
abilities of any ARC application, especially in multi thread.
I just investigated that things are now better.
2015-08-31
Delphi 10 = DX Seattle is out, mORMot supports it
2015-08-31. Pascal Programming
We expected Delphi XE9, and now we have Rad Studio 10 Seattle, with Delphi renamed as Delphi 10 Seattle, or simply DX. No big news for the Delphi compiler itself (we are still waiting for Linux server support), but a lot of FireMonkey updates, Windows 10 compatibility enhancements, enhancements to […]
2015-08-24
Introducing Delphinus PackageManager
2015-08-24. Pascal Programming
You may have missed the news. So I relay here the information from Delphinus PackageManager blog article. Delphinus is a new Package Manager, which runs on Delphi XE and newer, directly from within your IDE. It is GitHub-based, and fairly easy to add a reference to. Of course, I tried to add mORMot […]
2015-08-23
"SQL and NoSQL", not "SQL vs NoSQL"
2015-08-23. Open Source › mORMot Framework
You know certainly that our mORMot Open Source framework is an ORM,
i.e. mapping objects to a relational / SQL database (Object
Relational Mapping).
You may have followed also that it is able to connect to a
NoSQL database, like MongoDB, and
that the objects are then mapped via an ODM (Object
Document Mapping) - the original SQL SELECT are even
translated on the fly to MongoDB queries.
But thanks to mORMot, it is not "SQL vs NoSQL" - but
"SQL and NoSQL".
You are not required to make an exclusive choice.
You can share best of both worlds, depending on your application needs.
In fact, the framework is able to add NoSQL features to a regular relational / SQL database, by storing JSON documents in TEXT columns.
In your end-user code, you just define a variant field in
the ORM, and store a
TDocVariant document within.
We also added some dedicated functions at SQL level, so that
SQLite3 could be used as embedded fast engine, and provide
advanced WHERE clauses on this JSON content.
2015-08-15
Breaking Change in mORMot WebSockets binary protocol
2015-08-15. Open Source › mORMot Framework
Among all its means of transmission, our mORMot framework
features
WebSockets, allowing bidirectional communications, and interface-based
callbacks for real time notification of SOA events.
After several months of use in production, we identified some needed changes
for this just emerged feature.
We committed
today a breaking change of the data layout used for our proprietary
WebSockets binary protocol.
From our tests, it would increase the performance and decrease the resource
consumption, especially in case of high number of messages.
2015-07-14
New blog about mORMot
2015-07-14. Open Source › mORMot Framework
An enthusiastic mORMot user, named willo in the forum, just started a blog about his experiments with our framework.
The information there is clear, simple, and right to the point.
If you are a little lost in our huge documentation, it is a good place to
start!
2015-06-30
Faster String process using SSE 4.2 Text Processing Instructions STTNI
2015-06-30. Open Source › mORMot Framework
A lot of our code, and probably yours, is highly relying on text process. In our mORMot framework, most of its features use JSON text, encoded as UTF-8. Profiling shows that a lot of time is spent computing the end of a text buffer, or comparing text content. You may know that In its SSE4.2 feature […]
« previous entries - page 3 of 14 - next entries »
