Best of The New StackSeptember 2024

  1. 1
    Article
    Avatar of newstackThe New Stack·2y

    Learning Linux? Start Here

    Learning Linux has never been easier, thanks to numerous resources and user-friendly distributions. The key areas to focus on include mastering the command line, learning access control methods, managing hardware and services, selecting and deploying a distribution, system maintenance, and configuring networking. Hands-on experience with virtual machines and using tools like Vim, Nano, systemctl, and ssh is essential. Efficient user and permission management, along with understanding package managers and firewalls, are crucial skills for Linux administration. Start with a structured learning plan to become proficient in this versatile operating system.

  2. 2
    Article
    Avatar of newstackThe New Stack·2y

    Most Dangerous JavaScript Vulnerabilities To Watch For in 2025

    JavaScript remains a top programming language but is vulnerable to various security threats. These include advanced XSS attacks, CSRF, server-side JS injection, formjacking, prototype pollution, IDOR, and supply chain attacks. To mitigate these risks, developers need to implement secure coding practices, including correct input validation, use of security tokens, and regular integrity checks.

  3. 3
    Article
    Avatar of newstackThe New Stack·2y

    Introduction to Payload, a Headless CMS and App Framework

    Payload is a headless CMS and application framework designed to separate content storage from presentation, allowing developers to use any frontend they prefer. It supports granular access control and collections management through code. Currently, Payload is undergoing significant changes towards version 3, making its documentation temporarily inconsistent. The CMS supports both REST and reusable component architecture, providing developers with flexibility in managing content and roles.

  4. 4
    Article
    Avatar of newstackThe New Stack·2y

    3 API Vulnerabilities Developers Accidentally Create

    Ethical hacker Katie Paxton-Fear highlights common API vulnerabilities that developers often overlook, emphasizing the importance of understanding application logic and prioritizing security. Examples include improper authentication mechanisms and ignoring the necessity of documentation. Paxton-Fear argues that tackling these issues requires a shift in IT culture to prioritize security alongside development tasks.

  5. 5
    Article
    Avatar of newstackThe New Stack·2y

    Spring AI Transforms Java for GenAI App Delivery

    Generative AI has gained significant attention for its ability to create media using large language models (LLMs). Incorporating GenAI models into applications opens up new possibilities for developing features previously unattainable due to practical or cost constraints. Spring AI, an extension for Spring and Spring Boot, offers Java developers a framework for working with various AI providers, enabling them to build enterprise-ready AI applications using familiar tools. It supports multiple model types and providers, simplifying complex interactions and integrating enterprise data efficiently. RAG and function calling techniques further enhance AI model capabilities.

  6. 6
    Article
    Avatar of newstackThe New Stack·2y

    Linux: SSH and Key-Based Authentication

    Secure Shell (SSH) is a critical remote administration tool for Linux systems. This post discusses how to configure basic SSH and key-based authentication, which enhances security and simplifies remote server management. Key-based authentication is emphasized for its automation benefits, eliminating the need for manual password entry. Additional configurations are provided to further secure SSH connections, including modifying firewall settings and logging. SSH is crucial in CI/CD and orchestration pipelines, providing secure remote connectivity across various platforms.

  7. 7
    Article
    Avatar of newstackThe New Stack·2y

    PostgreSQL 17 Gets Incremental Backup, SQL Queries for JSON

    PostgreSQL 17 introduces several major features including incremental backup, improved replication slots, and enhanced JSON query support. Incremental backup allows for faster recovery times and is more suitable for large databases. The update to replication slots ensures database consistency during failovers. Additionally, users can now query JSON data types using standard SQL statements, thanks to new JSON compatibility improvements.

  8. 8
    Article
    Avatar of newstackThe New Stack·2y

    What a CTO Learned at Nvidia About Managing Engineers

    Xun Wang, CTO of Bloomreach, discusses the lessons he learned from his time at Nvidia about effectively managing engineers. He emphasizes the importance of aligning organizational structure with product architecture, a principle he learned from Nvidia's founder, Jensen Huang. Wang also highlights how generative AI has revolutionized application development and stresses the need for continuous learning in the rapidly evolving tech landscape. His approach combines deep technical understanding with empathetic leadership to address engineering challenges effectively.

  9. 9
    Article
    Avatar of newstackThe New Stack·2y

    Boost LLM Results: When to Use Knowledge Graph RAG

    Retrieval-augmented generation (RAG) systems sometimes fail to go deep enough into document sets, leading to shallow or incorrect responses. Using knowledge graphs can enhance RAG systems by connecting related documents more effectively. This method is especially useful for legal documents, technical documentation, research publications, and interconnected websites. Knowledge graphs use well-defined connections like HTML links, specialized keywords, and document structures to improve information retrieval and accuracy.

  10. 10
    Article
    Avatar of newstackThe New Stack·2y

    For Infrastructure as Code, CI/CD Can Beat Terraform

    With the evolving DevOps landscape and the influx of modern CI/CD tools like Jenkins, GitHub Actions, and Argo CD, the relevance of TACOS (Terraform Automation and Collaboration Software) is being questioned. Managing a dedicated TACOS pipeline introduces complexity, potential security risks, and fragmentation. Consolidating IaC into existing CI/CD platforms can streamline processes, reduce cognitive load, and improve efficiency across development and infrastructure teams.

  11. 11
    Article
    Avatar of newstackThe New Stack·2y

    AI Demands More Than Just Technical Skills From Developers

    In the AI-integrated development environment, developers need more than just technical skills. Soft skills such as reasoning, curiosity, creativity, and accountability become crucial. With AI tools taking a significant role in the coding process, developers must understand the problem deeply and employ critical-thinking and empathy. They should perceive AI as an intern needing guidance to yield optimal results. Moreover, developers face ethical and intellectual property challenges that require sound reasoning and context understanding.

  12. 12
    Article
    Avatar of newstackThe New Stack·2y

    Python Under the Hood

    Python is a dynamic, strongly typed, interpreted language. Unlike static languages where variable types are fixed at compile time, Python infers variable types at runtime allowing for more flexibility. It also ensures type safety, preventing unexpected changes without explicit conversions. The Python runtime, including CPython, is responsible for interpreting code, managing memory, and providing extensive standard libraries for various tasks.

  13. 13
    Article
    Avatar of newstackThe New Stack·2y

    How To Build a RAG Agent With Nvidia NIM and LangChain

    Learn how to build an intelligent application that combines Retrieval-Augmented Generation (RAG) and tool calling using Nvidia NIM and LangChain. This system provides real-time flight status updates and detailed baggage information by integrating these technologies. The guide covers prerequisites, setting up the environment, initializing the language model, creating a flight status tool, binding tools to the language model, document loading and processing, setting up vector stores, implementing retrieval functions, and building the RAG chain.

  14. 14
    Article
    Avatar of newstackThe New Stack·2y

    Is Terraform Dead? Revive Your Infrastructure as Code Strategy

    The landscape of Infrastructure as Code (IaC) tools is shifting dramatically with HashiCorp's licensing changes and acquisition by IBM. Other major shifts include acquisitions of Chef by Progress and Puppet by Perforce, as well as AWS's transition from CloudFormation to CDK. New competitors like CrossPlane, OpenTofu, Pulumi, and Valkey are emerging, prompting enterprises to revisit their IaC strategies to stay adaptable in a rapidly evolving environment.

See all The New Stack archives