SD Times May 2022 by d2emerge

MAY 2022 • VOL. 2, ISSUE 59 • $9.95 • www.sdtimes.com

IFC_SDT054.qxp_Layout 1 11/17/21 11:09 AM Page 2

Instantly Search Terabytes

www.sdtimes.com EDITORIAL EDITOR-IN-CHIEF David Rubinstein drubinstein@d2emerge.com NEWS EDITOR Jenna Sargent jsargent@d2emerge.com MULTIMEDIA EDITOR

dtSearch’s document filters support: popular file types emails with multilevel attachments

Jakub Lewkowicz jlewkowicz@d2emerge.com SOCIAL MEDIA AND ONLINE EDITOR Katie Dee kdee@d2emerge.com

a wide variety of databases

ART DIRECTOR

web data

Mara Leonardi mleonardi@d2emerge.com CONTRIBUTING WRITERS

2YHU VHDUFK RSWLRQV LQFOXGLQJ efficient multithreaded search

Jacqueline Emigh, Elliot Luber, Caryn Eve Murray, George Tillmann CONTRIBUTING ANALYSTS Enderle Group, Gartner, IDC, Intellyx

HDV\ PXOWLFRORU KLW KLJKOLJKWLQJ forensics options like credit card search

CUSTOMER SERVICE SUBSCRIPTIONS subscriptions@d2emerge.com ADVERTISING TRAFFIC Mara Leonardi mleonardi@d2emerge.com

Developers: 6'.V IRU :LQGRZV /LQX[ PDF26

LIST SERVICES Jessica Carroll jcarroll@d2emerge.com

&URVV SODWIRUP $3,V FRYHU & -DYD and recent NET (through NET 6)

)$4V RQ IDFHWHG VHDUFK JUDQXODU GDWD FODVVLILFDWLRQ $]XUH $:6 DQG PRUH

REPRINTS reprints@d2emerge.com ACCOUNTING accounting@d2emerge.com

ADVERTISING SALES

Visit dtSearch.com for KXQGUHGV RI UHYLHZV DQG FDVH VWXGLHV IXOO\ IXQFWLRQDO HQWHUSULVH DQG developer evaluations

PUBLISHER David Lyman 978-465-2351 dlyman@d2emerge.com MARKETING AND DIGITAL MEDIA SPECIALIST Andrew Rockefeller arockefeller@d2emerge.com

The Smart Choice for Text Retrieval® since 1991

dtSearch.com 1-800-IT-FINDS

PRESIDENT & CEO David Lyman

D2 EMERGE LLC www.d2emerge.com

CHIEF OPERATING OFFICER David Rubinstein

Contents

VOLUME 2, ISSUE 59 • MAY 2022

FEATURES

NEWS 4

News Watch

Infrastructure as Code:

Go: The language of cloud-native development

Keeping developers productive, keeping organizations safe

CloudBees announces community edition of its Feature Management solution

New Relic service level management feature helps operationalize SRE best practices

page 6

Great Expectations The customer experience comes down to reliability and good UX

COLUMNS 20 ANALYST VIEW by Jason English Product-driven or design-led?

21 GUEST VIEW by Shaun Foreman About inclusive design

page 14 22 INDUSTRY WATCH by Ken Mugrage The changing economics of open source

Hybrid work requires collaboration tools to keep developers connected

page 16

Software Development Times (ISSN 1528-1965) is published 12 times per year by D2 Emerge LLC, 2 Roberts Lane, Newburyport, MA 01950. Periodicals postage paid at Plainview, NY, and additional offices. SD Times is a registered trademark of D2 Emerge LLC. All contents © 2022 D2 Emerge LLC. All rights reserved. The price of a one-year subscription is US$179 for subscribers in the U.S., $189 in Canada, $229 elsewhere. POSTMASTER: Send address changes to SD Times, 2 Roberts Lane, Newburyport, MA 01950. SD Times subscriber services may be reached at subscriptions@d2emerge.com.

SD Times

May 2022

www.sdtimes.com

NEWS WATCH AWS Amplify Studio now generally available AWS recently announced the general availability of Amplify Studio, a visual interface that works to simplify front- and back-end development for web and mobile applications. The platform was first presented as a preview during AWS re:Invent 2021. With this, users gain access to an integration with Figma, helping designers and frontend developers to work collaboratively on design and development tasks. The GA version also offers new features such as support for UI event handlers, component theming, and improvements in how users can extend and customize generated components from code. Additionally, Amplify Studio extends on the ease of configuration that is provided by AWS Amplify by bringing it to front-end developers who can then use it to work with prebuilt and custom UI components for those applications.

Node.js 18 release updates V8 JS engine The latest release includes an update to the V8 JavaScript engine, global fetch enabled by default, and a core test runner module. The V8 engine has been upgraded to version 10.1. This latest version is part of Chromium 101. Upgrading to this latest version unlocked features like the findLast and findLastIndex array methods, improvements to the Intl.Locale API, the Intl.supportedValuesOf functions, and improved performance of class fields and private class methods. The implementation for global fetch is based on undici-fetch. The team is working to make the implementation as close to spec compliant as possible, but since it requires things not present in backend networking, certain aspects of the spec were omitted. Currently the global fetch API is experimental and will remain so until more test coverage can be added. Node.js 18 will be the cur-

People on the move n Ivanti has announced that as of April 25, Dennis Kozak will serve as its new chief operating officer. He will be overseeing the company’s marketing, global sales, customer experience, and operations. His previous roles include leadership positions at Avaya and CA Technologies. n Sanjay Poonen has joined service mesh company Tetrate as a new strategic advisor. Poonen previously was COO at VMware and president at SAP. He also held software engineering roles at Microsoft and Apple earlier in his career. n Blackbaud has appointed Sudip Datta as its chief product officer. He will oversee the company’s product portfolio, which includes product life cycles, roadmaps, and strategy. He previously led AIOps and observability at Broadcom, was vice president of products at Oracle, and held positions at IBM and Fujitsu-ICL.

rent Node.js release for the next six months and will be promoted to Long-Term Support in October 2022. At this point the release will be renamed with the codename Hydrogen and will be supported until April 2025.

Sysdig releases new vulnerability prioritization feature Sysdig announced the release of Risk Spotlight, a vulnerability prioritization feature based on runtime intelligence. The feature enables teams to reduce vulnerabilities by 95% and allows developers to focus on shipping applications faster, according to Sysdig. It also delivers vulnerability details such as CVSS vector from multiple sources, the fix version, and links to publicly available exploits to manage vulnerability risk at scale. The feature provides a single view of vulnerability risk across a container lifetime from build to runtime. Developers will also receive a package-centric view of vulnerabilities along with the fixes and upgrades that they need to apply.

CodeGym launches donation program to help Ukrainians Since Russia’s initial attack on Ukraine, 53% of Ukrainian citizens have lost their jobs and over 4.5 million have been forced to flee the country, according to CodeGym, the Ukrainian online course for learning Java programming. The company is matching every purchase of monthly and yearly subscriptions with two donations to Ukrainian residents in order to help

those who are suffering start a new career in IT. For a limited time, CodeGym can offer 5,000 unemployed Ukrainians free access to the company’s Java educational platform to help them get back on their feet and start fresh with a new career.

TIBCO updates WebFOCUS platform With the release of TIBCO WebFOCUS 9.0.0, the company announced stronger data access, AI/ML capabilities, and developer tools. One new feature, TIBCO WebFOCUS Container Edition provides users with a scalable, microservices-based platform for container-based deployments. It offers on-demand compute and parallel processing with which customers can scale their environments and run multiple tasks concurrently. Also with the addition of Hub, users can access content and data across any device through a workspace and applications directory to simplify data access. The Hub can visualize recent and important data contained in a personalized home screen for faster access. Key enhancements to TIBCO WebFOCUS Designer capabilities now include the streamlined ability to create, manage, and stage datasets when authoring content.

GitHub’s Dependabot alerts code calls a vulnerability Dependabot alerts use GitHub’s precise code navigation engine to determine if a repository directly calls a vulnerable function. The new feature marks a shift in how GitHub curates

www.sdtimes.com

Google Play to update target level API requirements Google is introducing policy changes to Google Play to better protect Android users. New target level API requirements will prevent users from installing apps that don’t have the latest privacy and security features. Beginning on November 1, 2022, existing apps that don’t target an API level that is within two years of the most recent major Android release won’t be available for download for users of devices that are running OS versions that are higher than the target API level. Google plans to continually adjust this requirement window in accordance with new Android releases. The reason behind these changes is that Google believes users running the latest devices expect to receive the full privacy and security protections from Android, but installing an older app without the latest security updates could make their devices vulnerable. information on vulnerable packages from the Advisory Database to curating information on affected functions for each source library. GitHub performs static analysis with functions in order to generate an affected call graph for a repository, which surfaces on a Dependabot alert. The implementation is powered by stack graphs, which powers Precise Code Navigation and provides a noconfiguration experience that works on any advisories with annotated vulnerable functions, according to GitHub. GitHub announced that it has details of vulnerable functions for 79 Python advisories from the pip ecosystem and that it will continue backfilling data on vulnerable functions for Python advisories through the beta, as well as supporting any new Python advisories.

IntelliJ IDEA 2022.1 is now available With IntelliJ IDEA 2022.1, customers gain multiple enhancements and new features all geared at improving user experience. This release introduces the Dependency Analyzer that

works to facilitate dependency management and conflict resolution. Another update is the Notifications tool window, which brings users a new way to receive and store notifications from the IDE. Additionally, the updated New Project wizard works to simplify the process of launching new projects no matter the scale or level of complexity. IntelliJ IDEA 2022.1 also brings users upgrades to Code Vision inlay hints with Code Author hints as well as enables them all by default to offer users instant insights about their code directly in the editor. Support has also been added for the new features in Java 18 and improvements have been brought to the IDE’s performance with Kotlin.

Microsoft announces the release of .NET 7 Preview 3 This release brings users enhancements to observability, startup times, codegen, GC regions, Native AOT compilation, and more. Interested users can download .NET 7 Preview 3 for Windows, macOS, and Linux. It has also been tested with Visual Studio 17.2 Preview 3.

Microsoft recommends using the preview channel builds to try .NET 7 with Visual Studio family products. With Native AOT, pre-compilation is brought to .NET desktop client and server scenarios. According to Microsoft, this addition does not serve to replace existing technology, but rather to offer a new set of capabilities that allows users access to new form factors. This preview release also adds support for new cloud native OpenTelemetry specifications. This includes specification updates #988 and #1708 that make the trace state mutable for samplers.

GitHub announces updates to Discussions GitHub recently announced new features being added to GitHub Discussions in order to help users communicate, collaborate, and connect with their teams about the software they are building. GitHub Discussions will now be supported at the organization level for open-source projects, enterprises, and development teams. This change comes after discovering that scoping discussions to individ-

May 2022

SD Times

ual repositories became a road block for organizations with multiple repositories. Organization Discussions works to simplify centralizing communications across projects to gain a better understanding of what’s happening within the community, team, and company. Based on customer requests, the GitHub team is also bringing Polls to Discussions. Now, when creating a new discussion, users have the ability to select the Poll category to create a Poll. This feature allows customers to add up to eight polling options for teams to respond to.

Microsoft debuts 1st .NET MAUI release candidate Microsoft announced the release of the first .NET Multiplatform App UI (.NET MAUI) Release Candidate. .NET MAUI leverages platform SDKs for Android, iOS, macOS, and Windows, which are included in this release. Developers can use the SDKs directly with C# in addition to maximizing code sharing and productivity with .NET MAUI. .NET MAUI includes over 40 layouts and controls optimized for building adaptive UIs across both desktop and mobile platforms. Developers can also share their Blazor web components directly in .NET MAUI apps while having access to native device capabilities and packaging. By using .NET MAUI and Blazor together, one can reuse one set of web UI components across mobile, desktop, and web. The new release candidate improves upon the Xamarin .Forms architecture by adding low-code hooks to modify many things. z

SD Times

May 2022

www.sdtimes.com

BY DAVID RUBINSTEIN evelopers have always had a need for infrastructure. But with the need to update applications or websites quickly to take advantage of changing market conditions, the idea of asking IT to spin up an environment and having to wait sometimes days for it no longer works for organizations trying to keep pace. In short, developer productivity was suffering. Enter infrastructure as code (IaC), touched off by the launch of public cloud services, which allowed developers to easily consume them just when they needed them. But if you had to submit a request to engage with those services, and wait for a reply, public cloud services never would have succeeded, according to Naveen Chhabra, analyst at Forrester. So, why infrastructure as code? Why not infrastructure as infrastructure? Chhabra said, “The primary persona using those called cloud services were the application developers, and the application developers know how to code.” So, he said, this became the goto mechanism to get storage, unit computing, a new database or containers, whereby these services could be consumed in a codified manner. But this is not confined to the public cloud. VMware, for instance, offers a provider, which Chhabra said is an abstraction layer of an infrastructure component. “Call an API, or call that provider, and I will give you the resources,” he explained.

Growing infrastructure complexity When cloud services first emerged, developers were able to easily set up testing and staging environments before an application was deployed. Today, organizations are dealing with hybrid and multi-cloud environments, as well as Kubernetes architectures, service meshes and serverless applications, to name but a few. According to Aaron Kao, vice president of marketing at universal IaC platform provider Pulumi, a typical application today has something like 400 different services in it. Yet many of the current IaC tools are either markup languages or DSLs

(domain specific languages). “What’s happening with these older IaC tools that are based on DSLs, they start having to add a lot of features into that DSL, and someone recently told me, it’s like DSLs are just like poor facsimiles of … real programming languages, because there’s leaky abstractions, and there’s increasing complexities that you’re trying to address that you keep having to shoehorn things into its features,” Kao said. Because of this complexity, organizations find themselves in a struggle with their competitors to hire full-stack developers, knowledgeable in application development and what’s needed on the back end to deploy those applications. But because the price tag for these developers is high, organizations might not want them struggling to create infrastructure, or letting them create IaC without guard rails. Ronak Rahman, developer relations manager at infrastructure provider Quali said, “Who creates those guard rails? And they need things that are watching for security. Is it my developer’s problem that the Docker file or the container

that I’m building … has a security flaw in it? You see companies trying to [add guardrails] with their TerraForm scripts so that developers don’t have to care about that; they can just provision their software.”

Keep productivity high To keep developers productive, Kao said, “It’s really about streamlining. Instead of having multiple tool sets to do infrastructure and do application development, you can use one.. And instead of, let’s say you have a separate IaC system, you know, like, well, there’s a lot of tooling that needs to go get built with that.” So, IaC providers such as Pulumi are seeing the need to integrate with the tools and programming languages where developers live. One thing related to developer productivity is infrastructure and application drift, according to Roxana Ciobanu, CTO and co-founder at Bunnyshell, an environment-as-a-service platform. “It is inevitable for issues to appear in development when engineers work in environments with out-of-sync infrastructures and old application versions,” she

www.sdtimes.com

said. “Drift detection is one half of the solution, and automatic remediation is the other half, and that’s where we see a lot of challenges.” To properly solve code drift, she said, any change should automatically be detected, corrected or merged into all existing development, stage or production environments.”

Has DevOps marginalized IT? There always has been territorial behavior when it comes to IT. Developers write code, operations engineers set up policies and governance that make sure infrastructure is used in a way that doesn’t hurt the organization. According to Forrester’s Chhabra, the infrastructure owners’ involvement arises out of the governance needs. “We have seen examples of again, these are not the only reasons, but we’ve seen examples of excessive cloud spend. So can I bring in a governance layer, which says, ‘Hey, you get the infrastructure, type of infrastructure, size of infrastructure, duration of infrastructure, what you actually need, and you don’t leave it overnight unattended, running, you know, without us.’ So can I put that

time bound? A time foundation to how long? What, where, and when can you actually use the resources? So that’s the foundation of where these governance requirements are coming from.” Rahman sees it less as developers taking something from IT and more as operations engineers not keeping their skills up to date. That phenomenon, though, is not limited to the technology industry. In journalism, for example, older print editors can be resentful of the shift in newspapers toward multimedia presentations and younger reporters coming in with video and social media skills. In technology, another good example is mainframe programmers who were facile with COBOL but didn’t keep up as client/server and new languages emerged for more modern software development. “I think the marginalization is a symptom of, you know, this whole lack of trust and … I think the solution there is just update your skills for the digitization,” Rahman said. “You know, you’re not racking and stacking servers anymore, and hopefully, you’re not going in a cold room and you know, organizing your wires. So, you know, we need new skills to get us to live our art and live our best life.” Part of the problem, Rahman noted, is that historically, developers and IT have had different goals. Developers want to innovate on new products and features; IT wants to ensure systems stay up and running, comply with regulations such as HIPAA and SarbanesOxley, and keep costs under control. “I see developers more as creative artists deep in their art,” Rahman said. “And IT and centralized DevOps represent the business interests, you know, they’re in a whole different org structure, and they’re in charge with making sure guardrails exist, governance exists. I’m not answering to the product team on products coming out of the pipeline faster. So there are two different concerns. There’s the business concerns with absolutely legitimate governance, costs and security. And then there’s the developer’s interest, which is a minus of interest. ‘I don’t want to care about

May 2022

SD Times

infrastructure. You know, that’s cool that you gave me tools, but I’m just gonna learn how good enough to do what I want to do, which is bang out awesome features.’”

Governance is critical Traditional IT involvement in infrastructure arises out of the need for governance. One area that’s particularly important to the business is security. Forrester’s Chhabra explained: “Because of security concerns, I don’t want to be running across all public cloud providers or all infrastructure vendors, and find that now as an organization, I’m responsible for patching and managing vulnerabilities. What if I can reduce my attack surface? And that can happen with standardization. Another reason is geolocation. Whether it’s because of the data sovereignty requirements, or because of geopolitical reasons, for a specific project, let’s say, a major oil and gas company wants to run a project in Australia. What is mandated by Australia, that you must be running all those applications and IT resources within Australia. So what do I do? I cannot, as a business leader, allow my application owners to even by mistake, run that in AWS East. So there are different forces that are putting this demand on how the resources where, when and what resources are being consumed, whether it is because of cost reason, geopolitical, or educational and, you know, sovereignty requirements.” Developers are creating the infrastructure provisioning they need with code, but IT still needs to be the gateway for them to access that infrastructure. Chhabra said, “Developers can’t be expected to understand all the latest happenings in governance. So you still need to have that kind of intermediary IT person, you know, giving them the keys, only at a certain time and at a certain place, and only for a length of time.” IaC gives you speed; governance gives you the window and the control mechanism. This, Chhabra said, “ensures that there are no speed bumps in how quickly can you go from where you are to where you want to be.” z

SD Times

May 2022

www.sdtimes.com

The language of cloud-native development

he Go programming language is continuing on a path of accelerated adoption and is beloved by the developers that use it. This is evidenced by several recent developer surveys, as well as sentiments expressed by developers who use the language. In JetBrains’ 2021 State of Developer Ecosystem report, Go was among the top five languages that developers were planning to adopt. It also was one of the top five languages developers were learning in the last year and was one of the five fastest growing languages too. In the official 2021 Go developer survey, 92% of survey respondents said their satisfaction with Go was very high. Go is the language of the cloud, so it’s no wonder that it’s continued to increase in popularity over the past few years as cloud-native development becomes more and more prevalent. “If you do stuff on any cloud platform … people want to standardize on Go,” said Steve Ng, principal developer relations lead of Asia Pacific and Japan at observability company New Relic. What makes Go the “language of the cloud?” According to Andre Eriksen,

BY JENNA SARGENT founder of back-end development company Encore.dev, there are a few reasons for this. One reason is that Docker was originally built using Go. In addition, a lot of the Cloud Native Computing Foundation (CNCF) projects have been built in Go, according to Eriksen. Ng added that a lot of those CNCF projects also interact with and feed off each other. Another contributing factor is that Go is an incredibly reliable language, partly because of the way it handles errors. It encourages developers to check for errors as they code, rather than relying on throwing and catching exceptions like in other programming languages. “And the way you write code, when you’re using a programming language [that uses exceptions], is you kind of stop thinking about errors, and you just assume everything is gonna go well and if something goes wrong, an exception will be thrown somewhere, and we’ll try to handle that,” said Eriksen. “And that works very well, when everything goes well. And then it goes terribly when something goes wrong. And Go does it very differently, where errors are just any other value. And it kind of forces you

to think about errors much more, every time you are doing an operation in Go, like when you’re writing to a file or you’re sending a request over the internet over HTTP, Go forces you just to think about what if this goes wrong, and as a result, the reliability systems built with Go tends to be very, very high.” Another reason people may see it as reliable is because it has the backing of Google. The language was developed at Google in 2009 and version 1.0 was released publicly in 2012. Go is still maintained by the company today and is used in its production environments too. One nice thing, according to Eriksen, is that Google has taken a conservative view on changing the language. The changes that get made to the language are usually to the edges, rather than the core language itself. Google has made a commitment to backwards compatibility in Go. According to Eriksen, this means that when the language gets updated, those updates aren’t going to break your application. The exception to this has been if there is a major security vulnerability that needs to be addressed. Eriksen added: “If you look at other programming languages… no one

www.sdtimes.com

update to it. And having that backwards compatibility helps the work of the developers.” Google also listens to the community and their pain points when it comes to deciding on new features to add, such as with the recent addition of support for generic programming.

Go finally adds support for generic programming

breaks things because they want to, it’s because they see we can make this better. And we just need to change how we do something. But it creates this sort of fear of upgrading, and you end up sticking around on an old version because upgrading to the latest Java release is so scary, and then you lose out on security fixes and performance improvements, whereas in the in the Go community, pretty much every single company that I’ve ever heard of, they’re running the latest release from the day or the week, that it’s published.” According to Eriksen, Google is famous for running their production systems on the release candidates for Go as well. This gives developers confidence in upgrading to the latest version because by the time the final release is ready, you know that everything is working already inside of Google, which provides a very strong signal to the community that the release has been thoroughly tested. “It is super nice because we try to stay up to date in the Go library,” said Mya Longmire, software engineer at database company InfluxData. “So every time there is a new stable release, we try as quickly as possible to

For a long time, generics weren’t a part of Go, which led to disastiasfaction among Go developers. Generic programming allows developers to represent functions and data structures while factoring out types, according to the Go language team. “With no generics, you decrease your code reusability,” said Longmire. “So you just have to write a little bit more code to do the same thing. And that might seem like a big hurdle if you’re coming from something that’s built on generics, like Java.” In the 2020 Go developer survey, 26% of respondents said Go lacked language features they need, and 88% of those respondents cited generics being a critical missing feature. The survey also revealed that 18% of respondents were prevented from using Go because it didn’t have generics. This pain point was remedied in March 2022 with the release of Go 1.18. This release introduced support for generics, with a commitment to add support for more complicated generic use cases in further releases. “Go 1.18 is a massive release that includes new features, performance improvements, and our biggest change ever to the language. It isn’t a stretch to say that the design for parts of Go 1.18 started over a decade ago when we first released Go,” the Go team wrote in a blog post announcing the release.

Go thrives in large scale software engineering According to Eriksen, Google has put a large focus on large scale software engineering for Go. “This is not a thing for just building small programs, it’s a thing for teams building software over long periods of time,” said Eriksen.

May 2022

SD Times

This is not to say that Go is only popular at the largest companies. In fact, according to the 2021 Go Developer Survey, a majority of survey respondents worked on teams of less than 10 people. Twenty-eight percent of respondents worked at small or medium-sized businesses and 25% worked at startups. Go is particularly suited for large applications because of its compilation speed. According to Eriksen, a Java application that takes 10s of minutes or even up to an hour to compile might take a few minutes had it been written in Go.

Go is leading the field on supply chain security Supply chain security has been top of mind for many people in the past year, especially in the US. The Go team has taken that into consideration by putting a lot of focus into making sure that security vulnerabilities aren’t introduced upstream of a project based on some dependency in use, according to Eriksen. “I think Go is leading the field far and beyond everything else with their approach to supply chain security,” he said.

Knowledge sharing is a big plus in Go One of Longmire’s favorite things about Go is its documentation. She said that reading through the documentation is actually how she learned the language. “They have interactive documentation, which is really nice,” she said. “And you can find anything you’re looking for on how to use something or how to set something up, which is very uncommon in newer languages.” She also said that the syntax of Go is super readable, which helps a lot when working on legacy codebases or reading other developers’ code. Ng echoed this sentiment, saying that knowledge sharing in the community has really improved over the years. This, he says, is another way in which Go has benefited from the CNCF because so many CNCF projects are written in Go and a lot of them feed off each other. z

“BreakTheCode” broke SD Times

May 2022

www.sdtimes.com

BY KATIE DEE

he COVID-19 pandemic left everybody stuck in their homes, searching for any activity to keep them entertained. With jobs moving online and most public establishments closing their doors, fun seemed to be in very short supply. After binge-watching every show that every subscription service has to offer and crossing off every item on their to-do list, most people were still on the hunt for a fun and brain-stimulating activity to keep them occupied and distracted. In order to combat the dreariness of those days, Suman Das, senior brand director at .Tech Domains, and the team there created BreakTheCode, the codebreaking game for coders, programmers and any other technology enthusiast. “The brand manager from .Tech started questioning… Why not give back to the tech community? With everyone being cooped up at home, can we give them the opportunity to play something or do something that will give them a good time?” Das said. According to Das, this was the initial purpose of BreakTheCode; giving people a source of fun and joy amidst the anxiety of the early days of the pandemic, and the tech community took to it extremely well. “The BreakTheCode puzzles were addicting! Getting through the ciphers was challenging and the prizes were the

cherry on top. The amount of effort they put into the games was impressive!” said Nick Hansen, the winner of the first version. Upon first launch, the limited-time offering had more than 110,000 signups, and this overwhelmingly positive response led to the creation and release of BreakTheCode2 with plans for a third version already in the works. Das said, “The overwhelming response we received from over 100K players affirmed that BreakTheCode hit all the right chords with them. Since then, we had been receiving requests for the return of the game and we wanted to

build something even bigger, better, crazier for our community this time.” Supporting partners for BreakTheCode2 are GitHub, Major League Hacking, DigitalOcean, HackerNoon, Dev.To, and Namecheap and this second version is intended to bring users the nostalgic feeling of being back in the 90s. Speaking about the partnership with .Tech Domains, Matthew Dyson, senior program manager at GitHub said, “Its intense ciphers and puzzles are exactly the kinds of problems that programmers and coders crave. By playing BreakTheCode2, they will be doing what they love doing the most - ‘breaking the code’ to some of the most challenging enigmas on the Internet today.” With a build heavily inspired by Windows 98, players are dropped into the middle of a high pressure situation involving an anarchist group hacking into a communication satellite, their intentions unknown. Players are then tasked with moving forward through the game and completing several ciphers and puzzles while being sure to consider the impact their

the boredom of remote work... www.sdtimes.com

May 2022

SD Times

now, there will be more

actions will have on the world order. With the entire game set in a pseudo operating system from 1999, it brings this generation of technology enthusiasts an authentic experience of what it would have been like to be in that time period and have to use an older Windows operating system. Matt Bartley, winner of BreakTheCode2, said that the dedication to the 90s feel of the game was one of the things that really made the experience so special for him. “I got into tech in that era… I remember talking about the Y2K bug and everyone being kind of concerned about that so it was really wild how dialed in it felt,” he said. Das also discussed what sets BreakTheCode apart from other code breaking games on the market. Das explained how the multiple different tasks of the game are really what makes it special. He said, “[When it first launched] there weren’t many of these games that included cyphers and scavenger hunts… So, it’s a very unique and niche experience that we’re giving the tech community.” Bartley also mentioned that his

favorite aspect of the game was how quickly it transitioned from being an easy going game at the start to an increasingly more complex experience the deeper he got into it. “It quickly just turned into sort of maddeningly difficult challenges… there were definitely times where I was staying up way too late and going down rabbit holes that were leading nowhere, and then you’d have these big breakthroughs that make it all worth it,” he said. BreakTheCode2 also offers players a number of side-quest games, “easter eggs,” and other hidden elements in order to bring new layers to the game. Bartley explained that the different easter eggs and side quests were another one of his favorite aspects of the game. He said that it provided a more immersive experience that even after the main puzzle or challenge was completed, there was always more to be solved. “You had to be very committed to stick through it all,” he said, “There’s endless rocks to turn over… I don’t think it’s ever actually been completely done, I doubt that every easter egg has been found.” Das went on to explain that another thing that makes the game so unique is the weekly rollout feature. According to Das, the whole game is split into four different chapters rather than being

released all at once. Different segments were released weekly from the initial launch of BreakTheCode2 on March 25 to its conclusion on April 15 and in that time frame, the second version of the game yielded 105,000 sign ups. BreakTheCode also offers users the ability to work in teams to complete the game as well as a Discord server to connect all of the players. This was especially useful during the initial launch because it helped players feel more connected to their peers during a very disconnected time. “I think one of the bigger surprises to it all was the activity with the community… The organizers promoted [the Discord server] and encouraged it the whole time so I would hop on there if I had some questions or really got stuck… and then you get to meet these really like minded people all over the world… and that was probably the most rewarding part,” Bartley said. The massive amount of positive feedback that BreakTheCode2 received prompted Das and the rest of the .Tech Domains team to make plans for a third version to be released in the near future. “The community is asking for it already, so we’ve been thinking about how soon to bring it back and in what fashion but in the next month or so we should have more information about that,” he said. z

Charter Sponsor

Event

Premier Sponsor

Supporting Sponsor

Media Sponsors

www.sdtimes.com

May 2022

SD Times

DEVOPS WATCH

CloudBees announces community edition of its Feature Management solution BY KATIE DEE

CloudBees, the software delivery platform for enterprises, recently launched CloudBees Feature Management Community Edition. With this, development teams gain access to enterprise-grade feature flagging capabilities, advancing the technique of progressive delivery within modern software engineering. This release allows teams of up to 15 developers to take advantage of feature flags at scale, working to tackle common challenges such as technical debt and governance issues. CloudBees Feature Management Community Edition brings users several features, such as flag approvals, flag

lifecycling, a real proxy, webhooks, audit logs, flag scheduling, and full access to all of the software development kits available from CloudBees. Additionally, this extension offers 250,000 client-side monthly active users and 100 million impressions per month. The Community Edition also integrates with Jenkins and the CloudBees

platform to achieve greater visibility of feature flags across continuous integration and continuous delivery pipelines. “Using feature flags to deliver software progressively is no longer a fringe concept for enterprise companies, even those in highly regulated industries. Our obsession with developer experience drove the decision to enable development teams with access to our enterprise-grade feature flag management system for free,” said Jim Schuchart, general manager of feature management at CloudBees. “We believe CloudBees Feature Management Community Edition truly sets CloudBees apart from any other free edition in the market because it is so fullfeatured and robust.” z

New Relic service level management feature helps operationalize SRE best practices BY KATIE DEE

The observability company New Relic launched its service level management experience in order to allow developers, operators, and executives to operationalize SRE best practices and maintain system uptime and reliability. This release includes one-click Service Level Indicators (SLI) and Service Level Objectives (SLO) setup, recommendations to customize metrics, unified health reports and alerting for SLO compliance, and error budget tracking. The new service level management is included with the all-in-one New

Relic observability platform, making it available to current users without an additional charge or license. According to the company, this experience works to address the challenges of adopting agile development, DevOps, CI/CD, and pipeline automation by providing development teams with a simple option to set up and track their SLI and SLO metrics. Each team’s setup revolves around the services that they manage while also remaining consistent and offering familiarity to engineering leaders working to manage multiple different teams. “With service level management in

New Relic One, we’re empowering engineers to adopt and operationalize the industry best practices in SRE and DevOps — making standardized reliability and uptime measurement a critical part of the entire software development lifecycle,” said Bill Staples, CEO of New Relic. “Feedback from developers, operations and even executives at companies who have used this capability in preview has been overwhelmingly positive. I look forward to all our customers adopting this capability and realizing more value from their investment in New Relic for all their observability needs.” z

Great Expectations SD Times

May 2022

www.sdtimes.com

BY JAKUB LEWKOWICZ

enry Ford once said “If I had asked people what they wanted, they would have said faster horses.” Achieving a good customer experience (CX) is a fine line that comes down to building what the customer wants and building what might solve a problem the customer doesn’t yet know they have. When companies focus on CX, they are able to create a unique and differentiated offering that is hard to replicate. This, in turn, leads to increased customer loyalty and brand equity. The pandemic has forced people to practice social distancing and stay home, resulting in a drop in offline channel sales. In contrast, the pandemic has driven consumers to primarily shop online. What the customers do know they want, is a constantly fast and reliable CX. According to the report The Future of CX: 2022, customers will expect companies to respond to their queries within the first hour, deliver a personalized experience, be proactive in offering help, and be accessible across all devices and the social media platforms that customers prefer by the end of this year. Over the course of the study, Freshworks surveyed over 4,500 businesses and analyzed 107 million customer interactions to understand the key driver of customer satisfaction. “It’s hard to predict a user’s journey. They might see an ad on Instagram, move to the website, chat with an agent, visit a physical store before finally making a purchase, and then take to social media to share their experiences. They expect to be able to shift channels at any point in their journey,” the report stated. The benefits of meeting the customers where they are most comfortable clearly show. For example, the services booking platform Klook saw increased customer retention by 40%.

Sixty-eight percent of WhatsApp users believe that the platform is the most convenient way to engage with a brand. Also, 61% of customers admire companies that use a smart mix of self-service and humans who can support them with empathy and speed. To deliver an excellent customer experience, companies need to keep up with the ever-changing customer expectations. This is where customer experience management (CEM) comes into the picture. CEM is a process that helps businesses track and manage the customer experience that helps businesses deliver a great customer experience by understanding customer needs and expectations and designing customer-centric processes. Jason Wong, a distinguished VP and analyst on the software design and development team at Gartner said that design teams should be leading the charge for ensuring great CX, yet many organizations don’t allocate enough resources to this, especially those that didn’t start out as digital-native. “Design should be ongoing as well to really understand the implications of not only the behavioral patterns, the usage patterns of the application, but taking into account new technologies that might be coming down the pipeline whether it's web XR, or conversational, or IoT, and then think how do we actually create value here?” Wong said. “That’s something that very few companies do well.” It’s the digital-native teams that use quick prototyping and A&B testing within the production environments to see what are the differences. On the other hand, in mainstream enterprises transitioning from project-centric delivery to product-centric delivery, design is still often not as embedded within the teams, and also not at a strategic enough level

where they're doing that ongoing user research and analysis of taking back into production, but also testing new concepts upfront, according to Wong. “A lot of the problem is proving out the value of UX; like how do you show that if we don't do this UX, we don't get this value? So it's hard for a lot of organizations to invest heavily in UX,”

Wong added. The skills that are necessary within a UX team also differ based on how complex the application is. At the top of these design teams are usually the experience lead that has a broad set of skills to help a product team. So the experience researcher is in there understanding the user. They’re not only doing interviews, but almost like anthropologists they're going out and observing in the wild, what's happening, and identifying motivations. “They’re finding out instance like why are mobile field service people still reluctant to use their mobile apps in the field, and they wait until they go back to the depot or the warehouse in order to enter in their information? Maybe it's because they had dirty hands? Like, those are things that the experience researcher

www.sdtimes.com

would pick up on. So instead of us giving him a graphical interface, we need to have it voice-enabled. or maybe we should make it into a head-mounted display: a Google Glass or HoloLens or something like that, for them to have hands free access,” Wong said. “So that's the type of thing that needs to be done upfront, but then on an ongoing basis, as well, as new technologies emerge. So it's not one app anymore. Oftentimes, we are going from one experience to another digital experience.” Often, the design aspect of building applications is outsourced and organizations bring in a design agency to come and help with the user research. But this can be flawed because the company needs to take it upon itself to

understand the users and to understand the ongoing process, Wong explained.

Reliability is the biggest consideration for good CX Good CX can mean a lot of things but the biggest part of that is making sure your app is running as intended in the first place, according to Mehdi Daoudi, the CEO and co-founder of Catchpoint. Customers now expect apps to be more reliable than ever before. If an app crashes, it is now seen as a reflection of the company behind the app, and not just the app itself. “Let’s say you have to take Uber three times a day because you have to go and drop the kids off at school, go to work, and then hire another Uber in the afternoon at 3pm. So the reliability concept is how consistent are you capa-

ble to delivering a great user experience throughout the day for 365 days a year?,” Daoudi said. Today, the expectations of customers are extremely high no matter what type of app they’re on. “We are working with a few luxury brands these days, and interestingly enough, some have told us ‘well our customers are special. They don't care about performance.’ Actually, you know, your customers, like every other customer is used to Google and Amazon. And they're used to a great user experience, which is a fast user experience. The reason why Amazon is so good, or Shopify is so good is because they fundamentally care about speed performance. And that's the name of the game,” Daoudi added. One approach is to not put all the eggs in one basket and instead to opt for running an app on a hybrid cloud. Another way to improve reliability is to invest in the monitoring and visibility of one’s app, but also to make sure that the tools are being used in the right way. Companies need to start measuring their performance, and then setting goals such as how do we lower the flow in an ecommerce site from a minute to just five seconds. Some companies such as Shopify do a great job at that. They have developer experience teams that are continuously monitoring, Daoudi added. The performance space is also a great place for marketing and engineering teams to collaborate and to avoid implementing something that might seem like a feature of better CX but would actually make performance take a hit. “What you don't want is to add 15 tracking pixels, for example, to slow down the website or I've seen that a few times where the graphic team gives a 10 meg file a picture because it's beautiful, but well, 10 meg file is a little bit too much for a website. I mean nobody has a screen that can take full advantage of those things,” Daoudi said.

CX is also about good employee experience Many applications now are dual-purpose: to serve the customer but also to ensure that employees can find out what customers want easily.

May 2022

SD Times

“With the interaction between a customer and a customer service rep, you have your mobile app, you have your web portal for the customer. And then on the back end, you have the support service system for the rep. But that interfaces into the portal and into the chatbot. And not only do you need the information to sync, but you also need the ability for the employee to understand the context really quickly,” Gartner’s Wong said. Also, the use of smart bots and AI can automate, predict customer behavior, and scale customer services. Businesses are beginning to realize that bots can help keep pace with customer demands efficiently by personalizing the experience for their customers and they can augment the experience for employees. Brands have reported a 7% increase in customer satisfaction (CSAT) scores as a result of successful bot implementations, according to the Future of CX: 2022 report. Whereas consumer-facing bots are common, new agent-assistant bots come with AI features like process automation for repetitive support tasks or article suggestions for the next steps customers should take. AI in customer experience is now able to analyze data and find correlations that a human might not be able to discern. For example, a human customer support agent might not be able to tell that a customer who is asking for a refund is more likely to purchase a product in the future if they receive their refund quickly. But an AI system can analyze the data and reach that conclusion. In addition, AI can automate customer support tasks like answering simple questions and responding to customer inquiries. This frees up human customer support agents to handle more complex issues. AI can also be used to proactively reach out to customers who are at risk of churning. For example, an AI system can analyze a customer’s purchase history and support interactions to identify when a customer is unhappy. The AI system can then reach out to the customer proactively to try to solve the issue before the customer decides to churn. z

SD Times

May 2022

www.sdtimes.com

Hybrid work requires collaboration tools to keep developers connected BY KATIE DEE AND DAVID RUBINSTEIN ith the massive shift being seen towards a hybrid work environment, developers may find themselves struggling to maintain proper collaboration with their teams. Feeling disconnected from other members of your team has the potential to hurt the overall productivity of the organization, however, there are several tools on the market today that work to tackle this very problem. Shailesh Kumar, SVP of engineering and head of technology at ClickUp, explained that while the need for collaboration tools has increased since the pandemic, it is far from a new challenge. “If you think about it, collaboration has always been a challenge because… most of these engineering organizations probably had a center in Europe, Poland, Ireland, or London, and then

somewhere in Asia… and then maybe in the United States and Canada, “ he said. “So, the fragmentation was always there, it has just gotten to be a lot more now.” Kenny Johnston, product leader at GitLab, said that there are a few things to be cautious of. “At GitLab we famously produce an all-remote handbook and we talk about some of the dangers of hybrid… one of the ones that we call out is called proximity bias,” he said. Johnston explained that this bias can occur when certain team members are in the same vicinity while others are not. He said that a way to combat this is to ensure that all important team communication takes place on a platform that is tailored for distributed teams, rather than primarily favoring in-person or synchronous communication. Anique Drumright, VP of product at

the asynchronous video communication platform Loom, explained that tools such as Loom allow hybrid teams to have those important conversations on a video platform while still maintaining the convenience of asynchronicity. She said, “The power of asynchronous video is that you can convey your full emotions. You have body language and facial expressions, and it feels more like storytelling.” Drumright said that offering team members this added context beyond just facts allows members of a hybrid team to internalize and understand the full message behind the communication.

Fighting the ‘proximity bias’ The ability to document information this way works to fight against the proximity bias that Johnston mentioned because

www.sdtimes.com

every member of the team has the ability to view videos and take part in important discussions without that communication having to take place synchronously. Kumar also discussed the fact that the way employees work has to change in order to make the most of a hybrid setting. He explained that this can be especially difficult for long-term developers who have been working in an in-person setting for their entire careers. “It is definitely different now, and that’s where companies have to look at platforms like ClickUp because we cannot maintain the same work habits and still expect them to work… organizations can maintain and even accelerate productivity if they change a little bit,” he said. Jason Beres, SVP of developer tools at Infragistics, also spoke about this need to rethink the way development teams work. He said that Slingshot, Infragistics’ application that combines data analytics, project management, chat, goals, and strategies, could help with the transition. “Every team spends a lot of time task switching and going from place to place… So, we brought something together into a single product that integrates with other tools,” Beres said. He explained that different teams at Infragistics use this tool to ensure that

May 2022

SD Times

Not all communications need to last forever Kenny Johnston, product leader at GitLab, has a strong belief that not all communication has to be accessible forever. He said that there is a good amount of impermanent information being exchanged that only works as exposition for the overall point being made. This kind of explanatory information is really only useful for a certain period of time, therefore, according to Johnston, it should only be accessible for that period of time. “The primary mechanism that we see developers using is this move to defining more things in writing both in source control and documentation,” Johnston said. “Using more ephemeral tools where you know the communication will go away is good for that low latency communication.” According to Johnston, Slack is a good example of this kind of tool because of the option it gives users to set a time frame for messages to remain visible on the platform. Johnston also mentioned that when using this type of tool, it is important to document the end results of the conversation in a more permanent place so that the whole team can then access that information. “We have a very low retention time on our Slack because we want to make sure that team members understand that [Slack] is not for anything permanent… and most dialogues should end with ‘okay I’m going to update the issue as a result of this discussion,” he said. This short term communication also helps in the pursuit of intentional communication. Putting thought into the permanence of the information you are relaying causes you to take a second and think in order to be sure that the correct information is being documented in the correct way, resulting in more purposeful communication. Johnston also explained hybrid teams are only successful if the entire organization adapts to this change and does their part. He said, “It’s about being very intentional in using those common and shared collaboration tools as opposed to taking advantage of proximity.” z

the entire organization has transparency into a project, no matter what branch of the company they belong to. “We looked at how integrations between products and building these ecosystems through integrations work, so that’s really where Slingshot shines,” Beres said.

The importance of a singular platform According to Beres, having a tool that allows for easy integration is important in a hybrid environment so that team members don’t feel as if one tool is being forced on them. He said, “Being able to use tools that can give this all-inone [experience], plus a few integrations, it just really helps efficiency throughout the day.” Johnston also discussed the ways in which GitLab as a tool can help to facilitate collaboration within a hybrid team. He said, “GitLab has mechanisms for ensuring that individual users that need to be informed about a change, are informed.” He explained that GitLab allows for

visualization into the entire process and enables team members to go back and track where certain commands or change requests came from in order to gain better insight into the background and thought process that went into making a change. According to Johnston, GitLab also works to offer developers one centralized location to do all of their collaborating. “Developers are being asked to do more and more these days… and so they really need a collaboration tool that spans all of those tasks,” he said. Like Beres, Johnston stressed that having multiple different tools can hurt an organization’s productivity because having to jump back and forth between the tools can lead to context being lost between them. “Having a singular platform that has all of the data in one place, every user is on that platform, every user can collaborate and find things all under a unified interface really helps collaboration,” Johnston said. continued on page 18 >

SD Times

May 2022

www.sdtimes.com

< continued from page 17

All work and no play… Remote and distributed work. The COVID-19 pandemic. The acceleration of millennials into the workplace. The complex of tools. “We saw these trends, and it was leading to things like burnout, and people having negative experiences at work, because the tools and the day-to-day experience weren’t keeping up with these trends,” said Jennifer Dennard, co-founder of Range.co, a collaboration software provider. “How we really think about the problem of increasing engagement and making work more enjoyable” she continued, “is around the day-to-day experience. So historically, companies have tried to solve problems of workplace culture or burnout through things like big company offsites, once a year, or holiday parties, or even happy hours, once a month. And while those are fun and create bonding experiences, then you go back to the daily grind, so to speak. And if that daily grind is grinding you down, it really doesn’t change that fundamental experience.” Range, she explained, is software built for teams from a human perspective, strengthening and empowering team communication “around things like daily standups for developers, the cadence of meetings, the way in which goals are held accountable, all the kind of day-to-day and week-to-week habits. And in the context of that we’re weaving in best practices in terms of how teams operate, which helps kind of just reduce the meeting load overall, and give developers back flow time.” Just as important, she emphasized, is the idea of weaving play into work, to create a sense of belonging and connection with the team through games, or sharing your mood, or teams answering team-building questions. The key, Dennard pointed out, is to do it within the flow of work, instead of something that’s done once a month or once a year. “And that,” she said, “really changes the day-to-day experience, which is really what leads to contentment and happiness for folks on the team.” Dennard said one of the things she and co-founder Dan Pupuis found with all types of folks, but especially developers, is that getting on a Zoom call for a happy hour every week, or a lunch call every few days, is really not very fun over time. “It can be, but it often, like burns people out even more, because they’re already on meetings, they’re just trying to get back to their work,” she said. “But what we found is that creating multiple ways for people to engage how it suits them. So for instance, engaging in a written format through team building questions, like, uh, would you rather dance to every song that you hear or have to sing along with it? Things that are just simple and fun and engage people in writing, or creating opportunities for people to engage live. We do a half-hour meeting every few days, it’s optional. And people can come and just play remote games. And that’s things like drawing games — we love a game called Gartic Phone. And those really help folks to engage without the pressure of having to carry the conversation the whole time, you’re just doing something fun together. Dennard said it’s important to create variety in terms of how to create opportunity for engagement. This way, “the weight isn’t on one moment, and really meets people in terms of their personality and what they’re looking for.” z — David Rubinstein

Kumar also emphasized the importance of having a unified platform. “In a hybrid environment, the data silos and the fragmentation of applications makes it really hard to communicate and work together,” he said. He went on to explain that, like GitLab and Slingshot, ClickUp offers users an all-inclusive platform for their applications. According to Kumar, when operating in a hybrid environment, it is vital to be using tools that are well integrated in order to facilitate heightened collaboration and, therefore, heightened productivity.

Synchronous vs. asynchronous Drumright went on to discuss that there are several productivity and efficiency benefits that come with an asynchronous video communication tool, such as Loom, as well. She said, “[With Loom] I probably have 90 minutes to two hours more of actual, deep work time a day than I did previously, and I think it’s the nature of not every single conversation needing to be scheduled.” She explained that platforms like this help to give developers back their time because team members are not constantly being pulled into meetings and having their current work derailed. Additionally, Johnston spoke about the importance of being able to differentiate between topics that should be talked about synchronously as opposed to those that can be tackled with an asynchronous tool. “We always start with asynchronous and try to answer it that way first… we’ll have developers start in Slack and then say ‘hey I would love to pair program with you, let’s jump on a Zoom call,’” he explained. However, ClickUp’s Kumar believes the opposite is true. Kumar said that in order for asynchronous communication to be effective, synchronous collaboration has to happen first. He explained that it is important for everyone to connect as a team in order to fully understand their tasks before breaking off and working asynchronously. “You need to set the context, you need to have the initial discussions and

www.sdtimes.com

kickoffs using a platform like ClickUp where it can be done synchronously, and from there you can start working asynchronously,” he explained. Yet Johnston said that by utilizing asynchronous communication tools first, issues are often resolved before synchronous communication becomes necessary, which ultimately works to save time and leads to heightened productivity in the long run. Communicating asynchronously also allows developers to be more in control of their own time. Drumright said, “If I’m creating something in a time that’s convenient for me and then you’re digesting it in the time frame that works for you… it becomes a really powerful tool for efficiency, collaboration, flexibility, and overall connection.” Drumright echoed Johnston, saying that using asynchronous communication first is highly beneficial. She explained that important explanatory information can be shared with a quick video message and then that information can be debated and discussed further in a live video call until a solid conclusion is reached. Jennifer Dennard, co-founder of collaboration software provider Range.co, believes you need to strike a balance in how you communicate. “There’s real value in building a foundation of asynchronous communication, where folks can get the information that they need to be empowered in their work, particularly on teams that are split across time zones, especially large time-zone divides, like India and the United States. It’s really hard to create meetings that don’t interrupt people’s personal lives. And so when you create a habit of sharing information asynchronously, it starts to build a foundation where people can search, they can find the right links and find information and answers to their questions.” That, she said, can be done through written check-ins, through documenting meeting notes, and project specs. But, she acknowledged, there’s also real value in live communication. “You can’t deny the truth that it’s powerful to engage that the back-and-forth that you can have and that the emotions that sometimes need to be discussed are

May 2022

SD Times

Making collaboration more seamless ClickUp is a cloud-based project management and collaboration tool that can be used by teams of all sizes. This all-in-one platform replaces the multiple different applications that used to be required in order to operate with a dispersed team. Key features of ClickUp are communication and collaboration tools, task assignments and statuses, alerts, and a task toolbar.

GitLab is a web-based Git repository and complete DevOps platform that allows users to complete all tasks a project requires in one location. These tasks include project planning and source code management as well as monitoring and security. Additionally, GitLab provides collaboration functionality to teams across dev and ops.

Loom is an asynchronous video communication tool that allows team members to relay important information over video without having to schedule a synchronous meeting. Loom allows users to record their camera, microphone, and desktop simultaneously and instantly share the video on the platform for the team to view at their convenience.

Slingshot is a digital workspace that gives the entire organization access to data, organizes projects, tasks, content, and chat in order to foster heightened collaboration and productivity. Slingshot brings users project management, data analytics, file management, and chat features, as well as cross-department collaboration.

Range (www.range.co) empowers and strengthens teams with communication tools built for today’s world. By making it easy for teams to adopt and maintain healthy teamwork practices, Range improves the daily experience of work, creating a balance of joy, purpose, and accomplishment. z

really powerful to do live.” She explained that Range facilitates running a meeting and documenting the meeting notes, which helps to ensure that people who couldn’t attend still get that information. “Or if you’re prepping for the meeting, you can see what happened last time and get the doc on the topics and things like that,” she added. “And so we really encourage assessing the purpose of what you’re trying to do and seeing whether that’s best done async or synchronous. And sometimes it means kicking off synchronous, and then going async. Sometimes it means sharing a bunch of context async and then having a quick 15-minute chat. It depends on what problem you’re trying to solve at the moment.” Range is building out playbooks and recommendations for things like a brainstorm that you can kick off asynchronously, do a little bit of live communication, and then do asynchronous again. That’s one of the processes people can run through, she said.

Working with scattered teams Asynchronous communication becomes even more important when working with

teams that are scattered globally and working in several different time zones. Beres said that utilizing a tool like Slingshot, which allows for full transparency, helps to foster a more inclusive and welcoming environment. When the development team has access to what is going on in other parts of the business, it fights against the feelings of isolation that sometimes come with hybrid work. “Now, I actually have more meaningful meetings with our teams and I do feel that we are actually closer together because we have these digital tools,” Beres explained. He also mentioned that there is a learning curve that many developers are still getting a grip on when it comes to determining when to use asynchronous communication methods. He said that it ultimately comes down to the role you are in and the complexity of the problem. “I think that developers already have a natural tendency to use something like chat to ask for help or communicate with people, but I think it is really down to the individual to kind of adapt and learn with their co-workers and these useful tools,” Beres said. z

SD Times

May 2022

www.sdtimes.com

Analyst View BY JASON ENGLISH

Product-driven or design-led? Jason English (@bluefug) is a Principal Analyst and CMO of Intellyx.

ost software developers work within project-oriented teams, since most companies are not startup vendors that can constantly reinvent themselves and deliver hot new products to market. Upgrades, integration and modernization projects carry forward a sizable estate of already coded software assets and third-party service dependencies. I once pondered an alternative product-driven strategy for software organizations to behave more like high-growth software vendors, recasting their project managers as product managers. They would spend less time measuring time, and more time measuring the features they deliver. Ostensibly, this product-oriented approach would cut down on endless initiatives and sprawling scope creep, by getting executives to reconsider the contributions of developers toward finite high-value products. But lately we are seeing a second shift — from product-led to design-led strategy. Some of the founders of today’s fastest growing unicorn vendors emerged from design schools and creative industry backgrounds.

Developers are asked to put lipstick on a pig — without changing the underlying functionality.

Costume, or customer experience? There’s a lot of technical and business acumen that a design-led team must develop beyond graphic design that goes into a successful customer experience. Designers get asked to put ‘lipstick on a pig’ — pushing pixels to dress up an application visually without changing the underlying functionality. The cosmetics of tweaking icons, fonts and colors can make the software look nicer, but it seldom improves user experience (or UX) by itself. Users expect clear controls and instructions within an interface, and on their phones or devices, they also expect sensory data — using cameras, haptics and audio inputs and outputs to maximize productivity. Performance is also a huge factor in customer experience — an identical competitor that displays results two seconds slower will experience high abandonment rates. Design engineering is about tradeoffs between display aesthetics and the con-

cise representation of data returned rapidly from low-latency sources.

When it’s incomplete, it’s ready to show Successful creative agencies never assume that a concept needs to be fully fleshed out before clients can accept it. They iterate rapidly on design and copy comps or sketches, in order to zero in on the client’s preferences. Revolutionary SaaS tools and smartphone apps accelerated design-first principles, as the current version of the application gets dynamically updated for the customer in near real-time. This continuous process merges redesigns into the CI/CD product lifecycle by introducing new user functionality and displays — even if they aren’t fully baked yet.

Laziness is the mother of innovation If great design takes 50% of the time required to perform a task away from the customer, that’s a winning product. The low-code space and RPA movements provided hundreds of ways to leapfrog between UI and process-driven design and drag-and-drop easy application development without the technical skill hurdles. The COVID crisis showed off the robustness of low-code for design-driven responsiveness to crisis conditions — take for instance the few banks that could step up with PPP relief loan applications using low-code within 3 months. I’m constantly surprised by new vendors that enter seemingly matured spaces such as CI/CD tools, IT operations, security and software testing with better UX as the lead value proposition.

The Intellyx Take Companies and industries that are internally project-focused rather than customer-focused are woefully unprepared for digital transformation. Never settle for dogmatic standards when rapid innovation is called for. Don’t let anyone tell you there is one best way to build software when there are always multiple valid design-led approaches. Distinguishing between conceptual possibilities is the very stuff of design-led development. z

www.sdtimes.com

May 2022

SD Times

Guest View BY SHAUN FOREMAN

About inclusive design E

ven before the pandemic, so much of our daily lives had become digital. Instead of meeting up in person, we’ve moved to FaceTime and Webex. Rather than go to a movie, we streamed the latest films at home. We moved our banking and food shopping online. Today’s digital work surely rivals the physical world — but not if you’re living with a disability. According to WebAIM (Web Accessibility In Mind), more than 97 percent of the one million pages it evaluated in 2021 had WCAG 2 (Web Content Accessibility Guidelines) failures. However, it’s not as if designers and engineers don’t care about accessibility — they do. In an Applause study in 2021, nearly 70 percent of respondents agreed that their companies were prioritizing digital accessibility. So what’s happening? In order for digital experiences to be accessible to everyone, inclusive design must start with the software development cycle. It’s not something that can be added or designed for after the fact. Modern software development — like so much else in our post-pandemic worlds — must begin with empathy.

Designing with empathy In principle, every software development project should start with considering the broadest range of people. Ensuring accessible digital experiences requires an ongoing commitment to designing inclusive experiences, writing code with accessibility in mind, and testing digital properties for key accessibilities. Companies should start with that commitment. In that same study mentioned earlier, more than two-thirds of respondents said their company hasn’t tested for accessibility within the last three months, and nearly half said their company hasn’t tested within the last six months. Accessibility testing is not a one-and-done situation, and requires an ongoing commitment to ensure key digital pathways are providing truly accessible experiences. Too often, designers are isolated and work in a vacuum. In that environment, how can they possibly design a high-quality product for a living person about whom they may know next to nothing? Inclusive user testing is a key component within inclusive design principles. At the beginning of a project, developers must reject any preconceived

notions of who their users are. They need to sit down with the audience they are designing for and learn firsthand about them. Based on user groups, one-onone conversation and other forms of direct contact, designers can move away from what is “typical” and toward what is personal. From that, they will be able to better ascertain needs, gaps, and solutions. Beginning the design process by engaging directly with persons with disabilities is a driver for greater innovation. This type of real-world feedback offers insight early in the process — enabling development of better digital experiences from the start. It also ensures the user experience is intuitive, enjoyable and inclusive for everyone. Once designers and developers truly grasp the needs of those with disabilities and gain an understanding of what may not work in more traditional design principles, they can better develop products that meet the needs of this audience.

Building inclusive design principles into a process

Shaun Foreman is principal product manager of accessibility for Applause.

Modern software development... must begin with empathy.

For designers to succeed with inclusive design, here are some important components they should focus on: • Regular vertical training. Bring in specific persons with disabilities to train your designers and engineers. This is key to creating the empathy I’ve discussed. It’s critical to have this in-person or liveonline exchange, and base training on the team’s own products. • Weekly office hours for designers. It’s key that designers can consult with an inclusivity design and accessibility front-end development expert team as they work throughout the week. I have seen this in action over the years and it makes a tremendous difference in efficiency and helps designers avoid unneeded dead ends. • UX research workshops. These are great for subject matter expert tips and iterative exercises around understanding PwD profiles. • Self-service intranet knowledge base. Creating a store of training documents, FAQs and other useful materials builds a knowledge base and becomes the single source of truth for inclusive design. This can help simplify, in time, the complex nature of inclusive design and accessibility. z

SD Times

May 2022

www.sdtimes.com

Industry Watch BY KEN MUGRAGE

The changing economics of open source Ken Mugrage is principal technologist, Office of the CTO, Thoughtworks.

he past several months have seen an unusually high level of commotion in the open-source community, largely focused on the economics of who — and how we — should pay for ‘free’ software. But this isn’t just some geeky flame war. What’s at stake here is business-critical for vast swaths of the business world. So what’s all the fuss about? To get a handle on this, it helps to consider what open source means today. In its earliest days, the open-source movement was all about creating alternatives to large software packages. And there were some outstanding successes that enabled large groups of people to participate: I started my first web company in the mid ’90s with almost no capital, based largely on the availability of the Linux operating system, Apache web server, and PHP programming language.

What’s at stake here is business-critical for vast swaths of the business world.

Open source’s early promise

The early days were also characterized by some fine ideals about what it meant to be open source: that anyone could and would review the codebase to identify and fix bugs, that people would take code bases and contribute to their advancements; that there was a profitable business model for building ‘free’ software. Online systems like SourceForge and later GitHub made it easier to share and collaborate on smaller open-source components. The subsequent Cambrian explosion of open-source software has tested some of those original ideas to breaking point. In contrast to the focus on creating alternatives to large software packages, today there’s a proliferation of open-source software, on one side we have internet giants churning out all manner of tools, frameworks and platforms, at the same time, one-dev bands have created small but critical parts that support a huge number of businesses. The diversity of open-source projects today has challenged many of the initial principles. So in many instances, the codebases for open-source packages are simply too large to allow for meaningful inspection. Other packages are distributed by internet titans that have no expectation that anyone else will contribute to them. Yet other

releases are distinct, point releases that may only do one relatively minor task but do it so well that they’ve spread across the internet — but rather than an active community of maintainers, they’re often just a passion project for one or two committed developers. You can appreciate the challenges this can create by looking at some recent examples of open source’s changing economics. Take ElasticSearch. Back in September 2021, Elastic changed its license to require cloud service providers who profit off their work to contribute back. Those changes caused high dudgeon in the open source community and prompted AWS to fork the code base and create a new distribution for their OpenSearch product. At the other end of the scale, a security snafu in Log4J created what’s been dubbed the biggest bug in the internet. The popular open-source logging tool is widely used across a multitude of systems today. But its popularity didn’t mean it was backed by a crack maintenance team; it was maintained by hobbyists. Here, throwing money at the problem is hardly a solution. We know of many open-source enthusiasts who maintain their software personally; and they have busy professional lives — the last thing they want is to the responsibility of a servicelevel agreement because someone has paid them for their creation.

Can open source continue to thrive? So is this the end of the road for the open-source dream? Certainly, many of the open-source naysayers will view the recent upheaval as proof of a failed approach. They couldn’t be more wrong. What we’re seeing today is a direct result of the success of open source software. That success means that there is no one-size-fits-all description of what open source software is, nor one economic model for how it can succeed. Once you start looking at crucial parts of your software stack where you’re reliant on hobbyists, your choices begin to dwindle. But if the Log4J commotion has taught us anything it’s this: auditing what goes into the software that runs your business puts you in a better place than being caught by complete surprise. z

Full Page Ads_SDT053.qxp_Layout 1 10/27/21 11:41 AM Page 24

The latest news, n news analysis and commentary delivvered to your inbox!

• Reports on the newest technologies affecting enterprise deve developers elopers • Insights into thee practices and innovations reshaping softw ware development • News from softtware providers, industry consortia, open n source projects and more m

Read SD Tim mes Daily to keep up with everything happening in the software devvelopment industry. SUB BSCRIBE TODA AY! Y!

047_SDT032.qxp_Layout 1 1/17/20 5:23 PM Page 1

Reach software development managers the way they prefer to be reached A recent survey of SD Times print and digital subscribers revealed that their number one choice for receiving marketing information from software providers is from advertising in SD Times. Software, DevOps and application development managers at large companies need a wide-angle view of industry trends and what they mean to them. That’s why they read and rely on SD Times.

Isn’t it time you revisited SD Times as part of your marketing campaigns? For advertising opportunities, contact SD Times Publisher David Lyman +1-978-465-2351 • dlyman@d2emerge.com

SD Times May 2022

Articles inside

GUEST VIEW by Shaun Foreman

News Watch

INDUSTRY WATCH by Ken Mugrage

Go: The language of cloud-native development

ANALYST VIEW by Jason English