The main change in this release is a security fix, and it’s possible you will need to change your own code to adapt. Here’s why: jQuery used a regex in its jQuery.htmlPrefilter method to ensure that all closing tags were XHTML-compliant when passed to methods. For example, this prefilter ensured that a call like jQuery("<div class='hot' />") is actually converted to jQuery("<div class='hot'></div>"). Recently, an issue was reported that demonstrated the regex could introduce a cross-site scripting (XSS) vulnerability. 

The ASP.NET Core tag helpers improve on the HTML templated helpers in ASP.NET MVC 5. ASP.NET Core comes with some useful stock tag helpers for common tasks such as creating custom elements or extending existing HTML elements, but their use can be extended to making a framework such as Bootstrap easier to work with. Dino shows how helpers are used, and demonstrates a Bootstrap Modal Tag Helper 

Retirement of MCSA, MCSD, MCSE certifications and related exams extended

We know many of you are working toward completing your Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Developer (MCSD), or Microsoft Certified Solutions Expert (MCSE) certification(s). We realize that the current environment could potentially hamper your ability to finish your certification before the original retirement date of June 30, 2020. To address this issue, we are extending the retirement date for these specific certifications to January 31, 2021 to give you more time to complete the exams and earn your certification. 

:When to use Async/Await

The new docs make a pretty strong claim for using a framework when starting a new React project.  

What I've learned from 20 years of programming in C# with Joe Albahari with Q&A session - YouTube
In April 2001, I wrote and published my first C# program. Join me in discovering the most valuable principles that I've learned in the 20 years of C# programming that followed. We'll cover a range of topics, with plenty of samples and useful code that you can take away.

00:00 - Introduction
01:04 - Types
18:55 - Functional Programming
19:43 - What Defines Functional Programming?
33:26 - Lazy Values
36:20 - Cache a function - Memoizer
41:49 - Using a Closure instead of a Class
43:24 - Memoizer example
45:07 - Asynchronous Programming
47:58 - How do we abstract around Futures?
53:54 - Asynchronous locking
58:04 - Implementing A-synch lock with Semaphore
01:09:48 - Await inside a UI method vs a library method
01:18:04 - Using Exceptions
01:36:18 - Implementing a Retry
01:39:02 - IEither interface
01:39:58 - Downloading samples on LINQPad
01:40:27 - Q&A Session 

Today we’re happy to announce the availability of the release candidate (RC) of TypeScript 3.1. Our intent with the RC is to gather any and all feedback so that we can ensure our final release is as pleasant as possible. 

export class ShowHtmlComponent {
  htmlContent = "Template <script>alert(\"Hello!\")</script> <b>Syntax</b>";
}

<h3>Binding innerHTML</h3>
<p>Bound value:</p>
<p>{{htmlContent}}</p>

 WARNING: sanitizing HTML stripped some content (see http://g.co/ng/security#xss).

<p>Result of binding to innerHTML:</p>
<p [innerHTML]="htmlContent"></p>

<p #dataContainer></p>

export class ShowHtmlComponent implements OnInit {

  @ViewChild("dataContainer") dataContainer: ElementRef;

  ngOnInit() {
    this.dataContainer.nativeElement.innerHTML = "nativeElement <script>alert(\"Hello!\")</script> <b>Syntax</b>";
  }
}

export class ShowHtmlComponent implements OnInit {
  sanitizedHtml: string;

  constructor(private sanitizer: DomSanitizer) { }

  ngOnInit() {
    this.sanitizedHtml = this.sanitizer.sanitize(SecurityContext.HTML, "<b>Sanitize</b><script>attackerCode()</script>");
  }
}

SecurityContext.NONE
SecurityContext.HTML
SecurityContext.STYLE
SecurityContext.SCRIPT
SecurityContext.URL
SecurityContext.RESOURCE_URL

export enum SecurityContext { NONE, HTML, STYLE, SCRIPT, URL, RESOURCE_URL }

export abstract class DomSanitizer implements Sanitizer {
  abstract sanitize(context: SecurityContext, value: SafeValue|string|null): string|null;
  abstract bypassSecurityTrustHtml(value: string): SafeHtml;
  abstract bypassSecurityTrustStyle(value: string): SafeStyle;
  abstract bypassSecurityTrustScript(value: string): SafeScript;
  abstract bypassSecurityTrustUrl(value: string): SafeUrl;
  abstract bypassSecurityTrustResourceUrl(value: string): SafeResourceUrl;
}

import { Pipe, PipeTransform } from "@angular/core";
import { DomSanitizer, SafeHtml, SafeResourceUrl, SafeScript, SafeStyle, SafeUrl } from "@angular/platform-browser";

@Pipe({
  name: "safe"
})
export class SafePipe implements PipeTransform {
  constructor(protected sanitizer: DomSanitizer) { }

  public transform(value: any, type: string): SafeHtml | SafeStyle | SafeScript | SafeUrl | SafeResourceUrl {
    switch (type) {
      case "html":
        return this.sanitizer.bypassSecurityTrustHtml(value);
      case "style":
        return this.sanitizer.bypassSecurityTrustStyle(value);
      case "script":
        return this.sanitizer.bypassSecurityTrustScript(value);
      case "url":
        return this.sanitizer.bypassSecurityTrustUrl(value);
      case "resourceUrl":
        return this.sanitizer.bypassSecurityTrustResourceUrl(value);
      default:
        throw new Error(`Invalid safe type specified: ${type}`);
    }
  }
}

@NgModule({
  imports: [
  // ...
  ],
  declarations: [ SafePipe]
})

<p [innerHTML]="htmlContent | safe: 'html'"></p>

The new sha1(X) function computes the SHA1 hash of the input X, or NULL if X is NULL, while the sha1_query(Y) function evalutes all queries in the SQL statements of Y and returns a hash of their results.