The Definitive Serialization Performance Guide 

Security Advisory Notices

CVE-2019-1077 Visual Studio Extension Auto Update Vulnerability

An elevation of privilege vulnerability exists when the Visual Studio Extension auto-update process improperly performs certain file operations. An attacker who successfully exploited this vulnerability could delete files in arbitrary locations. To exploit this vulnerability, an attacker would require unprivileged access to a vulnerable system. The security update addresses the vulnerability by securing locations the Visual Studio Extension auto-update performs file operations in.

CVE-2019-1075 ASP.NET Core Spoofing Vulnerability

A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect. An attacker who successfully exploited the vulnerability could redirect a targeted user to a malicious website. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link.

The security update addresses the vulnerability by correcting how ASP.NET Core parses URLs. Details can be found in the .NET Core release notes.

CVE-2019-1113 WorkflowDesigner XOML deserialization allows code execution

A XOML file referencing certain types could cause random code to be executed when the XOML file is opened in Visual Studio. There is now a restriction on what types are allowed to be used in XOML files. If a XOML file containing one of the newly unauthorized types is opened, a message is displayed explaining that the type is unauthorized.

For further information, please refer to https://support.microsoft.com/en-us/help/4512190/remote-code-execution-vulnerability-if-types-are-specified-in-xoml.

Kent’s rules, from Extreme Programming Explained are:

• Runs all the tests
• Has no duplicated logic. Be wary of hidden duplication like parallel class hierarchies
• States every intention important to the programmer
• Has the fewest possible classes and methods

In my experience, these don’t quite serve the needs of software design. My four rules might be that a well-designed system:

• is well-covered by passing tests.
• has no abstractions not directly needed by the program.
• has unambiguous behavior.
• requires the fewest number of concepts.

نگارش بتای سیلورلایت سه چند روزی است که ارائه شده است.
ویژگی‌های جدید آن‌را در چند گروه می‌توان بررسی کرد:

• بهبودهای گرافیکی : پشتیبانی از GPU و گرافیک سه بعدی - Perspective 3D و Pixel Shaders

• امکان تولید برنامه‌های Out-of-the-Browser (امکان اجرای برنامه‌های سیلورلایت مستقل از مرورگر وب)

• بهبودهای حاصل شده در امکانات برنامه نویسی آن: element binding, dynamic resources و ...

• ارائه‌ی پیش نمایش expression blend نگارش 3 جهت پشتیبانی بهتر از Silverlight 3.0

• .NET RIA Services : n-tier application pattern

• پشتیبانی کامل از پخش ویدیوهایی با فرمت HD

• و ...

کتاب الکترونیکی رایگانی که در MIX09 در این‌باره توزیع شده است
دریافت

برای مطالعه بیشتر:
A guide to Silverlight 3 new features
Silverlight 3 Announced!

If you're comfortable with JavaScript and the ecosystem, Vue is a solid framework which can easily scale up or down as your application requires.

On the other hand, if you already know and enjoy using C#, and have generally found JavaScript (the language and ecosystem) difficult to learn and live with, Blazor WASM is potentially a game changer. 

Features

Containers have revolutionized software development, allowing developers to bundle their applications with everything they need, from the operating system up, into a single package. Docker is one of the most popular platforms for containers, allowing them to be hosted on-premises or on the cloud, and to run on Linux, Windows, and Mac machines. With Docker Succinctly by Elton Stoneman, learn the basics of building Docker images, sharing them on the Docker Hub, orchestrating containers to deliver large applications, and much more.

The Complete Illustrated Flexbox Tutorial