Announcing the RTM of Visual F# 4.0

WebGrids are fantastic when coding for a desktop layout, but what do you do when you need it mobile? Today, I analyze the WebGrid and create CSS to make the WebGrid bend to our will and make it more responsive on a mobile device. 

Here’s a quick list of what’s new in TypeScript 5.2!

using Declarations and Explicit Resource Management
Decorator Metadata
Named and Anonymous Tuple Elements
Easier Method Usage for Unions of Arrays
Copying Array Methods
symbols as WeakMap and WeakSet Keys
Type-Only Import Paths with TypeScript Implementation File Extensions
Comma Completions for Object Members
Inline Variable Refactoring
Clickable Inlay Parameter Hints
Optimized Checks for Ongoing Type Compatibility
Breaking Changes and Correctness Fixes
 

Announcing Entity Framework Core 2.2 

 PostCSS is a tool for transforming CSS with JS plugins. These plugins can support variables and mixins, transpile future CSS syntax, inline images, and more.
PostCSS is used by Google, Twitter, Alibaba, and Shopify.
PostCSS itself is very small. It includes only a CSS parser, a CSS node tree API, a source map generator, and a node tree stringifier 

• VS is more responsive when running Git operations.
• Debugging large solutions with /debug:fastlink PDBs is more robust. Changes in the PDB/DIA lead to reduced latency and a 30% reduction in heap memory consumption in the VS debugger that used to cause crashes.
• C++ compiler bugfixes:
  • Fix for the SSA optimizer incorrectly sinking a function call past a store to a variable used in a __finally handler.
  • Fix for the SSA optimizer sometimes incorrectly analyzing memory loads from locations with negative offsets.
  • Fix for the optimizer incorrectly transforming a pre-incremented loop into a post-incremented loop. This was found compiling the ICU project.
• Microsoft bumped up the Java™ Development Kit 8 to Update 172 (JDK version 8u172). 

This .NET Core SDK release includes the following released .NET Core and ASP.NET Core Runtimes.

• .NET Core SDK 3.1.403
• .NET Core Runtime 3.1.9
• ASP.NET Core 3.1.9 

Today we’re announcing the release of SQL Server Management Studio (SSMS) 18.3. For this update, while we added some features, our focus was primarily on fundamentals such as stability, reliability, and performance. 

Dirty IT secret No. 6: We know a lot more about you than you think 

Security Advisory Notices

CVE-2019-1077 Visual Studio Extension Auto Update Vulnerability

An elevation of privilege vulnerability exists when the Visual Studio Extension auto-update process improperly performs certain file operations. An attacker who successfully exploited this vulnerability could delete files in arbitrary locations. To exploit this vulnerability, an attacker would require unprivileged access to a vulnerable system. The security update addresses the vulnerability by securing locations the Visual Studio Extension auto-update performs file operations in.

CVE-2019-1075 ASP.NET Core Spoofing Vulnerability

A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect. An attacker who successfully exploited the vulnerability could redirect a targeted user to a malicious website. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link.

The security update addresses the vulnerability by correcting how ASP.NET Core parses URLs. Details can be found in the .NET Core release notes.

CVE-2019-1113 WorkflowDesigner XOML deserialization allows code execution

A XOML file referencing certain types could cause random code to be executed when the XOML file is opened in Visual Studio. There is now a restriction on what types are allowed to be used in XOML files. If a XOML file containing one of the newly unauthorized types is opened, a message is displayed explaining that the type is unauthorized.

For further information, please refer to https://support.microsoft.com/en-us/help/4512190/remote-code-execution-vulnerability-if-types-are-specified-in-xoml.