A great article about becoming focused on the fundamentals of your profession to be good at what you do. A simple concept, but In this day in age it is all too easy to get distracted by  a constant tidal wave of new languages, devices, libraries, tools, frameworks etc.  You can easily find yourself becoming a generalist, neglecting your core marketable skills. By taking a step back, reviewing your profession and ‘chunking’ core fundamentals in to learning segments you can focus on what really matters in your field.

http://triptagupta.tumblr.com/post/34643627860/check-yourself-before-you-wreck-yourself

This blog post covers the two popular ORM’s with in-depth, low level comparison of their framework features. An great help when deciding technology in early project phases and POC’s.

Includes:

Architecture, Mappings, Database Support, Inheritance Strategies, Associations, Querying, Caching, ID Generators, Properties, Events and Interception, Tracking Changes, Optimistic Concurrency Control, Batching, Cascading, Flushing Changes, Lazy Loading, Generating and Updating the Database, Extensibility and Integration With Other Microsoft APIs and Tools

http://weblogs.asp.net/ricardoperes/archive/2012/06/07/differences-between-nhibernate-and-entity-framework.aspx

Greg Slovacek article on readwriteweb.com gives his vision of how he see the real-time web being the next big technology focus for the web.

His Article covers several interesting areas of the real-time web and is definatley worth the read for anyone interested in this domain:

Understanding Real Time

Responsiveness

Freshness

Architecture of a Real-Time Web Application

Data Model

Sync Protocol

Publication-Subscription System

Development Implications

http://www.readwriteweb.com/hack/2012/04/realizing-the-promise-of-a-rea.php

Troy Hunt has provided this excellent release management series for your web applications using Team City, Subversion and MS Web Deploy.

First post in the series focuses on configuration management, specifically config transformations.

The rest of the series focuses on the following:

• Config transforms
• MSBuild and deployable packages
• Publishing with Web Deploy
• Continuous builds with TeamCity
• Web Deploy with TeamCity

Definitely worth a look if reviewing your current deployment process and looking for a more robust and automated solution.

NServiceBus have recently released a visual studio extension to help model your distributed pub/sub architecture. Useful tool for providing a visual representation of your architecture and generating the initial visual studio project structures. Handy for automatically generating those initial time-consuming unicast configurations for message routing.

Video: http://vimeo.com/29659143

Visual Studio Extension: http://visualstudiogallery.msdn.microsoft.com/c262316b-34da-45c8-9230-25adaf103803

I have recently been reviewing our build process and integrating static code analysis using FXCop (now part of Windows 7.1 SDK), StyleCop and SourceMonitor (post for another day).

As part of our larger organisation security review we needed to review all possible vulnerabilities across all our web applications and shared SOA.

The following resource gives a fantasic overview of the most commom vulnerabilities along with code examples to explain:

• Input Validation Flaw
• Cross-Site Scripting Vulnerability
• Buffer Overflow Flaws
• SQL Injection Flaw
• Command Injection Attacks
• Improper Error/ Exception Handling
• Improper Access control
• Improper Authentication Flaws
• Improper Session Management
• Improper Cookie Management
• Denial of Service
• Improper Configuration Flaws
• Transport Level Flaw

Guide can be found here : http://www.infosecwriters.com/text_resources/pdf/Code_Review_KMaraju.pdf

Other useful resources for security analysis in the SDLC and how you should be including it within your day to day development: https://www.owasp.org/index.php/Security_Code_Review_in_the_SDLC

Had some discussions with colleages over the implementation of a Factory design pattern the other day. This got my head back in to the books and on the web looking at best practices and c# examples.

The below pdf gives a good design overview of each of the most common design patterns in use today: Design Patterns Cheat Sheet

Abstract Factory, Adapter, Bridge, Builder, Chain of Responsibility, Command, Composite, Decorator, Facade, Factory Method, Flyweight, Interpreter, Iterator, Mediator, Memento, Prototype, Proxy, Observer, Singleton, State, Strategy, Template Method, Visitor

For a more laymans approach, which I found invaluble when I started learning about Design Patterns you can’t do much better than Head First Design Patterns

For implementation examples in C# I can definatley reccomend : Dofactory Design Patterns

The topic of code quality recently came up in on of our retrospectives (where’s that cowboy hat?).

As the focus wasn’t on naming and shaming individuals but to ensure all the teams adhere to a company coding standards we started formulating our own guidelines.

We found the following resources useful as a basis for preparing our own guidelines and creating new rules sets we could include in to  visual studio, resharper and our continuous integration environments:

• Visual Studio 2010 Rule Sets
• Coding Guidelines for C# 3.0 and C# 4.0 Cheat Sheet
• ReSharper 5 Code Style Rules

http://csharpguidelines.codeplex.com/releases/view/46280