The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out

API Developer Weekly

April 14, 2022 - Issue #402
This week, we have a deep-dive into versioning with the AsyncAPI Specification, a checklist for your next API design review and a look at how Stoplight supports the technical writer workflow. Plus, GraphQL practitioners realize that error messages without error codes is bad (but still haven't considered HTTP status codes to standardize server-to-client communications), ngrok 3.0 has been released with support for cloud edge and secure tunnels, and SmartBear's acquisition of testing tools continues with an acquisition of Pactflow. 

Happy Reading!
-- James

Hot Topics
AsyncAPI versioning in practice
Before getting comfortable, this is a continuum of the first versioning post which clarifies the version strategy this post takes into practice. The workflow at which you propose changes to the APIs is what you can build the version strategy around. by EventStack []

A Checklist for Your Next API Design Review
When it comes time to deploy your API, it's best not to rely on your brain's memory to make sure you cover all the details. Even if you've got the best memory on Earth, you're still likely to forget something. This is why it's nice to have a checklist handy. []

Welcome to the next generation of ngrok
Today we are launching ngrok Cloud Edge and ngrok Secure Tunnels which transform ngrok from a developer tool into a powerful developer platform. These products not only improve ngrok for local development, but also enable developers to build and secure production applications. []

Ask the Doc(umentation Writer)
Hear from our technical writer, Pam Goodrich, as she dives into Stoplight Platform from the technical writer's point of view. Her take: it lets her publish high-quality API documentation and how-to information from the same Portal. by Pam Goodrich []

Use OAuth 2.0 tokens on your website, app, and servers
OAuth 2.0 is an open standard authorization framework for token-based authorization on the internet. An OAuth 2.0 access token is a string that the OAuth 2.0 client uses to make requests to the resource server, and hides the user's identity or other information from the OAuth 2.0 client. []

Exploring the future potential of generic GraphQL error codes
The GraphQL spec defines a set of validations for the GraphQL server to perform when resolving the query. If some validation fails, the corresponding error message must be returned under the errors entry of the GraphQL response. The actual message to return is not defined in the spec, hence it is customized by each server. []

What can we learn from tweets lookup error responses of Twitter v2 API?
What can we learn from tweets lookup error responses of Twitter v2 API? We can learn how to use the tweets lookup operations parameters without reading much of the documentation. We may also learn a few API design, implementation, and documentation principles in the making. by Arnaud Lauret []

Announcing Gloo GraphQL GA
Keith Babo | April 11, 2022 After the completion of a successful beta program , we're excited to announce that Gloo GraphQL is moving to GA status. We appreciate everyone that has been adopting the technology, and we're equally grateful for all of the feedback on areas to improve. []

Announcing AWS Lambda Function URLs: Built-in HTTPS Endpoints for Single-Function Microservices
Organizations are adopting microservices architectures to build resilient and scalable applications using AWS Lambda. These applications are composed of multiple serverless functions that implement the business logic. Each function is mapped to API endpoints, methods, and resources using services such as Amazon API Gateway and Application Load Balancer. []

Scaling Microservices with Contract Testing and Pactflow
API growth continues to rise within the modern enterprise. Microservices, are a leading growth driver for APIs as development teams continue to break down monolithic systems, seeking to capitalize on the advantages of decoupled capabilities. Benefits such as reduced costs, reduced time-to-market, faster release cycles and decentralized evolvability are possible. []
The Business of APIs
How APIs Are Pivotal to Modernizing Infrastructure
Many company leaders find themselves in the challenging position of realizing that their organization's IT infrastructure is too outdated to enable the kind of growth and modernization the business requires to stay competitive. Fortunately, application programming interface (API) practitioners play a significant role in helping companies get the tech upgrades they need. []

Linx Releases Advancements of its Low-code Platform
Linx, a low-code application development platform, has announced the general availability of Linx 6. Labelled as a backend platform for developers, the current iteration extends its capability to collaborate and deliver enterprise-strength low-code applications."Linx 6 is a significant and important leap for how developers use low-code platforms," said Twenty57 CTO Gawie Yssel. []
How many steps does it take for attackers to compromise critical assets? - Help Net Security
The XM Cyber research team analyzed the methods, attack paths and impacts of attack techniques that imperil critical assets across on-prem, multi-cloud and hybrid environments. Findings from the report incorporate insights from nearly two million endpoints, files, folders, and cloud resources throughout 2021. []

Spring4Shell: Spring users face new, zero-day vulnerability
Charlie Osborne 31 March 2022 at 14:28 UTC Updated: 31 March 2022 at 14:33 UTC Both security bugs are now reportedly being exploited in the wild Spring users are facing a new, zero-day vulnerability which was discovered in the same week as an earlier critical bug. []

Why Literate Programming Might Help You Write Better Code
It seems obvious, but code isn't only written for machines: it's written for people, too. Overlooking this fact can cause problems. "A friend of my dad's told me about a time he came across some truly horrible code at work. The code was terrible: poorly written, badly commented," Joël Franusic, solutions engineer at Okta, told The New Stack via email. by Richard Gall, Maria Korolov, David Cassel []

Unifying data lakes and data warehouses across clouds with BigLake | Google Cloud Blog
The volume of valuable data that organizations have to manage and analyze is growing at an incredible rate. This data is increasingly distributed across many locations, including data warehouses, data lakes, and NoSQL stores. As an organization's data gets more complex and proliferates across disparate data environments, silos emerge, creating increased risk and cost, especially when that data needs to be moved. []
Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at:
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2022 LaunchAny, All rights reserved.
unsubscribe from this list