The Complete Weekly Roundup of SQL Server News

In this issue:

Blogs : Administration

Blogs : Backup and Recovery

Blogs : Big Data

Blogs : Career

Blogs : Computing in the Cloud

Blogs : Data Mining

Blogs : Database Design, Theory and Development

Blogs : DBA Tools

Blogs : DMO/SMO/Powershell

Blogs : NOSQL

Blogs : Performance and Tuning

Blogs : Professional Development

Blogs : Replication

Blogs : Security and Auditing

Blogs : T-SQL

Articles : Administration

Articles

Articles : Development

Database Weekly - www.databaseweekly.com

The Complete Weekly Roundup of SQL Server News

Hand-picked content to sharpen your professional edge

SQL Server News for 2014-07-28

sqlsourcecontrol 24% of devs don’t use database source control – make sure you aren’t one of them
Version control is standard for application code, but databases haven’t caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out…
sourcecontrolfororacle Free ebook "TortoiseSVN and Subversion Cookbook - Oracle Edition"
Use these recipes to work better, faster, and do things you never knew you could do with SVN. If you're new to source control, this book provides a concise guide to getting the most out of Subversion. Download it free.
sqldbabundle 7 tools for DBAs in one bundle
With the SQL DBA Bundle, get backup, monitoring, productivity, and comparison tools in one installer. "The savings in terms of disk space usage and bandwidth usage are amazing" - Andy Doyle, Boston Limited. Try out the full bundle with a free trial.
Editorial - Static Code Analysis: a necessary irritation.

There is something spooky about an application that routinely criticises your code. It is bad enough for the blood-pressure when youngsters do it. Worse, an application has more authority in the way it dismisses poor coding practices than a human. Some managers seem to be in awe of static code analysis.

When the C language emerged, it was unusual in that it allowed some ridiculous errors, compiling such code without even a warning.  You could, for example, read a variable before it had been set, have incompatible variables in an expression, do a division by zero, call functions with incorrect parameters, or assign values to variables that were outside the range.  Most language compilers picked up this sort of error, but C had a separate program, called Lint, to do this.  From this small beginning came the idea of  static code analysis.

There are some advantages to separating the checking of code from the compiling of  it.  You can, depending on the tool you use, go beyond the mere identification of coding errors to gauge the extent of technical debt, complexity, architecture, interface analyses, duplication, quality of design, extent of comments, and coding standards. You can run plagiarism checks, dead code analysis, style checking, security violations, and detect the use of open-source in contravention of the license.

It is rare to see extensive static code analysis being done methodically though it features heavily in techniques for continuous delivery.  It has some very obvious conveniences, since it can provide the big picture of the likely issues that could be faced during a deployment, particularly the legal, security, copyright and regulatory ones. For an application of any size, though, it doesn’t replace a manual audit of code, so its main advantages would be to alert the necessary IT specialists to take a closer look.

There are dangers too. It is human nature to rely on metrics more than professional judgements. Where it is easy to get figures on a software metric, such as with cyclomatic complexity,  it is tempting for managers to rely too heavily on it as a measure of technical debt, and for developers to respond by evolving  a coding style that gets the right scores. However, if you choose instead to  look at a broad range of ‘code smells’, you are much more likely to gain a realistic impression of code-quality.

Tools for code analysis are, I believe, best used by developers before any deployment process, as part of the normal process.  It can, in fact, be difficult to spot, and deal with, structural problems in code without them.  Sure, it is a good second-line defence to include it in the deployment process but if things first come to notice at that stage, it could cause delays.

There is little doubt that static code analysis can contribute to code quality and deliverability.  As an aid to a developer, it seems increasingly essential, but can it ever deliver reliable metrics of code-quality? One shudders at the potential misuse of quality metrics in the wrong hands.  My hope is that it remains just an aid to human judgement; and creativity.

» Join the debate, and respond to today's editorial on the forums


The Weekly News

All the headlines and interesting SQL Server information that we've collected over the past week, and sometimes even a few repeats if we think they fit. These headlines are gathered throughout the week and are posted in real time at the website. Check there for information throughout the week or enjoy this weekly summary of the SQL Server world.

Blogs : Administration

State Dept. database crash leads to passport, visa delays - The department is "working urgently to correct the problem and expect our system to be fully operational soon. "We do not believe there was any malicious action or anything untoward here -- this was a technical issue," said Harf. The problem occurred shortly after maintenance on the database took place....(more)

DevOps - DevOps is a good term and a good idea for software development. If a company implements it well, then it works and people are happier with the way software is produced. If they aren’t, then the process hasn’t been configured correctly....(more)

SQL Server 2012 Service Pack 2 Cumulative Update #1 is available! - The SQL Server team has released SQL Server 2012 SP2 Cumulative Update #1. This cumulative updates Service Pack 2 to include the fixes from SP1 CU#10 and a few from CU#11, including the fix for the online index rebuild corruption issue....(more)

Blogs : Backup and Recovery

Should Cloud Be Part of Your Backup and Disaster Recovery Plan? - Backup should never be treated as a "one-size fits all" thing. Your backup and recovery mechanisms need to be matched to your particular technological and business needs. There's simply no substitute for knowing your own requirements, the capability of various technologies, and carrying out a thorough evaluation. ...(more)

Get started backing up to the cloud with SQL Server Backup to Microsoft Azure Tool - There are some good reasons to back up your SQL Server database to the cloud. You have an offsite copy of your data for business continuity and disaster recovery purposes. You can choose to backup to Microsoft Azure even for databases that aren’t running the latest version of SQL Server – creating a consistent backup strategy across your database environment. ...(more)

Blogs : Big Data

Hadoop Speeds Data Delivery at Bloomberg - Hadoop has rapidly become the dominant distributed data platform, much as Linux quickly dominated the Unix operating system market. With that platform come a rich ecosystem of applications for building data products, whether it’s for the growing SQL on Hadoop movement or real-time data access with HBase....(more)

Blogs : Career

Career Planning for DBAs: Your Next Two Years - You’ve been doing this database thing for a while, and you’re ready to get serious about it. What’s the next step?...(more)

Blogs : Computing in the Cloud

HIPAA Compliance and Security Top Cloud Adoption Concerns for US Healthcare Providers - The 2014 HIMSS Analytics Cloud Survey documents the use and concerns of healthcare organizations use of cloud services. It also explores the value of these services to the organization and the likelihood they will use cloud more in the future....(more)

Blogs : Data Mining

Putting Data Into Context - Raw numbers are easy to report and analyze, but without the proper context, they can be misleading. Is the effect you’re seeing real, or a simple result of the underlying, obvious distribution? Too many analyses and news stories end up reporting things we already know....(more)

Blogs : Database Design, Theory and Development

The Confidence Gap: Is Your Data Quality Suspect? - It’s always a good idea to start with the question, “Do I trust my data?”— no matter what stage of the data management cycle you are in. Information management success requires a focus on people, processes, and practices, as well as technology that binds unique organizational needs and business rules to successfully manage information and leverage it for analytics. ...(more)

Blogs : DBA Tools

For proven in-memory technology without costly add-ons, migrate your Oracle databases to SQL Server 2014 - SQL Server Migration Assistant (SSMA) is a free tool to help customers migrate their existing Oracle databases to SQL Server 2014. SSMA for Oracle is designed to support migration from Oracle 9i or later version to all editions of SQL Server 2005, SQL Server 2008, SQL Server 2008 R2, and SQL Server 2012 and SQL Server 2014. ...(more)

Blogs : DMO/SMO/Powershell

Find Users Logged Into Remote Computer - Have you ever wanted to find out if someone is logged into a computer or maybe who is logged into a computer without having to remote in to check?...(more)

RestoreAutomation #Powershell Module - A little over two years ago, I posted a Powershell script for building database restores. It has been very handy and I’ve used it and refined it a lot over the years. I’ve compiled the previous Powershell script into a module. All you need to do to use it is download the module file and then import it into your Powershell session. ...(more)

Blogs : NOSQL

Building More NoSQL Support with Rich Development Experience - UnQL (Unstructured Query Language), the project to provide a universal access language to the NoSQL domain got a lot of initial attention but didn’t gain a strong foothold.To date, a widely-accepted, common high-level declarative query language for NoSQL databases such as document stores – an equivalent, that is, to the declarative language SQL for querying and modifying relational databases – is still waiting in the wings....(more)

Blogs : Performance and Tuning

Performance Guidance for SQL Server in Windows Azure VMs - Even if you aren’t running SQL Server, but want to understand best how to build high performance Azure IaaS applications, this article has a wealth of knowledge....(more)

Blogs : Professional Development

How To Get the Boss to Pay for Training - How do you get the boss to pay for training? In my experience you have to ask, align and persist....(more)

Victims of Success: PASS Summit 2014 selection process. - A sub-section of the community, defined by those who wish to speak, are victims of the success of the farm team system as represented by SQL Saturday. On the one hand, that sucks because I now need to work harder than ever on my abstracts, on the other, we’re going to see very few instances of really bad presentations at Summit. We’ve improved the brand and the community. It’s a good thing....(more)

Blogs : Replication

Merge Replication for SQL Server Auditing - This is a great way of managing Merge Replication in a data audit solution. Keep in mind, edition costs and other blocking events may cause you to not have access to features such as CDC but, there are many other features that provide much functionality far and beyond what they may seem to have on the surface....(more)

Blogs : Security and Auditing

WSJ website hacked, data offered for sale for 1 bitcoin - Dow Jones & Co. took two servers that store the news graphics for The Wall Street Journal website offline yesterday evening after a confirmed intrusion by a hacker calling himself “w0rm.” The hacker was offering what he claimed was user information and server access credentials ...(more)

Honesty is the best policy when it comes to security - cyber criminals often remain undetected for months or even years once they successfully get in. Finding them quickly and seeing what they have been doing and what applications and databases they have been compromising is the secret to preventing lasting damage. Then you can begin the process of being truthful with your customers, by letting them know you have a problem, but that it is under control and access to sensitive data is limited. ...(more)

Blogs : T-SQL

Why am I getting a Primary/Unique Key Violation - In fact I know of 3 possible reasons (and there may be more I don’t know) for seeing a primary key error. Technically they occur for any unique key, of which the primary key is one of possibly many, and they all boil down to trying to end up with two rows in the table that “match” based on the unique key....(more)

Quick Tips–SQL Prompt Custom Aliases - SQL Prompt can automatically create aliases for tables. However, as I’ve worked on different systems, I’ve often found that development teams like to use specific aliases consistently to ensure that everyone can easily read the code and understand which tables are being queried....(more)

T-SQL–Converting Seconds to Time - I was working on a small piece of code the other day that was calculating the seconds for an event. I had a function that returned me the seconds as an integer. That’s good, but I wanted to get that value back in minutes and seconds. The scale wasn’t so large as to worry about hours, or days....(more)

Articles : Administration

Data is like currency and should be treated as such - It is more than high time for all businesses to implement an adequate and efficient data security strategy. For this, the starting point should always be: what data do I store, where do I store that data and who has access to data? Once a clear picture emerges what happens to data where, when and by whom, its storage and retrieval can be made more secure. Data is increasingly perceived as a currency, and it should therefore be treated as such: by putting it in a safe place and making sure any exchange is authorized. ...(more)

Articles

Google’s 200 Ranking Factors: The Complete List - Google uses about 200 ranking factors in their page-ranking algorithm. I’ve put together a complete list. Some are proven, some are controversial and others are SEO nerd speculation....(more)

Articles : Development

Dealing with Node.js and Microsoft SQL Server: Part-1 - In a series of articles will look at how to use Node.js with some of the most popular products and platforms like SQL Server, MongoDB, Microsoft Azure, how to create applications using jQuery, jQuery UI and Ignite UI with Node.js The first post is dedicated to Node and Microsoft SQL Server....(more)

Pernicious Scrum Anti-Patterns - All too often Scrum teams cut corners or abuse the Scrum framework — they do the easy parts of Agile without doing the hard parts. These teams may see initial short term gains, but sooner or later, meet challenges, frustration, and in many instances, failure....(more)

Using OData from ASP.NET - ASP.NET Web API OData allows you to take advantage of your existing knowledge of both APS.NET MVC and the ASP.NET Web API to easily create OData endpoints. You can customize all the components and easily add features, such as complex server-side behavior modification via the addition of OData actions....(more)

Ten CSS One-Liners to Replace Native Apps - Paged designs, floating figures, and multi-column layout are widely used on mobile devices today. These are all native apps. If we want the web to win on these devices (we do), it’s vital that designers can build these kinds of presentations using web standards. ...(more)

Startup Mistakes You Should Never Make - We have Amicus shirts with “Make Mistakes” emblazoned across the front. They’re meant to encourage people to take risks, be bold, and embrace small failures – after all, if you’re not making mistakes, you’re not reaching your limits. But these are mistakes you shouldn’t make....(more)

10 Tips for Creating an Agile Product Strategy with the Vision Board - Traditionally, a product strategy is the result of months of market research and business analysis work. It is intended to be factual, reliable, and ready to be implemented. But in an agile, dynamic environment a product strategy is best created differently...(more)

Limited Options: Getting security compromises right - When it takes a year to install Magneto, something is wrong. Perhaps it was the challenge of translating the requirements into sufficiently concise and clear descriptions to be passed off to the foreign development team. Or, just perhaps, some of the company's own policies (or anti-policies) got in the way....(more)


Administrative