1Integrate v5.0: There’s a lot under the surface
Security
"Hey, we released another version of our product, and one of the changes is 'updated some 3rd party libraries'". Sounds mundane, right? Why bother even mentioning it? Well, it's a vital part of maintaining any piece of software and keeping it 'evergreen'. All software includes, or is built from, third party components which themselves are being continuously updated for security and combability. Even if a library doesn't have any explicit security patches itself, if it's not compatible with newer versions of other components then it would hold back the whole product from making use of security patches in those other components.
The reason this is important is that there were 30,000 documented 'Common Vulnerabilities and Exposures' (CVEs) raised last year. This is a public list of security vulnerabilities in common software that have been found, rated and publicly shared - to alert others of the risk and ensure mitigations are in place. There were 3,403 found and reported in October 2024 alone, so an average of more than 100 per day that month, spread across nearly 10,000 products or libraries. While it sounds scary, it's good that they are being found, listed, classified and plugged.
Because of the ongoing security arms race between software creators and attackers, vendors are always releasing new versions and encouraging customers to deploy the latest versions: not just because it makes it easier for them to support, but because the new releases will include patches for many vulnerabilities.
Of course, when a particularly serious vulnerability is found (often these are called zero-days because they are a problem in the standard software as deployed on 'day zero' without needing a specific configuration) then emergency patches and releases are made, but every new general release version will typically include many non-critical security fixes.
Docker Containers
1Integrate version 5.0 does include updates to many libraries, for security and supportability reasons but one of the other new capabilities is in the ease of customising a deployment when using Docker containers. Everyone* is using Docker these days to help with packaging, deployment and running of software, so what is Docker?
*Not everyone
Instead of deploying software by running an installer and ensuring that the right pre-reqs are already set up, Docker lets you wrap the software and the pre-reqs in an operating system 'container' which is then ready to run. This is like a 'virtual machine' of old, except that a virtual machine host pretends to be a computer firmware (hence virtually a machine) so that when you start up the VM image it takes time and lots of memory and CPU to start a whole other copy of the operating system. Instead, a Docker host lets a Docker container (with your software in it) run as an isolated process on the already running operating system which means its much faster to start up and requires less memory while believing (like it has taken the blue pill from the matrix) that it is the only thing running on the computer.
Docker is widely used in development because it is fast, convenient and reliable for testing and deploying the software but it is also used for distributing software to customers so they can deploy it easily on their environments by just deploying and running the container - and then use tools such as Kubernetes to automatically manage and scale their various containers.
1Integrate and the rules it runs are configured via a web UI, but sometimes projects need to drop in bespoke functions or bespoke data stores to their 1Integrate deployment. This new release allows administrators to add any bespoke components to a standard product release container, without the need to create a bespoke container that contains the bespoke components.
So, next time you see a product release announcement, look beyond the features because those mundane sounding housekeeping items are crucial for maintaining secure and easy-to-deploy software.
Interested in 1Integrate 5.0?
If you're looking for a no-code rules-engine that automatically checks, controls and transforms your data, then start a trial today.
Start a trial