Professional Documents
Culture Documents
RADAR VOL.18
Our thoughts on the
technology and trends that
are shaping the future
thoughtworks.com/radar
#TWTechRadar
CONTRIBUTORS
The Technology Radar is prepared by the
ThoughtWorks Technology Advisory Board, comprised of:
Rebecca Parsons (CTO) | Martin Fowler (Chief Scientist) | Bharani Subramaniam | Camilla Crispim | Erik Doernenburg
Evan Bottcher | Fausto de la Torre | Hao Xu | Ian Cartwright | James Lewis
Jonny LeRoy | Ketan Padegaonkar | Lakshminarasimhan Sudarshan | Marco Valtas | Mike Mason
Neal Ford | Rachel Laycock | Scott Shaw | Shangqi Liu | Zhamak Dehghani
RADAR AT A GLANCE
1 ADOPT 2 TRIAL
We feel strongly that Worth pursuing. It is
the industry should be important to understand how
adopting these items. to build up this capability.
We use them when Enterprises should try this
appropriate on our technology on a project that
projects. can handle the risk.
1 2 3 4
ADOPT ADOPT TRIAL ASSESS HOLD
3 ASSESS 4 HOLD
Worth exploring with the Proceed with caution.
goal of understanding
how it will affect your
enterprise.
96 108
Our Radar is forward looking. To make room for new items, we fade items
that haven’t moved recently, which isn’t a reflection on their value but rather
our limited Radar real estate.
TRIAL 24
2. Applying product management to internal platforms
3. Architectural fitness function 21
4. Autonomous bubble pattern 22
5. Chaos Engineering
6. Domain-scoped events NEW
7. Hosted identity management as a service NEW 20
8. Micro frontends 18 19
9. Pipelines for infrastructure as code
10. Polycloud
17
ASSESS 9
11. BeyondCorp NEW
12. Embedded mobile mocks NEW 7 10
23 16
13. Ethereum for decentralized applications 15
14. Event streaming as the source of truth 8
15. GraphQL for server side resource aggregation NEW
16. Infrastructure configuration scanner NEW
17. Jupyter for automated testing NEW 14
18. Log level per request NEW 6
19. Security Chaos Engineering NEW
20. Service mesh 5
21. Sidecars for endpoint security 13
22. The three Rs of security 4
HOLD 12
23. Generic cloud usage NEW 3 1
24. Recreating ESB antipatterns with Kafka
11 2
PLATFORMS
HOLD ASSESS TRIAL ADOPT
ADOPT
25. .NET Core 35 27
26. Kubernetes 25
36
TRIAL 26
27. Azure
28. Contentful NEW 37 28
29. EMQ NEW
30. Flood IO
31. GKE 38
29
32. Google Cloud Platform
33. Keycloak 31
34. WeChat 39
ASSESS 30
40
35. AWS Fargate NEW 33
36. Azure Service Fabric
41
37. Azure Stack NEW
38. Cloud Spanner
39. Corda 42 43 34
32
40. Cosmos DB
41. Godot NEW
42. Interledger NEW
43. Language Server Protocol 44
44. LoRaWAN 51 45
45. Mongoose OS NEW 46 47
46. Netlify 48 50
47. TensorFlow Serving
48. TICK Stack NEW 49
49. Web Bluetooth NEW
50. Windows Containers
HOLD
51. Overambitious API gateways
New or changed
No change
TRIAL
66 52. Appium Test Distribution NEW
53. BackstopJS NEW
54. Buildkite
55. CircleCI
68 56. CVXPY NEW
67 69 57. gopass
58. Headless Chrome for front-end test
70
59. Helm NEW
71 60. Jupyter
61. Kong API Gateway
72 62. kops
63. Patroni NEW
53 73 64. WireMock NEW
54 57
56 65. Yarn
52
55 74 ASSESS
66. Apex
75
58 67. ArchUnit NEW
68. cfn_nag NEW
59 76 69. Conduit NEW
70. Cypress
60 71. Dependabot NEW
77 72. Flow
61 73. Headless Firefox NEW
74. nsp NEW
62 63 78 75. Parcel NEW
76. Scout2 NEW
77. Sentry NEW
64 78. Sonobuoy
65 79 79. Swashbuckle for .NET Core NEW
82
87
104
LANGUAGES & FRAMEWORKS
81
103 ADOPT
80 80. AssertJ
102
81. Enzyme
82. Kotlin
101
86 TRIAL
100 83. Apollo NEW
84. CSS Grid Layout
85. CSS Modules
84 86. Hyperledger Composer NEW
99
87. OpenZeppelin NEW
85 98
ASSESS
88. Android Architecture Components
97 89. Atlas and BeeHive
96 90. Clara rules
83 95 91. Flutter NEW
92. Gobot
93 93. Hyperapp NEW
94
94. PyTorch
95. Rasa NEW
90 96. Reactor NEW
97. RIBs NEW
89 92 98. Solidity
88 91 99. SwiftNIO NEW
100. Tensorflow Eager Execution NEW
New or changed 101. TensorFlow Lite NEW
102. troposphere NEW
No change 103. Truffle
104. WebAssembly NEW
HOLD
TRIAL
2. Applying product management to internal platforms
3. Architectural fitness function 24 66
38
It’s important to remember that encapsulation applies to hosting the solution is a realistic
29 decision, especially for
events and event-driven architectures just as it applies enterprises that
39 have the operational discipline
31
and
84
to other areas of software. In particular, think about resources to do40so safely. Large30 enterprise identity
33
the scope of an event and whether we expect it to be solutions typically offer
41 a much more expansive range of
consumed within the same application, the same domain capabilities such as centralized
42 43
entitlements, governance
34
32
or across an entire organization. A DOMAIN-SCOPED reporting and separation of duties management among 83
EVENT will be consumed within the same domain as others. However, these concerns44 are typically more
51
it’s published, as such we expect the consumer to have relevant for employee identities,45especially
46 47
in48regulated 90
50
access to a certain context, resources or references enterprises with legacy systems. 88 89
49 9
in order to act on the event. If the consumption is
happening more widely within an organization, the Organizations are becoming more comfortable with the
contents of the event might well need to be different, and POLYCLOUD strategy — rather than going “all-in” with
we need to take care not to “leak” implementation details one provider, they are passing different types of workloads
that other domains then come to depend upon. to different providers based on their own strategy. Some
of them apply the best-of-breed approach, for example:
Identity management is a critical platform component. putting standard services on AWS, but using Google for
External users on mobile apps need to be authenticated, machine learning and data-oriented applications and
developers need to be given access to delivery Azure for Microsoft Windows applications. For some
infrastructure components, and microservices may organizations this is a cultural and business decision. Retail
need to identify themselves to other microservices. businesses, for example, often refuse to store their data
You should ask yourself whether identity management on Amazon and they distribute load to different providers
should be “self-hosted”. In our experience, a HOSTED based on their data. This is different to a cloud-agnostic
IDENTITY MANAGEMENT AS A SERVICE (SaaS) strategy of aiming for portability across providers, which is
solution is preferable. We believe that top-tier hosted costly and forces lowest-common-denominator thinking.
providers such as Auth0 and Okta can provide better Polycloud instead focuses on using the best match that
uptime and security SLAs. That said, sometimes self- each cloud provider offers.
17
9
53
7 10 54
23 16 56
52
15 55
8
PLATFORMS
14
6
5
13
4
12
3 1
11 2
36 81
TRIAL 26
80
27. Azure 37 28
28. Contentful NEW
29. EMQ NEW 38
30. Flood IO 29
31. GKE 31
32. Google Cloud Platform 39
33. Keycloak 84
30
40
34. WeChat 33
41
ASSESS
35. AWS Fargate NEW 42 43 32
34
36. Azure Service Fabric 83
37. Azure Stack NEW
38. Cloud Spanner 44
51
39. Corda 45
46 90
40. Cosmos DB 47 48 50
41. Godot NEW 89
88 9
42. Interledger NEW 49
43. Language Server Protocol
44. LoRaWAN
45. Mongoose OS NEW
46. Netlify
47. TensorFlow Serving
48. TICK Stack NEW
49. Web Bluetooth NEW
50. Windows Containers
HOLD
51. Overambitious API gateways
Our teams have confirmed that .NET CORE has nuanced and plausible strategy, including unique
reached a level of maturity that makes it the default for offerings such as Azure Germany and Azure Stack,
.NET server applications. The open source .NET Core which gives some certainty to European companies
framework enables the development and deployment in anticipation of the GDPR and possible legislative
of .NET applications on Windows, macOS and Linux with changes in the United States.
first-class cross-platform tooling. Microsoft provides
blessed Docker images which make it easy to deploy Headless Content Management Systems (CMSes)
.NET Core applications in a containerized environment. are becoming a common component of digital
Positive directions in the community and feedback from platforms. CONTENTFUL is a modern headless CMS
our projects indicate that .NET Core is the future for that our teams have successfully integrated into their
.NET development. development workflows. We particularly like its API-first
approach and implementing CMS as Code. It supports
Microsoft has steadily improved AZURE and today not powerful content modelling primitives as code and
much separates the core cloud experience provided content model evolution scripts, which allow treating it
by the major cloud providers – Amazon, Google and as other data store schemas and applying evolutionary
Microsoft. The cloud providers seem to agree and database design practices to CMS development. Other
seek to differentiate themselves in other areas such notable features that we’ve liked include inclusion of
as features, services and cost structure. Microsoft two CDNs by default to deliver media assets and JSON
is the provider who shows real interest in the legal documents, good support for localization, and the ability
requirements of European companies. They’ve a — albeit with some effort — to integrate with Auth0.
TRIAL
52. Appium Test Distribution NEW
53. BackstopJS NEW
24 66
54. Buildkite
55. CircleCI 21
56. CVXPY NEW 22
57. gopass 67 68
69
58. Headless Chrome for front-end test 20
70
59. Helm NEW 18 19
60. Jupyter 71
61. Kong API Gateway 17 72
62. kops 9 73
53
63. Patroni NEW 7 10 54
56 57
16
64. WireMock NEW 23 15
52
55 74
65. Yarn 8
75
58
ASSESS 14
66. Apex 6 59 76
67. ArchUnit NEW 5
60
68. cfn_nag NEW 13
77
4 61
69. Conduit NEW
70. Cypress 12 62 63 78
71. Dependabot NEW 3 1
72. Flow 64
73. Headless Firefox NEW 11 2 65 79
74. nsp NEW
HOLD ASSESS TRIAL ADOPT ADOPT TRIAL ASSESS HOLD
75. Parcel NEW
76. Scout2 NEW 35 27 82 104
77. Sentry NEW 25
87
78. Sonobuoy 36 81
103
26
79. Swashbuckle for .NET Core NEW 80
37 28 102
HOLD 101
38 86
29
100
31
efficiently solved.
83 95
is key in having short feedback loops. APPIUM TEST
93 94
44
DISTRIBUTION solves this 51 problem very 45 effectively (CVXPY)
90
with its ability to run tests in parallel as well46as run 47 48 50
89 92
the same tests on multiple devices. Among other 49
88 91
It’s surprising how many problems can be expressed as
things, it distinguishes itself by its ability to add and
mathematical optimization problems and often convex
remove devices in which tests run without any manual
problems that can be efficiently solved. CVXPY is an open
setup required and with its ability to run tests on
source Python-embedded modeling language for convex
remote devices. We’ve used it in a few projects at
optimization problems. It’s maintained by academics at
ThoughtWorks over the last couple of years and it
Stanford University and offers a batteries-included install
worked very well for us.
for several open source and commercial solvers. The
documentation includes many examples which should
We’ve been enjoying BACKSTOPJS for visual regression
inspire developers to use it. It’s particularly useful for
testing of web applications. The configurable viewports
prototyping solutions even though commercially licensed
and ability to adjust tolerances are particularly useful,
solvers, such Gurobi or IBM CPLEX, may be required.
as is the visual comparison tool, which makes it easier
In most cases though, it suffices by itself. However, the
to spot minor variations. It has good scriptability and
same group has written many extension packages such
the option to run in Headless Chrome, PhantomJS and
as DCCP and related software such as CVXOPT based on
SlimerJS. We find it particularly helpful when running it
recent advances in optimization.
against living component style guides.
12 62 63 78
3 1
64
11 2 65 79
HOLD
ASSERTJ is a Java library that provides a fluent KOTLIN has experienced an accelerated rate of
interface for assertions, which makes it easy to convey adoption and rapid growth of tooling support. Some
intent within test code. AssertJ gives readable error of the reasons behind its popularity are its concise
messages, soft assertions and improved collections syntax, null safety, ease of transition from Java and
and exception support. Many of our teams choose interoperability with other JVM-based languages in
AssertJ as their default assertion library instead of JUnit general, and that it doubles as a great introductory
combined with Java Hamcrest. language to functional programming. With JetBrains
adding the ability to compile Kotlin to native binaries
ENZYME has become the defacto standard for unit on multiple platforms, as well as transpile to JavaScript,
testing React UI components. Unlike many other we believe it has the potential of much wider use by
snapshot-based testing utilities, Enzyme enables you to the larger community of mobile and native application
test without doing on-device rendering, which results in developers. Although at the time of writing, some of the
faster and more granular testing. This is a contributing tooling such as static and coverage code analysis have
factor in our ability to massively reduce the amount yet to mature, given our experience of using Kotlin in
of functional testing we find we have to do in React many production applications, we believe Kotlin is ready
applications. In many of our projects it’s used within a for general adoption.
unit testing framework such as Jest.
In the last issue we featured PyTorch, a deep- WEBASSEMBLY is a big step forward in the capabilities
learning modeling framework that allows an of the browser as a code execution environment.
imperative programming style. Now TENSORFLOW Supported by all major browsers and backward
EAGER EXECUTION provides this imperative style compatible, it’s a binary compilation format designed to
in TensorFlow by enabling execution of modeling run in the browser at near native speeds. It opens up
statements outside of the context of a session. This the range of languages you can use to write front-end
improvement could provide the ease of debugging functionality, with early focus on C, C++ and Rust, and
and finer-grained model control of PyTorch with the it’s also an LLVM compilation target. When run in the
widespread popularity and performance of TensorFlow sandbox, it can interact with JavaScript and shares the
models. The feature is still quite new so we’re anxious same permissions and security model. When used with
to see how it performs and how it’ll be received by the Firefox’s new streaming compiler, it also results in faster
TensorFlow community. page initialization. Although it’s still early days, this W3C
standard is definitely one to start exploring.
SUBSCRIBE NOW
thght.works/Sub-EN
ThoughtWorks is a technology consultancy and community of passionate,
purpose-led individuals. We help our clients put technology at the core of
their business, and together create the software that matters most to them.
Dedicated to positive social change; our mission is to better humanity through
software, and we partner with many organisations striving in the same direction.
thoughtworks.com/radar
#TWTechRadar