.NET Annotated Monthly | July 2023

Rachel Appel

Did you know? The acronym “ASP” stands for Active Server Pages, which was released by Microsoft in 1996. In 2002, Microsoft decided to continue using the name, but apply it to their new .NET framework so they added “.NET” to the acronym. Since then, we’ve known this technology as ASP.NET.

.NET news

• Introducing the New T4 Command-Line Tool for .NET
• Announcing .NET MAUI in .NET 8 Preview 5
• ASP.NET Core updates in .NET 8 Preview 5
• Announcing .NET 8 Preview 5
• Announcing an update for .NET Upgrade Assistant with a new CLI tool!
• Announcing dynamic JSON in the Azure Core library for .NET
• Microsoft Graph Toolkit v3.0 is now generally available

Featured content 

We’d like to thank Andrew Lock for curating this month’s featured content! Andrew is a senior software engineer at Datadog, Microsoft MVP, author of ASP.NET Core in Action, and avid blogger at https://andrewlock.net/ about all things .NET. You can find him on Twitter and Mastodon, or working on one of his open source projects on GitHub.

A big thank you to JetBrains for inviting me to talk to you about all the interesting .NET things I’ve been looking into recently. The last 12 months I’ve been working hard on the latest edition of my book, ASP.NET Core in Action, Third Edition, which has been updated to .NET 7. As it reaches the final stages of publication, I finally have some time to dig deep into some other topics. 

A tricky problem at work  prompted me to dig deep into SameSite cookies: what they are, how they work, as well as the problems they can cause. In a nutshell, SameSite is an option you can set when you send a cookie from your ASP.NET Core app, just like HttpOnly or Secure. SameSite cookies give protections against Cross-Site Request Forgery (CSRF) attacks by telling the browser to not send cookies in certain situations.

ASP.NET Core has good support for SameSite cookies, so you may well be using them without even realizing! Where things get tricky, is if you need to support legacy browsers. The SameSite specification introduced a breaking change in 2019, such that there’s no easy way to support both the original 2016 and 2019 specification! 

Microsoft’s suggested workaround for the problem is User-Agent sniffing in the server, but that didn’t sit well with me. So I decided to dig into the framework code to see if I could find anything interesting, and managed to find a solution. My proposal involved creating a custom ICookieManager that wraps the built-in ChunkingCookieManager and sets two cookies: one that supports the 2016 standard, and one that supports the 2019. The end result isn’t perfect, but it at least works with legacy browsers!

At the other end of the scale, I’ve been looking a lot recently at some of the work going into .NET 8. We’re still only at the preview stage, but there’s a lot of interesting work going in here, particularly around Ahead-Of-Time (AOT) compilation. I recently tried out the latest AOT templates included in the .NET 8 previews, and the results were impressive: a 7x reduction in startup time! This really highlights one of the biggest features of AOT, and how it could be very useful for serverless workloads specifically.

AOT brings a lot of challenges, and Damian Edwards and David Fowler talked about a lot of them at MSBuild and also in a recent community standup. The root of the issue is the need for the compiler to work out exactly which classes and methods you’re using, which means reflection is a big problem. As a result, .NET 8 introduces several new source generators, including a new generator for working with IOptions and configuration. I’m a big fan of source generators (check out my blog for lots of posts about them) so I’m looking forward to digging in to the minimal API source generator in particular in the coming weeks!

.NET 8 isn’t *just* about AOT, and it’s always fun to read about the new features coming to C#. MSBuild highlighted some of the things you can expect to come in C#12,  and one feature in particular caught my eye: collection literals. This proposal suggests a nice terse syntax, such as [x, y, z] for creating new collection types, whether they’re T[], List<T>, or Span<T>!  On top of that, they propose niceties such as a “spread” operator which could make working with collections much terser.

Another proposal that has caused a bit of a stir is “interceptors”. This proposal allows you to “swap out” a method at a callsite with a completely different method, but which has an identical signature. This could be very useful for some source generators (which is the main use case currently), as demonstrated by Rikki Gibson in this community standup. I’ll be watching closely, and thinking about all the interesting use cases that this could enable, particularly when it comes to AOT!

Programing tutorials and tips 

.NET tutorials and tips

• JetBrains Rider Gets a ChatGPT-like AI Assistant! – Nick Chapsas reviews Rider’s new AI Assistant. Watch it help craft commit messages as well as generate Unity files.
• Migrate your database using Entity Framework Core Migration Bundles – Are you migrating that database? Want to make it as painless as possible? Then check out this article by Daniel Lawson, showing how to use EF Core migration bundles.
• How to Add Authentication to .NET MAUI Apps – In this post, Laura Rodríguez details how to use OpenID Connect and Okta’s tools for authentication in .NET MAUI apps. 
• Microsoft Build Recap: Upgrading from Xamarin to .NET MAUI and Saving Files with .NET MAUI Community Toolkit – Leomaris Reyes published a recap from Microsoft’s Build conference in which they discuss the process of upgrading from Xamarin to MAUI. 
• Exploring Timer Triggers for Azure Functions – Golda at CodeMurals has published this tutorial on Azure functions featuring code that runs on a timer.
• Blazor unified project design – This GitHub issue by Steve Sanderson details the plans for the Blazor Unified project, which aims to combine the Blazor Server and WebAssembly architectures.
• 5 Blazor Improvements in New .NET 8 Preview 5 – David Ramel published this report of five improvements in Blazor including the new unified architecture and other goodies.
• Debugging JwtBearer Claim Problems in ASP.NET Core – Struggling to solve missing JwtBearer claims in ASP.Net Core? Tore Nestenius has written an easy step-by-step diagnostic guide that can help you.
• HTMX Boosts and ASP.NET Core Anti-Forgery Tokens and Using StringBuilder To Replace Values – Khalid Abuhakmeh has filled these posts with tips to help you work more effectively in .NET.
• Running Large Language Models locally – Your own ChatGPT-like AI in C# – Write a little code to make your own AI that helps you with your development tasks. 
• Five Reasons Why I Love HangFire (for ASP.NET) – Hangfire is a package that enables you to work more effectively with backend processes in web apps. Kevin Griffin outlines five ways in which it has helped him and can help you too.
• Jason Bock Explains What’s New in .NET 7 APIs – The title says it all. Jason reviews and explains several new features that you want to know about. Check it out, see what you like.
• How To Parse String to DateTime in C# – Get back to the basics with this article by CodeMaze on string parsing.
• How to Generate C# Business Object Class from a CSV File – This is a handy post by Greg Lutz showing a different way than usual to create business objects. So many businesses use CSV files, why not incorporate them into the business object hierarchy?
• ETags in ASP.NET Core – For those dealing with concurrency issues in EF Peter Ritchie
• Myths about F#: Code without type annotations is hard to review! No, it’s a relief – Urs Enzler penned some thoughts about type annotations and why you might want to reconsider using so many of them (or at all). Do you really need them? What do you think?
• How to Use Factory Pattern With Dependency Injection in .NET – Here’s Ahsan Ullah take on the classic Factory Pattern with DI. 
• Using encryption to verify a license key – If you’ve ever wondered how commercial software licenses are verified, Oren Eini has you covered. 
• Parsing websites in C# with Html Agility Pack or AngleSharp – For those times when you need to scrape data from a website or investigate its DOM, this post by Thomas Ardal shows how to use tools like the Html Agility Pack and AngleSharp to do so.
• Enable Un-typed within ASP.NET Core OData – ASP.NET Core OData has two new types for working with OData in ASP.NET, and Sam Xu introduces how to use them in this post.
• Permutations of a String in C# – When the order of some set of items is important, head  over to Matjaz Prtenjak’s post on permutations in C# strings.
• How Much Will It Hurt? The 10 Things You Need to Do to Migrate Your MVC/Web API App to ASP.NET Core – This is the 64 million dollar question (maybe more, there’s been inflation) that we all want and need to know. Peter Vogel
• C# Struct vs Class: Decoding Key Differences and Use Cases – Understanding the information about classes and structs in this post by Anoop Kumar is a great way to level up your coding skills.
• C# 12: Collection literals – Collection literals give us a nice new syntax to use and Steven Giesel demonstrates their use in this article.

Related programming tutorials and tips:

• Biggest scam in software dev? Best Practices. – Smackdown, Derek Comartin style! It’s true that far too many developers use best practices as a crutch, rather than deeply thinking through the problem. They don’t consider that the actual best best practice might be to reconsider simply accepting best practices.
• Why Your OpenAPI Spec Sucks – So many APIs are missing metadata, aren’t documented, or have the common problems outlined in this post by Sharon Pikovski.
• What Is Infrastructure as Code? – “How great would it be if I could create and manage my Azure resources using code?” asks (and answers) Claudio Bernasconi. It would be great! 
• How to choose between REST vs. GraphQL vs. gRPC vs. SOAP – Rather than just sprinting for that new shiny tech, why not let Bruno Pedro demonstrate the pros and cons, and why you might choose one over the other?

Have you tried our new AI Assistant in Rider? Here’s Laurent’s take…

Interesting and cool stuff

• What I Wish I Knew … about how varied software engineering is – There is so much more to creating software and digital products than just programming. From product managers, designers and more, Eleanor Lewis talks about the varied roles that go into software.
• Monetizing open-source development and supporting the community – Dennis Doomen has written a few things about the financial aspects of open source software development and how to really support those OSS projects you use.
• An Intro to Prompting and Prompt Engineering – With the proliferation of AI into software development as work, we all need to learn at least some basics about prompt engineering. Post by Shrinivasan Sankar.

And finally, the latest from JetBrains

Here’s a chance to catch up on JetBrains news that you might have missed:

• AI Assistant Comes to ReSharper
• AI Assistant Comes to Rider!
• ReSharper 2023.2 EAP 7
• Rider 2023.2 EAP 7 Is Out!

Join us on Tuesday, July 18th, in a new .NET on AWS Twitch show with Matt Ellis, a Developer Advocate at JetBrains, who will do a demo on .NET development with JetBrains Rider and AWS. The livestream starts at 8am PDT / 5pm CEST

⚒️ Check out our .NET Guide! Videos, tips, and tricks on .NET related topics. ⚒️

Blog posts, webinars, etc..

• Elevating C# Code Quality with Qodana: A Journey Towards Perfection
• Blazor Essentials – New Guide Tutorial
• How Docker Fast Mode Works in Rider
• How to Implement a Soft Delete Strategy with Entity Framework Core
• ReSharper 2023.2 EAP 7 Introduces a Predictive Debugger and Other Updates
• ReSharper 2023.2 EAP 3: Improvements for Working with Raw Strings and More C++ Features.
• Rider 2023.2 EAP 3: Improvements for Raw Strings, GitLab Integration, Memory Snapshot Analysis, and More
• ReSharper 2023.2 EAP 5: Improved Control Over Object Disposal, Support for Default Lambda Parameters, and C++23 Standard Library Modules.
• Rider 2023.2 EAP 5: Improved Support for C#, Better Performance Profiling, and More.
• ReSharper and Rider 2023.1.3 – Another Set of Bug-fixes Is Here
• Webinar – Joshua Jesper Krægpøth Ryder – The Future Is Here! WebAssembly for .NET Developers
• Cecil Phillip – Building payment flows with Stripe and Azure – Webinar Recording

Don’t miss this fantastic offer! CODE Magazine is offering a free subscription to JetBrains customers. Get your copy today!

Sharing is caring! So share content that you find useful with other readers. Don’t keep it to yourself! Send us an email with your suggestions for publication in future newsletters!

Subscribe to .NET Annotated

Subscribe to a monthly digest curated from the .NET Tools blog:

Subscribe form

By submitting this form, I agree to the JetBrains Privacy Policy Notification icon

By submitting this form, I agree that JetBrains s.r.o. ("JetBrains") may use my name, email address, and location data to send me newsletters, including commercial communications, and to process my personal data for this purpose. I agree that JetBrains may process said data using third-party services for this purpose in accordance with the JetBrains Privacy Policy. I understand that I can revoke this consent at any time in my profile. In addition, an unsubscribe link is included in each email.

Submit

Thanks, we've got you!