JavaMug Spring Boot Discussion

I attended JavaMug last Wednesday as the speaker was Craig Walls author of Spring Boot in Action. When I heard about the book I had planned on purchasing it, but was disappointed there was no kindle version on Amazon. It does state if you purchase the print edition they will give you the kindle one for free, but I am trying to move away from paper books in general.

Overall the talk was pretty good. It is nice that there is a Pivotal employee local to the area so we can get a talk like this done. For most of the talk Craig just sort of demonstrated examples of what you can do with Spring Boot since there were people of varying degrees of experience with it. It was held at Improving in Addison which I had never been to, but they had some nice beer on tap (Kentucky Bourbon Barrel Ale). In a talk like this where you are just trying to introduce the concept to people it is hard to get as deep of a dive as I would like. But I did enjoy the part of the demo playing around with the metrics. That is something I haven’t really played around with, but of course got me immediately thinking about how much I would like to use that at work. I think maybe this year I will attempt to convert our legacy app to Spring Boot. It will be painful, but it just seems like more and more the benefits are so good that is what we should be doing. Hopefully I can find the time at work.

Then at the end of the talk they did a raffle and lo and behold I won the digital copy of Spring Boot in Action. I was pretty stoked about that given that I wanted that originally to begin with. When they get it to me and I get a chance to read it I will post a review up here.

Field injection is not evil

I am a big fan of the work Oliver Gierke has done in Spring Data. It is a framework I use daily at work and it really is amazing. A while back Greg Turnquist had posted something on Twitter against field injection. So I asked what was wrong with field injection and he pointed me to this post that Oliver had written about it.

This post is going to be my attempt to argue against Oliver’s position on the subject. It may wind up an epic failure, but if nothing else I figured it would help me think through my thoughts and assumptions on the issue and see if I can make an argument in favor of it. First head over to Oliver’s post on the topic and read it before you continue on.

Argument 1: “It’s a null pointer begging to happen

In Oliver’s example he MyCollaborator into MyComponent with the @Inject tag that you would use in Spring or in CDI. Then his argument is that a person would instantiate MyComponent outside of the Container with MyComponent component = new MyComponent().

My first thought is, you are dealing with a container managed component if you have @Inject in it so if someone is standing up the component outside of the container to me that already says they are doing something wrong. Given that I don’t find this a compelling argument. If you are using the component in a framework as it is designed to be used the framework will tell you if it can’t wire up the component due to missing dependencies, whether your container is Spring or it is JavaEE.

I suppose one could imagine designing a component that could be used in either Spring or CDI or standalone without a framework, and Oliver’s constructor example could still work (assuming you don’t blow up on the missing @Inject annotation which I think could happen.) So in my opinion this argument isn’t really valid or a big concern as is someone is misusing your component I am not too concerned with them getting a null pointer in that scenario.

Let’s consider his benefits of Constructor Injection. The first case is you can only create your component by providing all the dependencies. This forces the user of the component to provide everything. While I consider this a valid argument, I think the point is somewhat moot since we are talking about designing a component that already has a lifecycle to it and that a framework will inject the dependency for.

His second benefit is that you communicate mandatory requirements publicly. I have to admit I find this his most compelling argument. I don’t have a counter argument to this.

His third argument is that you can then set those fields final. I have to admit I do like making everything final so that is also a compelling argument to me. But not enough to counter the negatives of it.

Let’s consider the argument that he tries to dispel:

An often faced argument I get is: “Constructors just get too verbose if I have 6 or 7 dependencies. With fields only, this is fine”. Awesome, you’ve effectively worked around a clear indicator that the code you write is doing way too much. An increase in the number of dependencies a type has should hurt, as it makes you think about whether you should split up the component into multiple ones.

I don’t buy his counter argument here. In the project that I am working on we have a bunch of service level business logic components. We have a thin service layer that we expose to the presentation tier, and then do all the heavy lifting of our business logic in these hidden service level components. Given the high volume of business logic code we have we compose the different operations with injected reusable business logic components. This is also a huge benefit when working with a large team you get less merge conflicts as the code is spread out across more files and when you are onboarding new employees you have a lot more smaller business logic classes that are easier to digest than some massive classes with all this business logic in it.

If I split those components up that is what we have already done which is why we have to inject them all over the place to reuse those business methods. I think when dealing with a non-trivial app that is extremely large, breaking things into fine grained components that are reusable in multiple places actually leads to needing to inject more fields and not less.

Argument 2: Testability

In this case Oliver argues that you have to be doing reflection magic in unit tests if you use field level injection. To which I respond if you are running a dependency injection framework why wouldn’t you be using a dependency injection unit test framework. And of course we do. The answer is Mockito. With Mockito you structure your unit test like you would structure your component. So to test my service I might have something like below:

@InjectMocks final MyService service = new MyService();

@Mock Component requiredComponent;

@Test public void myTest() {

when(requiredComponent.methodCall()).thenReturn(new MockedResponse);

final boolean result = service.methodIAmTesting();

assertTrue(result);

}

Now I have a unit test that is structured largely like my service. The testing framework injects the mocked dependencies into our service we are testing and we wire up the results on the mocks so we can test our service. Again this strikes me as very testable as now I am writing tests that look a lot like the way my services themselves look.

So that is my argument against. Basically I think the number of arguments to the constructor actually does get extremely unreasonable in many real world scenarios where you have a lot of finely defined business logic components that can be composed in many different ways to solve the project. You do end up with a lot more boiler plate, and even if you use Lombok to hide it then you have ugly and somewhat cryptic Annotations to tell Lombok to put the @Inject annotation on the constructor. I think if you are running a dependency injection framework, it isn’t reasonable for people to instantiate those objects outside of that framework, and likewise it is very reasonable to expect your unit test framework to also be dependency injection driven.

Let me know if I have persuaded anyone to my point or if you think I am completely wrong and Oliver is right about this, I would love to hear someone explain to me why my arguments are wrong and why Oliver has been right all along, or if there is a 3rd even better way what that way is.

Cassandra Days in Dallas 2015

I may have mentioned this before, but I love going to software conferences. When I got the email mentioning that Cassandra Days was coming to Dallas with a free 1 day conference on all things Cassandra, I signed up immediately. The event was sponsored by Datastax who sells a commercial version of Cassandra called Datastax Enterprise. They had 2 tracks an introductory track for people who are just exploring Cassandra, but haven’t yet taken it to production, and track 2 which was a deeper dive for people with experience with Cassandra.

It was a great event. My team came over from the office as well and they attended a mix of track 1 and track 2. The main thing I wanted people to attend was the Data modeling sessions as that is one of the biggest changes for people who are used to SQL databases when they make the move to Cassandra. The CQL language is great to get SQL people up and running quickly, but then when they try to do things they are used to with a relational database it sort of falls apart for them. When we first signed up with Datastax Enterprise several of us got to attend their Data Modelling class on sight which was great and strongly recommended for anyone taking Cassandra into production, but my team mates had not attended those classes so this was a great event for them to attend.

I had 2 really big takeaways from the event. First was a discussion of Cassandra Light Weight Transactions. In my new Cassandra Data layer that I implemented as part of my current project I hadn’t exposed this concept yet as it is something that we haven’t used to date. It isn’t like a typical SQL transaction in that you aren’t getting the whole ACID concept or getting transactional rollback on a failure so the LWT terminology is a bit misleading. But what it does protect you is from a race condition that clobbers data. Let’s pretend you have a table where you are tracking login names. And they must be unique. If you read the table to see if a name is available and then do an insert in Cassandra there is a race condition where data can get clobbered. Imagine there are 2 users Jeffrey Haskovec and John Haskovec. They are both registering in our system at the same time. At time T1 Jeffrey Haskovec’s thread checks the table for the username of jhaskovec. There is no record so it is cleared to use it. At T2 John Haskovec’s thread then checks the table and sees that the username of jhaskovec isn’t used and so it proceeds. Then at time T3 Jeffrey Haskovec’s thread does an insert into the login table with a username of jhaskovec. The insert returns and Jeffrey thinks he has successfully registered his username. Then at T4 John Haskovec’s process inserts his username of jhaskovec which overwrites Jeffrey. At this point we aren’t aware that we just clobbered data in our datastore but when Jeffrey comes back and can’t login as his user account has been overwritten we will have a difficult to track down bug.

Enter light weight transactions. Now you change that insert statement to an insert if not exists statement in which case it starts up a transaction that guarantees it will only insert the hash if it isn’t already there. We have to check the return result of that insert statement to find out if our insert was successful. So if we go back to our previous example at T4, John Haskovec’s insert would have returned a false that it wasn’t applied and we would have avoided clobbering Jeffrey’s insert from T3. This alone is actually a problem a new table that we are modeling could have had in extremely rare situations so it was very timely that I attended this talk.

I also really liked Patrick McFadden’s advanced data modeling talk as he always gives some great ideas that are worth considering. Lots of just general things to consider there that are always helpful. One of the other talks I was at went into a bunch of cluster level configuration discussion which was also good to hear. I will dig into what we are doing and see how it compares to some of the options that were presented.

The other great thing about conferences is just networking with people. I chatted with a few other people from different companies and it is always interesting to hear how they are using Cassandra and just what things are like in their domain. All in all it was a great event and if one of them is coming to a city near you it is worth spending the day over there for a good free conference. Oh and one final cool thing was that Datastax gave us all USB drives with the latest versions of all of their software on it which is nice to play around with if you are considering rolling it out.

Kegs & code

I attended the kegs & code last night. It was a code challenge and party with cash prizes that was hosted by Saltt Ventures. I had never attended a code challenge or hack-a-thon or anything like that, but I figured it is good to get out of your comfort zone every now and then and try something new. Plus when they have free beer that is a pretty big perk. The beer was supplied by BrainDead Brewery which I hadn’t had prior to this event. The event started out as a happy hour with pizza and beer and then at some point we setup and the challenge began. It was a race to solve 10 problems in the quickest amount of time with first place getting $500, second $250 and third $100.

The scoreboard
The scoreboard

I setup my laptop and opened up a new IntelliJ project to work in. Looking around I saw a whole mix of people doing different things. The one contestant that I knew Rocco was using a macbook and I suspect programming in Ruby since he is a Rails programmer. I saw someone programming on a little netbook which is funny to see as he then pulled out a huge keyboard and mouse, so his keyboard was much larger than his machine. I saw some people with Python on their screen as well. So it is pretty much pick whatever tools you are comfortable in to solve the problems. The rules that were given to us were that if you submit 10 wrong answers you are disqualified so up front you already have to be somewhat conservative and double check the questions.

The start screen
Waiting for the challenge to begin…

The contest began and the first question displayed a sha1 hash that was a result from the word kegs with a 4 digit hexadecimal value appended to it. I quickly went out and downloaded Apache Commons Codec so I could use its DigestUtils.sha1Hex class, to spit out a hex string after you run sha1 on it. I executed my code and quickly came up with a result of c0de.  The original hash presented was bdcb2013c555b6ff440a0b51ddf9c49284f48d9e

Next we were presented a json map that had integer values as a key and text as a value. You were instructed to decode it. Basically if you appended all the keys in the right order you ended up with a sentence that was the answer. Here is the original json: [[7,\" t\"],[33,\"n.\"],[14,\" B\"],[30,\"du\"],[28,\" p\"],[0,\"I \"],[23,\"te\"],[25,\" i\"],[24,\"st\"],[2,\"n'\"],[17,\"he\"],[10,\"my\"],[1,\"do\"],[26,\"t \"],[29,\"ro\"],[32,\"io\"],[19,\"I \"],[18,\"n \"],[11,\" c\"],[12,\"od\"],[15,\"ut\"],[16,\" w\"],[13,\"e.\"],[8,\"es\"],[22,\"I \"],[21,\", \"],[31,\"ct\"],[4,\"al\"],[27,\"in\"],[9,\"t \"],[6,\"ys\"],[3,\"t \"],[5,\"wa\"],[20,\"do\"]]

With this problem I considered using gson or Jackson. I haven’t actually written any gson code in over 3 years and I am used to using Jackson in the context of Spring where everything is setup for you.  I quickly determined that it would take me longer to set those libs up to do the problem than to just solve it by looking at it, so I did that to move on. But I chalk that up to a lesson learned for next time on preparation for this type of event.

The next challenge we were presented with the following string: gv qrxvy V qan yevt n qrffvx V We were asked to rot13 the string and then reverse the string and replace the world girl with squirrel and then upper case that string as our answer. I googled up a rot13 algorithm that I found on stack overflow and used.

The next challenge question was a block of text:

"Ecstatic advanced and procured civility not absolute put continue. Overcame breeding or my concerns removing desirous so absolute. My melancholy unpleasing imprudence considered in advantages so impression. Almost unable put piqued talked likely houses her met. Met any nor may through resolve entered. An mr cause tried oh do shade happy.\n" +
"\n" +
"She travelling acceptance men unpleasant her especially entreaties law. Law forth but end any arise chief arose. Old her say learn these large. Joy fond many ham high seen this. Few preferred continual sir led incommode neglected. Discovered too old insensible collecting unpleasant but invitation.\n" +
"\n" +
"Savings her pleased are several started females met. Short her not among being any. Thing of judge fruit charm views do. Miles mr an forty along as he. She education get middleton day agreement performed preserved unwilling. Do however as pleased offence outward beloved by present. By outward neither he so covered amiable greater. Juvenile proposal betrayed he an informed weddings followed. Precaution day see imprudence sympathize principles. At full leaf give quit to in they up.\n" +
"\n" +
"Living valley had silent eat merits esteem bed. In last an or went wise as left. Visited civilly am demesne so colonel he calling. So unreserved do interested increasing sentiments. Vanity day giving points within six not law. Few impression difficulty his use has comparison decisively.\n" +
"\n" +
"At every tiled on ye defer do. No attention suspected oh difficult. Fond his say old meet cold find come whom. The sir park sake bred. Wonder matter now can estate esteem assure fat roused. Am performed on existence as discourse is. Pleasure friendly at marriage blessing or.\n" +
"\n" +
"Examine she brother prudent add day ham. Far stairs now coming bed oppose hunted become his. You zealously departure had procuring suspicion. Books whose front would purse if be do decay. Quitting you way formerly disposed perceive ladyship are. Common turned boy direct and yet.\n" +
"\n" +
"Way nor furnished sir procuring therefore but. Warmth far manner myself active are cannot called. Set her half end girl rich met. Me allowance departure an curiosity ye. In no talking address excited it conduct. Husbands debating replying overcame blessing he it me to domestic.\n" +
"\n" +
"Consider now provided laughter boy landlord dashwood. Often voice and the spoke. No shewing fertile village equally prepare up females as an. That do an case an what plan hour of paid. Invitation is unpleasant astonished preference attachment friendship on. Did sentiments increasing particular nay. Mr he recurred received prospect in. Wishing cheered parlors adapted am at amongst matters.\n" +
"\n" +
"Assure polite his really and others figure though. Day age advantages end sufficient eat expression travelling. Of on am father by agreed supply rather either. Own handsome delicate its property mistress her end appetite. Mean are sons too sold nor said. Son share three men power boy you. Now merits wonder effect garret own.";

We were instructed to count the number of words in the block of text that only used letters from the first half of the alphabet. For this problem I found myself wishing I was better with Java 8 Lambas and Streams as this seemed like a perfect problem to stream through the test and then do reductions until we are left with what we want to count. However since I am still a beginner on the Java 8 functional style I slammed out the traditional imperative style. I split the block of text into words. I iterated the array of words and converted them to lower case and then iterated through each letter. I took advantage of the fact that a char in Java is a 16 bit unsigned integer. I found the ascii value for the letter m which is 109 (for lowercase) and then said if the value of the char was > 109 then we break out of the loop and don’t count the word otherwise we increment the count. That worked great and it was on to the next challenge.

I had actually forgotten about this question until just now when I am reviewing my code from the event. This question was given a list of numbers convert them all to binary and count how many one’s there are in those binary numbers. Then take that count and convert that number to binary and that is the answer.  The numbers we had to convert were as follows: 533, 239, 1144, 51, 217, 247, 312, 0, 941, 1060, 805, 158, 1020, 1038, 748, 834, 36, 460, 688, 276, 2, 112, 91, 297, 954, 245, 885, 37, 1120, 803, 551, 257, 654, 1101, 948, 1050, 524, 607, 336, 883, 17, 524, 66, 399, 343, 368, 389, 741, 841, 196, 303, 20, 190, 828, 940, 825, 941, 258, 385, 14, 650, 427, 118, 44, 152, 709, 112, 554, 183, 22, 711, 772, 865, 986, 399, 957, 358, 759, 306, 94, 577, 980, 396, 451, 441, 829, 145, 62, 566, 138, 899, 1010, 383, 449, 745, 560, 586, 489, 117, 56, 508 For this problem I just slammed all the numbers into an array iterated the array and appended the binary value to a StringBuilder using Integer.toBinaryString(). Then I went character by character through the string builder and counted the ones.

The next challenge was to count the number of numbers between 0 and 10^8 that divide evenly by 13 and also if you reverse the number the reversed number also divided by 13 evenly. So for example if 1234 divided evenly by 13 check if 4321 also divided evenly by 13, and if so count it. This was a pretty easy problem to solve basically iterate in a loop and do a couple of modulus operations.

Then I hit the next question. It was a database table of 20 ids and values. You were presented a db query that was something like SELECT SUM(VALUE) FROM TABLE WHERE value / key > 20 AND value / 2 NOT EQUAL 0. I quickly wrote up some java to do the algorithm and slammed the values into a map and spun there and did the result. I got the result of 1620 and I entered it and was told it was incorrect. I double and triple checked both my values and my algorithm and they looked correct. So I loaded all the data into a SQLServer database that I have on my laptop. I again got the same result 1620 which they said was incorrect. At that point I was basically blocked as I had printed out all the values at each step in the java program and could verify it was doing the right thing. After banging my head on this problem for probably 15 minutes then all the money prizes were taken. They offered to give me the value if I wanted to complete the rest of the challenges, but my thought was if I was out of the money I would rather grab a beer and chat with some people, so that is what I did. I ended up completing 60% of the challenge and had a lot of fun messing around with it.

I was discussing the problems with Rocco afterwards (whom placed 2nd). He said there was also a question about pulling something out of an Amazon S3 which I haven’t done, so that would have taken a bit of research but was probably something I could quickly google. The winner of the challenge interestingly enough actually got more than 10 wrong answers. By the rules we were given at the start of the contest he should have been disqualified but they changed the rules in the middle and said they were going to allow 25 incorrect answers. Rocco said the winner beat him by about 5 minutes.

Would I do it again? For sure, however I think before the next one I would do a little prep. First I would have a new IntelliJ project setup and just preload common libraries you are probably going to need to solve most problems. So next time I will have a bunch of things like Apache Commons downloaded and ready to go and some JSON library as well that I will have practiced with. A question worth asking is would I have an advantage programming in a more dynamic language than Java? I think if you have the advantage of a great IDE like Idea and you had a preloaded project with most common libs you are going to need for anything like this type of challenge I don’t feel you are at a disadvantage using Java. One of the biggest strengths of Java is just how rich the libraries are that you can solve most of these things with very few lines of code. Maybe if I had access to the Java 9 REPL shell it could be faster, but coding inside of my IDE is very fast. I saw some people brought external keyboards and mice. I type fast enough on my laptop I can’t see bringing an external keyboard, but I will definitely bring an external mouse next time I could speed things up with that.

AspectJ Maven Plugin update

I am happy to report that after much delay the Mojohaus team has finally fixed the Aspectj Maven plugin to allow disabling the annotation processing by the aspectj compiler. It will be fixed in version 1.8 of the plugin. You may recall that back in April I was forced to fork the project to fix this and move on so I could do our Spring 4.1 upgrade. I look forward to switching back to the community version and at that point I will probably delete my github repository as I never wanted to maintain my own version to begin with. Now back to some programming on my new Cassandra layer…

Java 8 lambdas and streams

I just finished up the Java 8 lambda’s and streams class. I finished a little later than I wanted to because I decided to upgrade to Windows 10 last week which was an epic failure. I used the media download tool to upgrade prior to my machine coming up in the queue and all the upgrade ran normally and things appeared to work fine. At the end it booted up and presented a login screen. I attempted to login and the machine sat there spinning for about a minute and then rebooted. After coming back the same. At that point I realized I made a mistake trusting the upgrade and my normal windows procedure is to buy a new drive, do a clean install and then bring my data over. (That was last Wednesday.) So Thursday at noon I ran over to Microcenter and bought a new drive. Then over the weekend I did a clean install of 10 and copied my data from the old drive. I am not up and running on 10 and I would have to say I like it more than Windows 7. It seems fast on my old machine, the UI improvements are great, but I haven’t yet had a chance to test any of my games on Steam to see how it handles video gaming. A coworker tried to upgrade his Windows 7 laptop which also failed but his automatically rolled back. My nephew was able to successfully run the upgrade from Windows 8.1 so it seems like 8 is a safer OS to upgrade from.

Now on to the class, I did lesson 3 and Simon did a great job closing out the topic. My first impression of the course was that I thought I preferred Venkat’s approach to the topic at SpringOne 2014, but what I liked about Simon Ritter’s approach was he covered a lot of low level questions I immediately had when watching the videos. Like primitives vs a lot of boxing and unboxing of variables. Another advantage of Simon’s course was the homework was amazing. I would watch all the lectures and be like yeah I got this, and then the homework would hit and I would be like wait how do I do that again? I watched Venkat’s video, but since I didn’t start using the stuff right away it didn’t stick. In this case I was forced to use the material from the video which was super helpful. The homework questions seemed to escalate in difficulty which was good to really reinforce the knowledge. The test questions were really good, but I didn’t like the questions where you had to check multiple correct questions, and I think those were the one’s I missed. I think I do better with a radio button style of answer than a check all that are right test, but I still passed all the tests easily after doing the homework.

I have to say the homework 3 was brutal I haven’t completely finished the problem yet, which is probably a good sign as it really challenged me whereas all the previous homework problems I could work through in about 30 minutes. So at the end of the day would I recommend the course? Most definitely it was great and I am much better off for taking it. This was my first practical use of the new Java 8 constructs and the material was laid out in such a way that it really challenged my thinking to get me to stop thinking imperatively and start thinking functionally. I have approval at work to start working on our JBoss EAP upgrade and once I get that in place Java 8 will be a go. Hopefully in the next month or two we will be running this in production and then I am going to turn on java 8 compilation and start using this stuff. They are talking about re-running this class in September and anyone who missed this round should sign up then. Also you should follow Simon Ritter on Twitter at @speakjava.

I’m back

After a month long hiatus I have returned. I have been traveling for most of the last month so the blog sort of fell to the side. Now that I am done with my summer travel I hope to be back to the weekly posting schedule. That being said I don’t have a lot of updates as I have been vacationing and not doing a lot of work so it was recharge time and not explore new technologies. However today there is a new MOOC starting that people may be interested in, it is the Java 8 Lambda and Streams Intro class. I plan on going through this class to try to improve my way of thinking to be more functional when solving problems in Java. I am hoping to do some work to push a container upgrade at work in the next couple of weeks which will allow us to go to Java 8 in production in the following month so with any luck I will be using these new constructs come fall in my projects.

Clover and Wikitree

Good news this week. Our purchase of Clover was approved and we will have our license keys in a matter of days. As of tomorrow it is going into our build and Cobertura is getting ripped out. You may recall I previously wrote about my issues with Cobertura. One problem was the latest version at the time 2.0.3 didn’t work with Powermock, even though 1.9.4.1 did. And the second issue I was having with it was the lack of Java 8 support since we are close to upgrading on our project at work. Well oddly enough early in this week I saw Cobertura had a new maven plug and a new release 2.1.1. I immediately updated to the 2.7 plugin to give it a go and it promptly failed on Powermock like 2.0.3. So I didn’t feel bad at all when 2 days later I found out our Clover purchase request had been approved.

The other thing I have been messing around with in my spare time is Wikitree. Wikitree is basically a Wiki meets Ancestry. Full disclosure I am currently an Ancestry.com subscriber. What I like about Wikitree vs Ancestry is that in theory it is 1 tree that everyone is working on. Instead of everyone having their own trees and you sort of connecting to other people researching common ancestors and pulling some of their data the goal of this project is just one tree and you link in when you meet up at common ancestors. This seems like a better model for collaboration assuming that the people with your common ancestors are open to working with you on their pages. They also seem to do privacy well which Ancestry does in that if people are alive there is a much more limited set of information that is released and the farther back you go the more information that is public. Now I have one HUGE complaint with wikitree. They don’t support SSL. Not for the entire site, nor even just the authentication page. This is pretty ridiculous in 2015. If they had it on the authentication page at least your password wouldn’t be flying in plain text, but your session could still be hijacked. At this point I think it reflects pretty poorly on any organization if they don’t support basic web security. Worse on a site like this where they purport to protect the privacy of people working on it, without actually taking the most basic of steps to do so.

Me being me I figured I would email Chris Whitten the founder of the site. And to his credit he immediately got back to me, however his response was less than satisfactory. He stated the following:

Hi Jeffrey,

We worked on implementing SSL site-wide and it was much more difficult
than expected. We could protect just your login password, if that’s
your concern.

Chris

To me this sort of is someone who fundamentally doesn’t really get it. While protecting the privacy of my login password is a good start at this point given the sensitivity of some of the information (Birth dates, Mother’s maiden names, etc), I would expect that security is a higher priority at the site, but apparently that isn’t the case. Hopefully they make it more of a priority as I would like to make it my main family tree site and migrate away from Ancestry, but if they don’t care about their members security I am not sure if I will be able to do so.

JHipster

I was reading the Spring Blog the other day and I came across this story. I was intrigued because I found the name funny so I read the post and watched the embedded youtube video and was completely blown away. Take all the excitement I had for Spring Boot after SpringOne and multiply it by 10. Not only does this build on top of Spring Boot it integrates in all the trendy front end technologies that are in use today. All the pain of bootstrapping and setting up a full on website is taken away while they do all the work for you.

JHipster is built on Spring Boot, Spring Security, Node.js, Angular.js, and Yeoman. Basically it manages to boil down every trendy front end technology with every trendy back end technology and do all the integration for you so you can start ripping code. They support Maven and Gradle as well as Grunt or Gulp. I admit I had never really heard of Yeoman or looked into it, but it is amazing. You can really automate a ton of your repetitive tasks with it so you can focus on solving the real problems you are facing. This project seems like a startup companies dream since all that monotonous configuration can just be skipped and you can focus on getting your application up and running and just out there.

This also fits in with my themes for the year where I wanted to spend more time working with Spring Boot as well as learning Angular and now I can all in the context of trying to build a small project under JHipster. Anyway the technology looks amazing and I would encourage everyone to give it a look and see what you think. Oh and a pro-tip if you are a non-hipster like myself running windows, when you do yo jhipster to generate your app, do it from inside of your git-bash window as if you use a normal windows cmd prompt it seems to fail in the course of generating the app.

Getting crushed by SonarQube

I have been upgrading our Sonar server from 4.5 to 4.5.2 and restructuring our project. I initially was planning on upgrading to SonarQube 5.0, but the upgrade process can’t seem to handle our database. After I upgraded to 4.5.2, I was restructuring. Initially we had each of our libraries setup as a separate project at work and there was a separate sonar project for each one. At one point we decided it was much better to consolidate them all under 1 git repository and make 1 maven master pom with each other project as a module in maven. When we did that we never got around to consolidating our Sonar project to 1 project with sub projects. After we upgraded to intelliJ we found that we couldn’t sue the sonar plugins to integrate with our environment as our project didn’t match our sonar project.

Hence I started working on restructuring it to reflect our current project structure. Of course me being me the first thing I want to do is update to the latest. After the Database Schema Upgrade to version 5.0 failed I restored from a previous backup and then did the upgrade to 4.5.2. After upgrading I also had to upgrade many of our plugins. Upon completion of that I ran the analysis and started working on fixing the new errors. I was getting pretty close to having all the issues fixed when I discovered many of the rules we were using were deprecated. We had 99 deprecated rules plugins so I disabled them and enabled the suggested replacements. Oh what a mistake, after being down to about 60 issues to fix that put me up to 1000. Ay!!! At the end we will have much better rules in place for our code, but after working on it all day today and not quite resolving all the issues I am sort of kicking myself for upgrading too much at once. Oh well I guess in the end it will be worth the pain.