Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
One of the things that I simply cannot stress enough is the fact that all computer programs require at least some debugging for them to function at the highest levels. It is simply the reality of the situation, and there is no getting around this fact.
If you aren't prepared to spend some time debugging your own creations, then you are probably not in the right business. The fact remains that coders have to do this type of work all the time.
My last article on 10 VS Code Extensions to Fight Technical Debt got over 50.000 views and 500 reactions.
It doesn't surprise me as today I see many Engineering teams under huge pressure to build fast and often lacking time to fix and clean up their codebase.
React is a JavaScript library, and it is the most popular and industry-leading frontend development library today. JavaScript is a loosely typed language, and as a result, it catches runtime. The result of this is that JavaScript errors are caught very late and this can lead to nasty bugs. As a JavaScript library, React inherits this problem.
Clean code is a consistent style of programming that makes your code easier to write, read, and maintain. Anyone can write code that a computer can understand but good developers write clean code – code that humans can understand. Clean code is a reader-focused development style that improves our software quality and maintainability.
Is your team as productive as can be? We tend to be most productive while using tools we know and like best; that's why in the majority of dev teams, you're free to code with your weapon of choice (aka IDE). So no matter if you're utterly loyal to VS Code or you're a die-hard-JetBrains fan: these 5 cross-IDE tools are definitely worth checking out!
You can often hear statements that "Java is dying" and all modern people should switch to modern languages like Go as soon as possible. They say that it will be good with them, but it will be bad with old languages that everyone is about to give up. But is this true?
You can see two different variants in the "pre-death" statements. Some people say "Java is dying" quite literally: the time for the popularity of the language has passed, fewer and fewer people need it, and those remaining people are about to abandon it. Others believe that Java may be all right in terms of popularity, but technologically it is stuck in the last century, so it is not respectable to write in it now.
CockroachDB is a cloud-native SQL database for building global, scalable cloud services that survive disasters. CockroachDB is built with containers as a first-class citizen. It works well in baremetal, VM, and container environments like Kubernetes, Docker Swarm, and HashiCorp Nomad. One of my customers has a requirement to connect JetBrains DataGrip to a secure cluster. This short tutorial will step through the process of wiring this together using a multi-node CockroachDB cluster running in Docker, a load balancer container based on HAProxy and an early access version of DataGrip.
Start Cockroach in Docker, you can follow directions in our docs for an insecure cluster or use my repo to deploy a secure cluster in Docker compose.
JetBrains, makers of Phpstorm, one of the most popular IDEs for PHP developers, has published a statement denying any involvement in the SolarWinds attack, which compromised multiple US federal agencies and private companies. The company stated that it has not been the subject of an official investigation:
JetBrains has not taken part or been involved in this attack in any way. SolarWinds is one of our customers and uses TeamCity, which is a Continuous Integration and Deployment System, used as part of building software. SolarWinds has not contacted us with any details regarding the breach and the only information we have is what has been made publicly available.
This statement contradicts a recent New York Times article that claimed unspecified officials were investigating the company’s TeamCity continuous integration software as a possible entry point for the attack:
By compromising TeamCity, or exploiting gaps in how customers use the tool, cybersecurity experts say the Russian hackers could have inconspicuously planted back doors in an untold number of JetBrains’ clients. Because TeamCity is so widely deployed, experts said, it is imperative to determine whether its software contains a vulnerability, or if attackers exploited TeamCity customers via stolen passwords or gaps in unpatched, outdated software.
The New York Times did not specify which officials and “cybersecurity experts” were the source for this information but claimed that SolarWinds was also investigating the software internally. A previous version of the article referred to JetBrains as “an obscure software company,” which ruffled the feathers of the company’s most ardent customers. SolarWinds told both the Times and The Wall Street Journal that it has not confirmed a definitive link between JetBrains and the breach of its own software.
A joint statement from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI) and the National Security Agency (NSA) released this week points to Russia as the origin of the attacks:
This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks. At this time, we believe this was, and continues to be, an intelligence gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.
Phpstorm is widely used among WordPress developers, especially since version 8 added official support for WordPress in 2014. JetBrains users took to Twitter with questions and concerns about claims that the company was under investigation. Today, JetBrains published another update that clarifies its previous statement. It states that the company’s IDEs are standalone tools with no relation to TeamCity and that there is no evidence that any of their servers or tools have been tampered with.
JetBrains is organizing an independent security audit of TeamCity and has promised a transparent report of any vulnerabilities found that may have led to a breach.
“For over 20 years, one of our pillars has been to be transparent, honest, and truthful with our customers, and nothing hurts us more than seeing unfounded allegations that damage our reputation and instill doubt on our customers,” JetBrains CEO Maxim Shafirov said.
Happy New Year 2021!
This week, we revisit the API aspects of the SolarWinds breach and check out how APIs featured in the recent Ledger breach. There is also an API vulnerability found in Microsoft’s Office 365 Outlook and a new API development and security plugin for JetBrains IDEs.
Wow, what a bumper month! Summer is well and truly over and we are Being Productive! This month's edition is absolutely huge and I didn't even do any particular research for the newsletter; there was just a lot of interesting stuff kicking around. Of course, we have Java 13, and I've added two new sections: career advice and testing. Not testing your career, although that would be really useful too. There are also a lot of Spring Boot tutorials because I've been leaning on Google a lot this month for my live coding demo for Spring One Platform in Austin next week. Set aside some serious time for this edition!
Java 13 came out in September. It’s another short-term release, but it does mean that if you were on Java 12 your JDK is no longer supported and you should upgrade to 13. If you’re on Java 11 or 8, watch my video (last link below) to understand some of the questions you should be asking in order to decide whether to upgrade,
Ktor is an asynchronous web framework written in and designed for Kotlin. Allowing the more impressive features of Kotlin, such as coroutines, to not only be used but supported. Typically, Spring is my go-to general framework, and usually what I use when I need to put a REST API together. However, after recently attending a London Kotlin meetup where there was a presentation on Ktor, I decided I’d try something new for once. That is how I ended up here, writing a blog post about Ktor. So, this post is a learning experience for both you and me.
buildscript {
ext.kotlin_version = '1.3.41'
ext.ktor_version = '1.2.2'
repositories {
mavenCentral()
}
dependencies {
classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
}
}
apply plugin: 'java'
apply plugin: 'kotlin'
// might not be needed but my build kept defaulting to Java 12
java {
disableAutoTargetJvm()
}
// Ktor uses coroutines
kotlin {
experimental {
coroutines "enable"
}
}
compileKotlin {
kotlinOptions.jvmTarget = "1.8"
}
compileTestKotlin {
kotlinOptions.jvmTarget = "1.8"
}
dependencies {
// Kotlin stdlib + test dependencies
// ktor dependencies
compile "io.ktor:ktor-server-netty:$ktor_version"
compile "io.ktor:ktor-jackson:$ktor_version"
// logback for logging
compile group: 'ch.qos.logback', name: 'logback-classic', version: '1.2.3'
// kodein for dependency injection
compile group: 'org.kodein.di', name: 'kodein-di-generic-jvm', version: '6.3.0'
}The nice folks of TechDays Finland provided me with the opportunity to speak about Microservices for building an IDE - The innards of JetBrains Rider. It was nice to be able to talk about some of the internals, architecture and design decisions that were made while building a .NET IDE - Rider.
If you’re interested in the slides, find them below. This story is also available as an article on CODE Magazine: Building a .NET IDE with JetBrains Rider.