First things first, let’s be clear that this is NOT a new Log4Shell or Spring4Shell vulnerability. Although it is a remote code execution issue, the impact is neither as severe nor as easily exploitable as the issue in Log4j from December 2021. Similar to the Log4j issue, the essence of the problem is that you can perform a lookup that …

The threat model for Java applications is changing, with modern risk coming from the widespread scope and usage of Java and library vulnerabilities. There are so many different versions of Java (both major and minor versions) and so many systems and libraries that it’s complex to know what everything is, where everything is, and if it’s what’s “out there” poses …

Queues are often fundamental components in software design patterns. But, what if there are millions of messages received every second and multi-process consumers need to be able to read the complete ledger of all messages? Java can only hold so much information before the heap becomes a limiting factor with high-impacting garbage collections as a result, potentially preventing us from …

As a tech guy, I love to discuss technologies. And as discussions go, it’s generally the comparison kind: JVM vs. Net, Java vs. Kotlin, Go vs. Rust, Maven vs. the unspeakable one, etc. However, it’s too easy to fall into the quagmire of the merits and flaws of our beloved toys, talk about them for hours, and not reach a …

Ever since I started to work on the Apache APISIX project, I’ve been trying to improve my knowledge and understanding of REST RESTful HTTP APIs. For this, I’m reading and watching the following sources: Books. At the moment, I’m finishing API Design Patterns. Expect a review soon. YouTube. I’d recommend ErikWilde’ channel. While some videos are better than others, they …

When I (re)started the JavaFX Links Of The Week on jfx-central.com in September, I was wondering if there would be enough material to share every week. But that was a stupid mistake as you can see below in the summary of what happened in October… JavaFX 19 and 20 JavaFX 19 just got released a few weeks ago, but Johan …

I won’t introduce Dependabot. Lots and lots of developers use it daily on GitHub. I do use it as well. However, it suffers from two drawbacks: While it’s perfectly integrated with GitHub, integrations with other platforms are less seamless. It’s limited in the list of ecosystems it supports For example, I generally use Docker Compose files for my demos. When …

Let me start off with saying that I love functional programming. Although… a better way of saying it would be that I love what functional programming brings me. It reduces complexity, the code is nice and explicit, and it eliminates certain bugs from occurring. But there are a few things that I wanted to discuss regarding functional programming. Object Orientation …

This was the second Dubai JUG meetup, yet the first real one. The first meetup was more of a practice team building session. Here is a trip report of the second Dubai JUG meetup. First day in Dubai This was my second time in Dubai. I had visited most of the landmarks the first time, making this a more relaxing visit without …

As I keep refactoring, this article will focus on a few more interesting ways to do it. These are pretty much minor yet effective and useful changes. Stream.noneMatch() and Stream.anyMatch() In some situations, we need to find a single case among many. For example, we want to do a certain operation if we have a list of items and a …