The phrase “free, as in beer” is often used in connection with Open Source software, to indicate that the software is being given to users without any expectation of payment. This distinguishes it from “free, as in speech” which might erroneously suggest that the software could do whatever it liked.
Actually, were it not for Andres Freund’s recent discovery, a certain piece of software called xz utils might have actually become free to do whatever it liked (or more correctly, whatever its evil master desired). NIST gives it a criticality of 10/10. Freund announced his discovery a month after the tainted xz had been released, though thankfully before it had worked its way into production systems.
The xz utilities provide [click title to read more…]
Sometimes the best place to start a new coding experiment is with “Hello World” (HW), the absolute minimum, often borrowed from someone else who has kindly published it for the benefit of others. The fewer assumptions made by the HW project the more useful it will be to the community. Some HW demos tend to make a lot of assumptions (IDE, build mechanism, dependency management etc.) and this presents problems for those who don’t match.
I recently created a starting point for a JAX-RS API running on Tomcat 10.1 and JDK 17, and when I looked around the Web I noticed that similar demos tended to assume Eclipse, or Maven, or Gradle and so on in the development environment. Here [click title to read more…]
This involves AWS EC2 AMI deployment/setup automation, and if that makes you shudder then look away now.
Last week I was completing some automation that takes a blank EC2 through a carefully scripted sequence of steps to produce a production-ready platform for a specific live service. It’s not Chef, or Puppet or any of a number of config/build automation solutions. It’s just a simple shell script that incrementally adds functionality either to enhance its own configuration/build abilities and/or support the target setup. It’s close enough to the OS to support the granularity of control that I need, while being abstract enough to be reasonably compact. The current script is just shy of a thousand lines.
This script starts with the [click title to read more…]
Even though the source level of /some/source/path is set to: 17, java.util.zip.CRC32C cannot be found on the system module path:
This one took me hours.
A while ago I migrated a major project to JDK17 and made many adjustments to ensure further development on it could be done in the latest Netbeans 17. As NB17 is bleeding edge, I regularly check the IDE log to make sure it’s not having a hard time. Unfortunately, doing almost any editing of the project caused warnings such as the message at the top of this post to appear. Hundreds of them. Flooding the log.
This didn’t cause any problems with my ANT build on Jenkins, but I noticed it was making Netbeans pause [click title to read more…]
I decided today that I would take a look at a long-standing yet still active project, the bulk of which is in Java and running quite well under the latest v17 (LTS). In particular I wanted to know how much of the library of dependencies was compiled with earlier versions of Java. The result makes for some interesting reading.
My strategy was to extract the classes from every Jar and examine the version ID in the preamble bytes. I would then weight the discovered versions by the size of the class files (in uncompressed bytes), because counting files or lines of code is so unreliable.
From a total sample of about 5Gb of Java class bytes, only half of one [click title to read more…]