Posts on Maarten on IT

Building a CLI with Quarkus, Kotlin and GraalVM

Mon, 28 Jul 2025 08:17:00 +0200

Command-line tools are great for automation, but choosing the right technology stack to build them can be tricky. I recently set out to build a new command-line application to streamline some tasks, drawing from previous experiences where the tooling left me wanting more.

This time, I chose a different combination of technologies that better suits my needs: Kotlin, Quarkus, and GraalVM. In this blog, I’ll walk you through the setup and decisions behind this stack—so you can get up and running even faster when building your own CLI tools.

Coding, Thinking and Adapting: My Take-Aways from Devoxx Poland 2025

Mon, 16 Jun 2025 21:53:00 +0200

Six years after my first Devoxx Poland visit, I was invited there again to present. This time, I had the opportunity to give two talks instead of just one. Apart from speaking, visiting a conference is a great way to also join other speaker’s sessions. In this blog, I will share some of the most inspiring talks I attended. Topics include mutation testing, monads, tips for smooth-running applications in production, effectively working with AI and hexagonal architecture. Continue reading for my recommendations from this year’s edition!

Authenticate Jakarta EE apps with Google using OpenID Connect

Tue, 20 Aug 2024 10:02:00 +0200

In one of my pet projects, I’m writing a Jakarta EE web application where I want users to authenticate using Google. Easy, you would say, as Jakarta EE 10 includes Jakarta Security 3.0, which has support for OpenID Connect authentication. Took me a bit more time to figure out how to get it working, and to save you from having to do that, here’s what I found.

Reduce Maven Plugin logging

Tue, 16 Jul 2024 08:16:00 +0200

Sometimes, a Maven plugin logs more then you want it to. I recently had this situation with a plugin that generated source code from specifications. This plugin alone wrote over 22000 lines of output just to inform the user that it did what it had to do. No errors or such, only confirming that it did its job. Such superfluous output makes it hard for developers to focus on actual problems in their build. It’s too easy to think “too long, didn’t read” (TL;DR) and hence miss the important bits. So, it’s time to tame the plugin logging!

Devnexus 2024

Wed, 10 Apr 2024 18:50:00 -0400

This year, I again have the pleasure to join Devnexus and speak there. In this blog, I’ll highlight some of the sessions that I’ve joined.

Measure Your Maven Build

Fri, 15 Mar 2024 09:46:00 +0200

Slow builds are annoying!

There, I’ve said it. And you know it’s true, don’t you? They take valuable time, they are a source of frustration, they extend the feedback cycle, and often they provide the perfect excuse for slacking off.

But it doesn’t have to be this way! Rather than getting another cup of coffee or playing that medieval game of gladiator, what if we would investigate why the build is so slow? If we know the bottlenecks, we can address them. That would shorten the feedback loop, increasing our productivity and our job happiness in one go.

Why Write Boring Apps?

Fri, 01 Mar 2024 15:00:00 +0200

If you’ve built any kind of web-based application in the last decade, chances are you were building a single-page application (SPA). This means you’ve been writing JavaScript or Typescript, had to work with the Node Package Manager or Yarn, needed to understand a framework like Angular, React or Vue and had to learn a new testing framework (or two). And that would have been only the basics. You would probably use other libraries, frameworks and toolkits: for styling the user interface, for doing API calls using REST and/or GraphQL, and for writing reusable components. But we usually take the pain, because the alternative is just… “boring”.

But it is time to reflect on this approach. It drags in a lot of complexity, but what does it give us? More complexity! At the end of the day, everyone will probably agree that simplicity is important. And what we want to achieve is a simple thing: displaying some information to a user. So why all that complexity?

Devoxx 2023: First Impressions

Mon, 09 Oct 2023 12:04:15 +0200

This week, I’ve been attending Devoxx Belgium. It wasn’t my first time around, so I more or less knew what to expect in terms of atmosphere, content and people. In this post, I will share my first impressions. It includes some interesting talks that I joined. Of course, there were more - but those require a larger post, so those may end up in a seperate post later.

Devnexus 2023 live blog

Wed, 05 Apr 2023 17:49:15 +0200

This week, I’m attending the 19th edition of the Devnexus conference in Atlanta! In those 19 years, Devnexus has truly grown to being one of the biggest Java and JVM-related conference in Nothern America, and it’s always been a pleasure to be there. This year marks my fourth attendance as a speaker, and I’ll be doing two talks myself.

In this post, I’ll be live blogging about some of the sessions that I’ve joined. Enjoy!

Notes from JavaZone

Mon, 12 Sep 2022 21:56:13 +0200

Last week, I attended JavaZone, the annual conference ran by javaBin, the Norwegian Java User Group. I have attended JavaZone in the past (2018) so I knew what to expect - and the bar was high! Because of that, I was looking forward a lot to join JavaZone again. Also, this would be my first conference as a Java Champion, which made it even more special.

Using HSQL in OpenLiberty

Tue, 23 Aug 2022 08:46:13 +0200

A quick note, this time. Recently, I wanted to do some hacking around on Jakarta EE and MicroProfile. I chose to work with the OpenLiberty runtime, as I previously had good experiences with it. My pet project also needs a database, so for starters, I chose HyperSQL Database (HSQL DB). Here’s how I set it up.

Mutation Testing badge with PIT and Stryker Dashboard

Sat, 30 Jul 2022 10:41:13 +0200

Earlier, I wrote about integrating PIT with the Stryker Mutator Dashboard. The setup for that was pretty complicated, with some shell scripting that extracted the JSON payload for the report from a JavaScript file. Today, I’m introducing a much simpler approach to that: the Stryker Mutator Dashboard reporter for PIT.

Playing with Loom

Fri, 04 Mar 2022 08:39:13 +0200

If there’s one topic that has kept the Java community excited over the last years, it’s Project Loom. We all know it’s coming someday, but when? What will it look like? And how will it change the way we write concurrent code? In this blog, I’ll try to play a bit with what Loom currently looks like.

The Dapr SDK for Java: Pub/Sub & Distributed Tracing

Tue, 11 Jan 2022 09:36:13 +0200

It’s been a while since the first two posts about Dapr! In those first installments, we looked at the basics of Dapr, from a very conceptual point of view. We also looked at the bare minimum HTTP API that Dapr exposes to the applications that use it. But writing enterprise applications that way would be slow, and it would inevitably lead to mistakes. In this article, I will introduce you to a higher abstraction level of working with Dapr.

Jakarta EE meets Dapr

Tue, 28 Sep 2021 09:46:13 +0200

Earlier this month, I introduced you to Dapr, the Distributed Application Runtime. That was a mostly conceptual introduction, showing you how Dapr works and what it can do for you. But how do you integrate it into an existing application? That’s the topic for today.

Getting to know Dapr

Fri, 10 Sep 2021 10:46:13 +0200

Building distributed applications or microservice applications brings a whole new range of problems. All those application components, or microservices, need to communicate with each other. How will we do that: using messaging, or would direct HTTP calls be a better choice? Often, we must make such decisions early in a project. Since it’s hard to change it later, we call it an “architectural decision”. But this is often an excuse so we can blame the architect if the choice turned out to be wrong.

Build your own OpenJDK on macOS

Mon, 31 May 2021 08:31:13 +0200

Following the recent kerfuffle around the security manager deprecation, I was curious to see if a codebase I’m working on would also suffer. But how could I find out? There are no early access builds of Java 17 yet with the latest changes for this JEP. Maybe… I should set out and try to build it myself? But that’s sure going to be a lot of work… Or is it?

Introduction to Maven Toolchains

Tue, 16 Mar 2021 08:31:12 +0100

Java evolves at a much faster pace than it used to do. But not all of the projects we work on keep up with that pace. I have projects on Java 8, 11 and 15 - and sometimes I want to play with early access builds of newer versions as well. How to make sure I can build them without having to constantly switch Java runtimes?

Use git bisect to pinpoint a bug

Thu, 28 Jan 2021 14:15:09 +0100

During my work on Maven today, I found a very specific bug. The error message wasn’t that clear, and I couldn’t make a guess what might’ve caused it. I read about git bisect a few times and figured that today, I would use that tool to find the bug.

What's New in Maven 4

Mon, 30 Nov 2020 08:02:09 +0100

Recently, the Maven community decided to push forward and start working towards a 4.0.0 release. The first question after this announcement is of course: what can we expect Maven 4 to bring us? A lot - and in this post, we want to highlight some of the features that we are particularly excited about.

Block misbehaving IP addresses using Fail2Ban and AbuseIPDB

Mon, 19 Oct 2020 11:46:13 +0200

When you operate servers, whether physical or virtual, at some point in time you may find yourself victim to bots or botnets trying to access your server over SSH. Even if you configure your server to not expose SSH on port 22 (the default), chances are you will be a target at some point. This is especially true if your server is hosted in a public cloud, since these typically reserve ranges or blocks of IP addresses. Apart from making it as hard as possible to scan your server, you can also serve the community and report those attacks.

Multiple Git identities

Mon, 13 Jul 2020 08:10:05 +0200

Everything is code, and code is everywhere. For me, this means I put more and more stuff into version control. Whether it is infrastructure descriptions, documentation, software or this blog, I always store it in a Git repository. But sometimes this gets dirty, because you accidentally forget to change your Git user details.

Mutation Testing badge with Pitest and Stryker Dashboard

Tue, 30 Jun 2020 13:18:13 +0200

Over the years, badges have become a way for open source maintainers to show the state of their product. Badges can give a quick overview of the code quality, test coverage or build health of an open-source product. The problem with code coverage is, however, that a high coverage doesn’t mean the tests are any good. If only there was a way to show the quality of the test suite…

Infrastructure as Code with Terraform

Mon, 22 Jun 2020 08:37:13 +0200

Setting up new infrastructure can be a tedious process. It doesn’t matter whether it is on-premise or in the cloud. Many organisations have a long process of filling forms, obtaining budget clearance, asking for priority and verifying everything is set up correctly. The cloud promises us to make things better, and at least it got a lot faster. But still, we can make many mistakes in this manual process, and if we want to duplicate a deliberately crafted setup things become even harder….

DevNexus Day 2: Metrics, Monolith Decomposition

Fri, 21 Feb 2020 21:55:00 +0200

Together with four “AwesomeSauce” colleagues from Info Support, I’m attending DevNexus this year. For me, it’s the second time I’m here, as I spoke here in 2018, too. Next to delivering my own “React in 50 minutes” session I’m attending some sessions to update with new technology advancements. After a great first day, let’s move on to the second (and last) day.

DevNexus Day 1: WebAssembly, Productivity

Fri, 21 Feb 2020 15:20:13 +0200

Customise the Maven Release process

Fri, 10 Jan 2020 09:30:13 +0200

Shipping a new release of software usually involves quite a few steps. Depending on the type of software, this may be something you rarely do. Thus, it often involves manual steps. This is not necessary! Maven has had its “Release Plugin” since approximately April 2007; yes, that’s over 12 years! It has served both the Maven project and many other software projects.

Devoxx - Day One

Wed, 06 Nov 2019 17:22:13 +0200

This year I’m returning to Devoxx. I’m planning to write some notes on interesting sessions or other content. Also, I’ll be delivering my talk on Transport Layer Security tomorrow. But today was a day of catching up with old friends and attending a talk or two.

One talk really caught my attention: “Implementing a simple JVM in Rust”.

Building a programming language on GraalVM (Part 1)

Sun, 13 Oct 2019 16:27:13 +0200

If you’ve followed recent developments in the Java ecosystem, you must know GraalVM. Many blog posts cover how you can build native executables from Java source code. This is indeed exciting: your program starts faster, and consumes less memory. Other popular topics include building Java applications that run code in other languages. You can run JavaScript, Python, Ruby or R code in the JVM. But there’s more: in fact you can run any language inside the JVM! Are you curious how? Continue reading…

Code One - Day Three

Wed, 18 Sep 2019 20:08:00 -0700

Third day on Code One already! Highlights for today: the Community Keynote, a trip to GitHub and a session called “Sarcasm as a Service”.

Code One - Day Two

Tue, 17 Sep 2019 16:11:00 -0700

On this second day at Code One I have again visited interesting sessions. One on security by Jim Manicode and one on cash (or the lack thereof) in Sweden.

Code One - Day One

Mon, 16 Sep 2019 18:42:32 -0700

This year I’m returning to Oracle Code One (formerly JavaOne) for the third time. I’m planning to write some notes on interesting sessions or other content.

How did I get that library?!

Wed, 11 Sep 2019 18:42:32 +0200

When you’re writing Java applications, chances are you’re using Maven for dependency management. It lets you declare the artifacts you need to build your application. Those artifacts also depend on other artifacts. This means you have transitive dependencies - dependencies you didn’t declare yourself but you need them anyway.

Reports from Devoxx PL

Tue, 25 Jun 2019 14:00:13 +0200

From yesterday until tomorrow I’m attending Devoxx Poland (or Devoxx PL for short). It’s the second largest conference in the Devoxx family with around 2700 people attending. The conference is held in the ICE Kraków Congress Centre, a large venue with an amazing primary room.

Entrance of the ICE

The main reason I’m here is to give a talk about GraalVM on Wednesday morning. Apart from that, it’s a nice opportunity to network, meet old friends and make new ones. And of course to attend other talks to learn something new.

Securing Apache HTTPD with Microsoft Active Directory

Tue, 26 Mar 2019 08:07:13 +0200

Recently, I was building a website with documentation for one of the projects I’m involved with. I wanted to protect access to that website to a specific set of people inside my company. Here’s how I did it.

Troubleshooting SOAP and MTOM using the command line

Mon, 17 Dec 2018 09:24:13 +0200

When you want to transmit binary files over SOAP-based webservices, you have two choices: Base64 or Message Transmission Optimization Mechanism (MTOM). The latter is much more efficient, but also harder to troubleshoot if it doesn’t work at once.

Both options have their own typical scenario

Serialise the file content using Base64 and include the result right into the XML structure. This is relatevely easy to implement and troubleshoot. It usually works well for small binary files, but as files grow larger, you may run into performance issues. The Base64-encoded binary file may be so big that the XML parser will blow up.
Use MTOM to transfer the request and attachments. In this approach, the SOAP request (XML) and any attachments are sent as a multipart request. This is a bit harder to implement, and if it doesn’t work at once, it is even harder to troubleshoot. But on the other hand, it allows for much more efficient transportation of the attached files.

SOAP over HTTP

As a primer, let’s have a quick look at how “regular” SOAP requests look when transmitted over HTTP. Imagine we have a file upload webservice which accepts files in any format, along with a file name. If we were to upload a file, the request might look like this.

How does BEAST work?

Wed, 21 Nov 2018 08:23:44 +0200

Last month, I did a talk at GOTO Berlin where I explained the basics of Transport Layer Security. During the talk, the audience asked a few questions through the app. One of them was: “How does Beast work?” and I wasn’t able to answer that one on stage, unfortunately. Since it’s an interesting question, I’ll answer it here. Unfortunately, understanding BEAST is a bit harder than the talk itself…

BEAST stands for Browser Exploit Against SSL/TLS. In itself, it isn’t a vulnerability. Thai Duong and Juliano Rizzo made a demonstration of a longer-known vulnerability. This vulnerability was published back in 2004 and applied to SSL 3.0 and TLS 1.0. BEAST showed that this old vulnerability was in fact useable for a real-world attack.

A first look at MVC 1.0

Fri, 14 Sep 2018 21:20:19 +0200

Recently, Twitter brought the renaming of Ozark to Krazo to my attention. It pulled my attention: I had never heard of either projects, and I wondered what they would be about. Ozark (or Krazo) will be the Reference Implementation of the new Model-View-Controller Specification. This MVC specification, also known as JSR 371, was planned for inclusion in Java EE 8, but eventually dropped. Apparently, this didn’t kill the effort. I was curious to see where the specification (and it’s implementation) would be now.

Custom SOAP Faults using Spring WS

Tue, 24 Jul 2018 16:05:35 +0200

There are many situations when you need to write a SOAP-based webservice. Maybe you are writing a test dummy, or maybe you got the interface from some kind of architect. (Yes, there are other reasons, too.) And chances are you’ll be using Spring-WS to do this.

Recently I was doing that, and I found the following inside the interface definition (WSDL):

<element name="faultMessage" type="common:FaultMessage"/>

<message name="faultMessage">
 <part name="faultMessage" element="tns:faultMessage"/>
</message>

<portType name="someName">
 <operation name="searchOrder">
 <input message="tns:searchOrderRequest"/>
 <output message="tns:searchOrderResponse"/>
 <fault name="faultMessage" message="tns:faultMessage"/>
 </operation>
</portType>

That was a rather challenging thing! In case the operation would fail, it should give a SOAP Fault with a custom element in it:

Building ASP.NET Core apps on CircleCI

Mon, 02 Apr 2018 11:42:35 +0200

Recently, my co-worker Willem pulled my attention to the .NET Microservices. Architecture for Containerized .NET Applications e-book. Although I have a strong background in Java and the Java platform, I started reading it, and soon I felt like trying it out. But building software without having automated builds and tests is not the real thing, so that was the first thing I wanted to do. I usually use CircleCI for that, but unfortunately they don’t seem to have an official guide for that.

Simple UML drawing with PlantUML

Sun, 01 Apr 2018 20:27:35 +0200

Every now and then, there’s this moment where you feel a certain urge to draw a diagram. Oftentimes, I feel a similar urge to make a digital version of it. But I don’t always have professional tooling around - and no, PowerPoint or its friends are not what I’m looking for.

Recently, I found a tool that fits my idea of “good tooling” rather well. So, without further ado, let me introduce you to PlantUML! Why do I love this tool?

Impressions of the first JVMCON

Thu, 01 Feb 2018 20:17:00 +0200

Last Tuesday was the first edition of JVMCON. This conference has a special programme committee: its audience. When the Call for Papers closed, everyone who had a ticket could see the submitted papers. Only, they could not see who submitted the paper - which let them focus on the papers themselves. Out of almost 180 papers, they had to select 13…

And guess what: one of them was mine! I presented my talk for the early birds, and there were quite a lot of them! The room was pretty much packed, and there was a lot of questions and remarks afterwards. That surprised me a bit, since I usually do not experience a lot of interaction with the audience.

I upgraded to Java 9 - Part II

Tue, 23 Jan 2018 16:14:35 +0200

A few weeks ago, I wrote about migrating an existing Spring-application to Java 9. When I finished, two things remained to be investigated:

Code coverage for unit tests.
A bunch of warnings when running the application in Tomcat.

Code coverage for unit tests

As Alan Bateman pointed out, upgrading JaCoCo to its latest version should resolve the issue about the $jacocoData field. In fact, I thought I had done that, but somehow I kept on getting the same error every single time. But when I tried (again) last week, it somehow disappeared. No error to be seen, all tests green, and a nice coverage report from JaCoCo. I’m a happy developer, again!

I upgraded to Java 9 - here's what happened

Fri, 12 Jan 2018 20:28:35 +0200

I recently participated in a Twitter conversation about upgrading to Java 9. Like most of the people, my current projects are all on Java 8. Of course the question came up, why don’t you upgrade? Good question! Since I hadn’t even tried, I decided to see how far I could come…

The component I took for my experiment is a pretty simple Spring application. It doesn’t use Spring Boot. It exposes a few REST endpoints, and calls couple of webservices over SOAP. For these webservices, it uses bindings generated by the JAXB plugin for Maven.

Devoxx 2017

Sun, 07 Jan 2018 14:15:35 +0200

Almost two months ago I visited Devoxx 2017. It’s about time to write some notes on the stuff I learnt there!

Event Storming & DDD workshop

The week started off with a full afternoon workshop led by Stijn Vanpoucke. The workshop consisted of small pieces of theory, alternated with exercises using post-it’s and markers.

A few of the theoretic pieces:

An event is something that has happened in the past. It is usually phrased in past tense. It should be understandable for business users.
A command is an user-initiated action. It explains the origin and sometimes the reason for the action.
An entity is an individual thing. It has a unique identity. Often, entities are mutable.
A value object is an non-unique value. It is often immutable. Its equality is based on it’s attributes. It should be able to validate itself. They can be combined.
An aggregate is a combination of entities and value objects. They are structured in a hierarchy. Its root is always an entity. Aggregates contain business rules. Note that a bigger aggregate is not always better! To circumvent this, aggregates can use soft links based on the unique identity of other entities.
The bounded context describes the context from which you look at it. Take a pen as example; what a pen is depends on the context from which you look at it. To stress the fact that it has boundaries, it is called a bounded context. Bounded contexts support the idea of having “one team, one (business) language”. The bigger the bounded context is, the bigger the language, whether artificial or natural. Finally, multiple domains can have different words for the same concept. A sales department might speak of products while inventory management might name the same concept article.

Kotlin for Java programmers

This year had a lot of talks about Kotlin scheduled. To visit them all would take too much time, so I decided to follow just one by Venkat Subramaniam. I figured it would give me about the same amount of content…

Getting Started with Zuul

Sat, 30 Dec 2017 14:15:35 +0200

It’s been a while since my last post! I recently have been reading a lot about the idea of “API management” or an “API gateway”. There’s a lot of commercial offerings in this field. Many of them promise you (to some extend) ultimate flexibility and endless possibilities. My preference is for “lean and mean” approaches where I can pick the building blocks that I need. In the long run, that offers more flexibility. After all, you could replace building blocks. Having small building blocks makes it less tempting to put any kind of business logic in such a gateway. Doing that must sooner or later lead to some kind of vendor lock-in.

JavaOne 2017

Fri, 06 Oct 2017 15:05:45 +0200

This year, I had the pleasure again to visit JavaOne. Not only did I attend the conference, I was also accepted to speak, which was quite a dream come true. The session catalog contains almost 500 sessions, and I obviously visited only a subset of them. I found two topics particularly interesting and decided to attend multiple sessions on each of them.

“Prepare for JDK 9” and “Migrating to Java 9 Modules”

Both sessions where more or less covering the same ground, although from a different perspective. Alan Bateman from Oracle took the more theoretical view and explained what you can expect to happen when you want to move to Java 9. He also busted some myths, like the one that “nothing will continue to work” or “everything first needs to be modularised”.

Markdown to PDF

Wed, 09 Aug 2017 21:33:45 +0200

Todays note is nothing more than a quick tip. I’m a big fan of the Markdown markup language, but sometimes I need to exchange documents with people who don’t know how to read them. Often, they prefer just Word or PDF. So I looked for a way to convert a Markdown file to a PDF file.

My current solution is based on Node.js so you need to install that first. Then use npm, the package manager for javascript, to install the markdown-pdf package using

No bind or arrow functions in in JSX Props - Why? How?

Tue, 25 Jul 2017 07:30:45 +0200

Recently, I found myself running tslint on a small React application written in TypeScript. The combination itself is worth writing another blog post about, but today we’re covering just one of the rules that tslint has; in fact, it is defined in the “tslint-react” rule set. It is also included in the eslint-plugin-react, because it is not related to TypeScript per se.

What’s it about?

In its ES6 version, the rule says: “No .bind() or Arrow Functions in JSX Props (react/jsx-no-bind).” The TypeScript version has two rules, one is called “jsx-no-bind” and the other one “jsx-no-lambda”; their intent is the same as the ES6 one. When you first notice the rule, you might wonder “why is that an issue?”. If you call bind(), or if you define an arrow function, this will create a brand new function every time you run that code. When you’re using that inside a render() method or a so-called stateless functional component, it will create a new function every time you render that component. That violates the one strict rule from React that says

Installing the CUDA Toolkit on Ubuntu

Wed, 12 Jul 2017 07:55:32 +0200

Lately, my interest for machine learning and artificial intelligence has revived. When I was at university, I followed some courses and specialisations in this field, but then during my career I hardly ever used any of it. Back in those years, complex neural nets and genetic algorithms took days to build, mainly because we didn’t have the computing power for that. But nowadays, things have changed, and such models can relatively quickly be built using a commodity graphics card.

JBCNConf & Voxxed Days LU

Thu, 22 Jun 2017 15:05:32 +0200

Wow, that was a busy and inspiring week! In one week, I’ve visited two conferences in two different countries to give talks on two different subjects. But the most inspiring part came from attending other sessions. I’ll highlight one session from both conferences.

JBCNConf 2017

On JBCNConf, I’ve attented a session by Burr Sutter about Vert.x. This was a session full of energy, as Burr is really capable of making your enthusiastic of whatever he is talking on. As he walked us through the various options you have to build and deploy Vert.x-based applications, he also showed a lot of demos. One of the demos involved “simple” temperature sensors over MQTT on miniature computers (aside: the size of these computers was largely dominated by their batteries… impressive!) to his MacBook showing you can run Vert.x in multiple languages that still communicate with each other. It also illustrated how to handle events coming in at this pace, introducing the concepts of streaming events.

Elastic stack: a renewed introduction

Tue, 18 Apr 2017 08:05:32 +0200

A few years ago, I had an assignment at my former client involving Elasticsearch, Logstash and Kibana to build an operational dashboard. It was fun to do and very instructive; afterwards, I wrote an article about my experiences and spoke at various conferences. Recently, I was asked by another team in my company to assist them in setting it up for their team. A good chance to catch up with some old friends, and see how they have changed over the years.

Verify logging with Logback

Thu, 02 Mar 2017 10:15:32 +0200

Sometimes you have a piece of logging that is very important, maybe even part of a business requirement. In that case, you might want to verify that in a unit test, so you can rest assured that this requirement is actually met. How to do that?

Mock it away

A first approach might be to just mock your logging framework in a unit test and verify it was called as you expected. It might sound tempting, and easy to do, but not everybody likes it. And in fact, you might run into some issues when walking this path, because some libraries tend to make classes and/or methods final so they can’t always be mocked away. Also, a lot of people tend to create a logger by doing private static final Logger LOG = ..., which makes it even harder to mock it away. Making your logger an instance variable just so you can test it? Nah…

Blah blah Microservices blah blah

Sat, 25 Feb 2017 20:15:40 +0200

As a closing keynote on the second day of Jfokus, Jonas Bonér took the stage under the very clarifying title “Blah blah Microservices blah blah”, which turned out to mean “From microliths to microsystems”.

As a first observation, he stated that no-one really likes microservices. They are kind of a necessary evil - because “doing” microservices comes at a cost. In fact, microservices are just a specialisation of an older concept called distributed systems. But what we often build are microliths - an application that might be called a microservice except for the fact that it lives alone. No failover, no resilience, nothing. But just like actors, microservices should come in systems. And just as important, microservices should come as systems, designed as a distributed system, which each microservice focussing on a single responsibility.

Jfokus, Day 2

Wed, 08 Feb 2017 16:30:40 +0200

The second day of Jfokus is just as action-packed as the first one. However, part of the action is me giving two talks. Both of them scheduled today, so a little less time for attending other sessions and blogging about them. I did attend some other sessions after lunch time, on which I’ll report below.

Introduction to Machine Learning

Directly after the lunch, James Ward gave an introduction to machine learning. He started with a very recognizable story about how humans (in casu his daughter) learn new facts about the world around them. Machine learning is in fact no different than human learning: building a model, trying something, seeing whether and how it changes reality and updating the model.

Quickly switch Java versions on macOS

Tue, 07 Feb 2017 18:06:40 +0200

Inspired by a Jfokus session I attended today I decided to download and install a preview of Java 9 on my MacBook. That went pretty quick and without much trouble. But when I issued java -version on my terminal, I was greeted with

Java(TM) SE Runtime Environment (build 9-ea+155)
Java HotSpot(TM) 64-Bit Server VM (build 9-ea+155, mixed mode)

Although that’s nice - you’d even expect it, maybe - I realised I often need Java 8 as well. How to quickly switch between the two?

Jfokus, Day 1

Tue, 07 Feb 2017 08:10:40 +0200

These days, I’m in Stockholm, attending and speaking at the Jfokus conference. Yesterday night was a great opportunity to get to know a few other speakers during dinner. We were even surprised by an act of the Lemon Squeezy barbershop quartet singing for us - very beautiful!

But today, the serious stuff started. In the following sections, I have written down my notes and observations of each of the sessions I attended.

Long time, no blog

Tue, 31 Jan 2017 08:10:40 +0200

Recently, I was asked to write a blog about a side project I did. That question reminded me of the blog I used to have… long time ago.

I stopped blogging due to changes in my personal situation, which led to a priority shift. Being a father to two beautiful daughters sure takes a lot of time! But I missed the possibility to share some notes, thoughts, ideas and the like. So I decided to resurrect my blog, although in fact it’s more of a notebook. In the coming period, I’ll be adding some historical notes which I earlier stored privately. Stay tuned!

Automatic scan for known vulnerabilities in dependencies

Tue, 30 Aug 2016 15:30:40 +0200

When using third-party components (be it open source or not), we all know it’s a good practice to keep your frameworks and libraries up to date. This is also one of the spearhead in the OWASP Top 10 (2013 edition): A9 - Using Components with Known Vulnerabilities. To help you assess your projects status with regard to this, OWASP.org developed the tool Dependency Check. This tool is primarily intended code bases in Java, .NET, Ruby, Node.js, and Python. Integration with various build tools is also provided for.

Tweaking nginx for serving static content

Tue, 01 Mar 2016 14:42:40 +0200

For a recent project, we decided to use the nginx webserver as our primary web server. It is easy, relatively light-weight, and it seemed to suit our needs quite well. The project had a lot of static content - HTML, JavaScript, CSS and image files. Of course, we wanted to achieve a high performance with as many concurrent requests being served as possible. This is what we did.

Setup

First of all, it is worth to mention the setup. Our staging environment had just one virtual machine with nginx running. This was an Azure Standard A2 VM with 2 cores and 3,5 GB of RAM. That’s not a lot, and in a real production environment you would definitely go for more web servers, with some kind of load balancing. But the goal of this experiment was mainly to experiment with the many options nginx provides for tweaking. The virtual was located in the same region as where the project will be deployed. Also, we used a similarly sized machine for putting load on our web server. This machine was located in that same region as well.

Quickly count your code base

Wed, 03 Feb 2016 08:10:40 +0200

Often, the size of a code base is measured in terms of “source lines of code” (SLoC). If you’re interested in the size of your code base - or your client is - this metric provides a way to express that size. Of course, comments and the like are not considered to be code, so how to determine this metric? Using grep is tempting, but it quickly results in a very complex and hard-to-understand approach.

Easily upgrade Java dependencies

Wed, 20 Jan 2016 17:11:40 +0200

To start with a cliche: the Java ecosystem continues to develop at a high pace. Various open source frameworks releasing versions, sometimes even multiple versions at the same time. This may quickly turn into a risk But how to deal with it?

Basically, you have two options. We’ll take a typical Maven-project as an example, which uses Commons Lang 3. See the end of this post if you prefer Gradle over Maven.

Automatic upgrades

Maybe the simplest way is automatic upgrading. You can achieve this by not specifying an exact version of your dependency, but instead specify a version range. If you would normally have this snippet in your POM:

Combining Docker and Maven

Wed, 02 Dec 2015 08:34:40 +0200

When you’re building Java or JVM-based software, chances are these days you’ll be deploying it inside Docker. Chances also are you’re building it with Maven. Now how do you combine the two? Of course, you could plumb together some scripts for the platform of your choice, but there’s a few disadvantages to that. First of all, it makes you platform-dependant: your build may not work - or behave differently - depending on the platform where you’re building. Secondly, it’s not very elegant, since it does not easily facilitate re-use. And in these days of microservices, we don’t want to be copying the same scripts over and over again. Thirdly, it requires the Docker binaries to be present on the system where you perform your build.

Timing in Protractor tests

Fri, 27 Jun 2014 08:05:40 +0200

Ever noticed that annoying error while running your Protractor tests:

Error while waiting for Protractor to sync with the page: {}.

Especially the two brackets are annoying, because they suggest more information might be available but it is just hidden for you.

The good news is, the fix is rather easy. It turns out that Protractor expects your application to have an data-ng-app attribute on the HTML body element.

My application does not have that, since the Angular application is just a part of my page. So in my Protractor config, I have to add an option to tell Protractor where to find the Angular application:

Mobile emulation in Google Chrome

Fri, 20 Jun 2014 09:03:19 +0200

Building a web site or web application that should also be useable on other devices than ‘regular’ desktops or laptops? You don’t always have your mobile device at hand, or might not even own one. Yet, you want to see how your new gem looks on such devices. Worry no more!

Google Chrome to the rescue. We all know the ‘Developer Tools’, accessible using F12. If you press ESC while inside the ‘Developer Tools’, the ‘DevTools console drawer’ appears. Next to a ‘Console’ and ‘Search’ tab, it has an ‘Emulation’ tab.

This method is likely to yield significantly better performance

Sat, 06 Apr 2013 14:57:21 +0000

This week, I came across an interesting difference between the Java API documentation and its current implementation. A difference? Or is it just a matter of thorough reading?

If you look at the Javadoc for Double.valueOf(), you’ll find that it is likely to outperform the use of new Double(). Sounds good! And don’t we all ove it when we get a free performance boost?

However, examining the source code to see what causes this “significantly better space and time performance”, we find….

Checking logfiles with logcheck

Sat, 23 Mar 2013 16:19:17 +0000

If you own a private server, like me, you’ll probably know the feeling you need to check your logfiles every now and then. It’s not a lot of work, it’s not difficult, but it needs to be done, and it needs to be done regularly.

As for me, the solution is simple. I installed the logcheck tool. This nice little tool will send you a daily email with all logging information on your system. That sounds like an awful lot of spam on a daily basis, but thankfully that is not the case.

IPv6 on Raspbian

Mon, 11 Mar 2013 18:24:15 +0000

A default Raspbian installation does not have IPv6 enabled. That’s quite a pity in 2013, where IPv4 addresses will be running out shortly.

Have no fear, it’s not too hard to enable it. Just add ipv6 to the file /etc/modules (it should be on a separate line) and reboot your Pi. If you don’t want to reboot, enable it immediately by issuing sudo insmod /lib/modules/`uname -r`/kernel/net/ipv6/ipv6.ko. Note that after a reboot, you’ll have to re-enable it again, so just change /etc/modules either way…