IntroductionRecently, the NVD (National Vulnerability Database) which the Owasp dependency check plugin uses to get its data from to check for vulnerabilities, has introduced the use of an API key. That's for them to better control access and throttling - imagine how many companies and organizations are using that API, each time a dependency check ...

IntroductionSetup:- Mapstruct 1.5.5- Kotlin 1.8- IntelliJ 2023.2.3 For a mapping between two classes, the source class did not have the mandatory (non-null, Kotlin!) target class field created. And I wanted to fill it with the current ZonedDateTime class, with the timezone of Amsterdam/Europe. And that specific ZoneId is a constant in my Applicati...

IntroductionWhen you have multiple classes with the same name in your classpath, SpringDoc with Swagger API annotations potentially picks the wrong class with the same name when generating the Swagger UI documentation.Suppose you have these classes:org.example.BookDtoorg.example.domain.BookDto And you specified your endpoint like this, where you wa...

IntroductionOne of my Kotlin lambdas was throwing Too many open files exceptions and thus logging errors, but only nightly, when it got bursts of SQS messages to process. To find out what was causing these errors, I followed these steps:Read up on what can be the causesDetermine what/where in the code is not closing the file descriptorsFind a solut...

IntroductionOne of the features of the OWASP dependency check plugin is to be able to suppress reported vulnerabilities, for example because they are false-positives for your configuration, or no new version is available yet, so you want to suppress the alert for a certain period of time.Those suppressions you specify in the suppressions.xml file. ...

IntroductionSince 14 March 2023 suddenly my AWS lambdas started to log this error:datadog: Malformed _X_AMZN_TRACE_ID value: Root=1-6411cb3d-e6a0db584029dba86a594b7e;Parent=8c34f5ad8f92d510;Sampl ed=0;Lineage=f627d632:0Note that the lambda processing was finishing normally, this metrics logging to Datadog is happening apparently in the background.Se...

IntroductionThe AWS SAM CLI command sam.cmd build MyFunction --template C:\techie\workspace\my-function\local\template.yaml --build-dir C:\techie\workspace\my-function\local\.aws-sam\build --debug fails in an IntelliJ commandline terminal due to this FileNotFoundError: [WinError 3] The system cannot find the path specified error.Setup- Windows 10 P...

IntroductionProblem: when checking out a project in IntelliJ in Windows, all files are checked out with Window's newline CRLF (\r\n).But if you then open a terminal in IntelliJ which runs WSL (Ubuntu) and you want to run a bash script like this shell script, you'll get this error:#!/bin/shset -e[unrelated stuff deleted]It will fail with: ./deploy.s...

IntroductionContext: Docker, CircleCI, Github.The Docker build command docker build -f .circleci/Dockerfile -t $AWS_ACCOUNT_ID.ecr.$AWS_DEFAULT_REGION.amazonaws.com/${CIRCLE_PROJECT _REPONAME}:`git describe --tags` -t $AWS_ACCOUNT_ID.ecr.$AWS_DEFAULT_REGION.amazonaws.com/${CIRCLE_PROJECT _REPONAME}:${CIRCLE_BUILD_NUM} -t $AWS_ACCOUNT_ID.ecr.$AWS_DEFA...

IntroductionSetup:Spring boot 2.7.4Kotlin 1.7.20Flyway dependencies:plugins { id "org.flywaydb.flyway" version "9.6.0"}project(":application") { dependencies { dependencies { implementation "org.flywaydb:flyway-core:9.6.0" implementation "org.flywaydb:flyway-mysql:9.6.0" }}With only this Flyway script V1__initial_script ...

Introduction Using H2 as initial embedded database for a Spring Boot application worked fine. H2 is very forgiving in many situations and of course only tries to emulate the real target database, in this case MySql 8.0.So after connecting my Spring Boot application to MySql, this error started to appear when inserting a row in a table with a java.u...

IntroductionThis blogpost describes the challenges encountered when migrating a Java 17 Spring Boot 2.7.3 application to Kotlin 1.7.20. Other libraries/tools used in the project:- Swagger (OpenAPI 3.0.3)- Spring boot 2.7.3- Liquibase- H2 in mem + file based- JUnit5 with Mockito and Mockito-Kotlin- MySql 8.0- Actuator- Maven 3Tip: after migration of...

IntroductionThis is my summary of relevant lessons learned during a Kotlin for Java developers course.SummaryGeneral- When running standalone, needs Kotlin runtime- Toplevel functions: not explicitly defined in a class, e.g fun main() method- Useful other info: https://kotlinlang.org- val number: Int and val number = 25 So has type inference. B...

IntroductionThe Spring Boot Java application was initially using the H2 embedded database, first the in-memory version (losing all data each run), then the file based version. The database structure is created using Liquibase.Then the requirement was to have the Spring Boot Java application still not dockerized (just started with mvn spring-boot:ru...

IntroductionIn your Integration Tests (IT) you often try to use the H2 in-memory database, to improve the speed of your integration tests. But on the other hand you want to mimic the production database as much as possible in your integration-tests.Setting H2 in MySQL database compatibility mode tries to emulate MySQL as much as possible, but only ...

IntroductionEven when you have a @RestControllerAdvice configured and you know it gets invoked, it can be that Sentry.io's monitoring library still reports it as an (uncaught) exception. Reason for this is that when you configure Sentry as specified without setting its order in the exception-handler-resolver chain, it's by default set as lowest, so...

IntroductionAWS X-Ray is designed to automatically intercept incoming web requests, see at this introduction. And also here. But when you start your own thread (either via a Runnable or plain new Thread() or @Scheduled), X-Ray cannot initialise itself: there are no web requests to intercept for it. Then it throws an exception like this: Suppressin...

IntroductionThis blogpost shows how to create a Pact provider test using:Pact 4.0.0AWS Serverless LambdaJava 11JUnit 5 (Jupiter)Example Provider TestBelow is the example test class. Note how a mock service is used to simulate the endpoint defined (also) in serverless.yml. package com.ttlnews.pact.tests.provider;import au.com.dius.pact.provider.juni...

"Snyk enables you to find, and more importantly fix known vulnerabilities in your open source." Some vulnerabilities you'd want to ignore, because for example they are (for you) either false positives, or there is no workaround for them (yet). You can specify them via the so-called CLI snyk ignore command, or in the UI manually, or via a .snyk igno...

Consumer Driven Contract testing is a way to ensure that services (such as an API provider and a client) can communicate with each other. Without contract testing, the only way to know that services can communicate is by using expensive and brittle integration tests.PACT is a contract testing tool. For response matching you want to be as loose as...

IntroductionThis blogpost describes a bunch of lessons learned during a recent project I worked on.They are just a bunch grouped together, too small to "deserve" their own separate post :)Items discussed are: Jackson, JSON, API design, Kafka, Git.Lessons learnedPretty print (nicely format) JSON in a Linux shell prompt:cat file.json | jqYou might ha...

LOGBack DBAppender IllegalStateExceptionSometimes when starting a Spring Boot application with Logback DBAppender configured for PostgreSQL or AWS Aurora in logback-spring.xml, it gives this error:java.lang.IllegalStateException: Logback configuration error detected: ERROR in ch.qos.logback.core.joran.spi.Interpreter@22:16 - RuntimeException in Act...

I tried to use a Raspberry Pi 3 model B Rev 1.2 as a dashboard for monitoring a couple of systems using Chromium as browser.Tip: use this to have it never turn off the display:sudo xset s offsudo xset -dpmssudo xset s noblank I had only two tabs open all the time and was using the Revolver browser extension to rotate the tabs. One tab had the defa...

IntroductionBesides auto-updating also to the most recent version of the Docker image of maven:3-jdk-8, the Gitlab runners were also always updated to the most recent version.Again not best-practice and again I learned the hard way: builds suddenly starting to fail.The issue and workarounds/solutions Because suddenly indeed the docker image build o...

ProvisionedThroughputExceededExceptionWhen using the Amazon Kinesis Client Library (KCL) one would not expect the table created by KCL itself to keep track of its streams, shards and checkpoints to ever be under-configured.But it can be! Then you get the ProvisionedThroughputExceededException. Normally it will recover by retrying itself. But if it ...

When you get this exception during running mvn clean verify, which executes both the Surefire and Failsafe plugin (for which the last one uses the Surefire plugin!):SurefireBooterForkException: The forked VM terminated without properly saying goodbye. VM crash or System.exit called?it can mean several things. For example as the message says maybe s...

IntroductionDuring my last project consisting of a Docker microservices architecture, built with Spring Boot, using RabbitMQ as communication channel, I learned a bunch of lessons, here's a summary of them.ArchitectureBelow is a high level overview of the architecture that was used.DockerRun 1 process/service/application per docker container (or pu...

IntroductionOriginally I was connected from a Windows 10 machine via OpenVPN to a network (segment?) for "our" project. I could access all servers and websites related to it. But when switching to another project (using the same OpenVPN settings) I could only access the new project's servers when at the premise of that project. At home or from any...

To enable HSTS (adds Strict-Transport-Security header to the response) for Node + Express using Helmet, this should be sufficient to add to your app.js:var hsts = require('hsts')app.use(hsts({ maxAge: 15552000 // 180 days in seconds}))But a few things didn't work for me. First of all I had to add the force: true attribute. Also I was using an old...

For a recent innovative project we were able to work with Kubernetes 1.3 as tool for automating deployment, scaling, and management of containerized applications. In our case (micro)services. A lot of documentation is available, but I was missing a as-complete-as-possible architecture picture of all components within k8s. Or sometimes the link bet...

Before MySQL version 5.6.4, MySQL does not support milliseconds (more precise: fractional seconds) in TIME, TIMESTAMP and DATETIME!In a project I was on, timestamps are used for versioning of entities via the JPA @Version annotation. So it's essential for correct optimistic locking, otherwise changes with a millisecond or bigger difference won't ge...

Yes it's in (well already for over a month), the Fairphone! Since I was one of the first 10.185 backers, a special edition with an extra message:

This blogpost is a short summary of the Vaadin 7.0 project I did last year, including tools used, lessons learned and a bunch of screenshots to show the results.Tools usedSpring 3.2 including annotation based configuration, Spring Task*Executor frameworkJPA2 with Hibernate 4.2 + JPA modelgen, including Envers for auditingJMS 2Vaadin 7.0.1JAXB 2.1Sp...

IntroductionSuppose you've setup a cool Vagrant image based upon a box from the Vagrant Hashicorp cloud. But suddenly one day the URL is gone! So the original box is gone. E.g this one, which gives a 404 page: https://atlas.hashicorp.com/box-cutter/boxes/ubuntu1404-desktopYour 'vagrant up' still works, vagrant will just complain it can't find the b...

In iOS 9 and higher apps, a higher level of ciphers is required for a certificate for Forward Secrecy.Before iOS 9, it was possible to let a site within a webview forward/redirect to another SSL protected site.For example it was possible to let another site redirect to this one in iOS 8: https://www.securesuite.co.uk/But since iOS 9 it is not allow...

Tomcat has many parameters for performance tuning (see http://tomcat.apache.org/tomcat-7.0-doc/config/http.html), but for some attribute descriptions it is not a 100% clear how some properties affect each other.A pretty good explanation regarding acceptCount and maxThreads can be found here: http://techblog.netflix.com/2015/07/tuning-tomcat-for-hig...