Topic: General Level: All
In this post, we shall catch up on the multi-faceted technological updates that happened over the past week as well as a few that seized my attention,
How can a DTO contribute to enhancing the security of the java application? A DTO can be a JavaBeans (encapsulated) or POJO (no constructor) or an immutable Record class (added advantage on serialization), that maps the data from the database layer domain model to the presentation layer, restricting the data on a need-to-know basis and acts as a proxy providing filtering and preprocessing.
https://snyk.io/blog/how-to-use-java-dtos/
https://snyk.io/blog/how-to-use-java-dtos/
By employing static code analysis tools, the NullPointerException feasibility on the code flow is determined, making the code not only null-safe but also cutting down the exception propagated stacktrace given in the piped code sequence invocation. (ie., object.methodA().methodB()). Optional and null checking annotations (@NotNull, @Nullable) implementations address part of the problem. By having explicit null type references as in Kotlin the compiler can evaluate the nullness possibility however in Java there is no null type defined. Combining null annotations with a static code analyzer and integration with Java compiler API as a compilation step is the idea behind Meta's Nullsafe analyzer. Nullsafe uses abstract syntax tree (AST) and control flow graph(CFG) data structures for analyzing code in two-phase
1. Type inference - possibility of nullness
2. Type checking - the flow of nullness
https://engineering.fb.com/2022/11/22/developer-tools/meta-java-nullsafe/
SnapStart Lambda function creates an immutable encrypted snapshot copy of the memory and disk state in the INIT stage (running static code part), of the lambda processing function, thereby on subsequent invocations the state is retrieved from the cache in chunks on an as-needed basis and used to populate the execution environment.
And any new execution environment doesn't require an INIT stage, straightaway head to INVOKE stage.
This speeds up the lambda function startup time significantly.
https://aws.amazon.com/blogs/aws/new-accelerate-your-lambda-functions-with-lambda-snapstart/
https://aws.amazon.com/blogs/compute/reducing-java-cold-starts-on-aws-lambda-functions-with-snapstart/
Decoupling the application properties to a centralized config server allows for independently performing modifications to the properties without requiring recompilation and redeployment. Integrating a config server with a management repository like Git provides seamless fetching of the properties. Properties can be overridden by defined locally in the client application that takes precedence over the property in the config server categorized with respect to the profiles. If the client application specifies the client name then the corresponding properties filename will be loaded, else falls back to the default application.properties. Furthermore, we can define the property placeholders in the files that get resolved via the default properties. External properties will have no precedence over the application properties by specifying the overriding capability to false via the cloud starter bootstrap dependency.
https://www.baeldung.com/spring-cloud-config-remote-properties-override
Executing a business use case for CQRS with EventSourcing principles.
Command Query Responsibility Segregation (CQRS) - Separates the data writes from the data reads.
EventSourcing - Storing the events chronologically that are leading to a particular stage change.
By applying CQRS+EventSourcing, each event is persisted in the writes and the read comes from the sequence of events, with time complexity O(1) as no computes are involved during the reads.
Events in CQRS are domain entity aggregates per DDD, that enforce its data consistency/integrity using invariants, and state changes are within the event lifecycle.
Commands to the application are synchronous and event representations are asynchronous, maintaining data consistency in CQRS between writes and reads leads to the Event consistency of the internal and external events.
The case study explores further achieving strong consistency in a distributed ecosystem accounting for concurrency as well.
https://itnext.io/1-year-of-event-sourcing-and-cqrs-fb9033ccd1c6
Consolidated REST exception handling via ControllerAdvice type and extending ResponseEntityExceptionHandler to handle exceptions by ProblemDetail API vs. ErrorResponse API by returning proper RFC 7807 responses for codes and messages.
Or by incorporating ProblemDetails within the ErrorResponseException type we can avoid having the ControllerAdvice class.
https://www.sivalabs.in/spring-boot-3-error-reporting-using-problem-details/
Disclaimer:
This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the blog owner and do not represent those of people, institutions or organizations that the owner may or may not be associated with in a professional or personal capacity, unless explicitly stated. Any views or opinions are not intended to malign any religion, ethnic group, club, organization, company, or individual. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.
Downloadable Files and ImagesAny downloadable file, including but not limited to pdfs, docs, jpegs, pngs, is provided at the user’s own risk. The owner will not be liable for any losses, injuries, or damages resulting from a corrupted or damaged file.- Comments are welcome. However, the blog owner reserves the right to edit or delete any comments submitted to this blog without notice due to :
- Comments deemed to be spam or questionable spam.
- Comments including profanity.
- Comments containing language or concepts that could be deemed offensive.
- Comments containing hate speech, credible threats, or direct attacks on an individual or group.
Comments
Post a Comment