Skip to main content


Showing posts from March, 2023

Get Onboard Kotlin With Jetbrains

There's a free course designed for novices in Kotlin that focuses on the basic concepts of the language. Apart from the content itself, the interesting of this course is that it runs inside Intellij. full article on i-programmer:

Java Development Kit 20 Is GA

  JDK 20 is now generally available with many new features that render Java not just relevant to today's requirements but a few steps ahead. Let's find out what's new. Every JDK since the major revamping of Java with venerable version 8, has been adding something new and exciting to the language. For instance JDK 9 added Modules, 10 added Local-Variable Type Inference, 15 Text blocks and 19 the preview of Virtual threads under project Loom full article:

Sigstore Java - Sign And Verify Your Java Builds

  sigstore-java, currently under development but not yet ready for general-purpose use,  is a tool for signing and verifying Java package distributions with Sigstore's keyless signing. This is one more step taken by Sigstore towards securing the software supply chain. Sigstore signing empowers software developers to securely sign software artifacts such as release files, container images and binaries. These signatures are then stored in a tamper-proof public log - for free. full article on i-programmer:

Surveying Software Supply Chain Security

Chainguard, the co-creator of Sigstore, has conducted a survey to better understand if and how software supply best practices are utilized by the industry. We take a look at the findings. With the title,  SLSA++ A Survey of Software Supply Chain Security , it was actually run by a consortium comprising  Chainguard, the Eclipse Foundation, the Rust Foundation and the OpenSSF. Suffice to say that these resounding names put some weight behind it. It tried to address the following questions:  Is everyone doing software supply chain security, or is everyone just talking about software supply chain security? Do software professionals actually think different software supply chain practices are helpful, easy or difficult?  full article :

Jakarta vs Spring - The War Goes On

  In a very interesting webinar streamed live as part of the recent JConference, Antoine Sabot-Durand talked about "hostility" between J2EE/Jakarta and Spring and the differences between them from decades ago to the recent times. Antoine is a Java Champion. He is also the CDI 2. 0 spec lead, involved in Microprofile and various projects linked to CDI ecosystem development and thus Jakarta EE. full article :

JetBrain's Qodana Adds Taint Analysis For PHP

  Qodana Code Quality platform detects and flags programming errors such as bugs, security vulnerabilities, anomalous code, dead code and the like. Now it adds Taint analysis support too. Today's news is that JetBrains is adding a new automated Taint analysis feature to Qodana that minimizes the attack surface by introducing inspections that scan the code and highlight the potential vulnerability. PHP developers already have the opportunity to try it out in early preview and it will be extended to other languages in due course. full article on i-programmer:

Entity Relationship Diagraming with ERDLab

  ERDLab is a free and intuitive SQL Visualization Tool which helps in capturing your database design thoughts. Let's look into it. To be exact, ERDLab falls into the SQL schema visualization tools category. It allows you not only to draw your database design visually but also in code. And it's not just drawing per se; you can interact with your schema and explore its relationships end to end and also collaborate on it in a team. full article on i-programmer: