API

OffHeap 70. Buy, Sell, Or Skip! Looking at NFTs (forever code, and ransom in Open Source!)

February 9, 2022 Freddy Guime API, Open Source 0 Comments

There are times when there’s something in tech that starts brewing, and creating huge waves. We are just going through those times with Bitcoins and now the newly created Non-Fungible-Tokens (or NFT for short). If you have been surrounded by “bored apes”, or “lucky goats” and wanted to understand what NFTs are (or aren’t), then take a listen!

In addition we revisit the big npm-libs-colors debacle on which an open source contributor single-handedly sent the javascript world scrambling as he poisoned-pill his own work (what does it mean to rely on open source dependencies from individual contributors?). It’s a tough topic because we are really built most of our technology on open source.

We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

News
Devnexus
https://devnexus.org/

jChampions – January 2022
https://jchampionsconf.com/schedule.html

npm Lib corruption
https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/

Spring Boot 3.0.0.M.1 Released/
https://spring.io/blog/2022/01/20/spring-boot-3-0-0-m1-is-now-available

Spring Framework 6.0.0.M2 Released
https://spring.io/blog/2021/09/02/a-java-17-and-jakarta-ee-9-baseline-for-spring-framework-6

Tomee 9.0.0 – Jakarta EE 9.1 Web Profile Certified
https://tomee.apache.org/

Discussion

NFTs
https://en.wikipedia.org/wiki/Non-fungible_token

NFT Music Video (by @fguime)
https://www.youtube.com/watch?v=UBnSK3txVGo

The Web3 Fraud (Opinion Nicholas Weaver)
https://www.usenix.org/publications/loginonline/web3-fraud

OffHeap 69. Ok, so the internet burned down with Log4J.

January 3, 2022 Freddy Guime API, Open Source, Security 0 Comments

Hopefully you have had some time to R&R, but if you were in tech around Dec 2020, you heard that there was this massive security incident around Log4j. It affected almost everyone, from large to small companies, and if you work in Java, chances are that you might’ve to work on it too (and if you haven’t, it’s a good idea to double-check your code)

It has a severity of “10”, which is rare, and what makes it hard to ignore. If you want to understand what it was about, and how it got there, then take a listen. Learn how to patch against it, as we travel and dive into the mechanics and the missed opportunities that happened.

http://www.javaoffheap.com/datadog
We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

News
MicroProfile 5.0:
https://microprofile.io/

Eclipse IDE Release
https://www.eclipse.org/downloads/packages/release/2021-12/r

NetBeans 12.6 Release
https://netbeans.apache.org/download/nb126/index.html

Spring Native 0.11 Release
https://docs.spring.io/spring-native/docs/current/reference/htmlsingle/

Discussion

Log4j2
https://www.lunasec.io/docs/blog/log4j-zero-day/

It made CNN:
https://www.cnn.com/2021/12/13/politics/us-warning-software-vulnerability/index.html

OffHeap 64. Autobots…Rollout to the Bar!

September 8, 2021 Freddy Guime API, Open Source 0 Comments

Color me jealous! Most of the OffHeap crew (excepting me, Freddy) went back to our roots, and recorded Java Off Heap at the RoundHouse! (The local bar, where Episode 1 was recorded!). It was a great opportunity to be mostly zoom-less and let the conversation flow whenever it wants to flow!

In addition we got Cedric Hurst (@divideby0) to join us there! In all an interesting evening, with libations, Boston Dynamics Acquisition, a deep discussion on the “Right to Repair”, and the implications of GitHub Copilot (the auto-filler AI-powered, FOSS trained helper) on this field!

http://www.javaoffheap.com/datadog
We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

JAX London 10/4 – 10/7 (hybrid)
https://jaxlondon.com/blog/java-conference/

EclipseCon 10/25 – 10/28 (online)
https://www.eclipsecon.org/2021

Jakarta One LiveStream 12/7 (online)
https://jakartaone.org/

Jconf.dev (In person) 12/8 – 12/10
https://2021.jconf.dev/

Boston Dynamics Acquisition
https://www.bostondynamics.com/hyundai-motor-group-completes-acquisition

Microsoft Pentagon contract cancelled
https://www.cnn.com/2021/07/06/tech/defense-department-cancels-jedi-contract-amazon-microsoft/index.html

Big MS Security Update
https://www.cnn.com/2021/07/07/tech/microsoft-security-update/index.html

Github Co-Pilot
https://twitter.com/kellabyte/status/1411449622288076801?s=21

Ruling on Google Gender Bias lawsuit
https://www.latimes.com/business/story/2021-05-27/google-gender-bias-class-action-lawsuit-women?_amp=true

Right to Repair –
https://petapixel.com/2021/07/07/president-biden-will-order-ftc-to-create-right-to-repair-rules-report/

OffHeap 61. Return of the APIs (Supreme Court Ruling on Oracle v Google)

May 1, 2021 Freddy Guime API, Google, Open Source, Regulation 0 Comments

Ok, 60 episodes ago, back when were were young and innocent, we started this podcast with coverage on the copyrightability of APIs. There were twist…there were turns! And a ton of nail-biting moments, but, finally it seems that the Supreme Court made a ruling (that APIs are not copyrightable)

In this episode we cover the timeline, the ruling, and the possible effects it means for all of us developers, starting on the original days of Sun, and then going all the way to April 5th. We are not lawyers but pundits, and as such, we engage in punditry as we dissect what the Supreme Court ruling said (is it narrow? overarching? did they get the analogy right?)

Would this turn out to be a George-Lucas moment where there will be more litigation? Episode VII, VIII or IX? or a Jar-Jar Binks moment? We don’t know, but we sure be covering them if they happen in our watch!

We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

Jakarta EE 9.1 – May
https://blogs.eclipse.org/post/mike-milinkovich/eclipse-jetty-11-supports-big-bang

GlassFish 6.1.0 – Aim for JDK 16: (?)
https://arjan-tijms.omnifaces.org/2021/04/glassfish-now-runs-on-jdk-16.html

JetBrains IntelliJ IDE 2021.1: (?)
https://www.jetbrains.com/idea/whatsnew/

JDK 17 Early Releases and Timeline:
https://openjdk.java.net/projects/jdk/17/

Oracle releases R2DBC driver
https://r2dbc.io/drivers/

Dell will spin off VMware
https://www.businessinsider.com/dell-to-spin-off-vmware-stake-2021-4

Oracle v Google FINALLY!
https://www.supremecourt.gov/opinions/20pdf/18-956_d18f.pdf

OffHeap 60. JDK 16, Spring Native, Micronaut, Microprofile and GraalVM have new releases! Author tags, And Companies blaming Interns (boo!)

April 4, 2021 Freddy Guime API, Java EE, OpenJDK 0 Comments

Hey y’all, well, this episode we dive into tons of fun stuff. There are new toys w/JDK 16, Spring Native and Graal. Essentially, it’s a fun time to play with Native and new JDK 16 features (Records are mainstream!).

And in a one-two punch, Spring Native release of 0.9, and Graal news of adopting truffle makes the ideal of adopting native images for your Java builds not far-fetched. It might have still some rough edges, but oh my, for some projects, it went from being painful, to a non-issue. So yeah. Millisecond startup times coming up!

Micronaut is also out with 2.4.0, which we think is actually healthy! (we worried for a second or two). And Microprofile also has a release, with its LRA (and SAGA! pattern). We really wished SAGA was an acronym

In addition some interesting consolidation happening with Crowdstrike buying Humio, and Okta acquiring Auth0. Interesting moves in security and authentication to say the least.

We see how deep SolarWinds go with blaming an intern for their security woes. If that’s your strategy, you already lost at the security game (shame!)

And lastly, oh my, there is an Outlook vulnerability making its rounds. Important enough to hear (and patch!). You don’t want weird inetpub/wwwroot files hanging in your outlook server.

http://www.javaoffheap.com/datadog
We thank DataDogHQ for sponsoring this podcast episode

DO follow us on twitter @offheap
http://www.twitter.com/offheap

Take the JVM Survey!
https://snyk.io/blog/java-ecosystem-survey-2021/

JDK 16
https://blogs.oracle.com/java-platform-group/the-arrival-of-java-16

MicroProfile LRA
https://openliberty.io/blog/2021/01/27/microprofile-long-running-actions-beta.html

CrowdStrike nabs Humio for $400M – https://techcrunch.com/2021/02/18/logging-startups-are-suddenly-hot-as-crowdstrike-nabs-humio-for-400m/

Micronaut 2.4.0
https://github.com/micronaut-projects/micronaut-core/releases/tag/v2.4.0

Okta acquires Auth0: https://techcrunch.com/2021/03/03/okta-acquires-cloud-identity-startup-auth0-for-6-5b/amp/?__twitter_impression=true&guccounter=1

SolarWinds blaming an intern
https://twitter.com/cnn/status/1365445311066480641?s=21

@Author tags:
https://twitter.com/headius/status/1366517443112402944?s=20

Graal and Truffle
https://www.graalvm.org/reference-manual/java-on-truffle/

Microsoft Exchange Mass Hack:
https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/

Episode 1. Java Off-Heap. Let us introduce ourselves and talk APIs

April 13, 2015 Freddy Guime API 1:16:35 1 Comment

The Maiden Voyage of the Off-Heap, as they venture outside of their Java world, and take a look at what’s happening Around Java (not just inside). We start by swinging with the Heavy-Hitters and talk about Oracle Vs Google, The values of Tech Interviews, and the End-Of-Life of Java 7 (is it?). Come take a listen to the Coolest Java Technical News podcast out there (we might be biased though).

Visit us at http://www.javaoffheap.com!