Feed aggregator

How Expensive are your JDBC Operations?

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
It is now a week into our JDBC monitoring private beta program. Things are progressing fast and we expect to be ready to launch publicly within a month. But as the first results are already in, we are eager to demonstrate our initial findings. Preview Text:  It is now a week into our JDBC monitoring private beta program. Things are...
Categories: Java

10 Leading HTML5 Frameworks You'll Find Hard to Miss

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
As a perfect blend of native app and mobile web app concepts, Hybrid application has become one of the most talked about apps among the global web/mobile development community. One of the best things about hybrid apps is that they can be accessed even in the lack of an internet connection. The reason being very simple. Preview Text:  As a perfect...
Categories: Java

10 Ways to Find Your Alerting Sweet Spot with New Relic

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
[This article was written by Asami Novak] Preview Text:  Last week New Relic announced a number of exciting updates to our Software Analytics Platform, including a new streamlined alerting system designed to help users focus on fixing problems and eliminate “alert fatigue” with incident rollups. Legacy ...
Categories: Java

The Scale of Computing Latencies

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
[This infographic appears in the DZone Guide to Performance & Monitoring – 2015 Edition. For additional information including insight from industry experts and luminaries, performance statistics and strategies, and an overview of how modern companies are handling application monitoring, download the guide below.] Preview Text:  ...
Categories: Java

The JBoss apiman API Manager REST Services API

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
In this, the third article in our series on apiman, JBoss' new open source API Management framework, we'll examine apiman’s API Manager REST services API. apiman’s Management UI utilizes this API in the implementation for all of its user-visible features, and you can also use the same API to automate tasks with apiman. Introduction Preview Text:  ...
Categories: Java

Server and Storage I/O Benchmark Tools: Microsoft Diskspd (Part I)

Javalobby Syndicated Feed - Thu, 21-May-15 22:30
This is part-one of a two-part post pertaining Microsoft Diskspd.that is also part of a broader  Preview Text:  This is part-one of a two-part post pertaining Microsoft Diskspd.that is also part of a broader series focused onserver storage I/O benchmarking, performance, capacity planning, tools and related technologies. You can...
Categories: Java

Eclipse Project Explorer Filters

Javalobby Syndicated Feed - Thu, 21-May-15 22:00
Wondering why the Eclipse Project view might not show all files in the Project Explorer view? For example it shows this: Preview Text:  Wondering why the Eclipse Project view might not show all files in the Project Explorer view? Legacy Sponsored:  unsponsored ...
Categories: Java

It's evolution, baby! Web animations from GIFs to CSS3

Javalobby Syndicated Feed - Thu, 21-May-15 22:00
From the beginning. 1987. The year when GIF was born It was 1987 when the GIF format was introduced by the CompuServe company. After that, in 1989, animation support was added as one of the features. So, GIF became some kind of a standard in web animation. If somebody wanted to create an animated website back in the 90's, GIF was probably the first thing that they were thinking about. Here's an...
Categories: Java

JShell: Upcoming Java REPL, Packed Into JDK9

Javalobby Syndicated Feed - Thu, 21-May-15 22:00
Hack the Tower, Hack the OpenJDK Hack the Tower is a monthly developer meetup in Heron Tower on the 26th floor with stunning view to London. There are two communities behind this hackathon: London Java Community Preview Text:  JShell is hopefully coming with JDK9, providing an official REPL for Java. I had a chance to play with JShell, so...
Categories: Java

Q: How to Measure Software Security? A: Software Quality

Javalobby Syndicated Feed - Thu, 21-May-15 22:00
If you read the news these days, one would think that software security is something that is layered on top of existing software systems. The truth is, however, that software security needs to be woven into the very fabric of every system and this begins with eliminating vulnerabilities by measuring software quality as the system is built. Preview Text:  ...
Categories: Java

PowerShell Script Analyzer

If you write PowerShell scripts or modules, you need to pay attention to this!

As part of the many improvements and updates that Microsoft has been working on for Windows 10 and PowerShell 5, they created a new module that is very important for the PowerShell ecosystem to take note of.  It’s so important, that you need to pay attention to it even if you’re not using PowerShell 5 much yet.

PowerShell Script Analyzer (PSScriptAnalyzer) is a module whose intent is to provide a detailed analysis of PowerShell script and module files.  This includes ps1, psm1, and psd1 files.  In computer programming, this is referred to as a linting tool.  A linting tool is simply a piece of software that identifies and flags suspicious usage of the software that is identified through static analysis of the source code.  PowerShell Script Analyzer performs this task by analyzing whatever ps1, psm1, and psd1 files you tell it to and using a set of built-in and user-defined rules that each identify specific undesirable or suspicious usage of the PowerShell language in those files.

This module is very important because any module that is published to the PowerShell Gallery in the future will automatically be analyzed with this module.

When PowerShell Script Analyzer was originally exposed to the community, it was as a built-in module that ships with PowerShell 5.0.  That was useful, however the PowerShell Script Analyzer team wanted to get more community involvement with this module.  To achieve that goal, they pulled the module from the April preview of PowerShell 5.0 and made it available as open source on GitHub instead (hooray for open source!).  That was a step in the right direction, but it still required PowerShell 5.0 to function, and if you’re anything like me, you still spend most of your time in PowerShell 3.0 or 4.0.  Since it’s open source though, that opens up some new possibilities, so recently I forked the project on GitHub and added downlevel support for PowerShell 3.0 or later.  I have a pull request to have this integrated into the main project that is currently being reviewed, so hopefully in a little while this PowerShell 3.0 support will be integrated into the main project and available on the PowerShell Gallery.  In the meantime you can find my fork here, and you can download the module built from that fork here: PSScriptAnalyzer for PowerShell 3.0 and later.  Now that this module includes support for PowerShell 3.0 or later, more community members can participate and provide feedback on this important module.

You should immediately start using the PSScriptAnalyzer module to perform static analysis of anything that you share with the community so that what you publish is clean.

Once you have this module on your system, you probably want to know how to use it.  This module currently includes two PowerShell cmdlets: Get-ScriptAnalyzerRule and Invoke-ScriptAnalyzer.  Get-ScriptAnalyzerRule will return a list of the rules that are in use by Script Analyzer to perform its analysis of your script files.  At this time there are 7 informational rules, 26 warning rules, and 4 error rules.  Invoke-ScriptAnalyzer will analyze one or more files that you identify using the rules that are in use by Script Analyzer, notifying you of any infractions to those rules so that you may correct them.

The final list of rules that are used in the RTM release of PSScriptAnalyzer will be decided upon based on community feedback.  Additionally, how those rules function is dependent on community feedback, and the list of rules that will ultimately block a module from being published to the PowerShell Gallery will also be chosen based on community feedback.

You should provide feedback to the PSScriptAnalyzer team about the rules that it uses, identifying bugs of course, but also identifying rules that shouldn’t be rules, rules that are missing, rules that have an incorrect severity, and any other changes that should be considered regarding the rules that are used.

If you have feedback to share, you should do so on the Issues and Discussions page of the PowerShell Script Analyzer project.  If you haven’t clicked on that link already, do so now.  You’ll see that there are a lot of discussions that are currently ongoing, and issues that are already being raised.  Given the importance of this module for the PowerShell community, if you have feedback to share, share it!  The PowerShell Script Analyzer team needs it.

The PowerShell Script Analyzer team is so eager to engage with the community that they have even started hosting live update meetings to the public.  These are currently planned for every three weeks, but that schedule may change as required.  The next meeting is currently scheduled for Tuesday, May 26th at 2PM EDT (link to calendar invite).  It would also be worthwhile to keep an eye on the Twitter accounts of PowerShell MVPs (you can find me here: @poshoholic) as well as on the PowerShell Team Blog and the PowerShell Slack channel (more on that in another post) for further announcements about these meetings.

With all of those details out of the way, you may be wondering how you can use this module.  That’s a good question, because documentation hasn’t been published for this module yet.  The module is very easy to use, but at first the information it provides can be very overwhelming so you should take small steps when you’re just getting started.  I’m going to use the remainder of this blog post to walk through what it is like using this module.  Don’t be intimidated.  This module is still under development, and the details you uncover when you start using it can be a little daunting.  If you’re having a hard time, reach out to the rest of the community for feedback and someone should be able to help you through it.

Remember, this module will be analyzing files that have not previously been analyzed, ever, identifying places where you might want to improve those scripts, so at first it may seem very noisy.  Also keep in mind that some of the things it identifies are completely benign – this is where community feedback comes in, so that we can help steer the team towards a final set of rules that really makes sense.

As an example, I’m going to use PSScriptAnalyzer to analyze my HistoryPx module.  First, I’ll change the current location to the root of my HistoryPx module (On my system I simply cd into Modules:\HistoryPx).  Then once I’ve done that, I’ll run an analysis on the psm1 file, by invoking the following command:

Invoke-ScriptAnalyzer -Path .\HistoryPx.psm1

Here’s what the results of that command look like:

image

This shows me that according to PSScriptAnalyzer, I have 8 rules that are being broken, and each of these rules has a severity of warning.  Now that I have some output, I need to review what it is telling me to see if I have anything that I actually need to change.  Here’s a breakdown of what these rules are trying to tell me:

The first two warnings are based on a rule that is called PSAvoidGlobalVars.  That rule simply indicates that you shouldn’t use global variables.  In HistoryPx, I refer to the $Error variable, and I use $global:Error to do so.  In this case, the warnings are benign, because the rule is too strict.  It should actually check to see if I am using non-builtin global variables, not global variables in general.  That is my opinion at least, and since it doesn’t do that right now, I’m going to open an issue with the PSScriptAnalyzer team on GitHub using the link I provided earlier (copied here).  A quick search revealed no open issues related to PSAvoidGlobalVars, so I opened one (here).

While typing the rest of this blog post, the PSScriptAnalyzer saw the issue I logged and responded thanking me for reporting it and indicating they would fix it soon.  This type of responsiveness makes supporting them and contributing to this module an absolute pleasure!

The third warning comes from a rule called PSAvoidUsingPositionalParameters.  When you share scripts, using positional parameters is discouraged because the person reading your script may not know what parameter is being used.  To address this problem, you should always use named parameters in your scripts.  PSScriptAnalyzer did its job by identifying where I had left out a positional parameter, so I need to fix that.  The warning indicates which file and what line number were being analyzed when the warning was found, so I simply open up HistoryPx.psm1, make the change by adding the missing “-Message” named parameter, and then move on to the next warning.

Warning number 4 indicates that I shouldn’t use the trap statement.  I use the trap statement in script modules I write because it ensures that terminating errors are properly treated as terminating errors if they are raised while the module is loading, which ensures that the module does not load in a semi-functional or broken state.  Therefore, this warning is benign for me and another issue I need to open with the PSScriptAnalyzer project (which I did, here).

Note: if you do come across something where you feel you need to open an issue, search the Issue page using the Filter box for the rule name and see if the issue has already been posted first.  If so, contribute by adding any comments you want to share to that issue rather than opening a new issue.  That will help the PSScriptAnalyzer team decide what to do with these issues once they are opened.

Moving along, warnings 5 through 7 all come from the PSAvoidUninitializedVariable rule, which identifies that I haven’t initialized a few variables before using them in my psm1 file.  However, that rule only identifies when variables are initialized in the same file – it does not identify when variables are initialized elsewhere, and in this case, as with all of my modules, I initialize these variables in a snippet that this module uses, so the warning is benign.  For these warnings, I can open another issue about the rule, but I’m a bit of an exception in this case.  Alternatively I can suppress the warnings if they are truly benign and not considered a bug by adding a System.Diagnostics.CodeAnalysis.SuppressMessageAttribute to my script module file.  For example, if I add this to the top of my psm1 file, warnings 5 through 7 go away:

[Diagnostics.CodeAnalysis.SuppressMessageAttribute(‘PSAvoidUninitializedVariable’, ”)]
param()

This suppresses that rule in the current file for all variables.  I can suppress it for a single variable by replacing the empty single quotes with a variable name in single quotes, but that only suppresses the rule for one variable.  From what I can tell there is no way for me to suppress the rule for multiple variables (wildcards are not supported, and if I use multiple attributes, the last one I use wins).  There are some obvious bugs/design issues with this right now, but the point is, you should be able to suppress rules that you know you can safely ignore.

Be careful when you suppress rules.  If you suppress a rule, you want to suppress it in a minimalistic fashion, so that you still get the benefit of that rule in other places.

In this case, I’m not sure what the right action is, but the rule itself has issues, so I decided to open up an issue as a discussion topic on GitHub (here).

If you feel something is wrong but you don’t have a bug to log, opening a discussion on the Issue page is a great approach to take.

With that out of the way, I’m on to the last warning that was raised for my HistoryPx module: PSUseDeclaredVarsMoreThanAssignments.  This warning is nothing but confusing for me.  It is being raised because PowerShell Script Analyzer thinks I’m doing something wrong when I assign a script block to a property on a variable that it thinks is not initialized.  That would be wrong if the variable was actually not initialized, but the warning in this case seems simply like a bug, so I’m logging it (here).

At this point, I have passed through all the warnings generated by the analysis, made one change to correct one of them, and started logging some issues to deal with the others.  As development continues on PSScriptAnalyzer, this scale should tip dramatically to the point where you have more correctible warnings/errors for your scripts and much fewer issues to log.  For now though, it is a work in progress, but I suspect that over the next little while you’ll see a lot of improvements to address the issues that are being identified in the community.

With one file done, I can now check another file, or run analysis recursively over my entire module.  To perform recursive analysis, you would run this command from your module root folder:

Invoke-ScriptAnalyzer -Path . -Recurse

That will recursively analyze all files in your module so that you can get a high level view of everything that needs to be corrected.  The goal here is simple: continually fix the issues over time so that when you run this command recursively, you only see new issues that pop up (or ideally, no issues at all).  That will be the best way for you to maintain a high quality for any modules and scripts that you want to share with the community.

There are more things you can do with this module (such as create your own rules), but for now I just wanted to give you a taste of what it is like, and how the feedback process works so that you can start giving it a try and participating in the community effort to steer this in the right direction.

I hope to see you at the PowerShell Script Analyzer Community Meeting next Tuesday!

Kirk out.


Categories: Powershell

Try Optimizing Memory Consumption First

Javalobby Syndicated Feed - Wed, 20-May-15 23:00
[This article by Peter Lawrey comes to you from the DZone Guide to Performance & Monitoring -- 2015 Edition. For additional information including insight from industry experts and luminaries, performance statistics and strategies, and an overview of how modern companies are handling application monitoring, download the guide below.] Preview Text:  ...
Categories: Java

Powering Apple Watch Apps with IBM MobileFirst - Part 1

Javalobby Syndicated Feed - Wed, 20-May-15 23:00
This is the first entry in a multipart series on powering native iPhone and Apple Watch apps using the IBM MobileFirst Platform.  In this entry we will cover how to setup the MobileFirst Platform for use within Apple WatchKit apps and leverage the operational analytics and remote logging features. So, let’s first take a look at the app we’re going to build in this video: ...
Categories: Java

How Does Hibernate NONSTRICT_READ_WRITE CacheConcurrencyStrategy Work

Javalobby Syndicated Feed - Wed, 20-May-15 23:00
Introduction In my previous post, I introduced the  Preview Text:  When cached data is changeable, we need to use a read-write caching strategy and this post will describe how NONSTRICT_READ_WRITE second-level cache works. Legacy Sponsored:  unsponsored ...
Categories: Java

MongoDB World Conference - Scale the Universe!

Javalobby Syndicated Feed - Wed, 20-May-15 23:00
Want to join a couple thousand developers, administrators, and others to talk about MongoDB? Of course you do! Which is exactly why you should check out the MongoDB World Conference, "the largest global MongoDB conference to date!" The conference will be in New York, NY, June 1-2. Here's some more info from the MongoDB World webpage: Data is only worth what you make of it. MongoDB elevates the...
Categories: Java

Do We Really Still Need a 32-bit JVM?

Javalobby Syndicated Feed - Wed, 20-May-15 22:30
Even today (and it's 2015) we have two versions or Oracle HotSpot JDK - adjusted to 32 or 64 bits architecture. Preview Text:  Even today (and it's 2015) we have two versions or Oracle HotSpot JDK - adjusted to 32 or 64 bits architecture. Legacy Sponsored:  ...
Categories: Java

Taking Ozark for a Test Drive…

Javalobby Syndicated Feed - Wed, 20-May-15 22:30
Hey… my first screencast.. aka video blog ;-) Although it’s 20 minutes long, but I am pretty sure that actually writing a blog would have taken longer. Feels good… pretty efficient ha ! Preview Text:  Trying to experiment with Ozark, the Reference Implementation for MVC 1.0 which is a candidate for inclusion in the upcoming Java EE...
Categories: Java

Percona Security Update: oCERT and SSL Improvements

Javalobby Syndicated Feed - Wed, 20-May-15 22:30
[This article was written by David Bushby] Preview Text:  We have recently become a member of oCERT to aid in allowing responsible disclosure for Percona products and services as can be seen on their members page. We are presently working on the verbiage for the responsible disclosure program, and we are also investigating establishing a bug bounty...
Categories: Java

Tracking and Notifying Geolocation Status with Ionic

Javalobby Syndicated Feed - Wed, 20-May-15 22:30
On Twitter, Snehal reached out to me with an interesting question. Given a location X, he wanted to track a user’s location and know when they were within a certain distance to X. By itself, that’s not really a difficult task. You need to: Preview Text:  On Twitter, Snehal reached out to me with an interesting question. Given a location X, he...
Categories: Java

Tips for Apple Watch Development with Xcode & WatchKit

Javalobby Syndicated Feed - Wed, 20-May-15 22:30
Co-written by Jen LooperThe arrival of the Apple Watch has sent some developers scrambling to update Xcode and either create a new, watch-friendly app for distribution in this new ecosystem, or add a watch app as an extension to an existing iOS app to enhance a previously-developed project. Preview Text:  The arrival of the Apple Watch has sent...
Categories: Java

Thread Slivers eBook at Amazon

Syndicate content