OWASP Dependency Check for Vulnerability Reporting

John Hoestje Articles, Development Technologies & Tools, Java, Security, Tutorial Leave a Comment

TL;DR:ย Add OWASP Dependency-Check to your build process to get insight into your dependency vulnerabilities.

Recent major data losses and security vulnerabilities in open source frameworks *(and the applications that use them)* have caused the companies that use those frameworks to have elevated concerns regarding vulnerabilities. The elevated awareness is for good reason, too. After all, no one wants to be the next one to lose sensitive data, be the punching bag of others, or be the example of what *not* to do security-wise.

If you happen to be in a group that doesnโ€™t have any open source vulnerability reporting, OWASP Dependency-Check may be your short-term answer to get at least something in place. Adding OWASP Dependency-Check into your build process takes a relatively low effort. Other than not having the technology that stack Dependency-Check can help you with, there isnโ€™t a reason not to at least add Dependency-Check to give a little insight into your open source dependencies.

The following parts will help you get Dependency-Check integrated into your Java projectโ€™s build process. The instructions will be adaptable to the other technologies Dependency-Check supports, like Gradle or JavaScript. Dependency-Check is also available as a command line tool for your favorite OS. In this example, Iโ€™ll use a Java project with Maven….

Reading and Writing from Excel in Spring Batch

Rik Scarborough Articles, Development Technologies & Tools, Java, Spring, Spring Batch, Tutorial 4 Comments

We have discussed many different ways to read and write data in Spring Batch. The framework comes with quite an assortment of Readers and Writers that can be used directly or reused in some manner. Most of the time, the requirements consist of reading the data from some type of text file or database.

So what happens when the business we are supporting asks for something out of the ordinary, such as reading an Excel file and outputting the data to another Excel file? Typically the off-the-cuff response would be, โ€œcan you convert it to a CSV or other delimited text file?โ€ Or โ€œYou know, Excel will read a CSV file just fine.โ€ Sometimes that works, and sometimes the business requirements do not allow that type of flexibility.

Consider this scenario; in these days of Cloud and other online computing, the input file is likely created by a server that the company has no direct access to as far as programming. The file it creates is in one format, Excel. The output of your process has to go before several executives or other business clients and needs to be formatted in a professional looking manner. Adding a manual process to import a CSV and format it diminishes the value of using Spring Batch.

For the sake of the honor of the coding profession, you agree to the requirement to read and write from an Excel file directly. Now, how do you do that?…

What’s New in JUnit 5.2

Billy Korando Articles, Development Technologies & Tools, Effective Automated Testing With Spring Series, Java, Testing Leave a Comment

The JUnit team continues to make great progress in adding new features and enhancements to the JUnit 5 framework. We already have a second significant feature update after just seven months from the initial release of JUnit 5.

In this article, we look at some of the key features and enhancements added in JUnit 5.2 which was released on April 29th. We’ll focus on build tool enhancements that help in the adoption/migration to JUnit 5 for existing test suites and resolve annoyances, as well as what new changes further improve parameterized tests.

Migrating to Java 9

Billy Korando Articles, Development Technologies & Tools, Java, Programming, Spring, Spring Boot Leave a Comment

Java 9, after many delays and failed votes, looks to be finally arriving this September.

Java 9 will bring several new features: enhancements to Streams, a REPL, improvements to Collections, among others. But by far the biggest and most controversial change is Jigsaw. Jigsaw is introducing modularity to the JDK, a long topic in and of itself, but it is one of the major reasons upgrading to Java 9 will be more difficult than previous major releases of Java.

In this blog we will take a look at some of the benefits of running in a Java 9 environment, how to migrate a Spring Boot application to Java 9, and finally review some of the common problems you may run into and strategies for resolving them…

Spring Boot – The Right Boot For You!

Matt McCandless Articles, Development Technologies & Tools, Java, Spring, Spring Boot, Tutorial 1 Comment

Need a little spring in your step? Tired of all those heavy web servers and deploying WAR files? Well youโ€™re in luck.

Spring Boot takes an opinionated view of building production-ready Spring applications. Spring Boot favors convention over configuration and is designed to get you up and running as quickly as possible.

The aim of this blog is just to get you familiar with how to get Spring Boot going on your machine. It is going to be fairly straightforward and vanilla. The goal is to get you started…