Thoughts on agile software development
Wie man es besser macht
Some algorithms are real classics and yet nobody really knows them. Day in, day out, everyone is happy about the beautiful wrapping of their text in the word processor, but why does the text actually look so beautiful spread across the lines?
A further step on the way to static templates is the automation of their creation. A Maven plugin can be used to convert the FreshMarker template sources into Java source code. Although there are now more modern build tools, Maven is still used in many projects. The first task of the Maven plugin should be the validation of template sources.
In previous articles on JUnit 5, various mechanisms were presented with which the JUnit tests could be made clearer. In this article, the ArgumentsAggregator is presented as an additional helpful mechanism.
Spring Modulith is now available in version 1.3.0. So it’s time to write an article about this framework. I have created many microservices with Spring Boot over the last few years, but of course that doesn’t mean that you can’t also create large, monolithic applications with the framework.
Every now and then, a way of working creeps in that is assumed not to correspond to established procedures. How nice it is when it is seen by many as a best practice and even has a name. In this case, it is a special version control practice, you guessed it, Trunk Base Development.
Sometimes a new feature also needs to be a bit of fun. When updating the FreshMarker Grammar, I noticed that the operators lt, gt, gte and lte were still present. These are variants of the usual <, >, <= and >= operators and are reminiscent of the opcodes of a long-forgotten era when assembler languages still roamed the steppes of programming. Since FreshMarker was given its Unicode capabilities by CongoCC, the question arose as to why not allow ≠ and other operator characters in the template.
It will come as no surprise that FreshMarker, like all other template engines, must take precautions against template injection. Template injection is a security vulnerability that occurs when an application handles templates insecurely. Templates are prefabricated files or strings with placeholders that are replaced by data from users or other sources. Similar to FreeMarker, FreshMarker also has an escape mechanism that detects special characters in the interpolations using a harmless variant. If the standard mechanism is not enough, OWASP can help out.
FreshMarker started as an academic project. The main aim was to show how a template engine can be created. At some point, however, the question arose as to how fast the template engine actually is. To be honest, it has been slow so far. But first things first.
This is an article that reports directly from the bowels of FreshMarker. It is therefore mainly worthwhile for readers who want to know a little more about how FreshMarker works.
Sometimes changes to a library are made so easily that it’s not really worth talking about. The Maven Plugin from posts Build Automatisierung mit eigenen Mojos verbessern and Trivial Pursuit – API MarkDown generates AsciiDoc documentation for simple OpenAPI descriptions. So far, the Maven Plugin uses a JSON description as input format. Since the YAML representation is used more frequently, its support would also be desirable.