Mike`s Blog

Logging is some weird kind of aspect of software development. It's a necessary evil so to say. On the one hand, it's great to have the flexibility to either log in a file or to console, to roll the files, to enable certain log statements at runtime etc. But on the other hand, there are so many logging frameworks and so manyof them did wrong in their first encounter, it became quiet insane.

A few years ago, driven by the well-known problems of commons-logging, we've switched over to slf4j with log4j as engine. I don't regret that, as I like the slf4j-api and modularized design. I also kind of like log4j - its log4j.xml, its debug system parameters and that its practically spread all over the Java world. Yes, sure, there are some minor drawbacks, like the inability of the log4j committers to provide clean Maven pom.xml files for some version. Did they fix that btw?

Anyway, to cut a long story short: i've played around with Neo4j and Maven and came up with a quick Maven Repository scanner which counts the dependencies from reverse: it shows how often a certain artifact is referenced by another project as dependency. The data basis was my local repository (11988 artifacts) and it's surely biased to some degree. I'll try to get a clean Maven Repo mirror some day and rerun the experiment.

The winner is:

1162 times used (9,69%): org.slf4j
867 times used (7,23%): log4j
837 times used (6,98%): commons-logging


There is other interesting information in that experiment, like
20,33% of the artifacts are using junit, thereas 1,9% use testng. 21,13% use the Spring Framework and 6,45% of all the Maven artifacts in my repo use the javax.servlet spec. Easymock is used by 5,62% of the artifacts. Other popular libraries include com.sun.xml.bind, commons-lang, asm, Xerces, Apache Camel, Jetty, javax.xml.bind, javax.xml.soap, wsdl4j, commons-collections, Ant, Apache Cocoon, Apache Abdera, org.eclipse, commons-io, cglib, hibernate, velocity, woodstox and derby.

• Comments (0)
• Trackbacks (0)

How does my company/my team score at The Joel Test?

Let's see...
1. Do you use source control? YES
2. Can you make a build in one step? YES for most products, NO for others.
3. Do you make daily builds? YES
4. Do you have a bug database? YES
5. Do you fix bugs before writing new code? NO
6. Do you have an up-to-date schedule? NO. Either it changes too often, or stuff gets moved, or we're behind the schedule because we forgot something to do.
7. Do you have a spec? NO
8. Do programmers have quiet working conditions? NO. Coders interrupt each other very often.
9. Do you use the best tools money can buy? NO. The only good commercial tools are PL/SQL Developer and JProfiler. All others are open-source or other free tools with bad usability or incomplete integration (e.g. The Gimp, M2Eclipse)
10. Do you have testers? NO
11. Do new candidates write code during their interview? NO
12. Do you do hallway usability testing? NO. Occasionally we do, with at most 1 other "user".

Final score: 4/12

According to Joel, that's above average, but still too bad. We'll have to work on that.

The things i'm going to change next:
5) - fixing existing/known bugs before writing new code/new features.
2) - making all our high-level builds automated, not only single artifacts.

What concerns me most is point 7), although I haven't got a clear idea why and how to write a spec for something which is already being built. The current plan is to use the user's manual and developer's manual, extract abstract information and then detail it out into an architectural overview documentation.

• Comments (0)
• Trackbacks (0)

How to make a wild pig roast

• Comments (0)
• Trackbacks (0)
• Continue reading "Wild Boar Roast"

M2Eclipse and Eclipse Web Tools don't play along nicely. I can't blame the Sonatype people for not having the resources or the focus on WTP Integration and that they cannot officially support it full-blown - it's complicated.

But as many people develop for the Java Enterprise Edition platform and many people using Maven and many people use Eclipse WTP, i think we as a community should discuss possible solutions.

Here are my $.2

• Comments (0)
• Trackbacks (0)
• Continue reading "M2Eclipse and Web Tools"

Nagios is a tool for monitoring services, and I am using it to monitor virtual hosts. mod_security is an Apache httpd module which looks for suspicious HTTP traffic (e.g. trojans or hacker attacks) and blocks them.

As both tools are unaware of each other (which is a good thing) and i had an urgent need to write yet another blog post about minor technical quirks, let us look into todays issue more closely.

• Comments (0)
• Trackbacks (0)
• Continue reading "Nagios, mod_security and check_http"