A Java Geek weekly 110

In my penultimate post, I described the use-case of an e-commerce shop.

In general, interactions in such a shop are the following:

• You can browse a catalog of items
• Each item has a price tag
• You can put x items in your cart

It’s when the exciting part starts.

On most pages, you want to give users a condensed view of their cart’s state. Here are a couple of options for the state’s view:

1. Empty/non-empty
2. Number of cart lines
3. Number of items
4. Total cost. In demos, it’s as simple as the sum of each cart line which amounts to the item’s price times the quantity; in real life, there will be discounts, get X for Y, etc.

All the above views consist of derived values. The question is now, when would you compute it? There are two general approaches:

• eagerly ,i.e., every time you change the cart (by adding, updating, or removing a cart line)
• or on-demand ,i.e., only when you display the condensed view

I feel like most devs have this magical notion in their heads that their project is something like Netflix. It’s wishful thinking, and I get it – you want to be as successful as Netflix. But it makes you make the wrong technical decisions, and all of a sudden they think they need to have distributed servers all over the world because their users will somehow notice a few milliseconds difference in latency when they tap a button.

We didn’t realize how much we loved Spring Boot Actuator until it was gone. Health checks, metrics, environment details — all “just worked” in Spring. With Quarkus, we had to piece together multiple extensions and still felt like something was missing.

Spring Security sugar? Rewrite. Kafka integration? Manual elbow grease. Using Quarkus sometimes felt like dating someone who’s fun at parties but forgets your birthday.

I try not to judge design decisions on whether they end up being prescient, but on how easily they can be changed when we learn exactly why they weren’t. Instead of elaborate, future-proofed code, I try to encourage small, simple bits of code that are easy to move around, change, build on, or even delete.

This is an effort to create a fully functional Kubernetes cluster with 1 million active nodes.

1. Legacy systems lack a universal definition and mean different things to engineers (code they didn’t write), architects (non-strategic systems), and executives (products without market fit).
2. Most people incorrectly define modernisation as complete rewrites, which historically fail (citing Netscape’s failed browser rewrite that cost them market dominance).
3. Organisations should optimise for continuous change rather than debating legacy vs. modernisation, building systems that are inherently adaptable and replaceable.

While there is no evidence that the vulnerability was ever exploited, Wiz identified 330K Redis instances exposed to the internet, including over 60K without authentication configured, and 57% of cloud environments installing Redis as container images, many without proper security hardening.

Database breaches aren’t the only way to get hacked payment card details anymore. Increasingly, the card numbers sold on the dark web are brute forced.