Java Kotlin

Null safety: Kotlin vs. Java

Last week, I was at the FOSDEM conference. FOSDEM is specific in that it has multiple rooms, each dedicated to a different theme and organized by a team. I had two talks: Practical Introduction to OpenTelemetry Tracing, in the Monitoring and Observability devroomWhat I miss in Java, the perspective of a Kotlin developer, in the Friends of OpenJDK devroom The second talk is from an earlier post. Martin Bonnin did a tweet from a single slide, and it created quite a stir, even attracting Brian Goe

Apache APISIX security

Securing Admin access to Apache APISIX

API Gateways are critical components in one’s infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from data theft to financial losses. Worse, data theft could only be noticed after a long time by mirroring the load. Hence, protecting your API Gateway is of utmost importance. In this short blog post, I’ll list a couple of ways to secure your Apache APISIX admin access. Change admin toke

Rust HTTP API

Learning by doing: An HTTP API with Rust

When I started working on this post, I had another idea in mind: I wanted to compare the developer experience and performance of Spring Boot and GraalVM with Rust on a demo HTTP API application. Unfortunately, the M1 processor of my MacBook Pro had other ideas. I'm trying to compile a *very* simple #SpringBoot #Kotlin webapp with #GraalVM native image. I'm using Liberica NIK via Docker on a M1 Mac. Compilation seems to be stuck. Anybody has a clue about what happens/how to pinpoint the i

REST Web APIs HATEOAS HAL

The quest for REST

Since I started working for Apache APISIX, I have tried to deepen my understanding of REST via various means. Did you read my review of API Design Patterns book? In the current literature, REST is generally promoted as the best thing since sliced bread. Yet, it comes with lots of challenges. In 2010(!), Martin Fowler wrote a post on the glory of REST. He lists three steps for an API to become truly REST: In each of these steps, issues lurk. This blog post focuses on listing some of them an

API design pattern

API Design Patterns

I already mentioned how I’m trying to get to speed in the API world: reading books, viewing relevant YouTube videos and reading relevant IETF RFCs. Facts 30 chapters, $35.00The author is a Principal Software Engineer at GoogleHe’s also the author behind https://google.aip.dev/ Chapters IntroductionDesign principlesNamingResource scope and hierarchyData types and defaultsFundamentalsResource identification: How to identify resources in an APIStandard methods: The set of standard

blog

2022 in retrospective

2022 is over, and not a moment too soon. I’ll never forget it: some of my friends had to flee their own country; others are fighting for their freedom as I write this post. I hope they will be safe and that their wishes will come true in 2023. On the personal and technical side, here’s a summary of the past year from my perspective. Job change First and foremost, I changed jobs. I worked for Hazelcast for 3½ years. However, I started to become dissatisfied with the company

mastodon twitter

An immutable Mastodon handle

Whether Twitter crumbles remains to be seen, though some signs are telling. Whatever happens, I’m continuing to invest a bit in Mastodon. Last week, I showed how to sync one’s content between Twitter and Mastodon. This week, I’ve set up a Mastodon handle on my domain that redirects to my profile page: I want to explain how I achieved it and the problems I’m still having. Mastodon 101 Mastodon is different from Twitter in that it’s not centralized: it’s a fe

twitter mastodon Rust GitHub Actions

Preparing to move away from Twitter

I opened my Twitter account more than 13 years ago, in August 2009. For 12 years, I kept focusing on professional-related content: Java, the JVM, programming, etc. I built my audience, trying to promote good technical content, either my own or stuff that I enjoyed reading. Then, on February 24th, Russia invaded Ukraine. My first visit to Ukraine was in 2014, just after the Maidan revolution. During eight years, I returned there often and made plenty of friends. Of course, I wanted to support

web HTTP cache performance

Web resource caching: Server-side

The subject of Web resource caching is as old as the World Wide Web itself. However, I’d like to offer an as-exhaustive-as-possible catalog of how one can improve performance by caching. Web resource caching can happen in two different places: client-side - on the browser and server side. In the previous post, I explained the former; this post focuses on the latter. While client-side caching works well, it has one central issue: to serve the resource locally, it must first have it in the