Data Oriented Programming in Java

Key Takeaways

  • Project Amber has brought a number of new features to Java in recent years. While each of these features are self-contained, they are also designed to work together. Specifically, records, sealed classes, and pattern matching work together to enable easier data-oriented programming in Java.
  • OOP encourages us to model complex entities and processes using objects, which combine state and behavior. OOP is at its best when it is defining and defending boundaries. 
  • Java’s strong static typing and class-based modeling can still be tremendously useful for smaller programs, just in different ways.
  • Data-oriented programming encourages us to model data as (immutable) data, and keep the code that embodies the business logic of how we act on that data separately. Records, sealed classes, and pattern matching, make that easier.
  • When we’re modeling complex entities, OO techniques have a lot to offer us. But when we’re modeling simple services that process plain, ad-hoc data, the techniques of data-oriented programming may offer us a straighter path.
  • The techniques of OOP and data-oriented programming are not at odds; they are different tools for different granularities and situations. We can freely mix and match them as we see fit.

Project Amber has brought a number of new features to Java in recent years — local variable type inferencetext blocksrecords, sealed classes, pattern matching, and more. While each of these features are self-contained, they are also designed to work together. Specifically, records, sealed classes, and pattern matching work together to enable easier data-oriented programming in Java. In this article, we’ll cover what is meant by this term and how it might affect how we program in Java.

Object-oriented programming

The goal of any programming paradigm is to manage complexity. But complexity comes in many forms, and not all paradigms handle all forms of complexity equally well. Most programming paradigms have a one-sentence slogan of the form “Everything is a …”; for OOP, this is obviously “everything is an object.” Functional programming says “everything is a function”; actor-based systems say “everything is an actor”, etc. (Of course, these are all overstatements for effect.)

OOP encourages us to model complex entities and processes using objects, which combine state and behavior. OOP encourages encapsulation (object behavior mediates access to object state) and polymorphism (multiple kinds of entities can be interacted with using a common interface or vocabulary), though the mechanisms for accomplishing these goals vary across OO languages. When modeling the world with objects, we are encouraged to think in terms of is-a (a savings account is-a bank account) and has-a (a savings account has-a owner and account number) relationships.

While some developers take pleasure in loudly declaring object-oriented programming to be a failed experiment, the truth is more subtle; like all tools, it is well-suited to some things and less well-suited to others. OOP done badly can be awful, and a lot of people have been exposed to OOP principles

Read More... Read More

Well-known npm offer deletes data files to protest Ukraine war

This month, the developer at the rear of the popular npm package ‘node-ipc’ released sabotaged variations of the library in protest of the ongoing Russo-Ukrainian War.

Newer versions of the ‘node-ipc’ package began deleting all info and overwriting all documents on developer’s devices, in addition to creating new text files with “peace” messages.

With over a million weekly downloads, ‘node-ipc’ is a outstanding package applied by key libraries like Vue.js CLI.

Protestware: Ukraine’s ongoing disaster bleeds into open resource

Select variations (10.1.1 and 10.1.2) of the massively popular ‘node-ipc’ offer were being caught containing destructive code that would overwrite or delete arbitrary documents on a method for consumers dependent in Russia and Belarus. These variations are tracked less than CVE-2022-23812.

On March 8th, developer Brandon Nozaki Miller, aka RIAEvangelist launched open resource software program deals called peacenotwar and oneday-take a look at on both of those npm and GitHub.

The offers appear to have been originally designed by the developer as a suggests of peaceful protest, as they mainly add a “concept of peace” on the Desktop of any consumer installing the offers.

“This code serves as a non-harmful illustration of why managing your node modules is important,” explains RIAEvangelist.

“It also serves as a non-violent protest versus Russia’s aggression that threatens the environment proper now.”

But, chaos unfolded when pick out npm versions of the well-known ‘node-ipc’ library—also managed by RIAEvangelist, have been seen launching a destructive payload to delete all data by overwriting files of consumers setting up the bundle.

Interestingly, the malicious code, committed as early as March 7th by the dev, would go through the system’s external IP tackle and only delete details by overwriting information for customers based mostly in Russia and Belarus.

The code present inside ‘node-ipc’, especially in file “ssl-geospec.js” contains base64-encoded strings and obfuscation ways to mask its accurate objective:

node-ipc malicious code
Destructive code in ‘node-ipc’ that runs for Russian and Belarusian users (BleepingComputer)

A simplified duplicate of the code offered by researchers exhibits that for consumers dependent in Russia or Belarus, the code will rewrite the contents of all documents existing on a procedure with a heart emoji—effectively deleting all info on a method.

In addition, because ‘node-ipc’ versions 9.2.2, 11.., and all those bigger than 11..0 bundle the peacenotwar module inside of on their own, influenced buyers saw ‘WITH-Appreciate-FROM-America.txt’ documents popping up on their Desktop with “peace” messages:

WITH-LOVE-FROM-AMERICA.txt file
WITH-Really like-FROM-America.txt file with multilingual ‘peace’ messages ​​​​​​

Researchers at open supply safety company Snyk also tracked and analyzed the destructive exercise:

“At this stage, a very clear abuse and a essential provide chain protection incident will take place for any procedure on which this npm package will be known as upon, if that matches a geo-place of either Russia or Belarus,” writes Liran Tal, Director of Developer Advocacy at Snyk in a website publish.

Vue.js people worry more than source chain assault

Preferred JavaScript front end framework ‘Vue.js’ also uses ‘node-ipc’ as a dependency. But prior to

Read More... Read More

Data Doctors: Are extended warranties on computers worth it?

Practically anyone selling you a computer will likely try to get you to pay a little extra for a “protection plan” that goes above and beyond the standard factory warranty. Should you go for it?

Q: Are computer extended warranties worth buying?

A: No matter what tech device you buy, practically any retailer will likely try to get you to pay a little extra for a “protection plan” that goes above and beyond the standard factory warranty.

In some cases, it seems like such a small amount of money that you may think, “Why not get the extra coverage?”

But the credit card you made the purchase with may already provide basic protection.

Many of the electronic devices you’ll buy today don’t have the moving parts that would commonly wear out in the past, making the “protection” even less likely to pay off.

In the vast majority of cases, you’re simply improving the profitability of the sale for the retailer — which is why you’re seeing it virtually everywhere.

It’s not covered

When it comes to computers, there are a variety of reasons that buying “extra protection” up front can be a waste of money.

First and foremost, these protection plans generally only cover hardware components, which is rarely what causes aggravating computer problems.

In our 30-plus years of servicing computers, the vast majority of issues that we see are software- or operating system-based, which isn’t covered by most extended warranties or protection plans.

Retailers know most consumers don’t realize this, and won’t take the time to read the fine print. Even when some form of coverage includes the operating system, it means they will return the computer to the factory settings.

That means the stuff you really care about — your programs, data files, browser settings, printer drivers and desktop icons — are all going to be wiped out.

When you get your computer back from this type of “warranty” service, the burden of reloading your programs, restoring your data files (hopefully you had them backed up), reinstalling printer drivers and getting the computer to work the way it used to, is all on you.

Warranty service can also take a lot longer depending upon your device as large retailers may require the device to be shipped to a central repair facility in another state.

Maintenance plans

If you’re going to pay for extra coverage on a computer, it’s best to get a plan that covers software-based issues and includes data backup and restoration. Another thing it should address is the one that very few computer owners ever think about: maintenance.

The reason so many computer problems become complicated, time-consuming and expensive to fix is because most users tend to ignore the signs of a problem when they first appear.

They don’t reach out for help until the computer becomes unbearable to use, which means it’s likely loaded with problems by then. Imagine how expensive car repair would become if you never maintained your vehicle and waited until it

Read More... Read More