Week summary of posts and links #3.

Linus on sha1

As you had to notice google announced a way to generate sha1 collisions. Sha1 is best known because of git, so what exact consequences it will have to git by Linus himself. Conclusion is that we are all fine if you use git only for non-binary data. Linus also mentions that there is a transition plan to another hashing function.

Double curly braces

Not having in-place initialization in java is a pain. But solving it using double braces initialization is not that good idea as shown in Don’t be “Clever”: The Double Curly Braces Anti Pattern article. But what really caught my attention was one of the comments.

public enum Animal {
  Dog {{
    canFly = false;
    canRun = true;
    canBark = true;
  }},
  
  Eagle {{
    canFly = true;
    canRun = false;
    canBark  = false;
  }}

  protected boolean canFly;
  protected boolean canRun;
  protected boolean canBark;

 public boolean canFly()....
}

This is actualy very clever way to initilize an enum while adding more readability to it.

Exceptions, Exceptions

Analysis of Exception Handling Patterns in Java Projects: An Empirical Study. Exception handling is hard. This paper shows how bad we are at it. Table 3 shows that the most catched exception is generic Exception and Throwable. This means that the code probably does no error handling at all, because how do you handle generic error? What is usually done in catch block can be found in chapter 4.1. Most of the time only logger, printStackTrace method or sysout is called and as shown in Figure 4 most of the time it is the only thing done in catch block. Other statements done in catch statements are none at all or rethrowing checked exception with unchecked one. There are also best practices for exception handling in chapter 5.

TDD theory sources

I was asked if there are any sources how to learn TDD? This is my read list

I would also suggest looking up your nearest coderetreat community to practice TDD. I also organize one day TDD intro trainings, write me an email if interested.

Rules for writing secure code

SEI CERT Oracle Coding Standard for Java is a my goto source of rules for writing secure code in Java. There is also book version.

Others

“No one in the brief history of computing has ever written a piece of perfect software. It’s unlikely that you’ll be the first.” - Andy Hunt source