OSGi has gained popularity over the last two years. The platform has some very interesting features like versioning, dynamic updates and it's service oriented nature. These characteristics however come with a price. A firm understanding of how and why OSGi works how it works, is a necessity if you plan on getting into OSGi.
This talk will start with some basic principals on the java platform and will gradually move towards the OSGi infrastructure explaining the OSGi fundamentals. The following topics will be covered:
* Classloading in OSGi
* Lifecycle management of OSGi bundles
* OSGi Service, the service registry and service composition models
Afterwards, we will explain the generally accepted best practices and OSGi design patterns.
A (very) quick introduction to OSGi for Java developers. These slides are meant to be a quick overview of the technology and make you understand how useful it can be.
The talk is introduction to OSGi specification and its implementations. It summarizes corner stones of OSGi (bundles, services, components) and describes a technical background of OSGi implementations on a simple example.
OSGi has gained popularity over the last two years. The platform has some very interesting features like versioning, dynamic updates and it's service oriented nature. These characteristics however come with a price. A firm understanding of how and why OSGi works how it works, is a necessity if you plan on getting into OSGi.
This talk will start with some basic principals on the java platform and will gradually move towards the OSGi infrastructure explaining the OSGi fundamentals. The following topics will be covered:
* Classloading in OSGi
* Lifecycle management of OSGi bundles
* OSGi Service, the service registry and service composition models
Afterwards, we will explain the generally accepted best practices and OSGi design patterns.
A (very) quick introduction to OSGi for Java developers. These slides are meant to be a quick overview of the technology and make you understand how useful it can be.
The talk is introduction to OSGi specification and its implementations. It summarizes corner stones of OSGi (bundles, services, components) and describes a technical background of OSGi implementations on a simple example.
Java and in particular OSGi are now very important parts of the Notes/Domino app dev model. In this session, you will learn what techniques can be utilized to process background jobs for XPages applications. Whether you want to replace your existing agents with Domino OSGi Tasklet Services (DOTS) or use Eclipse Jobs to run time-consuming routines without interrupting the use of your application - we will show you real life examples of why and how. You should also consider attending this session to hear about some suprises you don't want to miss...
Make JSF more type-safe with CDI and MyFaces CODIos890
These slides show how to use type-safe mechanisms provided by MyFaces CODI for developing JSF applications which are more type-safe and easier to maintain.
http://2012.con-fess.com/sessions/-/details/136/MyFaces-CODI-and-JBoss-Seam3-become-Apache-DeltaSpike is the next part with more details about MyFaces CODI and Apache DeltaSpike at
Apache, osgi and karaf par Guillaume NodetNormandy JUG
Vous avez entendu parler de OSGi (ou pas d’ailleurs), vous aimeriez que l’on vous explique ce que c’est et à quoi cela sert ?
Vous voudriez savoir comment on participe à des projets Open-Source, comment on devient acteur au sein de la fondation Apache ?
Vous avez lu l’excellent article d’Octo de la semaine dernière sur Camel, mais vous n’avez pas tout compris ou voulez en savoir plus ?
Ou tout simplement vous voudriez avoir une présentation de la solution OSGi d’Apache : Karaf ?
Middleware Security for Apache CXF, Camel, ActiveMQ and Karaf as well as others continue to be an ongoing concern especially around Authentication, Authorization, Data at Rest and Data in Transit. The session will include a presentation and demonstrations of implementing Authentication (AuthN) and Authorization (AuthZ) as well as other security topics.
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...Mark West
Is your project dragging you down? Are you stuck with the same old technologies? Are you bored with coding? If you answer “yes” to any of these questions, you may have lost your coding mojo—just like this session’s speaker did a few years back. Come hear how he learned new technologies and rediscovered his coding mojo by building an IoT/robotics prototype: a voice-controlled robot. Along the way, you’ll hear about HTML5 speech recognition, controlling hardware with Node.js and Johnny-Five, using WebSocket and MQTT for communication between components, and finally how you can easily combine the Raspberry Pi and Arduino platforms to gain ultimate power over your own projects.
MyFaces CODI and JBoss Seam3 become Apache DeltaSpikeos890
These slides show how to use type-safe mechanisms provided by MyFaces CODI for developing JSF applications which are more type-safe and easier to maintain as well as common pitfalls. Beyond that there is an basic overview of Apache DeltaSpike.
Use Case: Building OSGi Enterprise Applications (QCon 14)Carsten Ziegeler
Use Case presentation from QCon 14. It presents the migration of Adobe's Experience Manager (formerly Communique) to OSGi. Common pitfalls and solutions are presented based on open source solutions from the Apache Software Foundation
Modern applications and software solutions increasingly center around loosely coupled and extensible architectures. Component or Service orientation is applied in almost all areas of application development including distributed systems, ubiquitous computing, embedded systems, and client-side applications.
The Java based OSGi framework specification lends itself well as a platform for loosely coupled and extensible applications and is rapidly gaining ground as the de-facto plugin solution for Java based applications. It allows for lightweight implementations that limit themselves to the CDC profile and are ideally suited as embedded plugin frameworks.
One of the main drawbacks of dynamically extensible applications, however, are the potential security issues that arise due to executing untrusted code without appropriated safety-measures in place. Secure sandboxes and their restrictions are difficult to get right and often hard to deal with in the development of applications. The OSGi specifications have an extensive and very powerful security model that eases this difficult task.
This presentation focuses on embedding various OSGi framework implementations namely, Eclipse Equinox and Apache Felix, into applications as a means of plugin mechanism while taking advantage of the often overlooked benefits of this solution: security.
What is svn?
how svn works ?
diagram of SVN ?
Merging with SVN ?
Conflict With SVN ?
Checkout and Checkin ,update ,branch , tags ?
what is version control "?
SVN file directory ?
Directories locked in Tags ?
Java and in particular OSGi are now very important parts of the Notes/Domino app dev model. In this session, you will learn what techniques can be utilized to process background jobs for XPages applications. Whether you want to replace your existing agents with Domino OSGi Tasklet Services (DOTS) or use Eclipse Jobs to run time-consuming routines without interrupting the use of your application - we will show you real life examples of why and how. You should also consider attending this session to hear about some suprises you don't want to miss...
Make JSF more type-safe with CDI and MyFaces CODIos890
These slides show how to use type-safe mechanisms provided by MyFaces CODI for developing JSF applications which are more type-safe and easier to maintain.
http://2012.con-fess.com/sessions/-/details/136/MyFaces-CODI-and-JBoss-Seam3-become-Apache-DeltaSpike is the next part with more details about MyFaces CODI and Apache DeltaSpike at
Apache, osgi and karaf par Guillaume NodetNormandy JUG
Vous avez entendu parler de OSGi (ou pas d’ailleurs), vous aimeriez que l’on vous explique ce que c’est et à quoi cela sert ?
Vous voudriez savoir comment on participe à des projets Open-Source, comment on devient acteur au sein de la fondation Apache ?
Vous avez lu l’excellent article d’Octo de la semaine dernière sur Camel, mais vous n’avez pas tout compris ou voulez en savoir plus ?
Ou tout simplement vous voudriez avoir une présentation de la solution OSGi d’Apache : Karaf ?
Middleware Security for Apache CXF, Camel, ActiveMQ and Karaf as well as others continue to be an ongoing concern especially around Authentication, Authorization, Data at Rest and Data in Transit. The session will include a presentation and demonstrations of implementing Authentication (AuthN) and Authorization (AuthZ) as well as other security topics.
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...Mark West
Is your project dragging you down? Are you stuck with the same old technologies? Are you bored with coding? If you answer “yes” to any of these questions, you may have lost your coding mojo—just like this session’s speaker did a few years back. Come hear how he learned new technologies and rediscovered his coding mojo by building an IoT/robotics prototype: a voice-controlled robot. Along the way, you’ll hear about HTML5 speech recognition, controlling hardware with Node.js and Johnny-Five, using WebSocket and MQTT for communication between components, and finally how you can easily combine the Raspberry Pi and Arduino platforms to gain ultimate power over your own projects.
MyFaces CODI and JBoss Seam3 become Apache DeltaSpikeos890
These slides show how to use type-safe mechanisms provided by MyFaces CODI for developing JSF applications which are more type-safe and easier to maintain as well as common pitfalls. Beyond that there is an basic overview of Apache DeltaSpike.
Use Case: Building OSGi Enterprise Applications (QCon 14)Carsten Ziegeler
Use Case presentation from QCon 14. It presents the migration of Adobe's Experience Manager (formerly Communique) to OSGi. Common pitfalls and solutions are presented based on open source solutions from the Apache Software Foundation
Modern applications and software solutions increasingly center around loosely coupled and extensible architectures. Component or Service orientation is applied in almost all areas of application development including distributed systems, ubiquitous computing, embedded systems, and client-side applications.
The Java based OSGi framework specification lends itself well as a platform for loosely coupled and extensible applications and is rapidly gaining ground as the de-facto plugin solution for Java based applications. It allows for lightweight implementations that limit themselves to the CDC profile and are ideally suited as embedded plugin frameworks.
One of the main drawbacks of dynamically extensible applications, however, are the potential security issues that arise due to executing untrusted code without appropriated safety-measures in place. Secure sandboxes and their restrictions are difficult to get right and often hard to deal with in the development of applications. The OSGi specifications have an extensive and very powerful security model that eases this difficult task.
This presentation focuses on embedding various OSGi framework implementations namely, Eclipse Equinox and Apache Felix, into applications as a means of plugin mechanism while taking advantage of the often overlooked benefits of this solution: security.
What is svn?
how svn works ?
diagram of SVN ?
Merging with SVN ?
Conflict With SVN ?
Checkout and Checkin ,update ,branch , tags ?
what is version control "?
SVN file directory ?
Directories locked in Tags ?
Have you found yourself wondering how to take advantage of what you have developed in the past for current or future projects? Are you tired of copying/pasting then adapting from your previous projects to the new ones? Start developing for the future and contribute to others by developing libraries and sharing them for use. Where do you start? You’ll be guided through this tutorial step by step to include security, tests and all the factors you need to consider when building a library.
A soup to nuts presentation on using Composer and repository servers to manage and leverage shared code libraries for personal projects to the largest enterprise.
Composer has triggered a renaissance in the PHP community, it has changed the way we deal with other people’s code and it has changed the way we share our code. We are all slowly moving to using Composer, from Wordpress to Joomla and Drupal and frameworks in between. But many of us mistreat composer, follow outdated practices or simply lack a few tricks. In this session i’ll get you the low down on how to use composer the right way.
Composer has triggered a renaissance in the PHP community, it has changed the way we deal with other people’s code and it has changed the way we share our code. We are all slowly moving to using Composer, from Wordpress to Joomla and Drupal and frameworks in between. But many of us mistreat composer, follow outdated practices or simply lack a few tricks. In this session i’ll get you the low down on how to use composer the right way.
Composer has triggered a renaissance in the PHP community, it has changed the way we deal with other people’s code and it has changed the way we share our code. We are all slowly moving to using Composer, from Wordpress to Joomla and Drupal and frameworks in between. But many of us mistreat composer, follow outdated practices or simply lack a few tricks. In this session i’ll get you the low down on how to use composer the right way.
Composer has triggered a renaissance in the PHP community, it has changed the way we deal with other people’s code and it has changed the way we share our code. We are all slowly moving to using Composer, from Wordpress to Joomla and Drupal and frameworks in between. But many of us mistreat composer, follow outdated practices or simply lack a few tricks. In this session i’ll get you the low down on how to use composer the right way.
Composer has triggered a renaissance in the PHP community, it has changed the way we deal with other people’s code and it has changed the way we share our code. We are all slowly moving to using Composer, from Wordpress to Joomla and Drupal and frameworks in between. But many of us mistreat composer, follow outdated practices or simply lack a few tricks. In this session i’ll get you the low down on how to use composer the right way.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
45. Questions & Answers Neil Bartlett Weigle Wilczek UK http://neilbartlett.name/blog Mirko Jahn InterComponentWare AG, Germany http://osgi.mjahn.net ?
Editor's Notes
Change as inevitable part of life and of course software development.
Well, you’ll never get bored.
Only solution is to embrace change and expect it! It will hunt you down otherwise!!! Where are we right now? Let’s see what others are doing
“ Manifest” compiled into the assembly Versioning: Major.Minor.Build.Revision (no strings, only integers separated by dot) Assembly Binding -> Application Domain with all dependencies declared on a fixed version or no version at all(for development). Only version ranges known are redirects on machine + configuration file level ApplicationDomains as the only way to use different versions of the same dll, but then you have to use inter process communication Assembly cache is pretty much the same as a java class path (no multiple version support)
SOA in the JVM to better explain the importance of services. If no version is given, the default 0.0.0 is taken.
Introduce the use case scenario
The bundles can be downloaded for testing from github: http://github.com/mirkojahn/OSGiVersioningTutorial/downloads Simple API as the basis of the discussion. DictionaryService will be exposed as a service in this example and we will see, how the evolution of this API affect the runtime when deploying multiple versions simultaneously in a special order. Diagram: http://yuml.me/diagram/class/[Dictionary||+getLanguage();+check(String){bg:cornsilk}]0..*-0..*+[DictionaryService||+registerDictionary(Dictionary);+unregisterDictionary(Dictionary);+check(String){bg:cornsilk}]
Point out: Separation in API and impl (maybe just introduce that in version 1.1.0 and just import your exports?) Import your exports not necessary in this distinct case, because the API is provided separately. Console/Client bundle to show the output Point out the different version dependencies between consumer and implementer of the API: Implementation dependencies on minor User dependencies on major Workflow: resolve dictionary.api resolve dictionary.impl resolve cl.client start dictionary.impl (service gets published) start cl.client (consumes service (and publishes the console service))
Same API as before, but this time the DictionaryService got a new method to also take the language as an argument. Diagram: http://yuml.me/diagram/class/[Dictionary||+getLanguage();+check(String){bg:cornsilk}]0..*-0..*+[DictionaryService||+registerDictionary(Dictionary);+unregisterDictionary(Dictionary);+check(String);+check(String String){bg:cornsilk}]
Point out: Step one: new bundles are introduced Step two: the new impl. can theoretically be bound to the new and old api Step three: the new dictionary.impl bundle registers the service (and exposes either the old or the new API) Step four: The new cl.client can only resolve to the new API (it relies on the new method). Depending on the resolution, the client might be able to bind to the new service registered. Step five: after refresh packages the old client can bind to the new or old api (there is a difference on calling refreshPackages on all or just on the cl.client bundle!!! Try it to figure this out ;-)) Depending on what it is bound to it might no longer be able to bind to the “old” client or it might be able to track the new service as well now!
API vs. Impl. Vs. Consumer Versioning Syntactic vs. semantic incompatibilities (API tests as potential solution) Method/ property shadowing Dependency influence on versioning Wrong versioned artifacts Not linear version parsing/interpretation (always take the latest bugfix, but the minimal Minor/Major version possible)
How to create Manifest files and manage bundle creation
Most people didn’t like the default
Received a high vote in favor by the audience
The vote on the audience was more resistant, pro and cons equaled out and many didn’t vote at all.
How to create Manifest files and manage bundle creation
Signed bundles as a good way to identify the provider or assurance level on the quality. Revocation can be similarly implemented like with CRLs for browsers.
How to create Manifest files and manage bundle creation
< _plugin > aQute. lib .spring.SpringComponent </ _plugin > is interesting when you would like to analyse Spring DM configuration files as well.
Bundlor Website: http://www.springsource.org/bundlor Bundlor Introduction: http://blog.springsource.com/2009/03/20/getting-started-with-bundlor/ Bundlor in Eclipse: http://blog.springsource.com/2009/03/26/using-bundlor-in-eclipse/ Contributing to the SpringSource Enterprise Bundle Repository: http://www.springsource.org/repository/contribute OSGi Profiles: http://blog.springsource.com/2009/05/18/using-an-osgi-profile-with-bundlor/
Sample taken from: http://blog.springsource.com/2009/03/18/our-plans-for-building-osgi-applications/
Website: http://www.eclipse.org
PDE API Tools Homepage - http://www.eclipse.org/pde/pde-api-tools/ PDE User Guide - http://wiki.eclipse.org/PDE/API_Tools/User_Guide
PDE API Tools Homepage - http://www.eclipse.org/pde/pde-api-tools/ PDE User Guide - http://wiki.eclipse.org/PDE/API_Tools/User_Guide
Homepage: http://sourceforge.net/projects/javadiff/ Because of the lack of OSGi support, all classes within the bundle get analyzed, and too many results pop up. A limitation to the exported packages would be better (which is manually configurable, but a big cumbersome)
Remember!!! All presented here might sound like a lot of issues, but this is the price you pay when leading development. We reached with OSGi a level of componentization, no other technology has achieve yet, so it is obvious that we are facing new challenges. As they say, for one problem you solve, you’re most likely creating various new ones and that is exactly what we have right now.