|
|
| Goplat [Goplat!~Goplat@reactos/developer/Goplat] has joined ##java |
[12:01]
|
| Janhouse [Janhouse!~Janhouse@torch.id.lv] has joined ##java |
[12:05]
|
| RedSoxFan07 [RedSoxFan07!~Thunderbi@d-137-103-109-45.ct.cpe.atlanticbb.net] has joined ##java |
[12:13]
|
| veegee [veegee!~veegee@ipagstaticip-3d3f7614-22f3-5b69-be13-7ab4b2c585d9.sdsl.bell.ca] has joined ##java |
[12:22]
|
| DiabloD3 [DiabloD3!foobar@exelion.net] has joined ##java |
[12:30]
|
| top^ [top^!~prashant@122.160.111.65] has joined ##java |
[12:33]
|
| djhworld [djhworld!~djhworld@90.240.229.47] has joined ##java |
[12:39]
|
| Diablo-D3 [Diablo-D3!foobar@exelion.net] has joined ##java |
[12:41]
|
| g00s [g00s!~g00s@unaffiliated/g00s] has joined ##java |
[12:43]
|
| Diablo-D3 [Diablo-D3!foobar@exelion.net] has joined ##java |
[12:51]
|
| led_dark_1 [led_dark_1!~Thunderbi@217.66.160.14] has joined ##java |
[01:04]
|
| sauvin [sauvin!sauvin@about/linux/staff/sauvin] has joined ##java |
[01:06]
|
| sameerynho [sameerynho!~lxsameer@unaffiliated/lxsameer] has joined ##java |
[01:08]
|
| exmortus [exmortus!darkstarde@gateway/vpn/privateinternetaccess/darkstardevx] has joined ##java |
[01:12]
|
| rudrab [rudrab!~rudrab@14.139.59.140] has joined ##java |
[01:21]
|
| Chuguniy [Chuguniy!~Chuguniy@80.232.218.96] has joined ##java |
[01:27]
|
| immibis [immibis!~immibis@222-153-90-196-fibre.sparkbb.co.nz] has joined ##java |
[01:31]
|
| OnceMe [OnceMe!~OnceMe@unaffiliated/onceme] has joined ##java |
[01:42]
|
| kn0bl3 [kn0bl3!~kn0bl3@gateway/tor-sasl/kn0bl3] has joined ##java |
[01:43]
|
| g00s [g00s!~g00s@unaffiliated/g00s] has joined ##java |
[01:43]
|
| palasso [palasso!~palasso@unaffiliated/palasso] has joined ##java |
[01:44]
|
| null1337 [null1337!~WhoAmI@207.189.30.224] has joined ##java |
[01:45]
|
| rudrab [rudrab!~rudrab@14.139.59.140] has joined ##java |
[01:56]
|
| rudrab [rudrab!~rudrab@14.139.59.140] has joined ##java |
[01:57]
|
| AMcBain [AMcBain!~Art@047-006-242-094.res.spectrum.com] has joined ##java |
[01:57]
|
| kn0bl3_ [kn0bl3_!~kn0bl3@gateway/tor-sasl/kn0bl3] has joined ##java |
[01:59]
|
| Diablo-D3 [Diablo-D3!foobar@exelion.net] has joined ##java |
[02:00]
|
| Zee- [Zee-!~Zee-@94.189.43.76] has joined ##java |
[02:16]
|
| Muzer [Muzer!~muzer@tim32.org] has joined ##java |
[02:17]
|
| null1337 [null1337!~WhoAmI@c-73-203-123-117.hsd1.co.comcast.net] has joined ##java |
[02:26]
|
| Muzer [Muzer!~muzer@tim32.org] has joined ##java |
[02:41]
|
| Matthijs [Matthijs!~quassel@unaffiliated/matthijs] has joined ##java |
[02:53]
|
| g00s [g00s!~g00s@unaffiliated/g00s] has joined ##java |
[02:56]
|
| ravenousmoose [ravenousmoose!~ravenousm@194.78.35.195] has joined ##java |
[03:17]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[03:21]
|
| progart [progart!~kamee@5.77.254.89] has joined ##java |
[03:26]
|
| null1337 [null1337!~WhoAmI@c-73-203-123-117.hsd1.co.comcast.net] has joined ##java |
[03:26]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[03:27]
|
| AMcBain [AMcBain!~Art@047-006-242-094.res.spectrum.com] has joined ##java |
[03:30]
|
| Secret-Fire [Secret-Fire!~Secret-Fi@71-34-100-125.ptld.qwest.net] has joined ##java |
[03:45]
|
| sbalmos [sbalmos!~sbalmos@2605:a000:1304:8078:8d69:9fa4:e381:2af4] has joined ##java |
[03:50]
|
| exonity01 [exonity01!uid364582@gateway/web/irccloud.com/x-vkfshxsjawyqcsuj] has joined ##java |
[03:51]
|
| xa0s_ [xa0s_!xa0s@sdf.org] has joined ##java |
[03:53]
|
| yawkat |
now that i think about it further, what actually *is* the suggested crypto_secretbox "replacement" using only the java stdlib? |
[03:53]
|
| sonOfRa |
I'd go with GCM, Random nonce, and prepend. |
[03:54]
|
| adder` [adder`!~adder@gateway/tor-sasl/adder] has joined ##java |
[03:54]
|
| sonOfRa |
Also eating my words right now, I expected a much worse response (if jsondb is what we're talking about) |
[03:55]
|
| yawkat |
oh yea, i forgot about gcm. |
[03:55]
|
| yawkat |
same |
[03:55]
|
| yawkat |
my suggestion would have been AES-CTR, no padding, + HMAC-SHA256, but then you get a key derivation mess |
[03:55]
|
| yawkat |
let me see how gcm is used in java |
[03:55]
|
| yawkat |
https://gist.github.com/praseodym/f2499b3e14d872fe5b4a looks secure |
[03:58]
|
| sonOfRa |
yeah I was looking at that as well |
[03:58]
|
| surial |
Given: @FunctionalInterface interface NumberProcessor<T extends Number> { int process(T in); }.... and an impl: go((Integer x) -> 5);. Is there any way for the go method to figure out that the passed-in lambda explicitly picked 'Integer' as bound for T there> |
[03:59]
|
| surial |
yawkat: yeah was not expecting 'oh fuck yeah my bad will fix thx'. as response to this one. |
[04:00]
|
| yawkat |
surial: well, it's erased, but you can find out with some black magic i believe |
[04:00]
|
| Chewtoy [Chewtoy!~Chewtoy@unaffiliated/chewtoy] has joined ##java |
[04:00]
|
| surial |
yawkat: well, tell me the black magic. |
[04:00]
|
| surial |
I tried passedInLambda.getClass().getMethods() but it's just 'Number' from there, even though pIL.getClass().toString() is voodoo$blahblah/LAMBDA$0... |
[04:01]
|
| yawkat |
surial: you could make the interface serializable and look at the serialized form. you could also introspect the generated bytecode, i believe |
[04:01]
|
| surial |
kinda ran out of black magic options from there. I also tried a public default Class<T> get() { this.getClass().getGenericInterfaces().... } line, but the generic interface is just the raw interface (as in, I get an array with 1 element in it, and that element's type is j.l.Class. |
[04:02]
|
| surial |
yawkat: oh, okay, real fucking voodoo you meant. A'ight. |
[04:02]
|
| surial |
Perhaps that's going a little far. I already found calling .getClass() on a lambda distasteful, but I guess making it serializable and actually serializing the damn thing, that's beyond distasteful and into the 'I dont care how much uglier the API becomes.. do NOT go there'. |
[04:03]
|
| surial |
yawkat: you're crafting an answer to @FarooqKhan I assume? |
[04:03]
|
| Jantz [Jantz!~IceChat9@2407:7000:8d04:100:ad7c:76b6:43fd:10e4] has joined ##java |
[04:04]
|
| surial |
fun fact: Trying to google for what 'EAV' means is fuckign impossible. |
[04:04]
|
| Me4502 [Me4502!~Me4502@unaffiliated/me4502] has joined ##java |
[04:05]
|
| yawkat |
this is my answer: https://github.com/Jsondb/jsondb-core/issues/19#issuecomment-503922783 |
[04:05]
|
| yawkat |
yawkat's title: "Insecure default cipher Issue #19 Jsondb/jsondb-core GitHub" |
[04:05]
|
| yawkat |
surial: IND-EAV is indistinguishability under an eavesdropper. i.e., an attacker may pick two plaintexts and gets a ciphertext back, and must decide which plaintext was encrypted. |
[04:06]
|
| surial |
EAVesdropper. I see. |
[04:07]
|
| sonOfRa |
yawkat: Might want to add something about them having to store the nonce; some format like b64'nonce:b64'ciphertext |
[04:07]
|
| sonOfRa |
And then split the b64 messes on :, extract both sides, and start the decryption. This kind of thing is often not obvious, which is the *reason* why people reuse static fixed nonces |
[04:07]
|
| surial |
The problem is the API. |
[04:08]
|
| surial |
The API is 'pass in a key and some text to encrypt'. |
[04:08]
|
| surial |
Well, no, okay, you can make this work: Return some formatted concept which includes both an IV and the resulting ciphertext. |
[04:09]
|
| surial |
then the API 'pass in a key and some output of the encrypt function and I will decrypt it' can also be written. |
[04:09]
|
| surial |
The API here is 'String encrypt(String plainText)' on an object that is created however you like, but this specific impl requires an encryptionKey and charset. The returned string is a base64-encoded array. Thus, you have the flexibility to include an IV in there too. |
[04:11]
|
| surial |
presumably the returned data can be any length and the only rule is: If you feed that string to the 'decrypt' method it should 'just work' and get you your original text back. |
[04:11]
|
| acidjnk [acidjnk!~acid@i577BCACF.versanet.de] has joined ##java |
[04:12]
|
| surial |
yawkat: the above would require a bit of a rejigger on how this method works; right now it initializes the ciper in the constructor. That must be removed; instead, the constructor should just store the key and that's that. The encrypt method crafts a new cipher, a new key, randoms up an IV, encrypts the input data, constructs a byte array combining the randomed IV and the result of the cipher run, base64s that, and returns that. |
[04:13]
|
| surial |
yawkat: that takes care of the IV. Next was that AEAD thing.. how did that go? |
[04:13]
|
| surial |
s/crafts a new cipher, a new key/constructs a new Cipher object, can re-use the SecretKeySpec created in the constructor,/ |
[04:13]
|
| sonOfRa |
There's no additional data here, so a doFinal(completeInput) is sufficient |
[04:14]
|
| surial |
yawkat, sonOfRa: The only other change you are advicing is to rip out CBC and replace it with GCM, right? Security wise all that does is prevent padding oracle attacks but that's a win. Am I missing anything else? |
[04:15]
|
| sonOfRa |
You also abort decryption if the ciphertext was tampered with |
[04:15]
|
| surial |
Does java11 ship with GCM built in? |
[04:16]
|
| sonOfRa |
That is, there is a decryption error if the tag doesn't match the ciphertext |
[04:16]
|
| sonOfRa |
Java 8 does |
[04:16]
|
| sonOfRa |
So probably yes |
[04:16]
|
| surial |
great. |
[04:16]
|
| sonOfRa |
surial: basically if I flip a few bits in the ciphertext with the current construction, it will happily decrypt and yield garbage plaintext |
[04:16]
|
| surial |
Okay, so, GCM output is larger than? |
[04:16]
|
| surial |
s/than/then? |
[04:16]
|
| sonOfRa |
If I flip some bits in GCM, without knowing the secret key, I can't flip the appropriate bits in the tag. Encryption will fail |
[04:17]
|
| surial |
pigeon hole principle dictates that if the output is as large as the input is (excluding padding shenanigans, assume input is aligned), then it is impossible to detect either the wrong key or garbage ciphertext. |
[04:17]
|
| surial |
so, either what you're saying is mathematically impossible, or, GCM output is larger than the input. which is fine, of ocurse. Just checking. |
[04:17]
|
| sonOfRa |
Yes |
[04:18]
|
| toytoy [toytoy!~toytoy@unaffiliated/t0yt0y] has joined ##java |
[04:20]
|
| surial |
forked it, gonna write the update just for some experimenting. |
[04:20]
|
| sonOfRa |
yawkat: does one generally use any specific SecureRandom implementation? I've just been using the no-arg constructor, assuming it'd be using /dev/urandom |
[04:23]
|
| null1337 [null1337!~WhoAmI@c-73-203-123-117.hsd1.co.comcast.net] has joined ##java |
[04:25]
|
| palasso [palasso!~palasso@unaffiliated/palasso] has joined ##java |
[04:32]
|
| sonOfRa |
surial: re: api, interestingly not even libsodium does this for *secret-key-encryption* |
[04:37]
|
| sonOfRa |
They do it for hybrid encryption with public keys |
[04:37]
|
| karab44 [karab44!~karab44@unaffiliated/karab44] has joined ##java |
[04:39]
|
| sonOfRa |
oh nevermind I see why; the nonce is not *included*, but in the public-key encryption scheme, it can be derived |
[04:39]
|
| Jigsy` [Jigsy`!~Jigsy@unaffiliated/jigsy] has joined ##java |
[04:42]
|
| yawkat |
sonOfRa: i added "The random nonce can simply be prefixed to the final encrypted message. It does not need to be secret." |
[04:42]
|
| yawkat |
as the tag needs to also be predefined-length, i dont see a reason for a more complex format |
[04:43]
|
| sonOfRa |
Oh right, it's all fixed-length, so you don't even need a special separator |
[04:43]
|
| sbalmos1 [sbalmos1!~sbalmos@2605:a000:1304:8078:8d69:9fa4:e381:2af4] has joined ##java |
[04:45]
|
| ravenousmoose [ravenousmoose!~ravenousm@194.78.35.195] has joined ##java |
[04:47]
|
| nav2002 [nav2002!~nav2002@115.110.134.50] has joined ##java |
[04:48]
|
| zonaut [zonaut!~zonaut@d51531c68.static.telenet.be] has joined ##java |
[04:49]
|
| yawkat |
sonOfRa: oh re securerandom, i believe the default constructor makes no guarantees re blocking |
[04:50]
|
| sonOfRa |
The whole "picks whatever provider has the highest prference" is kinda meh |
[04:50]
|
| yawkat |
if you know your target OS, there are native non-blocking prngs, but i think SHA1PRNG is the only cross-platform one |
[04:50]
|
| sonOfRa |
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SecureRandom supposedly you can ask for "NativePRNGNonBlocking" which *sounds* crossplatform |
[04:51]
|
| sonOfRa |
sonOfRa's title: "Standard Algorithm Name Documentation" |
[04:51]
|
| yawkat |
oh yea, thats new to java 8. |
[04:52]
|
| ravenousmoose [ravenousmoose!~ravenousm@194.78.35.195] has joined ##java |
[04:54]
|
| surial |
yawkat: I'm sending a PR with an update. |
[04:58]
|
| yawkat |
surial: how are you doing compatibility? |
[04:58]
|
| yawkat |
deprecate the old class and add a new ICipher? |
[04:58]
|
| surial |
yawkat: I'm debating which SecureRandom to use. Bouncing between new SecureRandom() which makes no guarantees of any sort but it's always there and it tends to be the 'best' option, or explicitly specifying one to ensure a few things, risking that it's suboptimal and/or not available. |
[04:58]
|
| surial |
yawkat: yes. |
[04:58]
|
| yawkat |
i think NativePRNGNonBlocking with fallback to SHA1PRNG is safe |
[04:58]
|
| surial |
yawkat: I'm naming it DefaultCIpher, because hardcoding the precise mode and algo in the impl is a silly idea if the point of the impl is: "This is the simplest thing that'll work for your average case". |
[04:59]
|
| yawkat |
nonce doesnt need to be unpredictable, just unique |
[04:59]
|
| surial |
yawkat: So, SecureRandom.getInstance("NativePRNGNonBlocking"), wrapped in a try/catch for NoSuchAlgorithmException, falling back to SecureRandom.getInstance("SHA1PRNG")... |
[04:59]
|
| yawkat |
surial: imo, DefaultCipher implies ability to change that impl in the future, though - youd need something like a version tag |
[04:59]
|
| surial |
falling back to new SecureRandom? |
[04:59]
|
| yawkat |
surial: you shouldnt need to fall back from SHA1PRNG, it's available always |
[05:00]
|
| sonOfRa |
I'd argue that SHA1PRNG not being present in the JVM *and* native not being present is like UTF8 not being present |
[05:00]
|
| minos_ [minos_!~simonbosm@12-141-145-85.ftth.glasoperator.nl] has joined ##java |
[05:00]
|
| yawkat |
yea pretty much |
[05:00]
|
| sonOfRa |
i.e. this jvm is fucked |
[05:00]
|
| yawkat |
@SneakyThrows it :D |
[05:00]
|
| magz [magz!~magz@68-168-184-223.fttp.usinternet.com] has joined ##java |
[05:01]
|
| sonOfRa |
I'd fall back to just new SecureRandom() if nonblocking isn't present, I doubt it's a thing that will affect many users |
[05:01]
|
| yawkat |
surial: see for example https://guava.dev/releases/23.0/api/docs/com/google/common/hash/Hashing.html - goodFastHash is not compatible across versions |
[05:02]
|
| yawkat |
yawkat's title: "Hashing (Guava: Google Core Libraries for Java 23.0 API)" |
[05:02]
|
| yawkat |
they specify the algorithm explicitly for the compatible cases |
[05:02]
|
| surial |
yawkat: so, like, 'DefaultCipher1'? |
[05:03]
|
| yawkat |
no, i mean a version tag to the ciphertext |
[05:03]
|
| yawkat |
i.e. v1.<base64> |
[05:03]
|
| sonOfRa |
I *would* name it, for sake of compatibility: They already have a @Secret annotation in their codebase with runtime retention |
[05:03]
|
| yawkat |
thatd be the "proper" thing for a "Default" cipher imo |
[05:03]
|
| sonOfRa |
@Secret w/o parameter simply uses a default class defined at compile-time, and *with* a parameter uses the defined class |
[05:04]
|
| progart [progart!~kamee@5.77.254.89] has joined ##java |
[05:12]
|
| royal_screwup21 [royal_screwup21!d98a3b22@gateway/web/cgi-irc/kiwiirc.com/ip.217.138.59.34] has joined ##java |
[05:13]
|
| DrDonkey [DrDonkey!~DrDonkey@unaffiliated/drdonkey] has joined ##java |
[05:13]
|
| surial |
yawkat: Cipher.getInstance("AES/GCM/NoPadding", "SunJCE").init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv)) is failing with an invalid iv, where iv is a byte[] of size 12. also tried 16. |
[05:18]
|
| surial |
what am I doing wrong? The error is useless. just 'this is no good' and that's all I get. |
[05:18]
|
| surial |
notably, if I ask the cipher to make it and then feed it right back to it, same error. |
[05:18]
|
| surial |
that sounds more like a bug in SunJCE. |
[05:18]
|
| yawkat |
surial: for gcm, you must use GCMParameterSpec |
[05:18]
|
| surial |
ohhhh... |
[05:18]
|
| yawkat |
128 bits are a sane value for tag length |
[05:20]
|
| TheWild [TheWild!~Thunderbi@apn-31-2-29-181.dynamic.gprs.plus.pl] has joined ##java |
[05:20]
|
| o-bit [o-bit!69150022@gateway/web/freenode/ip.105.21.0.34] has joined ##java |
[05:21]
|
| zonaut parted the channel: "Leaving" |
[05:25]
|
| sbeex [sbeex!51ddef9a@gateway/web/cgi-irc/kiwiirc.com/ip.81.221.239.154] has joined ##java |
[05:38]
|
| esro [esro!~esro@user119-167.otvarta.com.pl] has joined ##java |
[05:40]
|
| surial |
yawkat: review? https://github.com/Jsondb/jsondb-core/pull/20 |
[05:43]
|
| surial |
surial's title: "Adding a more secure default cipher by rzwitserloot Pull Request #20 Jsondb/jsondb-core GitHub" |
[05:43]
|
| surial |
also improved in passing by ditching the silly locks. |
[05:45]
|
| surial |
the bytebuffer bullcrap is to avoid the creation of 1 potentially large (if large input) array, but, really, this API just does not lend itself to performance in the face of larger inputs, so perhaps that was overkill. |
[05:45]
|
| mayurvpatil [mayurvpatil!~mayurvpat@202.149.218.202] has joined ##java |
[05:46]
|
| Galactus [Galactus!~Galactus@unaffiliated/galactus] has joined ##java |
[05:46]
|
| yawkat |
surial: GCMParameterSpec takes the tag length as the first param, for the auth tag, not the iv length |
[05:47]
|
| yawkat |
also 128 bit tag *and* nonce would be better if supported |
[05:47]
|
| surial |
yawkat: okay so I should just hardcode 128 and 16 bytes resp? |
[05:48]
|
| yawkat |
yes, if the jdk supports 16 bytes iv |
[05:48]
|
| surial |
crud, I have other work to do that just came up (server on fire).. I can pick this up later, or you make the updates? |
[05:48]
|
| yawkat |
i'll leave it as a comment if thats ok - have to do my homework |
[05:49]
|
| yawkat |
huh, github has a cool code review feature now. |
[05:51]
|
| sonOfRa |
I wonder why AEADBadTagException is a fucking subclass of BadPaddingException |
[05:59]
|
| sonOfRa |
That's... pretty stupid |
[05:59]
|
| rruizt [rruizt!~rruizt@83-84-23-124.cable.dynamic.v4.ziggo.nl] has joined ##java |
[05:59]
|
| yawkat |
presumably because doFinal throws IllegalBlockSizeException, ShortBufferException, BadPaddingException, and they had to add AEADBadTagException somehow |
[06:02]
|
| sonOfRa |
Oh I guess it would've broken existing code |
[06:02]
|
| Addax |
and couldn't think of a BaseFooException? |
[06:02]
|
| qwedfg [qwedfg!~qwedfg@194.177.28.158] has joined ##java |
[06:02]
|
| sonOfRa |
There's GeneralSecurityException |
[06:03]
|
| sonOfRa |
But doFinal doesn't explicitly throw that, so they had to extend something that doFinal already explicitly throws in order to not break every single user of that API |
[06:03]
|
| yawkat |
thats my guess |
[06:03]
|
| surial |
well, it confused me, thought that couldn't happen there. d'oh. |
[06:04]
|
| sonOfRa |
The java crypto api in general is just... a fucking mess |
[06:04]
|
| Vurtatoo [Vurtatoo!~Vurtatoo@mm-84-242-209-82.adsl.mgts.by] has joined ##java |
[06:05]
|
| gelignite [gelignite!~gelignite@55d4d370.access.ecotel.net] has joined ##java |
[06:05]
|
| sonOfRa |
surial: I don't think it can happen on *encryption*, but it definitely can happen on decryption |
[06:05]
|
| surial |
So, if an AEADBadTagException is thrown, does that mean its the wrong key, or.. that the ciphertext is garbled? |
[06:08]
|
| yawkat |
either |
[06:09]
|
| yawkat |
with normal encryption, when using the wrong key, you get garbled plaintext, with AEAD, you get an authentication failure |
[06:10]
|
| surial |
so, catch (AEAD..) { throw new JsonDBException("Incorrect key for this ciphertext (or ciphertext is corrupted)", e);} |
[06:10]
|
| surial |
I quenched the fire :) |
[06:10]
|
| yawkat |
yea, or tampered with |
[06:10]
|
| surial |
okay, pushed IV_SIZE to 16, edited the tag param from "IV_SIZE*8" to "TAG_SIZE", which is a new constant, value 128. |
[06:10]
|
| surial |
anything else? |
[06:10]
|
| sonOfRa |
That exception just says: "This combination of ciphertext+tag was not created with this key" |
[06:11]
|
| sonOfRa |
It doesn't (and can't) know which is "invalid" |
[06:11]
|
| yawkat |
surial: nothing i can see, the guy will have to see about the other changes i guess |
[06:12]
|
| sonOfRa |
If it *could* tell, that would be a problem, because that would supply information about the correct key to an attacker |
[06:12]
|
| surial |
okay. |
[06:12]
|
| sonOfRa |
I haven't found anything else either |
[06:12]
|
| yawkat |
if only everyone was on java 11, then wed have chacha20 |
[06:13]
|
| surial |
wow, y'all put that on the PR. Well, resolved it all, and added a commit with the updates. |
[06:13]
|
| yawkat |
well you said you had stuff to do :P |
[06:15]
|
| hussam [hussam!uid193284@gateway/web/irccloud.com/x-lebdgidemyswojjv] has joined ##java |
[06:18]
|
| Muzer [Muzer!~muzer@tim32.org] has joined ##java |
[06:27]
|
| donotturnoff [donotturnoff!~isaac@cpc126416-mapp13-2-0-cust85.12-4.cable.virginm.net] has joined ##java |
[06:44]
|
| ogradyd [ogradyd!~Thunderbi@2a02:8070:88bf:9df0:80d2:20d9:8517:b9d6] has joined ##java |
[06:49]
|
| mayurvpatil [mayurvpatil!~mayurvpat@202.149.218.202] has joined ##java |
[06:52]
|
| VegetarianFalcon [VegetarianFalcon!uid258908@gateway/web/irccloud.com/x-wenzttxcwkfqrlgn] has joined ##java |
[07:04]
|
| sbeex |
good morning, I am learning spring and now at my service layer I would like to throw an UnableToSaveUserException when something wrong occured. BUT as it is annotated with @Transactional spring automagically throw an RollbackException or something like that and do not care about my custom exception |
[07:05]
|
| sbeex |
is it a common practice to have every time a method annotated with transaction have a public one without transactional ? |
[07:06]
|
| sbeex |
which catch the transactional exception and then rethrow the one we want ? |
[07:06]
|
| sbeex |
looks a bit.. hacky |
[07:06]
|
| sbeex |
(I try to have ConstraintViolationException throwed as error instead of the Rollbackexception) |
[07:07]
|
| galgamach [galgamach!~galgamach@2a02:587:a0f:3d00:309c:34fa:12bc:afc6] has joined ##java |
[07:24]
|
| themsay [themsay!~themsay@149.254.234.147] has joined ##java |
[07:27]
|
| OnceMee [OnceMee!~OnceMe@unaffiliated/onceme] has joined ##java |
[07:34]
|
| mr_lou [mr_lou!~misthalos@085083080213.dynamic.telenor.dk] has joined ##java |
[07:35]
|
| tardybaker [tardybaker!~onthelawn@unaffiliated/tardybaker] has joined ##java |
[07:35]
|
| themsay [themsay!~themsay@149.254.234.147] has joined ##java |
[07:36]
|
| pioto [pioto!~pioto@unaffiliated/pioto] has joined ##java |
[07:39]
|
| omonk [omonk!~omonk@unaffiliated/omonk] has joined ##java |
[07:43]
|
| Velgor [Velgor!~Velgor@HSI-KBW-109-193-081-230.hsi7.kabel-badenwuerttemberg.de] has joined ##java |
[07:44]
|
| Jantz [Jantz!~IceChat9@2407:7000:8d04:100:ad7c:76b6:43fd:10e4] has joined ##java |
[07:46]
|
| pragma- [pragma-!~chaos@unaffiliated/pragmatic-chaos] has joined ##java |
[08:01]
|
| pragma- |
lol, only 471 nicks here |
[08:02]
|
| pragma- |
make that 470 |
[08:02]
|
| pragma- parted the channel: "Bye!" |
[08:02]
|
| srm [srm!~srm@unaffiliated/srm] has joined ##java |
[08:02]
|
| Muzer [Muzer!~muzer@tim32.org] has joined ##java |
[08:14]
|
| surial |
yes, 'lol |
[08:18]
|
| CookieM [CookieM!~tomek@afas131.neoplus.adsl.tpnet.pl] has joined ##java |
[08:18]
|
| toytoy [toytoy!~toytoy@unaffiliated/t0yt0y] has joined ##java |
[08:20]
|
| duckpuppy [duckpuppy!~duckpuppy@h243.193.140.67.dynamic.ip.windstream.net] has joined ##java |
[08:22]
|
| odinsbane |
When I close my swing app from intellij, it clears the clipboard of anything I copied from the swing app. Is this expected behavior? |
[08:34]
|
| yawkat |
linux? |
[08:35]
|
| odinsbane |
Yes, centos 7 + gnome. |
[08:35]
|
| yawkat |
i have the same issue for basically all applications on linux. |
[08:35]
|
| TheWild [TheWild!~Thunderbi@apn-31-2-29-181.dynamic.gprs.plus.pl] has joined ##java |
[08:37]
|
| odinsbane |
I must have only noticed because I constantly restart the app I am working on. |
[08:38]
|
| yawkat |
year of the linux desktop |
[08:41]
|
| Addax |
hey, don't put down linux, the linux users might hear you |
[08:43]
|
| yawkat |
im a linux user, im allowed to |
[08:44]
|
| odinsbane |
it's a security feature. |
[08:44]
|
| omonk [omonk!~omonk@unaffiliated/omonk] has joined ##java |
[08:47]
|
| donofrio [donofrio!~donofrio@host-232.subnet-17.med.umich.edu] has joined ##java |
[08:53]
|
| selckin |
its how clipboard works, on paste you ask the app for the content, can be in different data formats, can ask for text or images etc, gnome/kde etc usually have clipboard app that "cashes" it etc |
[08:56]
|
| selckin |
so not a java thing |
[08:56]
|
| yawkat |
selckin++ always wanted to know why. |
[08:58]
|
| yawkat |
selckin has a karma level of 95, yawkat |
[08:58]
|
| conan [conan!~conan@mdproctor.plus.com] has joined ##java |
[09:02]
|
| odinsbane |
In nashorn, you can access java classes via, java.lang.ClassName, can I do that with other packages? |
[09:12]
|
| odinsbane |
Otherwise I have to use Java.type("fully.qualified.ClassName"); |
[09:12]
|
| odinsbane |
Essentially, I want a package as an object. |
[09:15]
|
| Addax |
I am not thinking that is how any of it works |
[09:17]
|
| cheeser |
what does even mean? "package as an object?" |
[09:18]
|
| odinsbane |
Right, Java is an object that you can use to access java.lang classes. |
[09:18]
|
| themsay [themsay!~themsay@149.254.234.147] has joined ##java |
[09:21]
|
| odinsbane |
Sorry, I can access java.lang.Thread by default. I cannot just use Thread though. I can access other packages via ImageProcessor = Java.type("ij.process.ImageProcessor"); it would be convenient if I could just use ij.process.ImageProcessor without using the Java.type. If I print(java) it shows up as a [JavaPackage java] for whatever that's worth. |
[09:23]
|
| tuskkk____ [tuskkk____!uid18470@gateway/web/irccloud.com/x-pofiptwnwvxszqvp] has joined ##java |
[09:25]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[09:26]
|
| HumanG33k [HumanG33k!~HumanG33k@62.147.242.8] has joined ##java |
[09:27]
|
| mindCrime [mindCrime!~mindCrime@cpe-98-27-55-10.nc.res.rr.com] has joined ##java |
[09:28]
|
| matsurago [matsurago!~matsurago@240b:10:b3a1:1700:e835:ad7a:ec6f:cd9e] has joined ##java |
[09:30]
|
| HumanG33k [HumanG33k!~HumanG33k@62.147.242.8] has joined ##java |
[09:31]
|
| nav2002 [nav2002!~nav2002@27.7.7.120] has joined ##java |
[09:34]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[09:43]
|
| plarsen [plarsen!~plarsen@redhat/jboss/pdpc.professional.plarsen] has joined ##java |
[09:46]
|
| plarsen [plarsen!~plarsen@redhat/jboss/pdpc.professional.plarsen] has joined ##java |
[09:50]
|
| Human_G33k [Human_G33k!~HumanG33k@62.147.242.8] has joined ##java |
[09:50]
|
| omonk [omonk!~omonk@unaffiliated/omonk] has joined ##java |
[09:52]
|
| Brainium [Brainium!~brainium@unaffiliated/brainium] has joined ##java |
[09:56]
|
| hypc1 [hypc1!~Thunderbi@61.161.201.194] has joined ##java |
[10:01]
|
| LearnAllTheTime [LearnAllTheTime!~LearnAllT@2600:1700:e560:21e0:80df:ddfb:691:1872] has joined ##java |
[10:01]
|
| greggerz [greggerz!~greggerz@unaffiliated/greggerz] has joined ##java |
[10:11]
|
| LSCody [LSCody!~textual@pool-96-246-175-233.nycmny.fios.verizon.net] has joined ##java |
[10:15]
|
| d10n-work [d10n-work!uid37161@gateway/web/irccloud.com/x-gcwgjtlyuqsxfmfv] has joined ##java |
[10:16]
|
| fotato |
uh.... https://www.programiz.com/java-programming/packages-import |
[10:16]
|
| fotato |
fotato's title: "Java Packages and How to import them?" |
[10:16]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[10:17]
|
| surial |
fotato: odinsbane is talking about nashorn (javascript) |
[10:17]
|
| odinsbane |
wow, just knocked out a long standing bug. |
[10:32]
|
| Zarthus |
it feels great to fix bugs from like 2010-2015 |
[10:34]
|
| IRCNew [IRCNew!~Elrick@76-10-173-219.dsl.teksavvy.com] has joined ##java |
[10:34]
|
| dez [dez!uid92154@fedora/deSouza] has joined ##java |
[10:36]
|
| toytoy [toytoy!~toytoy@unaffiliated/t0yt0y] has joined ##java |
[10:36]
|
| kegster [kegster!~kegster@unaffiliated/kegster] has joined ##java |
[10:37]
|
| toytoy [toytoy!~toytoy@unaffiliated/t0yt0y] has joined ##java |
[10:38]
|
| RedSoxFan07 [RedSoxFan07!~Thunderbi@d-137-103-109-45.ct.cpe.atlanticbb.net] has joined ##java |
[10:39]
|
| elm_ [elm_!~elm@2a02:1748:dd4d:5880:64a6:117f:e086:9f20] has joined ##java |
[10:41]
|
| elm_ |
I want to have an InputStream with custom data fetched and modified from another InputStream |
[10:42]
|
| elm_ |
Is there a simple way to do this |
[10:42]
|
| yawkat |
netty |
[10:43]
|
| yawkat |
yawkat, netty is an effort to provide an asynchronous event-driven network application framework and tools for rapid development of maintainable high performance & high scalability protocol servers & clients. See http://netty.io for info. |
[10:43]
|
| elm_ |
I just want to insert/replace one line in a file that is piped to another file |
[10:43]
|
| yawkat |
then use a bufferedreader and a loop |
[10:43]
|
| yawkat |
easiest way to do it |
[10:43]
|
| elm_ |
with a BufferedReader I can read a file linewise |
[10:44]
|
| elm_ |
but the output file (size is known) should also be represented by a modified custom InputStream |
[10:44]
|
| elm_ |
i.e. create an InputStream of something that is not totally cached in memory |
[10:45]
|
| odinsbane |
output file, inputstream? |
[10:45]
|
| elm_ |
I would like to do that without creating a file just with network streams |
[10:46]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[10:46]
|
| elm_ |
the files are Amazon S3 files so I only have an InputStream to write to the target file |
[10:46]
|
| odinsbane |
InputStream.write |
[10:46]
|
| odinsbane |
odinsbane, what does that even *mean*? |
[10:46]
|
| odinsbane |
javadoc InputStream.write |
[10:46]
|
| odinsbane |
I have no documentation for InputStream.write |
[10:46]
|
| odinsbane |
javadoc OutputStream.write |
[10:47]
|
| odinsbane |
I have no documentation for OutputStream.write |
[10:47]
|
| elm_ |
that method does not exist |
[10:47]
|
| odinsbane |
elm_: right, that is what I am trying to get out. You don't write to an input stream. |
[10:47]
|
| elm_ |
I believe you will need to create an own custom InputStream class |
[10:47]
|
| elm_ |
the custom InputStream class then reads the primary InputStream as needed and passes on the result (with the inserted line) to the output InputStream |
[10:48]
|
| odinsbane |
So you're passing an input stream to some method, and you want "whatever" will be reading that inputstream to read your modified data? |
[10:48]
|
| elm_ |
I am not really very confident with Java so I do not know how to do that |
[10:48]
|
| odinsbane |
elm_: How big is the file? |
[10:48]
|
| elm_ |
yes |
[10:49]
|
| elm_ |
it can be quite large |
[10:49]
|
| elm_ |
so caching it entirely in memory is not so recommended |
[10:49]
|
| elm_ |
some docs on how to derive an own InputStream class would be very helpful |
[10:50]
|
| odinsbane |
elm_: There are PipedInputStream and OutputStream. |
[10:51]
|
| elm_ |
but they just forward a stream unalteredly |
[10:52]
|
| elm_ |
I need to alter the stream |
[10:52]
|
| elm_ |
i.e. insert a line |
[10:52]
|
| odinsbane |
elm_: You read your file with a reader (that way it understands lines) then your write those bytes to a PipedOutputStream. |
[10:54]
|
| elm_ |
aha |
[10:55]
|
| odinsbane |
elm_: or check the FilterInputStream |
[10:55]
|
| jamezp [jamezp!~jamezp@redhat/jboss/jamezp] has joined ##java |
[10:56]
|
| odinsbane |
elm_: https://docs.oracle.com/javase/tutorial/essential/io/charstreams.html |
[10:58]
|
| odinsbane |
odinsbane's title: "Character Streams (The Java Tutorials > Essential Classes > Basic I/O)" |
[10:58]
|
| odinsbane |
actually that looks bad. |
[10:59]
|
| elm_ |
It is 100% sure that I need to derive an own class |
[10:59]
|
| elm_ |
any output stream (whether PipedOutputStream or not) would deadlock if you write too much into it |
[10:59]
|
| cheeser |
not deadlock. block. |
[11:00]
|
| elm_ |
I would need a PipedOutputStream subclass that has a method "moredata" |
[11:00]
|
| elm_ |
if moredata is called it reads the primary input stream and passes on some bytes to the real InputStream which is the output |
[11:00]
|
| elm_ |
so that class which I need to subclass just needs a limited buffer when passing things on |
[11:01]
|
| elm_ |
does such a class exist which I could subclass? |
[11:01]
|
| cheeser |
reads block, too. so you just read if/when there's data. then write. if the write blocks because the output buffer is full the whole things will just stall until that buffer drains enough. |
[11:02]
|
| cheeser |
i think the answer has been stated to be: no |
[11:02]
|
| odinsbane |
elm_: There might be something, but I don't know it. You could override read on an input stream, and then in that read method, you consume bytes from your original stream. |
[11:02]
|
| elm_ |
no, I just read whenever more data is required |
[11:02]
|
| elm_ |
to write the read data alteredly |
[11:02]
|
| cheeser |
also doable |
[11:02]
|
| elm_ |
ok both versions would work |
[11:03]
|
| cheeser |
hell, just subclass some InputStream and override read() |
[11:03]
|
| cheeser |
then it'll only read the underlying wrapped IS on demand |
[11:03]
|
| elm_ |
so what I would need in that subclassed InputStream is something like a fifo queue I guess |
[11:04]
|
| elm_ |
any valuable helper class to implement that? |
[11:04]
|
| cheeser |
you could've had this written by now... |
[11:04]
|
| elm_ |
? - no |
[11:05]
|
| elm_ |
written what? |
[11:05]
|
| cheeser |
"just subclass some InputStream" |
[11:05]
|
| cheeser |
this code you need, of course. |
[11:05]
|
| elm_ |
I just figuered out how to do that |
[11:05]
|
| elm_ |
and that was my description |
[11:06]
|
| SunStorm [SunStorm!AdiIRC@catv-80-98-224-235.catv.broadband.hu] has joined ##java |
[11:06]
|
| tang^ [tang^!~tang^@207.229.38.10] has joined ##java |
[11:07]
|
| elm_ |
any suggestions for the fifo queue which I need inside the InputStream subclass? |
[11:08]
|
| cheeser |
ffs |
[11:08]
|
| cheeser taps out |
[11:08]
|
| bendem |
fifo? |
[11:08]
|
| elm_ |
necessary operations: enqueue, check fifo length, dequeue |
[11:08]
|
| cheeser |
first in, first out |
[11:08]
|
| elm_ |
yes |
[11:09]
|
| bendem |
I know what fifo means, I don't know why he needs it |
[11:09]
|
| cheeser |
"fifo length" isn't a thing. buffer/queue length is |
[11:09]
|
| cheeser |
bendem: whew. you had me worried. :) |
[11:09]
|
| elm_ |
think about the problem for a moment |
[11:09]
|
| cheeser |
i have. i even told you how to implement it. in two different ways. |
[11:09]
|
| elm_ |
or call it queue |
[11:09]
|
| elm_ |
I will override read |
[11:09]
|
| elm_ |
and it will read as much data into the fifo queue as needed to satisfy for the return value of the read methhod |
[11:10]
|
| elm_ |
checked? |
[11:10]
|
| LearnAllTheTime [LearnAllTheTime!~LearnAllT@162.233.183.109] has joined ##java |
[11:10]
|
| elm_ |
direly needed this fifo queue |
[11:10]
|
| cheeser |
you think you do so you refuse to consider other approaches |
[11:11]
|
| cheeser |
anyway. i've said my bit. good luck and all that. |
[11:11]
|
| elm_ |
what about other approaches |
[11:11]
|
| elm_ |
there is no other approach than to override read |
[11:11]
|
| elm_ |
so a queue is needed anyway |
[11:12]
|
| elm_ |
it does not work in any other way |
[11:12]
|
| elm_ |
rethink the problem |
[11:12]
|
| elm_ |
and then tell me if there is a queue class |
[11:12]
|
| cheeser |
enter |
[11:12]
|
| cheeser |
Enter is not punctuation. Please don't press your Enter or Return key until you're finished typing your question, sentence, or idea. It is annoying to see that and hard to follow. |
[11:12]
|
| cheeser |
i've given you two approaches. go write some code. |
[11:12]
|
| odinsbane |
elm_: here is a skeleton. I'm outta here though. https://ideone.com/EcO3xT |
[11:12]
|
| elm_ |
you only have to override a read method that returns a singleton character? |
[11:14]
|
| elm_ |
how can that be? |
[11:14]
|
| elm_ |
read calls comprise multiple characters at a time |
[11:14]
|
| elm_ |
which read method do I need to override? |
[11:14]
|
| elm_ |
there are multiple: |
[11:15]
|
| elm_ |
https://docs.oracle.com/javase/7/docs/api/java/io/InputStream.html |
[11:15]
|
| bluezone [bluezone!uid104970@gateway/web/irccloud.com/x-wkobhkaxmhgxraps] has joined ##java |
[11:15]
|
| elm_ |
read(byte[] b, int off, int len) ?? |
[11:15]
|
| elm_ |
that is something you need to know |
[11:15]
|
| elm_ |
one method will internally be implemented with the other one |
[11:15]
|
| elm_ |
do I also need to implement skip? |
[11:16]
|
| royal_screwup21 [royal_screwup21!d98a3b22@gateway/web/cgi-irc/kiwiirc.com/ip.217.138.59.34] has joined ##java |
[11:16]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[11:16]
|
| tang^ |
tias |
[11:16]
|
| tang^ |
Try it and see. You learn much more by experimentation than by asking without having even tried. |
[11:16]
|
| cheeser |
tang^++ |
[11:17]
|
| cheeser |
tang^ has a karma level of 26, cheeser |
[11:17]
|
| elm_ |
ok just need to return an int |
[11:17]
|
| elm_ |
but the other method makes it more performant |
[11:17]
|
| elm_ |
I guess this is the way to go |
[11:17]
|
| elm_ |
so can anyone suggest me a class for a fitting fifo queue |
[11:18]
|
| manualcrank [manualcrank!~manualcra@bras-base-mtrlpq2718w-grc-11-70-24-186-113.dsl.bell.ca] has joined ##java |
[11:21]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[11:21]
|
| conan [conan!~conan@mdproctor.plus.com] has joined ##java |
[11:23]
|
| elm_ |
what about class ByteBuffer? |
[11:26]
|
| elm_ |
anyone knows how java.nio.ByteBuffer works? |
[11:27]
|
| elm_ |
can it have variable sized content? |
[11:27]
|
| elm_ |
is it fifo like a queue? |
[11:27]
|
| elm_ |
it is not well documented |
[11:27]
|
| kgrimes2 [kgrimes2!~kgrimes2@128.149.82.187] has joined ##java |
[11:27]
|
| cheeser |
enter |
[11:29]
|
| cheeser |
elm_, Enter is not punctuation. Please don't press your Enter or Return key until you're finished typing your question, sentence, or idea. It is annoying to see that and hard to follow. |
[11:29]
|
| elm_ |
or is there a StrinBuffer for byte[] where you can append and get from the beginning (or the other way round) |
[11:29]
|
| yawkat |
netty |
[11:29]
|
| yawkat |
yawkat, netty is an effort to provide an asynchronous event-driven network application framework and tools for rapid development of maintainable high performance & high scalability protocol servers & clients. See http://netty.io for info. |
[11:29]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[11:32]
|
| fstd_ [fstd_!~fstd@unaffiliated/fisted] has joined ##java |
[11:33]
|
| odinsbane |
elm_: Don't use StringBuffer, it isn't what your looking for. |
[11:38]
|
| indistylo [indistylo!~aruns_@106.51.25.10] has joined ##java |
[11:44]
|
| kicked indistylo (Banned: please fix your connection. you're bouncing in and out. this ban will expire after 2h) |
[11:44]
|
| elm_ |
I just saw that I need to read the input as string |
[11:45]
|
| elm_ |
because I care about newlines |
[11:45]
|
| rapidwave [rapidwave!~quassel@unaffiliated/rapidwave] has joined ##java |
[11:48]
|
| gelignite [gelignite!~gelignite@55d4d370.access.ecotel.net] has joined ##java |
[11:49]
|
| rapidwave |
How do I install JavaMail? Do I just add JAR directory as library to NetBeans or is there more to it? |
[11:49]
|
| Addax |
Just add the dependency to your maven pom or your build.gradle |
[11:49]
|
| upgrdman [upgrdman!~upgrdman@blender/artist/upgrdman] has joined ##java |
[11:49]
|
| rapidwave |
I'm trying to use JavaMail to read mail |
[11:49]
|
| rapidwave |
Aren't those Eclipse features? |
[11:50]
|
| Addax |
right, well, like I said... |
[11:50]
|
| Addax |
no |
[11:50]
|
| cheeser |
maven |
[11:50]
|
| cheeser |
Maven is a software management tool that can compile, test, package, and deploy your project, with plugins for everything you can think of. See http://maven.apache.org and https://books.sonatype.com/mvnref-book/reference/index.html |
[11:50]
|
| Addax |
maven and gradle have nothing to do with eclipse |
[11:50]
|
| Addax |
or netbeans... or idea. They're separate tools entirely. The IDEs can use them. |
[11:50]
|
| Addax |
javamail |
[11:51]
|
| Addax |
JavaMail is, of course, a Java-based Mail API. It supports SMTP, POP, IMAP, and more. It's at http://www.oracle.com/technetwork/java/javamail/index.html ; ask me about ~commons-email for an easier bstraction which wraps JavaMail. ~spring-email is also a thing, as is ~simplejavamail. |
[11:51]
|
| cheeser |
and developers *should* use them. |
[11:51]
|
| cheeser |
if you're not, you're doing it wrong. |
[11:51]
|
| Addax |
cheeser ++ |
[11:51]
|
| Addax |
cheeser has a karma level of 1,499, Addax |
[11:51]
|
| Addax |
netbeans defaults to ant, which is psychotic and stupid. Only people who really know what they're doing should be using ant, and netbeans users... don't overlap with the set of people who know what they're about. |
[11:52]
|
| bendem |
any teacher that doesn't require student projects to build with mvn package or gradle build should be fired really |
[11:52]
|
| Addax |
bendem: but then there'd be no teachers left! |
[11:52]
|
| Diablo-D3 |
bendem: honestly, that could very well be every java teacher |
[11:52]
|
| bendem |
my point exactly |
[11:52]
|
| bendem |
java teachers need to be replaced |
[11:53]
|
| Diablo-D3 |
Im not even sure why we need them |
[11:53]
|
| Diablo-D3 |
java is not a difficult language |
[11:53]
|
| Diablo-D3 |
its maybe the easiest language Ive ever learned, and Ive learned a lot of them |
[11:53]
|
| mbooth |
You know what they say: Those who can, do. Those who can't, teach. |
[11:53]
|
| Addax |
heh. My son's *college* teacher for java *required* that he submit a single class for an assignment... that had a dependency on another class. (So he was supposed to submit a NONWORKING project.) |
[11:53]
|
| bendem |
because a teacher will force you to discover some concepts and techs that you would not find until much later if you teach yourself |
[11:54]
|
| Addax |
and it was required to be built with eclipse. Just... stunning |
[11:54]
|
| bendem |
and because learning good practices from the start is awesome |
[11:54]
|
| bendem |
I'd love to teach one day |
[11:54]
|
| Diablo-D3 |
Addax: maybe the teacher misspoke? |
[11:54]
|
| Addax |
no |
[11:54]
|
| Rapture [Rapture!~textual@2601:1c2:5102:6d00:619c:8790:752b:695a] has joined ##java |
[11:54]
|
| Diablo-D3 |
so he intends on failing every student on that assignment? |
[11:55]
|
| Addax |
he actually submitted the ancillary class (verbatim, although I wanted to fix it desperately) - and got marked as having PLAGIARIZED |
[11:55]
|
| Diablo-D3 |
... how the fuck do you get marked as plagiarized |
[11:55]
|
| parliament_ [parliament_!sid146171@gateway/web/irccloud.com/x-addjcgeivtdcrpvf] has joined ##java |
[11:55]
|
| Diablo-D3 |
this isnt english class |
[11:55]
|
| Addax |
"This second class looks exactly like the utility class you were required to use! You plagiarized it!" |
[11:56]
|
| discopatrick_ [discopatrick_!sid138124@gateway/web/irccloud.com/x-hdfjahbjkjkunpjs] has joined ##java |
[11:56]
|
| MIsAn [MIsAn!~yuljk@unaffiliated/yuljk] has joined ##java |
[11:56]
|
| Addax |
never mind that the utility class was broken; it was an algebraic evaluator that... couldn't handle unary minus |
[11:56]
|
| Addax |
also used method parameters like "ArrayList<String>" and, in one place, "LinkedList" |
[11:56]
|
| cheeser |
Addax: people who know what they're doing don't use ant |
[11:56]
|
| Diablo-D3 |
So when are you going to speak with the principal or dean or whatever of the school, and discuss hiring only certified java instructors for the position? |
[11:56]
|
| Addax |
cheeser: yet some people who know what they're doing *do* - see stanford NLP, for example |
[11:57]
|
| Addax |
Diablo-D3: I'm not going to at all. |
[11:57]
|
| DemonWav_ [DemonWav_!~DemonWav@unaffiliated/demonwav] has joined ##java |
[11:57]
|
| Sleaker_ [Sleaker_!quasselcor@2604:880:a:7::e1b] has joined ##java |
[11:57]
|
| bendem |
doesn't lombok also use ant? |
[11:57]
|
| surial |
it does. |
[11:57]
|
| cheeser |
mock surial |
[11:57]
|
| javabot points at surial and says "your dum" |
[11:57]
|
| surial |
ant is awesome. |
[11:57]
|
| surial |
you know, in the biblical sense. |
[11:57]
|
| cheeser |
as in, it all ends in a giant conflagration and untold suffering? |
[11:58]
|
| Enissay2 [Enissay2!~Enissay@unaffiliated/enissay] has joined ##java |
[11:58]
|
| Addax |
hey, if you have a series of configurations to manage and you're willing to undergo all the pain and are afraid of gradle, ant's fantastic |
[11:58]
|
| jaskal_ [jaskal_!jaskal@unaffiliated/jaskal] has joined ##java |
[11:58]
|
| limbo__ [limbo__!ar@45.63.9.236] has joined ##java |
[11:59]
|
| yokel_ [yokel_!~yokel@unaffiliated/contempt] has joined ##java |
[11:59]
|
| surial |
gradle would add nothing to lombok, and it woudl slow down the builds significantly. |
[12:00]
|
| GeraldW_ [GeraldW_!~geraldw@v22017115126455540.ultrasrv.de] has joined ##java |
[12:00]
|
| Addax |
or, as in the case of stanford NLP and probably a host of others, there's a legacy build that would be a total drag to port |
[12:00]
|
| Diablo-D3 |
Addax: well thats no fun |
[12:00]
|
| elm_ |
is there a better method than string.getBytes() which writes into an already existing byte array? |
[12:00]
|
| surial |
true fact: We have had 5 offers to contribute all starting with "I guess I'll tackle the ant problem first and set y'all up for <maven/gradle>". We immediately shitcanned those 'contributors' for being fucking morons. |
[12:00]
|
| Diablo-D3 |
Addax: I mean, yeah, you need to teach your kid to pick his own fights, but we have to, in the future, deal with that teacher's students |
[12:01]
|
| Addax |
Diablo-D3: ... like my son, whose java code is abominable |
[12:01]
|
| Diablo-D3 |
oh man |
[12:01]
|
| surial |
not because maven/gradle are bad, but because if you think the best way to start contributing to a FOSS project is to... completely redesign a build ? and you think that's gonna go over real well.. I doubt I have the ability to communicate with your neptunian brai. |
[12:01]
|
| Diablo-D3 buys Addax a beer |
[12:01]
|
| Iolo_ [Iolo_!~iolo@dsl-tkubng22-58c023-38.dhcp.inet.fi] has joined ##java |
[12:01]
|
| Addax |
surial: note that I do actually have a number of accepted PRs based on that exact notion, although I tend to look carefully at whether there's a "win" involved before bothering |
[12:02]
|
| Diablo-D3 |
I think this is why I dont have kids, Im too afraid they're going to go into my industry and then never RTFM :( |
[12:02]
|
| surial |
elm_: .string.getBytes() should not be used at all; use string.getBytes(someCharset). Both of these methods produce a new byte array; they do NOT write into 'existing byte array'. |
[12:02]
|
| cheeser |
otoh, if I see ant on a project i'm about 97% less likely to want to contribute. |
[12:02]
|
| Addax |
surial: I looked at lombok, for example, and decided that there was no way *I* would be able to contribute an alternative build that was worth a damn, even if it was feature-complete |
[12:02]
|
| surial |
cheeser: well, what can I say. Lombok is not for the faint of heart. Also, we have plenty of contributors. They are manly (m/f) coders who have no problem slogging uphill both ways. |
[12:03]
|
| Diablo-D3 |
cheeser: if I see ant on a project, I may not even BE able to contribute; generally its an indication of ancient legacy code |
[12:03]
|
| Addax |
Diablo-D3: that's very much a faulty assumption though |
[12:03]
|
| surial |
Diablo-D3: generally, yes. Lombok is complex. If someone opens the root file view on github, sees 'build.xml', and closes the tab? Good riddance. |
[12:03]
|
| cheeser |
that's the spirit! :D |
[12:03]
|
| Addax notes that surial prefers the ivory tower to the bazaar |
[12:04]
|
| cheeser |
i just cba to set up a project like that in my IDE. unless it's my job, i have better things to do. |
[12:04]
|
| surial |
If you can't even be arsed to click on it and then go: "oooohhh. geez, what the fuck, is this rocket science? I guess building lombok is a bit more complicated than your average java project" ? that's understandable, but that kind of impatience is just not conducive to a good lombok developer. There's a ton of corner cases you do need to cver and I guarantee you, most of em will NEVER be relevant to you (but they are relevant |
[12:04]
|
| surial |
to a bunch of our users, so can't be ignored). |
[12:04]
|
| cheeser |
¯\_(?)_/¯ |
[12:04]
|
| Diablo-D3 |
Addax: I did say 'generally' |
[12:05]
|
| Addax |
Diablo-D3: *nod* true |
[12:05]
|
| Diablo-D3 |
I rarely see alive projects still using ant that are still alive and not pretty old |
[12:05]
|
| Addax |
I guess I agree with that, usually ant yields projects with commits every few years nowadays |
[12:05]
|
| Brainium [Brainium!~brainium@unaffiliated/brainium] has joined ##java |
[12:05]
|
| Addax |
there are exceptions, and those are still viable projects, but... yeah, generally not ones I care about because of the build system |
[12:05]
|
| Addax |
Diablo-D3: I've mentioned at least two! |
[12:06]
|
| Addax |
well, I didn't mention lombok, but I sort of did |
[12:06]
|
| surial |
Maybe one day we'll rewrite lombok to an amazing extent: New build, probably using our own build system (because it has at that point jack fuck all to do with normal java builds; we'd ship ALLLLL the compilers separately, don't want to invoke system javac for any of it), single unified API that works for all 3 targets, etc. I guess gradle or maven would kick it off (fetch deps, compile our build system and execute it, which then |
[12:06]
|
| surial |
takes care of all the rest, making it LOOK like a plain jane project even when it is not). But that'll probably the most complex thing we'd ever do to the lombok source base. |
[12:06]
|
| Diablo-D3 |
btw, re gradle, is it really that bad or what? |
[12:06]
|
| Addax |
gradle's fine |
[12:06]
|
| Diablo-D3 |
because I see a fair amount of gradle dislike, and I dont really know why |
[12:06]
|
| Diablo-D3 |
its alternative is maven, so its like, how bad could it really be |
[12:07]
|
| Addax |
I don't know why either, probably ignorance |
[12:07]
|
| Addax |
people despise maven because it's XML, so ... yeah, people are stupid |
[12:07]
|
| cheeser |
surial: is it that you have to target/build with different JVMs? |
[12:07]
|
| surial |
gradle? Not particularly bad. Last time I checked in depth it goes through a ton of hoops to avoid doing needless work which complicates builds considerably (case in point: annotation processors need to explicitly mark themselves as 'gradle compatible' or they torch your build speed to a crisp), but isn't really faster. |
[12:07]
|
| Addax |
if that's enough to dissuade you from using a tool, you're a dope and need to step away from the computer and never have kids anyway |
[12:07]
|
| surial |
cheeser: we still have to compile code with -source 1.5 -target 1.5, for starters. |
[12:07]
|
| Diablo-D3 |
surial: that seems like a rather specific compliant, how many common things need to process annotations |
[12:08]
|
| rippa [rippa!~rippa@ppp-vpdn-37.1.85.157.yarnet.ru] has joined ##java |
[12:08]
|
| null1337 [null1337!~WhoAmI@c-73-203-123-117.hsd1.co.comcast.net] has joined ##java |
[12:08]
|
| Addax |
... lots |
[12:08]
|
| hypc [hypc!~Thunderbi@59.46.22.82] has joined ##java |
[12:09]
|
| surial |
Diablo-D3: any non-trivial java project? |
[12:09]
|
| ernimril |
build systems tend to be quite complex and I think all build systems have seen quite a lot of critique over the years. I guess mostly because most developers never understand the build systems |
[12:09]
|
| kashike [kashike!kashike@unaffiliated/kashike] has joined ##java |
[12:09]
|
| mbooth |
I don't think I've touched a code base that didn't use annotations of some kind in years... |
[12:09]
|
| surial |
from JPA's annotation based processing to mapstruct to autovalue to lombok to SPI generators... |
[12:09]
|
| Diablo-D3 |
eh, right, forgot that'd qualify |
[12:09]
|
| surial |
frankly if your java project ISNT using an AP, what kind of third rate amateur uninteresting bit of tripe ARE you making? |
[12:09]
|
| satifant [satifant!~sati@unaffiliated/satifant] has joined ##java |
[12:10]
|
| Diablo-D3 |
I just use the stuff, I don't always consider how it works |
[12:10]
|
| surial |
ernimril: for lombok I'm specifically referring to what lombok has to do to make a build. example: We invoke the compiler 8 times, and that's not even compiling the tests. |
[12:10]
|
| HZun [HZun!~HZun@0x3ec721e2.osd.customer.dk.telia.net] has joined ##java |
[12:10]
|
| mindCrime [mindCrime!~mindCrime@216.85.170.148] has joined ##java |
[12:11]
|
| surial |
frankly if gradle/maven made it easy to write lombok's build, the tool would be vastly over-engineered to cater to ridiculously overspecific use cases :) ? but given that our build is itself a bunch of software, well, we were either gonna write it in ant, or in straight up java. |
[12:11]
|
| ernimril |
surial, sure, I was only going on general build systems, since I do not use lombok I can not really say much about it |
[12:11]
|
| surial |
I'm warming up to plan #2 there. Maven is clearly right the fuck out. Gradle could be, but at that point you're not really gaining much value out of using it. |
[12:11]
|
| surial |
and it probably actively gets in the way. Say what you want about ant, but <mkdir> just makes a fucking dir. |
[12:11]
|
| surial |
gradle tries to be all smart and go: Welllll now I think perhaps this step might safely be skipped! Let's skip it. Which cool and all, but makes debugging builds rather more complicated than neccessary. Besides, the speedups built into lombok's build are all handrolled and there's no way gradle could know about any of it. |
[12:12]
|
| mbooth really wants to look at lombok's build now |
[12:13]
|
| surial |
ernimril: well, sbt goes some ways to show how it goes, no? You start thinking: Pfff,, dafuq? Why is gradle/maven/whatever so complicated? How hard can a make clone be? We'll make something muuuch simpler. and then.. well, check out sbt now. |
[12:13]
|
| mbooth |
Sounds pretty interesting |
[12:13]
|
| surial |
mbooth: https://github.com/rzwitserloot/lombok/blob/master/build.xml |
[12:13]
|
| surial |
surial's title: "lombok/build.xml at master rzwitserloot/lombok GitHub" |
[12:13]
|
| surial |
enjoy. There are more build files, for the website for example which this thing also builds. |
[12:13]
|
| mbooth |
Ta |
[12:13]
|
| surial |
but that's the start point at least. |
[12:13]
|
| q9929t [q9929t!~Thunderbi@115.99.83.36] has joined ##java |
[12:14]
|
| ernimril |
it is typically not the build system that needs to be faster, it is the different tools the build system use. Compiling ~50k source files in java takes less than one minute. Finding out what few files of such a project needs to be recompiled after a few file changes and compiling them can be done in less than a few seconds. Rebuilding one or two jars is quick. Then we can start talking about different dependency things, annotation |
[12:14]
|
| ernimril |
processors and other things, they tend to take time |
[12:14]
|
| surial |
mbooth: also note that lombok's ant is built on something called 'ivyplusplus' which is ivy with a few extras. lombok is as far as I know the one and only tool that uses ivyplusplus. So that whole 'we use our own build' concept is already half true. |
[12:14]
|
| srisri [srisri!~srisri@204.14.239.17] has joined ##java |
[12:14]
|
| surial |
ernimril: rebuilding a shaded jar is slow as dogshit, and will always be. |
[12:14]
|
| Diablo-D3 |
huh, I think it was ivy was my biggest ant compliant |
[12:15]
|
| esro [esro!~esro@188.147.42.115.nat.umts.dynamic.t-mobile.pl] has joined ##java |
[12:15]
|
| surial |
Part of the problem with slow builds is that people make idiotic choices and these choices then become industry standard. such as shading, which is rarely needed and usually a dumb plan. |
[12:15]
|
| Addax |
Diablo-D3: huh, ivy's the *best* thing about ant - it's what makes ant tolerable! |
[12:15]
|
| ernimril |
surial, I do not really use sbt, if I want a make clone I use gnu make :-) |
[12:15]
|
| Diablo-D3 |
Addax: well, thats half of my compliant, it wasnt built in like maven repos was into maven |
[12:15]
|
| Addax |
wait... sbt? |
[12:15]
|
| ernimril |
sbt |
[12:15]
|
| ernimril |
SBT is the "simple build tool," proving that Scala developers have well-developed senses of irony and sarcasm. It's really easy to use when your build doesn't actually do anything, apart from the incredible speed. ("It's incredible how SLOW this is!") See http://scala-sbt.org ; it's actually not entirely incapable, but really? Use gradle or maven. Nobody wants to read "still compiling" messages. |
[12:15]
|
| Diablo-D3 |
the other half is... it never seemed as powerful as maven was natively |
[12:16]
|
| surial |
ernimril: well, sbt started out life as 'simple build tool', then became 'scala build tool', and now is just 'sbt build tool', because, well, it REALLY isn't simple. at all. |
[12:16]
|
| Addax |
surial: and BTW, shaded jars (including and especially the spring boot equivalent) are *very* common these days |
[12:16]
|
| Diablo-D3 |
and it had weird problems that I never quite solved, either I was using ivy wrong, or I had deps that confused it |
[12:16]
|
| surial |
Diablo-D3: maven is very powerLESS; it is hard to do anything with it.. EXCEPT the bits it wants you to do, where it is passably nice at it (vs, say, ant, where ant has absolutely no opinions or default-to-conventions whatsoever and you have to write it all, it's a programming language even though the docs really try their hardest to lie to you and say that it is not). Which makes maven great if what you're doing fits within its |
[12:17]
|
| surial |
conventions, which is a lot of java projects. but not all java projects. |
[12:17]
|
| surial |
Diablo-D3: ivy is more convoluted than it needs to be and inconsistent with names, both internally and vs. mavencentral on which it heavily relies upon in practice. |
[12:17]
|
| Addax |
surial: also, maven's approach there (the "powerless" approach) is a feature |
[12:17]
|
| surial |
Diablo-D3: It's.. suboptimal to say the least. But it'll do. |
[12:17]
|
| quadsar [quadsar!~quadsar@unaffiliated/quadsar] has joined ##java |
[12:17]
|
| surial |
Addax: agreed. |
[12:18]
|
| Diablo-D3 |
surial: yeah, but maven will also do if maven does what I need without fighting with it, which is where I ended up going |
[12:18]
|
| Addax |
Diablo-D3: I don't think he has a problem with that :) |
[12:18]
|
| surial |
and hence why 'you should use maven!' for lombok feels so sad and makes me ignore somebody so rapidly. It not only shows an utter lack of understanding of lombok's build and a disdain for me to suggest it without even spending 1 minute to check out what that might mean, it also means said idiot is less aware of what maven is than they really ought to be if they go around advising it. |
[12:18]
|
| ernimril |
migrating an old project that was not built for maven (or gradle) to maven is an interesting task... |
[12:18]
|
| surial |
It's a bit like me sitting next to a house with peeling paint and somebody walking by and going: You should fix that with sushi! |
[12:19]
|
| surial |
sushi is nice, but clearly inappropriate for house painting. That's not sushi's fault. |
[12:19]
|
| Addax |
surial: see, I'm ensmartened! I looked at lombok, said "what is this crap? ANT?" and looked a little further and decided that it wouldn't be worth migrating to gradle, much less maven |
[12:19]
|
| surial |
Diablo-D3: oh, don't worry. Once you try to make maven do things that it doesn't want you to, you're fighting with it FAR more than ant. |
[12:20]
|
| surial |
also, maven as a project is fucking bad. |
[12:20]
|
| Diablo-D3 |
if lombok has highly customized its use of ant, then it seems to be using ant for the right reasons, and should never change |
[12:20]
|
| rapidwave |
I setup Maven for the project, but the files aren't getting read by NetBeans. |
[12:20]
|
| Diablo-D3 |
no, Ive seen maven warts up front and center, but its why Im wondering why people hate gradle |
[12:20]
|
| Diablo-D3 |
gradle seems like its sane, it seems like it just does what its supposed to and not fight anyone |
[12:21]
|
| surial |
mavencentral, I mean. There is this snapshot concept. It is documented NOWHERE. The format used to send a real release to mavencentral (well, sonatype, and that's how you feed mavencentral) is documented but unneccessarily convoluted and has 'security measures' that dont do anything (so, security theatre then). The snapshot concept? Utterly different format for no reason. Documented nowhere. Idiotically finicky; like if the |
[12:21]
|
| surial |
header isn't precisely the way maven does it, down to the last byte, it gives you a random, unrelated error message. |
[12:21]
|
| surial |
So in that sense, if anybody would do me the kindness of coming up with a better mavencentral, i'll cheerlead you alll the waty. |
[12:21]
|
| Addax |
snapshot != maven central |
[12:21]
|
| surial |
we have 'solved' the problem by hosting our own mavencentral style repo where we deposit our snapshots, and that works great. |
[12:22]
|
| Diablo-D3 |
well isnt that the problem with every repo thats not cpan? |
[12:22]
|
| surial |
why should it be? |
[12:22]
|
| Diablo-D3 |
the way its ran is always fucking weird, and shit always happens that fucks everyone up |
[12:22]
|
| surial |
also, rubygems and such have their own issues, but not about spec and usability. Generally they tried to be 'too nice' and now have scaling issues. |
[12:22]
|
| Diablo-D3 |
npm most certainly isnt the only complete fuckup |
[12:22]
|
| surial |
For example, with rubygems, there's (like apt), a sort of index file you need, and serving up that fucker is now quite a big problem. (SOURCE: Talking at length with andré about it). |
[12:23]
|
| surial |
mavencentral solved it by not having index files. The right dir to find a dep is constructable from the GAV straight up. |
[12:23]
|
| surial |
good design choice though I bet given the roots of maven they just stumbled onto that. |
[12:24]
|
| surial |
npm... oh god. |
[12:24]
|
| surial |
also npm is in dire fucking trouble I think. They JUST started to attempt to earn some actual money to run it all by... selling for quite a large amount precisely what github recently added, which is cloud hosted corporate repos. |
[12:24]
|
| surial |
If you're the kind of corp that even would consider putting your stuff in the cloud, 90%+ odds you have github and if not, the bargain pricing github has for this puts quite the crimp on npm's ability to charge meaningful money for this service. sonatype at least has 10+ years of history going for it, and professional support for self-hosting your corp repo. |
[12:25]
|
| LunarJetman [LunarJetman!LunarJetma@0547857b.skybroadband.com] has joined ##java |
[12:25]
|
| rorx [rorx!~rorx@tserver.truestep.com] has joined ##java |
[12:25]
|
| surial |
Diablo-D3: note that what 'we java pros' tend to point-and-laugh about with NPM is stuff that mavencentral basically does exactly as badly. It's JUST that the java community isn't quite as cavalier with endless depchains. Despite mavencentral's attempts, not because of them. |
[12:26]
|
| surial |
So, whilst I love me some npm bashing like any other java programmer, careful you don't break our glass house with them stones there. |
[12:26]
|
| LtHummus [LtHummus!~lthummus@97-113-38-185.tukw.qwest.net] has joined ##java |
[12:29]
|
| orbyt_ [orbyt_!~orbyt@172.92.5.20] has joined ##java |
[12:29]
|
| Diablo-D3 |
surial: tbf, I was actually trying to compare the two |
[12:30]
|
| Diablo-D3 |
I literally just said if its not cpan, its probably shit |
[12:30]
|
| Diablo-D3 |
sometimes I just dont feel like being a monster, and try to be nice about throwing shade :( |
[12:32]
|
| LKoen [LKoen!~LKoen@2a01cb0407597a00dc189c0fe8acc4bf.ipv6.abo.wanadoo.fr] has joined ##java |
[12:33]
|