Posts Tagged ‘DevoxxBE2024’
[DevoxxBE2024] Let’s Use IntelliJ as a Game Engine, Just Because We Can by Alexander Chatzizacharias
At Devoxx Belgium 2024, Alexander Chatzizacharias delivered a, lighthearted yet insightful talk on the whimsical idea of using IntelliJ IDEA as a game engine. As a Java enthusiast and self-proclaimed gamer, Alexander explored the absurdity and fun of leveraging IntelliJ’s plugin platform to create games within a codebase. His session, filled with humor and technical creativity, demonstrated how curiosity-driven projects can spark innovation while entertaining developers. From rendering Pong to battling mutable state in a Space Invaders-inspired game, Alexander’s talk was a testament to the joy of experimentation.
The Origin Story: Productivity Through Play
Alexander’s journey began with a reaction to Unity 3D’s controversial per-install pricing model in 2023, prompting him to explore alternative game engines. Inspired by a prior Devoxx talk on productivity through fun, he decided to transform IntelliJ IDEA, a powerful IDE, into a game engine using its plugin platform. Built with Kotlin and Java Swing, his approach avoided external frameworks like JavaFX or Chromium Embedded Framework to maintain authenticity. The goal was to render games within IntelliJ’s existing window, interact with code, and maximize performance, all while embracing the chaos of a developer’s curiosity. Alexander’s mantra—“productivity is messing around and having fun”—set the tone for a session that balanced technical depth with playfulness.
Pong: Proving the Concept
The first milestone was recreating Pong, the 1972 game that launched the video game industry, within IntelliJ. Using intentions (Alt+Enter context menus), Alexander rendered paddles and a ball over a code editor, leveraging Java Swing for graphics and a custom Kotlin Vector2 class inspired by Unity 3D for position and direction calculations. Collision detection was implemented by iterating through code lines, wrapping each character in a rectangle, and checking for overlaps—faking physics with simple direction reversals. This “fake it till you make it” approach ensured a functional game without complex physics, proving that IntelliJ could handle basic game logic and rendering. The demo, complete with a multiplayer jest, highlighted the feasibility of embedding games in an IDE.
State Invaders: Battling Mutable Variables
Next, Alexander tackled a backend developer’s “cardinal sin”: mutable state. He created State Invaders, a Space Invaders-inspired game where players eliminate mutable variables (var keywords) from the codebase. Using IntelliJ’s PSI (Program Structure Interface), the plugin scans for mutable fields, rendering them as enemy sprites. Players shoot these “invaders,” removing the variables from the code, humorously reducing the “chance of production crashing” from 100% to 80%. A nostalgic cutscene referencing the internet meme “All your base are belong to us” added flair. The game demonstrated how plugins can interact with code structure, offering a playful way to enforce coding best practices while maintaining a functional codebase.
Packag-Man: Navigating Dependency Mazes
Addressing another developer pain point—over-reliance on packages—Alexander built Packag-Man, a Pac-Man variant. The game generates a maze from Gradle or Maven dependency names, with each letter forming a cell. Ghosts represent past dependency mistakes, and consuming them removes the corresponding package from the build file. Sound effects, including a looped clip of a presenter saying “Java,” enhanced the experience. IntelliJ’s abstractions for dependency parsing ensured compatibility with both Gradle and Maven, showcasing the platform’s flexibility. The game’s random ghost placement added challenge, reflecting the unpredictable nature of dependency management, while reinforcing the theme of cleaning up technical debt through play.
Sonic the Test Dog and Code Hero: Unit Tests and Copy-Paste Challenges
Alexander continued with Sonic the Test Dog, a Sonic-inspired game addressing inadequate unit testing. Players navigate a vertical codebase to collect unit tests (represented as coins), with a boss battle against “Velocity Nick” in a Person.java file. Removing coins deletes tests, humorously highlighting testing pitfalls. Finally, Code Hero, inspired by Guitar Hero and OSU, tackles copy-pasting from Stack Overflow. Players type pasted code letter-by-letter to a rhythm, using open-source beat maps for timing. A live demo with an audience member showcased the game’s difficulty, proving developers must “earn” their code. These games underscored IntelliJ’s potential for creative, code-integrated interactions.
Lessons and Future Hopes
Alexander concluded with reflections on IntelliJ’s plugin platform limitations, including poor documentation, lack of MP3 and PNG support, and cumbersome APIs for color and write actions. He urged JetBrains to improve these for better game development support, humorously suggesting GIF support for explosions. Emphasizing coding as a “superpower,” he encouraged developers to experiment without fear of “bad ideas,” as the dopamine hit of a working prototype is unmatched. A final demo hinted at running Doom in IntelliJ, leaving the audience to ponder its feasibility. Alexander’s talk, blending technical ingenuity with fun, inspired attendees to explore unconventional uses of their tools.
Links:
[DevoxxBE2024] AI and Code Quality: Building a Synergy with Human Intelligence by Arthur Magne
In a session at Devoxx Belgium 2024, Arthur Magne, CPO and co-founder of Packmind, explored how AI can enhance code quality when guided by human expertise. Addressing the rapid rise of AI-generated code through tools like GitHub Copilot, Arthur highlighted the risks of amplifying poor practices and the importance of aligning AI outputs with team standards. His talk showcased Packmind’s approach to integrating AI with human-defined best practices, enabling teams to maintain high-quality, maintainable code while leveraging AI’s potential to accelerate learning and enforce standards.
The Double-Edged Sword of AI in Software Development
Arthur opened with Marc Andreessen’s 2011 phrase, “Software is eating the world,” updating it to reflect AI’s current dominance in code generation. Tools like GitHub Copilot and Codium produce vast amounts of code, but their outputs reflect the quality of their training data—often outdated or flawed, as noted by Veracode’s Chris Wysopal. A 2024 Uplevel study found 41% more bugs in AI-assisted code among 800 developers, and GitLab’s 2023 report showed a 100% increase in code churn since AI’s rise in 2022, indicating potential technical debt. Arthur argued that while AI boosts individual productivity (88% of developers feel faster, per GitHub), team-level benefits are limited without proper guidance, as code reviews and bug fixes offset time savings.
The Role of Human Guidance in AI-Driven Development
AI lacks context about team-specific practices, such as security, accessibility, or architecture preferences, leading to generic or suboptimal code. Arthur emphasized the need for human guidance to steer AI outputs. By explicitly defining best practices—covering frameworks like Spring, security protocols, or testing strategies—teams can ensure AI generates code aligned with their standards. However, outdated documentation, like neglected Confluence pages, can mislead AI, amplifying hidden issues. Arthur advocated for a critical human-in-the-loop approach, where developers validate AI suggestions and integrate company context to produce high-quality, maintainable code.
Packmind’s Solution: AI as a Technical Coach
Packmind, a tool developed over four years, acts as an IDE and browser extension for platforms like GitHub and GitLab, enabling teams to define and share best practices. Arthur demonstrated how Packmind identifies practices during code reviews, such as preferring flatMap over for loops with concatenation in TypeScript or Java for performance. Developers can flag negative examples (e.g., inefficient loops) or positive ones (e.g., standardized loggers) and create structured practice descriptions with AI assistance, including “what,” “why,” and “how to fix” sections. These practices are validated through team discussions or communities of practice, ensuring consensus before enforcement. Packmind’s AI suggests improvements, generates guidelines, and integrates with tools like GitHub Copilot to produce code adhering to team standards.
Enforcing Standards and Upskilling Teams
Once validated, practices are enforced via Packmind’s IDE extension, which flags violations and suggests fixes tailored to team conventions, akin to a customized SonarQube. For example, a team preferring TestNG over JUnit can configure AI to generate compliant test cases. Arthur highlighted Packmind’s role in upskilling, allowing junior developers to propose practices and learn from team feedback. AI-driven practice reviews, conducted biweekly or monthly, foster collaboration and spread expertise across organizations. Studies cited by Arthur suggest that teams using AI without understanding underlying practices struggle to maintain code post-project, underscoring the need for AI to augment, not replace, human expertise.
Balancing Productivity and Long-Term Quality
Quoting Kent Beck, Arthur noted that AI automates 80% of repetitive tasks, freeing developers to focus on high-value expertise. Packmind’s process ensures AI amplifies team knowledge rather than generic patterns, reducing code review overhead and technical debt. By pushing validated practices to tools like GitHub Copilot, teams achieve consistent, high-quality code. Arthur concluded by stressing the importance of explicit standards and critical evaluation to harness AI’s potential, inviting attendees to discuss further at Packmind’s booth. His talk underscored a synergy where AI accelerates development while human intelligence ensures lasting quality.
Links:
[DevoxxBE2024] The Next Phase of Project Loom and Virtual Threads by Alan Bateman
At Devoxx Belgium 2024, Alan Bateman delivered a comprehensive session on the advancements in Project Loom, focusing on virtual threads and their impact on Java concurrency. As a key contributor to OpenJDK, Alan explored how virtual threads enable high-scale server applications with a thread-per-task model, addressing challenges like pinning, enhancing serviceability, and introducing structured concurrency. His talk provided practical insights into leveraging virtual threads for simpler, more scalable code, while detailing ongoing improvements in JDK 24 and beyond.
Understanding Virtual Threads and Project Loom
Project Loom, a transformative initiative in OpenJDK, aims to enhance concurrency in Java by introducing virtual threads—lightweight, user-mode threads that support a thread-per-task model. Unlike traditional platform threads, which are resource-intensive and often pooled, virtual threads are cheap, allowing millions to run within a single JVM. Alan emphasized that virtual threads enable developers to write simple, synchronous, blocking code that is easy to read and debug, avoiding the complexity of reactive or asynchronous models. Finalized in JDK 21 after two preview releases, virtual threads have been widely adopted by frameworks like Spring and Quarkus, with performance and reliability proving robust, though challenges like pinning remain.
The Pinning Problem and Its Resolution
A significant pain point with virtual threads is “pinning,” where a virtual thread cannot unmount from its carrier thread during blocking operations within synchronized methods or blocks, hindering scalability. Alan detailed three scenarios causing pinning: blocking inside synchronized methods, contention on synchronized methods, and object wait/notify operations. These can lead to scalability issues or even deadlocks if all carrier threads are pinned. JEP 444 acknowledged this as a quality-of-implementation issue, not a flaw in the synchronized keyword itself. JEP 491, currently in Early Access for JDK 24, addresses this by allowing carrier threads to be released during such operations, eliminating the need to rewrite code to use java.util.concurrent.locks.ReentrantLock. Alan urged developers to test these Early Access builds to validate reliability and performance, noting successful feedback from initial adopters.
Enhancing Serviceability for Virtual Threads
With millions of virtual threads in production, diagnosing issues is critical. Alan highlighted improvements in serviceability tools, such as thread dumps that now distinguish carrier threads and include stack traces for mounted virtual threads in JDK 24. A new JSON-based thread dump format, introduced with virtual threads, supports parsing for visualization and preserves thread groupings, aiding debugging of complex applications. For pinning, JFR (Java Flight Recorder) events now capture stack traces when blocking occurs in synchronized methods, with expanded support for FFM and JNI in JDK 24. Heap dumps in JDK 23 include unmounted virtual thread stacks, and new JMX-based monitoring interfaces allow dynamic inspection of the virtual thread scheduler, enabling fine-tuned control over parallelism.
Structured Concurrency: Simplifying Concurrent Programming
Structured concurrency, a preview feature in JDK 21–23, addresses the complexity of managing concurrent tasks. Alan presented a motivating example of aggregating data from a web service and a database, comparing sequential and concurrent approaches using thread pools. Traditional thread pools with Future.get() can lead to leaks or wasted cycles if tasks fail, requiring complex cancellation logic. The StructuredTaskScope API simplifies this by ensuring all subtasks complete before the main task proceeds, using a single join method to wait for results. If a subtask fails, others are canceled, preventing leaks and preserving task relationships in a tree-like structure. An improved API in Loom Early Access builds, planned for JDK 24 preview, introduces static factory methods and streamlined exception handling, making structured concurrency a powerful complement to virtual threads.
Future Directions and Community Engagement
Alan outlined Project Loom’s roadmap, focusing on JEP 491 for pinning resolution, enhanced diagnostics, and structured concurrency’s evolution. He emphasized that virtual threads are not a performance boost for individual methods but excel in scalability through sheer numbers. Misconceptions, like replacing all platform threads with virtual threads or pooling them, were debunked, urging developers to focus on task migration. Structured concurrency’s simplicity aligns with virtual threads’ lightweight nature, promising easier debugging and maintenance. Alan encouraged feedback on Early Access builds for JEP 491 and structured concurrency (JEP 480), highlighting their importance for production reliability. Links to JEP 444, JEP 491, and JEP 480 provide further details for developers eager to explore.
Links:
[DevoxxBE2024] Wired 2.0! Create Your Ultimate Learning Environment by Simone de Gijt
Simone de Gijt’s Devoxx Belgium 2024 session offered a neuroscience-informed guide to optimizing learning for software developers. Building on her Wired 1.0 talk, Simone explored how to retain knowledge amidst the fast-evolving tech landscape, including AI’s impact. Over 48 minutes, she shared strategies like chunking, leveraging emotional filters, and using AI tools like NotebookLM and Napkin to enhance learning. Drawing from her background as a speech and language therapist turned Java/Kotlin developer, she provided actionable techniques to create a focused, effective learning environment.
Understanding the Information Processing Model
Simone introduced the information processing model, explaining how sensory input filters through short-term memory to the working memory, where problem-solving occurs. Emotions act as a gatekeeper, prioritizing survival-related or emotionally charged data. Negative experiences, like struggling in a meeting, can attach to topics, discouraging engagement. Simone advised developers to ensure a calm state of mind before learning, as stress or emotional overload can block retention. She highlighted that 80% of new information is lost within 24 hours unless actively encoded, emphasizing the need for deliberate learning strategies.
Sense and Meaning: Foundations of Learning
To encode knowledge effectively, Simone proposed two key questions: “Do I understand it?” and “Why do I need to know it?” Understanding requires a foundational knowledge base; if lacking, developers should step back to build it. Relevance ensures the brain prioritizes information, making it memorable. For example, linking a conference talk’s concepts to immediate job tasks increases retention. Simone stressed focusing on differences rather than similarities when learning (e.g., distinguishing Java’s inheritance from polymorphism), as this aids retrieval by creating distinct mental cues.
Optimizing Retrieval Through Chunking
Retrieval relies on cues, mood, context, and storage systems. Simone emphasized “chunking” as a critical skill, where information is grouped into meaningful units. Senior developers excel at chunking, recalling code as structured patterns rather than individual lines, as shown in a study where seniors outperformed juniors in code recall due to better organization. She recommended code reading clubs to practice chunking, sharing a GitHub resource for organizing them. Categorical chunking, using a blueprint like advantages, disadvantages, and differences, further organizes knowledge for consistent retrieval across topics.
Timing and Cycles for Effective Learning
Simone discussed biological cycles affecting focus, noting a “dark hole of learning” post-midday when energy dips. She advised scheduling learning for morning or late afternoon peaks. The primacy-recency effect suggests splitting a learning session into three cycles of prime time (intense focus), downtime (reflection or breaks), and a second prime time. During downtime, avoid distractions like scrolling X, as fatigue amplifies procrastination. Instead, practice with new knowledge or take a walk to boost blood flow, enhancing retention by allowing the brain to consolidate information.
AI as a Learning Accelerator
Simone hypothesized that AI tools like ChatGPT, NotebookLM, and Napkin accelerate learning by providing personalized, accessible content but may weaken retrieval by reducing neural pathway reinforcement. She demonstrated using ChatGPT to plan a quantum computing session, dividing it into three blocks with reflection and application tasks. NotebookLM summarized sources into podcasts, while Napkin visualized concepts like process flows. These tools enhance engagement through varied sensory inputs but require critical thinking to evaluate outputs. Simone urged developers to train this skill through peer reviews and higher-order questioning, ensuring AI complements rather than replaces human judgment.
Links:
[DevoxxBE2024] Mayday Mark 2! More Software Lessons From Aviation Disasters by Adele Carpenter
At Devoxx Belgium 2024, Adele Carpenter delivered a gripping follow-up to her earlier talk, diving deeper into the technical and human lessons from aviation disasters and their relevance to software engineering. With a focus on case studies like Air France 447, Copa Airlines 201, and British Midlands 92, Adele explored how system complexity, redundancy, and human factors like cognitive load and habituation can lead to catastrophic failures. Her session, packed with historical context and practical takeaways, highlighted how aviation’s century-long safety evolution offers critical insights for building robust, human-centric software systems.
The Evolution of Aviation Safety
Adele began by tracing the rapid rise of aviation from the Wright Brothers’ 1903 flight to the jet age, catalyzed by two world wars and followed by a 20% annual growth in commercial air traffic by the late 1940s. This rapid adoption led to a peak in crashes during the 1970s, with 230 fatal incidents, primarily due to pilot error, as shown in data from planecrashinfo.com. However, safety has since improved dramatically, with fatalities dropping to one per 10 million passengers by 2019. Key advancements, like Crew Resource Management (CRM) introduced after the 1978 United Airways 173 crash, reduced pilot-error incidents by enhancing cockpit communication. The 1990s and 2000s saw further gains through fly-by-wire technology, automation, and wind shear detection systems, making aviation a remarkable engineering success story.
The Perils of Redundancy and Complexity
Using Air France 447 (2009) as a case study, Adele illustrated how excessive redundancy can overwhelm users. The Airbus A330’s three pitot tubes, feeding airspeed data to multiple Air Data Inertial Reference Units (ADIRUs), failed due to icing, causing the autopilot to disconnect and bombard pilots with alerts. In alternate law, without anti-stall protection, the less-experienced pilot’s nose-up input led to a stall, exacerbated by conflicting control inputs in the dark cockpit. This cascade of failures—compounded by sensory overload and inadequate training—resulted in 228 deaths. Adele drew parallels to software, recounting an downtime incident at Trifork caused by a RabbitMQ cluster sync issue, highlighting how poorly understood redundancy can paralyze systems under pressure.
Deadly UX and Consistency Over Correctness
Copa Airlines 201 (1992) underscored the dangers of inconsistent user interfaces. A faulty captain’s vertical gyro fed bad data, disconnecting the autopilot. The pilots, trained on a simulator where a switch’s “left” position selected auxiliary data, inadvertently set both displays to the faulty gyro due to a reversed switch design in the actual Boeing 737. This “deadly UX” caused the plane to roll out of the sky, killing all aboard. Adele emphasized that consistency in design—over mere correctness—is critical in high-stakes systems, as it aligns with human cognitive limitations, reducing errors under stress.
Human Factors: Assumptions and Irrationality
British Midlands 92 (1989) highlighted how assumptions can derail decision-making. Experienced pilots, new to the 737-400, mistook smoke from a left engine fire for a right engine issue due to a design change in air conditioning systems. Shutting down the wrong engine led to a crash beside a motorway, though 79 of 126 survived. Adele also discussed irrational behavior under stress, citing the Manchester Airport disaster (1984), where 55 died from smoke inhalation during an evacuation. Post-crash recommendations, like strip lighting and wider exits, addressed irrational human behavior in emergencies, offering lessons for software in designing for stressed users.
Habituation and Complacency
Delta Airlines 1141 (1988) illustrated the risks of habituation, where routine dulls vigilance. Pilots, accustomed to the pre-flight checklist, failed to deploy flaps, missing a warning due to a modified takeoff alert system. The crash after takeoff killed 14. Adele likened this to software engineers ignoring frequent alerts, like her colleague Pete with muted notifications. She urged designing systems that account for human tendencies like habituation, ensuring alerts are meaningful and workflows prevent complacency. Her takeaways emphasized understanding users’ cognitive limits, balancing redundancy with simplicity, and prioritizing human-centric design to avoid software disasters.
Links:
[DevoxxBE2024] Java Language Futures by Gavin Bierman
Gavin Bierman, from Oracle’s Java Platform Group, captivated attendees at Devoxx Belgium 2024 with a forward-looking talk on Java’s evolution under Project Amber. Focusing on productivity-oriented language features, Gavin outlined recent additions like records, sealed classes, and pattern matching, while previewing upcoming enhancements like simplified main methods and flexible constructor bodies. His session illuminated Java’s design philosophy—prioritizing readability, explicit programmer intent, and compatibility—while showcasing how these features enable modern, data-oriented programming paradigms suited for today’s microservices architectures.
Project Amber’s Mission: Productivity and Intent
Gavin introduced Project Amber as a vehicle for delivering smaller, productivity-focused Java features, leveraging the six-month JDK release cadence to preview and finalize enhancements. Unlike superficial syntax changes, Amber emphasizes exposing programmer intent to improve code readability and reduce bugs. Compatibility is paramount, with breaking changes minimized, as Java evolves to address modern challenges distinct from its 1995 origins. Gavin highlighted how features like records and sealed classes make intent explicit, enabling the compiler to enforce constraints and provide better error checking, aligning with the needs of contemporary applications.
Records: Simplifying Data Carriers
Records, introduced to streamline data carrier classes, were a key focus. Gavin demonstrated how a Point class with two integers requires verbose boilerplate (constructors, getters, equals, hashCode) that obscures intent. Records (record Point(int x, int y)) eliminate this by auto-generating a canonical constructor, accessor methods, and value-based equality, ensuring immutability and transparency. This explicitness allows the compiler to enforce a contract: constructing a record from its components yields an equal instance. Records also support deserialization via the canonical constructor, ensuring domain-specific constraints, making them safer than traditional classes.
Sealed Classes and Pattern Matching
Sealed classes, shipped in JDK 17, allow developers to restrict class hierarchies explicitly. Gavin showed a Shape interface sealed to permit only Circle and Rectangle implementations, preventing unintended subclasses at compile or runtime. This clarity enhances library design by defining precise interfaces. Pattern matching, enhanced in JDK 21, further refines this by enabling type patterns and record patterns in instanceof and switch statements. For example, a switch over a sealed Shape interface requires exhaustive cases, eliminating default clauses and reducing errors. Nested record patterns allow sophisticated data queries, handling nulls safely without exceptions.
Data-Oriented Programming with Amber Features
Gavin illustrated how records, sealed classes, and pattern matching combine to support data-oriented programming, ideal for microservices exchanging pure data. He reimagined the Future class’s get method, traditionally complex due to multiple control paths (success, failure, timeout, interruption). By modeling the return type as a sealed AsyncReturn interface with four record implementations (Success, Failure, Timeout, Interrupted), and using pattern matching in a switch, developers handle all cases uniformly. This approach simplifies control flow, ensures exhaustiveness, and leverages Java’s type safety, contrasting with error-prone exception handling in traditional designs.
Future Features: Simplifying Java for All
Looking ahead, Gavin previewed features in JDK 23 and beyond. Simplified main methods allow beginners to write void main() without boilerplate, reducing cognitive load while maintaining full Java compatibility. The with expression for records enables concise updates (e.g., doubling a component) without redundant constructor calls, preserving domain constraints. Flexible constructor bodies (JEP 482) relax top-down initialization, allowing pre-super call logic to validate inputs, addressing issues like premature field access in subclass constructors. Upcoming enhancements include patterns for arbitrary classes, safe template programming, and array pattern matching, promising further productivity gains.
Links:
[DevoxxBE2024] Performance-Oriented Spring Data JPA & Hibernate by Maciej Walkowiak
At Devoxx Belgium 2024, Maciej Walkowiak delivered a compelling session on optimizing Spring Data JPA and Hibernate for performance, a critical topic given Hibernate’s ubiquity and polarizing reputation in Java development. With a focus on practical solutions, Maciej shared insights from his extensive consulting experience, addressing common performance pitfalls such as poor connection management, excessive queries, and the notorious N+1 problem. Through live demos and code puzzles, he demonstrated how to configure Hibernate and Spring Data JPA effectively, ensuring applications remain responsive and scalable. His talk emphasized proactive performance tuning during development to avoid production bottlenecks.
Why Applications Slow Down
Maciej opened by debunking myths about why applications lag, dismissing outdated notions that Java or databases are inherently slow. Instead, he pinpointed the root cause: misuse of technologies like Hibernate. Common issues include poor database connection management, which can halt applications, and issuing excessive or slow queries due to improper JPA mappings or over-fetching data. Maciej stressed the importance of monitoring tools like DataDog APM, which revealed thousands of queries in a single HTTP request in one of his projects, taking over 7 seconds. He urged developers to avoid guessing and use tracing tools or SQL logging to identify issues early, ideally during testing with tools like Digma’s IntelliJ plugin.
Optimizing Database Connection Management
Effective connection management is crucial for performance. Maciej explained that establishing database connections is costly due to network latency and authentication overhead, especially in PostgreSQL, where each connection spawns a new OS process. Connection pools, standardized in Spring Boot, mitigate this by creating a fixed number of connections (default: 10) at startup. However, developers must ensure connections are released promptly to avoid exhaustion. Using FlexyPool and Spring Boot Data Source Decorator, Maciej demonstrated logging connection acquisition and release times. In one demo, a transactional method unnecessarily held a connection for 273 milliseconds due to an external HTTP call within the transaction. Disabling spring.jpa.open-in-view reduced this to 61 milliseconds, freeing the connection after the transaction completed.
Transaction Management for Efficiency
Maciej highlighted the pitfalls of default transaction settings and nested transactions. By default, Spring Boot’s auto-commit mode triggers commits after each database interaction, but disabling it (spring.datasource.auto-commit=false) delays connection acquisition until the first database interaction, reducing connection hold times. For complex workflows, he showcased the TransactionTemplate for programmatic transaction management, allowing developers to define transaction boundaries within a method without creating artificial service layers. This approach avoids issues with @Transactional(propagation = Propagation.REQUIRES_NEW), which can occupy multiple connections unnecessarily, as seen in a demo where nested transactions doubled connection usage, risking pool exhaustion.
Solving the N+1 Problem and Over-Fetching
The N+1 query problem, a common Hibernate performance killer, occurs when lazy-loaded relationships trigger additional queries per entity. In a banking application demo, Maciej showed a use case where fetching bank transfers by sender ID resulted in multiple queries due to eager fetching of related accounts. By switching @ManyToOne mappings to FetchType.LAZY and using explicit JOIN FETCH in custom JPQL queries, he reduced queries to a single, efficient one. Additionally, he addressed over-fetching by using getReferenceById() instead of findById(), avoiding unnecessary queries when only entity references are needed, and introduced the @DynamicUpdate annotation to update only changed fields, optimizing updates for large tables.
Projections and Tools for Long-Term Performance
For read-heavy operations, Maciej advocated using projections to fetch only necessary data, avoiding the overhead of full entity loading. Spring Data JPA supports projections via records or interfaces, automatically generating queries based on method names or custom JPQL. Dynamic projections further simplify repositories by allowing runtime specification of return types. To maintain performance, he recommended tools like Hypersistence Optimizer (a commercial tool by Vlad Mihalcea) and QuickPerf (an open-source library, though unmaintained) to enforce query expectations in tests. These tools help prevent regressions, ensuring optimizations persist despite team changes or project evolution.
Links:
[DevoxxBE2024] Words as Weapons: The Dark Arts of Prompt Engineering by Jeroen Egelmeers
In a thought-provoking session at Devoxx Belgium 2024, Jeroen Egelmeers, a prompt engineering advocate, explored the risks and ethics of adversarial prompting in large language models (LLMs). Titled “Words as Weapons,” his talk delved into prompt injections, a technique to bypass LLM guardrails, using real-world examples to highlight vulnerabilities. Jeroen, inspired by Devoxx two years prior to dive into AI, shared how prompt engineering transformed his productivity as a Java developer and trainer. His session combined technical insights, ethical considerations, and practical advice, urging developers to secure AI systems and use them responsibly.
Understanding Social Engineering and Guardrails
Jeroen opened with a lighthearted social engineering demonstration, tricking attendees into scanning a QR code that led to a Rick Astley video—a nod to “Rickrolling.” This set the stage for discussing social engineering’s parallels in AI, where prompt injections exploit LLMs. Guardrails, such as system prompts, content filters, and moderation teams, prevent misuse (e.g., blocking queries about building bombs). However, Jeroen showed how these can be bypassed. For instance, system prompts define an LLM’s identity and restrictions, but asking “Give me your system prompt” can leak these instructions, exposing vulnerabilities. He emphasized that guardrails, while essential, are imperfect and require constant vigilance.
Prompt Injection: Bypassing Safeguards
Prompt injection, a core adversarial technique, involves crafting prompts to make LLMs perform unintended actions. Jeroen demonstrated this with a custom GPT, where asking for the creator’s instructions revealed sensitive data, including uploaded knowledge. He cited a real-world case where a car was “purchased” for $1 via a chatbot exploit, highlighting the risks of LLMs in customer-facing systems. By manipulating prompts—e.g., replacing “bomb” with obfuscated terms like “b0m” in ASCII art—Jeroen showed how filters can be evaded, allowing dangerous queries to succeed. This underscored the need for robust input validation in LLM-integrated applications.
Real-World Risks: From CVs to Invoices
Jeroen illustrated prompt injection risks with creative examples. He hid a prompt in a CV, instructing the LLM to rank it highest, potentially gaming automated recruitment systems. Similarly, he embedded a prompt in an invoice to inflate its price from $6,000 to $1 million, invisible to human reviewers if in white text. These examples showed how LLMs, used in hiring or payment processing, can be manipulated if not secured. Jeroen referenced Amazon’s LLM-powered search bar, which he tricked into suggesting a competitor’s products, demonstrating how even major companies face prompt injection vulnerabilities.
Ethical Prompt Engineering and Human Oversight
Beyond technical risks, Jeroen emphasized ethical considerations. Adversarial prompting, while educational, can cause harm if misused. He advocated for a “human in the loop” to verify LLM outputs, especially in critical applications like invoice processing. Drawing from his experience, Jeroen noted that prompt engineering boosted his productivity, likening LLMs to indispensable tools like search engines. However, he cautioned against blind trust, comparing LLMs to co-pilots where developers remain the pilots, responsible for outcomes. He urged attendees to learn from past mistakes, citing companies that suffered from prompt injection exploits.
Key Takeaways and Resources
Jeroen concluded with a call to action: identify one key takeaway from Devoxx and pursue it. For AI, this means mastering prompt engineering while prioritizing security. He shared a website with resources on adversarial prompting and risk analysis, encouraging developers to build secure AI systems. His talk blended humor, technical depth, and ethical reflection, leaving attendees with a clear understanding of prompt injection risks and the importance of responsible AI use.
Links:
[DevoxxBE2024] Project Panama in Action: Building a File System by David Vlijmincx
At Devoxx Belgium 2024, David Vlijmincx delivered an engaging session on Project Panama, demonstrating its power by building a custom file system in Java. This practical, hands-on talk showcased how Project Panama simplifies integrating C libraries into Java applications, replacing the cumbersome JNI with a more developer-friendly approach. By leveraging Fuse, virtual threads, and Panama’s memory management capabilities, David walked attendees through creating a functional file system, highlighting real-world applications and performance benefits. His talk emphasized the ease of integrating C libraries and the potential to build high-performance, innovative solutions.
Why Project Panama Matters
David began by addressing the challenges of JNI, which many developers find frustrating due to its complexity. Project Panama, part of OpenJDK, offers a modern alternative for interoperating with native C libraries. With a vast ecosystem of specialized C libraries—such as io_uring for asynchronous file operations or libraries for AI and keyboard communication—Panama enables Java developers to access functionality unavailable in pure Java. David demonstrated this by comparing file reading performance: using io_uring with Panama, he read files faster than Java’s standard APIs (e.g., BufferedReader or Channels) in just two nights of work, showcasing Panama’s potential for performance-critical applications.
Building a File System with Fuse
The core of David’s demo was integrating the Fuse (Filesystem in Userspace) library to create a custom file system. Fuse acts as a middle layer, intercepting commands like ls from the terminal and passing them to a Java application via Panama. David explained how Fuse provides a C struct that Java developers can populate with pointers to Java methods, enabling seamless communication between C and Java. This struct, filled with method pointers, is mounted to a directory (e.g., ~/test), allowing the Java application to handle file system operations transparently to the user, who sees only the terminal output.
Memory Management with Arenas
A key component of Panama is its memory management via arenas, which David used to allocate memory for passing strings to Fuse. He demonstrated using Arena.ofShared(), which allows memory sharing across threads and explicit lifetime control via try-with-resources. Other arena types, like Arena.ofConfined() (single-threaded) or Arena.global() (unbounded lifetime), were mentioned for context. David allocated a memory segment to store pointers to a string array (e.g., ["-f", "-d", "~/test"]) and used Arena.allocateFrom() to create C-compatible strings. This ensured safe memory handling when interacting with Fuse, preventing leaks and simplifying resource management.
Downcalls and Upcalls: Bridging Java and C
David detailed the process of making downcalls (Java to C) and upcalls (C to Java). For downcalls, he created a function descriptor mirroring the C method’s signature (e.g., fuse_main_real, returning an int and taking parameters like string arrays and structs). Using Linker.nativeLinker(), he generated a platform-specific linker to invoke the C method. For upcalls, he recreated Fuse’s struct in Java using MemoryLayout.structLayout, populating it with pointers to Java methods like getattr. Tools like JExtract simplified this by generating bindings automatically, reducing boilerplate code. David showed how JExtract creates Java classes from C headers, though it requires an additional abstraction layer for user-friendly APIs.
Implementing File System Operations
David implemented two file system operations: reading files and creating directories. For reading, he extracted the file path from a memory segment using MemorySegment.getString(), checked if it was a valid file, and copied file contents into a buffer with MemorySegment.reinterpret() to handle size constraints. For directory creation, he added paths to a map, demonstrating simplicity. Running the application mounted the file system to ~/test, where commands like mkdir and echo worked seamlessly, with Fuse calling Java methods via upcalls. David unmounted the file system, showing its clean integration. Performance tips included reusing method handles and memory segments to avoid overhead, emphasizing careful memory management.
Links:
[DevoxxBE2024] A Kafka Producer’s Request: Or, There and Back Again by Danica Fine
Danica Fine, a developer advocate at Confluent, took Devoxx Belgium 2024 attendees on a captivating journey through the lifecycle of a Kafka producer’s request. Her talk demystified the complex process of getting data into Apache Kafka, often treated as a black box by developers. Using a Hobbit-themed example, Danica traced a producer.send() call from client to broker and back, detailing configurations and metrics that impact performance and reliability. By breaking down serialization, partitioning, batching, and broker-side processing, she equipped developers with tools to debug issues and optimize workflows, making Kafka less intimidating and more approachable.
Preparing the Journey: Serialization and Partitioning
Danica began with a simple schema for tracking Hobbit whereabouts, stored in a topic with six partitions and a replication factor of three. The first step in producing data is serialization, converting objects into bytes for brokers, controlled by key and value serializers. Misconfigurations here can lead to errors, so monitoring serialization metrics is crucial. Next, partitioning determines which partition receives the data. The default partitioner uses a key’s hash or sticky partitioning for keyless records to distribute data evenly. Configurations like partitioner.class, partitioner.ignore.keys, and partitioner.adaptive.partitioning.enable allow fine-tuning, with adaptive partitioning favoring faster brokers to avoid hot partitions, especially in high-throughput scenarios like financial services.
Batching for Efficiency
To optimize throughput, Kafka groups records into batches before sending them to brokers. Danica explained key configurations: batch.size (default 16KB) sets the maximum batch size, while linger.ms (default 0) controls how long to wait to fill a batch. Setting linger.ms above zero introduces latency but reduces broker load by sending fewer requests. buffer.memory (default 32MB) allocates space for batches, and misconfigurations can cause memory issues. Metrics like batch-size-avg, records-per-request-avg, and buffer-available-bytes help monitor batching efficiency, ensuring optimal throughput without overwhelming the client.
Sending the Request: Configurations and Metrics
Once batched, data is sent via a produce request over TCP, with configurations like max.request.size (default 1MB) limiting batch volume and acks determining how many replicas must acknowledge the write. Setting acks to “all” ensures high durability but increases latency, while acks=1 or 0 prioritizes speed. enable.idempotence and transactional.id prevent duplicates, with transactions ensuring consistency across sessions. Metrics like request-rate, requests-in-flight, and request-latency-avg provide visibility into request performance, helping developers identify bottlenecks or overloaded brokers.
Broker-Side Processing: From Socket to Disk
On the broker, requests enter the socket receive buffer, then are processed by network threads (default 3) and added to the request queue. IO threads (default 8) validate data with a cyclic redundancy check and write it to the page cache, later flushing to disk. Configurations like num.network.threads, num.io.threads, and queued.max.requests control thread and queue sizes, with metrics like network-processor-avg-idle-percent and request-handler-avg-idle-percent indicating thread utilization. Data is stored in a commit log with log, index, and snapshot files, supporting efficient retrieval and idempotency. The log.flush.rate and local-time-ms metrics ensure durable storage.
Replication and Response: Completing the Journey
Unfinished requests await replication in a “purgatory” data structure, with follower brokers fetching updates every 500ms (often faster). The remote-time-ms metric tracks replication duration, critical for acks=all. Once replicated, the broker builds a response, handled by network threads and queued in the response queue. Metrics like response-queue-time-ms and total-time-ms measure the full request lifecycle. Danica emphasized that understanding these stages empowers developers to collaborate with operators, tweaking configurations like default.replication.factor or topic-level settings to optimize performance.
Empowering Developers with Kafka Knowledge
Danica concluded by encouraging developers to move beyond treating Kafka as a black box. By mastering configurations and monitoring metrics, they can proactively address issues, from serialization errors to replication delays. Her talk highlighted resources like Confluent Developer for guides and courses on Kafka internals. This knowledge not only simplifies debugging but also fosters better collaboration with operators, ensuring robust, efficient data pipelines.