Sunday, March 18, 2012

Episode 68

Unsupported Operation Episode 68

Java / Misc




Monday, March 12, 2012

Episode 67

Unsupported Operation 67



Web Stuff

  • NettoSphere - A WebSocket and HTTP server based on Atmosphere and Netty.
  • vert.x - node.js like asynchronous web server/platform - lets you write applications in js, ruby, and java. comes with distributed event bus, websocket support, tcp/ssl, pre made modules for mailer, authentication, work queues
  • Thymeleaf 2.0 - XML/HTML specific template engine.
  • GateIN 3.2.0 Final - people still use portal servers?
  • JRebel 4.6 released, JRebel for Vaadin announced

Apache / Maven / Related

  • Shavenmaven - super-lightweight dependency management - NO XML - just URLs
  • Grails 2.0.1 now uses RichardStyle composites, and hopefully will make its way to “Apache Maven Central” soon.
  • Apache Jena 0.9.0 - Java framework for building Semantic Web
  • Commons Math 3.0
  • Apache Camel 2.9.1
  • Apache Hama 0.4 - incubating - metrics on Hadoop
  • Apache Rave 0.8 - incubating - social mashup
  • Apache Tomcat Native 1.1.23
  • Apache Ant 1.8.3
  • Directory studio 2.0.M3
  • ApacheDS 2.0.0-M6
  • Apache Directory LDAP 1.0.0-M11
  • Apache Commons Daemon 1.0.10
  • Apache ACE has become a top level project
  • Apache OFBiz 09.04.02 (2nd TLD in a month - DeltaCloud was the other)
  • Apache MyFaces extension for CDI 1.0.4





  • Clojure 1.4 beta 4
  • First Github got hacked, then node.js’s NPM, Clojars takes precautions:

    Hello folks!

    In light of the recent break-in to the Node.js package hosting site (, I’ve decided to bump the priority of increasing the security on Clojars. I’ve deployed a fix that uses bcrypt ( for password hashing. The first time you log in, it will re-hash your password using bcrypt and wipe the old weak hash.

    Note that Clojars has NOT had a security breach at this time. This is a preventative measure to protect your password in the event of a future breach. We are also looking into allowing signed jars (and possibly requiring them for releases). If you’re interested in helping out with this effort, (design or code) please join the clojars-maintainers mailing list:

    Because we can’t ensure that everyone will log in to re-hash their password, at some point in the future (probably 2–3 weeks out) we will WIPE all the old password hashes. Otherwise users who have stopped using Clojars or missed the announcement could have their passwords exposed in the event of a future break-in. I will be sure to send out a few more warnings before this happens, but even if your password has been wiped it’s easy to reset it via the “forgot password” functionality.

    If you have any applications storing passwords hashed with SHA1 (even if you use a salt) I highly recommend you take the same steps; refer to for details.

    please log into Clojars to re-hash your password.

    Thanks for your attention.


  • Related news - Bouncy Castle 1.46 released
  • Static code analyzer for Clojure - kibit 0.0.2 now released
  • Marginalia v0.7.0 - documentation generator for clojure
  • lein 2.0 preview releases are out, and now preview2 is supported by Travis-CI
  • lein-navem is a lein plugin that converts a maven pom.xml into lein project.clj
  • Datomic is a new database service from Rich Hickey. And dayam it looks nice. Some really nice ideas in here.