How to Manually Check a Maven Signature

Gradle has powerful features to check signatures of downloaded artifacts. If you want to check that things are signed right, that’s the best place to start. But if you wanna verify an artifact’s signature manually, here’s how... Find the signer’s keyThere’s a bunch of key…

Compiler Warnings Are Good, Actually

Every so often an exasperated teammate recommends enabling -Werror in all our repos. The reasoning is sound: Compiler warnings are bad.Having lots of them is demoralizing.If we had prevented them from ever occurring we wouldn’t be in this mess.This is a particularly good policy to prevent…

Okio FileSystem Update

I’ve been working on a file system API for Kotlin Multiplatform. It’s simple & fast and I’m excited about it. We’ve got these: FileSystem.SYSTEM: the local file system.FakeFileSystem: our in-memory implementation. Use checkNoOpenFiles() to be confident that your code doesn’t leak!ForwardingFileSystem: like…

Big Things Aren’t Just Bigger Versions of Small Things

I’ve been working on a product that’s grown from 5 developers in 2013 to 400 developers today. Our product complexity and customer numbers have grown similarly. I’m lucky and thankful to have been on a team whose hard work has paid off so much. But I’m…

Discovering Limits

All systems have limits. If I don’t design for them that doesn’t make them disappear! It just means I’ll be unprepared when they’re reached. Most of the systems I work on accept HTTP requests, perform operations on databases to satisfy them, and format their responses. Though…

Gradle’s includeBuild() is Awesome

I’ve worked on teams that use many repositories and teams that put everything into a giant monorepo. But no matter how much code we jam into git, there’s always something else on the outside. Gradle’s includeBuild() feature smashes multiple projects together into one. Recently I used it…

I Love Control Flow

As discussed previously, I’m working on a file system API for Okio. I’ve already written real & testing implementations, and now I’m adding ZipFileSystem: it views a zip archive as a read-only file system. Most of the work is reading specs, writing tests, and learning the gotchas…

NullPointerException: bio == null

Sometimes multiple threads close the same Socket concurrently. Unfortunately, Android 10 and 11 may crash when this happens: java.lang.NullPointerException: bio == null at com.android.org.conscrypt.NativeCrypto.SSL_pending_written_bytes_in_BIO() at com.android.org.conscrypt.NativeSsl$BioWrapper.getPendingWrittenBytes() at com.android.org.conscrypt.ConscryptEngine.pendingOutboundEncryptedBytes(…