Supply chain security has become a critical topic in the security world in recent years, and while SBOMs are a foundational piece, they are still infrequently generated and even less frequently used in a way that meaningfully improves software supply chain security. To address this gap, the OCX session “...
As long as an organisation participates in a single data space, ecosystem-specific trust frameworks work reasonably well: rules are defined, compliance is checked, and trust decisions stay inside a bounded context. The challenge begins when organisations need to operate across multiple data spaces at the same time, a scenario that...
When I Code Java was cancelled with short notice, Phillip, Buhake and I scrambled and created a substitute event. With funds from the Eclipse Foundation concept of Open Community Meetup and the organisation of Jozi-JUG, we created JakartaOne by Jozi-JUG where Phillip and I presented. The event had 208 registered...
Domain-specific languages (DSLs) often divide engineering teams. When they work, they make complex systems easier to reason about. When they fail, they become costly internal tools that no one maintains. The real challenge is not how to build a DSL, but when building one is justified. That question will sit...
Welcome to issue number three hundred and twenty of Hashtag Jakarta EE! Ooops, I amn an little late publishing Hashtag Jakarta EE number 320. I am currently on my way home from Johannesburg and a successful JakartaOne by Jozi-JUG. I will write more about the event in a separate post...
AI-assisted development is no longer judged by how impressive it looks in a demo. For teams working on real systems, the question is whether AI still holds up once it meets real workflows, real constraints, and real delivery pressure. That question will be answered at OCX by Jonas Helming. As...
For a long time, enterprise Java persistence has been approached as a largely stable area of the stack. Entities, an ORM, and a relational database were sufficient for many systems, and JPA became a widely adopted and reliable way to manage data access. That stability, however, has also shaped how...
The Open VSX Registry has become widely used infrastructure for modern developer tools. That growth reflects strong trust from the ecosystem, and it brings a shared responsibility to keep the Registry reliable, predictable, and equitable for everyone who depends on it. In a previous post, I shared an update on...
Many Java teams already generate Software Bills of Materials (SBOMs). In isolation, that is not particularly difficult. What is more challenging, and increasingly important under the EU Cyber Resilience Act (CRA), is demonstrating that an SBOM accurately reflects what is actually running in production. Ixchel Ruiz is a senior software...
Welcome to issue number three hundred and nineteen of Hashtag Jakarta EE! As I am writing this, I am sitting in my hotel in Johannesburg, South Africa. Me being here is actually as success story. I was supposed to present Jakarta EE at I Code Java on Tuesday and Wednesday...