Forem: Priyanshu Belwal

Strict Mode in JavaScript: A Comprehensive Guide

Priyanshu Belwal — Thu, 04 Jan 2024 13:01:19 +0000

Javascript is a widely used programming language, famous for its dynamic nature. As a good developer, we tends to write clean, maintainable and error-free code. There are various tools and features which enhances the language's capabilities and helps developers to write more robuts and reliable JavaScript code. Strict Mode is also a set of rules introduced in ECMAScript 5 (ES5) to help developers for the same.

What is Strict Mode?

Strict Mode is a feature in JavaScript that allows developers to opt into a more restricted and disciplined variant of the language. When enabled, it catches common coding mistakes, prevents the use of certain error-prone features, and promotes writing secure and maintainable code. Strict Mode was introduced to address some of the language's design flaws and provide a safer development environment.

To enable Strict Mode, we simply add the following directive to the top of our JavaScript file or within a function:

"use strict";

Why Strict Mode:

There are some benefits included in Strict Mode, which are following:

1. Error Prevention

Strict Mode helps catch common coding errors by turning them into explicit exceptions. For example, in non-strict mode, assigning a value to an undeclared variable would create a global variable. In Strict Mode, this would throw a ReferenceError, preventing accidental global variable leakage.

// Non-strict mode
undeclaredVariable = 42; // No error, creates a global variable

// Strict mode
"use strict";
undeclaredVariable = 42; // Throws a ReferenceError

2. Elimination of Silent Failures

In non-strict mode, some actions may fail silently, leading to unexpected behavior. Strict Mode makes these failures more noticeable by turning them into errors. For instance, assignments to read-only properties and assignments to undeclared variables are flagged as errors in Strict Mode.

// Non-strict mode
var obj = {};
Object.defineProperty(obj, 'x', { value: 42, writable: false });
obj.x = 10; // No error, fails silently

// Strict mode
"use strict";
var obj = {};
Object.defineProperty(obj, 'x', { value: 42, writable: false });
obj.x = 10; // Throws a TypeError

3. Safer Code

Strict Mode prohibits certain "unsafe" actions, such as using with statements and assigning values to read-only properties. By disallowing these practices, developers are encouraged to adopt safer alternatives, leading to more reliable code.

// Non-strict mode
with (Math) {
  result = sqrt(9); // May lead to unexpected behavior
}

// Strict mode
"use strict";
with (Math) {
  result = sqrt(9); // Throws a SyntaxError
}

Strict Mode Restrictions

Below are some of the restrictions in Strict Mode, described in brief:

1. Variable Declarations:

Undeclared Variables: Assigning a value to an undeclared variable throws a ReferenceError.
Duplicate Parameter Names: Defining a function with duplicate parameter names results in a SyntaxError.

2. Assignments

Read-only Properties: Assigning a value to a read-only property or a non-writable global variable throws a TypeError.
Assignment to eval and arguments: Assigning values to eval and arguments is prohibited.

3. Functions

Octal Syntax: Octal literals (e.g., 0123) are not allowed.
with Statements: The use of with statements is forbidden.
arguments Object: Writing to the arguments object doesn't affect named parameters.

4. Miscellaneous

delete Operator: Deleting variables, functions, or function arguments is not allowed.
Restricted Identifiers: Using certain keywords, such as eval and arguments, as variable or function names is not allowed.
this Binding: Assigning values to this in non-constructor functions is prohibited.

Conclusion

Strict Mode in JavaScript is a valuable tool for developers aiming to write safer and more maintainable code. By catching common errors, eliminating silent failures, and imposing stricter rules, it helps prevent bugs and enhances code quality. While it may introduce a learning curve for those accustomed to more lenient JavaScript, the long-term benefits in terms of code reliability and maintainability make it a worthwhile addition to any development workflow.

Securing Kubernetes with RBAC: A Quick Guide

Priyanshu Belwal — Tue, 26 Dec 2023 02:07:08 +0000

Role-Based Access Control (RBAC) serves as a fundamental pillar in safeguarding and regulating access within the bustling Kubernetes ecosystem, where services, pods, and nodes act as diverse entities. Similar to a city's need for a comprehensive system to manage access to buildings and resources, Kubernetes relies on RBAC to control access to its myriad resources.

In a distributed and segmented operational landscape, RBAC provides granular control over user permissions, preventing chaos in a multi-tenant environment. Without RBAC, managing permissions would be equivalent to leaving the doors of a secure facility unlocked, risking unauthorized access.

At its core, Kubernetes RBAC revolves around defining roles with specific permissions, assigning these roles to users or groups, and tailoring access rights precisely to the cluster's needs. This approach ensures both security and operational efficiency within the Kubernetes environment.

1. Roles and ClusterRoles:

Roles operate at the namespace level, defining a set of permissions for resources within a specific namespace. ClusterRoles, on the other hand, operate at the cluster level, providing permissions across all namespaces.
Roles are used to grant access within a limited scope, allowing fine-grained control over resources like pods, services, and deployments. ClusterRoles are suitable for granting broad access to cluster-wide resources like nodes, persistent volumes, and other non-namespaced objects.

i. Role Example In Kubernetes:

A Role in the “ns-sample-system” namespace granting read access to pods:

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: ns-sample-system
  name: pod-reader
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

ii. ClusterRole Example In Kubernetes:

A ClusterRole, which is granting read access to secrets across all namespaces:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: secret-reader
rules:
- apiGroups: [""]
  resources: ["secrets"]
  verbs: ["get", "watch", "list"]

2. Understanding Verbs Used in RBAC:

Kubernetes actions are defined in the form of Verbs like below:

Get: Allows reading a specific resource.
List: Permits listing all instances of a resource.
Watch: Enables watching changes to a particular resource.
Create: Grants the ability to create new instances of a resource.
Update: Provides permission to modify existing resources.
Patch: Similar to update, but for making partial changes.
Delete: Allows the removal of specific resources.
Exec: Permits executing commands in a container.
Bind: Enables linking a role to specific subjects.

3. ServiceAccounts in Kubernetes:

ServiceAccounts are like worker robots in Kubernetes, playing a crucial role in making things happen automatically. Unlike accounts for people, these are for applications and pods. Just picture them as robot users doing specific jobs in the Kubernetes world. These jobs can be anything from running a pod to handling workloads or talking to the Kubernetes API. Essentially, ServiceAccounts act as the automated helpers that keep the Kubernetes cluster running smoothly by taking care of various tasks without needing human intervention.

i. Integrating ServiceAccounts with RBAC:

Connecting ServiceAccounts with RBAC lets Kubernetes administrators give special jobs to automated processes. This makes sure that the access control system is both careful and secure. It doesn't just regulate people using the system but also makes sure that automated processes follow the same strict security rules. Below example illustrate the example of applying RBAC on the deployment-service-account.

Role For Deployment Service Account:

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: deployment
  name: deployment-manager
rules:
- apiGroups: ["apps", ""]
  resources: ["deployments", "pods"]
  verbs: ["create", "update", "delete"]

Binding Role With Service Account:

kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: deployment-manager-binding
  namespace: deployment
subjects:
- kind: ServiceAccount
  name: deployment-service-account
  namespace: deployment
roleRef:
  kind: Role
  name: deployment-manager
  apiGroup: rbac.authorization.k8s.io

4. RBAC Best Practices:

Implementing RBAC effectively involves understanding and applying best practices listed below:

i. Adhere to Least Privilege:

Grant users and service accounts the minimum permissions required to perform their tasks. This principle limits potential security risks by restricting unnecessary access.

ii. Regular Auditing and Review:

Conduct frequent audits of RBAC configurations to identify and rectify any discrepancies or outdated access permissions. This proactive approach helps maintain the security posture of the Kubernetes environment.

iii. Namespace-specific Considerations:

Understand the nuances of role bindings within namespaces. Tailor permissions to the specific requirements of each namespace, ensuring that access is finely tuned to the needs of distinct projects or teams.

iv. Document RBAC Policies:

Maintain comprehensive documentation of RBAC policies, clearly outlining roles, permissions, and the reasoning behind specific access decisions. This documentation aids in knowledge sharing and ensures a transparent understanding of the access control framework.

v. Regularly Update RBAC Policies:

Keep RBAC policies up-to-date with the evolving needs of the organization. Regularly revisit and adjust permissions to align with changes in project structures, teams, and operational requirements.

5. Conclusion: Keep Kubernetes Safe with RBAC:

In the end, using RBAC in Kubernetes is like having a smart plan to keep everything safe. It's the superhero that makes sure only the right things can do their jobs, stopping any chaos or trouble. RBAC's special powers let it control who can do what, making the whole system work smoothly and securely. So, if you want a safe and organized Kubernetes world, remember to let RBAC be your superhero!

HTTP Security Headers: Enhancing Web Application Security

Priyanshu Belwal — Mon, 09 Oct 2023 13:14:48 +0000

HTTP security headers are the fundamental part of web application security. These headers protects us against various types of attacks and tightens the security. In this article, we will discuss most commonly used HTTP headers in context to application security.

1. Enforcing HTTPS (HTTP Strict Transport Security (HSTS)):

This header helps to protect websites against man-in-the-middle attacks and cookie hijacking.
Let's assume, we have one website www.example.com. Suppose some users are visiting our HTTP website, and we are redirecting our HTTP users to HTTPS via redirection as a solution.
Since visitors may first communicate with the non-encrypted version of the site before being redirected. This creates an opportunity for a man-in-the-middle attack.
The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests.

Example:

Strict-Transport-Security: max-age=<expire-time>; includeSubDomains

max-age= directive allows us to specify the amount of time (in seconds) that the content of the header will be stored in the browser cache.
includeSubDomains directive specifies that this rule applies to all of the site's subdomains as well.

2. Cross-Site Scripting Protection (X-XSS):

Cross-Site Scripting (XSS) happen when hackers take advantage of a security hole to upload malicious scripts to a website which are then downloaded to a victim’s browser. The HTTP X-XSS-Protection response header is a feature of browsers, that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

Example:

X-XSS-Protection: 0  (Disable the XSS Filtering)
X-XSS-Protection: 1 (Enable the XSS Filtering and remove the unsafe part)
X-XSS-Protection: 1; mode=block (Entire page is being prevented from rendering)

3. IFrame Protection:

The X-Frame-Options security header helps stop click-jacking attacks. It instructs the browser whether a web page should be allowed to render a , , or element on website or not.

Example:

X-Frame-Options: DENY (This will not allow to page rendering in a iframe)
X-Frame-Options: SAMEORIGIN (This will allow the page to only be displayed in a iframe over same domain)

4. Content-Type Sniffing Prevention:

The X-Content-Type-Options HTTP header is used to instruct the browser that the MIME types provided in the Content-Type headers should be followed and not guessed. This is used to prevent MIME Confusion Attacks.

Suppose an attacker changes the response for an innocent resource, such as an image to an executable script. If MIME sniffing is enabled, the browser will ignore the declared image content type, and instead of rendering an image will execute the malicious script.

Example:

X-Content-Type-Options: nosniff (Instructs browser to not guess the mime type of resource)

5. Content Security Policy (CSP):

This is a security feature, which is used to specify the origin of content that is allowed to be loaded on a web page. If implemented properly, this policy prevents the exploitation of Cross-Site Scripting (XSS), ClickJacking, and HTML injection attacks.

Example:

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline (This CSP allows resources to be loaded only from the same origin (self) and allows inline scripts (unsafe-inline))

6. Referrer-Policy:

The Referrer-Policy header controls how much information about the originating page (referrer) is shared with the destination when a user clicks on a link or loads a resource from another origin.
It helps enhance user privacy and security by limiting the information exposed in the Referer header.

Example:

Referrer-Policy: strict-origin-when-cross-origin (This policy sends the full referrer when navigating within the same origin but only the origin when navigating to a different origin.)

7. Access-Control-Allow-Origin:

This header specifies the trusted domain(s) that are allowed to access the resources via cross-origin resource sharing. if Site-A requests a resource from Site-B, Site-B should indicate in its Access-Control-Allow-Origin header that Site-A is allowed to fetch that resource, if not, the access is blocked due to Same Origin Policy (SOP).

Example:

Access-Control-Allow-Origin: https://yoursite.com (Allows only yoursite.com origin to fetch this resource)

8. Server and X-Powered-By:

These headers describes the software used by the origin server that handled the request and the technology used by them. Using the information in this header, attackers can find vulnerabilities easier.

Example:

Server: Apache
X-Powered-By: Express

9. Cache-Control:

This header allows us to specify various directives to instruct both client browsers and proxy servers on how to handle caching.

Example:

Cache-Control: private (Content is sensitive or user-specific and should not be cached.)
Cache-Control: public (Content can be cached by proxy caches as well as browsers.)

In conclusion, the judicious implementation of HTTP security headers is an indispensable aspect of web application security. These headers provide a formidable defense against a host of cyber threats, preserving the confidentiality, integrity, and availability of online resources. Staying vigilant and proactive in utilizing these headers is paramount in the ongoing battle to secure the digital realm.

Exploring Docker Volumes: Data Management in Containers

Priyanshu Belwal — Sat, 02 Sep 2023 12:55:57 +0000

Docker, the containerization platform that has revolutionized the way we deploy and manage applications, brings a wealth of features to the table. Among these, Docker Volumes stand out as a crucial tool for efficient data management within containers. In this article, we will dive into the world of Docker Volumes, exploring their introduction, use cases, and the different types available.

Introduction to Docker Volumes:

Docker containers are lightweight, portable, and offer consistency across various environments. However, containers are stateless, which means that any data or changes made inside a container are lost once the container is stopped or removed. This limitation poses a significant challenge when dealing with persistent data such as databases, configuration files, and user uploads.

This is where Docker Volumes come into play. Docker Volumes provide a mechanism for persisting and managing data beyond the lifecycle of a container. Docker containers allowing data to survive container termination and be shared among multiple containers. Folder in physical host file system is mounted into the virtual file system of Docker. When container writes to its file system, its automatically written into the host file system and in this way, we can achieve some kind of persistence in case of stateless docker containers.

Use Cases for Docker Volume:

Docker Volumes offer a wide range of use cases, enabling developers and administrators to address various data management challenges:

1. Database Management: Docker Volumes plays key role for databases like MySQL, PostgreSQL, and MongoDB. They ensure that the database data remains intact even if the container running the database is restarted or replaced.

2. Application Configuration: Storing configuration files as Docker Volumes ensures that the application's settings can be easily modified without rebuilding the container image.

3. Logging and Metrics: Containerized applications generate logs and metrics that need to be stored and analysed. Docker Volumes can be used to persist log files and metric data.

4. Shared Data: When multiple containers need access to the same data, Docker Volumes provide a convenient way to share that data among containers. This is particularly useful in microservices architectures.

5. Backup and Restore: Docker Volumes simplify the process of backing up and restoring data by isolating it from the container. This makes disaster recovery more manageable.

Working with different type of Docker Volumes:

1. Bind Volumes:

Bind volumes allow us to mount a specific path from the host's filesystem directly into the container. They are useful when we need to interact with host files and directories from within a container.

Sample Command:

docker run -d -v /path/on/host:/app/data ubuntu

The above command starts a container from the ubuntu image. It uses the -v flag to create a bind volume by specifying a path on the host machine (/path/on/host) and the corresponding path inside the container (/app/data).

2. Anonymous Volumes:

Anonymous volumes are created, when we create a volume just by referencing the container directory. We don't specify which directory on the host should be mounted but that's taking care of the docker itself.

Sample Command:

docker run -d -v /var/lib/mysql/data ubuntu

While running above command, a directory is automatically created by docker under /var/lib/docker/volumes/.....For each container, there is a folder generated that gets mounted automatically to the specified container path (In our case, /var/lib/mysql/data)

3. Named Volumes:

Names volumes are the enhancements over anonymous volumes. In this case as well the folders on host file system are created and managed by docker itself, but we can provide a user friendly name to it to refer. Named volumes are suitable for scenarios where multiple containers need to share and persist data.

Sample Command:

docker volume create mydata
docker run -d -v mydata:/app/data myapp

The first command creates a new named volume named mydata.
The second command starts a container from the myapp image. It uses the -v flag to mount the mydata named volume into the container at the path /app/data.

Conclusion:

In summary, Docker offers different types of volumes to address various data management requirements within containers. Local volumes are suitable for single-container scenarios that require data persistence, named volumes are ideal for sharing data among multiple containers, and bind volumes are useful for development and debugging, enabling direct interaction between the host and container filesystems. Understanding these volume types and their appropriate use cases is crucial for effective containerized application management.

Returning Customized Content Based On Location In AWS

Priyanshu Belwal — Sat, 05 Aug 2023 06:47:20 +0000

As businesses expand globally, catering to users from different locations becomes crucial. Providing personalized content based on the user's location enhances the user experience and helps businesses tailor their offerings to specific regions. In this article, we will explore how to leverage Amazon CloudFront and an EC2 instance with a Node.js application to return customized content based on the user's country header.

Amazon CloudFront Overview:

Amazon CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to users with low latency and high transfer speeds. It caches and distributes content from AWS edge locations strategically placed around the world, reducing the load on your origin server and improving the user experience.

EC2 Instance with Node.js Application:

Amazon Elastic Compute Cloud (EC2) provides resizable compute capacity in the cloud. We'll use an EC2 instance to host our Node.js application, which will handle the logic of returning customized responses based on the user's country header. The Node.js application will receive requests from CloudFront and analyze the "Country" header to determine the appropriate response.

Step 1: Set Up CloudFront Distribution:

Sign in to your AWS Management Console.
Navigate to the Amazon CloudFront service.
Click "Create Distribution."
Choose "Web" as the delivery method.
Configure the following settings:
Origin Domain Name: Select your EC2 instance as the origin server.
Allowed HTTP Methods: Choose the appropriate HTTP methods for your application (e.g., GET, POST).
Viewer Protocol Policy: Select "Redirect HTTP to HTTPS" for enhanced security.
Cache and Origin Request Settings: Use the default settings for now; you can fine-tune them later.
Distribution Settings: Set the desired options for your content delivery preferences.

Step 2: Install Node.js Application on EC2 Instance:

Launch an EC2 instance with an appropriate Amazon Machine Image (AMI) that supports Node.js.
Connect to your EC2 instance using SSH.
Install Node.js and npm on the instance.
Deploy your Node.js application to the EC2 instance.

Step 3: Implement Customized Response Logic:

In your Node.js application, listen for incoming requests from CloudFront.
Extract the "Country" header from the incoming request.
Use a geolocation database or a third-party API to map the user's IP address to their country.
Based on the user's country, customize the content to be returned. For example, you could show region-specific offers, language preferences, or localized content.

Step 4: Pass Country Header from CloudFront to EC2:

In your CloudFront distribution settings, navigate to "Cache Behavior Settings."
Click "Add/Edit Headers."
Add a new header with the name "Country" (you can choose any custom name you prefer).
Set the "Forward" option to "Whitelist," and add "Country" to the Whitelist Headers list.
Save your changes.

Step 5: Test the Solution:

Access your CloudFront distribution using its domain name.
Ensure you include the "Country" header in your requests. You can use browser developer tools or tools like cURL to add custom headers.
Observe the customized response from your Node.js application based on the user's location.

Conclusion:

Implementing a location-based content customization solution using Amazon CloudFront and an EC2 instance with a Node.js application can significantly enhance user experience and improve your application's global scalability. By leveraging CloudFront's global network and EC2's compute capabilities, you can efficiently deliver personalized content to users based on their location. This approach can help businesses reach a wider audience, increase user engagement, and provide targeted offerings tailored to specific regions.

🔧 Solid Principles Made Easy: Building a Strong Foundation for Your Code ⚙️

Priyanshu Belwal — Tue, 18 Jul 2023 16:01:36 +0000

Software development is like building a house. To construct a strong and reliable structure, architects follow specific principles. Similarly, in software design, we have SOLID principles to guide us in building robust and maintainable code. Let's explore these principles in simple terms:

1. S: Single Responsibility Principle

Imagine you have a toolbox, and each tool has a specific purpose. Just like that, a class should have one clear responsibility. It should do one thing and do it well. If a class has multiple responsibilities, it becomes hard to understand, maintain, and change without affecting other parts of the code.

How to identify:

Ask yourself, "What is the main responsibility of my class?" If you find yourself using the word "and" in the answer, you might be breaking the single responsibility principle.

Example:

Imagine a FileManager class responsible for both reading files and processing data from the file.

class FileManager {
    public String readFile(String filePath) {
        // Logic to read the file and return its content as a string
    }

    public void processData(String data) {
        // Logic to process the data read from the file
    }
}

This violates the single responsibility principle. Instead, you can create two separate classes: FileReader and DataProcessor, each handling its respective responsibility.

class FileReader {
    public String readFile(String filePath) {
        // Logic to read the file and return its content as a string
    }
}

class DataProcessor {
    public void processData(String data) {
        // Logic to process the data read from the file
    }
}

What to avoid:

Avoid creating classes that try to do too much. Also there is no need to have multiple classes that all hold just one function. Aim for a good balance by keeping each class focused on a single task.

2. O: Open/Closed Principle

Think of software as a LEGO set. When you want to expand your creation, you don't modify existing bricks; you add new ones. Similarly, in your code, you should be able to extend functionality without changing existing code.

Assume you have a class, which stores the binary data into database like below:

class BinaryDataDbSaver {
    public void save(Blob binaryData) {
        // ... DB Persistance Logic Here.
    }
}

Now in future, you want to save this binary data into an object storage (like: AWS S3 or Microsoft Azure Blob) One possible solution can be like this:

class BinaryDataDbSaver {
    public void saveToDB(Blob binaryData) {
        // ... DB Persistance Logic Here.
    }
    public void saveToBlob(Blob binaryData) {
        // ... DB Persistance Logic Here.
    }
}

In above solution, to add a new functionality, we modified an existing class, which was already well tested and serving the traffic.

To Handle such scenarios efficiently, we can extract an interface from it and can provide a solution like below:

public interface BinaryDataSaver {
    void save(Blob binaryData);
}

class BinaryDataDbSaver implements BinaryDataSaver {
    public void save(Blob binaryData) {
        // ... DB Persistance Logic Here.
    }
}

class BinaryDataBlobSaver implements BinaryDataSaver {
    public void save(Blob binaryData) {
        // ... Blob Persistance Logic Here.
    }
}

By adapting this solution, we did not changed any existing implementation and were able to meet our purpose.

Important Pointers:

The initial idea of Open/Closed principal was related to the inheritance.
But inheritance introduces tight coupling if the subclasses depend on implementation details of their parent class.
Thats why the Open/Closed Principal was re-defined to the Polymorphic Open/Closed Principle.
It uses interfaces instead of superclasses to allow different implementations which you can easily substitute without changing the code that uses them.
The interfaces are closed for modifications, and you can provide new implementations to extend the functionality of your software.

3. L: Liskov Substitution Principle

In a well-designed software system, you should be able to replace an object of a parent class with an object of its subclass without causing issues. Subclasses should enhance the behavior of the parent class, not restrict or alter it.

In simple terms:

If you have a Fruit class and an Apple class that inherits from Fruit, you should be able to use an Apple object wherever you expect a Fruit object.

Why is it useful:

By adhering to this principle, your code becomes more flexible and allows for code reuse.

Example:

Consider a Bird base class and a Penguin subclass. Since penguins cannot fly, calling the fly() method on a Penguin object should not lead to errors or unexpected behavior.

class Bird {
    public void fly() {
        // Fly behavior for birds
    }
}

class Penguin extends Bird {
    // Penguins cannot fly, so this method should not be here
}

Complying with Liskov Substitution Principle, one possible solution can be as:

abstract class Bird {
    public abstract void fly();
}

class Penguin extends Bird {
    public void fly() {
        // Penguins cannot fly, so this method is not implemented
    }
}

4. I: Interface Segregation Principle

Imagine ordering a meal at a restaurant and getting a plate with everything on it, even the dishes you don't like. The Interface Segregation Principle advises against forcing clients to implement methods they don't need.

In simple terms:

Create smaller, specific interfaces, rather than one large interface with many methods.

Why it matters:

This prevents clients from being burdened with unnecessary methods and makes code more maintainable and adaptable.

Example:

You have a large interface, Vehicle, containing methods like startEngine(), accelerate(), and playRadio(). If a class implementing Vehicle has no use for playRadio(), it's forced to implement it, violating the Interface Segregation Principle.

interface Vehicle {
    void startEngine();
    void accelerate();
    void playRadio();
}

class Car implements Vehicle {
    public void startEngine() {
        // Car specific engine starting logic
    }

    public void accelerate() {
        // Car specific acceleration logic
    }

    public void playRadio() {
        // Radio playing logic - not needed for all vehicles
    }
}

To resolve this, you can split the interface into smaller, specific interfaces as below:

interface Vehicle {
    void startEngine();
    void accelerate();
}

interface RadioPlayable {
    void playRadio();
}

class Car implements Vehicle, RadioPlayable {
    public void startEngine() {
        // Car specific engine starting logic
    }

    public void accelerate() {
        // Car specific acceleration logic
    }

    public void playRadio() {
        // Radio playing logic - implemented only for vehicles that can play radio
    }
}

Important note:

Violating the Interface Segregation Principle can lead to issues with Liskov Substitution Principle if clients are forced to implement methods they don't properly support.

5. D: Dependency Inversion Principle

Think of software modules as pieces in a jigsaw puzzle. Instead of directly connecting each piece, you use connectors that allow different pieces to fit together. Similarly, the Dependency Inversion Principle encourages depending on abstractions (interfaces) rather than concrete implementations.

In simple terms:

Your classes should rely on interfaces, not on specific classes.

Why it matters:

By depending on abstractions, your code becomes more flexible, maintainable, and easier to test. You can easily swap implementations without changing the dependent classes.

Lets consider below code, which represents a MacBook of very old generation and imagine it uses Wired Keyboard and Mouse.

class MacBook {
    private WiredKeyboard keyboard;
    private WiredMouse mouse;

    public MacBook(WiredKeyboard keyboard, WiredMouse mouse) {
        this.keyboard = keyboard;
        this.mouse = mouse;
    }
}

In above example, in future if you would have to replace WiredKeyboard to WirelessKeyboard, then we need to change the existing class, which can violate Open/Closed Principal and lead to buggy code.

Instead, MacBook class should rely on interfaces, rather then implementor classes. Above problem can be solved like below:

interface Keyboard {
    //... Methods
}

interface Mouse {
    //.. Methods
}

class WiredKeyboard implements Keyboard {
    //... Implementations
}
class WirelessKeyboard implements Keyboard {
    //... Implementations
}

class WiredMouse implements Mouse {
    //... Implementations
}
class WirelessMouse implements Mouse {
    //... Implementations
}

class MacBook {
    private Keyboard keyboard;
    private Mouse mouse;

    public MacBook(Keyboard keyboard, Mouse mouse) {
        this.keyboard = keyboard;
        this.mouse = mouse;
    }
}

Now in future, if we need to change the components, just we need to inject other type of SubClasses and our work will be done very easily, without touching MacBook class implementation.

Conclusion

By following these SOLID principles, you can create software that is easier to understand, maintain, and extend, just like building a strong foundation for your projects.

⚡️ Understanding React's Node Reconciliation and the Benefits of React Fiber ⚡️

Priyanshu Belwal — Sat, 08 Jul 2023 13:14:51 +0000

React, a popular JavaScript library for building user interfaces, utilizes a process called "reconciliation" to efficiently update the DOM when there are changes in the application's state.

React's reconciliation algorithm analyzes the virtual representation of the UI and determines which nodes need to be re-rendered. With the introduction of React Fiber, a new reconciliation engine, React has made significant improvements in performance, responsiveness, and concurrent rendering. In this article, we will delve into how React identifies which nodes to re-render, explore the reconciliation algorithm, and understand the advancements brought about by React Fiber. 🚀

React's Virtual DOM:

React operates on a virtual representation of the DOM called the Virtual DOM. The virtual DOM is a lightweight in-memory representation of the real DOM, which allows React to make changes to the UI without manipulating the actual DOM. This makes updates faster, as changing the virtual DOM is less expensive than changing the real DOM.

When a component's state or props change, React compares the new Virtual DOM with the previous one to identify the differences efficiently, minimizing unnecessary updates and improving performance. ⚛️

Reconciliation Algorithm:

React's reconciliation algorithm, also known as the diffing algorithm, is responsible for determining the minimal set of changes required to update the real DOM. The algorithm follows a top-down, depth-first approach, comparing each node and its children. Let's understand the key steps involved: 🌳

1. Tree Diffing: React starts by diffing the new Virtual DOM with the previous one, comparing the root nodes. It determines if the root node types are the same and updates only the attributes that have changed. 🌱

2. Component Instances: If the root nodes differ, React creates new instances of the components involved. It then proceeds to recursively diff the children of these components, continuing the comparison process. 🔄

3. Element Reordering: React attempts to minimize changes by reordering elements instead of re-rendering them. It uses a technique called keyed reconciliation where each element is assigned a unique key. If elements have the same keys, React assumes they are of the same type and can be reordered instead of completely re-rendered. 🔑

4. Updating Children: React compares the children of the elements and performs updates based on their changes. It uses various strategies, such as the "shortest path" algorithm, to efficiently update the DOM. After identifying change, React batches multiple changes into a single update, reducing the number of updates to the virtual DOM and, in turn, the real DOM. 🔄

React Fiber 🧶:

React Fiber is a reimplementation of the reconciliation algorithm introduced in React 16. It is designed to improve performance and enable new features like suspense and concurrent rendering. Fiber works by breaking down the reconciliation process into smaller units of work, allowing React to prioritize and interrupt work if needed, resulting in a more responsive user interface. ⚡️

The Fiber tree represents the virtual DOM that allows React to keep track of the work that needs to be done in a more fine-grained way. Each Fiber in the tree represents a unit of work that needs to be performed, such as updating a component or rendering a new element.

When a component’s state changes, React creates a new Fiber for that component and adds it to the Fiber tree. React then schedules the Fiber for processing, adding it to a queue of Fibers that need to be worked on. React then begins processing the queue, one Fiber at a time.

The key to the Fiber architecture is that it allows React to pause and resume work anytime.

The main advantages of React Fiber include:

1. Incremental Rendering: Fiber allows React to split rendering work into chunks or "fibers," which can be interrupted and resumed. This enables the browser to respond to user input during large updates and prevents the application from becoming unresponsive. ⏳

2. Smoother Animations: By allowing React to prioritize animation updates over other work, the Fiber architecture can help to make animations smoother and more responsive. This can be especially important in applications that rely heavily on animations, such as games or video players. 🎯

3. Better Concurrency Support: Lays the groundwork for better concurrency support in React. By breaking up the work of rendering into smaller, independent units, React can more easily take advantage of new browser APIs, such as Web Workers, that allow for concurrent execution.🔄

4. Easier Server-Side Rendering: The Fiber architecture makes it easier to perform server-side rendering in React. Because React can pause and resume work at any time, it can split the rendering process into smaller chunks that can be executed on the server and sent to the client as needed. 🌐

Conclusion:

React's reconciliation algorithm and the introduction of React Fiber have revolutionized the way UI updates are handled in React applications. By efficiently identifying which nodes to re-render, React minimizes unnecessary updates and ensures optimal performance. The introduction of React Fiber further enhances this process, making React more responsive, enabling concurrent rendering, and improving the user experience. As React continues to evolve, developers can expect even more advancements in rendering performance and responsiveness. 🌈

🚀🚀 A Comprehensive Guide to Spring Boot Actuator: Empower Your Applications

Priyanshu Belwal — Sat, 08 Jul 2023 12:13:10 +0000

Spring Boot Actuator is a powerful tool that comes bundled with the Spring Boot framework, providing a comprehensive set of features for monitoring, managing, and understanding the health of your Spring Boot applications. In this article, we will explore the key features of Spring Boot Actuator, delve into different configurations based on various use cases.

Section 1: Features of Spring Boot Actuator:

Spring Boot Actuator offers a wide range of features that simplify application monitoring and management. Let's dive into its key capabilities:

1.1 🏥 Health Monitoring:

Actuator provides endpoints to check the health of your application. It supports predefined and custom health indicators, ensuring you stay informed about the overall health of your application.

1.2 📊 Metrics Gathering:

Actuator collects and exposes metrics about your application's performance, including CPU usage, memory consumption, request counts, and more. Integration with popular monitoring systems like Prometheus and Graphite is effortless.

1.3 📝 Custom Endpoints:

Actuator empowers you to create custom endpoints tailored to your specific requirements. You can expose custom metrics, perform custom health checks, or implement any desired functionality through these endpoints.

Section 2: Actuator Endpoints and Their Significance:

Understanding the various Actuator endpoints and their significance is crucial for effective application monitoring. Let's explore some essential endpoints:

2.1 🏥 /health Endpoint:

The /health endpoint provides insights into your application's health status. It informs you whether your application is up and running or encountering issues. You can extend it with additional custom health checks.

2.2 📊 /metrics Endpoint:

The /metrics endpoint exposes a wealth of performance metrics for your application. It offers detailed information about CPU usage, memory consumption, request counts, and more.

2.3 📝 /info Endpoint:

The /info endpoint provides general information about your application, such as version details, descriptions, and any additional custom details you choose to include.

Section 3: Configurations for Different Use Cases:

Let's explore different configurations to harness the full potential of Spring Boot Actuator based on your use case:

3.1 🔐 Enabling Actuator Endpoints:

To enable Actuator endpoints, add the Actuator dependency to your project. Spring Boot autoconfigures the endpoints, and you can control their accessibility by securing them with authentication and authorization mechanisms.

# application.properties
management.endpoints.web.exposure.include=*

3.2 🛠️ Customizing Endpoints:

Actuator endpoints can be easily customized to align with your application's needs. You can modify their paths, enable or disable specific endpoints, or change their default behavior.

Example:

# application.properties
management.endpoints.web.path-mapping.health=custom/health
management.endpoint.health.show-details=always

Section 4: Customizing Actuator Endpoints for Metrics and Health Checks

Actuator allows you to extend its capabilities by creating custom endpoints for specific metrics and health checks. Let's explore how you can achieve this:

4.1 🔢 Custom Metrics:

You can create custom metrics by defining your own MeterRegistry beans. These metrics can measure application-specific aspects, such as the number of active users or the processing time of specific operations.

Example:

@Bean
public MeterRegistryCustomizer<MeterRegistry> customMetrics() {
    return registry -> {
        // Create custom metrics
        registry.gauge("custom.users", new AtomicInteger());
    };
}

4.2 🏥 Custom Health Checks:

Actuator enables you to implement custom health indicators beyond the default ones. By creating your own HealthIndicator beans, you can monitor additional aspects of your application's health.

Example:

@Component
public class CustomHealthIndicator implements HealthIndicator {

    @Override
    public Health health() {
        // Implement custom health check logic
        boolean isHealthy = // Perform health check

        if (isHealthy) {
            return Health.up().build();
        } else {
            return Health.down().build();
        }
    }
}

Section 5: Integration of Actuator with External Monitoring Systems

Actuator seamlessly integrates with external monitoring systems, providing a comprehensive view of your application's performance. Let's see how Actuator can be integrated:

5.1 📈 Integration with Prometheus:

You can configure Actuator to export metrics in Prometheus format, allowing seamless integration with Prometheus monitoring and alerting systems.

Example:

# application.properties
management.metrics.export.prometheus.enabled=true

5.2 📊 Integration with Graphite and Other Systems:

Actuator also supports exporting metrics to systems like Graphite, InfluxDB, or Micrometer-compatible systems. This integration helps you visualize and analyze your application's performance data.

# application.properties
management.metrics.export.graphite.enabled=true
management.metrics.export.graphite.host=graphite.example.com
management.metrics.export.graphite.port=2003

Conclusion:

🎉 Spring Boot Actuator empowers developers to effortlessly monitor and manage their applications. With its robust features, flexible configurations, and seamless integration capabilities, Actuator simplifies the complexity of application management. By leveraging Actuator, you can gain valuable insights, ensure your applications are healthy, and optimize performance. Embrace Spring Boot Actuator today, and witness the transformation in your application management journey!

🔒 Security with Microsoft Authenticator: A Closer Look at 2FA and TOTP Generation 🔒

Priyanshu Belwal — Sun, 25 Jun 2023 03:54:01 +0000

Introduction:

In today's digital landscape, ensuring the security of our online accounts is of utmost importance.💻💡 Microsoft Authenticator, a mobile app developed by Microsoft, has emerged as a powerful tool to provide an additional layer of protection through two-factor authentication (2FA). In this article, we will delve into the working of Microsoft Authenticator, focusing specifically on the generation of six-digit TOTPs (Time-Based One-Time Passwords) that play a crucial role in securing user accounts.🔒📱

Let's understand the working of these apps:

Step 1: Opting for Enhanced Security

(i). To enable 2FA, users begin by navigating to the Microsoft website and selecting the option to add a new sign-in method.

(ii). The registration process begins, and behind the scenes, the Microsoft Authenticator service generates a highly secure secret key unique to the user. This secret key is stored in a secure manner at the Microsoft end. The service then presents a QR code to the user, having the same secret key inside it. 🛡️💼

(iii). Users then open the Microsoft Authenticator app on their mobile devices and scan the QR code. In case the QR code cannot be scanned, an alternative option allows users to manually enter the secret key into the app. Once this process is complete, the secret key is securely stored within the Authenticator app, ready to generate the essential six-digit TOTPs. 🔑📱

Step 2: Seamless Login Process

(i). With the secret key securely stored both by Microsoft and within the user's Authenticator app, users can now initiate the sign-in process on the desired website. As the website requests a six-digit one-time password, users open the Authenticator app, which swiftly generates a new TOTP every 30 seconds. ⏱️🔢

(ii). The TOTP is generated by combining the secret key with the current time, employing a time-based OTP generation algorithm.

(iii). This dynamic combination ensures that the generated TOTP is unique and changes every 30 seconds.

(iv). Users enter the TOTP into the website's login prompt, while simultaneously, the website utilizes the same secret key and algorithm to generate the corresponding TOTP on the backend for verification. ✨🔢

(v). If the verification process succeeds, granting access to the user, it serves as a testament to the robust security provided by Microsoft Authenticator. 🔒✅

Conclusion:

In a world where online security threats continue to evolve, these mobile apps ensures the protection of user accounts. From opting into 2FA to seamlessly generating TOTPs, Microsoft Authenticator plays a vital role in safeguarding sensitive information and providing peace of mind to users worldwide. 🔐💪

So, embrace the power of 2-Factor Authentication and take control of your online security like never before! 🔒💙

This post is inspired from the below LinkedIn post :
Click Here

Avoiding Pitfalls: Unraveling Lombok and JPA Integration 🌟

Priyanshu Belwal — Tue, 20 Jun 2023 04:01:52 +0000

Introduction:

The combination of Lombok and JPA offers tremendous convenience and productivity in Java development. With Lombok's annotations, we can reduce boilerplate code, while JPA simplifies database interactions. However, like any powerful tool, there are potential pitfalls to be aware of.

In this article, we will explore three common issues that may arise when using Lombok and JPA together, along with practical examples and solutions to keep your codebase running smoothly. Let's dive in! 💻

1. Accidentally Loading Lazy Attributes 😱

Lombok's @data annotation generates various methods, including getters and setters, for our entities. While this can save us time, it's crucial to understand its impact on lazy loading. Consider the following scenario:

@Entity
@Data
public class Book {
    @Id
    private Long id;

    private String title;

    @OneToMany(mappedBy = "book", fetch = FetchType.LAZY)
    private List<Comment> comments;
}

In this case, Lombok generates a getter for the comments field. If we mistakenly call this getter outside a transactional context, we might trigger a lazy loading exception. To avoid this, always ensure that you access lazy attributes within a transaction or eagerly fetch the necessary data when querying the entity.

Lombok also provides equals()/hashCode()/toString() annotations to generate respective methods. These methods includes all the object fields by default. This can have an unwanted side-effect for JPA entities: accidentally loading lazy attributes or this can easily harm the application performance if lazy loading objects are large.

2. Malfunctioning of HashSets and HashMaps 😨

Lombok's @EqualsAndHashCode annotation automatically generates the equals() and hashCode() methods for our entities, considering all fields by default.

In case of a new entity, generally the Id or unique identieir of an entity gets generated by the database, while trigerring the insert operation. So it gets changed after the entity is persisted.

Lets understand this problem with the help of an example:

@Entity
@EqualsAndHashCode
public class Book {

   @Id
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   @Column(nullable = false)
   private Long id;

   private String title;

}

Now we will execute below code and will check the result:

Book newBook = new Book();
newBook.setTitle("Book1");
Set<Book> set = new HashSet<>();

set.add(newBook);
bookRepository.save(newBook);

if(set.contains(newBook)) {
    System.out.println("Set Contains Book");
}
else {
    System.out.println("Set Does Not Contains Book");
}

By executing, we found that above code prints Set Does Not Contains Book, even we added the entity in set initially. The reason is as below:

(i). Lombok's @EqualsAndHashCode method generated a hashCode() method for this entity and considered id and title.
(ii). On a high level, HashSet/HashMap uses the hashCode() method to determine where to store a particular object, and it is also used during lookup when calling the contains method. First, the hashCode method is calculated, which returns the location that is referred to in order to check if the object is present at that particular level.
(iii). When we added the entity to set initially, the id attribute of entity was null, hence the hashCode was something different.
(iv). Now, since the entity is persisted in database, the id attribute of entity is changed. This resulted in the changed value of hashCode.
(v). When hashset will check if entity exists or not, it will refer the hashCode method and will found that at that location, entity does not exists.

This problem can lead to unexpected behaviour in our application logic.

3. Missing No-Argument Constructor 😕

JPA relies on a no-argument constructor to create entities. Lombok's @NoArgsConstructor annotation seems like an ideal solution, automatically generating the required constructor for us. However, we must exercise caution, especially when using inheritance or constructors with arguments.

Consider the following example:

@Entity
@Data
public class Book {
    // ...

    public Book(String title) {
        this.title = title;
    }
}

In this case, if we attempt to create an instance of Book using the no-argument constructor, it will throw a runtime exception due to the missing title argument. To overcome this, we can explicitly define a no-argument constructor, add @NoArgsConstructor annotation or provide default values for all constructor parameters.

Conclusion:

Lombok and JPA integration can significantly enhance our Java development experience, but it's crucial to understand potential pitfalls that may arise. By being mindful of lazy loading, carefully handling collections in equals() and hashCode() methods, and addressing the no-argument constructor requirements, we can build robust and efficient applications. Remember, the key is to leverage these powerful tools while remaining vigilant in our coding practices. Happy coding! 🚀🔥

🚀 How to Use AWS S3 Bucket to Host a Static Website 🌐

Priyanshu Belwal — Thu, 15 Jun 2023 15:21:18 +0000

Are you ready to launch your static website into the vast online universe? Look no further! In this guide, we'll unveil the secrets of using AWS S3 Bucket to seamlessly host your website. 🎉

Prerequisites: What You'll Need 📋

Before we begin our exhilarating journey, let's make sure you have the essentials at your fingertips:

1️⃣ An AWS account: If you don't have one yet, fear not! Signing up is as easy as a few clicks. Head over to the AWS website (https://aws.amazon.com/) and join the cloud revolution.
2️⃣ AWS CLI : AWS CLI installed and configured on your local machine: Prepare to wield the power of the command line as we navigate the AWS cosmos.
3️⃣ An static website: Ensure you've created a dazzling static website. In this article, we will be using React and Angular, but any static website or framework can be used.💡

Step 1: Create an S3 Bucket 🪣

To kick off our journey, we'll create an S3 bucket using the AWS CLI. Follow these steps and watch your bucket take flight:

1️⃣ Open your command line interface, ready to send commands to the AWS universe.
2️⃣ Type the following command and let it echo through the digital atmosphere, creating your S3 bucket:

aws s3api create-bucket --bucket your-bucket-name --region your-region

Replace your-bucket-name with a unique and captivating name for your bucket. Also, replace your-region with the AWS region of your choice.

Step 2: Configure the S3 Bucket 🛠️

Your bucket is now waiting to be molded into a spectacular host for your website. Let's shape it with these simple steps:

1️⃣ Issue the following command to enable static website hosting for your bucket:

aws s3 website s3://your-bucket-name/ --index-document index.html

Replace your-bucket-name with the name of your bucket. The above command. By running this command, you are instructing AWS to treat the specified S3 bucket as a website and configure it to serve the index.html file as the default page.

Step 3: Upload Your Website Files 🚀

Now that your bucket is configured, it's a great time to upload your website files:

1️⃣ If you are creating the website using some framework like: React or Angular, you need to create an optimized build, which will be deployed to S3. For the build command, please refer to the documentation of the framework. After preparing the build, navigate to the build directory.
2️⃣ Run the following command to upload the files to your S3 bucket:

aws s3 sync . s3://your-bucket-name

This command will upload all files and folders in the current directory to your bucket.

Step 4: Set Permissions 🔒

1️⃣ To make your website file publicly accessible, you first need to disable Block Public Access Configuration for the respective bucket. To do this, you need to run the following command by replacing your bucket name.

aws s3api put-public-access-block --bucket your-bucket-name --public-access-block-configuration "BlockPublicAcls=false,IgnorePublicAcls=false,BlockPublicPolicy=false,RestrictPublicBuckets=false"

2️⃣ Now you need to create a policy.json file as below and replace your-bucket-name with the name of your bucket.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "PublicReadGetObject",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

2️⃣ Run the following command to set the bucket policy using the policy file:

aws s3api put-bucket-policy --bucket your-bucket-name --policy file://policy.json

Replace your-bucket-name with the name of your bucket.

Step 5: Configure Custom Domain (Optional) 🌐

If you want to host your website to a custom domain, you can follow below steps:

1️⃣ Go to your preferred DNS provider and create a new CNAME record.
2️⃣ Set the record's name (or host) to your desired domain (e.g., www.yourdomain.com).
3️⃣ Set the record's value to the endpoint of your S3 bucket. You can find the endpoint by running the following command:

aws s3api get-bucket-location --bucket your-bucket-name

Replace your-bucket-name with the name of your bucket.

Prepare for Launch! 🚀🌌

That's it! Your website is now hosted using an AWS S3 Bucket. It should be publicly accessible through the provided endpoint or your custom domain.✨🪐

To optimize the speed and performance of your website, leveraging a content delivery network (CDN) such as AWS CloudFront or Cloudflare is highly recommended. CDNs help reduce latency and enhance the overall user experience by caching content closer to the end-users. In an upcoming article, we will delve deeper into how you can leverage these CDNs to boost your website's speed and performance.

🔥 JIT Compilation in Java & Code Caching: Enhancing Performance for Faster Execution 🔥

Priyanshu Belwal — Sat, 10 Jun 2023 17:47:17 +0000

Just-In-Time (JIT) compilation is a game-changer in the world of Java programming, unleashing the power of optimization during runtime. 🚀 Imagine code that not only gets translated into bytecode but also dynamically compiles into native machine code for lightning-fast execution. This is where JIT compilation comes into play, revolutionizing the performance of our Java applications. 🏃‍♂️

In Java, the execution process involves two crucial steps: the translation of code into bytecode and the interpretation of bytecode by the Java Virtual Machine (JVM). However, the JIT compiler takes things to the next level. It continuously analyzes the bytecode and identifies frequently executed portions, known as hotspots. 🎯

Once these hotspots are detected, the JIT compiler swings into action. It optimizes the code by compiling it into highly efficient native machine code, which can be executed directly by the CPU. This dynamic adaptation of the JVM allows for real-time performance enhancements based on the actual runtime conditions of our program. 📈

To grasp the magic of JIT compilation, let's dive into a practical example. 🧪 Consider the following Java code snippet:

/**
 * The PrimeNumberGenerator class generates a specified number of prime numbers.
 */
public class PrimeNumberGenerator {

    /**
     * The main method of the PrimeNumberGenerator class.
     * It takes a command-line argument specifying the total number of prime numbers to generate.
     *
     * @param args The command-line arguments.
     */
    public static void main(String[] args) {
        int numbersToGenerate = Integer.parseInt(args[0]);
        generateNumbers(numbersToGenerate);
    }

    /**
     * Generates the specified number of prime numbers.
     *
     * @param totalNumbers The total number of prime numbers to generate.
     */
    private static void generateNumbers(int totalNumbers) {
        int totalPrimesGenerated = 1;
        int next = 2;
        while (totalPrimesGenerated <= totalNumbers) {
            next = getNextPrimeAbove(next);
            System.out.println("Next Prime Number: "+ next);
            totalPrimesGenerated++;
        }
    }

    /**
     * Finds the next prime number greater than the given previous number.
     *
     * @param previous The previous number.
     * @return The next prime number.
     */
    private static int getNextPrimeAbove(int previous) {
        Integer testNumber = previous + 1;
        while (!isPrime(testNumber)) {
            testNumber++;
        }
        return testNumber;
    }

    /**
     * Checks if the given number is prime.
     *
     * @param testNumber The number to test.
     * @return True if the number is prime, false otherwise.
     */
    private static boolean isPrime(Integer testNumber) {
        for (int i = 2; i < testNumber; i++) {
            if (testNumber % i == 0) return false;
        }
        return true;
    }
}

This code generates a specified number of prime numbers. But what's interesting is that the execution count of the isPrime method directly affects the generation process. So, let's run the code and see the results unfold! 💫

As we can see from the execution results, the program runs successfully. But let's take things up a notch and peek behind the scenes. We can print the JIT Compiler Compilation logs to see which methods are being natively compiled. To achieve this, we'll follow these steps:

Compile the Java program using the command javac PrimeNumberGenerator.java.
Run the program with the JVM instructed to print the compilation logs on the console using the command java -XX:+PrintCompilation PrimeNumberGenerator 15. Alternatively, we can generate a JIT compilation log file by running the program with the command java -XX:+UnlockDiagnosticVMOptions -XX:+LogCompilation PrimeNumberGenerator 15.

After running the program, A log file named hotspot_pid.log is generated, revealing the secrets of JIT compilation. 😲

Analyzing the log file, we notice that the isPrime method, our target for optimization, did not undergo any compilation. But don't fret! This is due to the limited execution count since we generated only 15 prime numbers. 🧮

Let's level up our analysis and generate 5000 prime numbers this time using the command java -XX:+UnlockDiagnosticVMOptions -XX:+LogCompilation PrimeNumberGenerator 5000.

Behold! In the image below, we'll witness the mighty JIT compiler optimizing the isPrime method through various levels of compilation. 🌟

Leveled Compilation in JIT Compiler: A Performance Marvel

When it comes to JIT compilation, it's all about levels and tiers of optimization. The JVM is not content with a one-size-fits-all approach. Instead, it employs leveled compilation to gradually boost performance and deliver optimal results. 📈

Here's the deal: The initial tier, known as Tier 1, focuses on swiftly generating compiled code while keeping compilation times low. This level of compilation includes nifty optimizations like inlining frequently called methods or removing redundant checks. But the journey doesn't end there! 😎

As our program continues to execute and hotspots persist, the JIT compiler cranks up the heat and elevates the hotspots to higher tiers like Tier 2, Tier 3, and Tier 4. These tiers introduce more advanced and time-consuming optimization techniques, such as loop unrolling, advanced inlining, and specialized code transformations. Gradually, the performance of our code scales new heights without overwhelming the initial compilation phase. It's an optimization marvel in action! 💪

However, there's a twist in the tale. When a Java bytecode is compiled to Tier 4, the code finds its home in the mighty Code Cache, a sacred space with a size limit. But what happens if this cache overflows? It will show up a message like this:

VM warning: CodeCache is full. Compiler has been disabled.

This foreboding warning indicates that the code could run even better if more parts of it could be compared to native machine code. Alas, there's no room in the code cache for further optimization. But fear not! Increasing the size of the code cache can unlock new realms of application performance. 🚀

We can gauge the size of the code cache using the JVM flag -XX:+PrintCodeCache, which yields intriguing insights into its dimensions. 📊

To customize the code cache size, we have three essential flags at o urdisposal:

1. InitialCodeCacheSize: This flag sets the initial size of the code cache when the JVM starts. We can tweak it using the -XX:InitialCodeCacheSize VM option. The default value varies depending on the JVM implementation and platform.

2. ReservedCodeCacheSize: It determines the maximum size the code cache can grow up to. Use the -XX:ReservedCodeCacheSize={sizeInMb}m VM option to adjust this value. The default value also depends on the JVM implementation and platform.

3. CodeCacheExpansionSize: This flag governs the amount by which the code cache can expand when it reaches its limits. We can set it using the -XX:CodeCacheExpansionSize VM option. The default value is typically a fraction of the reserved code cache size.

Code Snippets Are Available At: https://github.com/belwalpb/jvm-code-cache-optimization

Conclusion: Unleashing the Full Potential of Java

In this captivating journey, we've unraveled the incredible power of JIT compilation in Java. The ability to optimize program execution dynamically opens doors to unprecedented performance levels. JIT compilation, with its leveled approach, propels our code to greatness by gradually refining it through multiple tiers of optimization. And let's not forget the sacred Code Cache, a sanctuary for native machine code that can supercharge our application's speed. 💥

Remember, the size of the Code Cache plays a pivotal role in unlocking further performance enhancements. If we find ourself restricted by a full Code Cache, fear not! By tweaking the cache's size, we can unleash the true potential of our Java application and watch it soar to new heights. 🚀✨

Now, armed with this knowledge, go forth and conquer the world of Java optimization. Embrace JIT compilation, harness the power of Code Caching, and witness the remarkable transformation of our applications. Happy coding! 😄👩‍💻👨‍💻