Discover how to prevent runtime errors and enhance code quality with this 33-minute conference talk from Devoxx. Explore the Checker Framework, a powerful tool offering over a dozen pluggable type systems for Java. Learn how to guarantee compile-time prevention of common issues like null pointer exceptions, SQL injections, and concurrency errors. Watch a practical demo showcasing the framework in action, understanding its concepts and applications. Gain insights from experts Werner Dietl and Michael Ernst on implementing pluggable type-checking to improve code reliability and security. Leave equipped with knowledge to eliminate bugs and create more trustworthy software using this freely available tool.
Overview
Syllabus
The Checker Framework in Action Preventing Errors Before They Happen
Cost of software failures
Software bugs can cost lives
Outline
Java's type system is too weak
Some errors are silent
Prevent information leakage
Specification 2: unencrypted parameter
Demo: Preventing SQL injection
Solution: Pluggable Type Checking
Optional Type Checking
Eclipse, Intelli , NetBeans plug-ins
Ant, Maven, Gradle integration
Benefits of type systems
Checkers are usable • Type-checking is familiar to programmers • Modular: fast, incremental, partial programs • Annotations are not too verbose
String type systems
Security type systems
Verification
Checker Framework Community Open source project
Pluggable type-checking improves code
Regular Expression Example
Fixing the Errors
Taught by
Devoxx
