The false optimism of GORM and Hibernate

Posted by: on Nov 12, 2012 | No Comments

There’s a bunch of problems using Hibernate with concurrent access to the same rows in the database.

In Grails applications you could be forgiven for ignoring these, because in general the GORM Hibernate examples and documentation err on the side of simplicity rather than completeness.

In addition you may think that this does not affect you, but in all likelihood this is because you either have an application with no real “edit/update” functionality, or you have an insignificant number or users, and/or you have just been lucky so far.

Safer access to request attributes in Grails plugins with Platform-Core

Posted by: on Aug 17, 2012 | No Comments

The Grails Platform-Core plugin release 1.0.M3 introduced some new features for safer plugin development where Session, Request and Flash attributes are used.

Better i18n using the p:text tag from Grails Platform-Core

Posted by: on Aug 17, 2012 | No Comments

The Grails Platform Core plugin release 1.0.M3 added a new mechanism for rendering UI strings that is especially useful for plugins.

Note that there is a 1.0.M6 release now which is the recommended version.

The new p:text tag behaves very much like the Grails g:message tag.

The key difference is that the tag supports prefixing the message keys, and automatically applies a prefix based on the name of the plugin that supplied the GSP.

Code generators all the way down: Why the Web sucks for Apps

Code generators all the way down: Why the Web sucks for Apps

Posted by: on Apr 16, 2012 | 8 Comments

You may have read my previous posts (here, here and here) on why, at a very fundamental level, I think the open web is a terrible way to make applications.

Inside the Grails dependency injection binding vulnerability

Posted by: on Mar 29, 2012 | 3 Comments

You may have seen the recently announced vulnerability in Grails binding relating to dependency injection.

I wanted to explain this in a little more depth so that everybody knows how to tell whether or not their current systems are vulnerable to it and what this might mean. It is worth noting that new releases of Grails 1.3.x and 2.0.x have already been made by the team – upgrading to those now and redeploying your app will close this particular hole for you.