- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
In this blog, I’ll outline why learning and mastering Spring Boot in 2023 is a worthwhile endeavor, even though there may be a few differing opinions. I’ll also explore how Spring Boot compares to other backend technologies and alternative Java frameworks.
While you are mastering Spring, I am mastering libraries that do the thing my program needs to do.
While you are trying to debug to your Spring app, which is a huge PITA because Spring is a rat’s nest of conflicting configuration paradigms and overlays and fills your call stack with dozens of layers of generated methods, I have finished my work and am
at the beachhelping my coworker debug his Spring app because he didn’t listen to me when I said not to use Spring.Just out of curiosity, why do you find debugging in spring a huge PITA? Also what do you mean by conflicting config paradigms?
Genuinely curious.
Spring combines combinations of environment variables, system properties, files, and classpath resources, and handles a variety of patterns (e.g.: aConfigOption could be configured by system property
A_CONFIG_OPTION
,aConfigOption
, or several other possibilities), so tracking down where the configuration came from is not always easy. Sometimes you think you can just set a property, but it turns out another property triggers loading a resource that overrides yours. This would be fine if applications/libraries clearly documented how to configure them, but most say “config via spring, good luck lol”.And good luck if you are trying to use two different components both built on Spring, and they both rely on the dependency injector settings “db.url”. Now you have to start playing games with dependency injector scopes.
Unfortunately, Spring is still the de facto standard in many companies and deviating from it takes effort and is sometimes completely futile.
I’m curious how you handle API security. It’s a bit of a PITA with Spring but I couldn’t imagine handling all of it with one-off libraries. If you have a basic CLI type of program or something not meant to receive external traffic I can see how Spring can be overkill.
What’s wrong with spring security?
Well, I say it’s a PITA but I mean that’s kind of security in general. It’s probably just my companies mismatching of old and new protocols that make it a bit challenging.
What do you use in its place?
Nothing? I just use the language features and I use libraries for specific things.
I do not use an automagic configuration and dependency injection boondoggle. I read config in
main()
, create the objects I need, and do what I need. It is easy to see what my program does; it is easy to see where configuration comes from. It is easy to test any component, because you can clearly see what you need to provide to build the entry point objects.