This post describes creating a recipe to migrate from System.out.println to using a Java Logger.
When I'm hacking out code, rather than using TDD, and I make mistakes, I have the bad habit of printing a line to System.out, and I've wanted to wean myself off that habit.
I made a bunch of mistakes when writing the code below :
Initially, I wrote countdown++ and the loop didn't finish.
And I used countdown > 1 so didn't get the output I wanted.
In the end, I littered my code with System.out.println to help me debug. And the experience reinforced that I need to learn how to use a logger as my default approach.
Fortunately, I read through the Sensei documentation and decided to use the "Getting Started" guide to help me create a recipe to convert from System.out.println and encourage me to use a logger:
The first thing I do is click on the println then alt+enter to create a new recipe.
I create it with the following details:
And I'll start by matching methodcall with the name println
And the preview shows me all the matches in my code.
I can see that all the matches in my code are for System.out.println but I don't trust that long term this will be the only match. I want to match a more qualified statement I want to change.
I expand the matcher to search for a methodcall on a field named out in the class System.
I could, if I wanted, fully qualify the System name to java.lang.System
Next, I want to create the QuickFix.
First I want to amend the line of code that logs the output:
I don't have to remember the mustache template format. I used the Show Variables in the GUI to show me the argument and double-clicked on it. Then the GUI filled in the appropriate matching mustache template.
When I try it out, I can see that I still have to alt+enter to import the Level enum. But if I amend my QuickFix to have a fully qualified item then Sensei will add the import for me e.g.
logger.log(Level.INFO, output);
import java.util.logging.Level;
And this will work, but I will still have to remember the syntax to instantiate the logger in the first place.
I can amend my QuickFix to create the field for me as well.
I will code the logger first, and then add that to my recipe so I never have to code it again.
I tend to write the example code I want to see generated first because then I can use IntelliJ code completion and syntax checking to make sure I get it right. As a side-effect, it will then be in the code preview when I edit the recipe to add the QuickFix lines that will create that code.
And when I write the example code, I want to use a different field name (here I'm using logger2) because Sensei is clever enough not to add a duplicate field, so I have to fool it by using a different name.
So I'll amend the recipe to create this code by adding a field called logger.
availableFixes:
Note that I changed SysOutTest to be a mustache variable so that it picks up the name of any class I use this recipe in. And again, I didn't remember the mustache syntax, I used the GUI Show Variables to find the replacement I needed.
By fully qualifying the Logger to java.util.logging.Logger, Sensei will add the import and write the line of code that I want i.e.
One useful thing about this recipe is that because it will only add the logger field once, I can use this on any existing code where I have used `System.out.println` and use Sensei to change all the occurrences in my code file at the same time.
Once I get used to this, I'll eventually train myself away from using System.out.println.
I can use Sensei to help me proactively write code by creating a second recipe which helps me create a logger.
e.g. I can match on a class, where there is no field called logger, and add one.
If I create a recipe of level Information
Name: Logger: add logger
Description: Add logger to class
To match on a class without a logger field:
And then I will reuse part of the QuickFix we saw earlier:
availableFixes:
Note the difference in target here compared to the first QuickFix. This uses self because our Search matched the class. The first QuickFix uses parentClass because we matched code within the class itself.
This represents one of the key flows associated with using Sensei to help improve your personal programming skillset:
---
You can install Sensei from within IntelliJ using "Preferences \ Plugins" (Mac) or "Settings \ Plugins" (Windows) then just search for "sensei secure code".
The source code and recipes for this can be found in the `sensei-blog-examples` repository in the Secure Code Warrior GitHub account, in the `pojoexamples` module.
This post describes creating a recipe to migrate from System.out.println to using a Java Logger.
When I'm hacking out code, rather than using TDD, and I make mistakes, I have the bad habit of printing a line to System.out, and I've wanted to wean myself off that habit.
I made a bunch of mistakes when writing the code below :
Initially, I wrote countdown++ and the loop didn't finish.
And I used countdown > 1 so didn't get the output I wanted.
In the end, I littered my code with System.out.println to help me debug. And the experience reinforced that I need to learn how to use a logger as my default approach.
Fortunately, I read through the Sensei documentation and decided to use the "Getting Started" guide to help me create a recipe to convert from System.out.println and encourage me to use a logger:
The first thing I do is click on the println then alt+enter to create a new recipe.
I create it with the following details:
And I'll start by matching methodcall with the name println
And the preview shows me all the matches in my code.
I can see that all the matches in my code are for System.out.println but I don't trust that long term this will be the only match. I want to match a more qualified statement I want to change.
I expand the matcher to search for a methodcall on a field named out in the class System.
I could, if I wanted, fully qualify the System name to java.lang.System
Next, I want to create the QuickFix.
First I want to amend the line of code that logs the output:
I don't have to remember the mustache template format. I used the Show Variables in the GUI to show me the argument and double-clicked on it. Then the GUI filled in the appropriate matching mustache template.
When I try it out, I can see that I still have to alt+enter to import the Level enum. But if I amend my QuickFix to have a fully qualified item then Sensei will add the import for me e.g.
logger.log(Level.INFO, output);
import java.util.logging.Level;
And this will work, but I will still have to remember the syntax to instantiate the logger in the first place.
I can amend my QuickFix to create the field for me as well.
I will code the logger first, and then add that to my recipe so I never have to code it again.
I tend to write the example code I want to see generated first because then I can use IntelliJ code completion and syntax checking to make sure I get it right. As a side-effect, it will then be in the code preview when I edit the recipe to add the QuickFix lines that will create that code.
And when I write the example code, I want to use a different field name (here I'm using logger2) because Sensei is clever enough not to add a duplicate field, so I have to fool it by using a different name.
So I'll amend the recipe to create this code by adding a field called logger.
availableFixes:
Note that I changed SysOutTest to be a mustache variable so that it picks up the name of any class I use this recipe in. And again, I didn't remember the mustache syntax, I used the GUI Show Variables to find the replacement I needed.
By fully qualifying the Logger to java.util.logging.Logger, Sensei will add the import and write the line of code that I want i.e.
One useful thing about this recipe is that because it will only add the logger field once, I can use this on any existing code where I have used `System.out.println` and use Sensei to change all the occurrences in my code file at the same time.
Once I get used to this, I'll eventually train myself away from using System.out.println.
I can use Sensei to help me proactively write code by creating a second recipe which helps me create a logger.
e.g. I can match on a class, where there is no field called logger, and add one.
If I create a recipe of level Information
Name: Logger: add logger
Description: Add logger to class
To match on a class without a logger field:
And then I will reuse part of the QuickFix we saw earlier:
availableFixes:
Note the difference in target here compared to the first QuickFix. This uses self because our Search matched the class. The first QuickFix uses parentClass because we matched code within the class itself.
This represents one of the key flows associated with using Sensei to help improve your personal programming skillset:
---
You can install Sensei from within IntelliJ using "Preferences \ Plugins" (Mac) or "Settings \ Plugins" (Windows) then just search for "sensei secure code".
The source code and recipes for this can be found in the `sensei-blog-examples` repository in the Secure Code Warrior GitHub account, in the `pojoexamples` module.
A quick example of creating a recipe to migrate from System.out.println to using a Java Logger.
This post describes creating a recipe to migrate from System.out.println to using a Java Logger.
When I'm hacking out code, rather than using TDD, and I make mistakes, I have the bad habit of printing a line to System.out, and I've wanted to wean myself off that habit.
I made a bunch of mistakes when writing the code below :
Initially, I wrote countdown++ and the loop didn't finish.
And I used countdown > 1 so didn't get the output I wanted.
In the end, I littered my code with System.out.println to help me debug. And the experience reinforced that I need to learn how to use a logger as my default approach.
Fortunately, I read through the Sensei documentation and decided to use the "Getting Started" guide to help me create a recipe to convert from System.out.println and encourage me to use a logger:
The first thing I do is click on the println then alt+enter to create a new recipe.
I create it with the following details:
And I'll start by matching methodcall with the name println
And the preview shows me all the matches in my code.
I can see that all the matches in my code are for System.out.println but I don't trust that long term this will be the only match. I want to match a more qualified statement I want to change.
I expand the matcher to search for a methodcall on a field named out in the class System.
I could, if I wanted, fully qualify the System name to java.lang.System
Next, I want to create the QuickFix.
First I want to amend the line of code that logs the output:
I don't have to remember the mustache template format. I used the Show Variables in the GUI to show me the argument and double-clicked on it. Then the GUI filled in the appropriate matching mustache template.
When I try it out, I can see that I still have to alt+enter to import the Level enum. But if I amend my QuickFix to have a fully qualified item then Sensei will add the import for me e.g.
logger.log(Level.INFO, output);
import java.util.logging.Level;
And this will work, but I will still have to remember the syntax to instantiate the logger in the first place.
I can amend my QuickFix to create the field for me as well.
I will code the logger first, and then add that to my recipe so I never have to code it again.
I tend to write the example code I want to see generated first because then I can use IntelliJ code completion and syntax checking to make sure I get it right. As a side-effect, it will then be in the code preview when I edit the recipe to add the QuickFix lines that will create that code.
And when I write the example code, I want to use a different field name (here I'm using logger2) because Sensei is clever enough not to add a duplicate field, so I have to fool it by using a different name.
So I'll amend the recipe to create this code by adding a field called logger.
availableFixes:
Note that I changed SysOutTest to be a mustache variable so that it picks up the name of any class I use this recipe in. And again, I didn't remember the mustache syntax, I used the GUI Show Variables to find the replacement I needed.
By fully qualifying the Logger to java.util.logging.Logger, Sensei will add the import and write the line of code that I want i.e.
One useful thing about this recipe is that because it will only add the logger field once, I can use this on any existing code where I have used `System.out.println` and use Sensei to change all the occurrences in my code file at the same time.
Once I get used to this, I'll eventually train myself away from using System.out.println.
I can use Sensei to help me proactively write code by creating a second recipe which helps me create a logger.
e.g. I can match on a class, where there is no field called logger, and add one.
If I create a recipe of level Information
Name: Logger: add logger
Description: Add logger to class
To match on a class without a logger field:
And then I will reuse part of the QuickFix we saw earlier:
availableFixes:
Note the difference in target here compared to the first QuickFix. This uses self because our Search matched the class. The first QuickFix uses parentClass because we matched code within the class itself.
This represents one of the key flows associated with using Sensei to help improve your personal programming skillset:
---
You can install Sensei from within IntelliJ using "Preferences \ Plugins" (Mac) or "Settings \ Plugins" (Windows) then just search for "sensei secure code".
The source code and recipes for this can be found in the `sensei-blog-examples` repository in the Secure Code Warrior GitHub account, in the `pojoexamples` module.
A quick example of creating a recipe to migrate from System.out.println to using a Java Logger.
This post describes creating a recipe to migrate from System.out.println to using a Java Logger.
When I'm hacking out code, rather than using TDD, and I make mistakes, I have the bad habit of printing a line to System.out, and I've wanted to wean myself off that habit.
I made a bunch of mistakes when writing the code below :
Initially, I wrote countdown++ and the loop didn't finish.
And I used countdown > 1 so didn't get the output I wanted.
In the end, I littered my code with System.out.println to help me debug. And the experience reinforced that I need to learn how to use a logger as my default approach.
Fortunately, I read through the Sensei documentation and decided to use the "Getting Started" guide to help me create a recipe to convert from System.out.println and encourage me to use a logger:
The first thing I do is click on the println then alt+enter to create a new recipe.
I create it with the following details:
And I'll start by matching methodcall with the name println
And the preview shows me all the matches in my code.
I can see that all the matches in my code are for System.out.println but I don't trust that long term this will be the only match. I want to match a more qualified statement I want to change.
I expand the matcher to search for a methodcall on a field named out in the class System.
I could, if I wanted, fully qualify the System name to java.lang.System
Next, I want to create the QuickFix.
First I want to amend the line of code that logs the output:
I don't have to remember the mustache template format. I used the Show Variables in the GUI to show me the argument and double-clicked on it. Then the GUI filled in the appropriate matching mustache template.
When I try it out, I can see that I still have to alt+enter to import the Level enum. But if I amend my QuickFix to have a fully qualified item then Sensei will add the import for me e.g.
logger.log(Level.INFO, output);
import java.util.logging.Level;
And this will work, but I will still have to remember the syntax to instantiate the logger in the first place.
I can amend my QuickFix to create the field for me as well.
I will code the logger first, and then add that to my recipe so I never have to code it again.
I tend to write the example code I want to see generated first because then I can use IntelliJ code completion and syntax checking to make sure I get it right. As a side-effect, it will then be in the code preview when I edit the recipe to add the QuickFix lines that will create that code.
And when I write the example code, I want to use a different field name (here I'm using logger2) because Sensei is clever enough not to add a duplicate field, so I have to fool it by using a different name.
So I'll amend the recipe to create this code by adding a field called logger.
availableFixes:
Note that I changed SysOutTest to be a mustache variable so that it picks up the name of any class I use this recipe in. And again, I didn't remember the mustache syntax, I used the GUI Show Variables to find the replacement I needed.
By fully qualifying the Logger to java.util.logging.Logger, Sensei will add the import and write the line of code that I want i.e.
One useful thing about this recipe is that because it will only add the logger field once, I can use this on any existing code where I have used `System.out.println` and use Sensei to change all the occurrences in my code file at the same time.
Once I get used to this, I'll eventually train myself away from using System.out.println.
I can use Sensei to help me proactively write code by creating a second recipe which helps me create a logger.
e.g. I can match on a class, where there is no field called logger, and add one.
If I create a recipe of level Information
Name: Logger: add logger
Description: Add logger to class
To match on a class without a logger field:
And then I will reuse part of the QuickFix we saw earlier:
availableFixes:
Note the difference in target here compared to the first QuickFix. This uses self because our Search matched the class. The first QuickFix uses parentClass because we matched code within the class itself.
This represents one of the key flows associated with using Sensei to help improve your personal programming skillset:
---
You can install Sensei from within IntelliJ using "Preferences \ Plugins" (Mac) or "Settings \ Plugins" (Windows) then just search for "sensei secure code".
The source code and recipes for this can be found in the `sensei-blog-examples` repository in the Secure Code Warrior GitHub account, in the `pojoexamples` module.
