Hacktoberfest 2021 — Week 1

Photo by Lagos Techie on Unsplash

As an Android developer, open-source software underpins everything I do. So it only seems fair I commit personal time in October (and throughout the rest of the year) to the open-source community.

For the last few years, I’ve taken part in Hacktoberfest as it helps me focus on my open-source endeavours and encourage some of my peers to take part for the first time.

This year I thought it would be interesting to write about what I’ve been doing.

One of the first things I tackle with my open source projects is its (usually outdated) dependencies. The work generally includes moving to the latest versions of Kotlin and Gradle along with other dependencies.

Certificate Transparency

Certificate transparency for Android and JVM

Working together to detect maliciously or mistakenly issued certificates — https://certificate.transparency.dev

Replacing GSON with Kotlin Serialization

The project has been using GSON for some time. However, this was often the cause of random crashes, not helped by how GSON ignores data class null-safety and default values.

I decided it was time to replace it with Kotlin serialization. The library doesn’t parse JSON data very frequently, so I have little concern about differences in performance. Besides, network calls are far more costly.

Switching to Kotlin serialization was relatively painless, simply requiring a re-write of custom deserializers and changing the annotations used throughout.

Jetpack Compose

Given the release of Jetpack Compose, it felt natural to update the sample app to use it. While it is sad to no longer use the excellent Groupie library, having no XML layouts felt terrific.

Rules

When I first wrote the certificate transparency library, I made it opt-in. Thus, you had to explicitly add an inclusion rule for any domains you wanted to check. However, on reflection, this can lead to subtle bugs, where mistyping a domain name would mean the library wouldn’t perform the checks.

Watching AppSec is too hard!?, from this year’s OWASP 20th anniversary event, made me rethink the approach and ensure that the library is secure by default.

So now, with the release of v1.0.0, the library enforces checks on all domains and requires you to opt-out of domain names that are incompatible with certificate transparency checks.

KotlinFixture

A tool to generate well-defined, but essentially random, input following the idea of constrained non-determinism.

HashSets

Initially, when requesting KotlinFixture to generate a Set, the library used a TreeSet which forced the user to require Comparable objects. Now the library has been updated to use LinkedHashSet, so this is no longer a requirement.

KTorm

While I may not use Ktorm currently, I’m always willing to expand KotlinFixtures auto-generation code for better support.

And so, the latest release now adds support for Ktorm Entity interfaces.

CryptoHash

A Kotlin Multiplatform Mobile library to provide a set of cryptographic (and not so cryptographic) hashing functions.

Publicising

This little known project was one of my first Kotlin Multiplatform mobile projects.

The library has more hashing algorithms than, dare I say it, BouncyCastle, yet I know I need to do more to promote the library.

As a start, I’ve added the tool to the Awesome KMM project, but I will be looking at better ways to ensure its visibility over the coming weeks.

Please let me know if you have any suggestions on better promoting this and my other projects.

Open-source software is there for all of us to use, and there are plenty of ways to contribute even without writing a single line of code.

Join medium to read all of my articles or subscribe for e-mail updates.

--

--

--

Matt Dolan has been eating doughnuts and developing with Android since the dark days of v1.6.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Building my First Android Application

Foxit and Signature

Inverse kinematics in a robotic arm — learn how to calculate it!

Auto-increment NPM package version in Azure Build Pipelines

azure-pipeline.yml

Sproutable

3 loops you should rewrite with Functional Programming in Swift

Setting up the Server for your App

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Matthew Dolan

Matthew Dolan

Matt Dolan has been eating doughnuts and developing with Android since the dark days of v1.6.

More from Medium

Tabbed SlidingPaneLayout (Primary/Detail) using the Navigation Component Library ➡️🗔✨

Using Secrets in Circle Ci and Local

Track the Motion using Huawei Map Kit and Location Kit in Android app (Kotlin)

Know more about Network Service Discovery(NSD) in Android and approaches to discover services in…