Java News from Tuesday, January 18, 2005

Cenqua has released Clover 1.3.4, a $250 payware unit test coverage tool. 1.3.4 fixes bugs and improves memory usage.

Clover modifies the source code to enable it to follow which statements are executed when, and keeps a running count of how many times each statement is executed during the test suite. Any statement that executes zero times is not being tested. Unlike Jester, Clover only tests whether the tests execute each statement and follow each branch. (It occasionally misses branches on the edges of >= or <=.) It does not test whether the tests correctly detect bugs. On the other hand, it runs orders of magnitude faster than a tool like Jester does. It's easy to use Clover several times a day. Indeed you can use it after each change to the test suite. By contrast, a full Jester run can take several days to complete. Ideally you'd want to use both a tool like Jester and a tool like Clover since they do different things.

Clover has been a major help in developing XOM. It has located numerous bugs in XOM over the last year, and is largely responsible for the completeness of XOM's test suite. Clover has also helped to optimize XOM for both speed and size by finding dead, unreachable code I could cut out. As usual, I tested the new release on the current XOM code base, and it didn't reveal anything too astonishing, but I've been keeping a fairly close eye on the test coverage as I develop so this isn't too surprising. About a week ago I did take a a closer look at what Clover was saying about the nu.xom.tests package where I keep my JUnit tests, and discovered that a few tests weren't actually running due to some stupid errors on my part. I also found some parts of the one published class in that package that was being tested and, wouldn't you know it, as soon as I wrote tests for those lines bugs popped up.

Clover integrates with Ant, NetBeans, Eclipse, IntelliJ IDEA, and Oracle JDeveloper 10g. Clover can generate test coverage reports in XML, HTML, PDF, or via a Swing Viewer. Java 1.2 or later is required.

The Legion of the Bouncy Castle has released version 1.26 of the Bouncy Castle Java Cryptography API, an open source, clean-room implementation of the Java Cryptography Extension (JCE). It supports X.509 certificates, PKCS12, S/MIME, CMS, PKCS7, and lots of other juicy acronyms. It also includes its own light-weight crypto API that works in Java 1.0 and later, and does not depend on the JCE. New features in 1.26 include:

• JDK 1.5 naming conventions for OAEP encryption and PSS signingSupport for Time Stamp Protocol (RFC 3161)
• Support for Mozilla's PublicKeyAndChallenge key certification message
• OpenPGP now supports key rings containing GNU_DUMMY_S2K.
• Support for the new versions (JDK 1.4 and later) of PBEKeySpec
• PBEWithMD5AndRC2, PBEWithSHA1AndRC2 now generate keys rather than exceptions.
• The JDK 1.5 version of the provider supports the new Elliptic Curve classes found in the java.security packages.

Plus a few significant bugs were fixed and some optimizations made. Download it while it's still legal.

Gaundenz Alder has released JAutoCombo 1.3.2, a €14-39 payware auto-completing combo box for Swing.