Sonar + Quarkus collaboration

[Jonathan Vila Lopez]

Hello

<Intro>

I work for Sonar (SonarSource) a company that produces 3 main projects: SonarQube, SonarLint, and SonarCloud related to the detection of "bad code" doing code static analysis and helping teams to reduce bugs, and vulnerabilities, and improving cleanliness.

<Context>

These tools are mainly free and open source, at least for Java. And in the case of open source projects even the SaaS approach SonarCloud is free including paid features not in the community edition for SonarQube. 

These tools have rules that cover format, bugs, vulnerabilities, and good practices. 

<Topics to discuss>

Currently, the JVM team has developed several rules covering good practices for Spring Boot, and more are in development.

I was wondering if the Quarkus team would be interested in collaborating :

1. In order to develop/help to develop those rules

2. In order to use SonarCloud for free in the analysis.

Looking forward to hearing your thoughts.

Best

[George Gastaldi]

Hello,

That’s really interesting! I’d love it if I could help with that. Quarkiverse extensions (https://github.com/quarkiverse/) would really benefit from such rules.

Best Regards,

George Gastaldi

--
You received this message because you are subscribed to the Google Groups "Quarkus Development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to quarkus-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt6V2Z-56A%2B_cSybT9TndJbasDh0HoJu0UnSvCE_LP91NQ%40mail.gmail.com.

[Gaëtan Bloch]

Hello,

Not that my opinion matters that much, but I would love to see this happening as a SonarQube/Lint/Cloud heavy user.

If I can participate in any way, let me know.

I'm currently working on this issue (https://github.com/quarkusio/quarkus/issues/9602#issuecomment-1729398262), but don't have much time during this end-of-year period.

Kind regards,

Gaëtan Bloch

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/FCDB1EF3-A02E-4AD0-9856-5A506112F72B%40redhat.com.

[Sergey Beryozkin]

Perhaps giving SonarQube a try as a Github Action can be done ? We currently have CodeQL upstream, so the outputs can be compared

Thanks Sergey

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAKQVN%2BKq%2BjaHe1Y_Q3-boSra7ZacV6cihE%3D%2BBZJ6K5QhsrUZ-g%40mail.gmail.com.

[Marco Bungart]

Setting up sonarcloud is actually quite simple, I have multiple projects that use, e.g. [1]. We can configure sonarcloud to actively fetch metrics. If we want additional coverage, we "just" have to upload the converage reports. The plugin is loaded in [2] and configured in [3]. The rest is a little bit of pipeline magic [4] and sonarcloud github app configuration for MR decoration [5].

Even though the project I linked is not a quarkus project, the setup is pretty much the same :)

If you see something you want to use in your pipeline, feel free to copy what you need.

[1]: https://github.com/turing85/advent-of-code-2022
[2]: https://github.com/turing85/advent-of-code-2022/blob/main/pom.xml#L256
[3]: https://github.com/turing85/advent-of-code-2022/blob/main/pom.xml#L81
[4]: https://github.com/turing85/advent-of-code-2022/blob/main/.github/workflows/build.yml#L281
[5]: https://github.com/turing85/advent-of-code-2022/pull/119#issuecomment-1777352533

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAMsYBfWJaEOB%3DMPsfyntHxKz-1W-VH_ixX_wUmky-nZ1Qm8LnA%40mail.gmail.com.

[Gaëtan Bloch]

Hello,

I think the main purpose of this request is not whether we can easily or not integrate Quarkus code with SonarQube/Cloud. 

It's to provide a set of Sonar rules that can detect Quarkus bad practices and bugs, like Spring is doing.

Gaëtan Bloch

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/f0345bc2-eb1c-4ab8-ae97-da745f1d55f8%40googlemail.com.

[Marco Bungart]

I know :) but more users means more data. And more data (hopefully) leads to better rules

[Jonathan Vila Lopez]

The perfect solution could be using SonarCloud, as it is free for opensource projects and has more features than SonarQube community edition.

[Holly Cummins]

I’m late to this party, but a huge +1 for getting some Quarkus rules into Sonar*. 

If we do nothing else, we should also make sure that Sonar* is running against the quickstart repo, to ensure our recommended best practices and our samples are aligned. :) 

We have a bit of an advantage in Quarkus, because we do so much at build time, so (in principle) we already catch the most serious user errors during compilation. But I’m sure if we put our heads together (and do an SME review of some real-world apps) we could identify some common smells and commonly-missed optimisations. 

--

Holly Cummins

Senior Principal Quarkus Software Engineer, Java Champion

Red Hat 

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt5YtACcE-FGYEw7zGyxcLRpyQu8PRFYxRrdaYOH9LxnQw%40mail.gmail.com.

[Eric Deandrea]

As the primary maintainer of the sample app I'm happy to help contribute/integrate rules as well!

Eric Deandrea

Sr. Principal Technical Marketing Manager

Red Hat

edea...@redhat.com    M: 978.237.4727

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/A4A1DC49-74AE-4547-8F4E-6888D306EF2D%40redhat.com.

[Jonathan Vila Lopez]

Hello

How can we move on to the 2 topics?

1. Quarkus using SonarCloud to analyze the code

  * Quarkus already has the SonarCloud job in the pipeline but no branch assigned so it has never been executed.

  * Quarkusio has been already created as an organization in SonarCloud.io, but it doesn't have any project yet

2. Creation of rules to cover Quarkus best practices

Best

[Guillaume Smet]

Hey Jonathan,

Thanks for reaching out. I'm a big fan of SonarQube (worked a lot with it at my previous company and even contributed to it a bit when it was still called Sonar).

Sorry, I was on PTO when you sent your initial email and had a big pile of things waiting for me when I came back.

I was the one who set up the initial analysis, IIRC, I had some issues and wasn't able to publish anything to Sonarcloud but didn't have much time to dig.

I started the workflow manually to see what's the current status. We need to make it work before actually scheduling it.

I will let you know how it goes.

As for 2, I'm not exactly sure. @Martin Kouba I wonder if some ArC stuff could be a good start? IIRC, you sometimes display warnings (typically when injecting private members?) and that might be a good start as they should be pretty easy to implement.

Thanks!

--

Guillaume

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt7hqpDe6fhi9a9CNvhB1LU-a%2BZgYzePBR6ScxCVhG75BQ%40mail.gmail.com.

[Martin Kouba]

On 21. 11. 23 16:50, Guillaume Smet wrote:
> Hey Jonathan,
>
> Thanks for reaching out. I'm a big fan of SonarQube (worked a lot with
> it at my previous company and even contributed to it a bit when it was
> still called Sonar).
>
> Sorry, I was on PTO when you sent your initial email and had a big pile
> of things waiting for me when I came back.
>
> I was the one who set up the initial analysis, IIRC, I had some issues
> and wasn't able to publish anything to Sonarcloud but didn't have much
> time to dig.
> I started the workflow manually to see what's the current status. We
> need to make it work before actually scheduling it.
> I will let you know how it goes.
>

> As for 2, I'm not exactly sure. @Martin Kouba <mailto:mko...@redhat.com>

> I wonder if some ArC stuff could be a good start? IIRC, you sometimes
> display warnings (typically when injecting private members?) and that
> might be a good start as they should be pretty easy to implement.

Yes, we do log an INFO message if a private member is used (field
injection point, producer field/method, @PreDestroy callback, etc.).

And the rationale is explained in the docs:
https://quarkus.io/guides/cdi-reference#native-executables-and-private-members

>
> Thanks!
>
> --
> Guillaume
>
> On Sat, Nov 18, 2023 at 7:07 PM Jonathan Vila Lopez
> <jonath...@gmail.com <mailto:jonath...@gmail.com>> wrote:
>
> Hello
>
> How can we move on to the 2 topics?
>
> 1. Quarkus using SonarCloud to analyze the code
>   * Quarkus already has the SonarCloud job in the pipeline but no
> branch assigned so it has never been executed.
>   * Quarkusio has been already created as an organization in
> SonarCloud.io, but it doesn't have any project yet
>
> 2. Creation of rules to cover Quarkus best practices
>
> Best
>
> On Thu, Nov 2, 2023 at 2:55 PM Eric Deandrea <edea...@redhat.com
> <mailto:edea...@redhat.com>> wrote:
>
> As the primary maintainer of the sample app I'm happy to help
> contribute/integrate rules as well!
>
>
> Eric Deandrea
>
> Sr. Principal Technical Marketing Manager
>

> Red Hat <https://www.redhat.com/>
>
> edea...@redhat.com <mailto:edea...@redhat.com> M:
> 978.237.4727 <tel:978.237.4727>
>
> <https://red.ht/sig>

>
>
>
>
> On Nov 1, 2023 at 2:26:02 PM, Holly Cummins <hcum...@redhat.com

> <mailto:hcum...@redhat.com>> wrote:
>> I’m late to this party, but a huge +1 for getting some Quarkus
>> rules into Sonar*.
>>
>> If we do nothing else, we should also make sure that Sonar* is
>> running against the quickstart repo, to ensure our recommended
>> best practices and our samples are aligned. :)
>>
>> We have a bit of an advantage in Quarkus, because we do so
>> much at build time, so (in principle) we already catch the
>> most serious user errors during compilation. But I’m sure if
>> we put our heads together (and do an SME review of some
>> real-world apps) we could identify some common smells and
>> commonly-missed optimisations.
>>
>>
>> --
>> HollyCummins
>> Senior Principal Quarkus Software Engineer, Java Champion
>>

>> Red Hat<https://www.redhat.com>
>>
>> <https://www.redhat.com>

>>
>>
>>> On 1 Nov 2023, at 10:27, Jonathan Vila Lopez

>>> <jonath...@gmail.com <mailto:jonath...@gmail.com>> wrote:
>>>
>>> The perfect solution could be using SonarCloud, as it is free
>>> for opensource projects and has more features than SonarQube
>>> community edition.
>>>
>>> On Tue, Oct 31, 2023 at 11:28 PM Sergey Beryozkin
>>> <sbia...@redhat.com <mailto:sbia...@redhat.com>> wrote:
>>>
>>> Perhaps giving SonarQube a try as a Github Action can be
>>> done ? We currently have CodeQL upstream, so the outputs
>>> can be compared
>>>
>>> Thanks Sergey
>>>
>>> On Sat, Oct 28, 2023 at 12:44 PM Gaëtan Bloch

>>> <gaetan...@gmail.com <mailto:gaetan...@gmail.com>>

>>> wrote:
>>>
>>> Hello,
>>>
>>> Not that my opinion matters that much, but I would
>>> love to see this happening as a SonarQube/Lint/Cloud
>>> heavy user.
>>>
>>> If I can participate in any way, let me know.
>>>
>>> I'm currently working on this issue

>>> (https://github.com/quarkusio/quarkus/issues/9602#issuecomment-1729398262 <https://github.com/quarkusio/quarkus/issues/9602#issuecomment-1729398262>), but don't have much time during this end-of-year period.

>>>
>>> Kind regards,
>>>
>>> Gaëtan Bloch
>>>
>>>
>>> On Fri, Oct 27, 2023 at 1:45 PM George Gastaldi
>>> <ggas...@redhat.com <mailto:ggas...@redhat.com>> wrote:
>>>
>>> Hello,
>>>
>>> That’s really interesting! I’d love it if I could
>>> help with that. Quarkiverse extensions
>>> (https://github.com/quarkiverse/

>>> <https://github.com/quarkiverse/>) would really

>>> benefit from such rules.
>>>
>>> Best Regards,
>>>
>>> George Gastaldi
>>>
>>>> On 27 Oct 2023, at 08:37, Jonathan Vila Lopez
>>>> <jonath...@gmail.com

>>>> <mailto:jonath...@gmail.com>> wrote:
>>>>
>>>> Hello
>>>>
>>>> <Intro>
>>>> I work for Sonar (SonarSource) a company that
>>>> produces 3 main projects: SonarQube, SonarLint,
>>>> and SonarCloud related to the detection of "bad
>>>> code" doing code static analysis and helping
>>>> teams to reduce bugs, and vulnerabilities, and
>>>> improving cleanliness.
>>>>
>>>> <Context>
>>>> These tools are mainly free and open source, at
>>>> least for Java. And in the case of open source
>>>> projects even the SaaS approach SonarCloud is
>>>> free including paid features not in the
>>>> community edition for SonarQube.
>>>>

>>>> Thesetools have rulesthat cover format, bugs,

>>>> vulnerabilities, and good practices.
>>>>
>>>> <Topics to discuss>
>>>> Currently,the JVM team has developed
>>>> severalrules

>>>> <https://rules.sonarsource.com/java/tag/spring/>covering good practices for Spring Boot, and more are in development.

>>>>
>>>> I was wondering if the Quarkus team would be
>>>> interested in collaborating:
>>>> 1. In order to develop/help to develop those rules
>>>> 2. In order to use SonarCloud for free in the
>>>> analysis.
>>>>
>>>> Looking forward to hearing your thoughts.
>>>>
>>>> Best
>>>>
>>>> --
>>>> You received this message because you are
>>>> subscribed to the Google Groups "Quarkus
>>>> Development mailing list" group.
>>>> To unsubscribe from this group and stop
>>>> receiving emails from it, send an email

>>>> toquarkus-de...@googlegroups.com
>>>> <mailto:quarkus-dev...@googlegroups.com>.

>>>> To view this discussion on the web

>>>> visithttps://groups.google.com/d/msgid/quarkus-dev/CAE8BUt6V2Z-56A%2B_cSybT9TndJbasDh0HoJu0UnSvCE_LP91NQ%40mail.gmail.com <https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt6V2Z-56A%2B_cSybT9TndJbasDh0HoJu0UnSvCE_LP91NQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.

>>>
>>>
>>> --
>>> You received this message because you are
>>> subscribed to the Google Groups "Quarkus
>>> Development mailing list" group.
>>> To unsubscribe from this group and stop receiving
>>> emails from it, send an email

>>> toquarkus-de...@googlegroups.com
>>> <mailto:quarkus-dev...@googlegroups.com>.

>>> To view this discussion on the web

>>> visithttps://groups.google.com/d/msgid/quarkus-dev/FCDB1EF3-A02E-4AD0-9856-5A506112F72B%40redhat.com <https://groups.google.com/d/msgid/quarkus-dev/FCDB1EF3-A02E-4AD0-9856-5A506112F72B%40redhat.com?utm_medium=email&utm_source=footer>.

>>>
>>>
>>> --
>>> You received this message because you are subscribed
>>> to the Google Groups "Quarkus Development mailing
>>> list" group.
>>> To unsubscribe from this group and stop receiving
>>> emails from it, send an email

>>> toquarkus-de...@googlegroups.com
>>> <mailto:quarkus-dev...@googlegroups.com>.

>>> To view this discussion on the web

>>> visithttps://groups.google.com/d/msgid/quarkus-dev/CAKQVN%2BKq%2BjaHe1Y_Q3-boSra7ZacV6cihE%3D%2BBZJ6K5QhsrUZ-g%40mail.gmail.com <https://groups.google.com/d/msgid/quarkus-dev/CAKQVN%2BKq%2BjaHe1Y_Q3-boSra7ZacV6cihE%3D%2BBZJ6K5QhsrUZ-g%40mail.gmail.com?utm_medium=email&utm_source=footer>.

>>>
>>>
>>> --
>>> You received this message because you are subscribed to the
>>> Google Groups "Quarkus Development mailing list" group.
>>> To unsubscribe from this group and stop receiving emails from

>>> it, send an email toquarkus-de...@googlegroups.com
>>> <mailto:quarkus-dev...@googlegroups.com>.

>>> To view this discussion on the web

>>> visithttps://groups.google.com/d/msgid/quarkus-dev/CAE8BUt5YtACcE-FGYEw7zGyxcLRpyQu8PRFYxRrdaYOH9LxnQw%40mail.gmail.com <https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt5YtACcE-FGYEw7zGyxcLRpyQu8PRFYxRrdaYOH9LxnQw%40mail.gmail.com?utm_medium=email&utm_source=footer>.

>>
>> --
>> You received this message because you are subscribed to the
>> Google Groups "Quarkus Development mailing list" group.
>> To unsubscribe from this group and stop receiving emails from
>> it, send an email to quarkus-dev...@googlegroups.com

>> <mailto:quarkus-dev...@googlegroups.com>.

>> To view this discussion on the web visit

>> https://groups.google.com/d/msgid/quarkus-dev/A4A1DC49-74AE-4547-8F4E-6888D306EF2D%40redhat.com <https://groups.google.com/d/msgid/quarkus-dev/A4A1DC49-74AE-4547-8F4E-6888D306EF2D%40redhat.com?utm_medium=email&utm_source=footer>.

>
> --
> You received this message because you are subscribed to the Google
> Groups "Quarkus Development mailing list" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to quarkus-dev...@googlegroups.com

> <mailto:quarkus-dev...@googlegroups.com>.

> To view this discussion on the web visit

> https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt7hqpDe6fhi9a9CNvhB1LU-a%2BZgYzePBR6ScxCVhG75BQ%40mail.gmail.com <https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt7hqpDe6fhi9a9CNvhB1LU-a%2BZgYzePBR6ScxCVhG75BQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
>

--
Martin Kouba
Principal Software Engineer
Red Hat, Czech Republic

[Guillaume Smet]

Not sure why I stopped last time I worked on this because the workflow we had merged actually worked OK: we had our first analysis published.

I scheduled a weekly scan on Sundays for now and let's see how it goes.

I will try to dedicate some time to see if anything pressing was detected.

--

Guillaume

[Jonathan Vila Lopez]

Sounds great.

Let me know if you think I can be of any help.

PS: probably you could consider creating a New Code definition to have quality evolution and Quality Gates on new code

[Eric Deandrea]

Hey @Jonathan - I've actually just got the Quarkus Superheroes sample application running/publishing to SonarCloud [1]. This set of applications could certainly be a good test bed for rules. Right now its using the default "Sonar Way" ruleset.

[1] https://sonarcloud.io/organizations/quarkusio-quarkus-super-heroes

[Jonathan Vila Lopez]

Hello.

I would love to resume this collaboration. 

How could we collaborate to create several rules ? 

Maybe you could define in natural language and we (Sonar) can develop the Java analyzer rules.

In terms of rules we can consider:
* best practices

* deprecations, depending on the version detected

* migrations from one Quarkus version to another

I'm more than glad to schedule a meeting if that can help.

Best

[Eric Deandrea]

Currently I’m using the default “Sonar Way” for the Superheroes sample application [1]. We could certainly use this as a test bed for testing new rules. I’ve been wanting to for a while now go through the ruleset and customize a bit. My thought process was to look at the rules specific for Spring Boot and see how they could/would/should be adapted for Quarkus. I just haven’t had the time.

I would think that for Quarkus extensions that the ruleset might be different.

[1] https://sonarcloud.io/organizations/quarkusio-quarkus-super-heroes/projects

Eric Deandrea

Sr. Principal Technical Marketing Manager

Red Hat

edea...@redhat.com    M: 978.237.4727

[Max Rydahl Andersen]

Hi Jonathan,

Sorry for the delay - just been to many other things :)

My biggest issue I have is I'm not sure what I can do
with Sonar that will be actual helpful.

• happy to learn more on a call (anyone welcome) if

that can help move things forward.

/max
https://xam.dk/about

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt4TonADTF3fXhN-%2BDpHPDR%2B%2B9%3DtzNDPw_KG9TKadZVkmQ%40mail.gmail.com.

[Jonathan Vila Lopez]

Hello Max

The idea here was to create a set of rules to become the good practices for Quarkus users.... 

So Sonar(Lint | Qube | Cloud) would analyze code and highlight parts where developers have used the quarkus libraries not in the best way

Happy to join a call to talk about this.

Do you have availability next week?

Best

[Eric Deandrea]

@Max - take a look at the Spring-specific rules [1]. These are rules that help enforce quality/security and are specific to spring constructs/patterns/classes/annotations/etc. They’re looking for things like these that would be specific to Quarkus.

Maybe even another set of things that are specific to extension authors.

I’m happy to participate on a call as well.

[1] https://rules.sonarsource.com/java/tag/spring/

Eric Deandrea

Sr. Principal Technical Marketing Manager

Red Hat

edea...@redhat.com    M: 978.237.4727

[Max Rydahl Andersen]

Example where sonar is being a bit overzealous - 

https://github.com/quarkusio/quarkus/discussions/38474

Can one add a Rule that adjust other rules ? :)

/max

https://about.me/maxandersen

[Eric Deandrea]

I’d actually argue in favor of constructor injection :)

Eric Deandrea

Sr. Principal Technical Marketing Manager

Red Hat

edea...@redhat.com    M: 978.237.4727

[Jonathan Vila Lopez]

@Max Rydahl Andersen well, one thing is what the good practices say and another thing what in every particular case is the most pragmatic approach.

I'm with Eric, I prefer constructor injection, and usually is the recommended approach.

But, nothing prevents you to create a Quarkus quality profile (inheriting from the default one) where you disable that rule

https://docs.sonarsource.com/sonarcloud/standards/managing-quality-profiles

Hope this helps

[Jonathan Vila Lopez]

Hello

Just wanted to take up the subject again.

I was thinking of a very initial step: create a list of good practices for Quarkus. Just "don't use this; use that" sentences.

With that, I can try to generate the SonarQube rules.

What do you think? Is there anyone willing to be involved in this?

Best

[Holly Cummins]

I think having a set of SonarQube rules would be great – and in fact, even having a list of good practices would be a useful asset on its own. 

The Quarkus team are, of course, perfect 😁. So we may not have the same “I wrote this unwise code and then I learned” experience of bad practices that some of our users have. But if we started a conversation on zulip about anti-patterns we see in reproducers and customer applications, that might surface some useful best practices.

--

Holly Cummins

Senior Principal Quarkus Software Engineer, Java Champion

Red Hat 

[Eric Deandrea]

I also am willing to help, although some of what I think are “best practices” are often frowned upon by others 🙂 

Eric Deandrea

Java Champion

Sr. Principal Technical Marketing Manager / Developer Advocate

Red Hat

edea...@redhat.com    M: 978.237.4727

[Jonathan Vila Lopez]

That sounds great Eric and Holly :)

How would you like to structure this? We could have a meeting to discuss this or work on a document asynchronously. Very importantly, we could set realistic expectations about the number of rules.

Best

[Eric Deandrea]

Maybe a good way to do this would be to attempt to crowdsource it? Rather than working with one or 2 people, maybe create a Discussion on the Quarkus GitHub around this? That way we can get ideas from both people working on Quarkus as well as feedback from the larger community?

Eric Deandrea

Java Champion

Sr. Principal Technical Marketing Manager / Developer Advocate

Red Hat

edea...@redhat.com    M: 978.237.4727

[Guillaume Smet]

I think this perfectly fits the Working group thingy: https://github.com/quarkusio/quarkus/blob/main/adr/0005-working-group-process.adoc .

I also think we need a final pass by the core Quarkus team once you have gathered all the intel. Because what people think are good practices might not be.

[Jonathan Vila Lopez]

Sounds good.

Who will create the working group ?

The idea behind "good practices" is more related to specific usage of APIs or techniques rather than to more theoretical design concepts. But I understand some rules will have some debate.

At Sonar we have also started working with the Micronaut team on this, so I think it's a great opportunity to move forward with Quarkus.

 

[Holly Cummins]

I agree that the broader the pool of contributors, the better. Marco very kindly made a first pass at crowd-sourcing via zulip: https://quarkusio.zulipchat.com/#narrow/stream/187038-dev/topic/Quarkus.20Anti-Patterns/near/466330773. I’d suggest we take that as a starting point, and go from there?

I guess that means that someone needs to condense that discussion into some summary recommendations, and see how far they get us. :)  

--

Holly Cummins

Senior Principal Quarkus Software Engineer, Java Champion

Red Hat 

[Guillaume Smet]

I started a WG here: https://github.com/quarkusio/quarkus/discussions/43179 and suggested a process that I think could work.

Using threaded discussions on GH will probably be easier to follow and extracting the approved ones in the description will make sure we build on it.

Does it make sense?

[Eric Deandrea]

I think so. I can take a crack at grabbing what’s on the Zulip thread (https://quarkusio.zulipchat.com/#narrow/stream/187038-dev/topic/Quarkus.20Anti-Patterns/near/466330773) and creating a new thread in the discussion for each one. Once I do that I’ll post to that thread and ask the authors of each of the suggestions to review to make sure nothing was lost in translation 🙂 

Eric Deandrea

Java Champion

Sr. Principal Technical Marketing Manager / Developer Advocate

Red Hat

edea...@redhat.com    M: 978.237.4727

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CALt0%2Bo_vX0UQtu6%3DE3EGVXectbkYj8XC7D5EYtrRO8fHxWwYoQ%40mail.gmail.com.

[Georgios Andrianakis]

Thanks!

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAOTfCRVdQ6QWWSiUzizfVv2Yyv-G5FxyRzRTSCHCFAzpt2Lrow%40mail.gmail.com.

--

Georgios Andrianakis

Independent Contractor

[Jonathan Vila Lopez]

Brilliant :) Thank you

[Eric Deandrea]

I’ve just started going through the conversation. May take me a day or two to finish up. As @Guillaume Smet suggested I’m starting a separate comment for each proposal, that way the conversation can be threaded for each proposal.

Eric Deandrea

Java Champion

Sr. Principal Technical Marketing Manager / Developer Advocate

Red Hat

edea...@redhat.com    M: 978.237.4727

To view this discussion on the web visit https://groups.google.com/d/msgid/quarkus-dev/CAE8BUt5WDTBTYCMkCE1O%3DNugRfksqGPUex1qL0vo_kMx4NXcfg%40mail.gmail.com.

[Eric Deandrea]

I’ve finished adding proposals for everything that was on the Zulip chat. Feel free to add additional proposals, or comment on existing ones.

Eric Deandrea

Java Champion

Sr. Principal Technical Marketing Manager / Developer Advocate

Red Hat

edea...@redhat.com    M: 978.237.4727