Mayank Ahuja

5 Mistakes Coders Make with Linked Lists (and How to Avoid Them). Give it a read. 👇

To read exciting stuff, you can subscribe to my blog - https://lnkd.in/d8TXq7bg

( Follow Mayank Ahuja, for regular software development insights - https://lnkd.in/d62YuzpW )

Let's start.

Here are the common mistakes -

1. Null Pointer Errors
▪️Not carefully handling null pointers when traversing or manipulating a linked list causes NPE.
▪️This often happens at boundary conditions (empty lists, the head, or tail of a list).

Prevention -
▪️Always check if a node is null before trying to access its data or 'next' pointer. ▪️Write code defensively to gracefully handle null scenarios.

2. Lost References
▪️Modifying a linked list (e.g. removing or inserting nodes) without keeping track of references can lead to losing parts of your list.

Prevention -
▪️When adding or removing nodes, make sure you update the 'next' (and sometimes 'previous') pointers of surrounding nodes so you don't lose parts of your list.

3. Never-ending Loops
▪️Incorrect traversal logic, especially in circular linked lists, can lead to infinite loops if termination conditions aren't precisely defined.

Prevention -
▪️Be careful when writing loops that move through the list.
▪️Make sure you have a clear condition for when the loop should stop, otherwise your program might run forever (or end up in a stack overflow).

4. Index Errors
▪️If you try to access a linked list element using a number (like you would with an array), remember that linked lists don't work the same way.
▪️Be careful not to go beyond the end of the list or use incorrect calculations.

5. Memory Leaks
▪️Forgetting to deallocate nodes removed from a list (especially in languages like C/C++) leads to memory leaks.
▪️Over time, this eats up available memory.

Prevention -
▪️Rigorous memory deallocation alongside list modification operations.

▪️Languages with Garbage Collection (Java, Python) mitigate this, but aren't foolproof (e.g., circular references can still cause leaks).

#coding #softwaredevelopment #technology #leetcode

[ Python Basics - Dynamic Typing ]

( To follow - https://lnkd.in/d62YuzpW )

In Python, variables have a 'What's in a type?' philosophy.


- variables are dynamic
- which means you don't have to declare their type explicitly.

The type of a variable is determined by the value it holds, and it can change during the execution of your program.

Here's a breakdown:

🔸Dynamic Typing

x = 5 # x is an integer
x = “hello“ # x is now a string

x initially holds an integer value (5) and later is assigned a string value (“hello“).

Python allows this kind of flexibility.


🔸Type Inference

- The interpreter keeps track of the types during runtime.


🔸Variable Reassignment

- You can reassign a variable to a value of a different type.

y = 3.14 # y is a float
y = “world“ # y is now a string


🔸Type Checking

- Python doesn't require explicit type declarations, but it is still important to understand and be aware of the types.
- You can use functions like type() to check the type of a variable.

z = 42
print(type(z)) # Output:


- This dynamic nature provides flexibility but also requires careful handling to avoid unexpected errors.


_________________

You can connect or follow - Mayank Ahuja


image - reddit

#python #basics #technology

#softwaredevelopment

Give me 2 minutes, and I’ll break down 𝐉𝐖𝐓 (JSON Web Tokens) for you.

◾ JSON Web Token (JWT) => open standard (RFC 7519) for securely transmitting information between parties as a JSON object.

◾ a compact and self-contained way to represent a set of claims securely between two parties.

📌 𝐒𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐨𝐟 𝐚 𝐉𝐖𝐓
A JWT consists of three parts => separated by dots (.)

[1.] 𝐇𝐞𝐚𝐝𝐞𝐫
◾ Specifies the algorithm used to sign the token (e.g., HS256, RS256) and the type of the token, which is always JWT.

[2.] 𝐏𝐚𝐲𝐥𝐨𝐚𝐝 (Claims)
◾ Contains the claims (statements) about an entity (typically, the user) and additional data.

There are three types of claims -
◾ Registered claims (standardized): iss (issuer), exp (expiration time), sub (subject), aud (audience) etc.
◾ Public claims (customizable by your application).
◾ Private claims (application-specific agreements).

[3.] 𝐒𝐢𝐠𝐧𝐚𝐭𝐮𝐫𝐞
◾ Created by taking -
a. the encoded header
b. the encoded payload
c. a secret
d. signing it with the algorithm specified in the header

◾ Used to verify the token's authenticity and integrity.

📌 𝐁𝐞𝐧𝐞𝐟𝐢𝐭𝐬 𝐨𝐟 𝐔𝐬𝐢𝐧𝐠 𝐉𝐖𝐓𝐬
◾ Auth
◾ Statelessness => server doesn't need to store session information.
◾ Security =>can be signed using various algorithms
◾ Decentralization => ideal for single sign-on (SSO).

📌 𝐉𝐖𝐓 𝐁𝐞𝐬𝐭 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐞𝐬

JWTs are a tool, not a complete security solution.

Their security hinges on proper implementation and usage. 👍

[1.] Algorithm Selection
◾ Prioritize Asymmetry - Use RS256 (RSA) or ES256 (Elliptic Curve) for stronger security.

◾ Avoid HS256 - HMAC-based signing (HS256) requires careful key management.

◾ Never Use 'none' - This disables signing, rendering JWTs completely insecure.

[2.] Key Management
◾ Generate robust, cryptographically secure keys (256-bit or higher).
◾ Regularly rotate keys.

[3.] Secure Storage
◾ Store keys securely, never in source code or version control.

[4.] Claim Usage
◾ Avoid storing sensitive or personally identifiable information (PII) directly in JWT claims.
◾ Utilize standard claims (iss, exp, aud, sub) consistently.
◾ For sensitive data, encrypt the JWT payload.

[5.] Token Handling
◾ Transmit JWTs exclusively over HTTPS to prevent interception.
◾ Store JWTs in HttpOnly cookies to protect against cross-site scripting (XSS) attacks.
◾ Set short expiration times and consider refresh tokens for longer sessions.
◾ Implement mechanisms for revoking compromised tokens =>blacklists, short-lived tokens.

[6.] Validation and Verification
◾ ALWAYS verify the JWT signature using the appropriate algorithm and key before processing the claims.
◾ Check all relevant claims (exp, iss, aud) for validity and relevance to your application.

=> Implement rate limiting to protect against brute-force attacks.
=>Use security-focused HTTP headers to enhance protection.

--------------

👍 Follow - Mayank Ahuja
🗒️ Newsletter - https://lnkd.in/dJByxEYY

#softwaredevelopment

What is your definition of a Senior Developer?

#softwaredevelopment

Sharing with you a quick walkthrough of the Java versions. Give it a read.👇


Is it Java 1.8 or Java 8? I've been asked this question multiple times.

🚀 Follow Mayank Ahuja, for regular software development insights.

⭐ Subscribe to my blog; I will soon be posting new content - https://lnkd.in/gqQ8vT7x

Let's understand.

📌 [ Java Versioning : Java 8 & Prior ]
◾ Java's versioning convention has been somewhat unconventional in comparison to other software versioning systems.
◾ In the past, Java versions had a major version number followed by a minor version number, like “1.5“ or “1.6.“ This was reflective of the language's initial development and its early version history.
◾ The original naming convention for Java versions was to use the “Java SE x.y“ format, where x was the major version number and y was the minor version number.

So, Java SE 5.0 was actually Java 1.5, Java SE 6.0 was Java 1.6, and so on. This naming convention was used up to Java SE 8.


This naming convention caused some confusion, as people often thought that Java was still on version 1.x, even though there had been many new releases.

📌 [ Java Versioning : Java 9 & Later ]
◾ The distinction between the “1.“ prefix and the major version number (e.g., “1.5“) was, indeed, dropped starting from Java 9.
◾ With Java 9 and later, the version numbers are simply referred to by their major version numbers, without the “1.“ prefix. So, Java 9 is just “9,“ Java 10 is “10,“ and so on.

◾ This change was partly made to reduce confusion and align the version numbering with more conventional practices in the software industry.
◾ It also reflects the significant changes and improvements that were introduced in Java 9 and subsequent versions.


If you like my effort, please like and repost. It might help someone.


*** Java 23 is set to release this year(Sept).



#java #versions #programming #technology #softwaredevelopment

Are you a Leetcode Warrior? 😬
#leetcode #coding #technology #softwaredevelopment

If you are a software developer, you should understand 𝐉𝐖𝐓 (JSON Web Tokens). 👇

◾ JSON Web Token (JWT) => open standard (RFC 7519) for securely transmitting information between parties as a JSON object.

◾ a compact and self-contained way to represent a set of claims securely between two parties.

📌 𝐒𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞 𝐨𝐟 𝐚 𝐉𝐖𝐓
A JWT consists of three parts => separated by dots (.)

[1.] 𝐇𝐞𝐚𝐝𝐞𝐫
◾ Specifies the algorithm used to sign the token (e.g., HS256, RS256) and the type of the token, which is always JWT.

[2.] 𝐏𝐚𝐲𝐥𝐨𝐚𝐝 (Claims)
◾ Contains the claims (statements) about an entity (typically, the user) and additional data.

There are three types of claims -
◾ Registered claims (standardized): iss (issuer), exp (expiration time), sub (subject), aud (audience) etc.
◾ Public claims (customizable by your application).
◾ Private claims (application-specific agreements).

[3.] 𝐒𝐢𝐠𝐧𝐚𝐭𝐮𝐫𝐞
◾ Created by taking -
a. the encoded header
b. the encoded payload
c. a secret
d. signing it with the algorithm specified in the header

◾ Used to verify the token's authenticity and integrity.

📌 𝐁𝐞𝐧𝐞𝐟𝐢𝐭𝐬 𝐨𝐟 𝐔𝐬𝐢𝐧𝐠 𝐉𝐖𝐓𝐬
◾ Auth
◾ Statelessness => server doesn't need to store session information.
◾ Security =>can be signed using various algorithms
◾ Decentralization => ideal for single sign-on (SSO).

📌 𝐉𝐖𝐓 𝐁𝐞𝐬𝐭 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐞𝐬

JWTs are a tool, not a complete security solution.

Their security hinges on proper implementation and usage. 👍

[1.] Algorithm Selection
◾ Prioritize Asymmetry - Use RS256 (RSA) or ES256 (Elliptic Curve) for stronger security.

◾ Avoid HS256 - HMAC-based signing (HS256) requires careful key management.

◾ Never Use 'none' - This disables signing, rendering JWTs completely insecure.

[2.] Key Management
◾ Generate robust, cryptographically secure keys (256-bit or higher).
◾ Regularly rotate keys.

[3.] Secure Storage
◾ Store keys securely, never in source code or version control.

[4.] Claim Usage
◾ Avoid storing sensitive or personally identifiable information (PII) directly in JWT claims.
◾ Utilize standard claims (iss, exp, aud, sub) consistently.
◾ For sensitive data, encrypt the JWT payload.

[5.] Token Handling
◾ Transmit JWTs exclusively over HTTPS to prevent interception.
◾ Store JWTs in HttpOnly cookies to protect against cross-site scripting (XSS) attacks.
◾ Set short expiration times and consider refresh tokens for longer sessions.
◾ Implement mechanisms for revoking compromised tokens =>blacklists, short-lived tokens.

[6.] Validation and Verification
◾ ALWAYS verify the JWT signature using the appropriate algorithm and key before processing the claims.
◾ Check all relevant claims (exp, iss, aud) for validity and relevance to your application.

=> Implement rate limiting to protect against brute-force attacks.
=>Use security-focused HTTP headers (e.g. Content Security Policy, X-Frame-Options) to enhance protection.


#softwaredevelopment

If you code in HTML, you can definitely relate to it. 😉😀( To follow - https://lnkd.in/d62YuzpW )




_______

Mayank Ahuja


#programming #developerlife #leetcode #competitiveprogramming #softwaredevelopment

[ Test-driven Development (TDD) ]

(You can follow, if you like such content - https://lnkd.in/d62YuzpW )

Love to build, Hate to Test?

- Writing tests can be seen as less enjoyable as it requires additional effort, and some developers may find it less immediately gratifying compared to the creative process of coding.

- Deadlines and pressure to deliver quickly might lead to prioritizing coding over testing.

However, writing tests is crucial for maintaining code quality, preventing bugs, and ensuring long-term project success.

Let's learn.

First let's see, how do you do the development without TDD?

A typical way of programming without TDD could be -
[1.] Write a piece of code that has a specific task
[2.] Write some tests to check if the code actually does what it is supposed to be doing

So, what's wrong with this?

Nothing !!

But,

Writing tests after development is mostly done, is almost never a task that a developer enjoys working on. Also, it is easy to forget to test specific scenarios or simply not write any tests for them because of time constraints or other reasons.

Then, What's TDD?

With Test-driven development a developer would -
[1.] First write a single test, that tests a task or requirement for a piece of software. (This test would fail, as the code doesn't exist to do the specified task).
[2.] After the test is created, the code is written that actually performs the task that the test requires the software to do. [3.] Once the code is written, run the test again. It should pass.
[4.] If not, fix any test that might fail at this point until all tests pass.
[5.] Refactor the code.


How do you test your code? Or you don't? 😜


Well, TDD is always debatable, but when developers actually practice the test-driven development approach, they definitely build a safety foundation to find all the bugs before damaging the whole system.

I agree that the most challenging part is building the mindset to follow this approach. It's actually difficult to learn and adjust to its principles if you have never done it before.

It definitely requires some kind of discipline.

Initially, you would feel that it has slowed down your overall development, and it does. But once you master it, it becomes your regular thing to do, it won't be that difficult.


Thanks for reading till the end.

Love talking all things software? Me too! Let's connect. - Mayank A.

Image - Reddit

#tdd #java #technology #softwaredevelopment #design

Testing a prompt might be difficult. Testing an agent? That’s a whole different story.

I’ve been experimenting with LLM agents lately, and if you’ve built one, you know how unpredictable they can be across different users and flows.

That’s why I’ve been diving into Maxim AI.

It’s a simulation and evaluation platform built specifically for AI agents.

I plugged in a sample assistant I’d been testing, and within minutes, I had it running through hundreds of multi-turn conversations, each one simulating across multiple real-world scenarios and user personas.

𝐖𝐡𝐚𝐭 𝐬𝐭𝐨𝐨𝐝 𝐨𝐮𝐭 𝐭𝐨 𝐦𝐞:
➟ You can define specific scenarios and user personas to simulate how your agent would perform in each case
➟ It scales like crazy - 𝐭𝐡𝐨𝐮𝐬𝐚𝐧𝐝𝐬 𝐨𝐟 𝐬𝐞𝐬𝐬𝐢𝐨𝐧𝐬 𝐢𝐧 𝐩𝐚𝐫𝐚𝐥𝐥𝐞𝐥, each with full traceability
➟ It’s easy to integrate into your workflow, and 𝐞𝐯𝐚𝐥𝐮𝐚𝐭𝐢𝐨𝐧 𝐢𝐬 𝐛𝐮𝐢𝐥𝐭-𝐢𝐧 (think task success rate, agent trajectory and bias)

This is how you discover AI quality issues in your agents before your users do. And honestly, it saved me a ton of manual testing time interacting back and forth with my agent.

If you’re working on anything agentic, check it out here: https://getmax.im/Or7oMEp

For Windows problems - Reboot
For Linux problems - Be Root



#windows #linux #meme #humor #linkedin #softwaredevelopment