Show HN: FlowTracker – Track data flowing through Java programs
FlowTracker is a Java agent that monitors data flow in applications, connecting inputs and outputs. It modifies bytecode at runtime but is a proof of concept with performance limitations.
Read original article
FlowTracker is a Java agent designed to monitor data flow within Java applications, providing insights into how data is read, manipulated, and written. Its primary function is to connect inputs and outputs, helping users trace the origins of output data. A demonstration of FlowTracker can be seen using the Spring PetClinic application, where it tracks HTTP requests and the generation of HTML pages based on templates and database interactions. Currently, FlowTracker is a proof of concept and may not be suitable for production due to potential performance overhead. Users can utilize FlowTracker by downloading the agent JAR and adding it to the Java command line with specific JVM options. The agent operates by modifying bytecode at runtime to maintain a mapping of in-memory data to its source, employing method interception and dataflow analysis to track local variables and method arguments. Key components include the Tracker, which holds information about tracked objects, and the TrackerRepository, a global map linking objects to their trackers. However, FlowTracker has limitations, as it does not track all values due to performance concerns and primarily focuses on textual and binary data, with limited support for numerical values. The GitHub repository provides detailed documentation on usage and implementation.
- FlowTracker tracks data flow in Java programs, connecting inputs and outputs.
- It can be demonstrated using the Spring PetClinic application.
- The agent modifies bytecode at runtime to track data origins.
- It is currently a proof of concept and may not be suitable for production.
- Limitations include a focus on textual and binary data, with some performance constraints.
Related
Show HN: ControlFlow – open-source AI workflows
ControlFlow is a Python framework for agentic AI workflows. The GitHub repository offers installation guidelines, examples, features, and development instructions. Users can find detailed guidance and support for building AI workflows.
Show HN: TraceLens Visualizing Distributed Systems
TraceLens is a user-friendly OpenTelemetry UI acting as a Collector for data storage. Free during beta, it offers visualization tools and plans a subscription model for commercial use. Contact Asynkron AB for details.
Show HN: Uniflow - A fast multipurpose workflow engine
Uniflow is a high-performance workflow engine known for managing tasks of varying lengths and allowing on-the-fly specification modifications. It seamlessly integrates new nodes for enhanced features. Find more details on Uniflow on its GitHub Repository.
FileFlows: Execute actions against files in a tree flow structure
FileFlows is a versatile tool for processing various file types like text, images, audio, and video. It supports transcoding, converting, and optimizing files, offering detailed reporting and customization options for users.
Show HN: TargetJ – New JavaScript framework that can animate anything
TargetJ is a JavaScript UI framework on GitHub emphasizing development and animation efficiency. It centers on 'targets,' offering advanced animation, event management, and object collection handling. Find installation, samples, and documentation on targetj.io. Contact Ahmad Wasfi at wasfi2@gmail.com.
- Many users are impressed by the demo, particularly its ability to trace data back to its source, enhancing debugging capabilities.
- Several commenters draw parallels to other tools and concepts, such as taint analysis and Clojure's FlowStorm, indicating a broader interest in similar technologies.
- There is curiosity about the applicability of such tools in other programming languages, like C#.
- Users express excitement about the potential for improved web developer tooling and integration challenges with existing frameworks.
- Some comments reflect on past experiences with similar concepts, emphasizing the ongoing need for effective debugging tools.
18 commentsFor instrumentation, instead of an instrumenting agent it uses a fork of the official Clojure compiler (in Clojure you can easily swap compilers at dev) that adds extra bytecode. What is interesting about recording Clojure programs execution is that most values are immutable, so you can snapshot them by just retaining the pointers.
Edit: Since the OP demo is about exploring a web app for people interested in this topics I'm leaving a demo of FlowStorm debugging a web app also https://www.youtube.com/watch?v=h8AFpZkAwPo
I love how good the tooling is in the java/jvm ecosystem. Last time I was this blown away was with jitwatch ( https://github.com/AdoptOpenJDK/jitwatch )
FlowTracker reminds me a little of taint analysis, which is used for tracking unvalidated user inputs or secrets through a program, making sure it is not leaked or used without validation.
search keywords are "dynamic taint tracking/analysis"
https://github.com/gmu-swe/phosphor
I can totally see a future where tools like this are the first line of defense when troubleshooting bugs.
Integration of any solution like this into existing frameworks feels like a big challenge.
[1] HTML Source Maps - https://github.com/connorjclark/html-source-maps https://docs.google.com/document/d/19XYWiPL9h9vA6QcOrGV9Nfkr...
https://www.youtube.com/watch?v=TWAMr72VaaU&t=164s and https://witheve.com/
Been trying to get this work with VSCode with a project I'm trying to make sense of. Having to take a pause on it right now, but looking forward to getting it working and playing with it.
Related
Show HN: ControlFlow – open-source AI workflows
ControlFlow is a Python framework for agentic AI workflows. The GitHub repository offers installation guidelines, examples, features, and development instructions. Users can find detailed guidance and support for building AI workflows.
Show HN: TraceLens Visualizing Distributed Systems
TraceLens is a user-friendly OpenTelemetry UI acting as a Collector for data storage. Free during beta, it offers visualization tools and plans a subscription model for commercial use. Contact Asynkron AB for details.
Show HN: Uniflow - A fast multipurpose workflow engine
Uniflow is a high-performance workflow engine known for managing tasks of varying lengths and allowing on-the-fly specification modifications. It seamlessly integrates new nodes for enhanced features. Find more details on Uniflow on its GitHub Repository.
FileFlows: Execute actions against files in a tree flow structure
FileFlows is a versatile tool for processing various file types like text, images, audio, and video. It supports transcoding, converting, and optimizing files, offering detailed reporting and customization options for users.
Show HN: TargetJ – New JavaScript framework that can animate anything
TargetJ is a JavaScript UI framework on GitHub emphasizing development and animation efficiency. It centers on 'targets,' offering advanced animation, event management, and object collection handling. Find installation, samples, and documentation on targetj.io. Contact Ahmad Wasfi at wasfi2@gmail.com.