Fred, or any of the others who want to answer,
What brought you and the others to write this book at this time? Not currently being a security guy I imagine there is a wealth of knowledge out there on the topic of security in Java. What was the motivating factors that brought your group together to make this book happen? Was it a deficiency you saw in the current literature for Java in security?
That said, we became equipped with evidence that there are a set of coding guidelines that if followed, result in more reliable and secure code that is also easier to maintain. This book is an effort to document best practices so that a reader becomes acquainted with the basic / advanced set of skills expected from a competent programmer.
What was the motivating factors that brought your group together to make this book happen? Was it a deficiency you saw in the current literature for Java in security?
We did an extensive literature survey and found pieces about Java best practices scattered across various papers, a few current and some dated books. Some of the sources were current and useful, however, we had to connect the dots to put together the book.
There are areas that have received less focus, for example, how do you groom an entry level programmer who has just finished school so that he can write enterprise grade code? One aim of the JCG book is to reach out to the eager learner and the practicing professional so that they can supplement their knowledge to build robust software.
It is nice to have some people who will do the work that your team did. I especially liked how you put
how do you groom an entry level programmer who has just finished school so that he can write enterprise grade code?
I am working to get to the state of an entry-level programmer so I won't understand the whole depth JCG book yet. But I do appreciate you expounding the context from which your team decided to create the JCG book.
Dhruv Mohindra wrote: . . . how do you groom an entry level programmer . . .
I know some of the headings in the ToC for your book are what you would consider common‑or‑garden good programming practice. Examples 22‑25 and 50‑56 fall into that category.
To what extent do you think there is failure to understand such good practice in new graduates? Does it differ from people who have done SCJP/OCPJP?