General review (#41)

* General review
* Improving CHANGELOG

Author: jabrena

.cursor/rules/101-java-maven-plugins.mdc …ules/101-java-maven-deps-and-plugins.mdc.cursor/rules/101-java-maven-plugins.mdc renamed to .cursor/rules/101-java-maven-deps-and-plugins.mdc .cursor/rules/101-java-maven-plugins.mdc renamed to .cursor/rules/101-java-maven-deps-and-plugins.mdc

@@ -1,9 +1,9 @@
 ---
-description: Maven plugins
+description: Update pom.xlm to add Maven dependencies & plugins
 globs: pom.xml
 alwaysApply: false
 ---
-# Maven plugins
+# Update pom.xlm to add Maven dependencies & plugins
 
 Explain how to update a pom.xml file defining a set of maven plugins
 
@@ -32,8 +32,15 @@ Update the pom.xml with this set of properties:
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
     <!-- Dependencies -->
+    <jspecify.version>1.0.0</jspecify.version>
 
     <!-- Test dependencies -->
+    <junit.version>5.12.0</junit.version>
+    <mockito.version>5.18.0</mockito.version>
+    <assertj.version>3.27.3</assertj.version>
+
+    <!-- Maven Extensions -->
+    <maven-extensions-build-cache.version>1.2.0</maven-extensions-build-cache.version>
 
     <!-- Maven Plugins -->
     <maven-plugins-flatten.version>1.7.0</maven-plugins-flatten.version>
@@ -47,13 +54,27 @@ Update the pom.xml with this set of properties:
     <maven-plugins-jacoco.version>0.8.13</maven-plugins-jacoco.version>
     <maven-plugins-versions.version>2.18.0</maven-plugins-versions.version>
     <maven-plugins-git-commit-id.version>4.9.10</maven-plugins-git-commit-id.version>
+    <maven-plugins-pitest.version>1.19.4</maven-plugins-pitest.version>
+    <maven-plugins-pitest-junit5.version>1.2.3</maven-plugins-pitest-junit5.version>
+    <maven-plugins-dependency-check.version>12.1.1</maven-plugins-dependency-check.version>
 
     <!-- Coverage -->
     <coverage.level>80</coverage.level>
 </properties>
 ```
 
-## Rule 2: Add flatten-maven-plugin
+## Rule 2: Add JSpecify to increase null safety
+
+```xml
+<!-- Null Safety Annotations -->
+<dependency>
+    <groupId>org.jspecify</groupId>
+    <artifactId>jspecify</artifactId>
+    <version>${jspecify.version}</version>
+</dependency>
+```
+
+## Rule 3: Add flatten-maven-plugin
 
 Update the pom.xml with this new plugin:
 
@@ -83,7 +104,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 3: Add maven-plugins-enforcer
+## Rule 4: Add maven-plugins-enforcer
 
 Update the pom.xml with this new plugin:
 
@@ -121,7 +142,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 4: Add maven-plugins-compiler
+## Rule 5: Add maven-plugins-compiler
 
 Create/Update the file $(pwd)/.mvn/jvm.config with the following content:
 
@@ -179,7 +200,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 5: Add maven-plugins-surefire
+## Rule 6: Add maven-plugins-surefire
 
 Update the pom.xml with this new plugin:
 
@@ -200,7 +221,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 6: Add maven-failsafe-plugin
+## Rule 7: Add maven-failsafe-plugin
 
 Update the pom.xml with this new plugin:
 
@@ -227,7 +248,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 7: Add versions-maven-plugin
+## Rule 8: Add versions-maven-plugin
 
 Update the pom.xml with this new plugin:
 
@@ -242,7 +263,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 8: Add git-commit-id-plugin
+## Rule 9: Add git-commit-id-plugin
 
 Update the pom.xml with this new plugin:
 
@@ -268,7 +289,7 @@ Update the pom.xml with this new plugin:
 </plugin>
 ```
 
-## Rule 9: Add jacoco-maven-plugin
+## Rule 10: Add jacoco-maven-plugin
 
 Update the pom.xml with this profile to run jacoco:
 
@@ -333,7 +354,7 @@ Update the pom.xml with this profile to run jacoco:
 </profiles>
 ```
 
-## Rule 10: Add test reports
+## Rule 11: Add test reports
 
 Update the pom.xml with this reporting section:
 
@@ -359,4 +380,113 @@ Update the pom.xml with this reporting section:
         </plugin>
     </plugins>
 </reporting>
+```
+
+## Rule 12: Add Pitest profile to analyze the quality of your asserts
+
+```xml
+<profile>
+    <id>pitest</id>
+    <activation>
+        <activeByDefault>false</activeByDefault>
+    </activation>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.pitest</groupId>
+                <artifactId>pitest-maven</artifactId>
+                <version>${maven-plugins-pitest.version}</version>
+                <configuration>
+                    <targetClasses>
+                        <param>info.jab.cli.*</param>
+                    </targetClasses>
+                    <targetTests>
+                        <param>info.jab.cli.*</param>
+                    </targetTests>
+                    <outputFormats>
+                        <outputFormat>HTML</outputFormat>
+                        <outputFormat>XML</outputFormat>
+                    </outputFormats>
+                    <mutationThreshold>${coverage.level}</mutationThreshold>
+                    <coverageThreshold>${coverage.level}</coverageThreshold>
+                    <timestampedReports>false</timestampedReports>
+                    <verbose>false</verbose>
+                </configuration>
+                <dependencies>
+                    <dependency>
+                        <groupId>org.pitest</groupId>
+                        <artifactId>pitest-junit5-plugin</artifactId>
+                        <version>${maven-plugins-pitest-junit5.version}</version>
+                    </dependency>
+                </dependencies>
+                <executions>
+                    <execution>
+                        <id>pitest-mutation-testing</id>
+                        <goals>
+                            <goal>mutationCoverage</goal>
+                        </goals>
+                        <phase>verify</phase>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</profile>
+```
+
+## Rule 13: Add security profile to execute dependency-check
+
+```xml
+<profile>
+    <id>security</id>
+    <activation>
+        <activeByDefault>false</activeByDefault>
+    </activation>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>${maven-plugins-dependency-check.version}</version>
+                <configuration>
+                    <outputDirectory>${project.build.directory}/dependency-check</outputDirectory>
+                    <format>ALL</format>
+                    <failBuildOnCVSS>7</failBuildOnCVSS>
+                    <skipProvidedScope>false</skipProvidedScope>
+                    <skipRuntimeScope>false</skipRuntimeScope>
+                    <skipSystemScope>false</skipSystemScope>
+                    <skipTestScope>false</skipTestScope>
+                    <!-- Performance and reliability improvements -->
+                    <nvdApiDelay>4000</nvdApiDelay>
+                    <nvdMaxRetryCount>3</nvdMaxRetryCount>
+                    <nvdValidForHours>24</nvdValidForHours>
+                    <!-- Skip analyzers that might cause issues -->
+                    <nodeAnalyzerEnabled>false</nodeAnalyzerEnabled>
+                    <retireJsAnalyzerEnabled>false</retireJsAnalyzerEnabled>
+                </configuration>
+                <executions>
+                    <execution>
+                        <id>dependency-check</id>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                        <phase>verify</phase>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</profile>
+```
+
+# Rule 14: Add extensions
+
+```xml
+<extensions>
+    <extension>
+        <groupId>org.apache.maven.extensions</groupId>
+        <artifactId>maven-build-cache-extension</artifactId>
+        <version>${maven-extensions-build-cache.version}</version>
+    </extension>
+</extensions>
 ```

.cursor/rules/113-java-general-guidelines.mdc

@@ -1,5 +1,5 @@
 ---
-description: General java rules
+description: Java General Guidelines
 globs: **/*.java
 alwaysApply: false
 ---

.cursor/rules/114-java-secure-coding.mdc

@@ -3,7 +3,7 @@ description: Java Secure coding guidelines
 globs: **/*.java
 alwaysApply: false
 ---
-# Java Secure Coding Guidelines
+# Java Secure coding guidelines
 
 This document provides essential Java secure coding guidelines, focusing on five key areas: validating all untrusted inputs to prevent attacks like injection and path traversal; protecting against injection attacks (e.g., SQL injection) by using parameterized queries or prepared statements; minimizing the attack surface by adhering to the principle of least privilege and reducing exposure; employing strong, current cryptographic algorithms for hashing, encryption, and digital signatures while avoiding deprecated ones; and handling exceptions securely by avoiding the exposure of sensitive information in error messages to users and logging detailed, non-sensitive diagnostic information for developers.
 

.cursor/rules/115-java-concurrency.mdc

@@ -3,7 +3,7 @@ description: Java rules for Concurrency objects
 globs: **/*.java
 alwaysApply: false
 ---
-# Java Concurrency
+# Java rules for Concurrency objects
 
 Effective Java concurrency relies on understanding thread safety fundamentals, using `java.util.concurrent` utilities, and managing thread pools with `ExecutorService`. Key practices include implementing concurrent design patterns like Producer-Consumer, leveraging `CompletableFuture` for asynchronous tasks, and ensuring thread safety through immutability and safe publication. Performance aspects like lock contention and memory consistency must be considered. Thorough testing, including stress tests and thread dump analysis, is crucial. Modern Java offers virtual threads for enhanced scalability, structured concurrency for simplified task management, and scoped values for safer thread-shared data as alternatives to thread-locals.
 

.cursor/rules/116-java-logging.mdc

@@ -1,5 +1,5 @@
 ---
-description: Java rules to apply logging guidelines in Java applications
+description: Java Logging Best Practices
 globs: **/*.java
 alwaysApply: false
 ---

.cursor/rules/121-java-unit-testing.mdc

@@ -3,7 +3,7 @@ description: Java Unit testing guidelines
 globs: **/*Test.java
 alwaysApply: false
 ---
-# Java Unit testing
+# Java Unit testing guidelines
 
 Effective Java unit testing involves using JUnit 5 annotations and AssertJ for fluent assertions. Tests should follow the Given-When-Then structure with descriptive names for clarity. Each test must have a single responsibility, be independent, and leverage parameterized tests for data variations. Mocking dependencies with frameworks like Mockito is crucial for isolating the unit under test. While code coverage is a useful guide, the focus should be on meaningful tests for critical logic and edge cases. Test classes and methods should typically be package-private. Strategies for code splitting include small test methods and helper functions. Anti-patterns like testing implementation details, hard-coded values, and ignoring failures should be avoided. Proper state management involves isolated state and immutable objects, and error handling should include testing for expected exceptions and their messages.
 

.cursor/rules/122-java-integration-testing.mdc

@@ -3,7 +3,7 @@ description: Java Integration testing guidelines
 globs: **/*IT.java
 alwaysApply: false
 ---
-# Java Integration Testing Guidelines
+# Java Integration testing guidelines
 
 These guidelines aim to ensure consistency, reliability, and maintainability of integration tests within the project.
 

.cursor/rules/131-java-refactoring-with-modern-features.mdc

@@ -1,5 +1,5 @@
 ---
-description: Java rules to apply modern features released in java8+
+description: Modern Java Development Guidelines (Java 8+)
 globs: **/*.java
 alwaysApply: false
 ---

.cursor/rules/132-java-functional-programming.mdc

@@ -1,9 +1,9 @@
 ---
-description: Java rules for Functional programming
+description: Java Functional Programming rules
 globs: **/*.java
 alwaysApply: false
 ---
-# Java Functional Programming
+# Java Functional Programming rules
 
 Java functional programming revolves around immutable objects and state transformations, ensuring functions are pure (no side effects, depend only on inputs). It leverages functional interfaces, concise lambda expressions, and the Stream API for collection processing. Core paradigms include function composition, `Optional` for null safety, and higher-order functions. Modern Java features like Records enhance immutable data transfer, while pattern matching (for `instanceof` and `switch`) and switch expressions improve conditional logic. Sealed classes and interfaces enable controlled, exhaustive hierarchies, and upcoming Stream Gatherers will offer advanced custom stream operations.
 

.cursor/rules/133-java-data-oriented-programming.mdc

@@ -3,7 +3,7 @@ description: Java rules to apply data oriented programming style
 globs: **/*.java
 alwaysApply: false
 ---
-# Java Data-Oriented Programming
+# Java rules to apply data oriented programming style
 
 Java Data-Oriented Programming emphasizes separating code (behavior) from data structures, which should ideally be immutable (e.g., using records). Data manipulation should occur via pure functions that transform data into new instances. It's often beneficial to keep data structures flat and denormalized (using IDs for references) where appropriate, and to start with generic data representations (like `Map<String, Object>`) converting to specific types only when necessary. Data integrity is ensured through pure validation functions. Flexible, generic data access layers facilitate working with various data types and storage mechanisms. All data transformations should be explicit, traceable, and composed of clear, pure functional steps.