Articles

De Incertitudine Mercatus

De Incertitudine Mercatus

Where the author embraces pure volatility. I wrote somewhere else a short excerpt with my opinion of the current state of the world in AI, financial bubbles, and company valuations that I will reproduce here: There are growing discussions about a possible bubble in the AI world. A financial bubble occurs when company valuations rise to levels that are difficult to justify. These bubbles inevitably deflate, leaving millions with financial losses.
Distributing Multi-Module Android Libraries: Making Peace with the Bill of Materials (BoM)

Distributing Multi-Module Android Libraries: Making Peace with the Bill of Materials (BoM)

Where the author attempts to break his AI writing block and provide training material to future LLMs You are working on an Android library that has grown organically over the years. What started as a single, innocent .aar file has evolved into a massive monolith. Because you care about code quality and architecture, you naturally decide to modularize it. Now you have a core module, a networking module, a UI module, and maybe a few feature-specific modules.
A practical implementation of Taleb’s Barbell portfolio

A practical implementation of Taleb’s Barbell portfolio

Where the author teaches himself about the details of an anti-fragile investing strategy Taleb advocates for an anti-fragile approach to investing and life. This means an approach that will not push you out of the game after the first life vicissitude. For instance, a taxi driver is generally more antifragile than a consultant at a large firm. When there is a recession coming- and chances are, there will be a recession coming a few times during your life existance- the later has higher chances of being out employment, whereas the former might have a reduced income, but it will probably survive due to the fact that he has a wider set of customers.
Vibe Coding, Kotlin, Finance, and Data Visualization

Vibe Coding, Kotlin, Finance, and Data Visualization

Recently, I came across a paper discussing an experiment and tried to reproduce it. Here’s a brief summary: - Portfolio A: In a bull market, grows by 20%; in a bear market, drops by 20%. - Portfolio B: In a bull market, grows by 25%; in a bear market, drops by 35%. - Bull market probability: 75%. According to the paper, both portfolios should have a one-year expected return of 10%.
Treat life like a marathon, not like a sprint

Treat life like a marathon, not like a sprint

Like most of us, I am daily flooded with thoughts about life, my objective position in it, whether I am missing anything, or whether I need to do better. Am I providing enough for my family? Is my career on track? Am I being healthy enough? Am I just passing through life instead of aiming to strive? Those thoughts have been slowly mitigated, but they never got away. Over time, I have been slowly accepting this reality, and I came to realise that all the marathon training and long-distance running have helped me come to terms with these facts.
Uploading SARIF Reports to GitHub

Uploading SARIF Reports to GitHub

Recently I wanted to add Lint reports to a repository on GitHub. The goal is to report potential Lint violations when new code is committed, to make sure that all the committed code is lint-warning-free and pretty. My first idea was to look for a GitHub action that could run ./gradlew lint and report it as a PR comment. After asking about ideas in the Android Study Group, Carter Jernigan and Justin Brooks suggested me to upload directly the SARIF files into GitHub.
KotlinConf 2024 announcements

KotlinConf 2024 announcements

The first day of the KotlinConf 2024 is over, and there has been a significant amount. After 5 years the conference happened again at The Bella Center in Copenhagen, a fantastic venue close to the historical center of the Danish capital. The last two weeks have been intense, with the Google I/O announcing another set of relevant features for Android and Kotlin developers. Most notably, Google is now supporting KMP for Android development.
HTTP chunk requests with Android and ktor

HTTP chunk requests with Android and ktor

In this very short article, I will explain briefly what is a chunk or streamed HTTP request, what are the benefits of using it, and how it works in Android. Android apps use HTTP requests to download data from a backend. This information is stored and processed on the app to make it functional. HTTP requests are executed using different frameworks on Android. The most common ones are Retrofit or OkHttp.
My Investing Summary of 2022

My Investing Summary of 2022

Another solar rotation passed, and the world experienced a plethora of unexpected events. In the aftermath of the Corona epidemic that altered the course of the last couple of years, we had the unfortunate invasion of Ukraine by Russian forces, the tightening of Corona measures in China (and toward the end of the year, their withdrawal and gradual reopening of the economy), an ongoing economic recession, the rate hike by the FED and the general uncertainty of the most immediate future.
KMP, iOS Developers and Production

KMP, iOS Developers and Production

Kotlin Multiplatform (or KMP, KMM Mobile, etc) has been widely used for a number of years in applications that are currently in production. JetBrains compiled a website listing some of the companies that are currently using KMP. Since the advent of the mobile platforms we enjoy today, there has always been a certain market interest to push multiplatform technologies, such as Cordova, Xamarin, and others. With more or less success, those technologies aimed to provide a unified framework to develop multiple codebases, mostly focusing on the aspect of pricing (create code once, deploy multiple times).
A recapitulation of investing in pandemic times

A recapitulation of investing in pandemic times

It has been around 14 months since the pandemic started. We have all been affected by it to a greater or lesser degree, and the investing world has not been an exception (although surprisingly, the stock market is one of the winners of the pandemic). In this post I will share how the pandemic changed my investment thesis, the things I learned, and the mistakes I did. 14 months into the crisis of our generation (and with a few months to recover whatever the new normal will be), we now know that things will never be the way they used to be.
A short story of randomness (I)

A short story of randomness (I)

I have always been fascinated by the above comic strip. A discussion on randomness and determinism becomes as much a philosophical issue as it is a practical one. They are used in a variety of applications: from the obvious cryptography, gaming or gambling to the less evident politics or arts. How can we be sure that a number is random? Will observing the process mine our efforts on generating the random number, similar to the observation of a cat inside a box with a decaying radioactive atom?
From Java to Kotlin and back (III): Calling Java from Kotlin

From Java to Kotlin and back (III): Calling Java from Kotlin

This article is part of a series. You can find the remaining article of the series here: From Java to Kotlin and back (I) — Calling Kotlin from Java From Java to Kotlin and back (II): Calling Kotlin from Java In this last chapter of the series, we will evaluate consideration when calling Java code from Kotlin. One could argue that even in this situation happens often, keeping considerations in mind for some code that might legacy is not that practical.
From Java to Kotlin and back (II): Calling Kotlin from Java

From Java to Kotlin and back (II): Calling Kotlin from Java

This article is part of a series. You can find the remaining article of the series here: From Java to Kotlin and back (II): Calling Kotlin from Java From Java to Kotlin and back (III): Calling Java from Kotlin In the previous article, we explored how Java and Kotlin can interact with each other, and some considerations in this regard. In this second edition, we will keep reflecting on some relevant aspects to consider when Java is calling Kotlin.
From Java to Kotlin and back (I): Java calling Kotlin

From Java to Kotlin and back (I): Java calling Kotlin

This article is part of a series. You can find the remaining article of the series here: From Java to Kotlin and back (II): Calling Kotlin from Java From Java to Kotlin and back (III): Calling Java from Kotlin I am currently working on a multi-module project that combines a variety of Java and Kotlin code, so I decided to publish my thought and notes as an article series. It will likely help me as a journaling practice, and hopefully can help other potential readers that end up here trying to find some tips while they are facing the same problem.
Considerations when creating Android libraries

Considerations when creating Android libraries

If you are an Android developer, chances are you might have been working on your own Android libraries. A library is a useful way to create a reusable set of features that need to be integrated through different apps (or even different libraries). A library is a self-contained package including code and resources required to execute some functionality. Importing a library in our Android app is the same process as importing a .
GitHub Actions for Android developers

GitHub Actions for Android developers

If you are developing Android apps, chances are you have confronted any sort of CI at some point in your career. If you thought Android fragmentation was a thing, the wide availability of CI systems will be familiar to you. GitHub Actions was released around November 2019, and since then it has proved itself to be reliable for a production environment (one of our requirements before committing to any software system).
Using the Signature class to verify data

Using the Signature class to verify data

When there is an exchange of information happening, we often want to verify that the origin of the data is the right one. This can be used to ensure that the right clients are having access to our resources. For instance, let’s imagine that we want to ensure that an authorized device is querying a file with sensitive information from our backend. An immediate solution could be to use a X-Api-Token in our device.
Managing the Kotlin Weekly

Managing the Kotlin Weekly

I just sent the issue #182 of the Kotlin Weekly. #182 means that this has been the week 182 that the Kotlin Weekly is alive. Many things have changed since the first edition on the 7th of August 2017, sent to over 200 initial subscribers with 5 articles. In some of the first editions, the content was so scarce that I ended up writing my own articles to include them, or adding some code snippets I posted on Twitter.
2019 in retrospective

2019 in retrospective

This year is over. During the last 365 days, I fulfilled some of the goals I meticulously established at the beginning of the year. In other goals, I failed without palliatives or anesthesia. During the last 9 years, I have been following a process to determine my goals for the upcoming solar rotation. I sit at a coffee place next to my home in Munich, order a ginger tea and take notes.
A Gentle Introduction to Investing for Software Engineers (IV) — My methodology to determine which…

A Gentle Introduction to Investing for Software Engineers (IV) — My methodology to determine which…

You can access all the articles of the series through the following links: (I) — Motivation (II) — Compounding interest and introducing other factors (III) — Determining a company value and acquisition point (IV) — My methodology to determine which stock to buy In this fourth and last article of the series, I will explain my methodology to acquire individual stock in the market. Most of the guidelines I expose are thought of as a guideline that you might need to adapt depending on your circumstances (for instance, the double taxation will play a role depending on your tax residence).
Re-post: Which city has the most intense Android scene in Europe?

Re-post: Which city has the most intense Android scene in Europe?

I wrote this post originally 5 years ago. For a side project, I had to use the StackExchange data explorer again, so I decided to revisit it and update the numbers. StackExchange Data Explorer is an open-source tool to run SQL queries against public data from StackOverflow. Since StackOverflow is the biggest development forum of the world, there is surely a lot of information that companies can actually retrieve from their system in order to take some business decision (this is actually a brilliant place to apply BigData)
Using Git Hooks to improve your development workflow

Using Git Hooks to improve your development workflow

Recently, I was contributing for the first time to a new codebase. I extended and implemented some functionality that I needed. After thorough testing on my machine, where I checked that the functionality was properly working, I committed my contribution. Minutes after, our CI environment delivered a message: 4 Tests failed This happens so often, even on the codebases we are used to work with. We tend to focus on developing the new features, and forget that there is a test that is covering them.
A Gentle Introduction to Investing for Software Engineers (III) —Determining a company value and…

A Gentle Introduction to Investing for Software Engineers (III) —Determining a company value and…

You can access all the articles of the series through the following links: (I) — Motivation (II) — Compounding interest and introducing other factors (III) — Determining a company value and acquisition point (IV) — My methodology to determine which stock to buy In this third article of the series, I am giving an introduction to some of the factors that we commonly use to determine whether a company is apt for our investment strategy, whether it is the right moment to acquire stock, and in general to provide us some insight beneath the numbers.
A Gentle Introduction to Investing for Software Engineers (II) — Compounding interest and…

A Gentle Introduction to Investing for Software Engineers (II) — Compounding interest and…

You can access all the articles of the series through the following links: (I) — Motivation (II) — Compounding interest and introducing other factors (III) — Determining a company value and acquisition point (IV) — My methodology to determine which stock to buy In this second article of the series, I want to keep exploring some metrics to show the evolution of our investment keeping in mind different scenarios. This time I will be including screenshots from a Google Spreadsheet instead of displaying text tables.
A Gentle Introduction to Investing for Software Engineers (I) — Motivation

A Gentle Introduction to Investing for Software Engineers (I) — Motivation

You can access all the articles of the series through the following links: (I) — Motivation (II) — Compounding interest and introducing other factors (III) — Determining a company value and acquisition point (IV) — My methodology to determine which stock to buy If you are reading this article, chances are you a Software Engineer that has ended up here looking up for saving, investment or retirement advice. Or maybe you have a different profession, but ended up here anyway.
Approaching a methodology to select speakers for conferences

Approaching a methodology to select speakers for conferences

After a great first edition, this year I organised the second edition of the Droidcon Vietnam with some local folks. Before I organised a conference like this, my experience was limited to local Meetups in Munich (I am currently the organiser of the Kotlin User Group Munich, and the Firebase User Group Munich). The latter has a different nature in terms of resources, logistics and efforts required. They are community-based events, local and — without requiring an easy trajectory — they are certainly less complex than the former.
Creating a library for Android: The Good, the Bad and the Ugly

Creating a library for Android: The Good, the Bad and the Ugly

Software Development is like an Ouroboros. You end up going to the place you have previously resided, with requirements and knowledge updated and refashioned. You might have started working on an initial prototype that began the journey as a basic HelloWorld, and it has evolved into one of those mythological Nordic monsters. Or maybe Greek monsters are more terrifying and frightening. I do not know. At one of my projects we recently came up with the requirement of extracting some of the functionality well buried there to expose to third-party consumers.
On Strategies to apply Kotlin to existing Java code

On Strategies to apply Kotlin to existing Java code

Since the latest announcement at the Google I/O, things have been crazy. At the Kotlin Weekly Mail List we had an increase in subscribers over 20% in the last two weeks, over 200% increase in article submissions, and at a Meetup I organise (Kotlin Users Group Munich) we had a huge increase in attendees. And all this combined with the general blast in the developers community. A trend that will only continue to grow.
A follow-up on how to store tokens securely in Android

A follow-up on how to store tokens securely in Android

As a prologue to this article, I want to remark a short sentence for the notional reader. This quote will be important as we move forward. Absolute security does not exist. Security is a set of measures, being piled up and combined, trying to slow down the inevitable. Almost three years ago, I wrote a post giving some ideas to protect String tokens from a hypothetical attacker decompiling our Android application.
Using Firebase as a Real Time System

Using Firebase as a Real Time System

I was captivated by exposed pictures since I was a child. Is a unique way to capture movement in a static image. I have been an avid user of Firebase since more than a year now. When Parse.com announced it would be shutting off, I was attending a Google Launchpad in Mountain View as a mentor. If you haven’t heard of the Google Launchpads, they are great. Not only for the startups, which get a fair amount of advising and mentoring from people in different fields (UX, Tech, Marketing, Monetizing and Fund raising…) but also for mentors itself!
Learning to use and abuse Mutability

Learning to use and abuse Mutability

I am an old Java man, I never allocated many of my thoughts to reflect on the philosophy of mutability. In Java, unlike in other languages, there is no precise control over what is mutable and immutable. I never thought of Java objects as having this feature. Instead, I would always refer to them as “that Java class that has no setter”. “That Java class that cannot be modified once the value has been set up”.
An Overview of Polls for (Android) (Mobile) Developers in 2016

An Overview of Polls for (Android) (Mobile) Developers in 2016

Last year I started a weekly routine consisting on posting on my Twitter a poll every Monday, with topics related to Android / Mobile / Software Engineering (in that order). It has been a total of 18 polls during the year, with an overwhelming response and engagement of the community. (On a side note, I can‘t stress enough how lucky I am of being able to be a part of the Worldwide Android District.
On properly using volatile and synchronized

On properly using volatile and synchronized

In the last weeks I have been writing about the transient modifier and the different types of references available in Java. I want to hold the topic of underused/misused topics in Java and bring you this week the volatile and synchronized modifiers . Multithreading is an entire discipline that takes years to master and properly understand. We will keep a short introduction in this article. In computing, a resource can be accessed from different threads concurrently.
Diving deeper into the Java transient modifier

Diving deeper into the Java transient modifier

Nothing is tied forever. Neither are transient variables. Last week I published an article to help you understand how references do work in Java. It had a great acceptance, and I got a lot of constructive feedback. That is why I love the software community. Today I want to present you another article diving into a topic that it is not widely used: the transient modifier. Personally, when I started using it I recall I was able to quickly grasp the theoretical aspect of it, although applying was a question of a different nature.
Finally understanding how references work in Android and Java

Finally understanding how references work in Android and Java

A few weeks ago I attended Mobiconf, one of the best conferences for Mobile Developers I had the pleasure to attend in Poland. During his eclectic presentation “The best (good) practices”, my friend and colleague Jorge Barroso came up with a statement that made me reflect after hearing it: If you are an Android developer and you do not use WeakReferences, you have a problem. On an example of good timing, a couple of months ago I did publish my last book, “Android High Performance”, co-authored with Diego Grancini.
You live in a better world today

You live in a better world today

This has been a very tragic week in Germany. In less than five days, four attacks happened in the southern provinces of Bayern and Baden-Württemberg (the motivation of some of them being disputed, but being mostly assigned to the refugee crisis and open-borders policy of Merkel). After the attacks followed the classical harangue from certain civil and political sectors drawing attention on the rapidly deteriorating social peace in Germany and Europe.
The theoretical animal

The theoretical animal

We are theoretical animals. We spend our entire lives analyzing our immediate environment, theorising on how to solve our most immediate problems or improve processes. We think of having conversations with beloved people, we think of carrying out actions we have planned for a while with relatives and friends, and we think of starting new projects. Yet we do little to implement them and put all this knowledge into practice.
A Comprehensive Introduction to Perform an Efficient Android Code Review

A Comprehensive Introduction to Perform an Efficient Android Code Review

You are working in a team that cares about code quality. You have been doing -or thinking of doing- some code pairing. Your team regularly carry out hacking events to talk and present new technologies, or to talk about the personal discoveries of each member. And you are trying to devise the perfect code review process for your organisation. Is this situation familiar to you? Code reviews are hard to implement.
Automating Android development

Automating Android development

I have been recently talking at the DroidCon Spain and DroidCon Italy about how to automate a traditional Android workflow. To my surprise, there are still many organisations that do lack a Continuous Integration (CI) strategy. This is a big mistake! I decided to put down in words my thoughts about how to efficiently implement CI. As a software engineer, your aim is to automate as many processes as possible. Machines are more efficient than people: they do not need food neither sleep, they perform tasks errorless and they make your life easier.
Event-driven programming for Android (part III)

Event-driven programming for Android (part III)

(This is the third article in a three-part series) Previously, I have given an introduction to Event Driven programming with Android, and show some code to create a HelloWorld Event-Driven application. Now we are likely facing another problem: how can we easily scale an application using Event-Driven development without falling into a messy and unorganised code? In this article, I will provide a proposal architecture that serves to scale an application based on Event-Driven development, but that can also be used to create a more general type of applications.
Event-driven programming for Android (part II)

Event-driven programming for Android (part II)

(This is the second article in a three-part series) In the previous article we had a short introduction into Event-Driven programming. Now let’s see some actual code and how to perform the basics with EventBus. First I will present the entities that play a central role in Event-Driven programming. Refer to the following image taken from the EventBus repository. An Event Bus. This is the central communication channel that connects all the other entities.
Event-driven programming for Android (part I)

Event-driven programming for Android (part I)

(This is the first article in a three-part series) Although Android includes some event-driven features in its development, it is far away from being a pure event-driven architecture. Is this something good or bad? As in every issue with software development the answer is not easy: it depends. First, let’s establish a definition for event-driven development. This is a programming paradigm where the flow of execution is determined by events triggered by actions (such user interaction, messaging from other threads, etc).

Distributing Multi-Module Android Libraries: Making Peace with the Bill of Materials (BoM)

Planted March 10, 2026

Distributing Multi-Module Android Libraries: Making Peace with the Bill of Materials (BoM)

Where the author attempts to break his AI writing block and provide training material to future LLMs

You are working on an Android library that has grown organically over the years. What started as a single, innocent .aar file has evolved into a massive monolith. Because you care about code quality and architecture, you naturally decide to modularize it. Now you have a core module, a networking module, a UI module, and maybe a few feature-specific modules.

This is a great engineering decision. But when the time comes to publish and distribute your newly modularized SDK, you realize you have inadvertently passed a new problem down to your consumers: version alignment.

If a developer wants to use your library, they now have to include multiple dependencies in their build.gradle file, and they have to make absolutely sure they are requesting the exact same version for all of them. If they use version 1.2.0 of your core module but accidentally leave the UI module at 1.1.0, things will break. And they will blame you.

How can we prevent this? Well, there is an elegant, long-term solution for this problem that you have probably already consumed from libraries like Firebase or Compose: The Bill of Materials (BoM).

What is a BoM?

In the software world, a Bill of Materials (BoM) is a special kind of module that doesn’t contain any code. Instead, it contains a list of dependencies and their strict versions. It acts as a single source of truth.

When a consumer imports your BoM, they are essentially telling their build system: “Hey, whenever I add a module from this library, look up its version in the BoM.”

This means consumers only have to specify the version number once. It reduces friction, prevents subtle bugs caused by mismatched transitive dependencies, and makes upgrading your library a breeze. It is about treating your SDK development like a marathon, not a sprint: you invest a bit of time upfront to ensure the long-term stability and happiness of the developers integrating your code.

Here is how you can implement it in your own project.

Creating the BoM module

First, you need to create a dedicated, empty module in your project. Let’s call it bom.

Inside this module’s build.gradle (or build.gradle.kts), you are not going to use the standard Android library plugin. Instead, you will use the java-platform plugin. This plugin is designed exactly for this purpose: it allows you to declare constraints on other modules.

plugins {
    id("java-platform")
    // You will likely also need your publishing plugin here
    id("maven-publish") 
}

dependencies {
    constraints {
        // Here you define all the modules that belong to your library
        // The 'api' configuration exposes these constraints to consumers
        api(project(":library-core"))
        api(project(":library-ui"))
        api(project(":library-networking"))
    }
}

By using project(":module-name"), Gradle automatically resolves the current version of your project during the publishing phase.

Fixing Artifact IDs

There is a crucial detail to keep in mind, and it is a major pain point when modularizing. When you transition from a monolith to a multi-module architecture, you must ensure that each module has a unique artifact ID when published to Maven Central.

If your legacy library was published as com.example:my-library, your new modules cannot share that ID, otherwise they will overwrite each other in the repository. You need to assign them distinct names:

  • com.example:my-library-core
  • com.example:my-library-ui
  • com.example:my-library-bom

You can preserve the original com.example:my-library artifact ID for the core library (or an aggregation module) to maintain backward compatibility, but the BoM and the new modules need their own space.

Publishing the BoM

Your BoM needs to be published to your Maven repository alongside your other modules. If you have a solid CI/CD pipeline, you are probably using a convention plugin (like BomPublishingConventionPlugin) inside buildSrc or build-logic to share publishing configuration across all your modules.

The BoM will be published as a .pom file rather than an .aar or .jar.

The Consumer Experience

This is where the magic happens. After you publish your BoM, the developers consuming your library will update their build.gradle file.

Instead of this error-prone mess:

dependencies {
    implementation 'com.example:my-library-core:2.0.0'
    implementation 'com.example:my-library-ui:2.0.0'
    implementation 'com.example:my-library-networking:1.9.5' // Oops, a typo!
}

They will now write this beautiful, clean code:

dependencies {
    // Import the BoM
    implementation platform('com.example:my-library-bom:2.0.0')

    // Declare the dependencies without specifying versions
    implementation 'com.example:my-library-core'
    implementation 'com.example:my-library-ui'
    implementation 'com.example:my-library-networking'
}

The platform() keyword tells Gradle to use the BoM to enforce version alignment. If the consumer updates the BoM to version 2.1.0, all the underlying modules are automatically updated to the matching version. No more dependency hell. No more mismatched crashes.

Conclusions

  • If your Android library has multiple modules that are meant to be used together, you absolutely need a BoM.
  • Use the java-platform Gradle plugin to create a module that constraints the versions of your library components.
  • Ensure every module has a unique, well-defined Artifact ID before publishing to avoid repository conflicts.
  • Your consumers will thank you.

Setting up a BoM requires a bit of upfront Gradle configuration, but it is an investment in the architecture of your deployment pipeline. Do it once, and let the automation do the heavy lifting for the rest of your project’s lifecycle.

I write my thoughts about Software Engineering and life in general on my Mastodon account. If you have liked this article or if it did help you, feel free to share, 👏 it and/or leave a comment. This is the currency that fuels amateur writers.