Your SlideShare is downloading. ×
0
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Towards Tooling; A Look at What is Missing From the Ruby Toolbox
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Towards Tooling; A Look at What is Missing From the Ruby Toolbox

811

Published on

You can usually judge the maturity of a programming language ecosystem by the breadth of its tooling. For example, Java has a plethora of IDEs that each, in turn, have many well maintained refactoring …

You can usually judge the maturity of a programming language ecosystem by the breadth of its tooling. For example, Java has a plethora of IDEs that each, in turn, have many well maintained refactoring and code quality plugins (like FindBugs and PMD). C/C++ is equally well established in this space. Even JavaScript is becoming well represented, with a number of static code analyzers and language supersets (like Dart and TypeScript) aimed at improving tooling in the language. But where is Ruby in all of this? This talk will shed some light on the existing tools available in the Ruby world as well as some new tools just starting to be built out in the areas of static analysis, formal verification, and code quality checking. We will look at what kind of tools the Ruby community is good at building, what kind of tools we are bad at, and most of all, some of the tooling we should be working on to really improve our ecosystem and drive more developers to this wonderful language.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
811
On Slideshare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
8
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Towards Tooling what is missing from our toolbox? Loren Segal @lsegal Friday, November 8, 13
  • 2. Are Rubyists good at testing because they have good tools? Friday, November 8, 13
  • 3. Do Rubyists have good tools because they are good at testing? Friday, November 8, 13
  • 4. Do Rubyists have good tools because they are good at testing? Friday, November 8, 13
  • 5. Friday, November 8, 13
  • 6. Tools are important Friday, November 8, 13
  • 7. We have good tools Friday, November 8, 13
  • 8. ...sometimes. Friday, November 8, 13
  • 9. This talk is about the not-so-good tools Friday, November 8, 13
  • 10. Goals Friday, November 8, 13
  • 11. 1. Introduce different tools Friday, November 8, 13
  • 12. 2. Find out which tools we are missing Friday, November 8, 13
  • 13. 3. Write these tools plz thx! Be a garbage collector Friday, November 8, 13
  • 14. Note: Google TOOL NAME + LANGUAGE You should find the tools referenced in this talk Friday, November 8, 13
  • 15. Kinds of Tools Friday, November 8, 13
  • 16. Deployment / Ops Documentation Testing Visualization High Level Debugging Linting Static Analysis Low Level Friday, November 8, 13
  • 17. Visualization Friday, November 8, 13
  • 18. Some of the most important tools are visualization tools Friday, November 8, 13
  • 19. Know what your code is doing Friday, November 8, 13
  • 20. Thread in a sealed box. Is it dead or alive? Friday, November 8, 13
  • 21. Visual Studio Friday, November 8, 13
  • 22. Visual Studio Friday, November 8, 13
  • 23. XCode Friday, November 8, 13
  • 24. VisualVM Friday, November 8, 13
  • 25. Discoverability Friday, November 8, 13
  • 26. Implementors Call references Friday, November 8, 13 ECLIPSE
  • 27. Not just IDEs Friday, November 8, 13
  • 28. I’ll prove it... Friday, November 8, 13
  • 29. Firebug Friday, November 8, 13
  • 30. Do you remember web development before Firebug? Friday, November 8, 13
  • 31. Before: no visibility. Friday, November 8, 13
  • 32. Ember Inspector Friday, November 8, 13
  • 33. Smalltalk Friday, November 8, 13
  • 34. Friday, November 8, 13
  • 35. Inherently Visual Friday, November 8, 13
  • 36. Where is Ruby viz? Friday, November 8, 13
  • 37. RubyMine Friday, November 8, 13
  • 38. Profilers? Friday, November 8, 13
  • 39. memprof Joe Damato github/ice799/memprof Friday, November 8, 13
  • 40. perftools.rb Friday, November 8, 13
  • 41. NetBeans / JRuby Friday, November 8, 13
  • 42. Use the JVM Friday, November 8, 13
  • 43. Lintng Friday, November 8, 13
  • 44. Lint divide by zero: check initialized vars: check ... style: check (last!) Friday, November 8, 13
  • 45. Ruby? Friday, November 8, 13
  • 46. Reek/Flog/Flay Does: detect code smells Does not: find common errors Friday, November 8, 13
  • 47. Assumption: Pretty code is correct code Friday, November 8, 13
  • 48. Friday, November 8, 13
  • 49. Ugly. Not “correct”. Friday, November 8, 13
  • 50. github.com/lsegal/my_fake_project Friday, November 8, 13
  • 51. PS. I ♡ Code Climate Friday, November 8, 13
  • 52. Understand your tools Friday, November 8, 13
  • 53. Code Climate does not replace testing Friday, November 8, 13
  • 54. ruby-lint Yorick Peterse but it’s new Friday, November 8, 13
  • 55. Nothing comes standard Friday, November 8, 13
  • 56. Other languages? Friday, November 8, 13
  • 57. JSHint (JavaScript) pylint (Python) FindBugs (Java) FxCop (C#) Friday, November 8, 13
  • 58. Widely used. Friday, November 8, 13
  • 59. Why not Ruby? Friday, November 8, 13
  • 60. Friday, November 8, 13
  • 61. Static Analysis lint++ Friday, November 8, 13
  • 62. is a huge field Friday, November 8, 13
  • 63. Friday, November 8, 13
  • 64. Types of “static analysis” - Defect Finding - Memory Checking / Fuzz Testing - Extended Static Checking - Model Checking / Data Flow Analysis - Symbolic Execution Friday, November 8, 13
  • 65. Defect Finding Friday, November 8, 13
  • 66. is basically lint, Friday, November 8, 13
  • 67. but with less emphasis on syntax. Friday, November 8, 13
  • 68. The Usual Suspects Friday, November 8, 13
  • 69. Brakeman Justin Collins brakemanscanner.org (Ruby on Rails) Friday, November 8, 13
  • 70. Finds common flaws in Rails code XSS, SQL injection, mass assignment Friday, November 8, 13
  • 71. Friday, November 8, 13
  • 72. Static detection of security vulnerabilities in scripting languages https://www.usenix.org/legacy/event/sec06/tech/full_papers/xie/xie_html/ Friday, November 8, 13
  • 73. Fuzz Testing Friday, November 8, 13
  • 74. garbage in... Friday, November 8, 13
  • 75. Lots of tools. C, Java, JS, Python, etc. Friday, November 8, 13
  • 76. Lots of papers. Friday, November 8, 13
  • 77. “Automated Whitebox Fuzz Testing” Microsoft Research (used in SAGE) http://research.microsoft.com/en-us/um/people/ pg/public_psfiles/ndss2008.pdf Friday, November 8, 13
  • 78. What about us? Friday, November 8, 13
  • 79. Heckle Ryan Davis, Kevin Clark Friday, November 8, 13
  • 80. Friday, November 8, 13
  • 81. Mutant Markus Schirp github/mbj/mutant Friday, November 8, 13
  • 82. We could use a real fuzz testing tool. Friday, November 8, 13
  • 83. FuzzBert? Martin Bosslet github/krypt/FuzzBert Friday, November 8, 13
  • 84. lots of papers out there with algorithms to implement Friday, November 8, 13
  • 85. LET’S GET Friday, November 8, 13
  • 86. Symbolic Execution Friday, November 8, 13
  • 87. Run your code with no immediate values Friday, November 8, 13
  • 88. Similar to Extended Static Checking but... Friday, November 8, 13
  • 89. Contracts not required and Can tell you which inputs generated valid or invalid state Friday, November 8, 13
  • 90. Think: Automatic Test Case Generation Friday, November 8, 13
  • 91. // @example pow(2, 8) == 256 int pow(int x, int n) { int v[32] = {x}, result = 0; for (int i = 1; i < n; i++) { v[i] = x * v[i-1]; } return v[n-1]; } Friday, November 8, 13
  • 92. SymExe report: x=1,n=5,result=1 x=2,n=8,result=256 x=1,n=0,error: array out of bounds ← x=1,n=33,error: array out of bounds ← Friday, November 8, 13
  • 93. // @example pow(2, 8) == 256 // @requires n > 0 // @requires n < 32 int pow(int x, int n) { int v[32] = {x}, result = 0; for (int i = 1; i < n; i++) { v[i] = x * v[i-1]; } return v[n-1]; } Friday, November 8, 13
  • 94. Tools? Friday, November 8, 13
  • 95. KLEE (LLVM) Kudzu (JavaScript) Kiasan (Java, SPARK) Friday, November 8, 13
  • 96. Nothing for Ruby* “Automatic Program Verification and Test Case Generation of Ruby Programs” (*) Friday, November 8, 13
  • 97. Ruby doesn’t really have a scientific community. Friday, November 8, 13
  • 98. Chicken and egg. Friday, November 8, 13
  • 99. Python vs Ruby? Big boy language? Friday, November 8, 13
  • 100. RECAP Friday, November 8, 13
  • 101. We are great at testing, deployment, web frameworks Friday, November 8, 13
  • 102. Not so good at visualization, linting, static analysis Friday, November 8, 13
  • 103. We attract web developers because we have good web tools Friday, November 8, 13
  • 104. Could we build tools for other communities? science, engineering, math Friday, November 8, 13
  • 105. Take responsibility. Friday, November 8, 13
  • 106. Great tool ideas are waiting to be implemented Friday, November 8, 13
  • 107. Tons of research papers in fields I mentioned scholar.google.com Friday, November 8, 13
  • 108. I had a whole section on my favourite research papers. Friday, November 8, 13
  • 109. Come find me if you want titles. Friday, November 8, 13
  • 110. Thank you. Slides will be linked on Twitter @lsegal Friday, November 8, 13

×