Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Continuous Updating with VersionEye at code.talks 2014

1,505 views

Published on

These are the slides from the "Continuous Updating with VersionEye" talk at code.talks 2014 in Hamburg.

Nowadays modern software development without open source is almost impossible. In average a modern software project has 100 open source components. How do you keep track of these open source dependencies? How do you know that they are still alive? How do you manage the licenses for these dependencies? These are all important questions which get answered in this talk.

Published in: Software

Continuous Updating with VersionEye at code.talks 2014

  1. 1. Continuous Updating
  2. 2. Who I am? • Robert Reiz • Software Dev since 1998 • I started VersionEye
  3. 3. What I do? • I write crawlers • I integrate Package Managers • I integrate SCMs
  4. 4. VersionEye Dependency Management • 445K Open Source Projects • 10 Package Managers • 3 SCMs
  5. 5. Why https://www.versioneye.com/statistics
  6. 6. Why
  7. 7. Why I want to stay up-to-date?
  8. 8. 100 libraries per project in avg.
  9. 9. How do you keep track of your Dependencies?
  10. 10. Which Licenses are your dependencies using?
  11. 11. Are your dependencies still alive?
  12. 12. You don’t know ?
  13. 13. Every dependency is a risk factor.
  14. 14. 15 years ago we used to work with the WATERFALL MODEL Requirements Analysis Design Coding Testing Accepting
  15. 15. But today we are AGILE
  16. 16. Everything the Waterfall Model used to execute in one year ... ! ... we nowadays execute in 2 weeks!
  17. 17. The way we develop software today totally changed!
  18. 18. Being AGILE got us CONTINUOUS Testing CONTINUOUS Refactoring CONTINUOUS Integration CONTINUOUS Delivery CONTINUOUS Deployment
  19. 19. But what about Continuous Updating?
  20. 20. Why should I care about Continuous Updating?
  21. 21. Core committers don’t release new versions just for fun!
  22. 22. They always have good reasons • Bug Fixes • Security Fixes • Speed & Memory optimization • New Features
  23. 23. If you can't fly then run, if you can't run then walk, if you can't walk then crawl, but whatever you do you have to keep moving forward. Martin Luther King Jr.
  24. 24. How do you ensure that new versions don’t break the system?
  25. 25. Semantic Versioning Migration Paths Continuous Testing
  26. 26. http://semver.org/
  27. 27. MAJOR.MINOR.PATCH 1.MAJOR version when you make incompatible API changes 2.MINOR version when you add functionality in a backwards-compatible manner 3.PATCH version when you make backwards-compatible bug fixes.
  28. 28. Always follow the MIGRATION PATH
  29. 29. Many small steps are better than one big step ! You can do SMALL MIGRATIONS on the fly. ! BIG MIGRATIONS are risky and expensive. ! If you miss versions, you miss migration paths, too. And that leads to TROUBLE!
  30. 30. Don’t miss migration paths! migrate migrate migrate 1 2 3 4 big migration … expensive!
  31. 31. Always run your TESTS against new versions
  32. 32. 2.245.022 New Releases
  33. 33. New$Releases$ Major# Minor/Patch# 6%# 94%#
  34. 34. 94% of all new releases are harmless and you can update without doubt.
  35. 35. Another reason for being current
  36. 36. Do you really believe those young talents wanna work with COBOL? Or other OLD SHIT?
  37. 37. Tracking versions is a pain!
  38. 38. SOFTWARE LIBRARIES are NOT like iPhone Apps!
  39. 39. 100 libraries per project in avg. After 2 weeks the first libraries are OUT-DATED!
  40. 40. Developers are missing critical BUG FIXES and important UPDATES!
  41. 41. Manually checking for updates is no fun! ! It cost TIME & MONEY! ! NOBODY WANTS TO DO IT!
  42. 42. So, how do you wanna solve this PROBLEM
  43. 43. You have to AUTOMATE
  44. 44. You need a TOOL for that!
  45. 45. GemNotifier Gemnasium VersionEye Languages Ruby Ruby, Node.JS, Python 22 Languages GitHub no yes yes Bitbucket no no yes File upload no no yes URL parsing no no yes Changelogs no yes in progress Security no yes in progress Licenses no no yes API no no yes
  46. 46. www.VersionEye.com Keeps an eye on more than 445K open source libraries! Supports 22 Languages and 10 Package Managers! Integrated with GitHub, Bitbucket, Stash. Open REST JSON API.
  47. 47. Are your dependencies still alive?
  48. 48. KPIs
  49. 49. Heat-map for dead / alive Dependencies
  50. 50. Tags / Labels
  51. 51. Which Licenses are your dependencies using?
  52. 52. License Whitelist
  53. 53. DEMO
  54. 54. https://www.versioneye.com/api
  55. 55. M2 VersionEye Enterprise VM VersionEye.com CI Intranet E-Mail data sync SCM VersionEye Enterprise Updates via Docker Containers
  56. 56. Questions? @RobertReiz #ContinuousUpdating

×