Which size should the function be of? What is one thing? Which comments are bad?
Robert Martin's view on agile software craftsmanship. Smells and heuristics of code.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
Good quality code is an essential property of a software because it could lead to financial losses or waste of time needed for further maintenance, modification or adjustments if code quality is not good enough.
Which size should the function be of? What is one thing? Which comments are bad?
Robert Martin's view on agile software craftsmanship. Smells and heuristics of code.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
Good quality code is an essential property of a software because it could lead to financial losses or waste of time needed for further maintenance, modification or adjustments if code quality is not good enough.
A few guidelines for peer reviews at Ombu Labs. Be nice, be constructive, suggest alternatives, start discussions, use Git branches, Github pull requests and keep it lean.
Make sure that the pull requests solve a concrete problem today. You can always refactor your solution later. Do not design for the future.
Keep it simple stupid and learn from the comments in your pull requests.
Learn to write effective test cases for chatbots from QA experts at Metaforum Technologies. [Chatbot is a popular web application to collect leads from website visitors]
http://www.metaforumtechnologies.com/training-courses/software-testing-courses/software-testing-training-in-chennai
Green Custard Friday Talk 9: Software Religious ArgumentsGreen Custard
In Green Custard's 9th Friday talk, James explores the subject of Software Religious Arguments.
Topics covered:
- Bracket styles
- Editors
- Strongly typed vs weakly typed
- Windows vs Linux
- iOS vs Android
Green Custard is a custom software development consultancy. To discover more about their work and the team visit www.green-custard.com.
An Introduction To Software Development - Test Driven Development, Part 1Blue Elephant Consulting
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at:
http://youtu.be/bCp1fbAd56k
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at:
https://youtu.be/KcFCcCsn6mM
Many developers know that they should be writing tests for their apps. However, it’s often hard to know how to get started or to convince your manager that you should be spending half of your time writing and maintaining test code. In this talk, you will learn how you can integrate testing into your day-to-day workflow and you’ll learn why a good test suite will not cost you a lot of time. Instead, it should end up saving you time. And as you know, the manager loves it when you manage to save time. You will understand how TDD works, how to integrate the important bits of TDD and how to build a high-quality test suite that is a pleasure to maintain. To round things out, you will also learn about Xcode 11’s new test plans feature and how you can use it to make your test suite even better!
SOLID is a mnemonic device for 5 design principles of object-oriented
programs (OOP) that result in readable, adaptable, and scalable code.
S - Single Responsibility Principle.
O - Open Closed Principle.
L - Liskov Substitution Principle.
I - Interface Segregation Principle.
D - Dependency Inversion Principle.
A few guidelines for peer reviews at Ombu Labs. Be nice, be constructive, suggest alternatives, start discussions, use Git branches, Github pull requests and keep it lean.
Make sure that the pull requests solve a concrete problem today. You can always refactor your solution later. Do not design for the future.
Keep it simple stupid and learn from the comments in your pull requests.
Learn to write effective test cases for chatbots from QA experts at Metaforum Technologies. [Chatbot is a popular web application to collect leads from website visitors]
http://www.metaforumtechnologies.com/training-courses/software-testing-courses/software-testing-training-in-chennai
Green Custard Friday Talk 9: Software Religious ArgumentsGreen Custard
In Green Custard's 9th Friday talk, James explores the subject of Software Religious Arguments.
Topics covered:
- Bracket styles
- Editors
- Strongly typed vs weakly typed
- Windows vs Linux
- iOS vs Android
Green Custard is a custom software development consultancy. To discover more about their work and the team visit www.green-custard.com.
An Introduction To Software Development - Test Driven Development, Part 1Blue Elephant Consulting
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at:
http://youtu.be/bCp1fbAd56k
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at:
https://youtu.be/KcFCcCsn6mM
Many developers know that they should be writing tests for their apps. However, it’s often hard to know how to get started or to convince your manager that you should be spending half of your time writing and maintaining test code. In this talk, you will learn how you can integrate testing into your day-to-day workflow and you’ll learn why a good test suite will not cost you a lot of time. Instead, it should end up saving you time. And as you know, the manager loves it when you manage to save time. You will understand how TDD works, how to integrate the important bits of TDD and how to build a high-quality test suite that is a pleasure to maintain. To round things out, you will also learn about Xcode 11’s new test plans feature and how you can use it to make your test suite even better!
SOLID is a mnemonic device for 5 design principles of object-oriented
programs (OOP) that result in readable, adaptable, and scalable code.
S - Single Responsibility Principle.
O - Open Closed Principle.
L - Liskov Substitution Principle.
I - Interface Segregation Principle.
D - Dependency Inversion Principle.
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at: https://www.youtube.com/watch?v=c2CTDm19Lpg
Basic overview of software test types, methodologies.
Explaining and reasons to test and common pitfalls with various testing methodologies.
Example scenarios for the viewer to think about test strategies.
Tips to avoid having to write tests in the first place.
Content created and presented by Nico Heidtke at the "Die Programmierer" meetup organized by Binary-Gears in Darmstadt, Germany at 02.07.2019.
We want code that is easy to understand, re-usable, and flexible. But we are always up against deadlines, so we rush, and end up with code that is messy, buggy, hard to maintain, and makes us go slower even though we’re trying to go faster.
What is clean code? In this talk I’ll provide some answers to this question, and introduce you to 10 good habits that will help keep your code clean, such as the use of meaningful names for your variables and functions, and following the “Boy Scout Rule” (leave the code cleaner than you found it). I will even try to persuade you that using a lot of code comments is a sign that there are problems with your code.
At some point, the code you write today will be deleted and replaced with something new. This talk will discuss the life cycle of a large code base, and how to manage it over time to accommodate rewrites, giving examples from a major rewrite of the Firefox build and release pipeline over the last two years. You'll learn how to replace components of a running distributed system while keeping it operational, the proverbial replacing the wing of an airplane in flight.
CSCI 180 Project Grading Your project is graded based .docxfaithxdunce63732
CSCI 180 Project Grading
Your project is graded based on four categories: correctness, assignment requirements,
documentation, and style. Below are the point breakdowns for each of these areas, detailing the
range of points you will receive for achievement levels within each of these categories.
Functionality
Note that you cannot receive the minimum functionality points for a level unless your code fulfills
the requirements for that level. So, for example, if you do not fulfill the C-level requirements
completely (with minor errors), the highest grade you can receive is a 39 no matter what other
features you have put into your code.
60-70
50-59
40-49
30-39
0-30
Code compiles and runs without crashing. Fulfills the A-level requirements. Variant
points based on quality of minor flaws in correctness.
Code compiles and runs without crashing. Fulfills the B-level requirements. Variant
points based on discussion of issues arising in reaching the next stage of the project and
in how easy it is to determine the correctness of the code by running it.
Code compiles and runs without crashing. Fulfills the C-level requirements. Variant
points based on discussion of issues arising in reaching the next stage of the project and
in how easy it is to determine the correctness of the code by running it.
Code compiles and runs without crashing. Fulfills D-level requirements. Variant points
based on discussion of issues arising in reaching the next stage of the project and in how
easy it is to determine the correctness of the code by running it.
Code does not compile or code crashes when run. Variant points awarded based on
quality of analysis of the problem with the code.
Assignment Requirements
5 Handed in on time, code has some documentation, and you included a journal (as described
in assignment). The journal includes comments about tasks and issues you encountered and
describes how you tested the project.
3 Assignment is on time, code has some documentation, the journal is completed, but a bit
sparse but seems like you wrote it as you went.
2 Assignment is on time. The journal may be a bit sparse or it may be obvious that you wrote
it after the fact.
1 The code might be undocumented, or you may not have turned in a journal.
0 There was an assignment? Oh yeah, here it is. Oh, a journal -- can I still do that? It is
obvious you need to spend more time reading about deadlines and what is included when
you hand in your work.
Documentation of Code
During this course, I will frequently award points for documentation as follows (up to 2 points
for each item):
• documentation at top of file including name of file, your name, and date
• description of class (top of file)
• documentation on each public method including parameter and return tags.
• interior docu.
Increasing productivity with continuous deliveryAndré Pitombeira
This presentation is about the benefits of continuous delivery. It covers some techniques such as trunk-based development and branch by abstraction. This is intended to help developers to commit small and incremental changes to production on a daily basis.
Software estimation is something that almost all developers working with Scrum have to do once every sprint, but do they really know what a story point means? This presentation introduces some concepts and techniques of software estimation. It is a start point for developers to figure out what could work better in their estimation sessions.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
3. Software
Maintenance
Reports suggest that the cost of
maintenance is high. A study on
estimating software maintenance
found that the cost of maintenance is
as high as 67% of the cost of entire
software process cycle.
4. Code Review
Peer review – an activity in which people other than the author of a software
deliverable examine it for defects and improvement opportunities – is one of
the most powerful software quality tools available.
… software testing alone has limited effectiveness – the average defect
detection rate is only 25 percent for unit testing, 35 percent for function
testing, and 45 percent for integration testing. In contrast, the average
effectiveness of design and code inspections are 55 and 60 percent.
5. Code Review
● Developers tend to think of productivity in terms of “how fast can I write the code for
this new feature”.
● We also tend to say “I write code” when describing our jobs
● Professional software development is a matter of understanding the code that is
already there: we simply spend much more time reading than writing
● Productivity thus depends more on the overall code’s quality and maintainability,
rather than the skills of individual contributors making changes.
7. Using Version Control
● What constitutes a particular version of your software?
● What was done when, by whom, and for what reason?
8. Commit Messages
● Every version control system has the facility to add a description to your
commit
● Many people get into the bad habit of omit the description
● The most important reason to write a descriptive commit message is so
that, when the build breaks, you know who broke the build and why
9. Commit Messages
1. You find a bug that is down to a rather obscure line of code
2. You use your versions control system to find out who put in that line of
code and when
3. That person is off on holiday or has gone home for the night, and left a
commit message that said “fixed obscure bug”
4. You change the obscure line of code to fix the bug
5. Something else breaks
6. You spend hours trying to get the application working again
10. Commit Messages
● A commit message explaining what a person was doing when they
commited that change can save you hours of debugging
● There is not prize for shortests commit messages
● A couple of medium-to-long sentences with an overview of what you were
doing will often save you many times the effort later on
11. Commit Messages
● Write a multiparagraph commit message
● The first paragraph is a summary
○ This is what gets shown on line-per-commit displays
○ This is like a newspaper headline
● The following paragraphs add more details
● Add a link to the identifier in your project management tool for the feature
or bug you are working on
13. Commit Messages
Good commit message:
Make Source.indexOf(ByteString) significantly faster
Previously the algorithm that did this was extremely inefficient, and had worst case runtime of O(N * S * S) for N is size of the
bytestring and S is the number of segments.
The new code runs in O(N * S). It accomplishes this by not starting each search at the first segment, which could occur many
times when called by RealBufferedSource.
---
Issue: [#365](https://link/to/issue/365)
14. Commit Messages
Good commit message:
Add updated credit card icon for sbs reservations
At first we wanted to use the same icon as on the new TM but since in
the list it is a background image, the only way to apply a correct color
to it would be using mask-image css property which is not supported in
IE11. That’s why we duplicated the icons for now until the list will be
moved to Angular and both will be able to make use of the inline SVGs
[BC-3985]
15. Pull Request
● Reviewing pull request is hard
● Make smaller pull requests
● Write useful descriptions and titles
● Have on-point commit messages
● Add comments on your pull request to help guide the reviewer
● Make it visual
16. Pull Request
Approach to writing a Pull Request
● Include the purpose
● Consider provide an overview of why the work is taking place
● Be explicit about the feedback you want
● Be explicit about when you want a feedback
● Mention individual you specifically want to involve in the discussion
● Mention teams you want to involve in the discussion
17. Pull Request
Offering feedback
● Familiarize yourself with the context
● If you disagree strongly, consider giving a few minutes before responding
● Ask, don’t tell (“What do you think about trying?” Instead of “Don’t do!”)
● Explain your reason why the code should be changed
● Offer ways to simplify or improve the code
● Avoid using derogatory terms like “stupid”
● Be humble (“I’m not sure. Let’s try...”)
● Avoid hyperbole (“Never do...”)
● Be aware of negative bias with online communication. Can you use positive language instead of neutral?
● Use emoji to clarify tone
18. Pull Request
Responding to feedback
● Consider leading with an expression of appreciation, especially when feedback has
been mixed
● Ask for clarification. (“I don’t understand, can you clarify?”)
● Offer clarification, explain the decisions you made to reach a solution in question
● Try to respond to every comment
● Link to any follow up commits or Pull Requests
● If there is growing confusion or debate, ask yourself if the written word is still the
best form of communication
19. Pull Request
How can we get started?
1. Code reviews guideline
2. A pull request template
3. Useful resources about how to do this well
21. References
● What makes a good commit message
● The (written) unwritten guide to pull requests
● How to write the perfect pull request
● Code Reviews: Just Do It
● Code reviews: getting started
● Continuous Delivery
● Software Maintenance Overview