The document describes a technique called CodeInsight that mines insightful code comments from crowdsourced knowledge on Stack Overflow. An exploratory study of Stack Overflow discussions found that around 22% of comments discuss tips, bugs, or warnings related to code examples. CodeInsight uses heuristics like popularity, relevance, comment rank, sentiment, and word count to retrieve these insightful comments for a given code segment. An empirical evaluation showed the technique could recall over 80% of relevant comments on average. A user study with professional developers found that 80% of the comments recommended by CodeInsight were accurate and useful.
Software Analysis using Natural Language QueriesPooja Rani
Understanding a software system consumes a substantial portion of a developer's effort. To support software comprehension and evolution, reverse engineering aims at creating a high-level representation of an existing software system. With state- of-the-art technology, abstract models of software systems are created by reverse engineering tools and analyzed using software analysis tools. Despite the rich functionalities offered by analysis tools, a novice user may find them difficult to use due to an unfamiliar tool environment and query language. In this paper, we propose an approach that allows the developer to formulate a query in a natural language in order to overcome these obstacles.
Speculative analysis for comment quality assessmentPooja Rani
Previous studies have shown that high-quality code comments assist developers in program comprehension and maintenance tasks. However, the semi-structured nature of comments, unclear conventions for writing good comments, and the lack of quality assessment tools for all aspects of comments make their evaluation and maintenance a non-trivial problem.
To achieve high-quality comments, we need a deeper understanding of code comment characteristics and the practices developers follow. Our preliminary findings show that developers embed various kinds of information in class comments across programming languages. Still, they face problems in locating relevant guidelines to write consistent and informative comments, verifying the adherence of their comments to the guidelines, and evaluating the overall state of comment quality.
To help developers and researchers in building comment quality assessment tools, we provide: (i) an empirically validated taxonomy of comment convention-related questions from various community forums, (ii) an empirically validated taxonomy of comment information types from various programming languages, (iii) a language independent approach to automatically identify the information types, and (iv) a comment quality taxonomy prepared from a systematic literature review.
How to do code review and use analysis tool in software developmentMitosis Technology
Code Inspection is a phase of the software development process to find and correct the errors in the functional and non-functional area in the early stage.
Software Analysis using Natural Language QueriesPooja Rani
Understanding a software system consumes a substantial portion of a developer's effort. To support software comprehension and evolution, reverse engineering aims at creating a high-level representation of an existing software system. With state- of-the-art technology, abstract models of software systems are created by reverse engineering tools and analyzed using software analysis tools. Despite the rich functionalities offered by analysis tools, a novice user may find them difficult to use due to an unfamiliar tool environment and query language. In this paper, we propose an approach that allows the developer to formulate a query in a natural language in order to overcome these obstacles.
Speculative analysis for comment quality assessmentPooja Rani
Previous studies have shown that high-quality code comments assist developers in program comprehension and maintenance tasks. However, the semi-structured nature of comments, unclear conventions for writing good comments, and the lack of quality assessment tools for all aspects of comments make their evaluation and maintenance a non-trivial problem.
To achieve high-quality comments, we need a deeper understanding of code comment characteristics and the practices developers follow. Our preliminary findings show that developers embed various kinds of information in class comments across programming languages. Still, they face problems in locating relevant guidelines to write consistent and informative comments, verifying the adherence of their comments to the guidelines, and evaluating the overall state of comment quality.
To help developers and researchers in building comment quality assessment tools, we provide: (i) an empirically validated taxonomy of comment convention-related questions from various community forums, (ii) an empirically validated taxonomy of comment information types from various programming languages, (iii) a language independent approach to automatically identify the information types, and (iv) a comment quality taxonomy prepared from a systematic literature review.
How to do code review and use analysis tool in software developmentMitosis Technology
Code Inspection is a phase of the software development process to find and correct the errors in the functional and non-functional area in the early stage.
What Do Developers Discuss about Code Comments?Pooja Rani
Code comments are important for program compre- hension, development, and maintenance tasks. Given the varying standards for code comments, and their unstructured or semi- structured nature, developers get easily confused (especially novice developers) about which convention(s) to follow, or what tools to use while writing code documentation. Thus, they post related questions on external online sources to seek better commenting practices. In this paper, we analyze code comment discussions on online sources such as Stack Overflow (SO) and Quora to shed some light on the questions developers ask about commenting practices. We apply Latent Dirichlet Allocation (LDA) to identify emerging topics concerning code comments. Then we manually analyze a statistically significant sample set of posts to derive a taxonomy that provides an overview of the developer questions about commenting practices.
Our results highlight that on SO nearly 40% of the questions mention how to write or process comments in documentation tools and environments, and nearly 20% of the questions are about potential limitations and possibilities of documentation tools to add automatically and consistently more information in comments. On the other hand, on Quora, developer questions focus more on background information (35% of the questions) or asking opinions (16% of the questions) about code comments. We found that (i) not all aspects of comments are covered in coding style guidelines, e.g., how to add a specific type of information, (ii) developers need support in learning the syntax and format conventions to add various types of information in comments, and (iii) developers are interested in various automated strategies for comments such as detection of bad comments, or verify comment style automatically, but lack tool support to do that.
PDF: https://arxiv.org/abs/2108.07648
Video: https://youtu.be/EUQINZ38ziU
Replication package: https://doi.org/10.5281/zenodo.5044270
Code reviews have been conducted since decades in
software projects, with the aim of improving code quality from
many different points of view. During code reviews, developers are supported by checklists, coding standards and, possibly, by various kinds of static analysis tools. This paper investigates whether warnings highlighted by static analysis tools are taken care of during code reviews and, whether there are kinds of warnings that tend to be removed more than others. Results of a study conducted by mining the Gerrit repository of six Java open source projects indicate that the density of warnings only slightly vary after each review. The overall percentage of warnings removed during reviews is slightly higher than what previous studies found for the overall project evolution history. However, when looking (quantitatively and qualitatively) at specific categories of warnings, we found that during code reviews developers focus on certain kinds of problems. For such
categories of warnings the removal percentage tend to be very high—often above 50% and sometimes 100%. Examples of those are warnings in the imports, regular expression, and type resolution categories. In conclusion, while a broad warning detection might produce way too many false positives, enforcing the removal of certain warnings prior to the patch submission could reduce the
amount of effort provided during the code review process.
The OW2 OSCAR Framework, OSS Projects and the Value Chain, Market Readiness Observations, Evaluating Readiness and Maturity, Evaluating Open Source Maturity, OW2 OSCAR Approach
The Next Static Code Analysis Tool - Today and TomorrowM Firdaus Harun
Overview of static code analysis
Generations of Code Static Analysis
WOW Features that can be considered to be enhanced for 4th Generation of Code Static Analysis
Managing Large-scale Multimedia Development ProjectsSimon Price
Keynote presentation at IEEE International Conference on Multimedia in Engineering Education 1998, Hong Kong. This paper presents generally applicable techniques drawn from the experience of managing the UK's Teaching and Learning Technology Programme (TLTP) Economics Consortium project to develop WinEcon - a computer based package covering an entire first year introductory economics degree course. The WinEcon project has been a highly successful, large scale multimedia project. It has received multiple international awards, is site licensed by over 80% of UK universities and over 200 organisations world wide. However, what really happens when you set out to develop the world's largest computer based training package for economics with a team of 35 content experts and 17 programmers distributed across eight geographically separate sites is a far cry from the typical case study found in a 'software project management' textbook. There are inherent characteristics of multimedia software which make its development difficult. Consequently any multimedia project carries a high risk of failing to deliver on time, quality or budget and the nature of large scale development projects only serves to amplify the risk to such a degree that many such projects fail to deliver satisfactorily in any of these three areas. These management challenges encountered by the WinEcon project are independent of subject matter and must be addressed when managing any large scale multimedia development.
Software Architects’ Experiences of Quality Requirements: What we Know and ...Luigi Buglione
Abstract. [Context/motivation] Quality requirements (QRs) are a concern of both requirement engineering (RE) specialists and software architects (SAs). However, the majority of empirical studies on QRs take the RE analysts’/clients’ perspectives, and only recently very few included the SAs’ perspective. As a result, (i) relatively little is known about SAs’ involvement in QRs engineering and their coping strategies, and (ii) whatever is known mostly comes from small and midsized projects. [Question/problem] The question in this exploratory study is how SAs cope with QRs in the context of large and contract-based software system delivery projects. [Principal ideas/results] We executed an exploratory case study with 20 SAs in the context of interest. The key results indicate the role SAs play in QRs engineering, the type of requirements communication processes SAs are involved in, the ways QRs are discovered, documented, quantified, validated and negotiated. Our most important findings are that in contract-based contexts: (1) the QRs are approached with the same due diligence as the functional requirements and the architecture design demand, (2) the SAs act proactively and embrace responsibilities over the QRs, (3) willingness to pay and affordability seem as important QRs prioritization criteria as cost and benefits do, and (4) QRs engineering is perceived as a social activity and not as much as a tool and method centric activity.[Contribution] The main contributions of the paper are (i) the explication of the QRs process from SAs’ perspective, and (ii) the comparison of our findings with previously published results
- Combines internet with in situ exposure of new product designs at various stages: rendering, prototype or finalised products
- Rendering evaluation may be conducted on multiple screens, orchestrated through a scenario, that may integrate survey questions
- Central Location (CL) based, eventually using mobile solutions
- Uses either incentivized street intercept respondents or pre-recruited more specific respondents
- Conducted in major cities of Europe and worldwide
Automatic Identification of Informative Code in Stack Overflow PostsPreetha Chatterjee
Despite Stack Overflow’s popularity as a resource for solving coding problems, identifying relevant information from an individual post remains a challenge. The overload of information in a post can make it difficult for developers to identify specific and targeted code fixes. In this paper, we aim to help users identify informative code segments, once they have narrowed down their search to a post relevant to their task. Specifically, we explore natural language- based approaches to extract problematic and suggested code pairs from a post. The goal of the study is to investigate the potential of designing a browser extension to draw the readers’ attention to relevant code segments, and thus improve the experience of software engineers seeking help on Stack Overflow.
124 - Impact of Developer Reputation on Code Review Outcomes in OSS Projects:...ESEM 2014
Context: Gaining an identity and building a good reputation are important motivations for Open Source Software (OSS) developers. It is unclear whether these motivations have any actual impact on OSS project success. Goal: To identify how an OSS developer’s reputation affects the outcome of his/her code review re- quests. Method: We conducted a social network analysis (SNA) of the code review data from eight popular OSS projects. Working on the assumption that core developers have better reputation than pe- ripheral developers, we developed an approach, Core Identification using K-means (CIK) to divide the OSS developers into core and periphery groups based on six SNA centrality measures. We then compared the outcome of the code review process for members of the two groups. Results: The results suggest that the core develop- ers receive quicker first feedback on their review request, complete the review process in shorter time, and are more likely to have their code changes accepted into the project codebase. Peripheral de- velopers may have to wait 2 - 19 times (or 12 - 96 hours) longer than core developers for the review process of their code to complete. Conclusion: We recommend that projects allocate resources or create tool support to triage the code review requests to motivate prospective developers through quick feedback.
RAISE Lab at Dalhousie University
aims to develop tools and technologies for intelligent automation in software engineering. An overview is presented by Dr. Masud Rahman, Assistant Professor, Faculty of Computer Science, Dalhousie University, Canada.
The Forgotten Role of Search Queries in IR-based Bug Localization: An Empiric...Masud Rahman
Being light-weight and cost-effective, IR-based approaches for bug localization have shown promise in finding software bugs. However, the accuracy of these approaches heavily depends on their used bug reports. A significant number of bug reports contain only plain natural language texts. According to existing studies, IR-based approaches cannot perform well when they use these bug reports as search queries. On the other hand, there is a piece of recent evidence that suggests that even these natural language-only reports contain enough good keywords that could help localize the bugs successfully. On one hand, these findings suggest that natural language-only bug reports might be a sufficient source for good query keywords. On the other hand, they cast serious doubt on the query selection practices in the IR-based bug localization. In this article, we attempted to clear the sky on this aspect by conducting an in-depth empirical study that critically examines the state-of-the-art query selection practices in IR-based bug localization. In particular, we use a dataset of 2,320 bug reports, employ ten existing approaches from the literature, exploit the Genetic Algorithm-based approach to construct optimal, near-optimal search queries from these bug reports, and then answer three research questions. We confirmed that the state-of-the-art query construction approaches are indeed not sufficient for constructing appropriate queries (for bug localization) from certain natural language-only bug reports. However, these bug reports indeed contain high-quality search keywords in their texts even though they might not contain explicit hints for localizing bugs (e.g., stack traces). We also demonstrate that optimal queries and non-optimal queries chosen from bug report texts are significantly different in terms of several keyword characteristics (e.g., frequency, entropy, position, part of speech). Such an analysis has led us to four actionable insights on how to choose appropriate keywords from a bug report. Furthermore, we demonstrate 27%–34% improvement in the performance of non-optimal queries through the application of our actionable insights to them. Finally, we summarize our study findings with future research directions (e.g., machine intelligence in keyword selection).
Preprint: https://bit.ly/39nAoun
Publication URL: https://bit.ly/3xVUxlq
Replication package: https://bit.ly/36T8oxL
More details: https://web.cs.dal.ca/~masud
What Do Developers Discuss about Code Comments?Pooja Rani
Code comments are important for program compre- hension, development, and maintenance tasks. Given the varying standards for code comments, and their unstructured or semi- structured nature, developers get easily confused (especially novice developers) about which convention(s) to follow, or what tools to use while writing code documentation. Thus, they post related questions on external online sources to seek better commenting practices. In this paper, we analyze code comment discussions on online sources such as Stack Overflow (SO) and Quora to shed some light on the questions developers ask about commenting practices. We apply Latent Dirichlet Allocation (LDA) to identify emerging topics concerning code comments. Then we manually analyze a statistically significant sample set of posts to derive a taxonomy that provides an overview of the developer questions about commenting practices.
Our results highlight that on SO nearly 40% of the questions mention how to write or process comments in documentation tools and environments, and nearly 20% of the questions are about potential limitations and possibilities of documentation tools to add automatically and consistently more information in comments. On the other hand, on Quora, developer questions focus more on background information (35% of the questions) or asking opinions (16% of the questions) about code comments. We found that (i) not all aspects of comments are covered in coding style guidelines, e.g., how to add a specific type of information, (ii) developers need support in learning the syntax and format conventions to add various types of information in comments, and (iii) developers are interested in various automated strategies for comments such as detection of bad comments, or verify comment style automatically, but lack tool support to do that.
PDF: https://arxiv.org/abs/2108.07648
Video: https://youtu.be/EUQINZ38ziU
Replication package: https://doi.org/10.5281/zenodo.5044270
Code reviews have been conducted since decades in
software projects, with the aim of improving code quality from
many different points of view. During code reviews, developers are supported by checklists, coding standards and, possibly, by various kinds of static analysis tools. This paper investigates whether warnings highlighted by static analysis tools are taken care of during code reviews and, whether there are kinds of warnings that tend to be removed more than others. Results of a study conducted by mining the Gerrit repository of six Java open source projects indicate that the density of warnings only slightly vary after each review. The overall percentage of warnings removed during reviews is slightly higher than what previous studies found for the overall project evolution history. However, when looking (quantitatively and qualitatively) at specific categories of warnings, we found that during code reviews developers focus on certain kinds of problems. For such
categories of warnings the removal percentage tend to be very high—often above 50% and sometimes 100%. Examples of those are warnings in the imports, regular expression, and type resolution categories. In conclusion, while a broad warning detection might produce way too many false positives, enforcing the removal of certain warnings prior to the patch submission could reduce the
amount of effort provided during the code review process.
The OW2 OSCAR Framework, OSS Projects and the Value Chain, Market Readiness Observations, Evaluating Readiness and Maturity, Evaluating Open Source Maturity, OW2 OSCAR Approach
The Next Static Code Analysis Tool - Today and TomorrowM Firdaus Harun
Overview of static code analysis
Generations of Code Static Analysis
WOW Features that can be considered to be enhanced for 4th Generation of Code Static Analysis
Managing Large-scale Multimedia Development ProjectsSimon Price
Keynote presentation at IEEE International Conference on Multimedia in Engineering Education 1998, Hong Kong. This paper presents generally applicable techniques drawn from the experience of managing the UK's Teaching and Learning Technology Programme (TLTP) Economics Consortium project to develop WinEcon - a computer based package covering an entire first year introductory economics degree course. The WinEcon project has been a highly successful, large scale multimedia project. It has received multiple international awards, is site licensed by over 80% of UK universities and over 200 organisations world wide. However, what really happens when you set out to develop the world's largest computer based training package for economics with a team of 35 content experts and 17 programmers distributed across eight geographically separate sites is a far cry from the typical case study found in a 'software project management' textbook. There are inherent characteristics of multimedia software which make its development difficult. Consequently any multimedia project carries a high risk of failing to deliver on time, quality or budget and the nature of large scale development projects only serves to amplify the risk to such a degree that many such projects fail to deliver satisfactorily in any of these three areas. These management challenges encountered by the WinEcon project are independent of subject matter and must be addressed when managing any large scale multimedia development.
Software Architects’ Experiences of Quality Requirements: What we Know and ...Luigi Buglione
Abstract. [Context/motivation] Quality requirements (QRs) are a concern of both requirement engineering (RE) specialists and software architects (SAs). However, the majority of empirical studies on QRs take the RE analysts’/clients’ perspectives, and only recently very few included the SAs’ perspective. As a result, (i) relatively little is known about SAs’ involvement in QRs engineering and their coping strategies, and (ii) whatever is known mostly comes from small and midsized projects. [Question/problem] The question in this exploratory study is how SAs cope with QRs in the context of large and contract-based software system delivery projects. [Principal ideas/results] We executed an exploratory case study with 20 SAs in the context of interest. The key results indicate the role SAs play in QRs engineering, the type of requirements communication processes SAs are involved in, the ways QRs are discovered, documented, quantified, validated and negotiated. Our most important findings are that in contract-based contexts: (1) the QRs are approached with the same due diligence as the functional requirements and the architecture design demand, (2) the SAs act proactively and embrace responsibilities over the QRs, (3) willingness to pay and affordability seem as important QRs prioritization criteria as cost and benefits do, and (4) QRs engineering is perceived as a social activity and not as much as a tool and method centric activity.[Contribution] The main contributions of the paper are (i) the explication of the QRs process from SAs’ perspective, and (ii) the comparison of our findings with previously published results
- Combines internet with in situ exposure of new product designs at various stages: rendering, prototype or finalised products
- Rendering evaluation may be conducted on multiple screens, orchestrated through a scenario, that may integrate survey questions
- Central Location (CL) based, eventually using mobile solutions
- Uses either incentivized street intercept respondents or pre-recruited more specific respondents
- Conducted in major cities of Europe and worldwide
Automatic Identification of Informative Code in Stack Overflow PostsPreetha Chatterjee
Despite Stack Overflow’s popularity as a resource for solving coding problems, identifying relevant information from an individual post remains a challenge. The overload of information in a post can make it difficult for developers to identify specific and targeted code fixes. In this paper, we aim to help users identify informative code segments, once they have narrowed down their search to a post relevant to their task. Specifically, we explore natural language- based approaches to extract problematic and suggested code pairs from a post. The goal of the study is to investigate the potential of designing a browser extension to draw the readers’ attention to relevant code segments, and thus improve the experience of software engineers seeking help on Stack Overflow.
124 - Impact of Developer Reputation on Code Review Outcomes in OSS Projects:...ESEM 2014
Context: Gaining an identity and building a good reputation are important motivations for Open Source Software (OSS) developers. It is unclear whether these motivations have any actual impact on OSS project success. Goal: To identify how an OSS developer’s reputation affects the outcome of his/her code review re- quests. Method: We conducted a social network analysis (SNA) of the code review data from eight popular OSS projects. Working on the assumption that core developers have better reputation than pe- ripheral developers, we developed an approach, Core Identification using K-means (CIK) to divide the OSS developers into core and periphery groups based on six SNA centrality measures. We then compared the outcome of the code review process for members of the two groups. Results: The results suggest that the core develop- ers receive quicker first feedback on their review request, complete the review process in shorter time, and are more likely to have their code changes accepted into the project codebase. Peripheral de- velopers may have to wait 2 - 19 times (or 12 - 96 hours) longer than core developers for the review process of their code to complete. Conclusion: We recommend that projects allocate resources or create tool support to triage the code review requests to motivate prospective developers through quick feedback.
RAISE Lab at Dalhousie University
aims to develop tools and technologies for intelligent automation in software engineering. An overview is presented by Dr. Masud Rahman, Assistant Professor, Faculty of Computer Science, Dalhousie University, Canada.
The Forgotten Role of Search Queries in IR-based Bug Localization: An Empiric...Masud Rahman
Being light-weight and cost-effective, IR-based approaches for bug localization have shown promise in finding software bugs. However, the accuracy of these approaches heavily depends on their used bug reports. A significant number of bug reports contain only plain natural language texts. According to existing studies, IR-based approaches cannot perform well when they use these bug reports as search queries. On the other hand, there is a piece of recent evidence that suggests that even these natural language-only reports contain enough good keywords that could help localize the bugs successfully. On one hand, these findings suggest that natural language-only bug reports might be a sufficient source for good query keywords. On the other hand, they cast serious doubt on the query selection practices in the IR-based bug localization. In this article, we attempted to clear the sky on this aspect by conducting an in-depth empirical study that critically examines the state-of-the-art query selection practices in IR-based bug localization. In particular, we use a dataset of 2,320 bug reports, employ ten existing approaches from the literature, exploit the Genetic Algorithm-based approach to construct optimal, near-optimal search queries from these bug reports, and then answer three research questions. We confirmed that the state-of-the-art query construction approaches are indeed not sufficient for constructing appropriate queries (for bug localization) from certain natural language-only bug reports. However, these bug reports indeed contain high-quality search keywords in their texts even though they might not contain explicit hints for localizing bugs (e.g., stack traces). We also demonstrate that optimal queries and non-optimal queries chosen from bug report texts are significantly different in terms of several keyword characteristics (e.g., frequency, entropy, position, part of speech). Such an analysis has led us to four actionable insights on how to choose appropriate keywords from a bug report. Furthermore, we demonstrate 27%–34% improvement in the performance of non-optimal queries through the application of our actionable insights to them. Finally, we summarize our study findings with future research directions (e.g., machine intelligence in keyword selection).
Preprint: https://bit.ly/39nAoun
Publication URL: https://bit.ly/3xVUxlq
Replication package: https://bit.ly/36T8oxL
More details: https://web.cs.dal.ca/~masud
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
A tale of scale & speed: How the US Navy is enabling software delivery from l...
CodeInsight-SCAM2015
1. RECOMMENDING INSIGHTFUL COMMENTS
FOR SOURCE
CODE USING CROWDSOURCED
KNOWLEDGE
Mohammad Masudur Rahman, Chanchal K. Roy and
+Iman Keivanloo
Department of Computer Science
University of Saskatchewan, +Queen’s University, Canada
15th International Working Conference on Source Code
Analysis and Manipulation (SCAM 2015)
Presented by: Jeffrey Svajlenko
2. CODE COMMENTS
2
Programmer-readable
annotations in the code
Explains what the code
does and how
Make the code easier to
understand
Part of a good coding
practice
Does not discuss issues, concerns of the code
Does not contain expert’s observation
Such insights required for reuse or maintenance
4. OUTLINE OF THIS TALK
4
Exploratory
study
CodeInsight
Empirical evaluation (for
comment ranking)
User study
(for comment quality)
Conclusion
5. EXPLORATORY STUDY
Exp-RQ1: Do the follow-up discussions from SO
contain any useful information that is likely to aid
software maintenance activities (e.g., bug fixation,
code quality improvement)?
Exp-RQ2: Which API classes and methods are used
in SO code examples that might encourage those
insightful discussions?
5
6. EXPLORATORY DATASET
6
Items Java Android C# Total
Questions 98 81 103 282
Accepted answers 98 81 103 282
Code segments 101 83 108 292
Discussion comments 276 161 269 706
The question should be widely viewed (i.e., 500 times),
and the answer should contain one or more code
segments.
The answer should contain at least 10 discussion
comments
The comments should be up-voted at least by 5 users
7. STUDY DESIGN
Two separate analyses for two RQs.
Careful manual analysis on comment texts
Discover the intent behind each comment.
Identified 7 types of comments in the discussions
Topic modeling and cross-domain analysis for RQ2.
7
Exp-RQ1
Exp-RQ2
8. STUDY FINDINGS
Seven types of discussion comments found.
Particularly interested on two types- Tips and
Bugs & warnings.
On average, about 22% comments from each
domain fall in those types, which is significant. 8
9. CODEINSIGHT: PROPOSED TECHNIQUE’S
OVERVIEW
Insightful comments for a given code segment by
exploiting crowd knowledge
Extracts discussion comments based on five
heuristics.
Recommends tips, bugs or concerns in the code
identified by the crowd.
9
10. HEURISTICS: CAPTURING INSIGHT
Popularity (P)
Insight makes the comment popular
Important observations are paid up by votes
Relevance (R)
References to relevant API methods or classes in code.
Based on cosine similarity measure
Comment Rank (CR)
User references (e.g., @Thomas) among the comments
make them important
PageRank for relative importance of any comment
Sentiment (S)
Polarity based sentiment analysis from comment texts
Issues, concerns are mostly associated with negativity
Word Count (WC)
Too small comments do not contain insight
Too big comments are noisy
10
12. EVALUATION OF CODEINSIGHT
Two-fold evaluation– (1) comment ranking
technique and (2) comment quality
RQ1: How effective the technique is in retrieving
the comments that discuss bugs, concerns and tips
for improvement in the code?
RQ2: Are the recommended comments accurate,
precise and concise in describing the potential
issues or troubleshooting tips?
RQ3: Are the recommended comments useful for
static analysis involving maintenance of the target
code?
12
13. EMPIRICAL DATASET
Exploratory dataset reused for experiments
Manually labeled/classified comments as gold
comments
Recommended comments matched against gold
comments
Top 3 comments recommended from the ranking
Two performance metrics– Recall (R) and Mean
Reciprocal Rank (MRR)
13
15. USER STUDY: COMMENT QUALITY
Dataset for Study
Case study with 82 OS projects from GitHub
85 code segments similar to SO segments
Using GitHub code search
Study Participants
Four professional developers from two companies
Specialized in mobile and web technologies
Professional experience of 1-2.5 yr. in Java, 1.5-5 yr. in
Android and 1.5-3.5 yr. in C#
15
16. USER STUDY DESIGN
16
Accurate? Precise? Concise? Useful?
OS code
Segments (85)
Random selector CodeInsight
Participant
pool
Segments (20)
Insightful comments
Code
segments
18. THREAT TO VALIDITY
Limited dataset: The dataset is quite limited for
empirical evaluation.
Limited participant pool: Only four professional
developers are involved.
Closed source code: SO generally hosts code
segments from open source code. Thus, the
technique might not be effective for closed source
code.
18
19. TAKE-HOME MESSAGE
Traditional code comments do not provide insight
on quality or issues in the code.
About 22% of discussion comments for Java,
Android and C# code segments from SO discuss
issues, concerns or tips.
Heuristics such as Popularity, Relevance,
Comment Rank or Sentiment are found quite
successful in capturing such insight in comments.
Professional developers confirmed that 80% of
the recommended comments are accurate and
useful indeed.
19
Introduce yourself +introductory statements.
Today, I am going to talk about how can we mine insightful comments for source code from Stack Overflow.
Code commenting is a very old practice among the developers.
Its basically a programmer-readable annotation of the code that explains what the code does and how it does.
Such comments are helpful to understand the code in the later time.
Meaningful commenting is often considered as a part of good coding style.
However, the traditional comment does not provide all information we need.
It does not discuss the issues, concerns or the strength of the code. One might think of it’s outside the scope of the code comments. However, imagine if such information is attached to the source code, wouldn’t it be helpful for a developer to change or maintain the code? We argue that the answer is yes!
Now lets consider this discussion thread from Stack Overflow.
The code segment shows how to make the android keyboard visible when a textbox is focused.
The code is quite self-documented, easy to understand, and looks good.
However, when such code is posted in front of a large technical crowd, the crowd actually does a really good job in analyzing the code.
Too many eyeballs, all bugs are shallow.
For example, they post concerns, observations or troubleshooting tips which might be non-trivial, and the developer probably never thought of those.
Such insights are really important for reuse or further maintenance of that piece of code.
In this paper, we exploit these types of information for insightful comment recommendation.
We first present an exploratory study that investigates/motivates whether the SO discussions contain enough meaningful information or not.
Then comes our proposed technique– CodeInsight for comment recommendation.
We then perform two types of evaluation– an empirical evaluation of the technique’s comment ranking and a user study for evaluating the quality of the recommended comments.
Then we conclude the talk by summarizing the findings.
In the exploratory study, we attempt to answer these two research questions.
We particularly wanted to know if SO discussions contain enough information that is meaningful and also can be mined easily.
We used a dataset of 706 discussion comments collected from Stack Overflow questions of three domains– Java, Android and C#. The domains are determined based on question tags.
We first choose 282 questions from those three domains based on certain restrictions such their view count and code segments in the answers.
Then from their accepted answers which are followed by discussion comments, we collect 706 comments.
Also we discard the non-voted comments. Thus, 706 comments are chosen for manual analysis out of 5K comments based on their vote counts.
We performed two different analyses for two research questions of the exploratory study.
In case of first RQ1, we perform careful manual analysis on the discussions comments, and attempt to determine their intent.
Although the process might be a bit subjective, clearly there exist different intents for different comments.
We discover 7 such intents from our observation on the 706 chosen comments.
More interestingly, some comments clearly specify the bugs, concerns and limitations of the code whereas some comments provide important tips for improving the code.
For RQ2, we apply topic modeling, and the details can be found on the paper.
As mentioned, we discovered 7 types of comments such as Clarification questions, Documentations, Tips, Bugs or warnings, Strength statements, Miscellaneous and finally non-informative comments.
Among those 7 types, two types– Tips and Bugs/warnings draw our attention since they are non-trivial comments and they are mostly from expert people
Or people having some working experience on the code. They are not merely clarification questions or thank you! Statements.
We then plot the comment statistics based on the types for each domain.
Interestingly, we note that on average about 22% of the comments discuss about tips, bugs or concerns, which is significant.
This finding motivates us to mine the SO discussions automatically.
We now discuss our proposed technique for insightful comment recommendation.
It recommends comments by exploiting the crowd knowledge.
It is also a heuristic-based technique, that means extracts the comments based on certain heuristics.
By word “insightful”, we mean those comments that identify bugs, concerns or tips.
That means, those comments provide some kind of insight into the quality of the code.
We apply five heuristics for capturing the insight in the comment texts.
Popularity is a very important heuristic—insightful comments are generally popular since the non-trivial observations are paid up by votes in SO community.
Relevance between comment text and code is also important. As it uses cosine similarity, it is made sure that the comment is discussing relevant APIs from the code.
Comment Rank is basically modeled after the PageRank from IR domain. Discussion comments generally refer to one another for supporting or disagreeing. We capture such user references (@Thomas) to develop a comment interaction graph for each discussion thread. We then apply PageRank algorithm to determine the relative importance of each comment in the graph.
Sentiment is another important paradigm for capturing insight. We run Stanford Sentiment Analyzer, which is a polarity-based analyzer. We note that insightful comments discussing issues or concerns generally have a negative polarity.
Word Count is another heuristic that we used to discard too short or too long comments.
All heuristic measures are normalized before feeding to ranking algorithm.
The slide shows the different steps of our proposed technique.
(1) We first take Stack Overflow code segments and their corresponding discussion comments as input.
Then the non-voted or flagged comments are discarded. We don’t get confidence on those comments since the crowd didn’t like them.
(2) We calculate heuristics for each of the remaining comments, and rank them based on each individual heuristic.
We then combine all the heuristic rankings by applying Borda count. Thus, the comments that topped in most of the rankings are finally selected.
The top-ranked comments are then refined so that they get rid or personal or possessive pronouns.
(3) Now, we have a code-to-comment collection which can be searched for insightful comments.
Now, if one provides a code segment similar to one or more segments from the collection, out technique recommends insightful comments for the given code. We apply OSS code segments for testing.
Our evaluation is two-fold. First, we evaluate the proposed technique for comment ranking using an empirical evaluation.
Then we evaluate the recommended comments using a user study involving professional software developers.
We basically attempt to answer these three research questions through our evaluation.
We reused the exploratory data for our empirical evaluation. In particular, the manually labeled comments are used as gold comments in this experiment. We compare the recommended comments by our technique against the gold comments, and apply two performance metrics – Recall and Mean Reciprocal Rank (MRR) for evaluation.
In the empirical evaluation, we evaluate our comment ranking technique, and we particularly retrieve insightful comments,
that means comments of C3 and C4 categories.
We use the manually classified comments from the exploratory study as the gold set for this evaluation.
We note that popularity dominates over other heuristics since it alone can retrieve a major portion of the gold comments. However, the performance is only overwhelming for Android domain.
We then gradually add more heuristics based on controlled iterations, and finally found that the combination of the five heuristics actually provides the maximum performance for all domains in terms of recall.
Thus, finally we get an average recall of 85.42%, which is promising.
The findings also suggest that the proposed heuristics are quite successful in capturing the insightful comments.
The MRR remains comparable all the time.
In the second experiment, we evaluate the quality of the recommended comments by our technique using a user study.
We first collect 85 code segments from 82 open source projects of GitHub using GitHub code search feature.
They are the candidate segments for comment recommendation.
We involve four professional developers specialized in mobile and web technologies.
They have substantial amount of professional coding experience, and troubleshooting as reported.
The goal is to determine whether they find the recommended comments accurate, precise, concise or useful.
This slides shows the user study design.
We use a random selector to choose 20 code segments (5 for Java, 10 for Android and 5 for C#) from the code segment pool for each participant.
Then for each segment, our tool CodeInsight recommends three insightful comments.
Then both comments and code segments are sent to the participant for review.
The participant reviews the comments, and sends his/her evaluation for four different paradigm– accuracy, precision, conciseness and usefulness of the comments. We use a scale from Strongly disagree to Strongly agree for each of those comment quality aspects.
Each participant provides a total of 80 data points, and thus we collect 320 data points in total.
By analyzing the 320 responses from the participants, we get these findings.
We report the summary here, the details can be found in the paper.
We note that about 80% of the times the recommended comments found accurate, precise, concise or useful on average.
We also note some neutral and negative responses which need further analysis, and our algorithm fails to discard those popular but meaningless comments.
However, the result also suggests that the proposed technique has high potential for suggesting meaningful insights in the code.
We identified three threats to the validity of our findings.
Limited dataset is used for empirical evaluation. However, manual labeling of comments is costly, and we sample those comments from a large collection based on certain restrictions.
Limited no. of participants are involved. However, involving professional developers is always costly, plus we collected a good number of data points for drawing the conclusion
The technique might not be effective for closed source code since SO does not host closed source code segments.
OK these are take-home messages.
Traditional comments are not insightful.
Roughly about 22% of the discussion comments from SO code examples discuss about issues, concerns or tips for the code.
Heuristics like Popularity, Relevance, Comment Rank or Sentiment are found quite effective in capturing such insight in the comments.
Professional developers also confirmed the usefulness or quality of 80% of the recommended comments.