The document discusses finding a good development partner. It recommends looking for a partner that has clear coding and testing standards. Specifically, it suggests standards should require single trigger frameworks, 85% or higher test coverage, use of assertions in tests, and comments in the code. It also advises verifying code quality by ensuring tests generate their own data and contain assertions rather than relying on @seeAllData annotations or methods that simply increment variables to fake coverage.
We know that Code Reviews are a Good Thing. We probably have our own personal lists of things we look for in the code we review, while also fearing what others might say about our code. How to we ensure that code reviews are actually benefiting the team, and the application? How do we decide who does the reviews? What does "done" look like?
In this talk, Trisha will identify some best practices to follow. She'll talk about what's really important in a code review, and set out some guidelines to follow in order to maximise the value of the code review and minimise the pain.
Presentation from Agile Base Camp 2 conference (Kiev, May 2010) and AgileDays'11 (Moscow, March 2011) about one of the most useful engineering practices from XP world.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
Getting Unstuck: Working with Legacy Code and DataCory Foy
From this presentation for the IASA in 2007, Cory covers common challenges in dealing with Legacy Code and Data, and some tools and techniques for handling them.
Hi I’m Cris, iOS Developer in KLabCyscorpions. In this post, I want to share with you my presentation on Code Review guidelines for iOS.
But, what is Code Review?
According to Wikipedia:
“Code Review is systematic examination (often known as peer review) of computer source code. It is intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers’ skills. Reviews are done in various forms such as pair programming, informal walkthroughs, and formal inspections.”
Want to review code? Then First things first! For you to review code effectively, you need the basic know-how of reviewing code as both the developer and the reviewer. These slides will give some guidelines on how to think in both these roles when reviewing code.
We know that Code Reviews are a Good Thing. We probably have our own personal lists of things we look for in the code we review, while also fearing what others might say about our code. How to we ensure that code reviews are actually benefiting the team, and the application? How do we decide who does the reviews? What does "done" look like?
In this talk, Trisha will identify some best practices to follow. She'll talk about what's really important in a code review, and set out some guidelines to follow in order to maximise the value of the code review and minimise the pain.
Presentation from Agile Base Camp 2 conference (Kiev, May 2010) and AgileDays'11 (Moscow, March 2011) about one of the most useful engineering practices from XP world.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
Getting Unstuck: Working with Legacy Code and DataCory Foy
From this presentation for the IASA in 2007, Cory covers common challenges in dealing with Legacy Code and Data, and some tools and techniques for handling them.
Hi I’m Cris, iOS Developer in KLabCyscorpions. In this post, I want to share with you my presentation on Code Review guidelines for iOS.
But, what is Code Review?
According to Wikipedia:
“Code Review is systematic examination (often known as peer review) of computer source code. It is intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers’ skills. Reviews are done in various forms such as pair programming, informal walkthroughs, and formal inspections.”
Want to review code? Then First things first! For you to review code effectively, you need the basic know-how of reviewing code as both the developer and the reviewer. These slides will give some guidelines on how to think in both these roles when reviewing code.
A code review is basically a technical discussion which should lead to improvements in the code and/or sharing
knowledge in a team. As with any conversation, it should have substance and form.
What’s involved in a good code review? What kind of problems do we want to spot and address? Trisha Gee will talk
about things a reviewer may consider when looking at changes: what potential issues to look for; why certain
patterns may be harmful; and, of course, what NOT to look at.
But when it comes to commenting on someone’s work, it may be hard to find the right words to convey a useful message
without offending the authors - after all, this is something that they worked hard on. Maria Khalusova will share
some observations, thoughts and practical tricks on how to give and receive feedback without turning a code review
into a battlefield.
This workshop is designed specially for Queen Mary University of London alumni, in order to teach them TDD.
You will learn: What is TDD, Why and How.
If you want to learn more: https://github.com/MyPitit/TDD
How do you go about implementing clean code in a medium R&D organization? As tech lead of scrum team, I describe the process implemented in AT&T Israel as case study
Unit testing has entered the main stream. It is generally considered best practice to have a high level of unit test code coverage, and to ideally write tests before the code, via Test Driven Development.
However, some code is just plain difficult to test. The cost of effort of adding the tests may seem to outweigh the benefits. In this session, we will do a quick review of the benefits of unit tests, but focus on how to test tricky code, such as that static and private methods, and legacy code in general.
Examples are in Java, but the principals are language agnostic.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
As developers we always look for ways to do things faster, better, and automate as much as possible. We write code in top-notch IDEs that have static code analysis, automatic refactoring and so on, we run unit tests, we use CI servers, and issue trackers, we adopt agile practices to get feedback and deliver as fast as possible. As far as code review practice goes, there’s still a lot to be improved, and in this talk I’m going to tell you how you can perform efficient, transparent and useful code reviews.
Slides from the session "TDD - That Was Easy!" presented by Fadi Stephan from Kaizenko at AgileDC2019 on September 23, 2019 in Washington DC. A blog post accompanying this talk will be published soon on kaizenko.com
Abstract:
Have you tried TDD? Do you hate it? Do you have a hard time applying it in practice? Do you find it promoting bad design decisions because you must write micro tests instead of looking at the big picture? Are your tests tightly coupled to the implementation due to a lot of mocking making refactoring a pain? Do tons of tests break when a simple change is made? Do you have a hard time justifying all the time spent on writing tests vs. just focusing on development?
You are not alone. Every organization or team that I run into is supposedly Agile. Some are also applying agile engineering practices such as automated unit, integration and acceptance testing, etc… However, many struggle with TDD. TDD is hard, seems counter-intuitive and requires a lot of investment. Come to this session for a TDD reboot. We will look at the benefits of TDD, discuss the resistance to TDD and uncover some common difficulties along with misconceptions. We will address these misunderstandings and explore different approaches to making TDD easier. Leave with a fresh perspective and new insights on how to become better at TDD and apply it with ease
We investigate one of the most popular approaches to creating software: test driven development. From the basic understanding why tests are important to a new software development paradigm, where you start with tests and them do the implementation. We glance over different areas of testing and see how one should really do the software testing in different situation.
A code review is basically a technical discussion which should lead to improvements in the code and/or sharing
knowledge in a team. As with any conversation, it should have substance and form.
What’s involved in a good code review? What kind of problems do we want to spot and address? Trisha Gee will talk
about things a reviewer may consider when looking at changes: what potential issues to look for; why certain
patterns may be harmful; and, of course, what NOT to look at.
But when it comes to commenting on someone’s work, it may be hard to find the right words to convey a useful message
without offending the authors - after all, this is something that they worked hard on. Maria Khalusova will share
some observations, thoughts and practical tricks on how to give and receive feedback without turning a code review
into a battlefield.
This workshop is designed specially for Queen Mary University of London alumni, in order to teach them TDD.
You will learn: What is TDD, Why and How.
If you want to learn more: https://github.com/MyPitit/TDD
How do you go about implementing clean code in a medium R&D organization? As tech lead of scrum team, I describe the process implemented in AT&T Israel as case study
Unit testing has entered the main stream. It is generally considered best practice to have a high level of unit test code coverage, and to ideally write tests before the code, via Test Driven Development.
However, some code is just plain difficult to test. The cost of effort of adding the tests may seem to outweigh the benefits. In this session, we will do a quick review of the benefits of unit tests, but focus on how to test tricky code, such as that static and private methods, and legacy code in general.
Examples are in Java, but the principals are language agnostic.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
As developers we always look for ways to do things faster, better, and automate as much as possible. We write code in top-notch IDEs that have static code analysis, automatic refactoring and so on, we run unit tests, we use CI servers, and issue trackers, we adopt agile practices to get feedback and deliver as fast as possible. As far as code review practice goes, there’s still a lot to be improved, and in this talk I’m going to tell you how you can perform efficient, transparent and useful code reviews.
Slides from the session "TDD - That Was Easy!" presented by Fadi Stephan from Kaizenko at AgileDC2019 on September 23, 2019 in Washington DC. A blog post accompanying this talk will be published soon on kaizenko.com
Abstract:
Have you tried TDD? Do you hate it? Do you have a hard time applying it in practice? Do you find it promoting bad design decisions because you must write micro tests instead of looking at the big picture? Are your tests tightly coupled to the implementation due to a lot of mocking making refactoring a pain? Do tons of tests break when a simple change is made? Do you have a hard time justifying all the time spent on writing tests vs. just focusing on development?
You are not alone. Every organization or team that I run into is supposedly Agile. Some are also applying agile engineering practices such as automated unit, integration and acceptance testing, etc… However, many struggle with TDD. TDD is hard, seems counter-intuitive and requires a lot of investment. Come to this session for a TDD reboot. We will look at the benefits of TDD, discuss the resistance to TDD and uncover some common difficulties along with misconceptions. We will address these misunderstandings and explore different approaches to making TDD easier. Leave with a fresh perspective and new insights on how to become better at TDD and apply it with ease
We investigate one of the most popular approaches to creating software: test driven development. From the basic understanding why tests are important to a new software development paradigm, where you start with tests and them do the implementation. We glance over different areas of testing and see how one should really do the software testing in different situation.
Getting Started with Test-Driven Development at PHPtek 2023Scott Keck-Warren
In this presentation I explain how to get started with TDD in PHP including using a testing framework, including it in your CI/CD process, and common gotchas.
Recently I was asked to to a presentation presentation at University of Cape Town entitled QA and SCRUM. This made very little sense to me but it did substantiate my belief that the understanding of agile development is generally very superficial ...
Awesome Test Automation Made Simple w/ Dave HaeffnerSauce Labs
Learn how to build simple and powerful automated tests that will work on the browsers you care about, cover visual testing and functional regressions, and be configured to run automatically through the use of a continuous integration (CI) server.
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at: https://www.youtube.com/watch?v=c2CTDm19Lpg
Microsoft Fakes help you isolate the code you are testing by replacing other parts of the application with substitute code. These substitutes are called stubs and shims and are under the control of your tests. Microsoft Fakes is ideal when you need to test legacy or “legacy” code that is either restricted for refactoring or “refactoring” practically means rewriting and cost you a lot.
Automated Acceptance Testing (and tool choice)
Automated acceptance testing has many names: acceptance-test driven development (ATDD), story-test driven development (STDD), agile acceptance testing and, most recently, specification by example. At the heart of all these approaches is to produce business-facing tests which are system tests running end-to-end, picking up regression issues and improving confidence that the code works as required.
In this talk, I will contextualise how each of these approaches share in common a three-tier layering strategy: acceptance criteria, test implementation layer and application driver layer. This is important because applying this approach requires a tool choice and each tool tends to have its own sweet (and blind) spot that is best understood through these layers.
I will first deep dive into sample code across a few tools (Cucumber, Fitnesse, Concordion) to illustrate this layering. I use an example that shows how to decouple the GUI from tests (window driver pattern).
Finally, I will look at some typical client scenarios to examine which tools might best suited because tool choice is not simply a host operating system question (.Net, Java, Ruby).
Testing is not something that traditional PHP developers are being familiar with. This session introduces the needs and means for testing, and the test-driven development model to create rock-solid PHP applications.
An Introduction To Software Development - Test Driven Development, Part 1Blue Elephant Consulting
This presentation is a part of the COP2271C college level course taught at the Florida Polytechnic University located in Lakeland Florida. The purpose of this course is to introduce Freshmen students to both the process of software development and to the Python language.
The course is one semester in length and meets for 2 hours twice a week. The Instructor is Dr. Jim Anderson.
A video of Dr. Anderson using these slides is available on YouTube at:
http://youtu.be/bCp1fbAd56k
Similar to Finding a good development partner (20)
Connecting with the enterprise - The how and why of connecting to Enterprise ...Kevin Poorman
Not everyone plays games; fewer games really take off. But we all use email, we all have systems that we login to just for work. These Enterprise systems are part of a large and ever-growing category of spending for IT Managers. But Enterprise systems ... stink. RubyMotion developers are in a unique position to integrate with these Enterprise Software systems while providing beautiful, functional and elegant interfaces. Join in as we learn why we should be writing Enterprise connected apps, and walk through an example of connecting to Salesforce using their iOS SDK.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
3. Agenda
•Why you need a good development partner
•Terms and Conditions
•What to look for in your partner and in the code
•Questions, Comments and Snide Remarks
4. Why do you need a good development partner?
•Strategy v. Tactics
•Code is strategic by nature.
•Cost of maintaining code is always the largest expense
of a software project. (cf. Code Complete, by Steve McConnell)
•In other words, you want a developer who writes code
as if the person who ends up maintaining it is a violent
psychopath who knows where they live.
6. Terms and Conditions
Single Framework Structure
SingleTrigger Calls class method(s)
A
Calls class method(s)
B, C and F
Calls class methods
X, Y, and A
7. Terms and Conditions
Single Framework Structure – Why you want this!
• This allows you to set the order of operations for your trigger code!
• Makes it far easier to test!
• Much easier to follow the code down to where a problem may be
8. Terms and Conditions
Test Coverage
75% 85% 95%
Minimum
Requirement
to deploy
Rest easy at
night
Psychopath
never looks
up your
address
9. Terms and Conditions
Assertions
• Until we have Siri in Salesforce, we can’t just ask if our code is working right.
• We use assertions to tell Salesforce what the expected response is
• We could, for instance, assert that Dreamforce14 = Awesome when we run
code that asks is Dreamforce14 Awesome?
• Three Assert methods:
• Assert()
• AssertEquals()
• AssertNotEquals()
10. Terms and Conditions
Assertions
Tests without Assertions are wasted money. You’ve paid someone to write them
so you can deploy, but their purpose is to prove the code works as expected.
Having tests without asserts is the new buying a picture frame and never
replacing the example family photo that came with it.
11. Terms and Conditions
Comments – what the what?
• Comments are how developers leave notes to future psychopaths, admins and
anyone else brave enough to venture into the code.
• Two flavors of Apex code comments // & /* */
12. What to look for in a good development partner
Coding Standard:
Written document describing how the code will be written:
– Good:
• Defines what is to be tested, what “dialect” will be used, and what / how code will be commented
– Better:
• Also describes naming conventions for files, classes and methods
• Provides example comment blocks & establishes rules for a single trigger per object, with all trigger logic in
classes!!
– Best:
• Additionally describes code coverage requirements and specifically mentions that tests will include
positive, negative and permissions based tests.
13. What to look for in a good development partner
Testing Standard:
Written document describing how the code will be tested:
– Good:
• Defines a minimum requirement of 80% code coverage. (Why 80%? Because you probably inherited some
badly tested code!)
– Better:
• Also requires that all tests generate their own test data and that no tests use @seeAllData
• Enforces no i++ tests
• Increases the minimum code coverage requirement to 85%
– Best:
• Additionally demands that all test methods call at least one Assertion
• Requires a minimum code coverage of 90%
14. What to look for in a good development partner
Trust but verify
– Your Coding standard should specify naming conventions for files and classes, and as such you
should be able to easily identify your test classes and what they’re testing.
15. What to look for in a good development partner
Trust but verify
– When reviewing test classes, you should read through them, not necessarily for comprehension,
but to ensure that they are firing assertions.
16. What to look for in a good development partner
Trust but verify: SeeAllData will hurt you when you least expect it.
– As you can probably imagine, the @seeAllData annotation allows your test to access all the data
in the org you’re running the test in.
– This is a bad thing. (repeat after me) This is a bad thing!
– More often than not, this results in tests *expecting* data to be present in an org.
• If the data is only present in one org… the test will fail in other orgs.
– Instead, each test should create and insert it’s own records.
– Almost never truly needed
17. What to look for in a good development partner
Trust but verify: Faking Code Coverage
– You can fake code coverage. You shouldn’t. You shouldn’t allow the very concept to be floated in
your presence. This is generally done by creating a class with a method that consists of nothing
but lines incrementing a given variable. Ie: i++; for a long time, follwed by a quick test method
asserting that I = 3000;
– Tar and feather developers you’ve found who do this. It only serves to foster a false sense of
security.
18. Comments Test Coverage Single Triggers Test Data
Top of Every File 85% or higher aggregate 1 trigger per object
All tests generate their
own Data!
Above every method
85% or higher on all new
classes
Uses an established
Trigger framework
Use a TestFactory Class
Around any complex logic
blocks or apex-shorthand
CodeCoverage report
card with each code
submission
Clear and concise
comments on how triggers
Custom Assertion
methods –
Assertions.recordDidFailV
alidation()
You should be capable of
reading the comments in
the file and following the
flow of data
Verify coverage in the
Developer console.
Trigger logic classes are
bulk tested
Positive, Negative and
Permissions based
testing.
Coding & Testing Standards
My opinionated requirements.
I’m not here to sell you on a particular development partner
I’m here because all too often, as a consultant I’m parachuted into an org and asked to help out in an emergency only to find a righteous mess because good meaning people were asked to hire or find development partners who provided code that “worked” (until now) and was relatively inexpensive.
I believe as developers, that we have to be better at our craft, and I want to make sure you hire the right people so that you’re not faced with the kind of 11th hour emergencies that require calling in someone like me.
If you know what to look for, I believe you can make a solid business case for a slightly more expensive developer partner that writes more maintainable code.
Strategy solves long term problems. You win wars and build businesses with strategy.
Tactics, on the other hand, are how you solve short-term problems.
Tactical solutions to strategic problems are rarely truly solutions and often disastrous in the long run.
Code is strategic by nature. Every line of code in your org is likely to out survive your tenure at the company, and will almost certainty outlive your partners engagement with you.
Code has to survive automated testing, release upgrades and the inevitable, if un-often deprecation of features.
Because it wouldn’t be code if you could do it another way.
Because it’s code, because you’re hiring someone to write the code for you, it *must* be maintainable code.
One of the “best practices” that any org can adopt is the practice of establishing a single trigger per object.
For instance a single trigger on Account.
The trigger itself contains no logic, it simply exists to fire off a custom class whenever the trigger is fired.
The custom class is structured to handle the various contexts like “after insert” and “before delete” and the class method called by the trigger starts off by determining which context to run.
Essentially the trigger fires in all actionable contexts and the class handles running the proper code for that context.
Code coverage the term we use to talk about how well our code is tested.
When tests are run, Salesforce knows which bits of code have been executed, and can tell you that 50 out of 100 lines have been executed, giving you an embarrassingly low code coverage of 50%
Salesforce demands (rightly) that you have 75% code coverage on all classes, and at least SOME code coverage on your triggers to deploy.
But with code coverage, as with steaks, the bigger the better.
One of the “best practices” that any org can adopt is the practice of establishing a single trigger per object.
For instance a single trigger on Account.
The trigger itself contains no logic, it simply exists to fire off a custom class whenever the trigger is fired.
The custom class is structured to handle the various contexts like “after insert” and “before delete” and the class method called by the trigger starts off by determining which context to run.
Essentially the trigger fires in all actionable contexts and the class handles running the proper code for that context.
First and foremost, you should only hire development partners who have an established coding standard document that you can read, and *understand* before the project begins.
You want to be able to provide this documentation to a developer maintaining the code 4, 5 and maybe even 10 years down the road. Don’t loose these, put them in the corporate wiki.
Code is understood by contract to not be “complete” until the coding standards are met. This helps ensure your code is consistent!
The Testing standard, while overlapping a little bit with the coding standard, specifically speaks to how your code will be tested.
Remember, Badly written tests are more harmful than badly written code.
If you believe your code works because the tests pass, but the tests are bad, then you have been setup to fail.
Tests that do not call an assertion method are running the code but not testing it to ensure expected behavior. This meets the requirements for deployment within Salesforce, but doesn’t actually prove the code works as intended.
Sometimes, you’ll find code specifically written to fake code coverage. This code should be reported immediately and the offenders Named and Shamed on social media. Or tired and feathered, if that’s still legal in your state.
The Testing standard, while overlapping a little bit with the coding standard, specifically speaks to how your code will be tested.
Remember, Badly written tests are more harmful than badly written code.
If you believe your code works because the tests pass, but the tests are bad, then you have been setup to fail.
Tests that do not call an assertion method are running the code but not testing it to ensure expected behavior. This meets the requirements for deployment within Salesforce, but doesn’t actually prove the code works as intended.
Sometimes, you’ll find code specifically written to fake code coverage. This code should be reported immediately and the offenders Named and Shamed on social media. Or tired and feathered, if that’s still legal in your state.
The Testing standard, while overlapping a little bit with the coding standard, specifically speaks to how your code will be tested.
Remember, Badly written tests are more harmful than badly written code.
If you believe your code works because the tests pass, but the tests are bad, then you have been setup to fail.
Tests that do not call an assertion method are running the code but not testing it to ensure expected behavior. This meets the requirements for deployment within Salesforce, but doesn’t actually prove the code works as intended.
Sometimes, you’ll find code specifically written to fake code coverage. This code should be reported immediately and the offenders Named and Shamed on social media. Or tired and feathered, if that’s still legal in your state.
SteveMoForce hates multi-select picklists.
Al Gore isn’t fond of hanging chads.
I hate seeAllData=true.
More often than not, when I start working on a project or am asked to help figure out why a changeset or deployment is failing … this is what I find! A test using see all data is looking for a specific account, contact or order to manipulate by it’s ID. This fails because even if the objects are otherwise identical, the ID’s for those objects will not be the same in two different orgs. Yay.