A talk explaining how to define `good code`. Using `Code Complete` as a reference to guide over the quality definition and introducing Linters (each category) for Golang.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
Good quality code is an essential property of a software because it could lead to financial losses or waste of time needed for further maintenance, modification or adjustments if code quality is not good enough.
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
Presented at the Winter Simulation Conference 2021.
Abstract: Stochastic simulations of complex systems often rely on sampling dependent discrete random variables. Currently, their users are limited in expressing their intention about how these variables are distributed and related to each other over time. This limitation leads the users to program complex and error-prone sampling algorithms. This paper introduces a way to specify, declaratively and precisely, a temporal distribution over discrete variables. Our tool PROSPECT infers and samples this distribution by solving a system of polynomial equations. The evaluation on three simulation scenarios shows that the declarative specifications are easier to write, 3x more succinct than imperative sampling programs, and are processed correctly by PROSPECT.
Good quality code is an essential property of a software because it could lead to financial losses or waste of time needed for further maintenance, modification or adjustments if code quality is not good enough.
[Gophercon 2019] Analysing code quality with linters and static analysisWeverton Timoteo
How do you define a "good code"? How to write high-quality software with assistance of linters and static analysis.
Using golint, govet and gofmt can improve our code.
Scripting experts from Inductive Automation cover general best practices that will help you add flexibility and customization to HMI, SCADA, IIoT, and other industrial applications. Some specific tips about using scripting in the Ignition platform will be included as well.
In this webinar, learn more about:
• Common scripting pitfalls and how to avoid them
• The best programming languages to use
• Things to consider before using scripting
• How scripting environments work
• Scripting timesavers
• And more
Scripting experts from Inductive Automation cover general best practices that will help you add flexibility and customization to HMI, SCADA, IIoT, and other industrial applications. Some specific tips about using scripting in the Ignition platform will be included as well.
In this webinar, learn more about:
• Common scripting pitfalls and how to avoid them
• The best programming languages to use
• Things to consider before using scripting
• How scripting environments work
• Scripting timesavers
• And more
Thursday night is fine with us know what time we should go and if you are approached to make sure you get the best for the wonderful and soon they were going on the top management across
If your project has working features, a living design system, quality assurance and a code style guide, there is nothing that you will learn in this talk. Maybe.
Software Defect Prevention via Continuous InspectionJosh Gough
Research and guidance for educing software development risk and cost while improving speed, quality and maintainability by applying review at all levels.
Après avoir fait ce talk à la conférence NSSpain, Simone Civetta va nous expliquer sur quelles métriques il est possible de se baser pour évaluer la qualité d’un code source. Cette question étant toujours sujette à débat, préparez vos arguments !
Basic concept on Systems/Software Analysis, Design & Development, how software engineering, large projects are done, collaborated, best practices & standards.
Developers spend up to 20% of their time writing repetitive code that machines could generate more reliably. This presentation explores the problem of duplicated source code that stems from manual implementation of patterns and reveals how to automate the boring side of programming and get a 19x ROI.
The presentation provides insight into:
- the problem of manual implementation of patterns, resulting in boilerplate code
- the cost of boilerplate for companies
- existing technologies for pattern automation
- the key reasons to consider pattern-aware compiler extensions
The white paper was written for CTOs, software architects and senior developers in software-driven organizations—specifically in financial, insurance, healthcare, energy and IT industries that typically write a lot of repetitive code.
What code review checks are important for frontend projects?
What code review check should we automate?
I will try to answer to these questions and provide my favorite list of tools: prettier, cspell, jscpd...
Some points based on the video "Code Review Best Practices" by Trisha Gee https://youtu.be/a9_0UUUNt-Y
Don't Suck at Building Stuff - Mykel Alvis at Puppet Camp AltantaPuppet
"Don't Suck at Building Stuff" by Mykel Alvis of MomentumSI. Talk given at Puppet Camp Atlanta 2013. Learn about upcoming Puppet Camps at http://puppetlabs.com/community/puppet-camp/
[Ruby Summit Brasil 2020] Ruby 3 e Análise estática - O que esperar e o que s...Weverton Timoteo
Talk apresentada no evento gratuito Ruby Summit Brasil 2020 organizado pela comunidade e para comunidade.
Falei um pouco sobre as principais novidades no Ruby 3 (Ractor, Scheduler, RBS, Type profiler) e o poder dos linters nesse momento.
[Devs Cansados Evento 2020] Queria saber a qualidade do meu código: o que olho?Weverton Timoteo
Talk apresentada no evento Devs Cansados (https://evento2020.devscansados.com.br/) no dia 12/11/20.
Nessa talk falo um pouco o que é qualidade de código, métricas interessante para sua base de código.
More Related Content
Similar to Floripa Gophers - Analysing Code Quality (Linters and Static Analysis)
[Gophercon 2019] Analysing code quality with linters and static analysisWeverton Timoteo
How do you define a "good code"? How to write high-quality software with assistance of linters and static analysis.
Using golint, govet and gofmt can improve our code.
Scripting experts from Inductive Automation cover general best practices that will help you add flexibility and customization to HMI, SCADA, IIoT, and other industrial applications. Some specific tips about using scripting in the Ignition platform will be included as well.
In this webinar, learn more about:
• Common scripting pitfalls and how to avoid them
• The best programming languages to use
• Things to consider before using scripting
• How scripting environments work
• Scripting timesavers
• And more
Scripting experts from Inductive Automation cover general best practices that will help you add flexibility and customization to HMI, SCADA, IIoT, and other industrial applications. Some specific tips about using scripting in the Ignition platform will be included as well.
In this webinar, learn more about:
• Common scripting pitfalls and how to avoid them
• The best programming languages to use
• Things to consider before using scripting
• How scripting environments work
• Scripting timesavers
• And more
Thursday night is fine with us know what time we should go and if you are approached to make sure you get the best for the wonderful and soon they were going on the top management across
If your project has working features, a living design system, quality assurance and a code style guide, there is nothing that you will learn in this talk. Maybe.
Software Defect Prevention via Continuous InspectionJosh Gough
Research and guidance for educing software development risk and cost while improving speed, quality and maintainability by applying review at all levels.
Après avoir fait ce talk à la conférence NSSpain, Simone Civetta va nous expliquer sur quelles métriques il est possible de se baser pour évaluer la qualité d’un code source. Cette question étant toujours sujette à débat, préparez vos arguments !
Basic concept on Systems/Software Analysis, Design & Development, how software engineering, large projects are done, collaborated, best practices & standards.
Developers spend up to 20% of their time writing repetitive code that machines could generate more reliably. This presentation explores the problem of duplicated source code that stems from manual implementation of patterns and reveals how to automate the boring side of programming and get a 19x ROI.
The presentation provides insight into:
- the problem of manual implementation of patterns, resulting in boilerplate code
- the cost of boilerplate for companies
- existing technologies for pattern automation
- the key reasons to consider pattern-aware compiler extensions
The white paper was written for CTOs, software architects and senior developers in software-driven organizations—specifically in financial, insurance, healthcare, energy and IT industries that typically write a lot of repetitive code.
What code review checks are important for frontend projects?
What code review check should we automate?
I will try to answer to these questions and provide my favorite list of tools: prettier, cspell, jscpd...
Some points based on the video "Code Review Best Practices" by Trisha Gee https://youtu.be/a9_0UUUNt-Y
Don't Suck at Building Stuff - Mykel Alvis at Puppet Camp AltantaPuppet
"Don't Suck at Building Stuff" by Mykel Alvis of MomentumSI. Talk given at Puppet Camp Atlanta 2013. Learn about upcoming Puppet Camps at http://puppetlabs.com/community/puppet-camp/
Similar to Floripa Gophers - Analysing Code Quality (Linters and Static Analysis) (20)
[Ruby Summit Brasil 2020] Ruby 3 e Análise estática - O que esperar e o que s...Weverton Timoteo
Talk apresentada no evento gratuito Ruby Summit Brasil 2020 organizado pela comunidade e para comunidade.
Falei um pouco sobre as principais novidades no Ruby 3 (Ractor, Scheduler, RBS, Type profiler) e o poder dos linters nesse momento.
[Devs Cansados Evento 2020] Queria saber a qualidade do meu código: o que olho?Weverton Timoteo
Talk apresentada no evento Devs Cansados (https://evento2020.devscansados.com.br/) no dia 12/11/20.
Nessa talk falo um pouco o que é qualidade de código, métricas interessante para sua base de código.
[CodeBEAM BR 2020] Construindo e Distribuindo CLIs com ElixirWeverton Timoteo
Talk apresentada em par com o @amadeucavalcante1 no evento CodeBEAM BR 2020 contando como foi nossa experiência construindo CLIs (Command Line Interfaces) utilizando Elixir. Nessa talk falamos sobre escript (Erlang Script), mix release, distillery, bakeware, docker, etc.
Ruby 3 e Análise estática - O que esperar e o que significa para o nosso códigoWeverton Timoteo
Talk apresentada no evento gratuito TDC Online Recife 2020 na sala Locaweb <pro>.
Falei um pouco sobre as principais novidades no Ruby 3 (Ractor, Scheduler, RBS, Type profiler).
Elixir Brasil 2019 - Quality: A Panacéia para seu código ElixirWeverton Timoteo
A talk explaining how to define `good code`. Using `Code Complete` as a reference to guide over the quality definition and introducing Linters (Credo) and Dialyzer (Dialyxir)
Talk apresentada no 21o RubyFloripa contando como foi a experiência em assumir uma app legada Rails e introduzir Elixir. Utilizando tecnologias como GenStage, AWS SQS e SNS.
Talk no primeiro meetup Garopaba/Imbituba developers:
https://www.meetup.com/Garopaba-Imbituba-Dev/events/240082447/
Nessa talk explico os conceitos de projeção e porquê elas são necessárias.
Mesma palestra apresentada no TDC 2015 - Florianópolis na trilha de Ruby. Porém com alguns ajustes para ser apresentado no FloripaOnRails (http://www.meetup.com/Floripa-on-Rails/), meetup de 30/04.
Swift language - A fast overview of some featuresWeverton Timoteo
Short slide about Swift programming language and its features.
Learn about: variables, hello world, optionals, enumerators, emojis, differences between Objective-c.
This presentation shows how to develop an universal iOS app or "convert" a existing one into universal. An universal app must work in iPad/iPod and iPhone.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
7. Error rate
Comprehensibility
Reviewability
- Code Complete, Steve McConnelDebugging
External quality
Modifiability
Development time
You write readable code because it helps
other people to read your code
“
17. is a tool that analyzes source code to flag
programming errors, bugs, stylistic errors,
and suspicious constructs
- Wikipedia
What is a linter?
“
18. ● gofmt - Must have for every project
● goimports - Additionally to gofmt, checks unused imports
● unindent - Report code that is unnecessarily indented
Code Formatting
21. ● abcgo - ABC metrics for Go source code.
● gocyclo - Computes and checks the cyclomatic
complexity of functions.
● splint - It finds any functions that are too long or have too
many parameters or results.
Code Complexity
24. ● GoLint - Golint is a linter for Go source code
● go-namecheck - helps you to maintain variable/field
naming conventions inside your project
● revive - Drop-in replacement of golint
● lll - Line length linter, used to enforce line length in files
Style and Patterns Checking
27. ● govet - checks correctness
● badtime - Badtime is a Golang linter that detects
inappropriate usage of the time.Time struct.
● safesql - Static analysis tool for Golang that protects
against SQL injections.
Bugs
32. References
● Code Complete: A Practical Handbook of Software Construction
● Effective Go
● golang/lint Repository
● Ebert: the code review assistant for your organization
● Awesome Go Linters