This document discusses tools for JavaScript quality assurance and automation. It introduces JSLint for linting code, CPD for detecting copy-pasted code, Jasmine and JSTestDriver for unit testing, and Jenkins for continuous integration. These tools help ensure code quality by validating syntax, identifying duplicates, and testing functionality. Automating tasks with Jenkins allows for continuous testing and feedback on code changes.
Podczas drugiego XSolve Laboratory (xLab), wspólnie z doświadczonymi programistami XSolve, poznacie dobre praktyki programowania.
Celem warsztatu będzie przejście przez wzorce projektowe i architektoniczne oraz narzędzia wspomagające wytwarzanie oprogramowania odpornego na zmiany.
Poznacie realne problemy z prowadzonych przez nas projektów i na ich przykładach wspólnie przygotujemy SOLIDny kod, działający zgodnie z przyjętymi założeniami, przedstawionymi jako przypadki testowe.
Make your life better with immutable objectsMaxim Novak
"Mutable stateful objects are the new spaghetti code" --Rich Hickey
In Java most classes are mutable and that's the default, so that’s the way that most Java developers write code. In this talk you’ll see why mutable code fails: though easy and fast in the short term, you end up with a complex mess that's hard to understand, test or reason about, and is a concurrency nightmare to boot. Finally, we'll challenge the prevailing paradigm, exploring how simple immutable objects excel in these same cases.
Podczas drugiego XSolve Laboratory (xLab), wspólnie z doświadczonymi programistami XSolve, poznacie dobre praktyki programowania.
Celem warsztatu będzie przejście przez wzorce projektowe i architektoniczne oraz narzędzia wspomagające wytwarzanie oprogramowania odpornego na zmiany.
Poznacie realne problemy z prowadzonych przez nas projektów i na ich przykładach wspólnie przygotujemy SOLIDny kod, działający zgodnie z przyjętymi założeniami, przedstawionymi jako przypadki testowe.
Make your life better with immutable objectsMaxim Novak
"Mutable stateful objects are the new spaghetti code" --Rich Hickey
In Java most classes are mutable and that's the default, so that’s the way that most Java developers write code. In this talk you’ll see why mutable code fails: though easy and fast in the short term, you end up with a complex mess that's hard to understand, test or reason about, and is a concurrency nightmare to boot. Finally, we'll challenge the prevailing paradigm, exploring how simple immutable objects excel in these same cases.
My talk delivered at Wicked Good Ember Conference 2016 discussing strategies and techniques to help maintain your tests when working with a large test suite.
How do I write Testable Javascript - Presented at dev.Objective() June 16, 2016Gavin Pickin
Everyone who wasn't writing JavaScript, probably is now. Atwood's Law: any application that can be written in JavaScript, will eventually be written in JavaScript.
That's great, but how do we test it? In ColdFusion we have CFCs, most languages have classes... but JavaScript doesn't have classes (yet).
So how do I write unit tests, what units are there, and how do I make my code look like that? JavaScript is a flexible language, and with great flexibility comes great complexity and responsibility. Take your JavaScript spaghetti and make it unit testable.
Attendees should have some exposure to JavaScript, but this is for the Professional Newbie... who always needs to learn and adapt.
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...Demi Ben-Ari
Once you start working with distributed Big Data systems, you start discovering a whole bunch of problems you won’t find in monolithic systems.
All of a sudden to monitor all of the components becomes a big data problem itself.
In the talk we’ll mention all of the aspects that you should take in consideration when monitoring a distributed system once you’re using tools like:
Web Services, Apache Spark, Cassandra, MongoDB, Amazon Web Services.
Not only the tools, what should you monitor about the actual data that flows in the system?
And we’ll cover the simplest solution with your day to day open source tools, the surprising thing, that it comes not from an Ops Guy.
This is the Google Tech Talk that I gave August 17th, 2007 on building a JavaScript library. I derived much of the talk from my experiences in building the jQuery and FUEL JavaScript libraries.
Based on the example of the XWiki Open Source project (http://xwiki.org) this session will describe a number of practices to improve the quality of a Java project. Also, it will show how to implement these practices so that they are automatically checked and enforced. Some examples include: *How to make sure your project does not break binary compatibility unintentionally and, more generally, how to successfully evolve an API without breaking your users; *How to manage the JAR hell and avoid duplication of classes in your application at runtime; *How to automatically control the test coverage and the associated policies; *How to automate functional testing of web applications and how to avoid false-positives that plague any project..
Kommunikations-APIs von JavaScript (International PHP Conference/WebTechCon 2...Christian Wenz
Kommunikation mit JavaScript war lange Zeit sehr überschaubar: HTTP-Anfragen waren dank Ajax möglich, aber auch nur an den Ursprungsserver und mit weiteren Einschränkungen. Dies hat sich mittlerweile geändert: JavaScript-Code kann jetzt auch mit fremden Browsertabs und Servern reden, sofern diese mögen; ebenfalls ist eine bidirektionale Kommunikation anstelle des altbackenen Pull-Modells möglich. Auch Zugriff auf Kamera und Mikrofon sind (nach Nutzerbestätigung) möglich. Diese Session zeigt zahlreiche bekannte und weniger bekannte Kommunikationsmöglichkeiten mit JavaScript und HTML5 auf und beleuchtet Vor- und Nachteile aus dem Projektalltag.
Digitale Medien werden in der musealen Vermittlung von Bildung bisher unterschiedlich eingesetzt. Meist handelt es sich um Bildungsszenarien der Kurzzeitpädagogik, da sie einen Museumsbesuch fokussieren, der innerhalb weniger Stunden wieder beendet sein wird. Wenige dienen der Vor- und Nachbereitung und geben Anschlussmöglichkeiten zur Vertiefung Zuhause. Noch sind vorrangig Beispiele aus dem englischsprachigen Raum zu finden, welche die digitale Verarbeitung von Wissen außerhalb des Museumsraums anbieten. Da in den letzten Jahren oft Innovationen aus Nordamerika mit etwas Verzögerung auf die deutschsprachige Bildungslandschaft trafen, ist davon auszugehen, dass auch hier E-Learning im Museum in der nächsten Zeit ein Thema werden könnte.
Developing IOS Applications in a team environment requires integration and continuous builds. This presentation shows how to develop this with your team.
There's a recording of this talk at Agile 2012 here: http://www.youtube.com/watch?v=v-L_2y6g5DI
Creating automated end-to-end functional acceptance tests is hard. Maintaining them over time is harder. Some agilistas even claim that the cost outweighs the benefit. In this lecture we present five principles for creating valuable, maintainable acceptance test suites. We discuss practices such as layering acceptance tests to reduce coupling between the test harness, and talk about how teams should be organized in order to efficiently manage acceptance test driven development. The core of the talk discusses how to manage the evolution of acceptance tests by organizing them as scenarios rather than as suites of story tests. Finally we show how to manage data for acceptance tests.
My talk delivered at Wicked Good Ember Conference 2016 discussing strategies and techniques to help maintain your tests when working with a large test suite.
How do I write Testable Javascript - Presented at dev.Objective() June 16, 2016Gavin Pickin
Everyone who wasn't writing JavaScript, probably is now. Atwood's Law: any application that can be written in JavaScript, will eventually be written in JavaScript.
That's great, but how do we test it? In ColdFusion we have CFCs, most languages have classes... but JavaScript doesn't have classes (yet).
So how do I write unit tests, what units are there, and how do I make my code look like that? JavaScript is a flexible language, and with great flexibility comes great complexity and responsibility. Take your JavaScript spaghetti and make it unit testable.
Attendees should have some exposure to JavaScript, but this is for the Professional Newbie... who always needs to learn and adapt.
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...Demi Ben-Ari
Once you start working with distributed Big Data systems, you start discovering a whole bunch of problems you won’t find in monolithic systems.
All of a sudden to monitor all of the components becomes a big data problem itself.
In the talk we’ll mention all of the aspects that you should take in consideration when monitoring a distributed system once you’re using tools like:
Web Services, Apache Spark, Cassandra, MongoDB, Amazon Web Services.
Not only the tools, what should you monitor about the actual data that flows in the system?
And we’ll cover the simplest solution with your day to day open source tools, the surprising thing, that it comes not from an Ops Guy.
This is the Google Tech Talk that I gave August 17th, 2007 on building a JavaScript library. I derived much of the talk from my experiences in building the jQuery and FUEL JavaScript libraries.
Based on the example of the XWiki Open Source project (http://xwiki.org) this session will describe a number of practices to improve the quality of a Java project. Also, it will show how to implement these practices so that they are automatically checked and enforced. Some examples include: *How to make sure your project does not break binary compatibility unintentionally and, more generally, how to successfully evolve an API without breaking your users; *How to manage the JAR hell and avoid duplication of classes in your application at runtime; *How to automatically control the test coverage and the associated policies; *How to automate functional testing of web applications and how to avoid false-positives that plague any project..
Kommunikations-APIs von JavaScript (International PHP Conference/WebTechCon 2...Christian Wenz
Kommunikation mit JavaScript war lange Zeit sehr überschaubar: HTTP-Anfragen waren dank Ajax möglich, aber auch nur an den Ursprungsserver und mit weiteren Einschränkungen. Dies hat sich mittlerweile geändert: JavaScript-Code kann jetzt auch mit fremden Browsertabs und Servern reden, sofern diese mögen; ebenfalls ist eine bidirektionale Kommunikation anstelle des altbackenen Pull-Modells möglich. Auch Zugriff auf Kamera und Mikrofon sind (nach Nutzerbestätigung) möglich. Diese Session zeigt zahlreiche bekannte und weniger bekannte Kommunikationsmöglichkeiten mit JavaScript und HTML5 auf und beleuchtet Vor- und Nachteile aus dem Projektalltag.
Digitale Medien werden in der musealen Vermittlung von Bildung bisher unterschiedlich eingesetzt. Meist handelt es sich um Bildungsszenarien der Kurzzeitpädagogik, da sie einen Museumsbesuch fokussieren, der innerhalb weniger Stunden wieder beendet sein wird. Wenige dienen der Vor- und Nachbereitung und geben Anschlussmöglichkeiten zur Vertiefung Zuhause. Noch sind vorrangig Beispiele aus dem englischsprachigen Raum zu finden, welche die digitale Verarbeitung von Wissen außerhalb des Museumsraums anbieten. Da in den letzten Jahren oft Innovationen aus Nordamerika mit etwas Verzögerung auf die deutschsprachige Bildungslandschaft trafen, ist davon auszugehen, dass auch hier E-Learning im Museum in der nächsten Zeit ein Thema werden könnte.
Developing IOS Applications in a team environment requires integration and continuous builds. This presentation shows how to develop this with your team.
There's a recording of this talk at Agile 2012 here: http://www.youtube.com/watch?v=v-L_2y6g5DI
Creating automated end-to-end functional acceptance tests is hard. Maintaining them over time is harder. Some agilistas even claim that the cost outweighs the benefit. In this lecture we present five principles for creating valuable, maintainable acceptance test suites. We discuss practices such as layering acceptance tests to reduce coupling between the test harness, and talk about how teams should be organized in order to efficiently manage acceptance test driven development. The core of the talk discusses how to manage the evolution of acceptance tests by organizing them as scenarios rather than as suites of story tests. Finally we show how to manage data for acceptance tests.
Running Lean and Mean: Designing Cost-efficient Architectures on AWS (ARC313)...Amazon Web Services
Whether you're a startup getting to profitability or an enterprise optimizing spend, it pays to run cost-efficient architectures on AWS. Dive deep into techniques used by successful customers to reduce waste and fine-tune their AWS spending, often with improved performance and a better end-customer experience. Some techniques covered in this session: Learn how to make the most of Auto Scaling, develop an effective Spot Instance strategy, and optimize for your daily traffic cycles. Learn techniques to tier storage, offload your static content to Amazon S3 and Amazon CloudFront, reduce your database loads with edge caching, spawn part-time databases, pool resources across accounts, and even teach your dev/test instances to sleep. Showcasing easily-applicable methods, this session could be your best invested hour all day.
Running Lean and Mean: Designing Cost-efficient Architectures on AWS (ARC313)...Amazon Web Services
Whether you're a startup getting to profitability or an enterprise optimizing spend, it pays to run cost-efficient architectures on AWS. Dive deep into techniques used by successful customers to reduce waste and fine-tune their AWS spending, often with improved performance and a better end-customer experience. Some techniques covered in this session: Learn how to make the most of Auto Scaling, develop an effective Spot Instance strategy, and optimize for your daily traffic cycles. Learn techniques to tier storage, offload your static content to Amazon S3 and Amazon CloudFront, reduce your database loads with edge caching, spawn part-time databases, pool resources across accounts, and even teach your dev/test instances to sleep. Showcasing easily-applicable methods, this session could be your best invested hour all day.
Using Apache Cassandra: What is this thing, and how do I use it?jeremiahdjordan
This is the presentation I gave at the Reflections | Projections conference at UIUC. http://www.acm.uiuc.edu/conference/2013/ It is an introduction to some of the basics of Apache Cassandra, followed by actually getting it up and running. This presentation goes over what Apache Cassandra is and how to get it up and running on your development machine. It then goes over using the DataStax Python Driver and the Cassandra Query Language (CQL) to create tables, write data to them, and then read it back out.
TDD is one of the most controversial subjects in the software industry. Its promises are many: a codebase that continuously checks itself, reduces maintainability costs, simplifies introduction of changes, and allows faster work cycles. Unfortunately, high expectations lead to high disappointments. Many good teams have found themselves enchained in webs of mock objects that not only hindered every promise made by TDD originally, but were more costly to maintain than the codebase itself! No wonder why TDD has been declared as waste by many respected professionals. Heck, I was hit by TDD's dark side myself... but found a way to slay the complexity dragon. In this session I'm going to share what I've learned the hard way: how to make peace with mock objects, how to avoid accidental complexities, and ultimately, how to make TDD work for you.
Serverless in production, an experience report (IWOMM)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Domas will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Cassandra Meetup: Real-time Analytics using Cassandra, Spark and Shark at OoyalaDataStax Academy
What You Will Learn At This Meetup:
• Review of Cassandra analytics landscape: Hadoop & HIVE
• Custom input formats to extract data from Cassandra
• How Spark & Shark increase query speed & productivity over standard solutions
Abstract
This session covers our experience with using the Spark and Shark frameworks for running real-time queries on top of Cassandra data.We will start by surveying the current Cassandra analytics landscape, including Hadoop and HIVE, and touch on the use of custom input formats to extract data from Cassandra. We will then dive into Spark and Shark, two memory-based cluster computing frameworks, and how they enable often dramatic improvements in query speed and productivity, over the standard solutions today.
About Evan Chan
Evan Chan is a Software Engineer at Ooyala. In his own words: I love to design, build, and improve bleeding edge distributed data and backend systems using the latest in open source technologies. I am a big believer in GitHub, open source, and meetups, and have given talks at conferences such as the Cassandra Summit 2013.
South Bay Cassandra Meetup URL: http://www.meetup.com/DataStax-Cassandra-South-Bay-Users/events/147443722/
Hadoop: Big Data Stacks validation w/ iTest How to tame the elephant?Dmitri Shiryaev
. Problem we are facing
. Big Data Stacks
. Why validation
. What is "Success" and the effort to achieve it
. Solutions
. Ops testing
. Platform certification
. Application testing
. Stack on stack
. Test artifacts are First Class Citizen
. Assembling validation stack (vstack)
. Tailoring vstack for target clusters
. D3: Deployment/Dependencies/Determinism
Everything-as-code – Polyglotte Entwicklung in der PraxisQAware GmbH
IT-Tage 2017, Frankfurt am Main: Vortrag von Mario-Leander Reimer (@LeanderReimer, Cheftechnologe bei QAware)
Abstract:
Als zeitgemäßer Entwickler muss man eine Vielzahl an Sprachen sicher beherrschen. Wir definieren unsere Entwicklungsumgebung mit Gradle, wir bauen unsere Software in Java, Kotlin und JavaScript. Wir verwenden Groovy und Scala um unsere Software zu testen. Die Build-Pipeline wird per DSL und JSON definiert. Mit YAML und Python beschreiben wir die Infrastruktur und das Deployment unserer Anwendungen. Die Dokumentation unserer Architekturen erledigen wir mit AsciiDoc und JRuby.
Use the right tool for the job! Das ist das Motto dieser Session. Jede Sprache hat Stärken in einer bestimmten Domäne. Diese Stärken gilt es zu nutzen. Aber einfach blind jede gerade angesagte Sprache oder Technologie einzusetzen, ist sicher nicht die Lösung. Dieser Vortrag führt durch die einzelnen Entwicklungs-Phasen eines Microservice und zeigt dabei einen in der Praxis erprobten, stabilen und gut integrierten polyglotten Technologie-Stack um moderne Enterprise-Applikationen schnell und einfach zu entwickeln.
Frameworks wie Next.js und Nuxt versuchen, Client und Server wieder näher zusammenzubringen und setzen dabei auf die großen SPA-Frameworks React und Vue. Die leichtgewichtige Bibliothek htmx dagegen versucht, das gleiche Ziel auf ganz andere Weise zu erreichen. Muss es denn immer eine SPA sein? Reicht nicht auch in vielen Fällen deutlich weniger Overhead? Wir haben schließlich HTML als Strukturelement und CSS für das gute Aussehen. Genau diesen Ansatz greift htmx auf und erweitert die Fähigkeiten der HTML-Struktur. Serverkommunikation und Eventhandling erreichen mit dieser Bibliothek eine ganz neue Dimension.
Aber was bedeutet das für unsere tägliche Arbeit? Setzen wir in Zukunft alle neuen Applikationen nur noch mit htmx um, oder migrieren wir unsere Vue-Codebasis auf htmx? Diesen und vielen weiteren Fragen widmen wir uns in diesem Vortrag, nicht nur in der Theorie, sondern auch am praktischen Beispiel.
Angular ist die Komplettlösung für die Umsetzung von Webapplikationen im Frontend. Ein so umfassendes Werkzeug hat allerdings auch seine Schattenseiten: Die Einstiegshürde ist relativ hoch. Dieser Vortrag stellt die wichtigsten Elemente des Frameworks wie Komponenten, Direktiven und Services vor. In einem praktischen Beispiel werden die verschiedenen Elemente von Angular Schritt für Schritt zu einer kompletten Applikation zusammengefügt. Damit lernen Sie nicht nur die Elemente des Frameworks kennen, sondern gleichzeitig die wichtigsten Architekturpatterns und zahlreiche Best Practices.
Node.js is a lightweight but yet capable platform for creating powerful web applications. The core of Node.js is kept small and restricted to a limited functionality that is extended by a vast ecosystem. With the right combination of packages you are able to build full-featured web applications. There is nearly no limit in features starting with simple problems such as authentication or logging over web interfaces with REST or GraphQL to a whole application based on a microservices architecture. In this talk I will introduce you to some commonly used packages and show you how to use them by example.
Node.js and microservices go hand in hand. This comes mainly from the design of Node.js. It is a specialised small platform with an enormous package environment. The NPM ecosystem provides a lot of packages you can use to build your microservice. The two most popular frameworks for this job are Express and Seneca. In this talk I will show you how you can communicate synchronously and asynchronously with your microservices and how easy it is to put your Node.js application into a docker container.
Nobody likes to wait for web pages to load in the browser. The longer it takes, the more dissatisfied the users become. Slow web pages lead to a higher bounce rate and the loss of customers. To solve this kind of problems can be very hard sometimes. Before you even start to optimise your page, you have to understand the workflows a browser performs in order to display a page on the screen. In this talk you will get some insights in the critical rendering path and the javascript engine of your browser that help you to find performance problems and solve them. I will show you also some tools and best practices that make your life easier when it comes to performance.
Lange Wartezeiten und mangelnde Responsivität unserer Webapplikation führen zu unzufriedenen Benutzern, was sich in hohen Absprungraten und Abwanderung zur Konkurrenz oder einfach der Weigerung, die Applikation zu verwenden, niederschlägt. Das Problem einer langsamen Applikation lässt sich jedoch leider nicht ganz so einfach lösen. Wichtig für eine nachhaltige Lösung ist das Verständnis der Abläufe im Browser. Aus diesem Grund beschäftigen wir uns hier mit Konzepten wie dem Critical Rendering Path und einigen Charakteristiken der JavaScript-Engines. Im Zuge dieses Vortrags werden einige der häufigsten Problemstellungen von Webapplikationen analysiert und Lösungsansätze und Best Practices zur Behebung der Performanceprobleme vorgestellt.
Features einer Applikation werden häufig implementiert, weil die Verantwortlichen vermuten, dass diese Funktionalitäten einen Mehrwert für die Benutzer der Applikation bieten. Je nach Umfang wird mehr oder weniger Geld investiert. Ohne weitere Unterstützung sind und bleiben es jedoch Vermutungen. Eine bessere Lösung bieten hier A/B-Tests. Features werden kostengünstig in einer oder mehreren Varianten umgesetzt und mit einer Kontrollimplementierung verglichen. Die Umsetzung, die sich als die beste herausstellt, wird überarbeitet und bleibt in der Applikation erhalten. Diese Vorgehensweise lässt sich sehr gut in node.js-Applikationen integrieren. Mithilfe von A/B-Tests können Sie Ihre Applikation an den Anforderungen Ihrer Benutzer ausrichten.
Eine Sammlung von Best Practices für Applikationen mit AngularJS. Der Vortrag stellt Strukturen und Konventionen vor, mit denen sich auch umfangreiche Applikationen wartbar und erweiterbar halten lassen.
Mein Vortrag auf der EnterJS 2015 über Sicherheit in Node.js Applikationen. Es werden verschiedene Angriffsvektoren vorgestellt und wie man ihnen begegnen kann.
Typescript zur Applikationsentwicklung nutzen. Hier werden die wichtigsten Features der Sprache kurz vorgestellt und am konkreten Beispiel deren Einsatz gezeigt.
Testgetriebene Entwicklung mit Jasmine und Karma hat sich mittlerweile schon als defacto-Standard etabliert. Routinen ohne Abhängigkeiten lassen sich damit ohne Probleme testen. Die Schwierigkeiten beginnen jedoch schon, wenn es um die Auflösung von Abhängigkeiten geht. In diesem Vortrag werden verschiedene Strategien und Werkzeuge vorgestellt, mit denen Abhängigkeiten zu Objekten und Funktionen oder zum Server abgedeckt werden können. Aber nicht nur Abhängigkeiten stellen Schwierigkeiten bei der testgetriebenen Entwicklung dar, auch der Umgang mit Fixtures ist bei der testgetriebenen Entwicklung mit JavaScript relevant. Abgerundet wird dieser Vortrag mit einigen Best Practices für die testgetriebenen Entwicklung mit JavaScript.
Warum ECMAScript 6 die Welt ein Stückchen besser machtSebastian Springer
Wo die Neuerungen von ECMAScript 5 recht unspektakulär waren, sind die Features des neuen Sprachstandards umso interessanter. ECMAScript 6 versucht einige Anforderungen zu erfüllen, mit denen man als JavaScript-Entwickler täglich konfrontiert ist. Klassische Beispiele sind hier Promises zum Umgang mit asynchronen Funktionen, ein Module Loader zur Strukturierung der Applikation, Generatoren und Iteratoren oder aber ein neuer Gültigkeitsbereich für Variablen. Aber nicht nur große Änderungen, sondern auch sinnvolle Erweiterungen bestehender Objekte wie String und Array halten mit dem neuen Standard Einzug in den Browser. Problematisch wird die Situation jedoch, wenn man in den Genuss verschiedener Features kommen möchte, die aktuell noch von keinem Browser unterstützt werden. Hier schafft Traceur, der ECMAScript-6-Compiler von Google, Abhilfe.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
3. WER BIN ICH?
• Sebastian Springer
• 29
• Dipl. Inf. (FH)
• Teamleiter @ Mayflower
Tuesday, October 16, 12
4. WAS ERZÄHLE ICH HEUTE?
• Was bringt mir eine hohe Qualität überhaupt?
• Welche Tools kann ich nutzen?
• Wie kann ich die QA automatisieren?
Tuesday, October 16, 12
35. IT WILL HURT YOUR FEELINGS
Tuesday, October 16, 12
36. WAS TUT JSLINT?
• Codingstyle - Whitespaces
• == und != vs. === und !==
• Variablendeklaration zu Beginn einer Funktion
• “use strict”
• Keine Globale Variablen
• Definition vor Verwendung
• eval is EVIL
Tuesday, October 16, 12
52. WARUM UNITTESTS?
• Stabilität
• Sicherheit für Developer
• Dokumentation
• Pro Bug ein Test
Tuesday, October 16, 12
53. JASMINE
describe("DateCalc", function () {
it("should return...", function () {
var dateCalc = new DateCalc(),
result = dateCalc.resolveDate();
expect(result).toBeFalsy();
});
});
Tuesday, October 16, 12
54. JSTESTDRIVER
• Testing Framework
• Browser Capturing
• Coverage
• Plugins für andere Frameworks (qUnit, Jasmine, etc.)
Tuesday, October 16, 12
55. JASMINE IN JENKINS
java -jar JsTestDriver.jar --port 9876
Tuesday, October 16, 12
73. KONTAKT
Sebastian Springer
sebastian.springer@mayflower.de
Mayflower GmbH
Mannhardtstr. 6
80538 München
Deutschland
@basti_springer
https://github.com/sspringer82
Tuesday, October 16, 12