This document discusses growth strategies for startups. It recommends focusing on retention metrics like 2nd day, 2nd week, and 2nd month retention rates as well as daily active users to monthly active users. Tactics discussed include setting a "north star" key metric to optimize for like messages sent or nights booked, identifying "magic moments" that drive engagement, using user accounting to understand new vs. resurrected vs. churned users, and testing virality through metrics like the k-factor. It emphasizes taking a data-driven approach, continuously testing changes, and optimizing for core business flows and features.
This document discusses growth strategies for startups. It recommends focusing on retention metrics like 2nd day, 2nd week, and 2nd month retention rates as well as daily active users to monthly active users. Tactics discussed include setting a "north star" key metric to optimize for like messages sent or nights booked, identifying "magic moments" that drive engagement, using user accounting to understand new vs. resurrected vs. churned users, and testing virality through metrics like the k-factor. It emphasizes taking a data-driven approach, continuously testing changes, and optimizing for core business flows and features.
This document provides an introduction and overview of MySQL, including how to download and access MySQL, basic commands to manage databases and tables, examples of SQL queries, and how to modify data. It covers topics such as creating databases and tables, selecting, joining, aggregating data, and updating records in MySQL. Examples demonstrate how to retrieve customer names, loan amounts, branch details, and more from the sample banking database.
This document provides an introduction to MySQL, an open source relational database management system. It discusses that MySQL is pronounced "my-es-que-el" and includes both a SQL server and client programs. It also summarizes that MySQL AB is the commercial entity behind MySQL that provides marketing, development, services, support and consulting. Additionally, it notes that MySQL is the most popular open source database with over 100 million downloads, it is certified for SAP applications, and is widely used by developers along with PHP and Apache.
8. 开放源代码软件成熟度评估
搜集统计软件的代码信息,比如,文件数,代码行数,代码复杂度,继承或循环数量
等。帮助开发者和维护着宏观上掌握程序开发的复杂度,便于有针对性的进行代码管理。
可定制的代码分析
许多组织有自己独特的编码标准、安全策略和质量目标。可利用 klocwork 为一些特殊问
题的分析进行单独定制,用户也可以编制自己的扩展检查器来完成特定任务。
开发人员 IDE 集成
klocwork 可以和现在大多是主流的 IDE 开发环境集成,在开发的早期及时发现可能的代码
漏洞从而有效降低开发成本。
代码评测报告摘要:
Summary:
Project name: MediaWiKi
Build name: build_1
Created on: Oct 31, 2007
Files analyzed: 531
Lines of code (Source LOC): 124,534
Defects Overview
Defects Overview:
Number of defects 192
Defect Density: 1.54
Header File Problems Overview:
Number of defects 1,648
Defect Density: 3.23
Security Vulnerabilities Overview:
Number of defects 47
Defect Density: .38
Dependent Headers Overview:
Number of dependent header files: 142
Unnecessary Compile Expansion Overview:
Unnecessary compile expansion: 539,192
第 8 页 共 20 页
9. 开放源代码软件成熟度评估
Compile expansion before include optimization: 4,393,144
Compile expansion after include optimization: 3,853,952
System Complexity Overview:
Complexity (function average): 8.58
Complexity (per file peak averaged across system): 32.57
Number of highly complex functions: 362
Number of files with highly complex functions: 103
Project configuration details:
Creation date: Oct 31, 2007
Creation time: 1:55:39 PM
Software Intelligence Engine version: 7.7.2.3
Number of filter files used: 0
Project name: MediaWiKi
Build name: build_1
Total lines of code (Source LOC): 124,534
Total lines of comments (in c/c++ files): 37,739
Total number of files analyzed: 531
Total number of defects: 1,887
Total number of entities: 24,674
Total number of relationships:
Total number of functions / methods: 3,695
Total number of classes / types: 1,520
Error Distribution
第 9 页 共 20 页
10. 开放源代码软件成熟度评估
Type # %
Null pointer may be dereferenced 4 2.08
Result of function that may return 164 85.42
NULL will be dereferenced
Suspicious dereference of pointer in 2 1.04
function call before NULL check
Memory Leak - possible 2 1.04
Pointer may be dereferenced after it 2 1.04
was positively checked for NULL
Null pointer may be passed to 1 0.52
function that may dereference it
Null pointer will be dereferenced 2 1.04
Result of function that can return 12 6.25
NULL may be dereferenced
Suspicious dereference of pointer 2 1.04
before
NULL check
Warning Distribution
Type # %
Inconsistent Case Labels 1 0.52
评测分析
通过对 MediaWiKi 模块的分析,我们得出评测结论。代码的整体风格统一,格式工整,
总体质量较好。程序结构复杂度合理,出现较多的问题主要是代码中潜在的对 NULL 对象的
引用。注释方面,注释丰富,每个程序文件有基本说明,某些重要的代码有详细解释,给社
区参与创造了较好的代码环境。
软件测试
MediaWiKi 项目有专门的 Quality Assurance 组织,并且存在专门的商业公司负责软件
的商业支持与问题反馈。 在网站有专门的用户报告错误或参与测试的页面,错误的报告也可
通过 Mail Lis 进行。项目提供了一个批处理自动测试环境和一些工具供测试者使用,可以
方便的对软件的主要模块进行自动仿真测试。
第 10 页 共 20 页
11. 开放源代码软件成熟度评估
MediaWiKi 易用性研究
MediaWiKi 无图形配置、使用、监控环境。软件的主要配置和管理靠修改配置文件进行,
不过,软件提供了一些功能丰富的命令行工具,这也是服务器软件的一般做法。 软件的部署
和配置非常灵活,缺点是缺乏好的监控工具。
软件成熟度评估
软件成熟度属性定义与量化
ID Class Name Weight
01 技术架构设计 4
02 代码质量 4
03 软件易用性 1
04 软件可用性 4
05 项目建设与管理 2
06 项目的活跃程度 4
07 项目测试情况 2
08 软件应用支持 4
09 软件法律问题 1
以下为各属性类的属性定义:
ID Class Name Entry Weight Value Memo
01 技术架构设计 合理性 4 4
02 技术架构设计 可扩展性 3 5
03 技术架构设计 可移植性 2 4
04
05
06
ID Class Name Entry Weight Value Memo
01 代码质量 代码错误率 4 4
02 代码质量 代码可读性 4 5
03 代码质量 代码复杂度 2 4
04
05
06
ID Class Name Entry Weight Value Memo
01 软件易用性 易理解性 2 3
02 软件易用性 易学习性 2 3
03 软件易用性 易操作性 4 4
04
05
06
第 11 页 共 20 页
12. 开放源代码软件成熟度评估
ID Class Name Entry Weight Value Memo
01 软件可用性 完备性 3 4
02 软件可用性 正确性 4 4
03 软件可用性 可靠性 4 5
04 软件可用性 安全性 2 3
05
06
ID Class Name Entry Weight Value Memo
01 项目建设与管 组织架构 2 2
理
02 项目建设与管 开发管理 4 4
理
03 项目建设与管 网站建设 3 4
理
04
05
ID Class Name Entry Weight Value Memo
01 项目的活跃程 版本发布周期 2 4
度
02 项目的活跃程 软件下载量 3 4
度
03 项目的活跃程 交流机制 4 4
度
04
05
ID Class Name Entry Weight Value Memo
01 项目测试情况 测试方法(工 3 4
具)
02 项目测试情况 测试人员 4 4
03 项目测试情况 测试反馈 2 3
04
05
ID Class Name Entry Weight Value Memo
01 软件应用支持 社区支持度 4 4
02 软件应用支持 企业支持度 3 5
03 软件应用支持 应用成熟度 3 4
04 软件应用支持 书籍或文档指 2 3 新版本中文较
南 少
05
ID Class Name Entry Weight Value Memo
01 软件法律问题 软件版权协议 4 4
02 软件法律问题 专利与纠纷 1 3
03
04
05
第 12 页 共 20 页
16. 开放源代码软件成熟度评估
windows 安装包 - 是
其他类型安装包 - 否
商 内置 有内置于其它软件 - 无
业 于其 或方案套件中
他软
件
服务 技术支持维护服务 中国 是
其他 是
教育培训服务 中国 无
其他 无
云服务 中国 无
其他 无
案 案例 案例 中国 ?
例 其他 ?
MediaWiKi 软件成熟度评估结论
按照我们的开放源代码软件评估体系计算模型的公司进行计算,最终该软件的评估结果
显示,软件成熟度较好。
参考
1 http://www.mediaWiKi.org/WiKi/MediaWiKi
2 http://www.weekeeweekee.org/mediaWiKi/
3 http://www.knowtive.com/index.php/MediaWiKi
4 http://gnuradio.microembedded.com/ GNU Radio 中文社区
5 http://ossie.microembedded.com/ OSSIE 中文维客
附录:
代码检测
Entries in perl database: 33
Entries in ruby database: 46
Entries in python database: 62
Entries in c database: 334
Entries in php database: 55
Severity: Medium
Issue: is_dir
第 16 页 共 20 页
17. 开放源代码软件成熟度评估
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 126 (mkdir)
File: mediaWiKi-1.17.0//maintenance/language/lang2po.php Line:126[5]
if ( !is_dir( $dir ) ) { mkdir( $dir, 0770 ); }
Severity: Medium
Issue: is_readable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 57 (unlink)
File: mediaWiKi-1.17.0//maintenance/updateSearchIndex.php Line:53[9]
} elseif ( is_readable( 'searchUpdate.pos' ) ) {
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 2657 (unlink)
File: mediaWiKi-1.17.0//maintenance/fuzz-tester.php Line:2657[4]
if ( is_file( $prefix . DATA_FILE ) ) unlink( $prefix . DATA_FILE );
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 2658 (unlink)
File: mediaWiKi-1.17.0//maintenance/fuzz-tester.php Line:2658[4]
if ( is_file( $prefix . PHP_TEST ) ) unlink( $prefix . PHP_TEST );
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 2659 (unlink)
File: mediaWiKi-1.17.0//maintenance/fuzz-tester.php Line:2659[4]
if ( is_file( $prefix . CURL_TEST ) ) unlink( $prefix . CURL_TEST );
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 2660 (unlink)
File: mediaWiKi-1.17.0//maintenance/fuzz-tester.php Line:2660[4]
if ( is_file( $prefix . INFO_FILE ) ) unlink( $prefix . INFO_FILE );
第 17 页 共 20 页
18. 开放源代码软件成熟度评估
Severity: Medium
Issue: chdir
When using this function, it is important to be sure that the string being passed in does not contain relative path
elements (../ for example), or a null, which may cause underlying C calls to behave in ways you do not expect.
This is especially important if the string is in any way constructed from a user supplied value.
File: mediaWiKi-1.17.0//maintenance/postgres/compare_schemas.pl Line:455[9]
chdir("../..");
Severity: Medium
Issue: is_writable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 76 (dirname) , 79 (basename) , 79
(dirname) , 81 (basename) , 81 (dirname)
File: mediaWiKi-1.17.0//includes/installer/SqliteInstaller.php Line:98[5]
if ( !is_writable( $dir ) ) {
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 381 (dirname)
File: mediaWiKi-1.17.0//includes/filerepo/FSRepo.php Line:411[4]
if ( is_file( $archivePath ) ) {
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 582 (unlink)
File: mediaWiKi-1.17.0//includes/filerepo/LocalFile.php Line:580[4]
if ( is_file( $thumbDir ) ) {
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 566 (opendir)
File: mediaWiKi-1.17.0//includes/filerepo/FSRepo.php Line:563[26]
if ( !file_exists( $path ) || !is_dir( $path ) ) {
Severity: Medium
Issue: pfsockopen
第 18 页 共 20 页
19. 开放源代码软件成熟度评估
Argument 1 to this function call should be checked to ensure that it does not come from an untrusted source
without first verifying that it contains nothing dangerous.
File: mediaWiKi-1.17.0//includes/memcached-client.php Line:699[7]
$sock = pfsockopen( $ip, $port, $errno, $errstr, $timeout );
Severity: Medium
Issue: fsockopen
Argument 1 to this function call should be checked to ensure that it does not come from an untrusted source
without first verifying that it contains nothing dangerous.
File: mediaWiKi-1.17.0//includes/memcached-client.php Line:701[7]
$sock = fsockopen( $ip, $port, $errno, $errstr, $timeout );
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 182 (opendir)
File: mediaWiKi-1.17.0//includes/filerepo/ForeignAPIFile.php Line:181[4]
if ( is_dir( $dir ) ) {
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 572 (rename)
File: mediaWiKi-1.17.0//includes/filerepo/LocalFile.php Line:565[4]
if ( is_dir( $thumbPath ) ) {
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 602 (opendir)
File: mediaWiKi-1.17.0//includes/filerepo/LocalFile.php Line:601[4]
if ( is_dir( $dir ) ) {
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 216 (rename)
File: mediaWiKi-1.17.0//includes/filerepo/FSRepo.php Line:244[5]
if ( !is_file( $srcPath ) )
第 19 页 共 20 页
20. 开放源代码软件成熟度评估
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 227 (chmod)
File: mediaWiKi-1.17.0//includes/filerepo/FSRepo.php Line:405[4]
if( is_file( $dstPath ) ) {
Severity: Medium
Issue: is_file
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 267 (unlink)
File: mediaWiKi-1.17.0//includes/filerepo/FSRepo.php Line:247[5]
if ( !is_file( $toAppendPath ) )
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 34 (fopen)
File: mediaWiKi-1.17.0//includes/media/PNGMetadataExtractor.php Line:31[33]
elseif ( !file_exists($filename) || is_dir($filename) )
Severity: Medium
Issue: fsockopen
Argument 1 to this function call should be checked to ensure that it does not come from an untrusted source
without first verifying that it contains nothing dangerous.
File: mediaWiKi-1.17.0//includes/proxy_check.php Line:33[8]
$sock = @fsockopen($ip, $port, $errno, $errstr, 5);
File: mediaWiKi-1.17.0//includes/ZhClient.php Line:36[12]
$this->mFP = fsockopen($this->mHost, $this->mPort, $errno, $errstr, 30);
Severity: Medium
Issue: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has
occured. The following line(s) contain uses that may match up with this check: 38 (fopen)
File: mediaWiKi-1.17.0//includes/media/GIFMetadataExtractor.php Line:35[33]
elseif ( !file_exists($filename) || is_dir($filename) )
Inputs detected at the following points
第 20 页 共 20 页