ParseTree permite formas bastante avançadas de reflexão sobre código Ruby.
Com seu uso, podemos até mudar completamente a forma como o código Ruby é interpretado!
A palestra passa por alguns usos divertidos e interessantes, desde análise estática de
código, até técnicas para construção de Domain Specific Languages.
Most developers will be familiar with lex, flex, yacc, bison, ANTLR, and other tools to generate parsers for use inside their own code. Erlang, the concurrent functional programming language, has its own pair, leex and yecc, for accomplishing most complicated text-processing tasks. This talk is about how the seemingly simple prospect of parsing text turned into a new parser toolkit for Erlang, and why functional programming makes parsing fun and awesome.
Most developers will be familiar with lex, flex, yacc, bison, ANTLR, and other tools to generate parsers for use inside their own code. Erlang, the concurrent functional programming language, has its own pair, leex and yecc, for accomplishing most complicated text-processing tasks. This talk is about how the seemingly simple prospect of parsing text turned into a new parser toolkit for Erlang, and why functional programming makes parsing fun and awesome.
Can't Miss Features of PHP 5.3 and 5.4Jeff Carouth
If you're like me you remember the days of PHP3 and PHP4; you remember when PHP5 was released, and how it was touted to change to your life. It's still changing and there are some features of PHP 5.3 and new ones coming with PHP 5.4 that will improve your code readability and reusability. Let's look at some touted features such as closures, namespaces, and traits, as well as some features being discussed for future releases.
There are a lot of operators in Perl 6, so many that it can be called an OOL: operator oriented language. Here I describe most of them from the angle of contexts, which Perl 6 has also much more than Perl 5.
Part of a series of talk to help you write your first Perl 6 program today. So its basic syntax and concepts of its object orientation and a comparison to the widely used P5 OO system Moose which is similar by no accident.
Full-day tutorial for the dutch php conference 2011 giving a very quick tour around all the various areas of the ZCE syllabus and some tips on the exam styles
Conheça um pouco mais sobre Perl 6, uma linguagem de programação moderna, poderosa e robusta que permitirá que você escreva código de forma ágil e eficiente.
Building DSLs with Xtext - Eclipse Modeling Day 2009Heiko Behrens
Slides of Eclipse Modeling Day in New York and Toronto http://wiki.eclipse.org/Eclipse_Modeling_Day
Motivation of specific tools with apple corer analogy, Example of domain-specific language (chess notation), introduction to Xtext with demo plus outlook
DockerCon 2014: Thoughts on interoperable containersFabio Kung
Docker is driving the popularization of Linux containers, but there are many different container managers out there, such as LXC and lmctfy. Not to mention different PaaS being built on top of these technologies. How great would it be if applications were portable to all (or most of) those different providers and container managers with little or no effort? This talk will discuss some ideas of what needs to be done for it to happen and what the community can do to help.
Can't Miss Features of PHP 5.3 and 5.4Jeff Carouth
If you're like me you remember the days of PHP3 and PHP4; you remember when PHP5 was released, and how it was touted to change to your life. It's still changing and there are some features of PHP 5.3 and new ones coming with PHP 5.4 that will improve your code readability and reusability. Let's look at some touted features such as closures, namespaces, and traits, as well as some features being discussed for future releases.
There are a lot of operators in Perl 6, so many that it can be called an OOL: operator oriented language. Here I describe most of them from the angle of contexts, which Perl 6 has also much more than Perl 5.
Part of a series of talk to help you write your first Perl 6 program today. So its basic syntax and concepts of its object orientation and a comparison to the widely used P5 OO system Moose which is similar by no accident.
Full-day tutorial for the dutch php conference 2011 giving a very quick tour around all the various areas of the ZCE syllabus and some tips on the exam styles
Conheça um pouco mais sobre Perl 6, uma linguagem de programação moderna, poderosa e robusta que permitirá que você escreva código de forma ágil e eficiente.
Building DSLs with Xtext - Eclipse Modeling Day 2009Heiko Behrens
Slides of Eclipse Modeling Day in New York and Toronto http://wiki.eclipse.org/Eclipse_Modeling_Day
Motivation of specific tools with apple corer analogy, Example of domain-specific language (chess notation), introduction to Xtext with demo plus outlook
DockerCon 2014: Thoughts on interoperable containersFabio Kung
Docker is driving the popularization of Linux containers, but there are many different container managers out there, such as LXC and lmctfy. Not to mention different PaaS being built on top of these technologies. How great would it be if applications were portable to all (or most of) those different providers and container managers with little or no effort? This talk will discuss some ideas of what needs to be done for it to happen and what the community can do to help.
LXC, Docker, security: is it safe to run applications in Linux Containers?Jérôme Petazzoni
Linux Containers (or LXC) is now a popular choice for development and testing environments. As more and more people use them in production deployments, they face a common question: are Linux Containers secure enough? It is often claimed that containers have weaker isolation than virtual machines. We will explore whether this is true, if it matters, and what can be done about it.
Docker, Linux Containers, and Security: Does It Add Up?Jérôme Petazzoni
Containers are becoming increasingly popular. They have many advantages over virtual machines: they boot faster, have less performance overhead, and use less resources. However, those advantages also stem from the fact that containers share the kernel of their host, instead of abstracting an new independent environment. This sharing has significant security implications, as kernel exploits can now lead to host-wide escalations.
In this presentation, we will:
- Review the actual security risks, in particular for multi-tenant environments running arbitrary applications and code
- Discuss how to mitigate those risks
- Focus on containers as implemented by Docker and the libcontainer project, but the discussion also stands for plain containers as implemented by LXC
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Jérôme Petazzoni
Docker is two years old. While security has always been at the core of the questions revolving around Docker, the nature of those questions has changed. Last year, the main concern was "can I safely colocate containers on the same machine?" and it elicited various responses. Dan Walsh, SELinux expert, notoriously said: "containers do not contain!", and at last year's LinuxCon, Jérôme delivered a presentation detailing how to harden Docker and containers to isolate them better. Today, people have new concerns. They include image transport, vulnerability mitigation, and more.
After a recap about the current state of container security, Jérôme will explain why those new questions showed up, and most importantly, how to address them and safely deploy containers in general, and Docker in particular.
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Jérôme Petazzoni
Docker is two years old. While security has always been at the core of the questions revolving around Docker, the nature of those questions has changed. Last year, the main concern was "can I safely colocate containers on the same machine?" and it elicited various responses. Dan Walsh, SELinux expert, notoriously said: "containers do not contain!", and at last year's LinuxCon, Jérôme delivered a presentation detailing how to harden Docker and containers to isolate them better.
Today, people have new concerns. They include image transport, vulnerability mitigation, and more.
After a recap about the current state of container security, Jérôme will explain why those new questions showed up, and most importantly, how to address them and safely deploy containers in general, and Docker in particular.
Virtual machines are generally considered secure. At least, secure enough to power highly multi-tenant, large-scale public clouds, where a single physical machine can host a large number of virtual instances belonging to different customers. Containers have many advantages over virtual machines: they boot faster, have less performance overhead, and use less resources. However, those advantages also stem from the fact that containers share the kernel of their host, instead of abstracting a new independent environment. This sharing has significant security implications, as kernel exploits can now lead to host-wide escalations.
We will show techniques to harden Linux Containers; including kernel capabilities, mandatory access control, hardened kernels, user namespaces, and more, and discuss the remaining attack surface.
Gisting is an implementation of Google\'s MapReduce framework for processing and extracting useful information from very large data sets. At the time of this writing, the code is available for PREVIEW at http://github.com/mchung/gisting. I am currently working to release this framework for general usage.
Lisp Macros in 20 Minutes (Featuring Clojure)Phil Calçado
"We just started holding 20 minutes presentations during lunch time in the ThoughtWorks Sydney office. For the first session I gave a not-that-short talk on Lisp macros using Clojure. The slides are below.
It turns out that 20 minutes is too little time to actually acquire content but I think at least we now have some people interested in how metaprogramming can be more than monkey patching."
http://fragmental.tw/2009/01/20/presentation-slides-macros-in-20-minutes/
This talk was part tongue in cheek, part serious, but entirely fun and given twice as a lightning talk - once at Europython & once at the ACCU python uk 05. It presents a generic python like language parser which does actually work. Think of it as an alternative to brackets in Lisp!
Groovy speech I held last year for introducing a new JVM language as substitute of Java. Easy and intuitive, it offers new features unknow to its parent yet.
Discussing language constructs with fellow developers in the context of solving a particular problem is something we do routinely. While most such conversations are productive and useful, a fair portion degenerate into angry brawls. A pattern we've observed in the latter situation is that a surprising number of times the argument is that "Why shouldn't I use language feature X to achieve objective Y- after all, the language supports X."
In this talk Aakash and Niranjan walk through a few features of the Ruby language which when used wisely allows programmers to solve problems elegantly but if they are used without caution can lead to bad code.
Attributes Unwrapped: Lessons under the surface of active record.toster
Ведущий разработчик Ruby on Rails (Rails Core member) Джон Лейтон не так давно работал над совершенствованием реализации работы с атрибутами в Active Record. Он расскажет о своем опыте работы над важной для производительности областью Rails, даст советы и расскажет о техниках, которые могут быть применены к собственным приложениям слушателей.
Говоря о будущем, Джон также расскажет о своих идеях по изменению API работы с атрибутами в лучшую сторону; эти изменения могут появиться в Rails 4.0.
Cloud IaaS - Detalhes da Infraestrutura como ServiçoFabio Kung
Apresentada durante a IX JAT e durante o DevOpsDays em São Paulo, essa palestra dá uma visão da tecnologia e mecanismos usados hoje em dia por alguns dos principais provedores de Cloud IaaS.
My talk at QCon São Paulo 2010.
In that opportunity, I talked about possible uses of the "automatable" infrastructure provided by most cloud vendors (like Locaweb, Amazon and Rackspace).
Algumas idéias e discussão sobre automação de infraestrutura. Como trazer as idéias e práticas do mundo dos desenvolvedores para o trabalho de sysadmins e vice-versa?
Onde mora a produtividade do Ruby on Rails?Fabio Kung
Palestra que aconteceu no evento Mare de Agilidade, em Fortaleza - CE, agosto/2009.
Mas, como sempre, os slides fazem mais sentido para quem esteve na palestra.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
6. Metaprogramação
class Aluno
end
marcos = Aluno.new
marcos.respond_to? :programa # => false
class Professor
def ensina(aluno)
def aluno.programa
quot;puts 'agora sei programar'quot;
end
end
end
knuth = Professor.new
knuth.ensina marcos
marcos.respond_to? :programa
# => true
marcos.programa
# => quot;puts 'agora sei programar'quot;
14. SexpProcessor
class TheProcessor < SexpProcessor
def process_call(node)
# ...
process node
end
def process_class(node)
# ...
process node
end
def process_scope(node)
# ...
process node
end
end
15. SexpProcessor
class TheProcessor < SexpProcessor
def process_call(node)
# ...
ast = ParseTree.new.process(...)
process node
new_ast = TheProcessor.new.process(ast)
end
def process_class(node)
# ...
process node
end
def process_scope(node)
# ...
process node
end
end
16. class
nil scope
Person
defn
say_hi args scope
block
class RenameProcessor < SexpProcessor
call
def process_defn(node) puts
nil arglist
name = node.shift
str
args = process(node.shift)
scope = process(node.shift) “hi”
s(:defn, :quot;new_#{name}quot;, args, scope)
end
end
17. Flog
Flog shows you the most
torturous code you wrote. class Test
def blah # 11.2 =
The more painful the a = eval quot;1+1quot; # 1.2 + 6.0 +
code, the higher the score. if a == 2 then # 1.2 + 1.2 + 0.4 +
The higher the score, the puts quot;yayquot; # 1.2
end
harder it is to test. end
end