This document discusses a study analyzing the relationship between unit test code quality and production code quality. The study analyzed over 200 open source projects to determine if code tested with more than one assertion per test had higher complexity, size, and method calls than code tested with a single assertion. The results found no significant differences between the two groups. Having multiple asserted objects per test, rather than assertions, may be a better indicator of code quality. More research with additional industry projects is needed.
Certification preparation - Net classses and functions.pptxRohit Radhakrishnan
we recap the basic and advanced notions regarding different types of Object types used when working in UiPath environment. We are going to go through the basics (e.g.: concatenation, conversion between different types of data) and deep dive into more advanced topics like linqs or selectors, recap how to work with datatables, from initialization to filtering and touch upon the subject of invoking code inside an UiPath project.
we recap the basic and advanced notions regarding different types of Object types used when working in UiPath environment. We are going to go through the basics (e.g.: concatenation, conversion between different types of data) and deep dive into more advanced topics like linqs or selectors, recap how to work with datatables, from initialization to filtering and touch upon the subject of invoking code inside an UiPath project.
Certification preparation - Error Handling and Troubleshooting recap.pptxRohit Radhakrishnan
The Error Handling and Troubleshooting session focuses on the understanding of system and business exceptions and on how to use the error handling activities in UiPath Studio. We also discuss about debugging methods and logging best practices.
The Orchestrator Functions presentation offers a brief introduction and recap of the main UiPath Orchestrator features that are covered in the certification objectives. It focuses on understanding the general components and working with assets, queues and triggers.
Certification preparation - Net classses and functions.pptxRohit Radhakrishnan
we recap the basic and advanced notions regarding different types of Object types used when working in UiPath environment. We are going to go through the basics (e.g.: concatenation, conversion between different types of data) and deep dive into more advanced topics like linqs or selectors, recap how to work with datatables, from initialization to filtering and touch upon the subject of invoking code inside an UiPath project.
we recap the basic and advanced notions regarding different types of Object types used when working in UiPath environment. We are going to go through the basics (e.g.: concatenation, conversion between different types of data) and deep dive into more advanced topics like linqs or selectors, recap how to work with datatables, from initialization to filtering and touch upon the subject of invoking code inside an UiPath project.
Certification preparation - Error Handling and Troubleshooting recap.pptxRohit Radhakrishnan
The Error Handling and Troubleshooting session focuses on the understanding of system and business exceptions and on how to use the error handling activities in UiPath Studio. We also discuss about debugging methods and logging best practices.
The Orchestrator Functions presentation offers a brief introduction and recap of the main UiPath Orchestrator features that are covered in the certification objectives. It focuses on understanding the general components and working with assets, queues and triggers.
As testers, we know that we can define many more test cases than we will ever have time to design, execute, and report. The key problem in testing is choosing a small, “smart” subset from the almost infinite number of tests available that will find a large percentage of the defects. Join Lee Copeland to discover how to design test cases using formal black-box techniques, including equivalence class testing, boundary value testing, decision tables, and state-transition diagrams. Explore examples of each of these techniques in action. Don’t just pick test cases at random. Rather, learn to selectively choose a set of test cases that maximizes your effectiveness and efficiency to find more defects in less time. Then, learn how to use the test results to evaluate the quality of both your products and your testing. Discover the test design techniques that will make your testing more productive.
This is a presentation given at https://toracle2021.github.io
Security testing verifies that the data and the re- sources of software systems are protected from attackers. Unfor- tunately, it suffers from the oracle problem, which refers to the challenge, given an input for a system, of distinguishing correct from incorrect behavior. In many situations where potential vulnerabilities are tested, a test oracle may not exist, or it might be impractical due to the many inputs for which specific oracles have to be defined.
In this paper, we propose a metamorphic testing approach that alleviates the oracle problem in security testing. It enables engineers to specify metamorphic relations (MRs) that capture security properties of the system. Such MRs are then used to automate testing and detect vulnerabilities.
We provide a catalog of 22 system-agnostic MRs to automate security testing in Web systems. Our approach targets 39% of the OWASP security testing activities not automated by state- of-the-art techniques. It automatically detected 10 out of 12 vulnerabilities affecting two widely used systems, one commercial and the other open source (Jenkins).
Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings.
Обсуждаем мягкие (ПО) тенденции на секции №9 на конгрессе "Подмосковные вечер...Michael Kozloff
В секции №9 мы намерены обсудить мягкие ИТ-тенденции (корпоративное ПО). Возьмем за основу прогноз Gartner и сравним его с мнением наших экспертов.
Главная тенденция в ИТ сегодня состоит в том, что ПО начинает править миром . Об этом, в частности, свидетельствуют недавние события с HP и Google.
Самые быстрорастущие компании в мире строят свой бизнес целиком или во многом на ПО. Проблемы с ПО приводят к остановке ядерной программы Ирана. Фотоиндустрия за какие-то 10-12 лет стала полностью зависимой от ПО...
Мы опросим наших экспертов и построим свой собственный сводный рейтинг Топ 5 тенденций в мире российского корпоративного ПО, сравнив его с глобальным прогнозом Gartner
As testers, we know that we can define many more test cases than we will ever have time to design, execute, and report. The key problem in testing is choosing a small, “smart” subset from the almost infinite number of tests available that will find a large percentage of the defects. Join Lee Copeland to discover how to design test cases using formal black-box techniques, including equivalence class testing, boundary value testing, decision tables, and state-transition diagrams. Explore examples of each of these techniques in action. Don’t just pick test cases at random. Rather, learn to selectively choose a set of test cases that maximizes your effectiveness and efficiency to find more defects in less time. Then, learn how to use the test results to evaluate the quality of both your products and your testing. Discover the test design techniques that will make your testing more productive.
This is a presentation given at https://toracle2021.github.io
Security testing verifies that the data and the re- sources of software systems are protected from attackers. Unfor- tunately, it suffers from the oracle problem, which refers to the challenge, given an input for a system, of distinguishing correct from incorrect behavior. In many situations where potential vulnerabilities are tested, a test oracle may not exist, or it might be impractical due to the many inputs for which specific oracles have to be defined.
In this paper, we propose a metamorphic testing approach that alleviates the oracle problem in security testing. It enables engineers to specify metamorphic relations (MRs) that capture security properties of the system. Such MRs are then used to automate testing and detect vulnerabilities.
We provide a catalog of 22 system-agnostic MRs to automate security testing in Web systems. Our approach targets 39% of the OWASP security testing activities not automated by state- of-the-art techniques. It automatically detected 10 out of 12 vulnerabilities affecting two widely used systems, one commercial and the other open source (Jenkins).
Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings.
Обсуждаем мягкие (ПО) тенденции на секции №9 на конгрессе "Подмосковные вечер...Michael Kozloff
В секции №9 мы намерены обсудить мягкие ИТ-тенденции (корпоративное ПО). Возьмем за основу прогноз Gartner и сравним его с мнением наших экспертов.
Главная тенденция в ИТ сегодня состоит в том, что ПО начинает править миром . Об этом, в частности, свидетельствуют недавние события с HP и Google.
Самые быстрорастущие компании в мире строят свой бизнес целиком или во многом на ПО. Проблемы с ПО приводят к остановке ядерной программы Ирана. Фотоиндустрия за какие-то 10-12 лет стала полностью зависимой от ПО...
Мы опросим наших экспертов и построим свой собственный сводный рейтинг Топ 5 тенденций в мире российского корпоративного ПО, сравнив его с глобальным прогнозом Gartner
ComunicaCity è una mobile app per smartphone e tablet che permette agli enti pubblici e alle pubbliche amministrazioni (comuni, provincie, regioni, forze dell’ordine, ministeri, comunità) di inviare al cittadino e alle imprese news, segnalazioni, allerte, aggiornamenti, comunicati, il tutto in tempo reale e in maniera semplice e veloce. All’interno dell’app ci sono inoltre sezioni ad hoc per la raccolta differenziata, per il turismo, info utili, ecc. L’aspetto più innovativo e unico di ComunicaCity è la possibilità, per l’utente, di seguire tutti gli enti che desidera, in una sola app. La ricchezza di funzionalità e informazioni di ComunicaCity la rende veramente appetibile per tutti i cittadini e le imprese.
Il servizio prevede un canone annuale per gli enti variabile in base al numero di abitant, mentre è gratuita per gli utenti finali.
Abbiamo già una partnership con ANCI (Associazione Nazionale dei Comuni Italiani) Lazio e stiamo formalizzando altre partnership con forze di polizia ed enti della pubblica amministrazione centrale, che utilizzeranno il sistema come mezzi di informazione e sensibilizzazione al cittadino.
Innovation Webinar Boost your business with enterprise appsIFS
While most of us use dozens of apps on our smartphones privately, professionally we tend to be happy with checking our e-mails and basic attachments. Enterprise apps for smartphones have great potential to increase efficiency, boost service levels, and engage employees. In this webinar we will introduce and demonstrate IFS Touch Apps—enterprise apps for iPhone and Android. Join us to find out how our unique cloud-based approach makes deployment and roll-out of enterprise apps quick and easy.
Бизнес-кейс: методы оценки возврата на инвестиции в технологии виртуальных ПКMichael Kozloff
Современные тенденции в развитии технологий виртуализации и пример расчета эффективности от внедрения виртуальных ПК (virtual desktop virtualization, VDI)
This is a PPT presentation that I made for my Social History of Mexico class at the Universidad Mexicana. This is an example of the kind of work that I can made using an script previously marked as "itinerary" of the class
Software testing is the act of examining the artifacts and the behavior of the software under test by validation and verification. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software implementation
AUTOCODECOVERGEN: PROTOTYPE OF DATA DRIVEN UNIT TEST GENRATION TOOL THAT GUAR...acijjournal
Unit testing has become an integral part of software development process as it ensures all your individual
functions behave in a way they should behave. Obtaining 100% code coverage out of unit test suit is
essential to ensure that all code paths are covered. This paper proposes a tool AutoCodeCoverGen that guarantees 100% code coverage. It also discusses the core idea behind tool and evolution of the tool Also, it shows how the tool differs from existing tools and what benefits it reaps for its users.
This workshop is about testing the right way. Get a clear view on how to test your code in an efficient and useful way!
This first testing-related workshop is about all aspects of unit testing. Integration testing and TDD will have their own dedicated workshops.
Unit tests give developers and testers a quick way to look for logic errors in the methods of classes in Visual C#, Visual Basic, and Visual C++ projects. A unit test can be created one time and run every time that source code is changed to make sure that no bugs are introduced.
30 February 2005 QUEUE rants [email protected] DARNEDTestin.docxtamicawaysmith
30 February 2005 QUEUE rants: [email protected] DARNEDTesting large systems is a daunting task, but there are steps we can take to ease the pain.
T
he increasing size and complexity of software, coupled with concurrency and dis-
tributed systems, has made apparent the ineffectiveness of using only handcrafted
tests. The misuse of code coverage and avoidance of random testing has exacer-
bated the problem. We must start again, beginning with good design (including
dependency analysis), good static checking (including model property checking), and
good unit testing (including good input selection). Code coverage can help select and
prioritize tests to make you more effi cient, as can the all-pairs technique for controlling
the number of confi gurations. Finally, testers can use models to generate test coverage
and good stochastic tests, and to act as test oracles.
HANDCRAFTED TESTS OUTPACED BY HARDWARE AND SOFTWARE
Hardware advances have followed Moore’s law for years, giving the capability for run-
ning ever-more complex software on the same cost platform. Developers have taken
advantage of this by raising their level of abstraction from assembly to fi rst-generation
compiled languages to managed code such as C# and Java, and rapid application devel-
opment environments such as Visual Basic. Although the number of lines of code per
day per programmer appears to remain relatively fi xed, the power of each line of code
has increased, allowing complex systems to be built. Moore’s law provides double the
computing power every 18 months and software code size tends to double every seven
years, but software testing does not appear to be keeping pace.
QUEUE February 2005 31 more queue: www.acmqueue.comBIGBIGBIGTO TESTTOO DARNED
Quality
AssuranceFO
C
U
S
KEITH STOBIE, MICROSOFT
32 February 2005 QUEUE rants: [email protected]
Unfortunately, the increased power has not, in gen-
eral, made testing easier. While in a few cases the more
powerful hardware means we can do more complete test-
ing, in general the testing problem is getting worse. You
can test square root for all the 32-bit values in a reason-
able time,1,2 but we are now moving to 64-bit machines
with 64-bit values (and even longer for fl oating point).
Assuming a nanosecond per test case, it would take 584
years to test all the values. Sure, you could scale to, say,
1,000 processors, but you would still need six months for
just this one test case.
Two other issues of complexity to consider are: the
number of different execution states software can go
through, and concurrency. User interfaces were originally
very rigid, letting users progress through a single fi xed
set of operations—for example, a single set of hierarchi-
cal menus and prompts. Now, good user design is event
driven with the user in control of the sequence of actions.
Further, many actions can be accomplished in multiple
manners (e.g., closing a window via the menu [File/
Close] ...
Unit Test Virtualization: Optimizing Testing Timejon_bell
Testing large software packages can become very time intensive. To address this problem, researchers have investigated techniques such as Test Suite Minimization. Test Suite Minimization reduces the number of tests in a suite by removing tests that appear redundant, at the risk of a reduction in fault-finding ability since it can be difficult to identify which tests are truly redundant. We take a completely different approach to solving the same problem of long running test suites by instead reducing the time needed to execute each test, an approach that we call Unit Test Virtualization. With Unit Test Virtualization, we reduce the overhead of isolating each unit test with a lightweight virtualization container. We describe the empirical analysis that grounds our approach and provide an implementation of Unit Test Virtualization targeting Java applications. We evaluated our implementation, VMVM, using 20 real-world Java applications and found that it reduces test suite execution time by up to 97% (on average, 62%) when compared to traditional unit test execution. We also compared VMVM to a well known Test Suite Minimization technique, finding the reduction provided by VMVM to be four times greater, while still executing every test with no loss of fault-finding ability.
Can ML help software developers? (TEQnation 2022)Maurício Aniche
We all have heard of the amazing things Machine Learning can do. It can drive cars, it can detect whether people are using safe equipments, it can play games. But... can it help software developers in, say, find bugs or refactor code?
In this talk, I'll go through the different research projects I was involved in the area. I'll show that machine learning models can, in fact, learn a lot about how we develop software, and recommend interesting things to developers. In particular, I'll talk about models that recommend refactoring (done together with ING), models that find bugs and models that recommend which methods to log (both done together with Adyen).
You don't need to be an expert in machine learning to follow this talk.
Software Testing with Caipirinhas and StroopwafelsMaurício Aniche
In this presentation, I talk about different ways of testing your software that go beyond testing. Log analytics and DevOps, static analysis tools, automated test generation, mistakes in web API integration, and challenges in software testing education.
I gave this talk to several Brazilian companies in December/2017.
Proposta: Métricas e Heurísticas para Detecção de Problemas em Aplicações WebMaurício Aniche
Proposta de pesquisa apresentada no encontro do NAPSoL em São Carlos, 2014: Proposta: Métricas e Heurísticas para Detecção de Problemas em Aplicações Web
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
How world-class product teams are winning in the AI era by CEO and Founder, P...
What Do the Asserts in a Unit Test Tell Us About Code Quality? (CSMR2013)
1. IME-USP
What Do the
Asserts in a Unit
Test Tell us About
Code Quality?
Mauricio Aniche
Gustavo Oliva
Marco Gerosa
University of São Paulo (USP)
2. Unit Tests and Code Quality
Great synergy between a testable class
and a well-designed class (Feathers, 2012)
The write of unit tests can become
complex as the interactions between
software components grow out of control
(McGregor, 2001)
Agile practitioners state that unit tests are
a way to validate and improve class
design (Beck et al, 2001)
3. Unit Tests and Asserts
Every unit test contains three parts
Set up the scenario
Invoke the behavior under test
Validates the expected output
Assert instructions
assertEquals (expected, calculated);
assertTrue(), assertFalse(), and so on
No limits for the number of asserts per test
4. A little piece of code
class InvoiceTest {
@Test
public void shouldCalculateTaxes() {
// (i) setting up the scenario
Invoice inv = new Invoice(5000.0);
// (ii) invoking the behavior
double tax = inv.calculateTaxes();
// (iii) validating the output
assertEquals (5000 ∗ 0.06 , tax );
}
}
5. Why would…
… a test contain more than one assert?
Is it a smell of bad code/design?
6. Research Design
We selected 22 projects
19 from ASF
3 from a Brazilian consultancy
Data extraction from all projects
Code metrics
Statistical
Test
Qualitative Analysis
7. Hypotheses
H1: Code tested by only one assert does not
present lower cyclomatic complexity than
code tested by more than one assert
H2: Code tested by only one assert does not
present fewer lines of code than code tested
by more than one assert
H3: Code tested by only one assert does not
present lower quantity of method invocations
than code tested by more than one assert
8. Data Extraction
Test code
Number of asserts per test
Production method being tested
Production code
Cyclomatic Complexity (McCabe, 1976)
Number of method invocations (Li and
Henry, 1993)
Lines of Code
9. Heuristic to Extract the
Production Method
class InvoiceTest { class Invoice {
@Test public double calculateTaxes()
{
public void shouldCalculateTaxes() {
// something…
// (i) setting up the scenario
}
Invoice inv = new Invoice(5000.0);
}
// (ii) invoking the behavior
double tax = inv.calculateTaxes();
// (iii) validating the output
assertEquals (5000 ∗ 0.06 , tax );
}
}
10. Selected Projects
Pre-selected all 213 projects from Apache
Eliminated those because of:
Minimum test ratio (unit tests / production
methods >= 0.2)
Success in production method detection
algorithm (higher than 50% in all unit tests
that contain more than 1 assert)
15. Why more than 1 assert?
130tests randomly selected
Qualitative analysis:
More than one assert for the same object
(40.4%)
Different inputs to the same method (38.9%)
List/Array (9.9%)
Others (6.8%)
Extra assert to check if object is not null (3.8%)
16. “Asserted Objects”
We coined the term “asserted objects”
It counts not the number of asserts in a unit
test, but the number of different instances
of objects that are being asserted
assertEquals(10, obj.getA());
assertEquals(20, obj.getB());
Counts as 1 “asserted object”
20. Findings
Counting the number of asserts in a unit test
does not give valuable feedback about
code quality
But counting the number of asserted objects
may provide useful information
However, the difference between both groups
was not “big”
A possible explanation:
Methods that contain higher CC, lines of code,
and method invocations contains many
different paths, and developers prefer to write
all of it in a single unit test, rather than splitting in
many of them
21. Threats to Validity
Many unit tests variations that are not
supported by our tool
The production method detection
algorithm
Before/After methods
The projects’ filtering process
Integration and system tests
22. Related Work
Mostsimilar to our work: Bruntink and van
Deursen (2006).
Significant correlation between class
metrics (fan out, size of a class, response for
a class) and test metrics (size of the class,
number of asserts).
23. Conclusions
The
number of asserts does not tell us
anything about the production code
quality
But the number of asserted objects does.
“More than one asserted object per test”
smell
Theneed of replicating the study with a
larger amount of industry projects
24. Contact Information
Mauricio Aniche
aniche@ime.usp.br / @mauricioaniche
Gustavo Oliva
goliva@ime.usp.br / @golivax
Marco Gerosa
gerosa@ime.usp.br
Software Engineering & Collaborative Systems
Research Lab (LAPESSC)
http://lapessc.ime.usp.br/
Editor's Notes
É importante dizer o porquê da escolha desse teste estatístico