This document discusses how to be a better code reviewer. It begins by defining code review and describing different types of code review like formal inspections, pull requests, and pair programming. It then provides general rules for code reviewing like managing time, providing quick feedback, and making it about improving code not blaming authors. The document outlines areas a reviewer should focus on like best practices, architecture, security, and performance. It concludes by presenting tools that can help with code review and automation.
The document discusses continuous integration and deployment practices. It begins by describing environments like local, development, test, and production. It then discusses manual deployment processes and the teams involved, including developers, DBAs, sysadmins, and QA. The presentation advocates automating deployments through pipelines that build, run metrics and tests, package, and deploy code. It emphasizes making the code environment-agnostic and managing dependencies. Overall, the document promotes practices for continuous integration and deployment that help software work reliably through faster feedback and deployment.
The Blameless Cloud: Bringing Actionable Retrospectives to SalesforceJ. Paul Reed
DevOps Enterprise Summit 2015 presentation with Kevina Finn-Braun, Director of SRE Management at Salesforce: this is the story of my months-long journey with Kevina and her team to identify the specifics of what made reliability retrospectives difficult to have, why actionable takeaways were often lacking, and how the feedback loops within the company’s operations organization weren’t serving Salesforce’s needs.
We then ran a series of experiments together, putting the SRE team on a road to improving their ability to respond, react, remediate, and reincorporate learnings from failure into the organization.
Achieving Technical Excellence in Your Software Teams - from Devternity Peter Gfader
Our industry has a problem: We are not lacking software methodologies, programming languages, tools or frameworks but we need great software engineers.
Great software engineer teams build quality-in and deliver great software on a regular basis. The technical excellence of those engineers will help you escape the "Waterfall sandwich" and make your organization a little more agile, from the inception of an idea till they go live.
I will talk about my experiences from the last 15 years, including small software delivery teams until big financial institutions.
Why would a company like to be "agile"?
How can a company achieve that?
How can you achieve Technical Excellence in your software teams?
What developer skills are more important than languages, methods or frameworks?
This will be an interactive session with a Q&A at the end.
In graph we trust: Microservices, GraphQL and security challengesMohammed A. Imran
In graph we trust: Microservices, GraphQL and security challenges - Mohammed A. Imran
Microservices, RESTful and API-first architectures are rage these days and rightfully so, they solve some of the challenges of modern application development. Microservices enable organisations in shipping code to production faster and is accomplished by dividing big monolithic applications into smaller but specialised applications. Though they provide great benefits, they are difficult to debug and secure in complex environments (different API versions, multiple API calls and frontend/backend gaps etc.,). GraphQL provides a powerful way to solve some of these challenges but with great power, comes great responsibility. GraphQL reduces the attack surface drastically(thanks to LangSec) but there are still many things which can go wrong.
This talk will cover the risks associated with GraphQL, challenges and solutions, which help in implementing Secure GraphQL based APIs. We will start off with introduction to GraphQL and its benefits. We then discuss the difficulty in securing these applications and why traditional security scanners don’t work with them. At last, we will cover solutions which help in securing these API by shifting left in DevOps pipeline.
We will cover the following as part of this presentation:
GraphQL use cases and how unicorns use them
Benefits and security challenges with GraphQL
Authentication and Authorisation
Resource exhaustion
Backend complexities with microservices
Need for tweaking conventional DevSecOps tools for security assurance
Security solutions which works with GraphQL
Behat is widely used as part of a Behaviour Driven Development lifecycle, but it's also widely misused. In this talk Ciaran will explain BDD, and show the best practices for using Behat including: writing good scenarios, driving service development from scenarios, and fast UI testing, using Behat and the Symfony2Extension.
API Platform and Symfony: a Framework for API-driven ProjectsLes-Tilleuls.coop
API Platform is a framework for building API-driven projects that provides out-of-the-box features like JSON-LD and Hydra formats, OpenAPI documentation, data validation, HTTP caching, and more. It uses Symfony components and Doctrine ORM and allows creating an API from existing entity classes with annotations. The framework includes tools for building admin interfaces, generating React clients, and deploying APIs to Kubernetes.
Webpack Encore Symfony Live 2017 San FranciscoRyan Weaver
Ready to write an amazing front-end for your app? There are *so* many great tools, like React, Vue.js, module loaders, Sass, LESS, PostCSS and more. But, they all have one thing in common: you need to configure a *build* system before you write a single line of code! Thankfully, there's Webpack: the leading tool for processing & bundling your JavaScript and CSS. There's just one problem: configuring Webpack is tough and requires a lot of Webpack-specific knowledge. Say hello to Webpack Encore: a library built by Symfony to quickly bootstrap a sophisticated asset setup, complete with minification, SASS processing, automatic versioning, Babel support and *everything* you need to start writing great JavaScript quickly. In this talk, we'll also learn about using JavaScript modules, how to bootstrap a framework (like React) and other important modern practices. Give your assets a huge boost with Webpack Encore!
A Journey from Hexagonal Architecture to Event Sourcing - SymfonyCon Cluj 2017Carlos Buenosvinos
1) The document describes the evolution of an architecture from a "Spaghetti Architecture" to using Event Sourcing and CQRS. It outlines a maturity model with 6 levels: from Spaghetti to Hexagonal to adding Domain Events to using CQRS as a stepping stone to full Event Sourcing and CQRS.
2) As the architecture evolved through each level, it improved separation of concerns, testability, and addressed new issues like complexity and performance. Domain Events were added to help decompose tasks and sync events. CQRS was introduced to improve performance of read models.
3) Fully implementing Event Sourcing would involve entities being reconstituted from stored events rather than loaded from a
The document discusses continuous integration and deployment practices. It begins by describing environments like local, development, test, and production. It then discusses manual deployment processes and the teams involved, including developers, DBAs, sysadmins, and QA. The presentation advocates automating deployments through pipelines that build, run metrics and tests, package, and deploy code. It emphasizes making the code environment-agnostic and managing dependencies. Overall, the document promotes practices for continuous integration and deployment that help software work reliably through faster feedback and deployment.
The Blameless Cloud: Bringing Actionable Retrospectives to SalesforceJ. Paul Reed
DevOps Enterprise Summit 2015 presentation with Kevina Finn-Braun, Director of SRE Management at Salesforce: this is the story of my months-long journey with Kevina and her team to identify the specifics of what made reliability retrospectives difficult to have, why actionable takeaways were often lacking, and how the feedback loops within the company’s operations organization weren’t serving Salesforce’s needs.
We then ran a series of experiments together, putting the SRE team on a road to improving their ability to respond, react, remediate, and reincorporate learnings from failure into the organization.
Achieving Technical Excellence in Your Software Teams - from Devternity Peter Gfader
Our industry has a problem: We are not lacking software methodologies, programming languages, tools or frameworks but we need great software engineers.
Great software engineer teams build quality-in and deliver great software on a regular basis. The technical excellence of those engineers will help you escape the "Waterfall sandwich" and make your organization a little more agile, from the inception of an idea till they go live.
I will talk about my experiences from the last 15 years, including small software delivery teams until big financial institutions.
Why would a company like to be "agile"?
How can a company achieve that?
How can you achieve Technical Excellence in your software teams?
What developer skills are more important than languages, methods or frameworks?
This will be an interactive session with a Q&A at the end.
In graph we trust: Microservices, GraphQL and security challengesMohammed A. Imran
In graph we trust: Microservices, GraphQL and security challenges - Mohammed A. Imran
Microservices, RESTful and API-first architectures are rage these days and rightfully so, they solve some of the challenges of modern application development. Microservices enable organisations in shipping code to production faster and is accomplished by dividing big monolithic applications into smaller but specialised applications. Though they provide great benefits, they are difficult to debug and secure in complex environments (different API versions, multiple API calls and frontend/backend gaps etc.,). GraphQL provides a powerful way to solve some of these challenges but with great power, comes great responsibility. GraphQL reduces the attack surface drastically(thanks to LangSec) but there are still many things which can go wrong.
This talk will cover the risks associated with GraphQL, challenges and solutions, which help in implementing Secure GraphQL based APIs. We will start off with introduction to GraphQL and its benefits. We then discuss the difficulty in securing these applications and why traditional security scanners don’t work with them. At last, we will cover solutions which help in securing these API by shifting left in DevOps pipeline.
We will cover the following as part of this presentation:
GraphQL use cases and how unicorns use them
Benefits and security challenges with GraphQL
Authentication and Authorisation
Resource exhaustion
Backend complexities with microservices
Need for tweaking conventional DevSecOps tools for security assurance
Security solutions which works with GraphQL
Behat is widely used as part of a Behaviour Driven Development lifecycle, but it's also widely misused. In this talk Ciaran will explain BDD, and show the best practices for using Behat including: writing good scenarios, driving service development from scenarios, and fast UI testing, using Behat and the Symfony2Extension.
API Platform and Symfony: a Framework for API-driven ProjectsLes-Tilleuls.coop
API Platform is a framework for building API-driven projects that provides out-of-the-box features like JSON-LD and Hydra formats, OpenAPI documentation, data validation, HTTP caching, and more. It uses Symfony components and Doctrine ORM and allows creating an API from existing entity classes with annotations. The framework includes tools for building admin interfaces, generating React clients, and deploying APIs to Kubernetes.
Webpack Encore Symfony Live 2017 San FranciscoRyan Weaver
Ready to write an amazing front-end for your app? There are *so* many great tools, like React, Vue.js, module loaders, Sass, LESS, PostCSS and more. But, they all have one thing in common: you need to configure a *build* system before you write a single line of code! Thankfully, there's Webpack: the leading tool for processing & bundling your JavaScript and CSS. There's just one problem: configuring Webpack is tough and requires a lot of Webpack-specific knowledge. Say hello to Webpack Encore: a library built by Symfony to quickly bootstrap a sophisticated asset setup, complete with minification, SASS processing, automatic versioning, Babel support and *everything* you need to start writing great JavaScript quickly. In this talk, we'll also learn about using JavaScript modules, how to bootstrap a framework (like React) and other important modern practices. Give your assets a huge boost with Webpack Encore!
A Journey from Hexagonal Architecture to Event Sourcing - SymfonyCon Cluj 2017Carlos Buenosvinos
1) The document describes the evolution of an architecture from a "Spaghetti Architecture" to using Event Sourcing and CQRS. It outlines a maturity model with 6 levels: from Spaghetti to Hexagonal to adding Domain Events to using CQRS as a stepping stone to full Event Sourcing and CQRS.
2) As the architecture evolved through each level, it improved separation of concerns, testability, and addressed new issues like complexity and performance. Domain Events were added to help decompose tasks and sync events. CQRS was introduced to improve performance of read models.
3) Fully implementing Event Sourcing would involve entities being reconstituted from stored events rather than loaded from a
Is your code secure? Do you know what are the practices in secure code review? In this talk you will see the important aspects of the various controls to build a reference when conducting secure code reviews in PHP.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
If it works doesn’t imply it’s good. Improving the internal structure of a project is important for many reasons. Refactor also means simplify the debug processes, tuning up performances and make the code readable to avoid a gradual spaghetti project failure. This talk shows some important bad code smells, how to assign priorities, tools useful in refactoring and code quality.
Work with Developers for Fun and Progress - AppSec Californialeifdreizler
- The document discusses building an effective security team and program. It recommends getting organizational buy-in, building a team through involvement in meetups and open source contributions, and shifting security left through training developers in secure coding practices like code reviews that focus on common vulnerabilities. It also emphasizes the importance of successful vendor adoption through integration and embedding security engineers with development teams.
This document discusses refactoring code. It defines refactoring as restructuring existing code without changing external behavior. Reasons for refactoring include improving code quality by making it easier to understand, edit and maintain. The document provides tips for refactoring at the function/method, class/object and application/design levels, and identifies common issues to address like long methods, duplicate code, poor naming, complex conditionals and more. It also recommends tools to assist with refactoring like PHPCS, PHPUnit, PHPMD and SED.
Ultimate Free Digital Marketing Toolkit #EdgeBristol 2012Steve Lock
The document presents over 65 free digital marketing tools and resources. It provides information on each tool, including its purpose and website. The tools cover areas like SEO, keyword research, link building, social media, productivity, and more. Screenshots are included for many of the tools.
2016 Innovation Roundtable Keynote by Michael SkokMichael Skok
Michael Skok, Co-Founder and Partner of Underscore.VC was invited to give the keynote presentation at the 2016 Innovation Roundtable Summit in Copenhagen.
The Ultimate Free Digital Marketing ToolkitSteve Lock
A presentation at Digital Marketing London in July 2012. The talk is based on a cut down version of a full free eBook available at www.analyticsseo.com.
A comprehensive guide of the best free digital marketing tools including learning materials, browser extensions, tutorials to build agile tools in Excel and Google Docs, browser extensions, bookmarklets, link building, backlink analysis, social media, productivity tools and much more!
Bug bounty programs have existed since the 1990s but have grown significantly in recent years. The document summarizes highlights from 2014 reports of major companies' bug bounty programs including Google, Facebook, Microsoft, Github, and Tesla. It also discusses reasons for organizations to start bounty programs, tips for reducing noise, and trends in bug bounty research like researcher demographics.
Some believe that DevOps is only applicable to Internet-based companies with a desire to disrupt existing businesses. On the contrary, DevOps practices can dramatically reduce many everyday IT problems—defects, incidents, waste, bottlenecks, downtime, and infrastructure fragility. Sherry Chang dives into these problem areas and outlines the DevOps tools, practices, culture, and other artifacts necessary to eradicate them. She shares practical tips and hard-learned lessons from Intel IT to arm you with the knowledge and tools you need for DevOps adoption. You and your IT operations partners can help your organization gain competitive advantages by simultaneously increasing quality, efficiency, and innovation velocity. With the ever increasing adoption of DevOps, potential risks exist for the disruption of traditional companies and organizations with outdated practices. Join Sherry to learn how to be the disruptor—rather than the disrupted—and explore the baby steps you need to take to start your DevOps adoption journey today.
Are you struggling with delivering a potentially releasable working product every iteration? Ever wonder what one of biggest reasons we have difficulty getting things done at the individual, team and organizational level are? Do you keep doing something even though you know it reduces your productivity and lowers quality? We are going to run an exercise that highlights one of the major culprits that you have all experienced and continue to experience. The exercise will likely ignite a little fire that will help you become more productive and improve the quality of your work. We will also discuss ways to improve this at the individual, team and organization levels.
Knowing this will help anyone to understand the consequences of not prioritizing and increase their desire to. This will lead to producing faster, higher quality products that should lead to delighted customers.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
Никита Галкин "Technical backlog: инструкция к применению"Fwdays
Дилемма “новые фичи быстро VS технический долг” известна всем. Одним из инструментов её решения является ведение технического бэклога. В ходе доклада мы поговорим:
что такое технический бэклог;
чем и как его наполнять;
как “продавать” элементы технического бэклога заказчику и команде;
и, конечно, как проводить демо элементов техбэклога.
Содержимое доклада будет интересно, всем членам команды. Результатом применение идей и инструментов из доклада станут улучшение эстимейтов, налаженность технических процессов и управляемость техническим долгом.
Webhooks with Azure Functions - Live 360 ConferenceSparkPost
Azure Functions make it easy to create and host webhook interfaces without maintaining a server. You can quickly setup an endpoint to receive data and act on it. Being able to ingest, process, and respond to data from a variety of sources without building out an infrastructure gives you time to focus on building functionality.
In this presentation, Nick Zimmerman, Sr. Site Reliability Engineer at SparkPost, will show you how to setup an Azure Function, accept webhook data, process that data with C#, and integrate that data into an application in real time.
Fuel Good 2018: Upgrades Made Easy: The Canadian Museum of HistorySparkrock
The Canadian Museum of History upgraded their NAV and SharePoint systems without major issues by carefully planning and testing the project. They designed a new technical infrastructure, trained users, and conducted multiple cycles of user acceptance testing and remediation over several months. While there were inevitable bugs found during testing, taking the time for thorough preparation and testing helped ensure the upgrades went live smoothly without significant problems.
The document discusses war stories and lessons learned from different stages of building systems on Amazon Web Services (AWS), including system design, system beta testing, system rollout, and achieving world domination. It provides tips to avoid casualties, collateral damage, and being outflanked at each stage. This includes properly structuring access on AWS, using monitoring, ensuring security, and planning for scalability, obsolescence and eventual transition away from AWS. The goal is to help companies navigate AWS to achieve inevitable, overwhelming and complete success in their systems and business.
Taking Your Product Development to the Next Level with Full StackOptimizely
Optimizely Full Stack helps product development teams experiment deep into their stack to create exceptional customer experiences on everything from search results and promos to recommendations and payment structures. In this session, Jamie Connolly, Senior Product Manager on Developer Experience will talk about the latest enhancements to Full Stack to drive compatibility, usability, and performance.
DevOpsDays Baltimore 2017.
Product owners are under pressure from Marketing and Leadership to focus on features, while operability (availability, performance, monitoring, etc) are an afterthought to be bolted on later. Deployments fail, customers complain, and work isn't fun. How can DevOps reach out to Product?
People from a "Product background" often have zero technical experience, but find themselves needing to dictate the deliverables. Product owners are under great pressure from Marketing and Leadership to focus on "features" from a customer perspective; the so-called "non-functional requirements" often fall by the wayside. Operability - monitorabilty, recoverability, availability, performance, among other aspects - is difficult to bake into an application that was developed without such consideration.
This talk will present practical approaches to bridge-building between Ops and Product. Focusing especially on cross-functional Agile teams with leadership with little or no Ops background, we will explore whether "planning the work will result in the planned work being the work that is done." When working with a mixed team, doing development, deployment, incident response, and everything in support of that, such plans go off the rails. Methods of championing Ops needs while avoiding "the sky is falling" perceptions will be presented. What kinds of unplanned work exist? Are there steps we can take to convert unplanned work into planned work? How does work flow through the team? How does unplanned work disrupt the flow?
Is your code secure? Do you know what are the practices in secure code review? In this talk you will see the important aspects of the various controls to build a reference when conducting secure code reviews in PHP.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
If it works doesn’t imply it’s good. Improving the internal structure of a project is important for many reasons. Refactor also means simplify the debug processes, tuning up performances and make the code readable to avoid a gradual spaghetti project failure. This talk shows some important bad code smells, how to assign priorities, tools useful in refactoring and code quality.
Work with Developers for Fun and Progress - AppSec Californialeifdreizler
- The document discusses building an effective security team and program. It recommends getting organizational buy-in, building a team through involvement in meetups and open source contributions, and shifting security left through training developers in secure coding practices like code reviews that focus on common vulnerabilities. It also emphasizes the importance of successful vendor adoption through integration and embedding security engineers with development teams.
This document discusses refactoring code. It defines refactoring as restructuring existing code without changing external behavior. Reasons for refactoring include improving code quality by making it easier to understand, edit and maintain. The document provides tips for refactoring at the function/method, class/object and application/design levels, and identifies common issues to address like long methods, duplicate code, poor naming, complex conditionals and more. It also recommends tools to assist with refactoring like PHPCS, PHPUnit, PHPMD and SED.
Ultimate Free Digital Marketing Toolkit #EdgeBristol 2012Steve Lock
The document presents over 65 free digital marketing tools and resources. It provides information on each tool, including its purpose and website. The tools cover areas like SEO, keyword research, link building, social media, productivity, and more. Screenshots are included for many of the tools.
2016 Innovation Roundtable Keynote by Michael SkokMichael Skok
Michael Skok, Co-Founder and Partner of Underscore.VC was invited to give the keynote presentation at the 2016 Innovation Roundtable Summit in Copenhagen.
The Ultimate Free Digital Marketing ToolkitSteve Lock
A presentation at Digital Marketing London in July 2012. The talk is based on a cut down version of a full free eBook available at www.analyticsseo.com.
A comprehensive guide of the best free digital marketing tools including learning materials, browser extensions, tutorials to build agile tools in Excel and Google Docs, browser extensions, bookmarklets, link building, backlink analysis, social media, productivity tools and much more!
Bug bounty programs have existed since the 1990s but have grown significantly in recent years. The document summarizes highlights from 2014 reports of major companies' bug bounty programs including Google, Facebook, Microsoft, Github, and Tesla. It also discusses reasons for organizations to start bounty programs, tips for reducing noise, and trends in bug bounty research like researcher demographics.
Some believe that DevOps is only applicable to Internet-based companies with a desire to disrupt existing businesses. On the contrary, DevOps practices can dramatically reduce many everyday IT problems—defects, incidents, waste, bottlenecks, downtime, and infrastructure fragility. Sherry Chang dives into these problem areas and outlines the DevOps tools, practices, culture, and other artifacts necessary to eradicate them. She shares practical tips and hard-learned lessons from Intel IT to arm you with the knowledge and tools you need for DevOps adoption. You and your IT operations partners can help your organization gain competitive advantages by simultaneously increasing quality, efficiency, and innovation velocity. With the ever increasing adoption of DevOps, potential risks exist for the disruption of traditional companies and organizations with outdated practices. Join Sherry to learn how to be the disruptor—rather than the disrupted—and explore the baby steps you need to take to start your DevOps adoption journey today.
Are you struggling with delivering a potentially releasable working product every iteration? Ever wonder what one of biggest reasons we have difficulty getting things done at the individual, team and organizational level are? Do you keep doing something even though you know it reduces your productivity and lowers quality? We are going to run an exercise that highlights one of the major culprits that you have all experienced and continue to experience. The exercise will likely ignite a little fire that will help you become more productive and improve the quality of your work. We will also discuss ways to improve this at the individual, team and organization levels.
Knowing this will help anyone to understand the consequences of not prioritizing and increase their desire to. This will lead to producing faster, higher quality products that should lead to delighted customers.
You want to improve your software skills. That’s a given. You may be a mentor or a manager who needs to improve the knowledge sharing among your software developers across different projects. Code Reviews can do just that while improving code quality in your projects. Code Review not only builds developer team spirit but also offers new ways to improve a software solution. You’ll walk away from this session with in-depth understanding of Code Review to strengthen your team.
Никита Галкин "Technical backlog: инструкция к применению"Fwdays
Дилемма “новые фичи быстро VS технический долг” известна всем. Одним из инструментов её решения является ведение технического бэклога. В ходе доклада мы поговорим:
что такое технический бэклог;
чем и как его наполнять;
как “продавать” элементы технического бэклога заказчику и команде;
и, конечно, как проводить демо элементов техбэклога.
Содержимое доклада будет интересно, всем членам команды. Результатом применение идей и инструментов из доклада станут улучшение эстимейтов, налаженность технических процессов и управляемость техническим долгом.
Webhooks with Azure Functions - Live 360 ConferenceSparkPost
Azure Functions make it easy to create and host webhook interfaces without maintaining a server. You can quickly setup an endpoint to receive data and act on it. Being able to ingest, process, and respond to data from a variety of sources without building out an infrastructure gives you time to focus on building functionality.
In this presentation, Nick Zimmerman, Sr. Site Reliability Engineer at SparkPost, will show you how to setup an Azure Function, accept webhook data, process that data with C#, and integrate that data into an application in real time.
Fuel Good 2018: Upgrades Made Easy: The Canadian Museum of HistorySparkrock
The Canadian Museum of History upgraded their NAV and SharePoint systems without major issues by carefully planning and testing the project. They designed a new technical infrastructure, trained users, and conducted multiple cycles of user acceptance testing and remediation over several months. While there were inevitable bugs found during testing, taking the time for thorough preparation and testing helped ensure the upgrades went live smoothly without significant problems.
The document discusses war stories and lessons learned from different stages of building systems on Amazon Web Services (AWS), including system design, system beta testing, system rollout, and achieving world domination. It provides tips to avoid casualties, collateral damage, and being outflanked at each stage. This includes properly structuring access on AWS, using monitoring, ensuring security, and planning for scalability, obsolescence and eventual transition away from AWS. The goal is to help companies navigate AWS to achieve inevitable, overwhelming and complete success in their systems and business.
Taking Your Product Development to the Next Level with Full StackOptimizely
Optimizely Full Stack helps product development teams experiment deep into their stack to create exceptional customer experiences on everything from search results and promos to recommendations and payment structures. In this session, Jamie Connolly, Senior Product Manager on Developer Experience will talk about the latest enhancements to Full Stack to drive compatibility, usability, and performance.
DevOpsDays Baltimore 2017.
Product owners are under pressure from Marketing and Leadership to focus on features, while operability (availability, performance, monitoring, etc) are an afterthought to be bolted on later. Deployments fail, customers complain, and work isn't fun. How can DevOps reach out to Product?
People from a "Product background" often have zero technical experience, but find themselves needing to dictate the deliverables. Product owners are under great pressure from Marketing and Leadership to focus on "features" from a customer perspective; the so-called "non-functional requirements" often fall by the wayside. Operability - monitorabilty, recoverability, availability, performance, among other aspects - is difficult to bake into an application that was developed without such consideration.
This talk will present practical approaches to bridge-building between Ops and Product. Focusing especially on cross-functional Agile teams with leadership with little or no Ops background, we will explore whether "planning the work will result in the planned work being the work that is done." When working with a mixed team, doing development, deployment, incident response, and everything in support of that, such plans go off the rails. Methods of championing Ops needs while avoiding "the sky is falling" perceptions will be presented. What kinds of unplanned work exist? Are there steps we can take to convert unplanned work into planned work? How does work flow through the team? How does unplanned work disrupt the flow?
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Consistent toolbox talks are critical for maintaining workplace safety, as they provide regular opportunities to address specific hazards and reinforce safe practices.
These brief, focused sessions ensure that safety is a continual conversation rather than a one-time event, which helps keep safety protocols fresh in employees' minds. Studies have shown that shorter, more frequent training sessions are more effective for retention and behavior change compared to longer, infrequent sessions.
Engaging workers regularly, toolbox talks promote a culture of safety, empower employees to voice concerns, and ultimately reduce the likelihood of accidents and injuries on site.
The traditional method of conducting safety talks with paper documents and lengthy meetings is not only time-consuming but also less effective. Manual tracking of attendance and compliance is prone to errors and inconsistencies, leading to gaps in safety communication and potential non-compliance with OSHA regulations. Switching to a digital solution like Safelyio offers significant advantages.
Safelyio automates the delivery and documentation of safety talks, ensuring consistency and accessibility. The microlearning approach breaks down complex safety protocols into manageable, bite-sized pieces, making it easier for employees to absorb and retain information.
This method minimizes disruptions to work schedules, eliminates the hassle of paperwork, and ensures that all safety communications are tracked and recorded accurately. Ultimately, using a digital platform like Safelyio enhances engagement, compliance, and overall safety performance on site. https://safelyio.com/
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...kalichargn70th171
In today's business landscape, digital integration is ubiquitous, demanding swift innovation as a necessity rather than a luxury. In a fiercely competitive market with heightened customer expectations, the timely launch of flawless digital products is crucial for both acquisition and retention—any delay risks ceding market share to competitors.
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Drona Infotech is a premier mobile app development company in Noida, providing cutting-edge solutions for businesses.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesQuickdice ERP
Explore the seamless transition to e-invoicing with this comprehensive guide tailored for Saudi Arabian businesses. Navigate the process effortlessly with step-by-step instructions designed to streamline implementation and enhance efficiency.
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
Using Query Store in Azure PostgreSQL to Understand Query PerformanceGrant Fritchey
Microsoft has added an excellent new extension in PostgreSQL on their Azure Platform. This session, presented at Posette 2024, covers what Query Store is and the types of information you can get out of it.
Malibou Pitch Deck For Its €3M Seed Roundsjcobrien
French start-up Malibou raised a €3 million Seed Round to develop its payroll and human resources
management platform for VSEs and SMEs. The financing round was led by investors Breega, Y Combinator, and FCVC.
Project Management: The Role of Project Dashboards.pdfKarya Keeper
Project management is a crucial aspect of any organization, ensuring that projects are completed efficiently and effectively. One of the key tools used in project management is the project dashboard, which provides a comprehensive view of project progress and performance. In this article, we will explore the role of project dashboards in project management, highlighting their key features and benefits.
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
6. Nicola Pietroluongo @niklongstone
“ Code review is systematic examination of
computer source code. It is intended to find
mistakes overlooked in the initial development
phase, improving the overall quality of team
and software.
-Wikipedia
17. Nicola Pietroluongo @niklongstone
Manage your time
Provide quick feedback
▪ Inspection rate 250 lines/hours
▪ Review 200-400 lines per review session
▪ Quick Feedback
18. Nicola Pietroluongo @niklongstone
Capture metrics
Define goals
▪ Lines Of Code
▪ Function Point
▪ Defect Density
▪ Risk Density
▪ Code Coverage
▪ Defect Detection Rate
▪ Defect Correction Rate
▪ Cyclomatic Complexity
19. Nicola Pietroluongo @niklongstone
Cyclomatic Complexity
Thomas J. McCabe, Sr. 1976
▪ E: Edges
▪ N: Nodes
▪ P: Number of exit points
(CC) = E - N + 2P
http://www.literateprogramming.com/mccabe.pdf
http://www.mccabe.com/pdf/More Complex Equals Less Secure-McCabe.pdf
A
B
C D
E
31. Nicola Pietroluongo @niklongstone
The checklist
What we will cover
▪ Best Practices
▪ Foundation
▪ Architecture
▪ Key Areas (Security, Logging, Performances)
34. Nicola Pietroluongo @niklongstone
Services
config
# Sf 2.8 app/config/services.yml
services:
# keep your service names short
app.slugger:
class: AppBundleUtilsSlugger
# Sf 3.3 app/config/services.yml
services:
# use the fully-qualified class name as the service id
AppBundleUtilsSlugger:
public: false
36. Nicola Pietroluongo @niklongstone
Controller as a
Service
class EventController
{
//...
public function __construct(
TemplatingEngine $templating
Router $router,
LoggerInterface $logger,
EventRepository $eventRepository
)
//...
public function indexAction($id)
{
//...
63. Nicola Pietroluongo @niklongstone
Sed
$ sed ':a; $!N; s/n/,/; ta'
:a creates a pattern
$!N appends lines to the pattern if not last line
s/n/,/ replaces new line with comma
ta repeat the a
64. Nicola Pietroluongo @niklongstone
Pull it together
*All in one line
./phpmd.phar
$(git diff --name-only --diff-filter=d master |
sed ':a; $!N; s/n/,/; ta')
text cleancode,codesize
I'd like to share a secret with you: I think code review is really boring that’s why I’ve created this talk. Before starting I have a little question for you Who likes code review? (show of hands)Who thinks that code review improves only software quality?
We will see during the course of this session why I asked this question.
most effective procedure to build clean and less complex web app
appname.location.servicename to avoid collisions. We will see more examples of how the target has been adjusted based on the community considerations, based on the real usage of the framework.
It’s a little bit like the bubble wrap story. Bubble wrap invented in the 1957 was at the beginning advertised as wallpaper. Can you imagine you put your hand on the wall and pick pock. Then when IBM launched the 1401 computer bubble wrap was used for the shipping.
about to review the core functionalities of classes and methods
JsonDecode class
about to review the core functionalities of classes and methods
about to review the core functionalities of classes and methods
about to review the core functionalities of classes and methods
about to review the core functionalities of classes and methods
Symfony comes with Monolog under the PSR-3 the Logger Interface that follows the log levels described by the RFC 5424 for the syslog protocol.
In the review process you don’t need to run a complete analysis of all your code base but only what is included in a pull request.