Delphi 2009 is available in three editions. The Professional edition is designed for building desktop and workstation applications. The Enterprise edition includes everything in the Professional edition, and adds support for building client/server and multi-tier database and web applications. The Architect edition includes everything in the Enterprise edition, plus logical and physical database modeling and optimizations from the Embarcadero ER/Studio Developer Edition.
Mobile Developers Guide To The Galaxy Vol.6Marco Tabor
The latest updated edition of Enough Software`s Guide to mobile platforms. Useful for application developers as well as for decision makers wanting to enter the mobile market.
Most of the developers use the cross-platform mobile development solutions to develop the mobile
application once and run it on many platforms. Many of these cross-platform solutions are still under
research and development. Also, these solutions are based on different approaches such as Cross-
Compilation approach, Virtual Machine approach, and Web-Based approach. There are many survey
papers about the cross-platform mobile development solutions but they do not include the most recent
tools, including Component-Based approach, Cloud-Based approach, and Merged approach. The main aim
of this paper is helping the researchers to know the most recent approaches and the open research issues.
This paper surveys the existing cross platform mobile development tools, introduces a comprehensive
categorization to the cross-platform tools, defines the pros and cons of each approach and compares the
cross-platform mobile development solutions.
Comparing static analysis in Visual Studio 2012 (Visual C++ 2012) and PVS-StudioPVS-Studio
After Visual Studio 2012 was released with a new static analysis unit included in all of the product's editions, a natural question arises: "Is PVS-Studio still relevant as a static analysis tool or can it be replaced by the tool integrated into VS?". A detailed answer with examples is given in this article. We have performed interface and usability comparison as well as a comparison of error diagnosis strength in real software code. The comparison was carried out on the source code of three open-source projects by id Software: Doom 3, Quake 3: Arena, Wolfenstein: Enemy Territory.
Delphi 2009 is available in three editions. The Professional edition is designed for building desktop and workstation applications. The Enterprise edition includes everything in the Professional edition, and adds support for building client/server and multi-tier database and web applications. The Architect edition includes everything in the Enterprise edition, plus logical and physical database modeling and optimizations from the Embarcadero ER/Studio Developer Edition.
Mobile Developers Guide To The Galaxy Vol.6Marco Tabor
The latest updated edition of Enough Software`s Guide to mobile platforms. Useful for application developers as well as for decision makers wanting to enter the mobile market.
Most of the developers use the cross-platform mobile development solutions to develop the mobile
application once and run it on many platforms. Many of these cross-platform solutions are still under
research and development. Also, these solutions are based on different approaches such as Cross-
Compilation approach, Virtual Machine approach, and Web-Based approach. There are many survey
papers about the cross-platform mobile development solutions but they do not include the most recent
tools, including Component-Based approach, Cloud-Based approach, and Merged approach. The main aim
of this paper is helping the researchers to know the most recent approaches and the open research issues.
This paper surveys the existing cross platform mobile development tools, introduces a comprehensive
categorization to the cross-platform tools, defines the pros and cons of each approach and compares the
cross-platform mobile development solutions.
Comparing static analysis in Visual Studio 2012 (Visual C++ 2012) and PVS-StudioPVS-Studio
After Visual Studio 2012 was released with a new static analysis unit included in all of the product's editions, a natural question arises: "Is PVS-Studio still relevant as a static analysis tool or can it be replaced by the tool integrated into VS?". A detailed answer with examples is given in this article. We have performed interface and usability comparison as well as a comparison of error diagnosis strength in real software code. The comparison was carried out on the source code of three open-source projects by id Software: Doom 3, Quake 3: Arena, Wolfenstein: Enemy Territory.
Introduction to Windows 8 development.
Presented by Laurent Duveau on February 9th during a Montreal .NET Community special event.
Parts of the presentation were taken from existing Microsoft presentations.
If you need the support of the top python app development agency, you should pick one that uses the latest version of Python 3.11 released on 2nd March 2022.
Productive parallel teamwork: Decentralized Version Control SystemsDanilo Pianini
How to productively use git (or another decentralized version control system) in your development team. From the PhD course in "Developing, maintaining, and sharing software tools for research".
Learning from Human Repairs Through the Exploitation of Software Repositories ijseajournal
ABSTRACT
Software systems drive our phones, cars, banks, cities, etc. This places a heavy load on software industry
because all these systems must be continuously updated, corrected and extended when users and
consumers express new needs and high quality software is now perceived as a "must have" rather than
"should have". Developers has to do their best to assure that their code has minimal defects.
Nowadays technologies evolve rapidly, software suffer from some majors problems. Firstly software
maintainers have to deal with the past (past languages, existing systems, old technologies). It is often
misunderstood and treated as a punishment. Secondly developers have to ensure a good software quality.
To deal with such problems, approaches have been proposed to support software maintenance and reduce
the efforts of developers. One approach commonly adopted is the usage of rules to ensure source code
quality and ease maintenance activities.
We propose in this paper an approach to ease corrective maintenance task and help to improve software
quality by exploiting human knowledge available in software repositories. This approach support
remediation of bad situations; by reducing for example time spent to read, understand and how the code
can be changed.
This session tries to give insights into what the people using, developing and supporting OpenOffice.org want. For this purpose, data from different OpenOffice.org surveys and metrics will be analyzed and presented. One key data source for the presentation will be the ongoing OpenOffice.org user survey which gets completed by about 2000 people every day. In addition, OpenOffice.org developer surveys, external surveys and various OpenOffice.org user and developer metrics will be brought into the picture as well. The session will try to provide answers to questions like “What functionality do different OpenOffice.org users need?”, “How do people want to contribute to OpenOffice.org?”, “What motivates people to contribute to OpenOffice.org?”, etc.
Week 3 Lecture 1 - Business SoftwareManagement of Information .docxjessiehampson
Week 3 Lecture 1 - Business Software
Management of Information Systems
Business Software
What should drive an IT infrastructure decision?
Ideally, the software would be selected first and then the hardware to host it. Most companies already possess some hardware that can limit the available options when selecting software. Determining which software or system approach that will fulfill the organization’s business functions is a key IT infrastructure decision. The value returned by software to an organization increases efficiency or competitive advantage. Software should return value to organizations, suppliers, customers, employees, and all stakeholders. Software functionality and the core value propositions (creating opportunities, increasing efficiency, gaining competitive advantage, or business problems solving) must be evaluated and analyzed when selecting software.
Operating systems and application software:
Common software applications are spreadsheet programs, and word processors. Other applications that may not be so familiar are analytics, survey, mapping applications, and web page or blog builders. Developers design applications’ interfaces. Operating systems also have an interface. Application interfaces are contained within the operating system interface.
Figure 4 Microsoft Edge browser application interface highlighted lime; the Windows 10 operating system interface highlighted magenta
Operating systems provide common interfaces to applications such as the close and resize boxes, scroll bars, and features for saving, cutting and pasting. Other layout features of applications come from their developers. Sometimes discerning systems software from application software can be difficult because operating systems are embedded with applications. A database management system, for instance, is application software that could easily be confused with system software.
The most important features of PC software.
PC software should be easy-to-understand, and contain intuitive icons. Icons reduce the time needed to learn to use software and make software more globally accessible because of the language independence of pictures. Metaphors can be used to indicate how to use interfaces. The Windows desktop, for instance, is a metaphor for a desktop containing items on which a person is currently working. Use of metaphors and intuitive icons increase productivity.
Week 3 Lecture 2 - Business Networks and Telecommunications
Management of Information Systems
Business Networks and Telecommunications
Over recent years, telecommunications has transformed how organizations conduct business. Mobile, wireless, and web-based technologies have enabled more strategic business management and increased the efficiency of resource management.
Over the last two decades, television, telephony and other forms of communication have been digitized. Voice over IP (VoIP) has become a popular method of communication. Increasingly, communication takes place over the ...
Windows 7 – Application Compatibility Toolkit 5.5 OverviewVijay Raj
This slidedeck was used at the BITPro november monthly UG meet. This session gave a detailed explanation of How the ACT 5.5 tool can be used to mitigate the AppCompat issues. Further, an overview of Windows 7 Core OS changes were also discussed.
An Introduction to Universal Windows AppsKen Cenerelli
At Build 2014 the world was introduced to the idea of creating Universal Windows apps. This technology will allow developers to extend platform commonality across multiple Windows devices from one shared project.
In this session I will demonstrate what you will need to know to get going quickly on building one application for both Windows Phone 8.1 and Windows 8.1 OS. We will also see how to extend your project to include other new features.
This talk was given at ConFoo 2015.
If you are a passionate Flutter developer and want to enhance your development process, here are the top 7 Flutter app development tools you should know today.
In this presentation, we introduce you to 7 amazing Flutter tools that help you to understand why these tools have attained such massive popularity in the tech world.
A quick guide through the wonders of dependency management, build automation, teamwork with distributed version control systems, and continuous integration.
Web version (better rendering): https://danysk.github.io/Slides-2020-Coordination-TimeFluid/
Printed version of the slides presented by Danilo Pianini at the 22nd International Conference on Coordination Models and Languages (part of the 15th International Federated Conference on Distributed Computing Techniques)
Engineering the Aggregate - Talk at Software Engineering for Intelligent and ...Danilo Pianini
A distributed system can be seen as a single computational machine rather than a collection of multiple communicating machines, as it is usually perceived. Reasoning on the aggregate of situated devices under this privileged point of view can lead to interesting engineering solutions that allow for abstracting away the networking protocols, and focusing on producing advanced, self-stabilizing coordination algorithms.
Introduction to Windows 8 development.
Presented by Laurent Duveau on February 9th during a Montreal .NET Community special event.
Parts of the presentation were taken from existing Microsoft presentations.
If you need the support of the top python app development agency, you should pick one that uses the latest version of Python 3.11 released on 2nd March 2022.
Productive parallel teamwork: Decentralized Version Control SystemsDanilo Pianini
How to productively use git (or another decentralized version control system) in your development team. From the PhD course in "Developing, maintaining, and sharing software tools for research".
Learning from Human Repairs Through the Exploitation of Software Repositories ijseajournal
ABSTRACT
Software systems drive our phones, cars, banks, cities, etc. This places a heavy load on software industry
because all these systems must be continuously updated, corrected and extended when users and
consumers express new needs and high quality software is now perceived as a "must have" rather than
"should have". Developers has to do their best to assure that their code has minimal defects.
Nowadays technologies evolve rapidly, software suffer from some majors problems. Firstly software
maintainers have to deal with the past (past languages, existing systems, old technologies). It is often
misunderstood and treated as a punishment. Secondly developers have to ensure a good software quality.
To deal with such problems, approaches have been proposed to support software maintenance and reduce
the efforts of developers. One approach commonly adopted is the usage of rules to ensure source code
quality and ease maintenance activities.
We propose in this paper an approach to ease corrective maintenance task and help to improve software
quality by exploiting human knowledge available in software repositories. This approach support
remediation of bad situations; by reducing for example time spent to read, understand and how the code
can be changed.
This session tries to give insights into what the people using, developing and supporting OpenOffice.org want. For this purpose, data from different OpenOffice.org surveys and metrics will be analyzed and presented. One key data source for the presentation will be the ongoing OpenOffice.org user survey which gets completed by about 2000 people every day. In addition, OpenOffice.org developer surveys, external surveys and various OpenOffice.org user and developer metrics will be brought into the picture as well. The session will try to provide answers to questions like “What functionality do different OpenOffice.org users need?”, “How do people want to contribute to OpenOffice.org?”, “What motivates people to contribute to OpenOffice.org?”, etc.
Week 3 Lecture 1 - Business SoftwareManagement of Information .docxjessiehampson
Week 3 Lecture 1 - Business Software
Management of Information Systems
Business Software
What should drive an IT infrastructure decision?
Ideally, the software would be selected first and then the hardware to host it. Most companies already possess some hardware that can limit the available options when selecting software. Determining which software or system approach that will fulfill the organization’s business functions is a key IT infrastructure decision. The value returned by software to an organization increases efficiency or competitive advantage. Software should return value to organizations, suppliers, customers, employees, and all stakeholders. Software functionality and the core value propositions (creating opportunities, increasing efficiency, gaining competitive advantage, or business problems solving) must be evaluated and analyzed when selecting software.
Operating systems and application software:
Common software applications are spreadsheet programs, and word processors. Other applications that may not be so familiar are analytics, survey, mapping applications, and web page or blog builders. Developers design applications’ interfaces. Operating systems also have an interface. Application interfaces are contained within the operating system interface.
Figure 4 Microsoft Edge browser application interface highlighted lime; the Windows 10 operating system interface highlighted magenta
Operating systems provide common interfaces to applications such as the close and resize boxes, scroll bars, and features for saving, cutting and pasting. Other layout features of applications come from their developers. Sometimes discerning systems software from application software can be difficult because operating systems are embedded with applications. A database management system, for instance, is application software that could easily be confused with system software.
The most important features of PC software.
PC software should be easy-to-understand, and contain intuitive icons. Icons reduce the time needed to learn to use software and make software more globally accessible because of the language independence of pictures. Metaphors can be used to indicate how to use interfaces. The Windows desktop, for instance, is a metaphor for a desktop containing items on which a person is currently working. Use of metaphors and intuitive icons increase productivity.
Week 3 Lecture 2 - Business Networks and Telecommunications
Management of Information Systems
Business Networks and Telecommunications
Over recent years, telecommunications has transformed how organizations conduct business. Mobile, wireless, and web-based technologies have enabled more strategic business management and increased the efficiency of resource management.
Over the last two decades, television, telephony and other forms of communication have been digitized. Voice over IP (VoIP) has become a popular method of communication. Increasingly, communication takes place over the ...
Windows 7 – Application Compatibility Toolkit 5.5 OverviewVijay Raj
This slidedeck was used at the BITPro november monthly UG meet. This session gave a detailed explanation of How the ACT 5.5 tool can be used to mitigate the AppCompat issues. Further, an overview of Windows 7 Core OS changes were also discussed.
An Introduction to Universal Windows AppsKen Cenerelli
At Build 2014 the world was introduced to the idea of creating Universal Windows apps. This technology will allow developers to extend platform commonality across multiple Windows devices from one shared project.
In this session I will demonstrate what you will need to know to get going quickly on building one application for both Windows Phone 8.1 and Windows 8.1 OS. We will also see how to extend your project to include other new features.
This talk was given at ConFoo 2015.
If you are a passionate Flutter developer and want to enhance your development process, here are the top 7 Flutter app development tools you should know today.
In this presentation, we introduce you to 7 amazing Flutter tools that help you to understand why these tools have attained such massive popularity in the tech world.
A quick guide through the wonders of dependency management, build automation, teamwork with distributed version control systems, and continuous integration.
Web version (better rendering): https://danysk.github.io/Slides-2020-Coordination-TimeFluid/
Printed version of the slides presented by Danilo Pianini at the 22nd International Conference on Coordination Models and Languages (part of the 15th International Federated Conference on Distributed Computing Techniques)
Engineering the Aggregate - Talk at Software Engineering for Intelligent and ...Danilo Pianini
A distributed system can be seen as a single computational machine rather than a collection of multiple communicating machines, as it is usually perceived. Reasoning on the aggregate of situated devices under this privileged point of view can lead to interesting engineering solutions that allow for abstracting away the networking protocols, and focusing on producing advanced, self-stabilizing coordination algorithms.
Computational Fields meet Augmented Reality: Perspectives and ChallengesDanilo Pianini
Recently, two different techniques emerged that are tailored to environments pervaded of computational devices. On the one hand, aggregate programming, and especially computational fields-based programming, is a promising abstraction for coordinating the activities of multiple situated devices. On the other hand, augmented reality is emerging as new means of interaction with both software and physical entities. We note that both computational fields and augmented reality are tightly bound to the physical world, and that they both enrich it, with collective computation and augmented information respectively. This work presents an initial analysis of possible future research directions that involve these techniques, discussing some possible ways of integrating them.
Practical Aggregate Programming with Protelis @ SASO2017Danilo Pianini
Collective adaptive systems are an emerging class of networked and situated computational systems with a wide range of applications, such as in the Internet of Things, wireless sensor networks, and smart cities.
Engineering such systems poses a number of challenges, and in particular many approaches, based upon designing the machine-to-machine interaction directly, suffer from a local-to-global abstraction problem.
In this tutorial, we introduce the aggregate computing approach, rooted in the field calculus and practically available through the Protelis programming language, as a means to build collective, situated adaptive systems.
The approach focuses on programming the overall aggregate behaviour, making use of a ``resilience API,'' while leaving to these libraries and the language machinery the responsibility of mapping this to the behavior of individual devices.
This tutorial was first presented at the 11th IEEE International Conference on Self-Adaptive and Self-Organizing Systems (SASO 2017) in Tucson, AZ, USA.
Towards a Foundational API for Resilient Distributed Systems DesignDanilo Pianini
Engineering resilient distributed systems remains extremely challenging, particularly in mapping from collective specifications to individual device behavior. Aggregate programming aims to address this problem using a computational field abstraction to provide inherent guarantees of resilience, scalability, and safe composition. These capabilities are provided, however, by an expressive but terse set of operators too low-level for pragmatic use in complex systems development. We thus present an API to raise the level of abstraction, thereby providing an accessible and user-friendly interface for construction of complex resilient distributed systems. In particular, we capture and organize a large, heterogeneous collection of algorithms and use patterns into a unified framework, including methods for common tasks such as leader election, distance and state estimation, and gossip-based information dissemination. We demonstrate how the expressiveness of this library reduces the abstraction gap required to engineer scenarios of large-scale pervasive computing, while introducing the novel multiInstance pattern enabling an unanticipated composition of computational fields.
A quick guide through the wonders of teamwork with distributed version control systems, dependency management, build automation, and continuous integration and delivery.
Democratic process and electronic platforms: concerns of an engineerDanilo Pianini
Digital technology and computer science are more and more widespread, and they are set to become a major player in the democratic process. Some valuable tools that allow for such decision process to happen already exist. However, several concerns typical of the engineering process remain apparently uncovered. For instance, in a classic software engineering process, one or more artifacts are produced in the analysis phase that represent a formal, possibly machine understandable, model of the domain. Looking at the most common e-democracy platforms, this step is seemingly missing, along with others that concur at building a solid engineering process. This talk arise questions (and provide no answers) about the current status of the e-democracy under a software engineering point of view: how can a democratic process get formally modeled? Is the democratic process shaping the tools we have, or viceversa? Is there a trade-off between transparency and security? And if so, how to determine which level of observability should the system allow?
Simulating Large-scale Aggregate MASs with Alchemist and ScalaDanilo Pianini
Recent works in the context of large-scale adaptive systems, such as those based on opportunistic IoT-based applications, promote aggregate programming, a development approach for distributed systems in which the collectivity of devices is directly targeted, instead of individual ones.
This makes the resulting behaviour highly insensitive to network size, density, and topology, and as such, intrinsically robust to failures and changes to working conditions (e.g., location of computational load, communication technology, and computational infrastructure).
Most specifically, we argue that aggregate programming is particularly suitable for building models and simulations of complex large-scale reactive MASs.
Accordingly, in this paper we describe Scafi (Scala Fields), a Scala-based API and DSL for aggregate programming, and its integration with the Alchemist simulator, and usage scenarios in the context of smart mobility.
Simulation video available at https://vid.me/BNVx
Presented at Multi Agent Systems & Simulation 2016, Gdansk, Poland
Extending the Gillespie's Stochastic Simulation Algorithm for Integrating Dis...Danilo Pianini
Whereas Multi-Agent Based Simulation (MABS) is emerging as a reference approach for complex system simulation, the event-driven approach of Discrete-Event Simulation (DES) is the most used approach in the simulation mainstream.
In this talk, we elaborate on two intuitions: 1) event-based systems and multi-agent systems are amenable of a coherent interpretation within a unique conceptual framework; 2) integrating MABS and DES can lead to a more expressive and powerful simulation framework.
Accordingly, we propose a computational model integrating DES and MABS, based on an extension of the Gillespie's stochastic simulation algorithm.
Then, we discuss a case of a simulation platform (Alchemist) specifically targeted at such a kind of complex models, and show an example of urban crowd steering simulation.
The notion of a computational field has been proposed as a unifying abstraction for developing distributed systems, focusing on the computations and coordination of aggregates of devices instead of individual behavior. Prior field-based languages, however, have suffered from a number of practical limitations that have posed barriers to adoption and use. We address these limitations by introduction of Protelis, a functional language based on computational fields and embedded in Java, thereby enabling the construction of widely reusable components of aggregate systems. We demonstrate the simplicity of Protelis integration and programming through two examples: simulation of a pervasive computing scenario in the Alchemist simulator, and coordinated management of a network of services.
Self-organising pervasive ecosystems of devices are set to become a major vehicle for delivering infrastructure and end-user services. The inherent complexity of such systems poses new challenges to those who want to dominate it by applying the principles of engineering.
The recent growth in number and distribution of devices with decent computational and communicational abilities, that suddenly accelerated with the massive diffusion of smartphones and tablets, is delivering a world with a much higher density of devices in space. Also, communication technologies seem to be focussing on short-range device-to-device (P2P) interactions, with technologies such as Bluetooth and Near-Field Communication gaining greater adoption.
Locality and situatedness become key to providing the best possible experience to users, and the classic model of a centralised, enormously powerful server gathering and processing data becomes less and less efficient with device density. Accomplishing complex global tasks without a centralised controller responsible of aggregating data, however, is a challenging task. In particular, there is a local-to-global issue that makes the application of engineering principles challenging at least: designing device-local programs that, through interaction, guarantee a certain global service level. In this thesis, we first analyse the state of the art in coordination systems, then motivate the work by describing the main issues of pre-existing tools and practices and identifying the improvements that would benefit the design of such complex software ecosystems.
The contribution can be divided in three main branches. First, we introduce a novel simulation toolchain for pervasive ecosystems, designed for allowing good expressiveness still retaining high performance. Second, we leverage existing coordination models and patterns in order to create new spatial structures. Third, we introduce a novel language, based on the existing ``Field Calculus'' and integrated with the aforementioned toolchain, designed to be usable for practical aggregate programming.
Engineering computational ecosystems (2nd year PhD seminar)Danilo Pianini
This tutorial will introduce the research field of pervasive computing, with particular focus on spatial computing and pervasive ecosystems. It will show the applicative domain with a focus on pervasive displays, analysing the main challenges such systems present to software engineers. It will also show how relevant is the role of the simulation and properties checking in this area, in which a complete system deployment prior to release is almost impossible.
From Engineer to Alchemist, There and Back Again: An Alchemist TaleDanilo Pianini
When computer science meets (bio)chemistry, a new world of possibilities emerges. Taking inspiration from mechanisms that exist in nature, and empowering them with the magic of computation, engineers become alchemists: they create new worlds, ruled by their own (bio)chemical rules. We will call such virtual worlds"computational ecosystems". In this talk we introduce Alchemist, a simulator developed by our research group in order to let us experiment with this complexity. Alchemist takes inspiration from chemical simulators and ABMs, trying to grab the best of both worlds by providing a fast, reliable and extensible framework. We will have a flyby of the simulator features, showing some case studies: crowd steering, crowd evacuation, morphogenesis, anticipative adaptation. The final part of the talk will frame the future activities, offering a pool of opportunities to those interested in this research area
A Framework to Specify and Verify Computational Fields for Pervasive Computin...Danilo Pianini
Pervasive context-aware computing networks call for designing algorithms for information propagation and reconfiguration that promote self-adaptation, namely, which can guarantee – at least to a probabilistic extent – certain reliability and robustness properties in spite of unpredicted changes and conditions. The possibility of formally analyzing their properties is obviously an essential engineering requirement, calling for general-purpose models and tools. As proposed in recent works, several such algorithms can be modeled by the notion of computational field: a dynamically evolving spatial data structure mapping every node of the network to a data value. Based on this idea, as a contribution toward formally verifying properties of pervasive computing systems, in this article we propose a specification language to model computational fields, and a framework based on PRISM stochastic model checker explicitly targeted at supporting temporal property verification. By a number of pervasive computing examples, we show that the proposed approach can be effectively used for quantitative analysis of systems running on networks composed of hundreds of nodes.
Towards a comprehensive approach to spontaneous self-composition in pervasive...Danilo Pianini
Pervasive service ecosystems are emerging as a new paradigm for understanding and designing future pervasive computing systems featuring high degrees of scale, openness, adaptivity and toleration of long-term evolution. A key issue in this context is making certain patterns of behaviour emerge without any supervision or design-time intention, and a primary example is the fully-spontaneous composition of services, possibly at multiple levels. We argue that this can be successfully achieved only by a comprehensive approach exploiting together the main ingredients proposed so far in literature: (i) existence of intel- ligent components finding proper (semantic) matches of service descriptions, (ii) use of distributed evolutionary techniques to dynamically select appropriate ways of composing services, and (iii) approaches in which rating quality of composition is solely based on their successful exploitation. This proposal is presented through an example of spontaneous composition in crowd steering services.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Climate Impact of Software Testing at Nordic Testing Days
Versioning and License selection
1. images/logo
Developing, maintaining, and sharing software tools for research
Enforce reproducibility: dependency management and build automation
Danilo Pianini
danilo.pianini@unibo.it
Alma Mater Studiorum—Università di Bologna
Ph.D. course in Data Science and Computation
June 7, 2018 - Bologna (Italy)
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 1 / 42
2. images/logo
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 2 / 42
3. images/logo
Assigning version numbers General problem
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 3 / 42
4. images/logo
Assigning version numbers General problem
Software versioning
The process of assigning a unique identifier to a unique state of some
software
Used to distinguish different software states
Used to refer to different states of the same software
The identifier is normally a sequence of alfanumeric numbers
Those numbers can be separated by other symbols, most frequently
dots, slashes, and dashes
Assigning IDs in a predictable way could help gathering information on
the software itself
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 3 / 42
5. images/logo
Assigning version numbers General problem
Versioning levels
Versioning can happen at different levels and for different scopes
Levels
Versioning system: very fine grained, typically generated, non
progressive version ids
Subproject or feature: more coarsely grained, often using codenames
Release level
Macro level (e.g. Python vs. Python3)
Scopes
Internal
A specific development point
Any subproject, feature, or milestone
External
A specific public release of the software
A specific public development stage of the software
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 4 / 42
6. images/logo
Assigning version numbers Approaches
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 5 / 42
7. images/logo
Assigning version numbers Approaches
Code naming
The version is represented by a (usually pronounceable) word, short phrase
or acronym
With few exceptions, do not provide any direct information on the
project (often by purpose)
Very frequently used internally to refer to new features
Often used to “protect” the corporation from information leaking
Often changed to purposely create confusion
Used to separate pre-release versions from final releases (e.g.
Longhorn only became Windows Vista at the release)
Often associated for commercial reasons to other version numbers
(e.g. Ubuntu 18.04 Bionic Beaver or MacOS X 10.13.5 Sierra)
Reasons for codenames are often political and commercial rather than
technical
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 5 / 42
8. images/logo
Assigning version numbers Approaches
Date based
The version is represented by a string representing the release date
Dates don’t always match development rate
A project may change more in a week than in a year
Useful for projects that are fast-paced (multiple releases per week)
Useful as a companion for other versioning schemes
Useful at the commercial level for clearly indicating the novelty (and
the age) of a project (e.g. Windows 98, Office 2003)
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 6 / 42
9. images/logo
Assigning version numbers Approaches
Unary numbering
The version is represented by a string whose length grows at each version
Rather idiosyncratic
Only useful for project that reached maturity
Extremely unlikely in today’s software world
May lead to version length explosion
Unsuitable for scientific / research projects
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 7 / 42
10. images/logo
Assigning version numbers Approaches
Degree of compatibility
The version is represented one or more sequences, separately incremented,
that reflect incrementally widespread changes in the product
Probably the most diffused
Often used in conjunction with other techniques
Often used badly (see the Linux kernel)
Formal methodologies for applying it exist
Sometimes instead of indicating API-level changes, the version may
indicate user-level perceivable changes
Very much depends on who are the customers
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 8 / 42
11. images/logo
Assigning version numbers Real World
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 9 / 42
12. images/logo
Assigning version numbers Real World
Microsoft Windows versioning
Combination of all the techniques:
Dates (Windows 9x, 2001)
Codenames (NT, Vista, XP, Millenium Edition)
Pre-release codenames (Longhorn)
Dates for internal builds
Incremental versions on multiple levels (e.g. Windows 95 is also
MS-DOS 7.0 and Windows 4.00)
Separation between “commercial” versions and “actual” “versions”
e.g., Windows 7 is actually Windows 6.1, and Windows 10 is actually
Windows 6.4
One future Windows may actually become Windows 7.0, clashing with
the “commercial” version of an older product
The proliferation and inconsistencies in the versioning led to some issues.
Ever wondered why there is no Windows 9?
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 9 / 42
13. images/logo
Assigning version numbers Real World
Ubuntu versioning
Association of a date in format YY.MM and a two word codename in form
of Adjective AnimalName. Both the words of the codename begin with the
same letter.
Version number does not track changes
The development is arguably linear
But actually new versions may bring in substantial novelties, e.g.
entirely new graphical environments
“LTS” can be optionally appended to identify “Long Term Support”
versions
Two versions of Ubuntu can be compared by date but also by the first
letter of their codename
“Zesty Zapus” is newer than “Utopic Unicorn”
Unfortunately, since there are a limited number of letters, “Bionic
Beaver” is newer than “Xenial Xerus” and “Zesty Zapus”
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 10 / 42
14. images/logo
Assigning version numbers Real World
Wine versioning
Formerly a pure date, in ISO format without hyphens, e.g. 20040505. The
project switched to a classic versioning in form of major.minor
The change may give some headaches to dependency managers, since
20040505 is bigger than 3.9 and other subsequent versions.
A 0.Date format for initial development releases would have been
advisable with hindsight
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 11 / 42
15. images/logo
Assigning version numbers Real World
TEX π-versioning
Purely unary numbering converging to π
Current version (released in January 2004) is 3.14159265
Every time a new version is produced, a number from π is added to
the version string
Sustainable just because TEX is now extremely stable, and
development is almost frozen
At the time of my death, it is my intention that the then-current
versions of TEX [...] be forever left unchanged, except that the
final version numbers to be reported in the “banner” lines of the
programs should become: TeX, Version $pi $ [...]. From that
moment on, all “bugs” will be permanent “features”.
Donald E. Knuth [Knu90]
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 12 / 42
16. images/logo
Assigning version numbers Real World
Semantic Versioning (SemVer)
Encodes version numbers and their change to convey meaning about the
underlying code and what has been modified from one version to the next.
Written in RFC-style1
No-retract
Versioned using Semantic versioning
1
https://semver.org/
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 13 / 42
17. images/logo
Assigning version numbers Real World
SemVer: format X.Y.Z[-P[+B]] part I
Software using Semantic Versioning MUST declare a public API. This
API could be declared in the code itself or exist strictly in
documentation. However it is done, it should be precise and
comprehensive.
Once a versioned package has been released, the contents of that
version MUST NOT be modified. Any modifications MUST be
released as a new version.
A normal version number MUST take the form X.Y.Z where X, Y, and
Z are non-negative integers, and MUST NOT contain leading zeroes.
X is the major version, Y is the minor version, and Z is the patch
version. Each element MUST increase numerically.
Patch version Z MUST be incremented if only backwards compatible
bug fixes are introduced. A bug fix is defined as an internal change
that fixes incorrect behavior.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 14 / 42
18. images/logo
Assigning version numbers Real World
SemVer: format X.Y.Z[-P[+B]] part II
Minor version Y MUST be incremented if new, backwards compatible
functionality is introduced to the public API. It MUST be incremented
if any public API functionality is marked as deprecated. It MAY be
incremented if substantial new functionality or improvements are
introduced within the private code. It MAY include patch level
changes. Patch version MUST be reset to 0 when minor version is
incremented.
Major version X MUST be incremented if any backwards incompatible
changes are introduced to the public API. It MAY include minor and
patch level changes. Patch and minor version MUST be reset to 0
when major version is incremented.
Major version zero (0.y.z) is for initial development. Anything may
change at any time. The public API should not be considered stable.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 15 / 42
19. images/logo
Assigning version numbers Real World
SemVer: format X.Y.Z[-P[+B]] part III
Version 1.0.0 defines the public API. The way in which the version
number is incremented after this release is dependent on this public
API and how it changes.
A pre-release version MAY be denoted by appending a hyphen and a
series of dot separated identifiers immediately following the patch
version. Identifiers MUST comprise only ASCII alphanumerics and
hyphen [0-9A-Za-z-]. Identifiers MUST NOT be empty. Numeric
identifiers MUST NOT include leading zeroes. A pre-release version
indicates that the version is unstable and might not satisfy the
intended compatibility requirements as denoted by its associated
normal version.
Build metadata MAY be denoted by appending a plus sign and a series
of dot separated identifiers immediately following the patch or
pre-release version. Identifiers MUST comprise only ASCII
alphanumerics and hyphen [0-9A-Za-z-].
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 16 / 42
20. images/logo
Assigning version numbers Real World
Python Enhancement Proposal 440
Python software must be versioned as described in PEP4402
Very flexible, but very complicated
Superset of Semantic Versioning
Ordering of release segments is mandated
[N!]N(.N)*[{a|b|rc}N][.postN][.devN]
Epoch segment: N!
Mandatory Release segment: N(.N)*
Pre-release segment: {a|b|rc}
Post-release segment: .postN
Development release segment: .devN
2
https://www.python.org/dev/peps/pep-0440/
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 17 / 42
21. images/logo
Assigning version numbers Real World
Selecting a good methodology is important
Think before choosing a versioning schema, and then be consistent
Adopting codenames makes sense if:
You have a large team with several sub projects being developed
concurrently
You want to protect your codebase by talking in a less understandable
manner
You want to promote features or products and you need a
human-appealing name
Using dates makes sense if:
The development process is fast and steady
Dates are a detail of a better versioned system
Unary numbering is strongly discouraged
Semantic versioning is warmly recommended
Can be integrated with the DVCS
Dates can be added (e.g. in the + section)
Codenames can be appended informally if needed
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 18 / 42
22. images/logo
Select a proper license General problem
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 19 / 42
23. images/logo
Select a proper license General problem
What is a license
A legal instrument used to regulate access, use, and redistribution of
software
You generally want to retain some guarantees on the software, e.g.:
be recognized as the orignal creator;
decide whether or not someone else can redistribute it
decide under which circumstances the software can be used
get paid if others use it
Law can change greatly among countries
If you are not a lawyer, or you can’t pay a lawyer, don’t come up with
your license
A custom license is likely to be in conflict with the law of some
countries
Better choosing something proven to work
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 19 / 42
24. images/logo
Select a proper license General problem
Copyright vs. copyleft
Copyright
Legal right that grants the creator of an original work exclusive rights for
its use and (re)distribution
Copyleft
Practice (not a legal right!) in which an author surrenders some, but not
all, rights under copyright law.
Strong if all derived works inherit the copyleft license, weak if some
kinds of work may not inherit it
Full if all the parts of the work are distributed under the terms of the
copyleft license, partial if only some parts are.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 20 / 42
25. images/logo
Select a proper license General problem
Licensing vs. ownership
Ownership
Possession of a copy of software. The possession implies right to use, even
if such use implies a violation of the license (e.g. for making changes to the
software, or making incidental copies).
Licensing
The software is not sold, but merely “licensed”, namely permitted to be
used, under the conditions of a End-user license agreement (EULA).
This schema, which prevents e.g. reselling, is currently being challenged at
the EU level
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 21 / 42
26. images/logo
Select a proper license General problem
Proprietary vs. Free
Public
Domain
Non-
Protective
FOSS License
Proprietary
License
Protective
FOSS License
Trade
Secret
All rights
relinquished
All rights
retained
Rights in Copyright
more rights granted more rights retained
Proprietary
The software publisher grants the right to use a certain number of copies
under the conditions of an EULA, but does not transfer ownership of the
copies to the customer. Usage of the software may be subjected to
acceptance of the EULA.
Free
The software publisher grants extensive rights to modify and redistribute
the software, often prohibiting rolling back such rights (copyleft).
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 22 / 42
27. images/logo
Select a proper license General problem
Free as in speech vs. free as in beer
Much easier for Italian speakers, as free is translated either with libero (as
in speech) or gratuito (as in beer).
Free as in beer
The user pays nothing for using the software. It is free of charge.
Free as in speech
The user receives the source code of the software, is allowed to modify it
and redistribute it. The user can be asked to pay for receiving a copy: it
can be distributed behind a fee. The author can also ask for additional
money for accessing the source code (but not too much, asking for a billion
dollars would let the software go back to the state of proprietary).
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 23 / 42
28. images/logo
Select a proper license General problem
Free vs. Open source
They often go together, but they are different
Open source
Focuses on availability of source code and ability to modify and share it
Free
Focuses on user’s freedom to use the program, modify, and share it
Non-free open source licenses:
Apple Public source license 1.03
: too generic
Artistic License 1.0: overly vague
Nasa Open Source Agreement
Non-open source free licenses:
WTFPL4
: “public domain” does not exist in EU
Netscape public license
OpenSSL license
3
https://www.gnu.org/licenses/license-list.html#apsl1
4
https://opensource.org/minutes20090304
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 24 / 42
29. images/logo
Select a proper license General problem
Unlicensed software
Internal business / trade secrets
Since trade secrets don’t require any right to be released, they are generally
non-disclosed, non-available and unlicensed.
Distributed unlicensed software
Software “left in the wild”, with no license attached, is fully copyright
protected, and therefore legally unusable.
Public domain
When the copyright terminates (it takes over 100 years for software
released after 2008) distributed unlicensed software becomes part of the
public domain, and becomes usable, modifiable and redistributable.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 25 / 42
30. images/logo
Select a proper license Commonly used licenses and their scope
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 26 / 42
31. images/logo
Select a proper license Commonly used licenses and their scope
Typical constrains for proprietary software
Volume
Closed volume: the customer commits to purchase a certain number
of licenses over a fixed period (mostly two years). Licensing can be
limited per user, CPU, concurrent usage, etc.
Open volume: the customer purchases the right to use the software in
a large number of computers by a large number of users.
Maintenance, support, and warranty
Proprietary software licenses often include maintenance and support, as
well as some form of warranty. They are usually limited in time, and often
extensions can be purchased
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 26 / 42
32. images/logo
Select a proper license Commonly used licenses and their scope
GNU GPLv3
GNU General Public License
Free and open source
Forces copyleft: derived work must be released under a compatible
license
Does not allow linking from non GPL-compatible licensed
software!
If you want your software to be used as a dependency of proprietary
software, don’t use this license!
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 27 / 42
33. images/logo
Select a proper license Commonly used licenses and their scope
GNU LGPLv3
GNU Lesser General Public License (LGPL)
A modification of the GPLv3 with a linking exception
Not an entirely different license as the previous LGPL
Free and open source
Forces copyleft: derived work must be released under a compatible
license
Allows linking from code with a different license
Work linking the LGPL library (combined work) must:
Allows modification of the original linked library shipped with the work
Allows reverse engineering and debugging of the combined work
These requirements are often unacceptable for companies!
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 28 / 42
34. images/logo
Select a proper license Commonly used licenses and their scope
GNU GPL with linking exception I
GNU General Public License with linking exception
Can be built on top a GPL, by manually adding an exception for
linking
Free and open source
Forces copyleft: derived work must be released under a compatible
license
Allows linking from code with a different license without further
restrictions
Combined work can be redistributed under non GPL-compatible licenses
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 29 / 42
35. images/logo
Select a proper license Commonly used licenses and their scope
GNU GPL with linking exception II
Example exception
Linking this library statically or dynamically with other modules is making a
combined work based on this library. Thus, the terms and conditions of the GNU
General Public License cover the whole combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent modules, and to
copy and distribute the resulting executable under terms of your choice,
provided that you also meet, for each linked independent module, the terms and
conditions of the license of that module. An independent module is a module
which is not derived from or based on this library. If you modify this library,
you may extend this exception to your version of the library, but you are not
obliged to do so. If you do not wish to do so, delete this exception statement
from your version.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 30 / 42
36. images/logo
Select a proper license Commonly used licenses and their scope
MIT License
Extremely permissive
Free and open source
GPL compatible
No copyleft: the work or a derivative can be redistributed under any
other license
Does not protect trademark
Does not protect patents claims
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 31 / 42
37. images/logo
Select a proper license Commonly used licenses and their scope
Apache License 2.0
More restrictive than MIT
Free and open source
GPL compatible
No copyleft: the work or a derivative can be redistributed under any
other license
Protects trademark
Allows for placing a warranty
Protects patents claims
Forces authors of derived works to state significant changes made to
the software
If a NOTICE file with authors is provided, it must be included when
redistributed. Entries can be appended.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 32 / 42
38. images/logo
Select a proper license Commonly used licenses and their scope
WTFPL
Do What the Fuck You Want To Public License: extremely permissive but
problematic
Free, not open source
GPL compatibility limited to WTFPL 2.0 with GPLv3
No copyleft: the work or a derivative can be redistributed under any
other license
Prefer other licenses
Full license text
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
Version 2, December 2004
Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
Everyone is permitted to copy and distribute verbatim or modified
copies of this license document, and changing it is allowed as long
as the name is changed.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. You just DO WHAT THE FUCK YOU WANT TO.
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 33 / 42
39. images/logo
Select a proper license Commonly used licenses and their scope
Creative Commons
Set of licenses with increasing copyleft, not designed for software5, but
good for data (including databases), documentation, and resources.
Available Rights
Attribution (BY) — Derivative works must credit the original author
Share-alike (SA) — Enables copyleft
Non-commercial (NC) — Derivative work can only be used for non
commercial purposes
No derivative Works (ND) — Free distribution and copy of the work,
but derivatives and remixes are forbidden
5
https://creativecommons.org/faq/
#can-i-apply-a-creative-commons-license-to-software
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 34 / 42
40. images/logo
Select a proper license Commonly used licenses and their scope
Creative Commons Licenses
CC0 — Public domain
Allows any use
No copyleft
Could be used for software, but the MIT License is preferable
CC-BY — Attribution alone
CC-BY-SA — Attribution ShareAlike
Copyleft
CC-BY-NC — Attribution Noncommercial
CC-BY-ND — Attribution Noderivatives
Can be used commercially, but not modified
CC-BY-NC-SA — Attribution Noncommercial ShareAlike
CC-BY-NC with copyleft
CC-BY-NC-ND — Attribution Noncommercial Noderivatives
Can be redistributed only as-is, author must be credited
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 35 / 42
41. images/logo
Select a proper license Applying licenses to projects
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 36 / 42
42. images/logo
Select a proper license Applying licenses to projects
How to apply a license
1 State the license clearly in the project
In case of a software repository, it is standard to have a LICENSE (or,
less commonly, COPYING) text file in the repository root, with the full
license text
For common licenses, the text to write can get easily found online
2 Apply a copyright notice header to each source file
Use an automated tool to do it
Most IDEs can deal with this
Header templates are usually available where the license is published
3 Your software is now legally protected as per your wish
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 36 / 42
43. images/logo
Create documentation
Beyond a scientific paper
Software products are often presented into a paper
Even when the paper is about the software itself, the paper is science,
not a manual
this gets worse when the software is just used to generate / analyze
data for the experiments of a paper
Proper documentation must be provided
For an experiment, a README.md file explaining how to reproduce the
paper results may suffice
For small software projects, the README.md along with the API
documentation (possibly auto-generated) could be enough
For more elaborated software, a detailed manual and explanantions
must be provided
Problem is ain’t nobody got time for that
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 37 / 42
44. images/logo
Create documentation Creating a static website with Jekyllrb
Outline
1 Assigning version numbers
General problem
Approaches
Real World
2 Select a proper license
General problem
Commonly used licenses and their scope
Applying licenses to projects
3 Create documentation
Creating a static website with Jekyllrb
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 38 / 42
45. images/logo
Create documentation Creating a static website with Jekyllrb
Jekyll at rescue
Jekyll is a blog-aware, static website generator
Focus on content: write information and let the engine generate a
website for you
Support for Markdown: no time spent in dealing with HTML/CSS
Support for templating: zero time spent on tuning the graphics,
retaining a good result
Written in Ruby, installable via gem
Automatically executed by Github Pages!
No need for a continuous integrator to compile your code and deploy it
(though of course you can use one and deploy, e.g., on surge.sh)
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 38 / 42
46. images/logo
Create documentation Creating a static website with Jekyllrb
Simple website
First, install Rubygems on your PC.
If you got travis working, you are set up already
To create a website stub, run
jekyll new website-folder
To launch a local server that generates the website constantly,
updating at every change, enter the folder of the website and run
bundle exec jekyll serve
Connect with a browser to http://localhost:4000 to navigate the
website
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 39 / 42
47. images/logo
Create documentation Creating a static website with Jekyllrb
Templating
The website can be customized using one of thousands of designs
Many of them are available at http://jekyllthemes.org/
The quickest way to use a theme, is to clone their repository and make
changes
Once you got acquainted with Jekyll, you will be able to use it for other
scopes as well
Personal webpage or blog
Conference websites
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 40 / 42
48. images/logo
Create documentation Creating a static website with Jekyllrb
Deploying on GitHub pages
GitHub associates a static website to every
User: http://username.github.io
Team: http://teamname.github.io
Repository: http://teamname.github.io/repositoryname
The website will automatically get online if:
For teams(users):
a team(user) owned repository named
teamname.github.io(username.github.io) exists
the repository has a master branch
the master branch is a valid HTML static website, or a valid Jekyll
generable website
For repositories:
the repository has a gh-pages branch
the gh-pages branch is a valid HTML static website, or a valid Jekyll
generable website
D. Pianini (UniBo) 03 - Dependency Management June 7, 2018 41 / 42