Quo pertentas, OSS? How Open Source can benefit from well-crafted Tests
|
|
- Damon Nichols
- 5 years ago
- Views:
Transcription
1 Quo pertentas, OSS? How Open Source can benefit from well-crafted Tests Björn Kimminich Web: v1.0
2 Let s start with some code
3 and a corresponding unit test!
4 It passes with flying colors
5 and achieves 100% code coverage!
6 Nothing could possibly go wrong!
7 How about adding another test?
8 Oops!
9 Finding Bugs in Open Source Software
10 Pair Programming Peer Review Committer Review Code Reviews Infeasible with remote development Developers review each other Not everyone has commit rights Occasionally during Hackathons Hard to organize properly Senior developers review contributions before merge into master Cartoon: Geek & Poke
11 Static Code Analysis Popular Open Source Tools FindBugs CheckStyle PMD Sonar Find code smells and potential programming errors but miss a lot as well or produce false positives Some commercial Tools might be more powerful but are typically not affordable for OSS projects Cartoon: Geek & Poke
12 Testing Unit Tests Penetration Tests Integration Tests Test Types Load/Stress Tests GUI Tests Manual Tests Cartoon: Geek & Poke
13 Best vs. Bad Practices for Testing
14 Test Pyramid Manual Tests GUI Tests Integration Tests Unit Tests Source: WatirMelon
15 Test Ice-Cream Cone Manual Tests GUI Tests Integratio n Tests Unit Tests Source: WatirMelon
16 Happy Path Testing Photo: Tortured Mind Photography
17 Testing Border & Exceptional Cases
18 No Assertions
19 API Tests
20 Scenario Tests with BDD
21 Benefits of well-crafted Tests for OSS
22 Maintainability++ A suite of automated regression tests helps finding defects resulting from code changes New contributors do not have to fear touching old code neither do long-time committers after a longer vacation! Cartoon: Geek & Poke
23 Documentation++ External and Javadoc documentation tends to rot quickly and becomes obsolete or even misleading Tests that get outdated tend to break, so they have to be fixed resulting in updated documentation Well-written tests document the intended behavior of a class or component Even if the production code is hard to understand, a good test can help to fill this gap Cartoon: Geek & Poke
24 Specification++ Writing tests before the production code is even better than just documenting existing code Consequent TDD / BDD will let the Tests become the actual specification of the program's intended behavior Failing tests indicate that the specification is not met yet (or any more) Cartoon: Geek & Poke
25 Contribution++ Well maintained, documented and tested projects are safer and more fun to contribute to Nobody likes working on an untested piece of unreadable code (especially in their free time) Cartoon: Geek & Poke
26 Truck Factor++ How many project contributors could be fatally hit by a truck before the project perishes? The lower the number, the more volatile the project as it relies on individual experts The number can be increased by spreading knowledge and lowering entry barriers Cartoon: Geek & Poke
27 Introducing Unit Tests to OWASP ZAP
28 OWASP Zed Attack Proxy (ZAP) Easy-to-use integrated penetrationtesting tool Locates vulnerabilities in web applications Helps building secure apps OWASP Flagship Project Programmed in Java with javax.swing UI
29 How to contribute to ZAP? Develop core features Develop addons Help with translation Promote ZAP
30 ZAP Truck Factor 2 Source: Ohloh
31 Starting from zero Unit Tests Some JUnitbased Integration tests No Unit Tests
32 Separate Test Project
33 ZAPs first Unit Test
34 Adding some more Show Cases
35 Separation into Test Suites
36 Providing Test Guidelines Code Quality Code Coverage Test Libraries Naming Conventions Behavior Driven Development Test Suites Types of Tests
37 Pull vs. Push Pull Push Photos: One Man Think Tank
38 Measure Code Coverage
39 Move Tests close to Production Code
40 Instant execution from IDE
41 Run all Tests during Continuous Build...
42 ...and let it fail when any tests fail!
43 Future: Adding a GUI Testing Framework ZAP is very UI heavy which makes a lot of the code hard or impossible to unit test Right now there are no GUI Tests in place for ZAP Several free UI Testing Frameworks exist for Java Swing unfortunately none is actively maintained any more
44 Testing is a crucial part of Software Development Conclusion Good Tests are the better documentation Tests can make a difference between a prospering and a dead-end OSS project
45 Thank you! Björn Kimminich Web: Background Image: Eikira
3 Continuous Integration 3. Automated system finding bugs is better than people
This presentation is based upon a 3 day course I took from Jared Richardson. The examples and most of the tools presented are Java-centric, but there are equivalent tools for other languages or you can
More informationN different strategies to automate OWASP ZAP
OWASP BUCHAREST APPSEC CONFERENCE 13 OCTOBER 2017 The OWASP Foundation http://www.owasp.org N different strategies to automate OWASP ZAP The OWASP Zed Attack Proxy Marudhamaran Gunasekaran Zap Contributor
More informationLessons Learned from a Web Application Penetration Tester. David Caissy ISSA Los Angeles July 2017
Lessons Learned from a Web Application Penetration Tester David Caissy ISSA Los Angeles July 2017 About Me David Caissy Web App Penetration Tester Former Java Application Architect IT Security Trainer:
More informationInformation Security Keeping Up With DevOps
Connecting People. Delivering Security. Information Security Keeping Up With DevOps Stas Filshtinkskiy - Applied Mathematics degree - 20 years in Information Security - 10 years of that in software development
More informationLab Exercise Test First using JUnit
Lunds tekniska högskola Datavetenskap, Nov, 2017 Görel Hedin/Ulf Asklund EDAF45 Programvaruutveckling i grupp projekt Lab Exercise Test First using JUnit Goal This lab is intended to demonstrate basic
More informationStatic Code Analysis to Find Bugs. Wright.edu CS7140 Spring 2013 (Slides collected from many sources)
Static Code Analysis to Find Bugs Wright.edu CS7140 Spring 2013 (Slides collected from many sources) Comparison of Defect-Detection Approaches Inspections? The combination of design and code inspections
More informationSecurity DevOps. Automation von Security-Checks in der Build-Kette. Christian
Security DevOps Automation von Security-Checks in der Build-Kette Christian Schneider @cschneider4711 `whoami` www. mail@} Christian-Schneider.net» Software Developer, Whitehat Hacker & Trainer» Freelancer
More informationInverting the Pyramid
Inverting the Pyramid Naresh Jain naresh@agilefaqs.com @nashjain http://nareshjain.com Time/Money/Opportunity Cost Plan Back in the Stone-age Happiness/Excitement Design Distribute Work in Isolation Integrate
More informationSicherheit beim Build
Sicherheit beim Build Java Forum Stuttgart 2017 Dominik Schadow bridgingit Verify your security activities Integration into the build pipeline Find security issues as early as possible Catch the low hanging
More informationSecure Development Processes
Secure Development Processes SecAppDev2009 What s the problem? Writing secure software is tough Newcomers often are overwhelmed Fear of making mistakes can hinder Tend to delve into security superficially
More informationIntroduction to Computer Science I
Introduction to Computer Science I String and Random Java Classes Janyl Jumadinova 12-13 February, 2018 Divide and Conquer Most programs are complex and involved. The best way to develop and maintain a
More informationCase study on PhoneGap / Apache Cordova
Chapter 1 Case study on PhoneGap / Apache Cordova 1.1 Introduction to PhoneGap / Apache Cordova PhoneGap is a free and open source framework that allows you to create mobile applications in a cross platform
More informationGNOME 3.0 Accessibility: State of the Union. Alejandro Piñeiro
GNOME 3.0 Accessibility: State of the Union Alejandro Piñeiro (apinheiro@igalia.com) Let's introduce it... Accessibility? Means helping people with disabilities to participate in any life activity Like
More informationUtilizing Fast Testing to Transform Java Development into an Agile, Quick Release, Low Risk Process
Utilizing Fast Testing to Transform Java Development into an Agile, Quick Release, Low Risk Process Introduction System tests, often called slow tests, play a crucial role in nearly every Java development
More informationOpen Source Development from the trenches (Jajuk) Bertrand Florat
Open Source Development from the trenches (Jajuk) Bertrand Florat Talk agenda Objectives Background Getting started Methodology and team management Communication Objectives Get a first realistic vision
More informationThink like an Elm developer
Think like an Elm developer Piper Niehaus Denver, CO, USA Backpacker / skier Nonprofit board chair Software Engineer at Pivotal Pivotal Tracker team Elm in Production since 2016 Internal Products and Services
More information9 th CA 2E/CA Plex Worldwide Developer Conference 1
1 Introduction/Welcome Message Organizations that are making major changes to or replatforming an application need to dedicate considerable resources ot the QA effort. In this session we will show best
More informationBeing a Good OSS Contributor. Jeremy Mikola
Being a Good OSS Contributor Jeremy Mikola Who's using open-source software? Who has ever... Posted on the mailing list or forum Collaborated in IRC Answered a question on Stack Overflow Written a technical
More informationChapter01.fm Page 1 Monday, August 23, :52 PM. Part I of Change. The Mechanics. of Change
Chapter01.fm Page 1 Monday, August 23, 2004 1:52 PM Part I The Mechanics of Change The Mechanics of Change Chapter01.fm Page 2 Monday, August 23, 2004 1:52 PM Chapter01.fm Page 3 Monday, August 23, 2004
More informationSoftware Engineering Testing and Debugging Testing
Software Engineering Testing and Debugging Testing Prof. Dr. Peter Thiemann Universitt Freiburg 08.06.2011 Recap Testing detect the presence of bugs by observing failures Debugging find the bug causing
More informationPEACHTECH PEACH API SECURITY AUTOMATING API SECURITY TESTING. Peach.tech
PEACH API SECURITY AUTOMATING API SECURITY TESTING Peach.tech Table of Contents Introduction... 3 Industry Trends... 3 API growth... 3 Agile and Continuous Development Frameworks... 4 Gaps in Tooling...
More informationRobots with Pentest Recipes:
Robots with Pentest Recipes: Democratizing Security Testing for DevOps Wins Abhay Bhargav - CTO, we45 Yours Truly Co-author of Secure Java For Web Application Development Author of PCI Compliance: A Definitive
More informationSoftware Engineering
Software Engineering Lecture 13: Testing and Debugging Testing Peter Thiemann University of Freiburg, Germany SS 2014 Recap Recap Testing detect the presence of bugs by observing failures Recap Testing
More informationAutomated Testing of Tableau Dashboards
Kinesis Technical Whitepapers April 2018 Kinesis CI Automated Testing of Tableau Dashboards Abstract Companies make business critical decisions every day, based on data from their business intelligence
More informationMaja Schreiner. 9th Lean, Agile & Scrum Conference 2017
Maja Schreiner 9th Lean, Agile & Scrum Conference 2017 Senior Test Master @ Swisscom, Switzerland maja.schreiner@gmail.com testmotion.wordpress.com Twitter: majaschreiner process of executing many different
More informationHuman-Computer Interaction: An Overview. CS2190 Spring 2010
Human-Computer Interaction: An Overview CS2190 Spring 2010 There must be a problem because What is HCI? Human-Computer interface Where people meet or come together with machines or computer-based systems
More informationZAP Innovations. OWASP Zed Attack Proxy. Simon Bennetts. OWASP AppSec EU Hamburg The OWASP Foundation
OWASP AppSec EU Hamburg 2013 The OWASP Foundation http://www.owasp.org ZAP Innovations OWASP Zed Attack Proxy Simon Bennetts OWASP ZAP Project Lead Mozilla Security Team psiinon@gmail.com Copyright The
More informationAnalysis of the Test Driven Development by Example
Computer Science and Applications 1 (2013) 5-13 Aleksandar Bulajic and Radoslav Stojic The Faculty of Information Technology, Metropolitan University, Belgrade, 11000, Serbia Received: June 18, 2013 /
More informationCommits and Commit Messages
Commits and Commit Messages What is a commit? Small set of modifications to a code base Each commit should contain one (atomic) change Commits should be standalone (independent of other commits) Open Source
More informationClient Code - the code that uses the classes under discussion. Coupling - code in one module depends on code in another module
Basic Class Design Goal of OOP: Reduce complexity of software development by keeping details, and especially changes to details, from spreading throughout the entire program. Actually, the same goal as
More informationSoftware Design COSC 4353/6353 D R. R A J S I N G H
Software Design COSC 4353/6353 D R. R A J S I N G H Week 5 Refactoring What is Refactoring? Code Smells Why Refactoring? Techniques IDEs What is Refactoring? Art of improving the design of existing code
More informationclassjs Documentation
classjs Documentation Release 1.0 Angelo Dini December 30, 2015 Contents 1 Introduction 3 1.1 Why class.js............................................... 3 1.2 How to implement............................................
More informationEMF Compare Ganymede Simultaneous Release
EMF Compare 0.8.0 Ganymede Simultaneous Release June 16 th, 2008 Ganymede Release Talking Point Noteworthy New Features 2 way / 3 way comparison detecting conflics differencing, merging and extensibility
More informationNo Source Code. EEC 521: Software Engineering. Specification-Based Testing. Advantages
No Source Code : Software Testing Black-Box Testing Test-Driven Development No access to source code So test cases don t worry about structure Emphasis is only on ensuring that the contract is met Specification-Based
More informationHow technical excellence helps in LeSS adoption. Anton Bevzuk Dodo Pizza Chief Agile Officer
How technical excellence helps in LeSS adoption Anton Bevzuk Dodo Pizza Chief Agile Officer The plan Why engineering practices? Deep dive into Pair Programming Test Automation Continuous Integration Q&A
More informationPrinciples of Software Construction: Testing: One, Two, Three
Principles of Software Construction: Testing: One, Two, Three Josh Bloch Charlie Garrod School of Computer Science 1 Administrivia Homework 4a due today, 11:59 p.m. Design review meeting is mandatory But
More information18-642: Security Mitigation & Validation
18-642: Security Mitigation & Validation 11/27/2017 Security Migitation & Validation Anti-Patterns for security mitigation & validation Poorly considered password policy Poorly considered privilege management
More informationCYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun
CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural
More information4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints
Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints
More informationTest Driven Development (TDD)
Test Driven Development (TDD) Test Driven Development Introduction Good programmers write code, great programmers write tests Never, in the field of programming, have so many owed so much to so few - Martin
More informationMan in the Middle Attacks and Secured Communications
FEBRUARY 2018 Abstract This document will discuss the interplay between Man in The Middle (MiTM/ MITM) attacks and the security technologies that are deployed to prevent them. The discussion will follow
More information[ANALYSIS ASSIGNMENT 10]
2009 Pidgin Carlos Simões Higino Silva João Carlos Almeida Miguel Graça Oliveira [ANALYSIS ASSIGNMENT 10] INTRODUCTION The purpose of this project is to evaluate a testing tool chosen by the team and provide
More informationTest Automation Strategies in Continuous Delivery. Nandan Shinde Test Automation Architect (Tech CoE) Cognizant Technology Solutions
Test Automation Strategies in Continuous Delivery Nandan Shinde Test Automation Architect (Tech CoE) Cognizant Technology Solutions The world of application is going through a monumental shift.. Evolving
More informationDocker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications
Technical Brief Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications As application teams deploy their Dockerized applications into production environments,
More informationLow Latency Java in the Real World
Low Latency Java in the Real World LMAX Exchange and the Zing JVM Mark Price, Senior Developer, LMAX Exchange Gil Tene, CTO & co-founder, Azul Systems Low Latency in the Java Real World LMAX Exchange and
More informationBlack Box Testing. EEC 521: Software Engineering. Specification-Based Testing. No Source Code. Software Testing
Black Box Testing EEC 521: Software Engineering Software Testing Black-Box Testing Test-Driven Development Also known as specification-based testing Tester has access only to running code and the specification
More informationLearner User Interface (LUI): Developing Themed Graphics to Enhance Your e-learning. Kevin Thorn, AutoZone
210 Learner User Interface (LUI): Developing Themed Graphics to Enhance Your e-learning Kevin Thorn, AutoZone LUI Learner User Interface Kevin Thorn Page 1 To continue, click the NEXT button to begin Redundant?
More informationLiquibase Version Control For Your Schema. Nathan Voxland April 3,
Liquibase Version Control For Your Schema Nathan Voxland April 3, 2014 nathan@liquibase.org @nvoxland Agenda 2 Why Liquibase Standard Usage Tips and Tricks Q&A Why Liquibase? 3 You would never develop
More informationBuilding world-class security response and secure development processes
Building world-class security response and secure development processes David Jorm, Senior Manager of Product Security, IIX Outline Introduction SDN attack surface Recent OpenDaylight vulnerabilities Defensive
More informationIs Your Web Application Really Secure? Ken Graf, Watchfire
Is Your Web Application Really Secure? Ken Graf, Watchfire What we will discuss today Pressures on the application lifecycle Why application security defects matter How to create hacker resistant business
More informationStatic Analysis of C++ Projects with CodeSonar
Static Analysis of C++ Projects with CodeSonar John Plaice, Senior Scientist, GrammaTech jplaice@grammatech.com 25 July 2017, Meetup C++ de Montréal Abstract Static program analysis consists of the analysis
More informationOverview of Web Application Security and Setup
Overview of Web Application Security and Setup Section Overview Where to get assistance Assignment #1 Infrastructure Setup Web Security Overview Web Application Evaluation & Testing Application Security
More informationEMF Compare Galileo Simultaneous Release
EMF Compare 1.0.0 Galileo Simultaneous Release Cédric Brun Release Review : June 10th, 2009 Communication Channel : eclipse.modeling.emft newsgroup Process Documentation : http://www.eclipse.org/projects/dev_process/development_process.php
More informationVisualizing Git Workflows. A visual guide to 539 workflows
Visualizing Git Workflows A visual guide to 539 workflows Table of Contents Notation Collaboration Without Review or Branches Merge Conflicts Requesting Code Review Collaboration with Multiple Branches
More informationNodes Tech Slides - Progressive Web Apps, 2018
Nodes Tech Slides - Progressive Web Apps, 2018 Our belief Gone are the days where companies spend fortunes on building digital products that users don t want. Or at least they should be. And by now many
More informationBeing Mean To Your Code: Integrating Security Tools into Your DevOps Pipeline
Being Mean To Your Code: Integrating Security Tools into Your DevOps Pipeline Boston Code Camp 26 November 19, 2016 Robert Hurlbut RobertHurlbut.com @RobertHurlbut Boston Code Camp 26 - Thanks to our Sponsors!
More informationIntroduction to Problem Solving and Programming in Python.
Introduction to Problem Solving and Programming in Python http://cis-linux1.temple.edu/~tuf80213/courses/temple/cis1051/ Overview Types of errors Testing methods Debugging in Python 2 Errors An error in
More informationVersion Control. Second level Third level Fourth level Fifth level. - Software Development Project. January 17, 2018
Version Control Click to edit Master EECS text 2311 styles - Software Development Project Second level Third level Fourth level Fifth level January 17, 2018 1 But first, Screen Readers The software you
More informationDe-risk Your Applications. SUBSCRIBE TO EVRY S SECURITY TESTING AS A SERVICE (STaaS) TODAY!
De-risk Your Applications SUBSCRIBE TO EVRY S SECURITY TESTING AS A SERVICE (STaaS) TODAY! With the exponential increase in Web, Mobile, Cloud and IoT applications, the security risks and challenges in
More informationShift Left, Automation, and Other Smart Strategies for Getting Ahead in QA
Welcome! Test Early, Test Often Shift Left, Automation, and Other Smart Strategies for Getting Ahead in QA A little bit about us Jeff Van Fleet President and CEO Lighthouse Technologies 30+ years software/qa
More informationLecture 15 Software Testing
Lecture 15 Software Testing Includes slides from the companion website for Sommerville, Software Engineering, 10/e. Pearson Higher Education, 2016. All rights reserved. Used with permission. Topics covered
More informationThe Power of Unit Testing and it s impact on your business. Ashish Kumar Vice President, Engineering
The Power of Unit Testing and it s impact on your business Ashish Kumar Vice President, Engineering Agitar Software, 2006 1 The Power of Unit Testing Why Unit Test? The Practical Reality Where do we go
More informationSystems software design. Software build configurations; Debugging, profiling & Quality Assurance tools
Systems software design Software build configurations; Debugging, profiling & Quality Assurance tools Who are we? Krzysztof Kąkol Software Developer Jarosław Świniarski Software Developer Presentation
More informationTwitter4J, Jenkins and Regression
Twitter4J, Jenkins and Regression Yusuke Yamamoto Twitter4J.org http://twitter4j.org/ Who am I 10+ years experience in Java 4+ years experience in the Twitter API Author of open-source tools including:
More informationIntroduction CHAPTER. Review Questions
1 CHAPTER Introduction Review Questions Section 1.1 1.1 What are the four components of a computer system? 1.2 Provide at least three resources the operating system allocates. 1.3 What is the common name
More informationThe Joy of Software Development
The Joy of Software Development ABOUT ME Nemo @captn3m0 captnemo.in Work @Razorpay WHY? - Data Structures - Computer Architecture - Algorithms - Operating Systems - Software Eng - Computer Networks - Compiler
More informationTo be Technical Or not to be THAT is the question!
To be Technical Or not to be THAT is the question! The Questions We Ask.. No Future of Exploratory (Manual) Testing? The Questions We Ask.. How to Learn Automation? The Perceived Career Path Management
More informationTesting. Prof. Clarkson Fall Today s music: Wrecking Ball by Miley Cyrus
Testing Prof. Clarkson Fall 2017 Today s music: Wrecking Ball by Miley Cyrus Review Previously in 3110: Modules Specification (functions, modules) Today: Validation Testing Black box Glass box Randomized
More informationShift Left and Friends And What They Mean for Testers
And What They Mean for Testers Replica of the shift left persuasion device (i.e., 2x4) used by a test manager colleague in 1990s Introduction All the IT world is abuzz with the latest buzz words Shift
More informationHolistic Database Security
Holistic Database Security 1 Important Terms Exploit: Take advantage of a flaw or feature Attack Surface: Any node on the network that can be attacked. That can be the UI, People, anything that touches
More informationFPLLL. Contributing. Martin R. Albrecht 2017/07/06
FPLLL Contributing Martin R. Albrecht 2017/07/06 Outline Communication Setup Reporting Bugs Topic Branches and Pull Requests How to Get your Pull Request Accepted Documentation Overview All contributions
More informationGit and Gerrit Workflows. Enforcing Manual & Automated Review
Git and Gerrit Workflows Enforcing Manual & Automated Review Agenda Branching and Workflow Review A Look at Gerrit The Gerrit Workflow Other Workflows Customizing Gerrit Workflow Branching and Workflow
More informationKTH Royal Institute of Technology SEMINAR 2-29 March Simone Stefani -
KTH Royal Institute of Technology SEMINAR 2-29 March 2017 Simone Stefani - sstefani@kth.se WHAT IS THIS SEMINAR ABOUT Branching Merging and rebasing Git team workflows Pull requests and forks WHAT IS THIS
More informationCSE 403 Lecture 13. Black/White-Box Testing. Reading: Software Testing: Principles and Practices, Ch. 3-4 (Desikan, Ramesh)
CSE 403 Lecture 13 Black/White-Box Testing Reading: Software Testing: Principles and Practices, Ch. 3-4 (Desikan, Ramesh) slides created by Marty Stepp http://www.cs.washington.edu/403/ Testing questions
More informationContinuous Integration & Code Quality MINDS-ON NUNO 11 APRIL 2017
Continuous Integration & Code Quality MINDS-ON NUNO BETTENCOURT (NMB@ISEP.IPP.PT) @DEI, 11 APRIL 2017 Continuous Integration - THE THEORY - NMB@DEI - 11 April, 2017 CONTINUOUS INTEGRATION & SOFTWARE QUALITY
More informationA Tale of Continuous Testing
T22 DevOps/Continuous Delivery Thursday, October 4th, 2018 3:00 PM A Tale of Continuous Testing Presented by: David Lumpkin Craftsy Brought to you by: 350 Corporate Way, Suite 400, Orange Park, FL 32073
More informationAchieving Java Application Security With Parasoft Jtest
Achieving Java Application Security With Parasoft Jtest Cloud computing continues to gain traction as enterprises increasingly embrace the shift to Internet-based environments. Unfortunately, this also
More informationAutomated Security Scanning in Payment Industry
Digital Transformation Specialist Automated Security Scanning in Payment Industry Michał Buczko Michał Buczko Test Consultant Public Speaker Security enthusiast Agenda 1.) Why security? 2.) How hard it
More informationc. Typically results in an intractably large set of test cases even for small programs
Multiple-Choice Questions: 1. True or false? Generally, in practice, developers exhaustively test software. a. True b. False 2. True or false? All real software contains bugs. a. True b. False 3. Which
More informationAnalysis Tool Project
Tool Overview The tool we chose to analyze was the Java static analysis tool FindBugs (http://findbugs.sourceforge.net/). FindBugs is A framework for writing static analyses Developed at the University
More informationPorting applications to Qt. Kevin Funk, Software Engineer KDAB
Porting applications to Qt Kevin Funk, Software Engineer KDAB What is a migration? Some other toolkit Qt QNX Photon Motif MFC Java AWT Older Qt version Qt5 Why migrate at all? Hard to find developers who
More informationTest-driven development
Test-driven development And how we do it at WIX Mantas Indrašius Software Engineer WIX.COM Agenda Tests overview Test-driven development (TDD) The Bowling Game demo Kickstarting a project using TDD How
More informationThe Changing DNS Market: A Technical Perspective
The Changing DNS Market: A Technical Perspective Johan Ihrén Netnod October 6, 2016 Netnod Customer Mtg, October 6, 2016, Changing DNS Market: A Tech Perspective, johani@netnod.se 1 / 15 Introduction When
More informationScratcher Party Published by: Ibrahim Eminovic iphone United States / English (US)
Scratcher Party Published by: Ibrahim Eminovic iphone United States / English (US) 77 1. App Name The length of the App Name looks great! ASO TIP: Keywords in your App Name have a lot of a weight in the
More informationGetting Ready. I have copies on flash drives Uncompress the VM. Mandiant Corporation. All rights reserved.
Getting Ready In order to get the most from this session, please download / install: OWASP ZAP, which requires a Java runtime A virtualization package, such as the free VirtualBox, free VMware Player,
More informationAutomated Unit Testing A Practitioner's and Teacher's Perspective
Automated Unit Testing A Practitioner's and Teacher's Perspective Prof. Peter Sommerlad HSR - Hochschule für Technik Rapperswil Institute for Software Oberseestraße 10, CH-8640 Rapperswil peter.sommerlad@hsr.ch
More informationVersion Control Systems
Nothing to see here. Everything is under control! September 16, 2015 Change tracking File moving Teamwork Undo! Undo! UNDO!!! What strategies do you use for tracking changes to files? Change tracking File
More informationVersion Control. Second level Third level Fourth level Fifth level. - Software Development Project. January 11, 2017
Version Control Click to edit Master EECS text 2311 styles - Software Development Project Second level Third level Fourth level Fifth level January 11, 2017 1 Scenario 1 You finished the assignment at
More informationSECTION 1: CODE REASONING + VERSION CONTROL
SECTION 1: CODE + OUTLINE Introductions Code Reasoning Forward Reasoning Backward Reasoning Weaker vs. Stronger statements Version control CSE 331 Spring 2018 slides borrowed and adapted from Alex Mariakis
More informationApplication Development at
Application Development at Abstract: This paper uncovers the diversity of Congruent s Application Services and its Delivery excellence. It also analyzes its processes, practices & tools that sets Congruent
More informationSECTION 1: CODE REASONING + VERSION CONTROL
SECTION 1: CODE + OUTLINE Introductions Code Reasoning Forward Reasoning Backward Reasoning Weaker vs. Stronger statements Version control CSE 331 Summer 2018 slides borrowed and adapted from Alex Mariakis
More informationDMA safety in buffers for Linux Kernel device drivers
DMA safety in buffers for Linux Kernel device drivers Wolfram Sang, Consultant / Renesas 23.10.2018, ELCE2018 Wolfram Sang, Consultant / Renesas DMA safety in buffers 23.10.2018, ELCE2018 1 / 23 I2C &
More informationJava 9: Tips on MigraDon and Upgradability
Java 9: Tips on MigraDon and Upgradability Bernard Traversat Vice President of Development Java SE PlaJorm Oracle November, 2017 Copyright 2017, Oracle and/or its affiliates. All rights reserved. ConfidenDal
More informationTango - Icalepcs 2009 ESRF
Tango - Icalepcs 2009 ESRF TANGO collaboration and kernel status Brief introduction What's new since Icalepcs 2009 New projects Re-thinking the Tango event system E Taurel - Icalepcs 2011 2 What is Tango?
More informationWhy Deprecating async() is the Worst of all Options
Doc No: WG21 N3780 Date: 2013-09-26 Reply to: Nicolai Josuttis (nico@josuttis.de) Subgroup: SG1 Concurrency Prev. Version: none Why Deprecating async() is the Worst of all Options The concurrency working
More informationCAPABILITY. Managed testing services. Strong test managers experienced in working with business and technology stakeholders
TESTING SERVICES 1 CAPABILITY Innovative use of open source tools helping early and frequent and reducing license costs Test strategy Managed services Test management Functional Strong test managers experienced
More informationLearn how to get started with Dropbox: Take your stuff anywhere. Send large files. Keep your files safe. Work on files together. Welcome to Dropbox!
Learn how to get started with Dropbox: 1 2 3 4 Keep your files safe Take your stuff anywhere Send large files Work on files together Welcome to Dropbox! 1 Keep your files safe Dropbox lets you save photos,
More informationTest Driven Development. Software Engineering, DVGC18 Faculty of Economic Sciences, Communication and IT Tobias Pulls and Eivind Nordby
Test Driven Development Faculty of Economic Sciences, Communication and IT 2010-09-03 Tobias Pulls and Principle Use Executable Specifications Test Driven Development (TDD) xunit Behaviour Driven Development
More informationDISQUS. Continuous Deployment Everything. David
DISQUS Continuous Deployment Everything David Cramer @zeeg Continuous Deployment Shipping new code as soon as it s ready (It s really just super awesome buildbots) Workflow Commit (master) Integration
More informationHappy Birthday, Ajax4jsf! A Progress Report
Happy Birthday, Ajax4jsf! A Progress Report By Max Katz, Senior Systems Engineer, Exadel Ajax4jsf is turning one soon and what a year it will have been. It was an amazing ride for all of us here at Exadel.
More information