Software Test and Performance, January 2006, Page 26

Total Page:16

File Type:pdf, Size:1020Kb

Software Test and Performance, January 2006, Page 26 A Publication P B RA E Un C ST it T T IC es ES ti : ng VOLUME 3 • ISSUE 1 • JANUARY 2006 • $8.95 www.stpmag.com XP’s Balanced Approach to Test Stressing Software With Open Source Tools A MMethodethod to Build Visibility Into Your DevelopmentDevelopment Process MakingMaking YourYour QAQA EEfffoforrttss FFlyly The Importance of Life Cycle Management A MESSAGE FROM THE EDITOR VOLUME 3 • ISSUE 1 • JANUARY 2006 Publisher Editorial Director Better Life Cycle Ted Bahr Alan Zeichick +1-631-421-4158 x101 +1-650-359-4763 [email protected] [email protected] Editor Director of Events Management Lindsey Vereen Donna Esposito [email protected] +1-415-785-3419 [email protected] Associate News Editor Everyone is familiar with the ground. While you Director of Circulation Alex Handy Agnes Vanek the rule of thumb that says can’t download a hard- [email protected] +1-631-421-4158 x111 at each step of the way, the ware patch, neither can [email protected] Art Director cost to fix a problem you get into a software LuAnn T. Palazzo Circulation Assistant increases tenfold, and hav- system with a wrench. [email protected] Advertising Traffic Phyllis Oakes ing to fix a problem in the And getting to the site Copy Editor +1-631-421-4158 x115 field is the most expensive. can pose a challenge. George Ellis [email protected] [email protected] (Granted, the Internet It is an unfortunate fact Office Manager/ somewhat mitigates the of life that despite lofty Contributing Editors Marketing Scott Barber Cathy Zimmermann cost of patches for de- intentions, test cycles will [email protected] [email protected] ployed software, but still, Lindsey Vereen always get truncated. And Esther Schindler Customer Service/ what patch doesn’t intro- Editor as Feldstein points out in [email protected] Subscriptions duce a glitch somewhere?) his article, “No matter +1-847-763-9692 Contributing Writers [email protected] No matter that we already know the how well the software is tested, some Alan Berg Jeff Feldstein Controller rule; we still have to file this one in the bugs will inevitably escape the testing Matt Hargett Viena Isaray lessons-we-have-to-learn-over-and-over process.” And you know those will be Steve Lemme [email protected] Tracy Ragan folder. In this month’s lead story, Jeff the expensive ones to fix. Article Reprints Feldstein reminds us that too many The solution is successful manage- Director of Editorial Lisa Abelson Operations Lisa Abelson & Co. bugs are still found late in the process, ment of the application development David Rubinstein +1-516-379-7097 when they are expensive to fix. Serious cycle. And the inducement for man- +1-631-421-4158 x105 fax +1-516-379-3603 [email protected] [email protected] performance issues or integration aging it well is an understanding of issues are uncovered in the latter part the business value for doing so. In Cover Photograph by Peter Nguyen of the development cycle and can managing the application life cycle, require a costly rework of large parts of product quality is only part of the Advertising Sales Manager the code, which will have repercus- equation, but it is undeniably a signif- David Karp +1-631-421-4158 x102 sions for the product team and the cus- icant part. [email protected] tomers and will affect when the com- Quality assurance is about doing pany receives revenue. things right the first time. While it’s a My favorite example of the increas- good idea to make sure that a product ing cost of repair comes from the can be repaired in the field, it’s a bet- realm of hardware: the Hubble Space ter idea to make sure it doesn’t need Telescope. Shortly after the Hubble to be. That means taking control of President BZ Media LLC was deployed, a flaw was discovered in the application life cycle and estab- Ted Bahr 7 High Street, Suite 407 its ability to focus—one thing you have lishing quality as a priority. That way, Executive Vice President Huntington, NY 11743 Alan Zeichick +1-631-421-4158 high expectations for a telescope to be you can catch the bugs before they fax +1-631-421-4045 www.bzmedia.com able to do. The problem got through get out the door. As Feldstein says, “A [email protected] because of—what else?—a truncated carefully planned application devel- test cycle. Getting it repaired required opment life cycle is a key requirement Software Test & Performance (ISSN #1548-3460, sending field service out to the site— to successful delivery of on-time, qual- USPS #78) is published 12 times a year by BZ via the Space Shuttle. ity software.” Media LLC, 7 High Street, Suite 407, Huntington, NY 11743. Periodicals privileges pending at There are software problems in Success takes a team effort, involv- Huntington, NY and additional offices. space as well. Perhaps the most famil- ing product management, develop- POSTMASTER: Send address changes to BZ Media, iar is the software bug that caused the ment, test and documentation. 7 High Street, Suite 407, Huntington, NY 11743. Ride along is included. Mars Polar Lander to crash. Feldstein understands this. At his ©2006 BZ Media LLC. All rights reserved. Software I’m not sure you can say that soft- company, he says, everyone is in- Test & Performance is a registered trademark of BZ Media LLC. ware problems are easier to fix than volved with quality. That’s a competi- hardware problems, in space or on tive advantage. ý JANUARY 2006 www.stpmag.com • 5 VOLUME 3 • ISSUE 1 • JANUARY 2006 Contents A Publication COVER STORY Life Cycle Management: Make Your 12 Quality Assurance Efforts Fly A carefully planned application life cycle is key to delivering on-time, quality software—and the test team should be involved in each step. By Jeff Feldstein 18 XP’s Balanced Approach to Test Better software quality will be your reward if you can achieve the right bal- ance between unit and system tests. By Matt Hargett 26 Make Your Development Process Departments More Transparent 5 • Editorial You can use Eclipse to make your Managing your software development process understandable by everyone life cycle. from developers to QA managers to business managers, even if they’re not 8 • Out of the Box IT experts. By Tracy Ragan New products for developers and testers. Compiled by Alex Handy 10 • Peak Performance 31Stress Testing, Alberto Savoia’s hot old topics seem Open Source Style fresher than ever. By Scott Barber This exercise walks you through the process of using Eclipse for controlling 36 • Best Practices Unit testing’s like a box of chocolates. Ant and JMeter to generate and perform By Esther Schindler automated stress tests. By Alan Berg 38 • Future Test Effective management of database performance. By Steve Lemme JANUARY 2006 www.stpmag.com • 7 Out of the Box Compiled by Alex Handy Appscan 6.0 Sniffs Out Security Holes Waltham, Mass.-based Watchfire has been completely re- (www.watchfire.com) has pushed its designed, with an emphasis Appscan security tool to version 6.0. The on ease of use and compre- most significant of the new features are hensible results. fresh remediation capabilities designed “Security teams today are to hold developers’ hands as they mud- under intense pressure, and dle through the security testing process. many cannot keep up with AppScan can detect security holes in Web applications Appscan now helps testers and develop- the volume of applications quickly and easily. ers focus on and fix the issues it finds, they need to test. Currently, instead of simply sounding an alarm bell security professionals are either catching tion testing with innovative capabilities and leaving the rest up to them. issues late in the development cycle or, that not only identify critical application Appscan is a Web applications securi- often, not at all,” said Michael Weider, weaknesses, but also provide intelligent ty testing tool that is typically known for chief technology officer at Watchfire. fix recommendations and new remedia- its speed. With version 6.0, Watchfire has “We spent more than a year working tion capabilities, improving the ease and also added 31 compliance-based tests to on this release, and we were laser-focused speed with which users are able to under- ensure that applications function within on eliminating barriers to fixing critical stand, prioritize and remediate critical the bounds laid out by the SEC, Congress security flaws, boosting the level of Web application security issues.” and other business regulatory bodies. automation and improving efficiency. Appscan 6.0 is available now directly To help users better understand and AppScan 6.0 is a significant milestone and from Watchfire. It is priced at US$15,000 target found holes, Appscan’s interface sets a new benchmark for Web applica- per seat. RadView Secure Splits Up CodeAssure The source code analysis tool CodeAssure with how and where to address the appli- Offers New has been updated by its creators, Secure cation security dilemma, and we believe Software (www.securesoftware.com). The a one-size-fits-all solution does not Performance tool checks code to find security flaws, address the key use cases,” said Kevin and it alerts developers and testers to Kernan, CEO of Secure Software. “Our problems that could arise as a result of expanding product suite enables every- Testing Tool sloppy code, unrestricted inputs and one, from an individual developer or unchecked registers. architect to an organization with hun- WebLOAD Analyzer J2EE Edition is now “Many organizations are still wrestling dreds or thousands of people, to fully available from RadView Software realize the tremendous cost (www.radview.com).
Recommended publications
  • Distributed Configuration Management: Mercurial CSCI 5828 Spring 2012 Mark Grebe Configuration Management
    Distributed Configuration Management: Mercurial CSCI 5828 Spring 2012 Mark Grebe Configuration Management Configuration Management (CM) systems are used to store code and other artifacts in Software Engineering projects. Since the early 70’s, there has been a progression of CM systems used for Software CM, starting with SCCS, and continuing through RCS, CVS, and Subversion. All of these systems used a single, centralized repository structure. Distributed Configuration Management As opposed to traditional CM systems, Distributed Configuration Management Systems are ones where there does not have to be a central repository. Each developer has a copy of the entire repository and history. A central repository may be optionally used, but it is equal to all of the other developer repositories. Advantages of Distributed Configuration Management Distributed tools are faster than centralized ones since metadata is stored locally. Can use tool to manage changes locally while not connected to the network where server resides. Scales more easily, since all of the load is not on a central server. Allows private work that is controlled, but not released to the larger community. Distributed systems are normally designed to make merges easy, since they are done more often. Mercurial Introduction Mercurial is a cross-platform, distributed configuration management application. In runs on most modern OS platforms, including Windows, Linux, Solaris, FreeBSD, and Mac OSX. Mercurial is written 95% in Python, with the remainder written in C for speed. Mercurial is available as a command line tool on all of the platforms, and with GUI support programs on many of the platforms. Mercurial is customizable with extensions, hooks, and output templates.
    [Show full text]
  • New York Software Symposium New York Information Technology Center June 24 - 25, 2011
    New York Software Symposium New York Information Technology Center June 24 - 25, 2011 Fri, Jun. 24, 2011 Room 2 Room 3 Room 4 Room 5 Room 6 8:00 - 9:00 AM REGISTRATION/BREAKFAST/WELCOME 9:00 - 10:30 AM Slimmed Down Software: Busy Java Developer's Sonar: Code Quality Programming HTML5 Concurrency without A Lean Approach Guide to Java 7 Metrics Made Easy Tim Berglund pain in pure Java Hamlet D`Arcy Ted Neward Matthew McCullough Venkat Subramaniam 10:30 - 11:00 AM BREAK 11:00 - 12:30 PM New Ideas for Old Code Busy Java Developer's Open Source Debugging NoSQL Smackdown! Collections for Concurrency Hamlet D`Arcy Guide to Games Tools for Java Tim Berglund Venkat Subramaniam Ted Neward Matthew McCullough 12:30 - 2:30 PM LUNCH & KEYNOTE 2:30 - 4:00 PM Pragmatic Architecture Java Boilerplate Busters Cascading through Hadoop: A Getting Started with Grails Programming in Functional Style Ted Neward Hamlet D`Arcy DSL for Simpler MapReduce Tim Berglund Venkat Subramaniam Matthew McCullough 4:00 - 4:30 PM BREAK 4:30 - 6:00 PM How to Select and Architectural Kata Workshop Resource-Oriented Cassandra: Radical Scala for the Intrigued Adopt a Technology Ted Neward Architectures : REST I NoSQL Scalability Venkat Subramaniam Peter Bell Brian Sletten Tim Berglund New York Software Symposium New York Information Technology Center June 24 - 25, 2011 Sat, Jun. 25, 2011 Room 2 Room 3 Room 4 Room 5 Room 6 8:00 - 9:00 AM BREAKFAST 9:00 - 10:30 AM Cryptography on the Resource-Oriented Integrating JVM Languages Complexity Theory and Busy Java Developer's
    [Show full text]
  • Git Basics Git Expertise
    Overview Git basics Git expertise Git A GNU Alternative to Bitkeeper Mohamed Barakat University of Kaiserslautern ITWM Kaiserslautern, January 2010 Mohamed Barakat Git Overview Git basics Git expertise 1 Git basics The Git configuration file Create a Git-repository Using a Git-repository 2 Git expertise Branching Pulling Merging and Cherry-Picking Mohamed Barakat Git Overview The Git configuration file Git basics Create a Git-repository Git expertise Using a Git-repository Overview 1 Git basics The Git configuration file Create a Git-repository Using a Git-repository 2 Git expertise Branching Pulling Merging and Cherry-Picking Mohamed Barakat Git Overview The Git configuration file Git basics Create a Git-repository Git expertise Using a Git-repository Git working copy and Git-repsoitory Git is a distributed SCM Git is a distributed Source Code Management system (SCM), i.e. each Git working copy sits on top of its own local Git repository located in a single top-level subdirectory .git. SVN is in contrast to Git a centralized SCM system, i.e. the SVN-repository is on exactly one server. Git allows you to commit, checkout, reset, etc. without contacting a server! Mohamed Barakat Git Overview The Git configuration file Git basics Create a Git-repository Git expertise Using a Git-repository The configuration file ˜/.gitconfig Create a Git configuration file vi ˜/.gitconfig [svn] authorsfile = .git/info/svn-authors [color] diff = auto status = auto branch = auto [user] name = Firstname Lastname email = [email protected] Mohamed Barakat Git Overview The Git configuration file Git basics Create a Git-repository Git expertise Using a Git-repository Create a Git-repository (quick version) init, add, commit Create a Git-repository in the directory XY: 1 cd XY 2 git init 3 git add .
    [Show full text]
  • Collaboration Tools in Software Engineering Stepan Bolotnikov Me
    Collaboration Tools in Software Engineering Stepan Bolotnikov Me ● Stepan Bolotnikov ● Software Engineer at Guardtime ● MSc in Software Engineering from UT, 2018 ● [email protected] You Mostly BSc students in Computer Science ● Software developers / QA engineers ● CS researchers ● Project managers / team leads In any case connected to software projects, sharing knowledge and resources Course ● History and working principles of version control systems (VCS) ● Git distributed VCS ● Issue tracking ● Theoretical knowledge + practical hands-on exercises ● 8 sessions ● Every 2nd Friday ● Lecture + practice ● Non-differentiated (pass/fail) Schedule ● 22. Feb - Introduction, history of VCS ● 08. Mar - Introduction to Git, setting up the first repository, basic Git usage ● 22. Mar - Common Git commands ● 05. Apr - Branching in Git, common branching models ● 19. Apr - Troubleshooting common Git issues ● 03. May - Github; Issue tracking ● 17. May - Advanced Git usage; git hooks and CI ● 31. May - Guest lecture, preparation for exam ● 07. June - Exam 1 ● 14. June - Exam 2 Sessions ● 4h ● Lecture part ● Practical part Final exam ● 7th or 17th June ● Individual practical tasks ● “Poor”, “Satisfactory” or “Good” ● “Satisfactory” and “Good” - passing In order to pass the course ● Active participation in at least 6 out of 8 sessions ○ Complete the practical tasks ● “Satisfactory” or “Good” on the final exam Communication Course website http://courses.cs.ut.ee/2019/cse Course Slack Click Lecture 1: Introduction to course, History of Version
    [Show full text]
  • Experten-Dossier 2019
    Experten-Dossier 2019 Über 80 Seiten mit praxisorientiertem Wissen für .NET-Entwickler rund um .NET Core, Azure DevOps, TypeScript, Cosmos DB, ML.NET, Git und Azure! bastacon www.basta.net Inhalt Agile & DevOps Die DevOps-Challenge 4 DevOps-Fallstricke und wie man ihnen entkommen kann von Kevin Gerndt Microservices & APIs Warum einfach? Es geht auch komplex! 10 Entwicklung von Microservices mit Microsoft .NET von Dr. Felix Nendzig Go Git! 16 Git erobert die Entwicklerwelt von Uwe Baumann Des Kaisers neue Kleider 21 Aus VSTS wird Azure DevOps – mehr als nur ein neuer Name? von Nico Orschel und Thomas Rümmler .NET Framework & C# R. I. P .NET „Core“ 29 .NET Framework, .NET Core und Mono sind tot – lang lebe .NET 5.0! von Dr. Holger Schwichtenberg Machine Learning für die Zukunft 33 Hintergrund und Einstieg in ML mit .NET von Kevin Gerndt Architektur Kolumne: Stropek as a Service 40 Zehn Hausaufgaben für die Cloud-Architektur – Eine gute Softwarearchitektur setzt klare Ziele voraus von Rainer Stropek Große Business-Apps mit Angular meistern 43 Nachhaltige Angular-Architekturen mit Nx und Strategic Design von Manfred Steyer Inhalt Sicherheit Du kommst hier nicht rein 48 API Authorization in ASP.NET Core 3.0 mit IdentityServer von Sebastian Gingter Wasm – Ist das sicher oder kann das weg? 53 Neue Besen kehren gut, sagt man. Aber sind sie auch sicher? von Carsten Eilers HTML5 & JavaScript Das Beste aus zwei Welten 59 Mit ASP.NET Core und Angular eine Webanwendung erstellen von Fabian Gosebrink Injections für echte TypeScript-Junkies 70 Dependency
    [Show full text]
  • Everything You Need to Know About Openjdk's Move to Git and Github
    Menu Topics Archives Downloads Subscribe Everything you need to know JAVA 17 about OpenJDK’s move to Git and GitHub Everything you need to know Blame or thank BitKeeper about OpenJDK’s move to Git Why not Mercurial? and GitHub Why Git? Why GitHub? Why the move, and why now? The move from Mercurial to Git Getting the source code and provided an opportunity to consolidate building the OpenJDK the source code repositories. Conclusion by Ian Darwin Dig deeper May 14, 2021 Download a PDF of this article Have you ever built your own Java Development Kit from source? Most end users of the JDK will not need to build their own JDK from the Oracle source code. I’ve needed to do that only a few times when I was running on the OpenBSD UNIX-like system, which is not one of the three supported platforms. Sure, you might want to build your own JDK to try out a new feature that you think should be added to Java. You might choose to build from source to be sure you are running a more trustworthy binary. Having the complete source code readily available, and now in a more commonly used download format, means it is easier than ever to build your own JDK. Yes, it’s a better-documented, easily configured process than in the past. But it’s still a bit confusing. The source code for the OpenJDK recently moved from the Mercurial version control system (VCS) to the Git VCS and the GitHub repository system, and that’s probably a good thing.
    [Show full text]
  • Software Development a Practical Approach!
    Software Development A Practical Approach! Hans-Petter Halvorsen https://www.halvorsen.blog https://halvorsen.blog Software Development A Practical Approach! Hans-Petter Halvorsen Software Development A Practical Approach! Hans-Petter Halvorsen Copyright © 2020 ISBN: 978-82-691106-0-9 Publisher Identifier: 978-82-691106 https://halvorsen.blog ii Preface The main goal with this document: • To give you an overview of what software engineering is • To take you beyond programming to engineering software What is Software Development? It is a complex process to develop modern and professional software today. This document tries to give a brief overview of Software Development. This document tries to focus on a practical approach regarding Software Development. So why do we need System Engineering? Here are some key factors: • Understand Customer Requirements o What does the customer needs (because they may not know it!) o Transform Customer requirements into working software • Planning o How do we reach our goals? o Will we finish within deadline? o Resources o What can go wrong? • Implementation o What kind of platforms and architecture should be used? o Split your work into manageable pieces iii • Quality and Performance o Make sure the software fulfills the customers’ needs We will learn how to build good (i.e. high quality) software, which includes: • Requirements Specification • Technical Design • Good User Experience (UX) • Improved Code Quality and Implementation • Testing • System Documentation • User Documentation • etc. You will find additional resources on this web page: http://www.halvorsen.blog/documents/programming/software_engineering/ iv Information about the author: Hans-Petter Halvorsen The author currently works at the University of South-Eastern Norway.
    [Show full text]
  • Op E N So U R C E Yea R B O O K 2 0
    OPEN SOURCE YEARBOOK 2016 ..... ........ .... ... .. .... .. .. ... .. OPENSOURCE.COM Opensource.com publishes stories about creating, adopting, and sharing open source solutions. Visit Opensource.com to learn more about how the open source way is improving technologies, education, business, government, health, law, entertainment, humanitarian efforts, and more. Submit a story idea: https://opensource.com/story Email us: [email protected] Chat with us in Freenode IRC: #opensource.com . OPEN SOURCE YEARBOOK 2016 . OPENSOURCE.COM 3 ...... ........ .. .. .. ... .... AUTOGRAPHS . ... .. .... .. .. ... .. ........ ...... ........ .. .. .. ... .... AUTOGRAPHS . ... .. .... .. .. ... .. ........ OPENSOURCE.COM...... ........ .. .. .. ... .... ........ WRITE FOR US ..... .. .. .. ... .... 7 big reasons to contribute to Opensource.com: Career benefits: “I probably would not have gotten my most recent job if it had not been for my articles on 1 Opensource.com.” Raise awareness: “The platform and publicity that is available through Opensource.com is extremely 2 valuable.” Grow your network: “I met a lot of interesting people after that, boosted my blog stats immediately, and 3 even got some business offers!” Contribute back to open source communities: “Writing for Opensource.com has allowed me to give 4 back to a community of users and developers from whom I have truly benefited for many years.” Receive free, professional editing services: “The team helps me, through feedback, on improving my 5 writing skills.” We’re loveable: “I love the Opensource.com team. I have known some of them for years and they are 6 good people.” 7 Writing for us is easy: “I couldn't have been more pleased with my writing experience.” Email us to learn more or to share your feedback about writing for us: https://opensource.com/story Visit our Participate page to more about joining in the Opensource.com community: https://opensource.com/participate Find our editorial team, moderators, authors, and readers on Freenode IRC at #opensource.com: https://opensource.com/irc .
    [Show full text]
  • Working with the Linux Community
    Working with the Linux Community A Guest Lecture for CS 378 class at the University of Texas at Austin Khoa Huynh, Ph.D. IBM Linux Technology Center Austin, TX Linux Technology Center TopicsTopics Open source software development Open source licences Common risks Working with the Linux community General advices & tips Submitting your work to Linux kernel community Source code control Bug tracking Submitting your work to Linux distributors Linux debug tools Linux Technology Center OpenOpen SourceSource SoftwareSoftware (OSS)(OSS) Freely available software in source code format Often distributed via Internet or CD (e.g., Red Hat) Redistribution cannot be prohibited or royalty imposed Often developed in a collaborative community effort OSS community very sensitive about meaning & use of term "open source" For the current definition, see: http://www.opensource.org/osd/ Not "Public Domain" Copyright law gives author rights author determines appropriate uses of a work e.g. you can't reproduce or modify a work without author's permission author may grant permission via a license which can impose obligations Linux Technology Center OpenOpen SourceSource LicensesLicenses There are many open source licenses e.g. GPL, LGPL, CPL, IPL, BSD, Apache, etc. Some common features Governs use, modification and distribution of code Grant of rights (e.g. modification, redistribution, etc.) Obligations (e.g. attribution, redistribution, etc.) Different licenses have different objectives GPL = "General Public License" LGPL = "Lesser/Library Public License" CPL/IPL
    [Show full text]
  • Revlog and Mercurial
    Towards A Better SCM: Revlog and Mercurial Matt Mackall Selenic Consulting [email protected] Things To Consider When Building A New SCM Things To Consider When Building A New SCM ● Scalable Things To Consider When Building A New SCM ● Scalable ● Atomic Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized ● Convenient Branching Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized ● Convenient Branching ● Repeated Merge Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized ● Convenient Branching ● Repeated Merge ● Robust Storage Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized ● Convenient Branching ● Repeated Merge ● Robust Storage ● Easy to Use Things To Consider When Building A New SCM ● Scalable ● Atomic ● Decentralized ● Convenient Branching ● Repeated Merge ● Robust Storage ● Easy to Use ● Portable Early History Of Mercurial Early History Of Mercurial ● April 6, 2005: Bitmover announces end of gratis version of Bitkeeper Early History Of Mercurial ● April 6, 2005: Bitmover announces end of gratis version of Bitkeeper Linus mentions he's looking at alternatives Early History Of Mercurial ● April 6, 2005: Bitmover announces end of gratis version of Bitkeeper Linus mentions he's looking at alternatives I start working on Mercurial Early History Of Mercurial ● April 6, 2005: Bitmover announces end of gratis version of Bitkeeper Linus mentions he's looking
    [Show full text]
  • Making Sense of Git in a Legal Context 19
    Making Sense Of Git In A Legal Context 19 Making Sense Of Git In A Legal Context Armijn Hemel,a Shane Coughlan b (a) Owner, Tjaldur Software Governance Solutions; (b) OpenChain Project Director, Linux Foundation. DOI: 10.5033/ifosslr.v9i1.121 Abstract The Git revision control system does not enforce correctness of data but instead is reliant on correct inputs for correct outcomes. Git records potential authorship rather than copyright ownership and this means that an additional process layer is needed to ensure fidelity and accuracy of data. The core implication is that the “git blame” tool does not show potential authorship with enough granularity to allow users make clear decisions, and additional review is required to determine potential authors of code contained in any Git repository. Keywords Law; information technology; Free and Open Source Software; Git, Version Control A substantial amount of open source software development is conducted using the Git revision control system1 (hereafter “Git”). Git has had a substantial impact on the development landscape over the last 12 years, primarily through increasing the pace of development by moving from a centralized source code versioning system to a decentralized approach. This has many benefits from a technical standpoint, but it also has side effects that are may have adverse legal consequences. This article explores some of the legal issues that may arise from the use of Git, and raises a few questions to allow thoughtful consideration regarding future enforcement or legal disputes, when information obtained from Git may play a role. This is particularly important given that at least one license compliance dispute in Germany made use of Git logs as the mechanism for establishing proof of authorship.2 Ultimately the purpose of this article is to provide a thoughtful discussion of how systems like Git would work in a legal context, and how the information contained in Git repositories can shed light on – or create – legal questions.
    [Show full text]
  • Version Control Systems Stefan Otte Computer Systems and Telematics Institute of Computer Science Freie Universitat¨ Berlin, Germany [email protected]
    1 Version Control Systems Stefan Otte Computer Systems and Telematics Institute of Computer Science Freie Universitat¨ Berlin, Germany [email protected] Abstract—Classic centralized Version Control Systems II. BASIC CONCEPTS have proven that they can accelerate and simplify the This Section gives an overview of the centralized and software development process, but one must also consider the distributed approach. distributed systems in this analysis. What features can distributed Version Control Systems offer and why are It is important to keep in mind that not necessarily all they interesting? VCSs support the features described below, or they may This paper describes the general concepts of the cen- handle some details differently (see Section III). tralized and the distributed approaches, how Concurrent To emphasize the aspect that the software engineer is Versions System, Subversion and Git implement these using a VCS and to ease the reading of the paper the concepts. software engineer is called the user from now on. Even though, this paper describes VCSs in the context of software engineering, VCSs can be very useful in I. INTRODUCTION other areas of work too. They can not only handle source By developing programs, software engineers produce code and text files, they can also handle different file source code. They change and extend it, undo changes, types. and jump back to older versions. When several software engineers want to access the same file, concurrency A. Different Terms, Same Meaning becomes an issue. When reading about version control systems, terms Version Control Systems (VCSs) enable the acceler- like revision control systems (RCS), software configura- ation and simplification of the software development tion management, source code management (SCM) or process, and enable new workflows.
    [Show full text]