Technologies We Use IT Project Management
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Using Findbugs in Anger
Making Static Analysis Part Of Your Build Process William Pugh Professor, Univ. of Maryland Visiting Scientist, Google Learn how to effectively use FindBugs on large software projects (100,000+ lines of code), and make effective use of the limited time you can schedule/afford for static analysis 2 Agenda FindBugs and static analysis Using FindBugs effectively Running FindBugs Scaling up FindBugs Historical Bug results 3 Static Analysis Analyzes your program without executing it Doesn’t depend on having good test cases • or even any test cases Doesn’t know what your software is supposed to do • Looks for violations of reasonable programming practices • Shouldn’t throw NPE • All statements should be reachable • Shouldn’t allow SQL injection Not a replacement for testing • Very good at finding problems on untested paths • But many defects can’t be found with static analysis 4 Common (Incorrect) Wisdom about Bugs and Static Analysis Programmers are smart Smart people don’t make dumb mistakes We have good techniques (e.g., unit testing, pair programming, code inspections) for finding bugs early I tried lint and it sucked: lots of warnings, few real issues So, bugs remaining in production code must be subtle, and finding them must require sophisticated static analysis techniques 5 Can You Find The Bug? if (listeners == null) listeners.remove(listener); JDK1.6.0, b105, sun.awt.x11.XMSelection • lines 243-244 6 Why Do Bugs Occur? Nobody is perfect Common types of errors: • Misunderstood language features, API methods • Typos (using wrong boolean -
Towards Our Development Environment
Euclid Consortium Towards our development environment 2012, Dec. 4th SDC meeting 1 Euclid External constraints Consortium ● CODEEN (Redmine and http://apceucliddev.in2p3.fr/jenkins/) ● Common tools – Python / C++ – Jira – Eclipse – Sonar – Subversion – Doxygen – Xunit – Goolge talk – Maven – Redmine – Nexus – Adobe Connect – Jenkins 2012, Dec. 4th SDC meeting 2 Euclid Language and architecture Consortium ● Language: Python (C, C++) ● Central svn repository (http://euclid.esac.esa.int/svn/EC/SGS/) ● IDE: Eclipse + PyDev ● Software architecture and packaging – Model the testbed, data trains and taker Gaia concepts – Separate the data handling and algorithmic programming – Data model, Framework, Algo (projects? Modules?) ● Study flexible solutions for – local development, testing and survey data analysis – integration into the IAL – distributing the software? 2012, Dec. 4th SDC meeting 3 Euclid Data model and data handling Consortium ● Data model: first version as XML schema on SVN – PyXB for automatic Python code generation ● Framework with data handling, loading data from – ASCII files : SciPy (loadtxt) – Database : SQLAlchemy ORM – FITS files : PyFits ● Panda : large table ● Pickle : object serialization 2012, Dec. 4th SDC meeting 4 Euclid Dependencies and building managementConsortium ● Nexus, Ivy and Ant used in Gaia ● Maven - Nexus is proposed, is it too Java oriented? – Difference between Ant and Maven? ● How can we used the Python “setup” files ● Hubert proposals – http://zero-install.sourceforge.net/ – http://www.cmake.org/ ● Solution for – local software development and usage – distribution 2012, Dec. 4th SDC meeting 5 Euclid Configuration, testing and doc Consortium ● Solution for handling configuration – model the Gaia XML based solution? (Java “properties” thread unsafe) – Python solution? Init? ● Testing set up and conventions – xUnit and PyUnit? ● Javadoc as an example (look up in Eclipse, automatic doc generation) – Doxygen 2012, Dec. -
Evaluating the Flexibility of the Java Sandbox
Evaluating the Flexibility of the Java Sandbox Zack Coker, Michael Maass, Tianyuan Ding, Claire Le Goues, and Joshua Sunshine Carnegie Mellon University {zfc,mmaass}@cs.cmu.edu, [email protected], {clegoues,sunshine}@cs.cmu.edu ABSTRACT should protect both the host application and machine from The ubiquitously-installed Java Runtime Environment (JRE) malicious behavior. In practice, these security mechanisms provides a complex, flexible set of mechanisms that support are problematically buggy such that Java malware is often the execution of untrusted code inside a secure sandbox. able to alter the sandbox's settings [4] to override security However, many recent exploits have successfully escaped the mechanisms. Such exploits take advantage of defects in either sandbox, allowing attackers to infect numerous Java hosts. the JRE itself or the application's sandbox configuration to We hypothesize that the Java security model affords devel- disable the security manager, the component of the sandbox opers more flexibility than they need or use in practice, and responsible for enforcing the security policy [5, 6, 7, 8]. thus its complexity compromises security without improving In this paper, we investigate this disconnect between theory practical functionality. We describe an empirical study of the and practice. We hypothesize that it results primarily from ways benign open-source Java applications use and interact unnecessary complexity and flexibility in the design and with the Java security manager. We found that developers engineering of Java's security mechanisms. For example, regularly misunderstand or misuse Java security mechanisms, applications are allowed to change the security manager at that benign programs do not use all of the vast flexibility runtime, whereas static-only configuration of the manager afforded by the Java security model, and that there are clear would be more secure. -
Open Source Katalog 2009 – Seite 1
Optaros Open Source Katalog 2009 – Seite 1 OPEN SOURCE KATALOG 2009 350 Produkte/Projekte für den Unternehmenseinsatz OPTAROS WHITE PAPER Applikationsentwicklung Assembly Portal BI Komponenten Frameworks Rules Engine SOA Web Services Programmiersprachen ECM Entwicklungs- und Testumgebungen Open Source VoIP CRM Frameworks eCommerce BI Infrastrukturlösungen Programmiersprachen ETL Integration Office-Anwendungen Geschäftsanwendungen ERP Sicherheit CMS Knowledge Management DMS ESB © Copyright 2008. Optaros Open Source Katalog 2009 - Seite 2 Optaros Referenz-Projekte als Beispiele für Open Source-Einsatz im Unternehmen Kunde Projektbeschreibung Technologien Intranet-Plattform zur Automatisierung der •JBossAS Geschäftsprozesse rund um „Information Systems •JBossSeam Compliance“ •jQuery Integrationsplattform und –architektur NesOA als • Mule Enterprise Bindeglied zwischen Vertriebs-/Service-Kanälen und Service Bus den Waren- und Logistiksystemen •JBossMiddleware stack •JBossMessaging CRM-Anwendung mit Fokus auf Sales-Force- •SugarCRM Automation Online-Community für die Entwickler rund um die •AlfrescoECM Endeca-Search-Software; breit angelegtes •Liferay Enterprise Portal mit Selbstbedienungs-, •Wordpress Kommunikations- und Diskussions-Funktionalitäten Swisscom Labs: Online-Plattform für die •AlfrescoWCMS Bereitstellung von zukünftigen Produkten (Beta), •Spring, JSF zwecks Markt- und Early-Adopter-Feedback •Nagios eGovernment-Plattform zur Speicherung und •AlfrescoECM Zurverfügungstellung von Verwaltungs- • Spring, Hibernate Dokumenten; integriert -
Silk Test 17.5
Silk Test 17.5 Silk4J User Guide Micro Focus The Lawn 22-30 Old Bath Road Newbury, Berkshire RG14 1QN UK http://www.microfocus.com Copyright © Micro Focus 2016. All rights reserved. MICRO FOCUS, the Micro Focus logo and Silk Test are trademarks or registered trademarks of Micro Focus IP Development Limited or its subsidiaries or affiliated companies in the United States, United Kingdom and other countries. All other marks are the property of their respective owners. 2016-11-03 ii Contents Welcome to Silk4J 17.5 ......................................................................................9 Licensing Information ......................................................................................10 Silk4J ................................................................................................................ 11 Do I Need Administrator Privileges to Run Silk4J? ........................................................... 11 Best Practices for Using Silk4J ........................................................................................ 11 Automation Under Special Conditions (Missing Peripherals) ............................................12 Silk Test Product Suite ...................................................................................................... 13 What's New in Silk4J ........................................................................................15 Mobile Device Live View ................................................................................................... 15 Testing Hybrid -
Beginning Jboss Seam
Beginning JBoss® Seam From Novice to Professional Joseph Faisal Nusairat Beginning JBoss® Seam: From Novice to Professional Copyright © 2007 by Joseph Faisal Nusairat All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. ISBN-13 (pbk): 978-1-59059-792-7 ISBN-10 (pbk): 1-59059-792-3 Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1 Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. Java™ and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc., in the U.S. and other countries. Apress, Inc., is not affiliated with Sun Microsystems, Inc., and this book was written without endorsement from Sun Microsystems, Inc. JBoss® is a registered trademark of Red Hat, Inc., in the U.S. and other countries. Apress, Inc., is not affili- ated with Red Hat, Inc., and this book was written without endorsement from Red Hat, Inc. Lead Editor: Steve Anglin Technical Reviewer: Floyd Carver Editorial Board: Steve Anglin, Ewan Buckingham, Gary Cornell, Jason Gilmore, Jonathan Gennick, Jonathan Hassell, James Huddleston, Chris Mills, Matthew Moodie, Dominic Shakeshaft, Jim Sumser, Keir Thomas, Matt Wade Project Manager: Denise Santoro Lincoln Copy Edit Manager: Nicole Flores Copy Editor: Sharon Wilkey Assistant Production Director: Kari Brooks-Copony Production Editor: Lori Bring Compositor: Patrick Cunningham Proofreader: Dan Shaw Indexer: John Collin Artist: April Milne Cover Designer: Kurt Krames Manufacturing Director: Tom Debolski Distributed to the book trade worldwide by Springer-Verlag New York, Inc., 233 Spring Street, 6th Floor, New York, NY 10013. -
Eclipsereview 200612.Pdf
A BZ Media Publication Volume 1 I Number 4 Fall 2006 www.eclipsereview.com SOAP? XML? WSDL? Java? Eclipse!! IMPROVING CODE WITH STATIC ANALYSIS Web 2.0! AJAX Meets JavaServer Faces 2727 MMusustt-Have-Have EclipseEclipse Plug-InsPlug-Ins Legacy Modernization with... NXTware™ ESB ...another Eclipse plug-in you can’t live without. Implementing XML and Service Oriented Architecture doesn’t mean starting from scratch. Why not integrate and modernize application functions as you need them in Eclipse? NXTware ESB provides just-in-time modernization from within an Eclipse development environment. Lower costs and reduce risk by creating SOA interfaces for the business functions you need, when you need them, with NXTware ESB for Eclipse. eCube Systems Learn more about Enterprise Evolution and Enabling Enterprise Evolution NXTware SOA for Eclipse. Call (866) 493-4224 Copyright eCube Systems LLC or visit www.ecubesystems.com. San Mateo - Boston - Houston Legacy Modernization with... NXTware™ ESB ...another Eclipse plug-in you can’t live without. Implementing XML and Service Oriented Architecture doesn’t mean starting from scratch. Why not integrate and modernize application functions as you need them in Eclipse? NXTware ESB provides just-in-time modernization from within an Eclipse development environment. Lower costs and reduce risk by creating SOA interfaces for the business functions you need, when you need them, with NXTware ESB for Eclipse. eCube Systems Learn more about Enterprise Evolution and Enabling Enterprise Evolution NXTware SOA for Eclipse. Call (866) 493-4224 Copyright eCube Systems LLC or visit www.ecubesystems.com. San Mateo - Boston - Houston DGB[LQGG $0 Vol. 1 I No. -
Evaluating Presentation Layer Development Frameworks for EJB Applications in J2EE Architecture
International Conference on Computer Science and Information Technology (ICCSIT'2011) Pattaya Dec. 2011 Evaluating Presentation Layer Development Frameworks for EJB Applications in J2EE Architecture Ohm Samkoses, Dipl. -Inform. Matthias Vianden, Prof. Dr. rer. nat. Horst Lichter gathering and analysis, multiple rounds of frameworks Abstract—For medium to large organizations, information selection with different criteria, prototype implementations, systems play an important role for information storage and retrieval. and results evaluation. The chosen frameworks for prototype They are used to support business processes such as decision-making. development should fulfill most of the requirement and the In information systems, huge amountof data needs to be manipulated prototypes implementation should reflect the solution for each and visualized. One way to handle this complexity is to use Enterprise JavaBeans (EJB) [1] in a J2EE architecture. Since EJB has requirement clearly, and must be able to work with the not been designed to work in the Presentation Layer, suitable existing system's environment: the back-end is managed by Presentation Layer Development frameworks are introduced to EJB 3.0, and IBM Websphere Application Server 7.0. enhanced thepresentation layer of the information systems. The MeDIC (Metric Definition Integration Calculation) system and XAM II. TASKS / STEPS (eXam Assignment and Management) system [2] are typical representatives of such information system. A. First frameworks selection Nowadays, many frameworks, such as Java Server Faces (JSF), First step was to narrow-down the scope of the focused Wicket, and Tapestry, exist to cover the Presentation Layer. They framework based mainly on framework popularity. Other provide a variety of features and architecture enhancements. -
Micro Focus Fortify Static Code Analyzer User Guide, Which Are No Longer Published As of This Release
Micro Focus Fortify Static Code Analyzer Software Version: 20.2.0 User Guide Document Release Date: Revision 1: December 2020 Software Release Date: November 2020 User Guide Legal Notices Micro Focus The Lawn 22-30 Old Bath Road Newbury, Berkshire RG14 1QN UK https://www.microfocus.com Warranty The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. Restricted Rights Legend Confidential computer software. Except as specifically indicated otherwise, a valid license from Micro Focus is required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Copyright Notice © Copyright 2003 - 2020 Micro Focus or one of its affiliates Trademark Notices All trademarks, service marks, product names, and logos included in this document are the property of their respective owners. Documentation Updates The title page of this document contains the following identifying information: l Software Version number l Document Release Date, which changes each time the document is updated -