DOCSLIB.ORG

Why and How Javascript Developers Use Linters

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Why and How Javascript Developers Use Linters Why and How JavaScript Developers Use Linters Master’s Thesis Krist´ın Fjola´ Tomasd´ ottir´ Why and How JavaScript Developers Use Linters THESIS submitted in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE in COMPUTER SCIENCE by Krist´ın Fjola´ Tomasd´ ottir´ born in Reykjav´ık, Iceland Software Engineering Research Group Department of Software Technology Faculty EEMCS, Delft University of Technology Delft, the Netherlands www.ewi.tudelft.nl c 2017 Krist´ın Fjola´ Tomasd´ ottir.´ All rights reserved. Why and How JavaScript Developers Use Linters Author: Krist´ın Fjola´ Tomasd´ ottir´ Student id: 4518063 Email: [email protected] Abstract A linter is a type of static analysis tool that warns software developers about pos- sible errors in code or violations to coding standards. By using such a tool, errors can be surfaced early in the development process when they are cheaper to fix, and code can be kept more readable and maintainable. For such a tool to be successful, it is important for its creators to understand the needs and challenges of developers when using a linter. Furthermore, it needs to be made clear to developers why using such a tool can be beneficial, along with how linters can be configured to identify appropriate and relevant issues for their projects. In this thesis, we examine developers’ perceptions of linters to increase our knowl- edge on these tools for JavaScript, the most widely used programming language in the world today. More specifically, we study why and how developers use ESLint, the most popular JavaScript linter, along with the challenges that they face while using the tool. We collect data with three different methods where we first interview 15 experts on using linters, then analyze over 9,500 ESLint configuration files and finally survey more than 300 developers from the JavaScript community. The combined results from these analyses provide developers, tool makers and researchers with valuable knowl- edge and advice on using and developing a linter for JavaScript. Thesis Committee: Chair: Prof. Dr. A. van Deursen, Faculty EEMCS, TU Delft University supervisor: Dr. M. F. Aniche, Faculty EEMCS, TU Delft Committee Member: Prof. Dr. G. Gousios, Faculty EEMCS, TU Delft Prof. Dr. C. Hauff, Faculty EEMCS, TU Delft Preface This thesis is the product of my graduation project to obtain a master’s degree in Computer Science at Delft University of Technology. I would like to thank my supervisor Arie van Deursen for his invaluable advice over the past year. Many thanks go to the participants of this study, those who took part in the interviews and those who spent time to pilot test my survey, and in particular Joseph Hejderup for his valuable input. Special thanks go to my second supervisor, Maur´ıcio Aniche, for his endless help and enjoyable collaboration during this project. Not only did he always make time to answer all my questions and review my work, but also gave me moral support and continued to encourage me throughout my project. Lastly, I am lucky to have been able to spend the two years of my MSc studies in Delft, where I have gotten to meet many amazing people from all over the world. From both friends and colleagues I have learned countless lessons that have influenced my greatly as a person, for which I am ever thankful. Krist´ın Fjola´ Tomasd´ ottir´ Delft, the Netherlands August 28, 2017 iii Contents Preface iii Contents v List of Figures ix 1 Introduction 1 2 Background 5 2.1 JavaScript . 5 2.1.1 History of JavaScript . 5 2.1.2 JavaScript’s Ecosystem . 6 2.1.3 JavaScript’s Nature and Language Features . 7 2.2 JavaScript Linters . 8 2.2.1 Available Linters . 8 2.2.2 ESLint . 9 3 Related Work 17 3.1 Perceptions of Static Analysis Tools . 17 3.2 Configurations of Static Analysis Tools . 18 3.3 Effectiveness of Static Analysis Tools . 19 3.4 False Positives in Static Analysis Tools . 19 3.5 Static Analysis Tools Used in Industry . 20 3.6 Static and Dynamic Analysis for JavaScript . 21 4 Developers’ Perceptions of Linters 23 4.1 Research Questions . 23 4.2 Methodology . 24 4.2.1 Interview Design . 24 4.2.2 Interview Procedure . 25 4.2.3 Data Analysis . 25 v CONTENTS 4.2.4 Participants . 26 4.2.5 Limitations . 27 4.3 Results . 29 4.3.1 RQ1 Reasons for Using a Linter . 29 4.3.2 RQ2 Configuring Linters . 34 4.3.3 RQ3 Challenges of Using a Linter . 36 4.4 Discussion . 40 4.4.1 Reasons for Using a Linter . 40 4.4.2 Configuring Linters . 40 4.4.3 Challenges of Using a Linter . 42 4.5 Conclusion . 42 5 Exploring Linter Configurations in JavaScript Projects 43 5.1 Research Questions . 43 5.2 Methodology . 44 5.2.1 Dataset . 44 5.2.2 Collecting Configuration Files . 47 5.2.3 Parsing Configuration Files . 49 5.3 Results . 50 5.3.1 RQ4 Prevalence of Configurations . 50 5.3.2 RQ5 Common Configurations . 53 5.4 Discussion . 62 5.4.1 Prevalence of Configurations . 62 5.4.2 Common Configurations . 64 5.5 Conclusion . 66 6 The Experiences and Perceptions of the JavaScript Community 67 6.1 Research Questions . 67 6.2 Methodology . 68 6.2.1 Survey Design . 68 6.2.2 Survey Evaluation . 70 6.2.3 Sampling and Responses . 74 6.2.4 Data Analysis . 76 6.2.5 Limitations . 76 6.3 Results . 78 6.3.1 Participants . 78 6.3.2 RQ6 Why Developers Use Linters . 79 6.3.3 RQ7 Configuring Linters . 84 6.3.4 RQ8 Important ESLint Categories and Rules . 86 6.3.5 RQ9 Challenges of Using a Linter . 90 6.4 Discussion . 92 6.4.1 Participants . 92 6.4.2 Why Developers Use Linters . 92 6.4.3 Configuring Linters . 93 vi Contents 6.4.4 Important ESLint Categories and Rules . 93 6.4.5 Challenges of Using a Linter . 94 6.4.6 Limitations . 95 6.5 Conclusion . 96 7 Conclusion 97 7.1 Revisiting the Research Questions . 97 7.1.1 Developers’ Perceptions of Linters . 97 7.1.2 Exploring Linter Configurations in JavaScript projects . 98 7.1.3 The Experiences and Perceptions of the JavaScript Community . 99 7.2 Implications . 99 7.2.1 Developers . 100 7.2.2 Tool and Preset Makers . 101 7.2.3 Researchers . 103 7.3 Final Conclusion . 105 Bibliography 107 A Interview Questions 121 A.1 Participant Information . 121 A.2 Linter Usage . 121 B Data Collection Query 123 B.1 Query . 123 vii List of Figures 2.1 Number of npm downloads for ESLint, JSHint, JSLint, JSCS and Standard from January 2015 - May 2017 [162] . 9 6.1 The country of residence of participants . 79 6.2 The primary roles of participants in software development . 79 6.3 Participants’ experience in software development and with JavaScript. Axes show years of experience and percentage of participants with the corresponding answer. 80 6.4 The importance of using a linter in a JavaScript project. 82 6.5 The percentage of participants that had used one of the following linters: ES- Lint, JSHint, JSLint, TSLint, JSCS and Standard JS. 84 6.6 How participants use presets . 86 ix Chapter 1 Introduction An important part of software development is to maintain code by keeping it readable and defect free. A well known method to do so is using automatic static analysis tools (ASATs) which automatically examine code to look for defects or any issues related to best practices or code style. These tools aid in finding issues and refactoring opportunities early in the software development process, when they require less effort and are cheaper to fix [73, 105]. Due to their many benefits, ASATs have become commonly used in software development [69]. There is an abundance of available ASATs, both academic tools and tools used in in- dustry. These tools vary in functionality, use diverse approaches for static analysis and can work for different languages [139]. Some tools focus on coding styles, code smells or general maintainability issues, while some others try to identify faults in code, sometimes examining specific types of defects such as related to security or concurrency [169, 74]. One type of ASATs are linters, which often use a relatively simple analysis method to catch non-complex errors and violations to coding standards. In recent years, linters have become commonly used tools for dynamic languages such as JavaScript [69]. JavaScript has become a very popular programming language in the last years and in fact has been the most commonly used language on GitHub since 2013 [91]. It is known as the language of the web and has recently also become popular for server side development, serving as a general-purpose language. A notable characteristic of JavaScript is its dynamic nature. For example, it allows for generating new code during runtime exe- cution and for dynamic typing where variables do not need to be declared before they are used. Partly due to its dynamic features, JavaScript is considered to be an error-prone lan- guage [129]. For example, it can be easy to introduce unexpected program behavior with simple syntactic or spelling mistakes, which can go unnoticed for a long time [128, 133]. A linter can therefore be especially useful for JavaScript to detect these types of mistakes. Additionally, as JavaScript has become an extremely widespread language, it becomes even more important to have tool support that aids developers in keeping JavaScript code main- tainable, secure and correct. Several studies have focused on static analysis for JavaScript since ASATs have different kinds of requirements for dynamic languages than for static languages [126, 111, 86].
Load more

Recommended publications
  • Differential Fuzzing the Webassembly
    Master’s Programme in Security and Cloud Computing Differential Fuzzing the WebAssembly Master’s Thesis Gilang Mentari Hamidy MASTER’S THESIS Aalto University - EURECOM MASTER’STHESIS 2020 Differential Fuzzing the WebAssembly Fuzzing Différentiel le WebAssembly Gilang Mentari Hamidy This thesis is a public document and does not contain any confidential information. Cette thèse est un document public et ne contient aucun information confidentielle. Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Technology. Antibes, 27 July 2020 Supervisor: Prof. Davide Balzarotti, EURECOM Co-Supervisor: Prof. Jan-Erik Ekberg, Aalto University Copyright © 2020 Gilang Mentari Hamidy Aalto University - School of Science EURECOM Master’s Programme in Security and Cloud Computing Abstract Author Gilang Mentari Hamidy Title Differential Fuzzing the WebAssembly School School of Science Degree programme Master of Science Major Security and Cloud Computing (SECCLO) Code SCI3084 Supervisor Prof. Davide Balzarotti, EURECOM Prof. Jan-Erik Ekberg, Aalto University Level Master’s thesis Date 27 July 2020 Pages 133 Language English Abstract WebAssembly, colloquially known as Wasm, is a specification for an intermediate representation that is suitable for the web environment, particularly in the client-side. It provides a machine abstraction and hardware-agnostic instruction sets, where a high-level programming language can target the compilation to the Wasm instead of specific hardware architecture. The JavaScript engine implements the Wasm specification and recompiles the Wasm instruction to the target machine instruction where the program is executed. Technically, Wasm is similar to a popular virtual machine bytecode, such as Java Virtual Machine (JVM) or Microsoft Intermediate Language (MSIL).
    [Show full text]
  • Interaction Between Web Browsers and Script Engines
    IT 12 058 Examensarbete 45 hp November 2012 Interaction between web browsers and script engines Xiaoyu Zhuang Institutionen för informationsteknologi Department of Information Technology Abstract Interaction between web browser and the script engine Xiaoyu Zhuang Teknisk- naturvetenskaplig fakultet UTH-enheten Web browser plays an important part of internet experience and JavaScript is the most popular programming language as a client side script to build an active and Besöksadress: advance end user experience. The script engine which executes JavaScript needs to Ångströmlaboratoriet Lägerhyddsvägen 1 interact with web browser to get access to its DOM elements and other host objects. Hus 4, Plan 0 Browser from host side needs to initialize the script engine and dispatch script source code to the engine side. Postadress: This thesis studies the interaction between the script engine and its host browser. Box 536 751 21 Uppsala The shell where the engine address to make calls towards outside is called hosting layer. This report mainly discussed what operations could appear in this layer and Telefon: designed testing cases to validate if the browser is robust and reliable regarding 018 – 471 30 03 hosting operations. Telefax: 018 – 471 30 00 Hemsida: http://www.teknat.uu.se/student Handledare: Elena Boris Ämnesgranskare: Justin Pearson Examinator: Lisa Kaati IT 12 058 Tryckt av: Reprocentralen ITC Contents 1. Introduction................................................................................................................................
    [Show full text]
  • Machine Learning in the Browser
    Machine Learning in the Browser The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:38811507 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA Machine Learning in the Browser a thesis presented by Tomas Reimers to The Department of Computer Science in partial fulfillment of the requirements for the degree of Bachelor of Arts in the subject of Computer Science Harvard University Cambridge, Massachusetts March 2017 Contents 1 Introduction 3 1.1 Background . .3 1.2 Motivation . .4 1.2.1 Privacy . .4 1.2.2 Unavailable Server . .4 1.2.3 Simple, Self-Contained Demos . .5 1.3 Challenges . .5 1.3.1 Performance . .5 1.3.2 Poor Generality . .7 1.3.3 Manual Implementation in JavaScript . .7 2 The TensorFlow Architecture 7 2.1 TensorFlow's API . .7 2.2 TensorFlow's Implementation . .9 2.3 Portability . .9 3 Compiling TensorFlow into JavaScript 10 3.1 Motivation to Compile . 10 3.2 Background on Emscripten . 10 3.2.1 Build Process . 12 3.2.2 Dependencies . 12 3.2.3 Bitness Assumptions . 13 3.2.4 Concurrency Model . 13 3.3 Experiences . 14 4 Results 15 4.1 Benchmarks . 15 4.2 Library Size . 16 4.3 WebAssembly . 17 5 Developer Experience 17 5.1 Universal Graph Runner .
    [Show full text]
  • Rekstrarhandbók
    Vorönn 2017 T-404-LOKA, Lokaverkefni Rekstrarhandbók Ingþór Birkir Árnason Jan Hinrik Hansen Logi Guðmann Þorgrímur Jónasarson Kennari: Hallgrímur Arnalds Leiðbeinandi: Sigurjón Ingi Garðarsson Prófdómari: Símon Óttar Vésteinsson 12. maí 2017 Efnisyfirlit 1 Framendi 3 1.1 Dependencies 3 1.2 Uppsetning 3 1.3 Keyrsla 3 1.4 ESLint 4 1.5 Stílar 5 1.5.1 BEM - Block Element Modifier 5 1.5.2 StyleLint 5 1.5.3 Gulp task 5 2 Bakendi 6 2.1 Dependencies 6 2.2 Uppsetning 6 2.3 Handhægar upplýsingar 8 2.3.1 Admin aðgangur 8 2.3.2 Postman 8 2.4 PHPUnit 8 2.5 Documentation 9 3 Forritunarreglur 9 3.1 Almennar reglur 9 3.2 VueJS 9 3.3 CSS 10 3.4 PHP - Laravel 11 2 1 Framendi Framendinn er skrifaður í Vue.js með vue-webpack-boilerplate (https://github.com/vuejs-templates/webpack) sem grunn. ​ ​ 1.1 Dependencies Til þess að geta keyrt framendann er nauðsynlegt að hafa node og node package manager (npm). Hægt er að sækja node.js ásamt npm á Node.js heimasíðunni (https://nodejs.org/en/). ​ ​ 1.2 Uppsetning 1.) Sækja git repository-ið. git clone https://github.com/toggi737/Lokaverkefni_vue.git 2.) Setja upp nauðsynleg dependencies í gegnum npm. npm install 3.) Búa til dev.env.js skrá sem að inniheldur stillingar fyrir þína vél. Nauðsynlegt er að búa til dev.env.js skrá undir config möppunni sem að inniheldur upplýsingar um þann API sem að þú vilt nota. Það er hægt að gera með því að keyra cp dev.env.js.example dev.env.js í config möppunni.
    [Show full text]
  • Javascript API Deprecation in the Wild: a First Assessment
    JavaScript API Deprecation in the Wild: A First Assessment Romulo Nascimento, Aline Brito, Andre Hora, Eduardo Figueiredo Department of Computer Science Federal University of Minas Gerais, Brazil romulonascimento, alinebrito, andrehora,figueiredo @dcc.ufmg.br { } Abstract—Building an application using third-party libraries of our knowledge, there are no detailed studies regarding API is a common practice in software development. As any other deprecation in the JavaScript ecosystem. software system, code libraries and their APIs evolve over JavaScript has become extremely popular over the last years. time. In order to help version migration and ensure backward According to the Stack Overflow 2019 Developer Survey1, compatibility, a recommended practice during development is to deprecate API. Although studies have been conducted to JavaScript is the most popular programming language in this investigate deprecation in some programming languages, such as platform for the seventh consecutive year. GitHub also reports Java and C#, there are no detailed studies on API deprecation that JavaScript is the most popular language in terms of unique in the JavaScript ecosystem. This paper provides an initial contributors to both public and private repositories2. The npm assessment of API deprecation in JavaScript by analyzing 50 platform, the largest JavaScript package manager, states on popular software projects. Initial results suggest that the use of 3 deprecation mechanisms in JavaScript packages is low. However, their latest survey that 99% of JavaScript developers rely on wefindfive different ways that developers use to deprecate API npm to ease the management of their project dependencies. in the studied projects. Among these solutions, deprecation utility This survey also points out the massive growth in npm usage (i.e., any sort of function specially written to aid deprecation) and that started about 5 years ago.
    [Show full text]
  • Learning React Functional Web Development with React and Redux
    Learning React Functional Web Development with React and Redux Alex Banks and Eve Porcello Beijing Boston Farnham Sebastopol Tokyo Learning React by Alex Banks and Eve Porcello Copyright © 2017 Alex Banks and Eve Porcello. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com/safari). For more information, contact our corporate/insti‐ tutional sales department: 800-998-9938 or [email protected]. Editor: Allyson MacDonald Indexer: WordCo Indexing Services Production Editor: Melanie Yarbrough Interior Designer: David Futato Copyeditor: Colleen Toporek Cover Designer: Karen Montgomery Proofreader: Rachel Head Illustrator: Rebecca Demarest May 2017: First Edition Revision History for the First Edition 2017-04-26: First Release See http://oreilly.com/catalog/errata.csp?isbn=9781491954621 for release details. The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Learning React, the cover image, and related trade dress are trademarks of O’Reilly Media, Inc. While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
    [Show full text]
  • React.Pdf Email: [email protected] Twitter: @Mark Volkmann Github: Mvolkmann Website
    Say “No” to Complexity! Mark Volkmann, Object Computing, Inc. http://ociweb.com/mark/MidwestJS/react.pdf Email: [email protected] Twitter: @mark_volkmann https://github.com/mvolkmann/react-examples GitHub: mvolkmann Website: http://ociweb.com/mark Copyright © 2015-2016 by Object Computing, Inc. (OCI) All rights reserved Intro. Meaning behind the talk title - 2 kinds of complexity other frameworks state management approaches: thunks, sagas, epics, effects, GraphQL, Relay, Falcor, ... Why are the slides so dense? Copyright © 2015-2016 by Object Computing, Inc. (OCI) React All rights reserved 2 What is OCI? Software development (on-site and off-site), consulting, and training Home of Grails, “An Open Source high-productivity framework for building fast and scalable web applications” Open Source Transformation Services helping clients move from commercial to open source software Industrial Internet of Things (IIoT) DevOps Copyright © 2015-2016 by Object Computing, Inc. (OCI) React All rights reserved 3 Overview ... Web app library from Facebook As of 8/6/16, React was reportedly used by Airbnb, Angie’s List, http://facebook.github.io/react/ Atlasssian, BBC, Capitol One, Clash of Focuses on view portion Clans, Codecademy, Coursera, Docker, Dropbox, Expedia, Facebook, Feedly, not full stack like other frameworks such as AngularJS and EmberJS Flipboard, HipChat, IMDb, Instagram, Intuit, Khan Academy, Lyft, New York use other libraries for non-view functionality Times, NFL, NHL, Netflix, Paypal, some are listed later Periscope, Reddit, Salesforce, Squarespace, Tesla Motors, Twitter, “One-way reactive data flow” Uber, Visa, WhatsApp, Wired, Wolfrum UI reacts to “state” changes Alpha, Wordpress, Yahoo, Zendesk, and many more. not two-way data binding like in AngularJS 1 Source: https://github.com/facebook/ what triggered a digest cycle? react/wiki/Sites-Using-React should I manually trigger it? easier to follow flow of data events -> state changes -> component rendering Copyright © 2015-2016 by Object Computing, Inc.
    [Show full text]
  • Introducing 2D Game Engine Development with Javascript
    CHAPTER 1 Introducing 2D Game Engine Development with JavaScript Video games are complex, interactive, multimedia software systems. These systems must, in real time, process player input, simulate the interactions of semi-autonomous objects, and generate high-fidelity graphics and audio outputs, all while trying to engage the players. Attempts at building video games can quickly be overwhelmed by the need to be well versed in software development as well as in how to create appealing player experiences. The first challenge can be alleviated with a software library, or game engine, that contains a coherent collection of utilities and objects designed specifically for developing video games. The player engagement goal is typically achieved through careful gameplay design and fine-tuning throughout the video game development process. This book is about the design and development of a game engine; it will focus on implementing and hiding the mundane operations and supporting complex simulations. Through the projects in this book, you will build a practical game engine for developing video games that are accessible across the Internet. A game engine relieves the game developers from simple routine tasks such as decoding specific key presses on the keyboard, designing complex algorithms for common operations such as mimicking shadows in a 2D world, and understanding nuances in implementations such as enforcing accuracy tolerance of a physics simulation. Commercial and well-established game engines such as Unity, Unreal Engine, and Panda3D present their systems through a graphical user interface (GUI). Not only does the friendly GUI simplify some of the tedious processes of game design such as creating and placing objects in a level, but more importantly, it ensures that these game engines are accessible to creative designers with diverse backgrounds who may find software development specifics distracting.
    [Show full text]
  • Teaching Introductory Programming with Javascript in Higher Education
    Proceedings of the 9th International Conference on Applied Informatics Eger, Hungary, January 29–February 1, 2014. Vol. 1. pp. 339–350 doi: 10.14794/ICAI.9.2014.1.339 Teaching introductory programming with JavaScript in higher education Győző Horváth, László Menyhárt Department of Media & Educational Informatics, Eötvös Loránd University, Budapest, Hungary [email protected] [email protected] Abstract As the Internet penetration rate continuously increases and web browsers show a substantial development, the web becomes a more general and ubiq- uitous application runtime platform, where the programming language on the client side exclusively is JavaScript. This is the reason why recently JavaScript is more often considered as the lingua franca of the web, or, from a different point of view, the universal virtual machine of the web. In ad- dition, the JavaScript programming language appears in many other areas of informatics due to the wider usage of the HTML-based technology, and the embedded nature of the language. Consequently, in these days it is quite difficult to program without getting in touch with JavaScript in some way. In this article we are looking for answers to how the JavaScript language is suitable for being an introductory language in the programming related subjects of the higher education. First we revisit the different technologies that lead to and ensure the popularity of JavaScript. Following, current approaches using JavaScript as an introductory language are overviewed and analyzed. Next, a curriculum of an introductory programming course at the Eötvös Loránd University is presented, and a detailed investigation is given about how the JavaScript language would fit in the expectations and requirements of this programming course.
    [Show full text]
  • Create Mobile Apps with HTML5, Javascript and Visual Studio
    Create mobile apps with HTML5, JavaScript and Visual Studio DevExtreme Mobile is a single page application (SPA) framework for your next Windows Phone, iOS and Android application, ready for online publication or packaged as a store-ready native app using Apache Cordova (PhoneGap). With DevExtreme, you can target today’s most popular mobile devices with a single codebase and create interactive solutions that will amaze. Get started today… ・ Leverage your existing Visual Studio expertise. ・ Build a real app, not just a web page. ・ Deliver a native UI and experience on all supported devices. ・ Use over 30 built-in touch optimized widgets. Learn more and download your free trial devexpress.com/mobile All trademarks or registered trademarks are property of their respective owners. Untitled-4 1 10/2/13 11:58 AM APPLICATIONS & DEVELOPMENT SPECIAL GOVERNMENT ISSUE INSIDE Choose a Cloud Network for Government-Compliant magazine Applications Geo-Visualization of SPECIAL GOVERNMENT ISSUE & DEVELOPMENT SPECIAL GOVERNMENT ISSUE APPLICATIONS Government Data Sources Harness Open Data with CKAN, OData and Windows Azure Engage Communities with Open311 THE DIGITAL GOVERNMENT ISSUE Inside the tools, technologies and APIs that are changing the way government interacts with citizens. PLUS SPECIAL GOVERNMENT ISSUE APPLICATIONS & DEVELOPMENT SPECIAL GOVERNMENT ISSUE & DEVELOPMENT SPECIAL GOVERNMENT ISSUE APPLICATIONS Enhance Services with Windows Phone 8 Wallet and NFC Leverage Web Assets as Data Sources for Apps APPLICATIONS & DEVELOPMENT SPECIAL GOVERNMENT ISSUE ISSUE GOVERNMENT SPECIAL DEVELOPMENT & APPLICATIONS Untitled-1 1 10/4/13 11:40 AM CONTENTS OCTOBER 2013/SPECIAL GOVERNMENT ISSUE OCTOBER 2013/SPECIAL GOVERNMENT ISSUE magazine FEATURES MOHAMMAD AL-SABT Editorial Director/[email protected] Geo-Visualization of Government KENT SHARKEY Site Manager Data Sources MICHAEL DESMOND Editor in Chief/[email protected] Malcolm Hyson ..........................................
    [Show full text]
  • Extracting Taint Specifications for Javascript Libraries
    Extracting Taint Specifications for JavaScript Libraries Cristian-Alexandru Staicu Martin Toldam Torp Max Schäfer TU Darmstadt Aarhus University GitHub [email protected] [email protected] [email protected] Anders Møller Michael Pradel Aarhus University University of Stuttgart [email protected] [email protected] ABSTRACT ACM Reference Format: Modern JavaScript applications extensively depend on third-party Cristian-Alexandru Staicu, Martin Toldam Torp, Max Schäfer, Anders Møller, and Michael Pradel. 2020. Extracting Taint Specifications for JavaScript libraries. Especially for the Node.js platform, vulnerabilities can Libraries. In 42nd International Conference on Software Engineering (ICSE have severe consequences to the security of applications, resulting ’20), May 23–29, 2020, Seoul, Republic of Korea. ACM, New York, NY, USA, in, e.g., cross-site scripting and command injection attacks. Existing 12 pages. https://doi.org/10.1145/3377811.3380390 static analysis tools that have been developed to automatically detect such issues are either too coarse-grained, looking only at 1 INTRODUCTION package dependency structure while ignoring dataflow, or rely on JavaScript is powering a wide variety of web applications, both manually written taint specifications for the most popular libraries client-side and server-side. Many of these applications are security- to ensure analysis scalability. critical, such as PayPal, Netflix, or Uber, which handle massive In this work, we propose a technique for automatically extract- amounts of privacy-sensitive user data and other assets. An impor- ing taint specifications for JavaScript libraries, based on a dynamic tant characteristic of modern JavaScript-based applications is the analysis that leverages the existing test suites of the libraries and extensive use of third-party libraries.
    [Show full text]
  • Provided by Heriot Watt University
    LEAPS S4 Conference: Engineering Courses Suzanne Ewing Widening Participation Officer Contact details: [email protected] Engineering Degree courses BEng/ MEng (Hons) Architectural Engineering BEng/ MEng (Hons) Chemical Engineering BEng/ Meng (Hons) Civil Engineering BEng/MEng (Hons) Electrical and Electronic Engineering BEng Engineering BEng/MEng (Hons) Mechanical Engineering BEng/ MEng Structural Engineering MEng Software Engineering Other Universities delivering similar courses are: Abertay University, University of Dundee, University of Edinburgh, University of Strathclyde. Please check each university’s own website for details. Entry requirements BEng Engineering (1yr only) Standard: AABB minimum: BBBC HNC: A Essential Subjects: Maths and a Science BEng/ MEng (Hons) Architectural Engineering Standard: ABBB Minimum: BBBC HNC: B Essential Subjects: Maths or Engineering Subject BEng/ MEng (Hons) Chemical & Mechanical Engineering Standard: AAAB Minimum: BBBC HNC: A Essential Subjects: Maths & Chemistry/ maths and Physics/ Engineering Science BEng/ Meng (Hons) Civil & Structural Engineering BBBC Standard: AABB Minimum: BBBC HNC: B Essential Subjects: Maths or Engineering Subject BEng/MEng (Hons) Electrical and Electronic Engineering Standard: BBBBC/ AABB Minimum: BBBC HNC: A Essential Subjects: Maths & 1 from Physics, Eng Science, Tech Studies BEng Software Engineering Standard: AAAB Minimum: BBBC HNC:B Essential Subject: Maths Career prospects It is the design, specification and management of the materials used •Design Engineer
    [Show full text]