Skip to main content

Home/ SoftwareEngineering/ Group items tagged review

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Mirror/deltaspike at master · DeltaSpike/Mirror · GitHub - 0 views

github.com/...deltaspike

ApacheDeltaSpike github CDI CdiExtensions ReleaseNotes

shared by kuni katsuya on 16 Sep 12 - No Cached
  • CDI Extensions Project
  • best mature features of
  • JBoss Seam3
  • ...27 more annotations...
  • Apache MyFaces CODI
  • other CDI Extensions projects.
  • container agnostic
  • different containers get activated via
  • Maven Profiles
  • CDI container integration via
  • Arquillian
  • Building Apache DeltaSpike
  • DeltaSpike-0.3
  • Release Notes
  • [DELTASPIKE-62] - Discuss security module
  • [DELTASPIKE-74] - unit and integration tests for @Secured
  •  [DELTASPIKE-75] - documentation for @Secured
  • [DELTASPIKE-78] - review and discuss Authentication API
  •  [DELTASPIKE-77] - review and discuss Identity API
  • [DELTASPIKE-79] - review and discuss Authorization API
  • [DELTASPIKE-81] - review and discuss Identity Management
  • [DELTASPIKE-82] - review and discuss external authentication
  • [DELTASPIKE-176] - unit and integration tests for @Transactional
  • [DELTASPIKE-177] - documentation for @Transactional
  •  [DELTASPIKE-179] - unit and integration tests for @TransactionScoped
  • [DELTASPIKE-175] - @Transactional for EntityTransaction
  •  [DELTASPIKE-178] - @TransactionScoped
  •  [DELTASPIKE-190] - Create ConfigurableDataSource
  • [DELTASPIKE-219] - @Transactional for JTA UserTransaction
  • [DELTASPIKE-230] - Fallback stragtegy for resource bundles and locales
  •   [DELTASPIKE-223] - Add convention for @MessageResource annotated types.
kuni katsuya

Guide to SQL Injection - OWASP - 0 views

www.owasp.org/...Guide_to_SQL_Injection

security SqlInjection background overview

shared by kuni katsuya on 21 Sep 12 - No Cached
  • Least privilege connections
  • Always use accounts with the
  • minimum privilege necessary
    • kuni katsuya
      kuni katsuya on 21 Sep 12
       
      yet another reason why shared db logins (eg. etl_update) are a *BAD IDEA* ie. a set of apps using the same db login are effectively granted the 'highest common denominator' of db privileges, so have more access than they should (eg. update/delete privilege on tables unrelated to app)
  • ...9 more annotations...
  • for the application
  • Parameterized Queries with Bound Parameters
  • keep the
  • query
  • d data
  • separate through the use of placeholders known as "bound" parameters
  • how to Review Code for SQL Injection Vulnerabilities.
  • Guide to SQL Injection
  • "injection" of a SQL query via the input data from the client to the application
  • kuni katsuya on 21 Sep 12
     
    "Least privilege connections"
kuni katsuya

Preemptive commit comments | Arialdo Martini - 0 views

arialdomartini.wordpress.com/...pre-emptive-commit-comments

BDD BehaviorDrivenDevelopment CommitComment BestPractices SoftwareEngineering

shared by kuni katsuya on 15 Mar 13 - No Cached
  • Tell me what the software does
    • kuni katsuya
      kuni katsuya on 15 Mar 13
       
      tell me how the software should *behave*, not how the behavior was *implemented* ie. describe the changes in this commit from the behavioral perspective rather than implementation details
  • What is the project behavior, in this snapshot?
  • What did the programmers, in order to produce this snapshot?
  • ...43 more annotations...
  • committing comments describing the
  • behavior of the software,
  • rather than the
  • implementation or a description of what we did
  • commits’ comments started to look like BDD’s methods name: a description of a behavior.
  • principles
  • Talk about the feature, not about yourself
  • Don’t refer to the past
  • I know it’s now
  • list of benefits
  • More focus while developing
  • Commit review is much easier
  • Less cognitive load
  • You learn commenting much more precisely
  • commit comment becomes a
  • declaration of intent
  • like a BDD method name
  • No more “Just a fix“, “Improvements” or “I made this, this, this and also this” comments.
    • kuni katsuya
      kuni katsuya on 15 Mar 13
       
      BDD/TDD or any methodology aside, these are the worst commit comments as they are as useless as empty commit comments
  • Each preemptive comment triggers a micro design session
  • A preemptive comment sets a micro goal
    • kuni katsuya
      kuni katsuya on 15 Mar 13
       
      which also aligns well with the 'micro goal' or incremental deliverables approaches of most agile methodologies 
  • helps to focus a goal to be reached
  • Without preemptive comments, I often went on coding, always asking myself: “Should I commit now? Have I reached a stable state which I could consider a good commit?“
  • define micro-goals through preemptive comments
  • macro-goal through the feature branch name
  • A preemptive comment creates a little timebox
    • kuni katsuya
      kuni katsuya on 15 Mar 13
       
      similar to the timeboxing strategy of a short sprints, for instance
  • Writing comments preemptively puts the agreement between the pair members to a test
    • kuni katsuya
      kuni katsuya on 15 Mar 13
       
      more relevant to methodologies using pair programming
  • commit history gains a very balanced granularity
  • feature branch becomes a collection of evolutionary commits each of which has usually a 1:1 binding with tests
  • very easy to find which commit introduced a bug, since each commit is related to a single new goal/feature
  • Preemptive commit comments
  • Rule #2: write what the software
  • I started taking a lot of care of the words I was using in comments, commits, test names and classes/variables/methods’ names
  • be supposed to do,
  • not what you did
  • should
  • Introducing BDD
  • began with the simple attempt to replace the world
  • “should“
  • “test”
  • with the world
  • Rule #1: write commit comments before coding
  • use the same criteria for my commits’ comments as well.
  • (not what you did)
kuni katsuya

Introduction to Enterprise Architect, UML Modeling Tool [EA User Guide] - 0 views

www.sparxsystems.com/...9.3

enterprisearchitect user guide documentation

shared by kuni katsuya on 27 Jun 12 - No Cached
  • Introduction to Enterprise Architect
  • Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
  • Introduction to Enterprise Architect
  • ...2 more annotations...
  • Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
  • If you are new to modeling and UML as well as Enterprise Architect, or otherwise want a rapid review of the process of modeling with Enterprise Architect, go to the Quickstart Tutorial.
1 - 16 of 16
Showing 20 items per page