|
code: search
Code reviews are essential to code quality, but no team wants to review tens of thousands of lines of code, or should have to. In this two-part article, ShriKant Vashishtha and Abhishek Gupta show you how to overcome the challenges associated with code reviews by automating them. Find out why Checkstyle is one of the most popular tools used for code review automation, then learn how to quickly enhance its built-in rules with custom ones just for your project. Level: Intermediate
in Java
via Java World @ 18:23 25th Nov
- Related
CWmike writes "Just a day after downplaying the vulnerability that caused it to issue an out-of-cycle patch last week, Microsoft warned customers late yesterday that exploit code had gone public and was being used in additional attacks. 'We've identified the public availability of exploit code that now shows code execution for the vulnerability addressed by MS08-067,' said Mike Reavey, operations manager of Microsoft's Security Response Center, in a post to the MSRC blog. 'This exploit code has been shown to result in remote code execution on Windows Server 2003, Windows XP, and Windows 2000.'"
in Web Developer
via Slashdot @ 19:47 28th Oct
- Related
Most developers are at least passingly familiar with the notion of code review - that having source code read over by another developer, or a group, is a good way to catch things that the original author missed. While code review started out as a physical meeting process, there's been increasing interest in supporting distributed code reviews via the web.
in Open Source
via Linux.com @ 17:47 10th Nov
- Related
eldavojohn writes "I began coding for a project that had simple requirements for my employer — Web services and a test application for them. But requirements have been creeping, as they always do. Initially I had decided to use the Spring Framework with Hibernate. And I re-used a lot of libraries that made things simple and quick for me. The new requests coming in involve capabilities beyond those of the frameworks. Now, I used to be told that good programmers write code and great programmers reuse code. It's starting to look like I would have saved myself a whole lot of time if I had written the database transaction using JDBC instead of Hibernate — now that I'm married to this object model framework, some of this stuff doesn't look doable.
in Web Developer
via Slashdot @ 22:37 4th Nov
- Related
Icon"If you want to make sure your computer or server is not tricked into undertaking malicious or undesirable behavior, it's not enough to keep bad code out of the system. Return-oriented programming exploits start out like more familiar attacks on computers. The attacker takes advantage of a programming error in the target system to overwrite the runtime stack and divert program execution away from the path intended by the system's designers. But instead of injecting outside code - the approach used in traditional malicious exploits - return-oriented programming enables attackers to create any kind of nasty computation or program by using just the existing code."
in Computer Security
via OSNews @ 5:15 11th Nov
- Related
There are a few themes that recur frequently when discussing software development projects. Money, quality, budget, performance, expense, maintenance, cost.... Okay, some themes recur more often than others. In fact, cost is both the key driver and largest obstacle to project success. Although most people agree that code quality processes reduce the cost of software development and maintenance, these processes are usually the first to be scaled back when deadlines begin to loom and progress is almost invariably less than originally planned. Even though I can go on and on about the cause of these plan versus reality deltas (and I have in the past), today I'll focus on how you can best survive the reduction in time available to review code by making code easier to review.
in Developer
via Developer.com @ 5:52 6th Nov
- Related
The first example is based on a custom Eclipse plugin, which displays a warning when it spots a problematic line of code. The second example, especially good for teams not using Eclipse, shows you how to use Subversion's pre-commit hook to check for code violations. This approach bars developers from committing source code with un-fixed violations.
in Java
via Java World @ 18:24 25th Nov
- Related
"Programs like SLOCCount can be used to inspect the Linux kernel's source code in more detail. According to this tool, the source code line count is not 9 million but exactly 6,399,191 (Source Lines of Code/SLOC), as the program doesn't count blank lines, comments and several other types of input. More than half of the lines are part of hardware drivers; the second largest chunk is the arch/ directory which contains the source code of the various architectures supported by Linux."
in Developer
via Linux Today @ 8:45 24th Oct
- Related
hi_caramba_2008 writes "We are a bunch of good friends at a large software company. The product we work on is under-budgeted and over-hyped by the sales drones. The code quality sucks, and management keeps pulling in different direction. Discussing this among ourselves, we talked about leaving the company and rebuilding the code from scratch over a few months. We are not taking any code with us. We are not taking customer lists (we probably will aim at different customers anyway). The code architecture will also be different — hosted vs. stand-alone, different modules and APIs. But at the feature level, we will imitate this product. Can we be sued for IP infringement, theft, or whatever? Are workers allowed to imitate the product they were working on? We know we have to deal with the non-compete clause in our employment contracts, but i
in Web Developer
via Slashdot @ 4:32 26th Nov
- Related
Linux source code passes 10 million lines Chinese surfers see red over Microsoft black-outs Google publishes Android source code Vic Police BI stalls on stage three funding shortfall Samsung Electronics drops bid for SanDisk Intel opens its wallet for science Corporates failing on email security FBI administrated over busted online crime site ICT departments will lead the way in sustainability: forum Dodo flies in face of Do Not Call register Pirates scoff at Microsoft's anti-piracy day Mozilla snubs Android Malware attacks soar to new levels IBM aims z10 mainframe at mid-sized firms Inside Fujitsu's new tier-3 green data centre
in Open Source
via IT News Australia @ 17:56 22nd Oct
- Related
If you want to make sure your computer or server is not tricked into undertaking malicious or undesirable behavior, it's not enough to keep bad code out of the system. Two graduate students from the University of California, San Diego's, computer science department have just published work showing that the process of building bad programs from good code, using "return-oriented programming," can be automated and that this vulnerability applies to multiple computer architectures. Full Story
in Computer Security
via National Science Foundation @ 13:28 26th Nov
- Related
The mobile browser, which uses much of the same code found in desktop Firefox, currently is being released for the Nokia N800 and N810 Internet Tablets, but Mozilla has also released code to run it on desktop PCs (Windows, Mac OS, and Linux), so a wider group of Mozilla community developers can start to exercise it.
in Open Source
via Network World Asia @ 6:41 27th Oct
- Related
At long last, Creative Labs has released the full source code for its SoundBlaster X-Fi audio cards. Released yesterday under the General Public License (GPL) 2, the X-Fi and X-Fi Titanium 32bit/64bit drivers replace previous X-Fi drivers released only as object code for select 64-bit Linux kernels.
in Linux
via DesktopLinux.com @ 21:27 7th Nov
- Related
Weblver1 writes "A recent report by web security firm Finjan shows how easily data can be accessed on PCs by malware which circumvents existing defenses. With the use of obfuscated code, antivirus software and static Web filters could not identify the scrambled attack code as a threat. The report walks through a real-life scenario of the infection process step-by-step, and tracks what happens to the stolen data. This demonstrates how stealing sensitive data has become unbearably easy — especially, given the abundance of easy-to-use DIY crimeware toolkits. Finjan's report is available here (PDF, registration required). Shortly after this report, Security firm RSA has released their findings of a huge amount of stolen 'virtual wallets' in one of the largest discoveries of stolen data from computers compromised by the Sinowal trojan.
in Web Developer
via Slashdot @ 15:54 1st Nov
- Related
Private browsing was added to the Firefox 3.1 pre-release code today, just hours before the scheduled code freeze on beta 2.
in Open Source
via ZDNet @ 0:06 5th Nov
- Related
November 7, 2008 - Enabling WiX technology to be accessible to users through use of automatic setup code generation, WiXAware v2.0 is WiX IDE with visual editors that automatically generates XML code in background. MSBuild support helps developer integrate their setups into application build process and automatically creates .wixproj files. Automated Setup Squeezer in software makes .MSI setup files smaller.
in XML & Metadata
via ThomasNet @ 18:36 9th Nov
- Related
When you decide to build a PHP-based web site, you have an important decision to make with far-reaching implications. That decision is whether to use a ready-made content management system or custom code for your site. There are advantages and disadvantages to each, and in this article, we will explore the pros and cons of using a content management system or CMS, versus custom code for your web site.
in E-commerce
via Stickysauce @ 19:01 22nd Oct
- Related
AccuRev, Inc. and Coverity today announced a new technology partnership that will help software development teams to improve the quality and security of their applications in today's fast paced agile development environments. Leading development organizations rely on Coverity's advanced source code analysis products to ensure the integrity of their code and AccuRev's process-centric software configuration management (SCM) products to automate and accelerate their development processes. A driving factor in partnership was the success that customers of both companies consistently realize through integrating products from AccuRev and Coverity. The new partnership will allow both companies to provide additional integration capabilities that help joint customers derive even greater value from their investment in technology from Coverity and Ac
in Developer
via Linux PR @ 1:29 18th Nov
- Related
javipas writes "A simple analysis of the most updated version (a Git checkout) of the Linux kernel reveals that the number of lines of all its source code surpasses 10 million, but attention: this number includes blank lines, comments, and text files. With a deeper analysis thanks to the SLOCCount tool, you can get the real number of pure code lines: 6.399.191, with 96.4% of them developed in C, and 3.3% using assembler. The number grows clearly with each new version of the kernel, that seems to be launched each 90 days approximately."
in Web Developer
via Slashdot @ 16:00 22nd Oct
- Related
AccuRev, Inc. and Coverity today announced a new technology partnership that will help software development teams to improve the quality and security of their applications in today’s fast paced agile development environments. Leading development organizations rely on Coverity’s advanced source code analysis products to ensure the integrity of their code and AccuRev’s process-centric software configuration management (SCM) products to automate and accelerate their development processes. A driving factor in partnership was the success that customers of both companies consistently realize through integrating products from AccuRev and Coverity. The new partnership will allow both companies to provide additional integration capabilities that help joint customers derive even greater value from their investment in technology from Coverity
in Developer
via ITworld.com @ 10:48 7th Nov
- Related
Ars discovered that the upcoming Nintendo Wii Speak peripheral—a microphone that finally lets you communicate to other Wii users online—comes with a 16 character code to download the "Wii Speak" channel. This is a one time use code, which cannot be replaced if lost. What does this mean to you? It means you can NEVER sell this thing, NEVER give it away or NEVER use it on another Wii Console than the one it was first downloaded on. We know game studios and publishers hate secondhand sales, because they don't get revenue from it, but this is HARDWARE. Nintendo's seriously going to limit what you can do with hardware you purchased? You go too far, sir. You go too far. [Ars Technica]
in Computer Games
via Gizmodo @ 21:41 14th Nov
- Related
Writing code in Python is simple, however, writing code that is efficient and easy to maintain and reuse is not so straightforward. This is where this book intends to step in. Written by Tarek Ziadé, a contributor to the Zope code and an experienced Python developer, Expert Python Programming takes you on a practical tour of Python application development.
in Developer
via Programmers' Heaven @ 1:29 18th Nov
- Related
Mike Groher and Don Gardener let me write my first few lines of code while getting paid back in the 1980s. The code was in Databus on a Sunbelt mini-computer with Winchester drives and 256k of RAM. I have been fortunate enough to get to sling code pretty much for the last twenty years.
in Developer
via Developer.com @ 8:00 25th Nov
- Related
CWmike writes "Microsoft today called its first month of predicting whether hackers will create exploit code for its bugs a success — even though the company got its forecast right just 40% of the time for October. 'I think we did really well,' said Mike Reavey, group manager at the Microsoft Security Research Center (MSRC), when asked for a postmortem evaluation of the first cycle of the team's Exploitability Index. 'Four of the [nine] issues that we said where consistent exploit code was likely did have exploit code appear over the first two weeks. And another key was that in no case did we rate something too low.' Microsoft's Exploitability Index was introduced last month."
in Web Developer
via Slashdot @ 10:02 14th Nov
- Related
Search took 0.05 seconds.
|
|
