Thursday, February 28, 2019


Programming Applications and Framework - IT3030

Industry practices and tools 2

 1. Discuss the importance of maintaining the quality of the code, explaining the different aspects of the code quality
What is good quality code: Good quality code is code that is clear, simple and concise that can be fully maintained which is efficient. There are many things that can make your code of good quality such as correctness, no DRY (Don’t Repeat Yourself), simple, a proper algorithm with unambiguous steps, concise, clear and elegant and finally it performs. Some of the much more important things that make code of good quality, which are the ones that I’m going to cover, are efficiency, robustness, usability and portability.

 Importance of good quality code: 
In order to develeop good quality code, a programmer must have a good amount of experience in programming and thy need to be capable of overcoming problems that come with programming. Creating good quality code is important mainly because it will then result in the software being more durable and much easier to use and can be maintained with greater ease. Good quality code will meet the user requirements and work the way that it was set out to do in the design stages such as the program doesn’t suddenly crash. The readability of code will also make the code to a much better quality. There are different factors that can improve the quality of code such as reliability, portability, robustness and maintainability
Efficiency: It is always good to make sure you keep your code efficient. Efficiency of code covers a variety of things such as the reliability and speed being two examples. EFFICIENCY.PNGBelow are some of many examples on how to ensure that your code is efficient:
  • Remove unnecessary code
  • Make use of optimal memory
  • Make use of reusable components whenever you can
  • Use the best data types, variables and key words
Reliability & Robustness: If a program is robust then it means that it can handle errors during execution and also be able to handle input by the user which isn’t correct according to the data type that they have entered
Usability: The term sounds pretty self-explanatory and that’s because it is. When a program is more usable it focuses on the user and how easy and effectively the program can be used in particular ways.
Portability: Portability in terms of good quality code is when we can code across different systems and operating systems. A program should be portable because if a program was developed for a client and it could only be used on particular devices or operating systems then it would have an affect on the way that the client/company uses the system
Maintainability: Whenever a program is developed, is should definitely be maintainable. Whenever someone uses a program, it is possible that there could be bugs that weren’t identified during the testing stage of development so it is important for these bugs to be fixed. The program is also going to require updates in order to improve the program’s functionality
Poor quality code can be usually caused by:
  • Lack of (or insufficient) coding style/standards.
  • No / poor documentation.
  • Poorly designed architecture (with no separation of responsibilities, as in MVC).
  • High method complexity
2. Explain different approaches and measurements used to measure the quality of code 
The quality of the code can be measured by different aspects
  • Weighted Micro Function Points 
  • Halstead Complexity Measures 
  • CyclomaticComplexity 
  • Lines of code 
  • Lines of code per method 
3. Identify and compare some available tools to maintain the code quality

Kiuwan

kiuwan-logo
Kiuwan is a SAST and SCA platform with the largest technology coverage and integrations in the market. With a DevSecOps approach, Kiuwan achieves outstanding benchmark scores (Owasp, NIST, CWE, etc) and offers a wealth of features that go beyond static analysis, catering to every stakeholder in the SDLC.

PVS-Studio

logo-pvs
PVS-Studio is a tool for detecting bugs and security weaknesses in the source code of programs, written in C, C++, C# and Java. It works in Windows, Linux, and macOS environment.
It is possible to integrate it into Visual Studio and other widespread IDE. The results of the analysis can be imported into SonarQube.

Gamma 

Gamma logo
Gamma is an intelligent software analytics platform, developed by Acellere. It supports developers and teams in building higher quality software in less time, by speeding up code reviews.
It automatically prioritizes hotspots in the code and provides clear visualizations. With its multi-vector diagnostic technology, it analyses software from multiple lenses, including software design, and enables companies to manage and improve their software quality transparently.

Coverity

Coverity Static Code Analysis Tool
Coverity Scan is an open source cloud-based tool. It works for projects written using C, C++, Java C# or JavaScript. This tool provides a very detailed and clear description of the issues which helps in faster resolution. A good choice if you are looking for an open source tool.
4. Discuss the need for dependency/package management tools in software development? 
What is dependency management?
Software projects rarely work in isolation. In most cases, a project relies on reusable functionality in the form of libraries or is broken up into individual components to compose a modularized system. Dependency management is a technique for declaring, resolving and using dependencies required by the project in an automated fashion.
5. Explain the role of dependency/package management tools in software development 
dependency management 
Purpose 
To provide a procedure and associated guidelines to facilitate the management of project dependencies

 Overview 
Dependencies in this Phase are defined as actions, deliverables or pre-conditions that are outside the immediate scope of the project or the project manager’s span of control and that impact the project’s successful completion. They are not to be confused with the normal activities and logical relationships that exist between different project activities in a Work Breakdown Structure. Dependencies may be internal to the project and external to the project.

 Package managers are charged with the task of finding, installing, maintaining or uninstalling software packages upon the user's command. Typical functions of a package management system include:
  • Working with file archivers to extract package archives
  • Ensuring the integrity and authenticity of the package by verifying their digital certificates and checksums
  • Looking up, downloading, installing or updating existing software from a software repository or app store
  • Grouping packages by function to reduce user confusion
6. Compare and contrast different dependency/package management tools used in industry 
NuGet is the package manager for the Microsoft development platform including .NET. The NuGet client tools provide the ability to produce and consume packages. The NuGet Gallery is the central package repository used by all package authors and consumers

David is a tool for getting an overview of your Node dependencies. It creates a badge showing the current status of each dependency, which you can embed on your website if you choose.


Nanny is a dependency management tool for managing dependencies between your projects. Unlike tools like Maven, Nanny can be used for arbitrary dependencies and is easy to use.

Bower is a package manager for the web. Bower lets you easily install assets such as images, CSS and JavaScript, and manages dependencies for you.
Bower can manage components that contain HTML, CSS, JavaScript, fonts or even image files. Bower doesn’t concatenate or minify code or do anything else – it just installs the right versions of the packages you need and their dependencies

Maven
A repository in Maven holds build artifacts and dependencies of varying types.
There are exactly two types of repositories: local and remote. The local repository is a directory on the computer where Maven runs. It caches remote downloads and contains temporary build artifacts that you have not yet released
7. What is a build tool? Indicate the significance of using a build tool in large scale software development, distinguishing it from small scale software development

 What is a build tool ? A build tool is a programming utility that is used when building a new version of a program. For example, make is a popular open source build tool that uses makefile, another build tool, to ensure that source files that have been updated (and files that are dependent on them) will be compiled into a new version (build) of a program.

8. Explain the role of build automation in build tools indicating the need for build automation 

Build automation is the process of automating the creation of a software build and the associated processes including: compiling computer source code into binary codepackaging binary code, and running automated tests.

 9. Compare and contrast different build tools used in industry 
Maven
Apache’s Maven is a build automation tool primarily for Java projects, and is the most popular choice for Java developers today by the usage numbers. Unlike Apache Ant, it uses conventions for the build procedure, and only exceptions need to be written down.When to use it: If you want the de facto tool and plugin repository. If you’re running anything unusual with your other tools, Maven will support it. Well suited for large enterprises due to its very fast uild speed.

 Con Maven
  • You need to know maven command line or use an ide that has maven integration, such as netbeans or eclispe.
  • Learning Curve (there are something like 20-26 different build phases, plus packaging types).
  • Your project pretty much has to be laid out the correct way, you can work around this but you shouldn't.
  • Its verbose and complex.
  • If you have a dependent jar that isn't mavenized, you might lose your mind before you figure out how to integrate it.
Pro Maven
  • All dependencies are downloaded automatically;
  • All compile/build/dependency info is bundled with your maven spec, and therefore forced to be in source control with your code. (this is a huge plus)
  • Drastically simplifies the way your build will work, because every build follows a generally standard procedure.
  • Every member of your team will be building/deploying in the same way with every compile.
  • Turning on new features (such as junit) across the board for things like CI/CD can be as easy as one line in your maven config file.
Ant
Apache’s Ant is an open source Java library and command-line tool used for automating software build processes. It’s primarily used for building Java applications. Created in 2000, Ant is the original build tool in the Java space that’s still being used today. You’ll probably want to include Ivy with it if you want any dependency management capabilities.When to use it: If you want nearly total control over how your build tool runs and are willing to put in the extra effort to get that.Price: free
Pro Ant
  • You control everything, because you have to largely build it yourself (though you can copy and paste).
  • Easy to ad support for legacy builds.
  • Ant is a programming language (almost) so you can do crazy things, but it requires much more debugging 
Con Ant
  • IDE integration doesn't seem to be as well done. Running your ant scripts with 
  • every build requires more setup and configuration, and generally on every machine.
  • Its no longer the standard, and many projects which are mavenized are much easier to use via maven than downloading the jar and getting it into your lib. then doing wire up via ant.


10. Explain the build life cycle, using an example (java, .net, etc…) 

What is Build Lifecycle?

A Build Lifecycle is a well-defined sequence of phases, which define the order in which the goals are to be executed. Here phase represents a stage in life cycle. As an example, a typical Maven Build Lifecycle consists of the following sequence of phases.
.NET
  1. Page request: The page request occurs before the page life cycle begins. When the page is requested by a user, ASP.NET determines whether the page needs to be parsed and compiled (therefore beginning the life of a page), or whether a cached version of the page can be sent in response without running the page.
  2. Start: In the start stage, page properties such as Request and Response are set. At this stage, the page also determines whether the request is a postback or a new request and sets the IsPostBack property. The page also sets the UICulture property.
  3. Initialization: During page initialization, controls on the page are available and each control's UniqueID property is set. A master page and themes are also applied to the page if applicable. If the current request is a postback, the postback data has not yet been loaded and control property values have not been restored to the values from view state.
  4. Load: During load, if the current request is a postback, control properties are loaded with information recovered from view state and control state.
  5. Postback event handling: If the request is a postback, control event handlers are called. After that, the Validate method of all validator controls is called, which sets the IsValid property of individual validator controls and of the page. (There is an exception to this sequence: the handler for the event that caused validation is called after validation.)
  6. Rendering: Before rendering, view state is saved for the page and all controls. During the rendering stage, the page calls the Render method for each control, providing a text writer that writes its output to the OutputStream object of the page's Response property.
  7. Unload: The Unload event is raised after the page has been fully rendered, sent to the client, and is ready to be discarded. At this point, page properties such as Response and Request are unloaded and cleanup is performed.
JAVA

  1. validate: validate the project is correct and all necessary information is available.
  2. compile: compile the source code of the project.
  3. test: test the compiled source code using a suitable unit testing framework. These tests should not require the code be packaged or deployed.
  4. package: take the compiled code and package it in its distributable format, such as a JAR.
  5. integration-test: process and deploy the package if necessary into an environment where integration tests can be run.
  6. verify: run any checks to verify the package is valid and meets quality criteria.
  7. install: install the package into the local repository, for use as a dependency in other projects locally.

  9. deploy: done in an integration or release environment, copies the final package to the remote repository for sharing with other developers and projects.


 11. What is Maven, a dependency/package management tool or a build tool or something more? 

What is Maven?


Maven is a project management and comprehension tool that provides developers a complete build lifecycle framework. Development team can automate the project's build infrastructure in almost no time as Maven uses a standard directory layout and a default build lifecycle.


In case of multiple development teams environment, Maven can set-up the way to work as per standards in a very short time. As most of the project setups are simple and reusable, Maven makes life of developer easy while creating reports, checks, build and testing automation setups.

Maven provides developers ways to manage the following −
  • Builds
  • Documentation
  • Reporting
  • Dependencies
  • SCMs
  • Releases
  • Distribution
  • Mailing list
To summarize, Maven simplifies and standardizes the project build process. It handles compilation, distribution, documentation, team collaboration and other tasks seamlessly. Maven increases reusability and takes care of most of the build related tasks.
12. Discuss how Maven uses conventions over configurations, explaining Maven’s approach to manage the configurations 
Maven uses Convention over Configuration, which means developers are not required to create build process themselves.
Developers do not have to mention each and every configuration detail. Maven provides sensible default behavior for projects. When a Maven project is created, Maven creates default project structure. Developer is only required to place files accordingly and he/she need not to define any configuration in pom.xml.


 13. Discuss the terms build phases, build life cycle, build profile, and build goal in Maven 
Maven Build Lifecycle 

 The Maven build follows a specific life cycle to deploy and distribute the target project.

There are three built-in life cycles:

  • default: the main life cycle as it’s responsible for project deployment
  • clean: to clean the project and remove all files generated by the previous build
  • site: to create the project’s site documentation

Each life cycle consists of a sequence of phases. The default build life cycle consists of 23 phases as it’s the main build lifecycle.

Maven Phase 
A Maven phase represents a stage in the Maven build lifecycle. Each phase is responsible for a specific task.
Maven Goal 
Each phase is a sequence of goals, and each goal is responsible for a specific task.

 Build profile is a set of configuration values, which can be used to set or override default values of Maven build. Using a build profile, you can customize build for different environments such as Production v/s Development environments.
14. Discuss with examples, how Maven manages dependency/packages and build life cycle 

 Maven manages dependency/packages

 Dependency management is a core feature of Maven. Managing dependencies for multi-module projects and applications that consist of hundreds of modules is possible. Maven helps a great deal in defining, creating, and maintaining reproducible builds with well-defined classpaths and library versions.

 Most digital services will rely on some third-party code from other software to work properly. This is called a dependency.

 You’ll need to manage any dependencies in your service carefully to keep your:

  • code up to date
  • system secure
  • service working as intended
  • Whether your configuration code is open or closed, you must keep your dependencies up to date. New versions of software often contain fixes for security flaws so if you don’t update regularly you’ll leave your system vulnerable
Maven Build Life Cycle

 What is build life cycle? The sequence of steps which is defined in order to execute the tasks and goals of any maven project is known as build life cycle in maven. Maven 2.0 version is basically a build life cycle oriented and clearly says that these steps are well defined to get the desired output after the successful execution of the build life cycle.

 Maven comes with 3 built-in build life cycles as shown below :

  • Clean - this phase involves cleaning of the project (for a fresh build & deployment)
  • Default - this phase handles the complete deployment of the project
  • Site - this phase handles the generating the java documentation of the project.


15. Identify and discuss some other contemporary tools and practices widely used in the software industry 
Wrike

it offers a load of useful features including task management, task prioritization, real-time newsfeed, interactive timeline (Gantt chart), and workload management. These tools help both distributed and co-located project teams to work speedily and efficiently. With this solution, your team can schedule, discuss, and prioritize their tasks, and track progress in real time










Clarizen is that it links project management with social engagement in an effortless manner. The tool is widely adopted as it is fast to deploy and easy to use. With this app, you can connect projects, tasks, and conversations. Plus, the platform automatically prioritizes projects, tasks, resources, budgets, and portfolios, and ensures important resources and information are managed appropriately. Main features include templates, personal calendars, project portfolio management, version control, and support for multiple languages and currencies.

MeisterTask is a cloud-based project management solution that aims to help project managers gain complete control of tasks and projects. This platform features customizable project boards that ensure every team member is in agreement with the project details and statuses, intuitively adjusts to your workflow, and helps you decide which tasks to prioritize, etc

Zoho Projects is a popular cloud PM platform intended to assist you in making your business projects more productive and finishing them within your timetable. Zoho Projects comes equipped with features to improve team collaboration, facilitate project monitoring, and enhance productivity and output. With Zoho Projects, you can get work done and delivered on time through milestones, tasks, and task lists that lets you plan your work in advance. It can divide your large and complex projects into manageable units as well as schedule recurring task, dependencies, and subtasks according to your deadlines



Posted by at No comments:
Subscribe to: Posts (Atom)