Categories
Posts

Angular Resources

As I’ve been working up a new angular application, I’m getting a lot of value out of the write-ups at angular-tips.com. Specifically, the articles on unit testing Controllers and Services have been quite high-quality.

Categories
Posts

How I Start

I really like the concept of this site. “How I Start” gives some expert demonstration of how to use cool new languages and frameworks. How do you create a project and how do you lay out your code and tools? Valuable advice.

Categories
Posts

Escaping JSON for use in unit tests

I whipped this together to answer a Stack Overflow question, but I keep looking for the url, so I’ll leave it here.

http://csharpstringescape.apphb.com

Categories
Posts

Code Weaving with Fody

Ok. I’m late to this party. I don’t know where all of my trusted news sources have been, but I just found Fody, and am shocked by the coolness, and that I’d never heard of it. Using Fody, and it’s modules, you can replace the implementations of static methods (Ionad), or embed one assembly within another (Costura). Typical AOP stuff is in there too, with logging and tracing aids, and exception management.

There’s a good slide deck that lists some of the basics, but I bet the Pluralsight course is the definitive introduction.

Categories
Posts

Run a program as a service

http://nssm.cc is the non-sucking service manager. It’s good for using with Event Store (http://geteventstore.com).

Categories
Posts

Noise Generator

Noise Generator

Free, customized, downloadable noise to block out the world.

Categories
Posts

Web Krill

Version numbers are important. Semantic Versioning 2.0 is a simple yet well defined method for describing the change of your software.
NServiceBus 4.0 is out and running at major customers. Stop by for a Happy Meal and watch your order flow through the service bus. The new version has better modeling tools, debugging functionality, and can use RabbitMQ and MSSQL Server as transports. There are also online labs to help you get up to speed without needing to set up your own systems.

Nuget is a powerful tool for dependency management, but using it in the enterprise is frequently discussed because it can be problematic.

CloudFlare is a really neat company that provides caching, scaling, and attack tolerance capabilities for internet http sites. They recently blogged on the details of and remediation for the recent vulnerabilities in RC4 encryption.

If you’d like to polish your coding skills, but cannot think of a good, simple program to write, try one of Martyr2’s project ideas. Also take a look at thekarangoel’s github repo where’s he’s started doing ALL of them.

Described variously as one of the most accessible introductions to crypto….and as the instigator of more bad crypto implementations by newly minted cocky ‘experts’, the Handbook of Applied Cryptography stands alone.
It shouldn’t come as a big surprise that Microsoft makes their development tools with a certain customer set in mind…but this presentation on the Psychology of C# is a little bit scary in the way it pigeonholes the stereotypical C# developer. Many good insights here too.

Visual Studio 2013 has a pile of cool new development goodness for Web developers.

People have asked me a couple of times why TFS Source Control is put down so much. Recently I read that it’s an ‘inferior version of Perforce’ (which would make sense, since MS licensed Perforce’s code before making TFS). So, how do I find out what is ‘wrong’ with TFS? How about the Perforce/TFS feature comparison published by Perforce? It should have the dirty low-down on what TFS is missing!

Did you wish you had a professional exploit kit to deploy your malicious code? Styx Exploit Pack can make your personal botnet shine, or get you that extra Microsoft Surface by running a little ransomware. $3000 gets you the exploit kit with multiple drive-by vulnerabilities, malware obfuscation, and access to the vendor’s 24/7 help desk. Want to learn more about the world of exploit kits? Malware don’t need Coffee is the site for you.

Categories
Posts

Web Krill

ImageFrontend Development on github. A huge list of frontend development resources, including design, workflow, testing, CSS, JavaScript, mobile, fonts, animation, and site frameworks. Some Challenges: Try running JSLint on your JavaScript code. Develop a responsive site using Angular or Bootstrap. Understand this, call, and apply in JavaScript.

Image A lovely and fast cheat sheet for all your git needs. 

Image
Huge collection of Free Microsoft eBooks for you, including: Office, Office 365, SharePoint, SQL Server, System Center, Visual Studio, Web Development, Windows, Windows Azure, and Windows Server
ImageThe Task Board in Team Foundation Server 2012 Update 1 is built to better support a lean / kanban style of process. Visual Studio Magazine provides more detail on the features and usage.
OWASP has released the 2013 Top 10 web security risks document. Which of the top 10 do you think we have exposure to?
ImageRob Ashton thinks that your stand-ups are a waste of time. Does his argument hold water?

Are you an addict? The Effects of Computer Programming on the Brain.

Does home ownership lead to unemployment?

ImageAlister Scott says “I once saw a technology company here in Brisbane advertise ‘fast, unfiltered Internet’ in their list of employee perks, alongside free pool tables and Friday drinks. I thought it was odd until I realized it’s actually a competitive differentiator for an employer to offer this.” Is it time to rethink the corporate Internet proxy?

Image

Facebook really doesn’t want their developers wasting their time. Rather than wait for I.T. to come around, there is a vending machine that lets you get a new keyboard, mouse, or a pair of headphones (all free). And instead of trying to squeeze a little more life out of an old computer you get a new laptop the third time you call the help desk with a PC problem.

Get a lot more use out of the WIN-R run dialog or windows 8 start screen with indexing and custom shortcuts. The article also has an extensive list of direct commands for windows features.Image

OzCode says their debugger add-on is magical. It certainly has some cool visualizations. Free while in Beta. 

If you liked StarCraft, WarCraft, or Command and Conquer, play the one that came before them: Dune 2. Running in your browser with HTML 5.

Categories
Posts

Avi Rubin: All your devices can be hacked

The failure of most of the electronics around us to resist any real attention from hostile governments, criminals, or large corporations is very alarming.

Categories
Posts

A short brain dump on automated testing

Sometimes you come across a blogger who’s so thoroughly covered a topic that you can just drill down through years of his writing and keep finding awesome stuff. Alister Scott‘s blog “watirmellon” is such a source. Here’s some highlights…

Make sure to read through his Automated Testing slide deck!

http://watirmelon.com/2012/01/31/introducing-the-software-testing-ice-cream-cone/

Image

“I propose we rename QA to mean Quality Advocate … Whilst their responsibilities include testing, they aren’t limited to just that. They work closely with other team members to build quality in, whether that be though clear, consistent acceptance criteria, ensuring adequate automated test coverage at the unit/integration level, asking for dev box walkthrough, or encouraging collaboration/discussion about doing better testing within the team.

http://watirmelon.com/2013/02/25/are-software-testers-the-gatekeepers-or-guardians-of-quality/

A:  User stories aren’t ‘done’ until you’ve tested each of them, which means you get to provide information to the Product Owner about each of them. You define the quality bar and you work closely with your team and product owner to strive for it.

B: Whilst you think you may define the quality of the system, it’s actually the development team as a whole that does that. Everyone is under pressure to deliver and if you act like an unreasonable gatekeeper of quality, you’ll quickly gain enemies or have people simply go around or above you.

http://watirmelon.com/2013/05/08/should-you-use-the-givenwhenthen-format-to-specify-automated-acceptance-tests/

A: Given/When/Then format provides a high level domain specific language to specify the intention of automated acceptance tests (very easily transferred from a user story) separate to the implementation of your automated acceptance tests. This separation allows changing the test from testing the UI to testing an API without changing the intention of the test.

B:  One of the selling points of writing Given/When/Then tests is that they are readable by business. But in reality, business never read your Given/When/Then specifications, so it makes no sense to invest in them.

“Quick wins give you breathing space to develop a good solution.”

http://watirmelon.com/2009/10/01/not-ruining-your-test-automation-strategy/

Alister: Automated testing through non-GUI means is smart, but sometimes you have no choice. I have made automated testing through the GUI reliable and maintainable, but it required skill on my part. Automated GUI tests can be used to deliberately show discrepancies in the GUI, often highlighting unintended GUI changes. It’s generally not a good idea to completely write something off because you may have seen it done poorly yourself. It’s like saying Agile is wrong because you worked somewhere where Agile was done poorly.

Bob:  My beef is not with GUI testing tools per se. Rather it is with teams that test their entire app through the GUI. You are correct in that sometimes you have no choice. In such cases very careful test construction can mitigate the fragility problem. But no amount of care can come close to competing with an approach that runs the majority of tests through the API.

QA? Project Management? …or just Paradevs?

http://watirmelon.com/2013/01/31/so-what-exactly-is-a-paradev/

A couple of years ago now, just after I started at ThoughtWorks, I read a tweet from a fellow ThoughtWorks developer here in Brisbane along the lines of “the paradevs at work enjoyed my lunchtime session on networking”. My ears pricked: “what’s a paradev?” I asked. “It’s someone who helps the developers develop” she replied. “Oh” I thought.

http://watirmelon.com/2013/05/07/do-you-even-need-a-software-tester-on-your-agile-team/

A: If you don’t particularly care about quality, have good production monitoring, and can get internal engineers and major partners to do your QA then you may get away with not having a tester on your agile team.

B: Software testers provide a unique questioning perspective which is critical to finding problems before go-live. Even with solid automated testing in place: nothing can replicate the human eye and human judgement.

http://watirmelon.com/2013/04/14/which-is-better-manual-or-automated-testing/

A:  Even when automating a test scenario, you have to manually test it at least once anyway to automate it, so automated testing can’t be done without manual testing.

B: Because the automated tests are explicit, they also execute consistently as they don’t get tired and/or lazy like us humans.  Automated tests also allow you to test things that aren’t manually possible, for example, ‘what if I processed ten transactions simultaneously’.

http://watirmelon.com/2013/04/14/test-in-production/

The key to testing changes as soon as they hit production is to have real time, continuous real user experience monitoring.  More comprehensive automated acceptance tests can be written in a non-destructive style that means they can be run in production. This means that these can be run immediately following a fresh production deployment, and as feedback about the tests is received, any issues can be remedied immediately into production and tested again.

http://watirmelon.com/2013/04/13/choosing-a-language-for-your-automated-acceptance-tests/

A: Automated acceptance tests shouldn’t be developed in isolation, so having these written in the same language as your application (usually C# or Java) will ensure that the programmers are fully engaged and will maximize the liklihood of having these tests maintained alongside your application code.

B: If your software testers are responsible for writing and maintaining your automated acceptance tests then it makes sense to allow the testers to write in dynamic scripting languages which are popular with testers as they are lightweight to install and easy to learn, have no licensing costs allowing an unlimited number of build agents to run these tests as part of continuous integration. As testers develop their skills in these languages they can quickly create throwaway scripts to perform repetitive setup tasks required for their story or exploratory testing: such as creating multiple records or rebuilding a database.

http://watirmelon.com/2013/04/13/who-should-write-your-automated-acceptance-tests/

A: The benefits of having the programmers in your team writing and maintaining these tests is that they will be maintained and executed as soon as any change occurs, so they’ll be kept more up to date and less likely to go stale.

B: Software testers are particularly good at building automated acceptance tests that cover an end-to-end process in the system; often called user journeys. This is because they have a good understanding of the journey whereas a programmer may only understand the logic behind a particular screen. Testers should be involved in writing this style of  acceptance tests so they are representative of real usage.

http://watirmelon.com/2013/03/10/is-test-management-wrong/

Now, each agile team is responsible for its own quality, the tester advocates quality as accurate acceptance criteria, unit testing, automated acceptance testing, story testing and exploratory testing. These activities aren’t managed in a test management tool, but against each user story in a lightweight story management tool (such as Trello or Mingle). The tester is responsible for managing his/her own testing. Step by Step test cases (such as those in Quality Center) are no longer needed as each user story has acceptance criteria, and each team writes automated acceptance tests written for functionality they develop which acts as both automated regression tests and living documentation.

http://watirmelon.com/2013/05/20/do-you-need-an-automated-acceptance-testing-framework/

A: If you’re starting off with automated acceptance testing and you don’t have some kind of framework, eg, page object models, in place then you can quickly develop a mess.

B: Over-engineered automated acceptance test frameworks are harmful for a team as they dictate certain ways of doing things which means the team can be less efficient in developing what they need to deliver.

http://pragprog.com/book/achbd/the-rspec-book

Image

Caution! You’ve fallen for a trap. You’ve picked up this book thinking it was about RSpec. Fortunately, you decided to read the foreword. Good! That gives me the opportunity to tell you about the mistake you just made and possibly save you from an unexpected fate. -Uncle Bob

http://watirmelon.com/2011/05/31/an-automated-testing-journey/