Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Code review

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  GitHub Copilot may generate code containing GPL code

GitHub Copilot is a new AI-powered code completion tool that can generate code snippets from natural language descriptions. It is powered by OpenAI Codex, a deep learning system that has been trained on billions of lines of public code. GitHub Copilot claims to be a “copilot, not a pilot”, meaning that it is not intended to write code for you, but rather to help you write code faster and better. However, some developers have raised concerns about the legal and ethical implications of...

   GITHUB COPILOT,GPL     2023-04-21 14:21:29

  How to commit code to OpenStack

If you want to make contributions to OpenStack, the best way to start is to help the community with blueprint or submit bug fix. To commit codes, you need to conform to some rules in the community. Work flow Register an OpenID Apply for a CLA certificate Apply for company CLA certificate Update contributor list Join OpenStack Contributors group and OpenStack group Set up SSH Keys Get a blueprint/bug git clone codes to local disk. Configure user name and user email and openid Modify codes in a l...

   OpenStack,Contribution     2013-08-04 23:04:45

  When Should Open Source Be Written Into Law?

As a systems administrator, I tend to think about source code and computing platform in large numbers. Computers however are getting smaller and more powerful, and the reality of computers that we put in or on our body as a normal daily routine is coming closer, and for many is already here. When our safety, our liberty, and our sense of humanity are tied to programmable devices, should we not only hope, but expect that we should have the right to examine how these devices function? Last ...

   Software,Open source,Time,Law     2012-01-28 07:23:09

  Code reviews in the 21st Century

There's an old adage that goes something like: 'Do not talk about religion or politics'.  Why?  Because these subjects are full of strong opinions but are thin on objective answers.   One person's certainty is another person's skepticism; someone else's common sense just appears as an a prior bias to those who see matters differently.  Sadly,  conversing these controversial subjects can generate more heat than light.   All too often people can get s...

   Code review,21 Centuary     2012-02-10 06:39:14

  Push docker image to remote AWS ECR

With the popularity of distributed and large-scale systems, there are more and more adoptions of cloud services. One of the most popular container in the market is Docker and one of the most popular cloud service provider is AWS. From development perspective, there is frequent need to push local docker image to remote ECR for debugging or testing purpose. Normally when a code change is done and the committed change would go through a series of process like code review, push to remote repo, merge...

   CLOUD,AWS,DOCKER,AWS ECR     2020-12-13 04:12:26

  What kind of automated testing does Facebook do?

We do several kinds of testing. Some specifics:For our PHP code, we have a suite of a few thousand test classes using the PHPUnit framework. They range in complexity from simple true unit tests to large-scale integration tests that hit our production backend services. The PHPUnit tests are run both by developers as part of their workflow and continuously by an automated test runner on dedicated hardware. Our developer tools automatically use code coverage data to run tests that cover the ...

   Facebook,Testing,PHP,Automated testing     2012-02-28 08:10:10

  Why hasn't Facebook migrated away from PHP?

The reason Facebook hasn't migrated away from PHP is because it has incumbent inertia (it's what's there) and Facebook's engineers have managed to work around many of its flaws through a combination of patches at all levels of the stack and excellent internal discipline via code convention and style - the worst attributes of the language are avoided and coding style is rigidly enforced through a fairly tight culture of code review (failing to adhere to the style and "going cowboy" by writ...

   Facebook,PHP,Migration,Bad feature,Codebase     2012-02-24 05:14:23

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  How GitHub Works: Be Asynchronous

This is — by far — my favorite aspect of working at GitHub. Everything is asynchronous. Chat GitHub didn’t have an office for the first two years. Chat rooms (in our case, Campfire) is where things got done. Today we’ve moved into our second office, and Campfire is still where we get things done. There’s a reason for that: chat is asynchronous. Asynchronous communication means I can take a step out for lunch and catch up on transcripts when I get back. Async...

   GitHub,Work,Style,Asynchronous,Efficienc     2011-08-19 07:44:20

RECENT