More than two decades ago, Richard P. Gabriel proposed the idea that “Worse Is Better” to explain why some things that are designed to be pure and perfect are eclipsed by solutions that are compromised and imperfect. This is not simply an observation that things should be better but are...
When a unit test fails, we want clear, expressive, rich feedback so we can quickly understand the nature of the failure and get a good idea of how to fix it. Unit testing frameworks are fantastic at running tests and alerting us to any failure. Unfortunately, sometimes...
By next year, 90 percent of large enterprises will include open-source software as business critical elements of their IT portfolios. However, most software development organizations have limited capability to govern the process of selecting, managing, and distributing open-source components-leaving them exposed to unforeseen technical and compliance risks. Larry Roshfeld examines how open-source components-and their dependencies-may expose your company to unforeseen and unnecessary vulnerabilities. He outlines the significant threats to software quality, stability, performance, security, and intellectual property that have occurred using such components. Then, Larry shares an action plan for balancing the risk/reward trade-offs of open-source software in the enterprise. Find out how to ensure that your organization uses only the highest quality open-source components and avoids the common vulnerabilities.
Soon mobile devices will be able to do most everything, right? Although it's fun to talk about how much mobile devices can or will do soon, limitations and constraints remain now and will for a long time. With the lower-tier market offering scaled-down devices, even the latest generation mobile devices have hardware, network, and operating system constraints. These limitations will seriously affect the architecture, design, and testing decisions for your mobile development projects. Jacob Stevens offers a primer on the unique dynamics and constraints of these lucrative platforms. Learn about the implications of mobile platform constraints that impact development and, ultimately, your customers' experience. Discover potential failure points hidden in hardware specifications and explore the trade-offs necessary for mobile success.
As software development teams seek greater efficiency and effectiveness, they often find that they are held back by old IT architecture for development and test. They wrestle with low-powered servers, difficult-to-scale static environments, and a slow IT provisioning and change processes. Today, software leaders at Calypso, Centric Group, Serena Software, and others have radically changed the way they build, test, and deploy software-almost exclusively using cloud computing to power their development processes. Some teams report benefits of 75% faster development cycles with 70% lower operating costs. Brian White describes the techniques and practices employed and success factors you can follow to achieve similar results. Brian provides specifics on which application workloads are ideal for the cloud model and how the use of cloud computing supports Agile development practices.
To ensure the quality and safety of Web applications, security testing is a necessity. So, how do you cover all the different threats-SQL injection, cross-site scripting, buffer overflow, and others? James Knowlton explains how Ruby combined with Watir-both freely available-makes a great toolset for testing Web application security. Testing many common security vulnerabilities requires posting data to a Web server via a client, exactly what Watir does. The Ruby side of Watir, a full-function programming language, provides the tools for querying the database, checking audit logs, and other test-related processing. For example, you can use Ruby to generate random data or large datasets to throw at a Web application. James describes common security attacks and demonstrates step-by-step examples of testing these attack types with Ruby and Watir.
Open source community-based software development can be extremely wild and woolly. Testing in this environment is even more so, given that it is often less structured than software design and coding activities. What are the differences between testing open source and commercial or corporate applications? What can you learn from the open source community? Take a peek into the open source testing world with Tim Riley as he describes how the Mozilla Project develops and tests the Firefox browser. Tim describes how they monitor new builds, how people all around the world engage in testing, and how anomalies quickly bubble up to the release team. Although some of the tools they use may look familiar, how the Mozilla Project applies them will give you a fresh perspective. Find out how to apply the lessons learned at Mozilla to your projects and unleash the creative power of really smart people inside and outside your organization.
Testing is a critical aspect of agile development methods. In the acceptance testing process, testers and customers write the automated tests before the code is developed. Then, developers run the acceptance tests to verify that the code delivers the expected functionality. FitNesse is a
widely used open source tool that helps automate the development and execution of acceptance tests. After a brief introduction about where FIT and FitNesse "fit" in the Agile development methodology, Micah Martin demonstrates the FitNesse tool and how to drive development with FitNesse tests. In a sample project he presents the tool in use and shows how you develop the tests before the code has been written. Find out what techniques you can use to create FitNesse tests and how the framework operates in a "live" development environment. Take away a list of
available resources and some tips to get started.
Each year more and more open source development tools, including test tools, are available. By choosing to use open source test tools, companies expect to save money and take advantage of the community of shared development. Recently, there seems to be an abundance of open source testing tools being released, including tools for automated regression, load testing, test management, and defect tracking. But how do you know which tools are right for you? Based on his real-world experiences using such tools, Jeff Jewell covers the issues that you are likely to encounter as you evaluate open source testing tools. Learn where to find open source test tools, the challenges you
face in choosing these tools, and what you will need to do once you find the right tools. Find out if your organization is ready to use open source tools and how to find the right tools for you.
What is the impact of agile methods on test departments and testers? How do you manage testing in an agile test department? Robert Martin, an early adopter and proponent of agile development practices, discusses his experiences and recommendations for how to organize and run an agile test department. He describes the principles, practices, tools, and metrics that are important to successful test management within agile development. Agile methods change the role of test departments from verification to specification. With agile methods, you develop tests before the code, and the tests become the detailed requirements documentation. This paradigm shift has a profound impact on both the test team and the programming team. Learn about the test management problems that often arise in making the transition to agile development and common solutions that address these issues.