The document discusses how the entropy of Ruby codebases increases over time if changes are not limited, making future changes more difficult. It advocates for writing specs to establish confidence in code and observing trends in metrics like code coverage, complexity, and churn to catch signs of rising entropy early. Sticking to conventions but knowing when to deviate, and focusing on principles over mechanics can help limit a codebase's entropy.
The slides for a presentation of mine on various aspects of Ruby code and things to look for to help improve the readability, efficiency, and maintainability of ones code.
A great idea can be built with almost any technology. The success or failure of your project has more to do with vision, leadership, execution, and market than technological choices.
Besides the vision, a lot of startups focus on culture. what isn’t often mentioned is that the technical decisions will have a direct effect on the company culture. Great things have been built with each of the technologies. But they do come with a culture.
The purpose of this presentation is to help developers, managers, founders, etc. to make an insightful decision about the framework they want to use to create their product.
Code we've written once has to be kept readable, maintainable, understandable and extensible for many years. Good code is not self-serving but the foundation for working together.
Refactoring can help you to keep the quality of the relevant parts of our systems high.
The technique is really easy (almost too easy) - improve the naming, structure, and responsibility in small steps that don't change behavior and run your tests after each step.
18 years ago I got hooked on Refactoring when Martin Fowler's first book came out. I've been using it since then on a daily basis on many different projects. Since then a lot has changed, especially with the help of modern IDEs with their automated refactorings and intentions.
Now he asked me to help review the 2nd edition. Our discussions reminded me that each generation of developers should be taught this crucial skill. That's why I want to give an overview of core refactorings and code-smells but also demonstrate the tips and tricks of today's tools that make this task so much easier.
Plus a sneak preview of the upcoming book.
Scratching the itch, making Scratch for the Raspberry PieESUG
Title: Scratching the itch, making Scratch for the Raspberry Pie
Speaker: Tim Rowledge
Fri, August 22, 12:00pm – 12:30pm
Abstract: Scratch was originally written in a Squeak 2.8 era image. Much has changed since then and to make the Raspberry Pi run Scratch as well as possible we have ported the code forward to a 4.5 image so it can run on a StackVM; and soon a Cog VM. A substantial amount of Smalltalk code has had to be rewritten to do this and yet we have to maintain complete compatibility with the original system to avoid overloading the teachers that use it in their classes. A new branch of Cog for the ARM cpu is being written as well.
Bio: Tim Rowledge has almost 30 years of Smalltalk experience, and almost as much with ARM. Somehow the two have always gone together.
Patterns, Code Smells, and The Pragmattic ProgrammerJason McCreary
Writing code is a craft. The journey from apprentice to master travels beyond experience. Over the past few years I've worked my way through The Reading List - a series of books considered required reading by most Silicon Valley startups.
In this talk we'll take a look at The Reading List and review the more popular titles such as Implementation Patterns, Refactoring, Design Patterns, and The Pragmatic Programmer. I'll share how each helped me go from a developer to a software engineer.
There has been lots of talk on the importance of writing good and manageable code – code whose inherent beauty bring tears to the eyes of the developer that looks at it. This talk is not like that. This talk will focus on the techniques that are used by millions across the world to bring tears to the eyes of the maintaining developer, as well as a graphic stream of profanities.We will investigate some of the most common anti-patterns and half-measures that occur in real live code, and will marvel at the ingenuity and outright creativity necessary to create ugly messes of unmaintainable code that still manages to work for it’s users.
Big Graph Analytics on Neo4j with Apache SparkKenny Bastani
In this talk I will introduce you to a Docker container that provides you an easy way to do distributed graph processing using Apache Spark GraphX and a Neo4j graph database. You'll learn how to analyze big data graphs that are exported from Neo4j and consequently updated from the results of a Spark GraphX analysis. The types of analysis I will be talking about are PageRank, connected components, triangle counting, and community detection.
Database technologies have evolved to be able to store big data, but are largely inflexible. For complex graph data models stored in a relational database there may be tedious transformations and shuffling around of data to perform large scale analysis.
Fast and scalable analysis of big data has become a critical competitive advantage for companies. There are open source tools like Apache Hadoop and Apache Spark that are providing opportunities for companies to solve these big data problems in a scalable way. Platforms like these have become the foundation of the big data analysis movement.
Speakers
Skynet project: Monitor, analyze, scale, and maintain a system in the CloudSylvain Kalache
The goal of Skynet is to avoid human doing repetitive things and make a system doing them in a better way. System automation should be the way to go for any system management so that human can focus on stuff that really matters.
Related blog post for more informations https://engineering.linkedin.com/slideshare/skynet-project-_-monitor-scale-and-auto-heal-system-cloud
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Mais conteúdo relacionado
Semelhante a Ruby codebases in an entropic universe
The slides for a presentation of mine on various aspects of Ruby code and things to look for to help improve the readability, efficiency, and maintainability of ones code.
A great idea can be built with almost any technology. The success or failure of your project has more to do with vision, leadership, execution, and market than technological choices.
Besides the vision, a lot of startups focus on culture. what isn’t often mentioned is that the technical decisions will have a direct effect on the company culture. Great things have been built with each of the technologies. But they do come with a culture.
The purpose of this presentation is to help developers, managers, founders, etc. to make an insightful decision about the framework they want to use to create their product.
Code we've written once has to be kept readable, maintainable, understandable and extensible for many years. Good code is not self-serving but the foundation for working together.
Refactoring can help you to keep the quality of the relevant parts of our systems high.
The technique is really easy (almost too easy) - improve the naming, structure, and responsibility in small steps that don't change behavior and run your tests after each step.
18 years ago I got hooked on Refactoring when Martin Fowler's first book came out. I've been using it since then on a daily basis on many different projects. Since then a lot has changed, especially with the help of modern IDEs with their automated refactorings and intentions.
Now he asked me to help review the 2nd edition. Our discussions reminded me that each generation of developers should be taught this crucial skill. That's why I want to give an overview of core refactorings and code-smells but also demonstrate the tips and tricks of today's tools that make this task so much easier.
Plus a sneak preview of the upcoming book.
Scratching the itch, making Scratch for the Raspberry PieESUG
Title: Scratching the itch, making Scratch for the Raspberry Pie
Speaker: Tim Rowledge
Fri, August 22, 12:00pm – 12:30pm
Abstract: Scratch was originally written in a Squeak 2.8 era image. Much has changed since then and to make the Raspberry Pi run Scratch as well as possible we have ported the code forward to a 4.5 image so it can run on a StackVM; and soon a Cog VM. A substantial amount of Smalltalk code has had to be rewritten to do this and yet we have to maintain complete compatibility with the original system to avoid overloading the teachers that use it in their classes. A new branch of Cog for the ARM cpu is being written as well.
Bio: Tim Rowledge has almost 30 years of Smalltalk experience, and almost as much with ARM. Somehow the two have always gone together.
Patterns, Code Smells, and The Pragmattic ProgrammerJason McCreary
Writing code is a craft. The journey from apprentice to master travels beyond experience. Over the past few years I've worked my way through The Reading List - a series of books considered required reading by most Silicon Valley startups.
In this talk we'll take a look at The Reading List and review the more popular titles such as Implementation Patterns, Refactoring, Design Patterns, and The Pragmatic Programmer. I'll share how each helped me go from a developer to a software engineer.
There has been lots of talk on the importance of writing good and manageable code – code whose inherent beauty bring tears to the eyes of the developer that looks at it. This talk is not like that. This talk will focus on the techniques that are used by millions across the world to bring tears to the eyes of the maintaining developer, as well as a graphic stream of profanities.We will investigate some of the most common anti-patterns and half-measures that occur in real live code, and will marvel at the ingenuity and outright creativity necessary to create ugly messes of unmaintainable code that still manages to work for it’s users.
Big Graph Analytics on Neo4j with Apache SparkKenny Bastani
In this talk I will introduce you to a Docker container that provides you an easy way to do distributed graph processing using Apache Spark GraphX and a Neo4j graph database. You'll learn how to analyze big data graphs that are exported from Neo4j and consequently updated from the results of a Spark GraphX analysis. The types of analysis I will be talking about are PageRank, connected components, triangle counting, and community detection.
Database technologies have evolved to be able to store big data, but are largely inflexible. For complex graph data models stored in a relational database there may be tedious transformations and shuffling around of data to perform large scale analysis.
Fast and scalable analysis of big data has become a critical competitive advantage for companies. There are open source tools like Apache Hadoop and Apache Spark that are providing opportunities for companies to solve these big data problems in a scalable way. Platforms like these have become the foundation of the big data analysis movement.
Speakers
Skynet project: Monitor, analyze, scale, and maintain a system in the CloudSylvain Kalache
The goal of Skynet is to avoid human doing repetitive things and make a system doing them in a better way. System automation should be the way to go for any system management so that human can focus on stuff that really matters.
Related blog post for more informations https://engineering.linkedin.com/slideshare/skynet-project-_-monitor-scale-and-auto-heal-system-cloud
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
20. the principle of segregation of design decisions
in a computer program that are most likely to
change, thus protecting other parts of the
program from extensive modification if the
design decision is changed.
46. other fun examples
• overriding responds_to? on Object
• un-defing id on Object (thanks Brian!)
• editing boot.rb in your Rails project
• using instance_variable_get anywhere
64. they are the only confidence you, as a developer,
should have in your code. whether it's an
acceptance test script written by a QA (manual or
automated) or the world's tiniest spec, this is your
starting point. without specs, the only assumption
you can reasonably make about your code is that
it doesn't work.
quality and entropy are the two themes underlying our talk.
Quality
how would you measure the value of a codebase? $ revenue generated? Time saved? LoC? None of these have a baseline against which you can measure success or failure
how would you measure the value of a codebase? $ revenue generated? Time saved? LoC? None of these have a baseline against which you can measure success or failure
The need to adapt software to changing realities is what drives feature requests. The quality of a static codebase doesn’t matter as long as it *works*
So... some part of code quality is encapsulation
is the code factored in a manner which allows tuning parts of it without affecting other parts
Which is encapsulation again
So what exactly *is* encapsulation
This is what we’ve been taught in college
David Parnas’ paper
This is a controller action. This is also really, really bad code. Is this familiar?
Which brings us to entropy
This is a controller action. This is also really, really bad code. Is this familiar?
As you work on a codebase the complexity of the code always increases and quality decreases. The difference is that unlike Physics, entropy increase isn’t constant - but more on that later, so hold your thoughts.
Let’s walk through this code quickly and see what’s the problem. We aren’t talking about fixing it - but just looking to understand the problems that exist.
Step 1 when dealing with ANY code - specs.
Ok, that’s good.
Coverage is good. It means we have *some* kind of safety net. How good that safety net actually is depends on how the specs were written, but lets defer looking into that for a bit.
This is a controller action. This is also really, really bad code. Is this familiar?
any method that has more handful of lines, or deals with more than a single concept is big. A one page method is an abomination.
This is a controller action. This is also really, really bad code. Is this familiar?
any method that has more handful of lines, or deals with more than a single concept is big. A one page method is an abomination.
This is a controller action. This is also really, really bad code. Is this familiar?
any method that has more handful of lines, or deals with more than a single concept is big. A one page method is an abomination.
Clearly this isn’t a good idea. And the people who wrote this would agree with me, and it was never their intention to get to this point. But they did, somehow, one if statement at a time and they started living with broken windows. That said, this could happen anywhere, in any language, right? Lets look at some Ruby specific fun and games involving the...
The Ruby programmer that starts to understand metaprogramming is like a Jedi apprentice with a lightsaber. Power without wisdom/experience. It appears that all problems are easily solved using a few quick slashes and hacks. For example...
Read the comment at the top of the page if you will. “This method is regenerated at runtime based on what the prefix is set to.” Uh, huh. And that’s a good idea how?
The metaprogramming lightsaber is fun, but sometime... ***? Like seriously, ***?
well, that’s a mechanic right there - the principle is that you need to wait until you have the judgement to apply the right tool for the job
Clearly, these are bad ideas. They might have seemed like good ideas to begin with, solving the problem quickly with a hiss and a sizzle. Even though they do solve the problem, they don’t do so in a manner that is well encapsulated, easy to spec and easy to understand. Over time, they act as points where cruft starts to accumulate.
eventually, you’re like the boiling frog. you did one little thing which wasn’t ‘clean’ as a quick hack, and then two months later you realise someone else saw it, though it was a good idea and replicated it everywhere. eventually you get
which, in a nutshell, is entropy on a codebase. After a while you can’t make any change without tripping over something (or someone).
entropy is a complex engineering problem
this is why Ruby codebases need more care and love than most other codebases
You need to know when, where and how to use the lightsaber
The point is... (next slide)
basically...
Step 1. Specs.
preferably one that doesn’t take too much time
Back to step 1. Specs.
no, seriously. we can’t emphasise this enough. with something as flexible as Ruby, you need specs.
Back to step 1. Specs.
As entropy on any code base always increases, it is essential to keep an eye on trends, and refactor/redesign every once in a while to make sure that it doesn’t go out of control
to make sure it doesn’t deteriorate like this
the trends you should watch
the trends you can quantify
the trends you should watch
the trends you should watch
the trends you should watch
the trends you should watch
reek
how long does it take a new person to get productive on your codebase