Category Archives: Software Engg
How to Address Application Security in Agile Scrum Teams?
One of the concerns that takes the back burner while setting up the agile SCRUM teams is application security. One other area that gets similar behavior like security is performance which shall be addressed in later articles. However, performance gets addressed quickly as it is key quality characteristic and gets noticed by end users very quickly. In the traditional waterfall based development model, security gets fair attention as the non functional requirements related with security gets captured in the initial stages and the team gets composed of at least one security officer/specialist/architect to take care of security requirements. However, having a security specialist/officer in each SCRUM team is not feasible …
Logging Tips/Best Practices for Newbies
When starting the career of application developer in IT with one or more programming languages, one thing which is kept on back burner and kept for really long is logging. In fact, when I started my career as a programmer, when I realized that I wanted to know about what to log and what not to log, it was almost 4 years or so. This was my involvement in learning nitty-gritties of programming language itself, and not paying enough attention to logging at all. And, when I learnt most of it all, I realized how much value I added to programming by logging appropriate stuff in log files which was …
Migration Challenges from ATG 9.x to ATG 10.x
Following are some of the migration challenges from ATG 9.x to ATG 10.x: The migration can be achieved by executing scripts provided by Oracle, the information about which could be found in their detailed migration guide or the same can be accessed on this page. However, it is recommended to have an experienced migration architect deal with migration initiative from 9.x to 10.x versions. It has been found that migrating directly from any ATG 9.x versions to any ATG 10.x versions landed up with one or more issues. If the current ATG version is at 9.x, it may be advisable to first migrate to an intermediate 10.0.3 version and, then migrate …
Make Business Analysts Your Friend & Deliver Great Product
In my experience, I have found application developers not very clear on roles and responsibilities of business analyst (BA) and, more importantly their need in the project. Thus, they do not pay attention to what business analysts has to say on the requirements and end up faltering on various aspects of project execution due to lack of proper understanding of the business requirements. This creates a lot of frustration to both application developer and business analysts. Below is a diagram representing a conversation with BA and an application developer. What is the problem if business owners and application developers communicate directly without a business analyst as a bridge? The …
How to Create Your Next Web Application on WordPress
If you have decided to code your next web application on top of WordPress framework, following are some of key considerations that would help you to get started quickly: Database interactivity from your custom pages Creating custom pages Retrieving GET parameters URL Rewrite Following is detail on all of the above points: Database Interactivity: Having your custom pages interact with the database is one of the key. Following are tips to get set with database connectivity from custom pages.The database information including host, database name, username and password is all configured in the wp-config.php in the root folder. All you got to do is include wp-config.php file in your database …
Top 3 Most Visited Blogs for Great Software Code Quality
Following are top three most visited blogs this month in relation with software code quality: The rule I followed to become a great developer Refactoring 3000 lines of code Security code review tips for application developers Thanks to my readers for appreciating above blogs. I shall keep it flowing…
Strategies to Consider for Your Code Migration Project
Are you planning to start your code migration project. Have you been looking forward to accelerate your code migration project while ensuring that the quality is not compromised? Following are some of the strategies that you may want to consider for your code migration project: Development Methodology: As code migration requires greater team collaboration and frequent testable releases, it may be advisable to adopt agile development methodology such as SCRUM. With agile development methodology, the features to be migrated could be put in the backlogs and the migration is done based on this backlog. Agile development method ensures that you have complete visibility at all times on what is done …
If I Woke up as a Test Engineer One Day…
If I, being an application developer, have to spend a day as a tester, following are some of the activities I would do: Analyzing Test Cases: Examine test cases and make sure that the coverage is maximum in terms of including all test scenarios in relation with the use cases. Test Automation: Look for the areas which can be automated and suggest the same to my lead/manager. Digg a little deeper in the code to find bugs which are difficult to find in manual testing. Learn techniques in performance testing as I am very passionate about the same. Learn few tips and techniques in security testing, along with knowledge on …
The Rule I Followed to become a Great Developer
DISCLAIMER: The article is in no way an intention of bragging about my development capabilities. The intention is only to emphasize in so many ways on a rule which can surely, in my opinion, help developers improve quite a notch and become a better developer. I would like to reach as many developers as possible with an intention to create a belief in them regarding the principle I spoke. Thanks for reading the blog. Please feel free to share. For several years that I spent in IT industry while working on a different roles and responsibilities such as developer, technology lead and architect, I was looking for that ONE THUMB …
Security Code Review Tips for Application Developers
One of the key aspects of secured application development practice is Security code review. Security code review, as like normal code review, could be done either in automated fashion using one or more tools, or in manual fashion where one or more developers are involved in doing code review. Unlike application normal code review where one needs the knowledge of business functionality and programming language & related technologies’ knowledge, Security code review requires knowledge on different aspects of security including some of the following: Common threats (STRIDE can be a great place to start understanding threats) Vulnerabilities (OWASP Top 10 describes most common vulnerabilities) Remediation techniques recommended in that programming …
Why Attend Meetings when Some Coding can be Done
I am sure many of us at some point of time in our career come across this argument from meeting attendees, primarily inexperienced guys, that he/she is very busy with his current tasks related with coding or testing, and that he may not be able to join the same given the fact that he agreed to attend the meeting earlier. Another instance that I have come across in relation with meeting is people coming up with laptops and get themselves busy with their tasks (coding/testing/others) while meeting is proceeding. Let’s try and understand what can be some of the different kind of meetings for an application programmer, or tester. …
Disagree with Your Customers but Politely
Have you come across those heated email exchanges between customer stakeholders (manager, architect, tech lead, senior engineer etc) and stakeholders from your team including developers, tech lead, managers or architect? If you have worked in IT services company whose primary business is to work on development, support and migration of one or more applications in different technologies, instances like these are more likely to appear. If you want to act as an equal partner and contribute to maximum in overall growth of your customer’s business, you are surely expected to contribute much more than just do what is asked to be done. In that regard, you may be expected to …
Refactoring 3000 Lines of Code
Have you come across a class file (object-oriented programming languages) which spanned across 3000 lines of code or more? Or, even, a class of 1000 lines or more. I do have seen many such code in my career and trust me, every time I have come across such instances, I have a painful time working with any changes required to be made in the code. Honestly, the changes was made without much assurance that everything would work fine with this change in now and future. Lets try and understand what’s the problem with long classes (1000 lines code or more)? Low Maintainability: Such classes score very low in maintainability aspect of …
Preparing Fresher Developers for Billable Projects
Are you one of those project stakeholders/trainers who have been assigned the task to make the fresher developers become billable, meaning, customers paying for their time? This is a tricky one to crack as it is difficult to convince customers that a fresher developer would be able to deliver a great quality code given the lack of experience. As a matter of fact, fresher developers take pride in becoming billable after the training is over owing to the fact that they would be able to start learning from day one, prove his worth and, organization would be able to make optimum usage of his expertise. So, how do you crack …
SCRUM Style Best Suited for Fresher Developers
One of the key concern that freshers’ developers, mostly under probation period, have been found to have is biased behavior of the manager in-charge towards a set of developers in assigning development tasks primarily during training period. This is the time when managers have also rate these developers and it is a very tricky part for the managers to take the right judgement. Thus, what can be the most effective way which creates win-win for both, freshers developer in terms of having them work/learn at their will and also managers be able to make the right judgement. To crack this problem and create a fair playground for all, I have …
PHP Code Smells and Best Practices
As application in PHP can be written in object oriented manner, most of the code smells found in the world of object-oriented programming also stay valid for PHP. Recently, I happened to do a code review of a PHP project and wanted to share some of the areas which one would want to pay attention to: Naming methods using Camel Case: It is always helpful to write method names in camel case as it is easily readable. For example, instead of writing method names such as “searchurlAction”, one could write “searchUrlAction”. Software quality characteristic impacted in “Usability“. Long Methods: One may want to avoid large method as these methods become …
I found it very helpful. However the differences are not too understandable for me