Le 22 août 2018, la fondation Apache a publié un correctif de sécurité pour le framework d’application web Struts. Celui-ci concerne la vulnérabilité CVE-2018-11776 permettant d’exécuter du code à distance sans authentification. L’exploitation ne nécessite pas l’installation de modules …
Source de l’article sur CERT-FR

This is the fifth in a series of posts exploring Scrum Mastery. In our first post, we introduced the 4 dimensions of Scrum Mastery: Team Identity, Team Process, Product Value, and the Organization. In this post, we will explore the Organization dimension.

How is the organization enabling you to maximize the benefits of Scrum? How is the organization holding you back?

Source de l’article sur DZone (Agile)

"I don’t care about the tech — what I really want to hear is how this product fits in our processes and helps our people get more done."

That was the message my co-founder and I heard from an executive at a major bank last week. For us, it was both a deja vu and a major relief because we’d just presented at the Cablelabs Summer Showcase about the importance of aligning people, process, and technology together. The executive was pleased about how RackN had achieved that balance.

Source de l’article sur DZone (Agile)

Finding a piece of software for creating a quick prototype of your future application may seem like a trivial task. But software prototypes are created by different people for different reasons. It could be a business analyst trying to communicate her vision to a designer, a marketer working on a website with a web dev, or a project manager demonstrating a future mobile app to a client.

Since people use wireframing tools for different purposes, it would be nice to know which tool would be your best bet for your specific situation.

Source de l’article sur DZone (Agile)

Here I am with another useful design pattern for you — the adapter design pattern. I will also highlight the differences between the decorator design pattern (see my previous article, Decorator Design Pattern in Java, here) and the adapter design pattern.

Adapter Design Pattern

  • The adapter design pattern is a structural design pattern that allows two unrelated/uncommon interfaces to work together. In other words, the adapter pattern makes two incompatible interfaces compatible without changing their existing code.
  • Interfaces may be incompatible, but the inner functionality should match the requirement.
  • The adapter pattern is often used to make existing classes work with others without modifying their source code.
  • Adapter patterns use a single class (the adapter class) to join functionalities of independent or incompatible interfaces/classes.
  • The adapter pattern also is known as the wrapper, an alternative naming shared with the decorator design pattern.
  • This pattern converts the (incompatible) interface of a class (the adaptee) into another interface (the target) that clients require.
  • The adapter pattern also lets classes work together, which, otherwise, couldn’t have worked, because of the incompatible interfaces.
  • For example, let’s take a look at a person traveling in different countries with their laptop and mobile devices. We have a different electric socket, volt, and frequency measured in different countries and that makes the use of any appliance of one country to be freely used in a different country. In the United Kingdom, we use Type G socket with 230 volts and 50 Hz frequency. In the United States, we use Type A and Type B sockets with 120 volts and 60 Hz frequency. In India, we use Type C, Type D. and Type M sockets with 230 volts and 50 Hz. lastly, in Japan, we use Type A and Type B sockets with 110 volts and 50 Hz frequency. This makes the appliances we carry incompatible with the electric specifications we have at different places.
  • This makes the adapter tool essential because it can make/convert incompatible code into compatible code. Please notice here that we have not achieved anything additional here — there is no additional functionality, only compatibility.

To better understand this, let’s look at an example of geometric shapes. I am keeping the example relatively simple to keep the focus on the pattern. Suppose we have a project of drawing, in which we are required to develop different kinds of geometric shapes that will be used in the Drawing via a common interface called  Shape.

Source de l’article sur DZONE

Previously, we saw some of the very basic image analysis operations in Python. In this last part of basic image analysis, we’ll go through some of the following contents.

The following contents are the reflection of my completed academic image processing course in the previous term. So, I am not planning on putting anything into the production sphere. Instead, the aim of this article is to try and realize the fundamentals of a few basic image processing techniques. For this reason, I am going to stick to using SciKit-Image – numpy mainly to perform most of the manipulations, although I will use other libraries now and then rather than using most wanted tools like OpenCV


Source de l’article sur DZONE (AI)

We’ve put together this article by talking to the people involved in software modernization projects (in leading positions) here at ObjectStyle. The goal is to help decision-makers choose an optimal software modernization strategy. The post covers some common use cases and approaches to legacy software redesign. It’s also centered primarily around enterprise software development because these are the kind of projects we do most of the time.

What Is Legacy Software

The term "legacy software" is usually applied to a software system that was written decades ago in an outdated programming language, using some no-longer-supported framework(s), according to dated design principles, and/or that is currently running in an increasingly unsupportable environment.

Source de l’article sur DZONE

Our team at DigiMantra Labs consists of many developers, but it has been dominated by frontend developers after the rising popularity of various JavaScript libraries like AngularJS, React.js, and others. We have moved to Microsoft Visual Studio Code and have long forgotten Sublime Text, but it’s a little secret that we still have developers that like "Dreamweaver." Yes, they do exist!

During one of our workshops, “Learn & Rise,” we discusses the various extensions that we use every day to make our lives easier. I collated them all and I’m going to share the top five VSC extensions that our developers use.

Source de l’article sur DZONE

Lizzie is a dynamically compiled scripting language for .NET, allowing you to incorporate dynamically loaded pieces of code into your C# and F# projects. One of its defining traits, is that, first of all, out of the box, it is literally theoretically impossible to execute malicious code, simply since out of the box, it doesn’t contain a single piece of functionality that changes the state of your computer in any way. If you need such functions, which I assume most would, then creating such functions is as easy as marking your method with an attribute, and making sure it has the correct signature. Below is an example.

using System;
using lizzie; class MainClass
{ [Bind(Name = "write")] object Write(Binder<MainClass> binder, Arguments arguments) { Console.WriteLine(arguments.Get(0)); return null; } public static void Main(string[] args) { // Some inline Lizzie code var code = @" var(@foo, function({ +(bar, ""world"")
}, @bar)) write(foo(""Hello "")) "; // Creating a Lizzie lambda object from the above code, and evaluating it var lambda = LambdaCompiler.Compile<MainClass>(new MainClass(), code); lambda(); // Waiting for user input Console.Read(); }
}

Notice how we "bind" a C# method in the above code to our Lizzie lambda object. This makes the C# method available as a "function" internally within our Lizzie code. This trait allows you to easily extend the language, with whatever domain specific extensions you need to solve your particular problem. This makes the language particularly well suited for "Domain Specific Languages."

Source de l’article sur DZONE

Analytics forms a major part of the conceptual design of an app. Data tracking and collection for the purpose of analytics allows us to better update our app for consumer use. Data tracking is akin to the idea of feedback from a user. By collecting the data in a way that makes sense to us, we can add features or upgrade the existing elements of our app to meet the demand of the consumer. While this allows for a certain level of automatic feedback it does not mean that we can outright ignore our app users’ comments either. A firm balance of both is the middle ground that we should be chasing.

Relevant Data Tracking

As a developer, data tracking is simply one more SDK that needs to be built into our existing application framework. We obviously don’t need every bit of information the app can collect – most of this is useless to our determination of whether the app functions as expected or not. We can, however, produce separate use cases to test whether users find a certain button layout more conducive to their app use. We can also collect information such as uninstall/reinstall information, the orientation of the device, loading time of the application and, by extension, its performance on a number of different handsets (very useful in benchmarking the processing friendliness of the application), account information, and, of course, crashes and exception data that can help improve our user experience. David Cearley from Gartner Inc. is noted as saying that every app now needs to be an analytics app and we can only do this through tracking the data relevant to our app.

Source de l’article sur DZONE