Skip to content

Feed aggregator

Latest Testing in the Pub Podcast Takes on Security

uTest - 11 min 31 sec ago

Testing in the PubStephen Janaway and Dan Ashby discuss many testing topics over a pint at the local watering hole in their Testing in the Pub podcasts, but security is one that hasn’t been brought up just yet — until now.

The latest podcast features a chat with Dan Billing, a.k.a. the Test Doctor, and gets into what has been a very active subject as of late at the uTest Blog. As we’ve previously mentioned, data breaches, hacking, and other security leaks have been in the news for months now, not limited to instances including New York suffering 900 data breaches last year.

In other words, the subject of this latest podcast couldn’t have come at a more opportune time. Be sure to check out Episode 8 of Testing in the Pub right now.

Categories: Companies

[Re-Blog] Dev Chat: Vlad Filippov of Mozilla

Sauce Labs - 12 min 26 sec ago

Last week Sauce Labs’ Chris Wren took a moment to chat with Vlad Filippov of Mozilla on his blog. Topics covered all things open source and front-end web development, so we thought we’d share. Click the image below to read the full interview, or just click here.

Dev Chat: Vlad Filippov of Mozilla

 

Categories: Companies

Jenkins figure is available in shapeways

Some time ago, we've built Jenkins bobble head figures. This was such a huge hit that everywhere I go, I get asked about them. The only problem was that it cannot be individually ordered, and we didn't have enough cycles to individually sell and ship them for those who wanted them.

So I decided to have the 3D model of Mr.Jenkins built, which would allow anyone to print them via 3D printer. I comissioned akiki, a 3D model designer, to turn our beloved butler into a fully-digital color-printable figure. He was even kind enough to discount the price with the understanding that this is for an open-source project.

The result was IMHO excellent, and when I finally came back to my house yesterday from a two-weeks trip, I found it delivered to my house:

With the red bow tie, a napkin, a blue suit, and his signature beard, it is instantly recognizable as Mr.Jenkins. He's mounted on top of a red base, and is quite stable. I think the Japanese sensibility of the designer is really showing! Note that the material has a rough surface and it is not very strong, but that's what you trade to get full color.

I've put it up on Shapeways so that you can order it yourself. The figure is about 2.5in/6cm tall. The price includes a bit of markup toward recovering the cost of the design. My goal is to sell 25 of them, which will roughly break it even. Any excess, if it ever happens, will be donated back to the project.

Likewise, once I hit that goal, I will make the original data publicly available under CC-BY-SA, so that other people can modify the data or even print it on their own 3D printers.

Categories: Open Source

Tasktop Sync 3.6 Extends Test Synchronization

Software Testing Magazine - 3 hours 53 min ago
Tasktop has announced Tasktop Sync 3.6 with continued innovations for support of exceptionally complex integration scenarios. Building on the advanced Artifact Relationship Management capabilities in the previous release, Sync 3.6 supports the intricate requirements management needs of embedded software development, as well as the disparate models found in test management. Tasktop Sync 3.6 extends its ecosystem to support IBM Rational DOORS and Jama, two requirements management tools found in systems engineering organizations. By adding this support, organizations that define requirements in these tools can allow their software engineering teams to use ...
Categories: Communities

Age discrimination in the workplace

On Linkedin there's a spirited, 3000+ reply, about hiring those who are 50+ and needles to say most of the responses are positive about it. I've of course not read anything over about 100 replies, but my reading of the posts is the experience and stability brought are worth various quantities of gold.. For me it's almost a mute point, but then perhaps I 'get' it that you can't just rule out someone for a role base on age. It's ludicrous to think that age alone qualifies or disqualifies someone for a role in our software development and testing profession. I like the fact the UK is pretty hot on age discrimination. When I was in manufacturing virtually all the candidates were 50+ women looking for part or full-time roles on the production line for a bit of extra money. I guess my early working years just normalised the idea of hiring older members of staff. In truth, the 'youngsters' were seen as a liability and sad to say, provide themselves to be repeatedly. As the process engineer it was my role to set-up the manufacturing line, optimise layout and £££ return per square foot, research tool selection, get us through ISO9001, etc.

Looking back now, it was fun having these 50+ people (mostly ladies) work there, I mean it, I looked forward to getting into work and wandering over to the line, saying "good morning ladies" in a charming / slightly comedic way and having them take the micky with their "ooh, young maaan" response. I'm pretty much always happy, I don't laugh that much as a rule though, but I laughed every day with them. Thinking about it now I have a sense of colour, sunlight and fresh air, memories are funny eh? What really made it work was the mutual respect. As a 20 something I was in awe at the incredible experience they had, I would constantly ask their advice about how they'd set the line up, write up the instructions, sequence the build and so on. In turn, they produced so little bad quality product, the company let the 'quality controller' go, woops! We ended up just throwing the few defective units into recycling.

Now I'm in software testing and development, I don't see a massive amount of age discrimination. However, there are certainly roles that naturally fit with a person of a certain age. Senior Programme Managers are rarely 22, agile Ruby on Rails developers are rarely 55, except where these individuals are exceptional. But then, hey... they're exceptional so you'd expect them to break the typical patterns. Not that it isn't tricky to get exactly the role you may want for the salary or day rate you'd like. I'd really like to get hands on for 12 to 18 months with Ruby, Cucumber, RSpec, Selenium, etc. but there's younger more technically focused talent out there. I'm sure some of the younger talent would love to be at an investment bank running automation programmes through multiple off-shore teams, but they don't have the experience. That's not age discrimination, it's fitting the best person to the job, sometimes age means you aren't in the right place experience or career stage wise, but it's not the age that's the problem as such.

Talking of exceptions, the youngsters I come across today are a class apart from those I encountered 15 years ago. Our profession certainly breeds them like this to some degree, but I think da yoof have changed. The, let's say 22-25 year olds that I work with now, are in the main pretty inspiring. I consider myself to be the most educated, experienced, erudite, etc. that I have ever been, but I'm not convinced I was as bright and well educated as they are at their age. On the reverse, I don't think the 40 and 50 years olds of today are as old as they were 15 or 20 years ago either. My parents seemed ancient to me when they were 35, at 42 I feel like I've just left university. A general youthfulness of perspective permeates society more so than ever. Daily, I'll be asked for some guidance and advice from a slightly panicked more junior member of staff and I can barely feel a flicker of worry in my mind. Conversely, I turn clueless to the same people and ask for technical guidance and mentoring on how to best approach a problem, to see them answer the problem as if it were the simplest thing in the world. There's definitely a greater equality age wise, it's not perfect, but I don't see it as the disaster some would like to paint.

The 'age' problem exists when an employer assumes if you're over 50 you can't do the role, without any qualification than 'but you're over 50'. It's just like saying you can't do it because you're too young, you're black, an immigrant, a woman. Your blood should rightly boil in all cases. If you apply to a company like this or work for one, do everyone a favour and walk away as fast as you can. Their time is done anyway, they'll fade away into the black hole they deserve to be in soon enough, get away before you and others get sucked in.

The main question when applying for a role or hiring for the same, should of course be whether the person represents the best talent for the role. Career paths to date, education, experience, attitude, interests and outlook are all factors that play hugely into whether you're the right candidate for the role. The youthful and mature alike cry foul at not being able to get the roles they want.That the 50+ crowd shout that it's unfair is a great sign that times and expectations have changed. It's fantastic that people refuse to be limited by a false sense of limitation due to age, that a Linkedin post can get 3000+ responses agreeing age is irrelevant. Finally we're starting to see the first sparks of (some portions) of human society refusing to be held back. It can only be for the good.

However, despite my positive view on this point, there is a very real workplace issue that is not getting the notice it should.

A seriously bad issue. Bad as in as bad as racial and sexual discrimination. A problem so serious, so abhorrent, that no right minded individual should be staying quiet about it.

That problem, is workplace and pay inequality for women.

I'll talk about that in a future post.

Mark
Categories: Blogs

Neotys Adds Free Edition to NeoLoad Load Testing Tool

Software Testing Magazine - 4 hours 12 min ago
Neotys has announced NeoLoad 5.0, an enhanced version of its load and performance testing solution. The release of NeoLoad 5.0, now available with a Free Edition download, adds powerful new capabilities for mobile applications and web applications to increase testing speed, agility and resulting insights. The solution allows users to test more quickly, efficiently and frequently, enabling faster deployment of Internet, intranet and mobile applications, supporting all web architectures including the newest technologies such as, HTML5, WebSocket, Ajax Push and SPDY. Key Enhancements Complete Mobile End User Experience – NeoLoad 5.0 integrates ...
Categories: Communities

Testing the Limits With James Bach: Part II

uTest - 6 hours 36 min ago

In part II of our latest Testing the Limits interview with James Bach, we tried something a bit different this time, crowdsourcing some ojamesbachf the questions from our uTest Community members. Additionally, James shows us his lighter side and which of his picks won the World Cup — of his heart. 

Be sure to check out Part I of our interview, if you already haven’t.

What is the biggest hurdle to testing you see testers struggle with? (Jeff S.)

JB: The hurdles that come with having no credibility. Gain credibility, and every external hurdle gets a lot smaller. If you ever find yourself saying, “I want to do good work, but my manager insists that I test in a stupid way, instead,” then probably the issue is that your manager thinks you are incompetent. Fix that. Then when you politely tell your manager to mind his own business, he will let you get on with your work in the way you see fit.

Do you see the tide changing for development teams modernizing their testing philosophy? Or is entrenched thought winning the day? (Jeff S.)

JB: I don’t know, really. I don’t do polls or anything. I can say that business is good for me and my colleagues, right at the moment.

Which area or skill is best to focus on first as a tester to build a solid foundation or understanding of testing? (Frank B.)

JB: I would say: general systems thinking (GST). See the book Introduction to General Systems Thinking by Jerry Weinberg. Within the realm of GST, I suggest: modeling. It’s vital to gain control over your mental models of products. Models are a prison from within which you test.

Was there ever a time where you wanted to quit the testing field and move onto other ventures? (Marek L.)

JB: All the time. What stops me is that this is the only way I know to support my family while also feeding my hunger for intellectual puzzles, service to society, and teaching. If someone bought my company for forty million dollars (which I think is about one hundred times what it is worth), I would retire from testing entirely and become a consulting philosopher.

What do you do when there are times people start to throw sticks under you, and make your job really challenging…sometimes impossible to continue? (Marek L.)

JB: Well, first, I find out what’s going on. Sometimes it’s just a misunderstanding. I have often found that strong-minded people can be made into friends.

If I can’t solve the problem softly, then what I do is threaten to quit. That is a pretty powerful tactic, since I only accept work from people who know and respect me.

And if that doesn’t work, I quit. This is a viable option because I have organized my whole life around being able to quit (beginning with having a wife who knows I can’t work with people I don’t respect).

uTest: Now that our community members have asked some insightful questions, let’s get into some lighter ones now. What’s on Your iPod, iPhone or MP3-like device right now?

JB: You mean what music? It’s been a while since I added any music. The last thing I listened to was a set of lectures from the Teaching Company about the history of the American Supreme Court.

But I do like the Scala version of “With or Without You.”

uTest: Did you watch any of the World Cup? If so, how did your “pick” end up doing?

JB: My pick was the USA. I saw a little bit. I have been in Australia and New Zealand the whole time, and the games were on while I was working. Result: the USA team won the World Cup—of my heart.

uTest: Newest gadget you’ve picked up or are most looking forward to?

JB: I need a new computer. Is that considered a gadget? I’m conflicted, but I’m leaning toward getting a Mac for the first time in a very long time.

uTest: Do you “binge watch?” If so, what’s your poison on Netflix?

JB: Most recent was Derek. I love the work of Ricky Gervais.

uTest: If you had to pick a superhero, which one would you be?

JB: The Big Bad Wolf from the Fables comics. That’s me. Son of the North Wind, baby. Good family life, too.

Categories: Companies

New application security concerns emerging

Kloctalk - Klocwork - 6 hours 50 min ago

As mobile applications continue to grow in popularity, companies face increasing pressure to deliver new, exciting, powerful apps at a rapid rate. Naturally, this raises the issue of application security, especially as consumers now entrust a huge range of sensitive information to these programs.

For organizations pursuing mobile app development, it is imperative to stay abreast of the evolving nature of security threats in this area. No matter how exhaustive an expert's knowledge may be, changes will inevitably demand new approaches to achieve security.

New issues
Several of the most pressing mobile application security issues were recently highlighted by WhaTech contributor Jay Patel.

Arguably the biggest issue, according to Patel, is the prevalence of sensitive user data combined with a relative lack of authorization requirements. Many users now expect to enter login information only once, assuming this information will be saved for the future. This is a problem because the users' passwords become more vulnerable, and yet app developers must contend with the accelerating demand for convenience. Furthermore, the writer noted that if the mobile device is connected to the user's PC, a breach at one will quite possibly compromise the other.

That is why Patel emphasized the need to develop mobile apps that store sensitive data in an encrypted form. Encryption has always been a hallmark of application security, but this trend toward stored login information increases its importance.

Furthermore, Patel noted that weak cryptography is another key issue for developers to be wary of. Too often, he explained, developers turn to old, outdated algorithms in order to protect their applications from cyberthreats. This puts users at risk. While tight deadlines and budgets may make it difficult for developers to update their algorithms to feature the most advanced technology, such efforts are absolutely essential in an increasingly threat-filled world.

Unintended consequences
Another industry expert, Jeff Williams, recently pointed to the issue of unintended consequence within the realm of application security. Writing for Dark Reading, Williams emphasized that developers must be aware of the ways by which their security measures can potentially backfire.

In general, Williams explained, protection technology leads people to take greater risks. This is true in virtually every area of life – for example, cyclists wearing helmets tend to ride faster and more aggressively than those without, and the same is true for drivers wearing seat belts. The knowledge that there is something to protect them causes individuals to behave less cautiously, as they feel like there is less overall risk.

This same mindset can affect application security developers, according to Williams. If a developer knows that a new Web application firewall is in place, he or she may grow lax in regard to input validation. Another possibility is that an automated security testing solution yields so many false positives that developers effectively ignore any warning signs.

Ultimately, the problem is that developers' perception of security often surpasses the actual level of protection. When this occurs, they take unwise risks that put the organization and app users in danger of lost or exposed data.

An effective method for preventing such a state of affairs is to find and fix problems at the source – and not rely on something down the line for protection. Developers using static code analysis at their desktops, finding potential security issues as code is being written, can eliminate issues at the earliest possible point in life cycle, saving time, energy, and cost.

Categories: Companies

At Agile2014 in Orlando. Good to be back!

TestDriven.com - 7 hours 13 min ago
The last time I attended the Agile Conference was in 2008 when I presented a workshop on Build/Test Grids and Selective Testing. I am happy that in the last few years there has been a lot of development in this space. For example, Solano Labs has a compelling offering that works both as SaaS and […]
Categories: Communities

Android application security flaw could expose huge number of users

Kloctalk - Klocwork - Sun, 07/27/2014 - 16:00

Researchers recently discovered a serious application security flaw that may expose as many as 86 percent of all Android users to risk.

According to PC Magazine, the the flaw was discovered by IBM security researchers in September of last year. The researchers informed the Android Security Team, which subsequently released a patch for version 4.4 KitKat. However, earlier versions of Android have not received a patch, meaning that users may be vulnerable to opportunistic cybercriminals. As the news source pointed out, data provided by Google suggests that only about 13.6 percent of Android users have KitKat 4.4 installed, with the rest relying on older versions.

A serious vulnerability
The security flaw resides in the Android KeyStore, according to Ars Technica. This is a very sensitive section of the Android operating system, as it stores cryptographic keys and other credential-related information.

"By exploiting the bug, attackers can execute malicious code that leaks keys used by banking and other sensitive apps, virtual private network services, and the PIN or finger patterns used to unlock handsets," the news source explained.

Dan Wallach, a professor with Rice University's computer science department who specializes in Android security, told Ars Technica that this flaw amplifies the importance of application security on an individual basis.

"The amount of damage you can do … has a lot to do with which apps this lets the attacker compromise," he explained.

An app that lacks robust protection may be susceptible to hackers leveraging this exploit, whereas a better-defended app will remain secure.

Partial exposure
However, the flaw is not as bad as it may at first appear. Ars Technica noted that cyberattackers must overcome a number of technical obstacles in order to take advantage of the vulnerability, thanks to a variety of application security measures inherent to Android. These include data execution prevention and address space layout randomization features.

Yet, as PC Magazine pointed out, this is not the only security flaw present in Android devices. Google has acknowledged that its Android 4.1.1 operating system remains vulnerable to the Heartbleed bug, despite a number of patches. This affects as many as one-third of all Android users.

These findings highlight the importance of security not just for users, but also app developers, as these vulnerabilities and others will force consumers to be more careful and selective when choosing apps.

Categories: Companies

Assembla now allows automatic payments with PayPal

Assembla - Fri, 07/25/2014 - 20:17

Paying for your Assembla subscription with PayPal has never been easier. We recently added the ability to set up recurring payments with PayPal that will automatically pay for your Assembla subscription every billing period, whether that be monthly or annually. Previously, it was a manual process that required logging in and paying every time an invoice was created.

To set up automatic payments with PayPal, visit your billing page > select the PayPal option > and follow the steps.

assembla paypal option1

If you have any questions or issues, please contact Assembla support at support@assembla.com.

Categories: Companies

CAST 2014 to be Webcast Live for Testers, Full Coverage Also From uTest

uTest - Fri, 07/25/2014 - 19:47

The 9th Annual Conference of the Association for Software Testing (CAST), held this year from August 11-13 in New York2014_CAST_square City, is one of the premier testing events of the year. While this year’s edition is already sold out, testers will still be able to tune into all of the keynotes and full track sessions for free from the comfort of their homes.

CAST announced that a live stream will be available from its official site on August 11 and 12, from 9am-7pm EDT each day, so you’ll be able to watch sessions and keynotes from esteemed speakers including: James Bach, Richard Bradshaw, Matthew Heusser and Henrik Andersson.

The theme for CAST 2014 is “The Art and Science of Testing.” This year, speakers will be sharing their experiences surrounding software testing – whether the experience supports testing as an art or a science.

uTest is also pleased and honored to be a sponsor of CAST 2014. In addition to the live stream hosted on CAST’s site, be sure to stay tuned to the uTest Blog and @uTest on Twitter, as we’ll not only be reporting from the event, but sharing exclusive video interviews with some of the major personalities from the show.

Categories: Companies

More companies turning to open source for profit, innovation

Kloctalk - Klocwork - Fri, 07/25/2014 - 19:41

Open source software continues to gain adherents. The solutions that were previously embraced by only a small, select number of developers are now widely used by organizations of all kinds. This trend shows no sign of stopping. On the contrary, the number of businesses leveraging open source solutions in some capacity is poised to grow, as firms turn to this technology to increase both their profits and innovation.

Profit motives
SFGate reported that many Silicon Valley companies are now looking to open source software as a means of gaining competitive advantages and, consequently, greater profit margins.

For example, Facebook uses open source to make its code available to outside programmers, who can potentially identify security vulnerabilities and suggest useful innovations for the social media giant.

"Open source is part of Facebook's DNA," said Avery Ching, a software engineer with Facebook, speaking at a recent technology conference, the news source reported. "[Mark Zuckerberg] didn't build his own server at Harvard. He used open source software."

Ching went to explain that as Facebook grew, open source operations became more difficult to implement. However, the company is working to reverse this trend.

"[W]e recently took some serious strides to making open source more prominent at Facebook. We're getting bug fixes for things we haven't really seen yet," said Ching, according to SFGate.

Facebook is hardly the only Silicon Valley firm to reaffirm or embrace the open source philosophy. While not a software issue, Tesla recently announced it would make its own technology available to industry rivals in an effort to expand the electric car market. This reflects a growing consensus among startups that open source solutions, rather than proprietary software and patents, are in their best interests.

"Open source is becoming a thing that startups do," said Ryan Singer, co-founder of bitcoin security firm CryptoCorp, the news source reported. "They will never pay licensing fees because they can't afford it."

Open source innovation
Beyond these financial considerations, businesses are also turning to open source software to hasten and expand their innovation capabilities, as Beta News contributor Fred Simon recently argued.

"When it comes to software development, it will be increasingly difficult to integrate, develop and extend closed source software – and extremely costly compared to open source alternatives," Simon wrote. "Companies have come to understand the importance of open source and the key role it plays in developing innovative software today."

Simon offered Twitter as a key example of this potential. He noted that Twitter open sourced its messaging platform. This helped to spur on innovation among many other companies in the field of messaging.

"It's very difficult for companies to develop innovative software without [open source], and companies now understand the rapid, progressive development it enables," Simon concluded. "As industries and technologies continue to evolve at a faster pace, closed source companies will be dead in the water if they aren't leveraging the open source community and the projects they're working on."

Making the most of open source
As all of these examples demonstrate, open source approaches to software and other areas can provide significant boosts to businesses. However, it is important to note that open source is only a valuable resource when leveraged properly.

A key aspect of effective open source solutions is high-quality technical support. Open source packages can have configuration issues and bugs just like commercial software plus the additional burden of trying to understand multiple or conflicting licensing conditions. Expert support and advice can alleviate the cost and schedule impacts of fixing these issues so firms can focus on innovation and delivery.

Learn more:
• See how open source technical support helped ensure the on-time delivery of a secure financial services application
• Read how commercial-grade open source support can help your team

Categories: Companies

You are invited to a party in the cloud, a public beta of StormRunner Load

HP LoadRunner and Performance Center Blog - Fri, 07/25/2014 - 19:01

We have a BIG Announcement!

 

This is your opportunity to get in on the ground floor of a revolution. And as you know, revolutions often start with the sound of thunder in the distance. Prepare yourself…a storm is coming!

StormRunnerLoad-2.png

Categories: Companies

Announcing Support For Android 4.4 (KitKat)

Sauce Labs - Fri, 07/25/2014 - 18:00

Hungry for moar Android? We thought so. kitkat

Announcing Sauce Labs support for Android 4.4 (KitKat)! Now you can test mobile web apps with Selenium Webdriver and native and hybrid apps with Appium using our Android emulators. Nom!

Before you start testing, there are a couple of caveats you should know about:

A. When an Android 4.4. emulator is in landscape mode, its apps are unable to recognize the orientation [1]. Further, while the Android 4.4 emulator looks like it’s in landscape mode, apps will not rotate to reflect this. At this time, there is no known workaround.

B. Certain Appium test runs on Android 4.4 emulators will error out when the Selenium `clear` command is sent [2]. This will only affect test runs that end up using the Selendroid testing framework under the hood [3]. The accepted workaround until a fix can be landed is, instead of using the `clear` command, use the `sendKeys` command, and send multiple DELETE (backspace) keys to clear out any text fields.

Can’t wait to get testing? Visit https://saucelabs.com/platforms to get started now.

Sauce + KitKat FTW.

[1] https://code.google.com/p/android/issues/detail?id=61671
[2] https://github.com/appium/appium/issues/3186
[3] https://github.com/selendroid/selendroid/issues/492

sauce_supports_android_4_4_kitkat
Categories: Companies

Conventional HTML in ASP.NET MVC: Building larger primitives

Jimmy Bogard - Fri, 07/25/2014 - 16:52

Other posts in this series:

We’ve taken our individual form elements quite far now, adopting a variety of conventions in our output to remove the boring, duplicated code around deciding how to display those individual elements. We have everything we need to extend and alter the conventions around those single elements.

And that’s a good thing – we want to keep using those primitives around individual elements. But what if we peeked a little bit larger? Are there larger common patterns in play that we can start incorporating? Let’s look at the basic input template, from Bootstrap:

<div class="form-group">
    @Html.Label(m => m.Password)
    <div class="col-md-10">
        @Html.Input(m => m.Password)
        @Html.ValidationMessageFor(m => m.Password, ""
          , new { @class = "text-danger" })
    </div>
</div>

Starting with the most basic element, the input tag, let’s look at gradually increasing scope of our building block:

  • Input
  • Input and validation
  • Input, validation in a div
  • Label and the div input
  • Form group

The tricky part here is that at each level, I want to be able to affect the resulting tags, some or all. Our goal here is to create building blocks for each level, so that we can establish a set of reusable components with sensible defaults along the way. This is a similar exercise as building a React class or Angular directive – establish patterns early and standardize your approach.

From the above list of items, I’ll likely only want to create blocks around increasing scopes of DOM elements, so let’s whittle this down to 3 elements:

  • Input
  • Input Block
  • Form Block

We already have our original Input method, let’s create the first input block.

Basic input block

Because we have our HtmlTag primitive, it’s trivial to combine elements together. This is a lot easier than working with strings or MvcHtmlStrings or the less powerful TagBuilder primitive. We’ll return the outer div tag, but we still need ways of altering the inner tags. This includes the Label, the Input, and Validator. Here’s our input block:

public static HtmlTag InputBlock<T>(this HtmlHelper<T> helper,
    Expression<Func<T, object>> expression,
    Action<HtmlTag> inputModifier = null,
    Action<HtmlTag> validatorModifier = null) where T : class
{
    inputModifier = inputModifier ?? (_ => { });
    validatorModifier = validatorModifier ?? (_ => { });

    var divTag = new HtmlTag("div");
    divTag.AddClass("col-md-10");

    var inputTag = helper.Input(expression);
    inputModifier(inputTag);

    var validatorTag = helper.Validator(expression);
    validatorModifier(validatorTag);

    divTag.Append(inputTag);
    divTag.Append(validatorTag);

    return divTag;
}

We create an Action<HtmlTag> for the input/validator tags. If someone wants to modify those two elements directly, instead of wonky anonymous-objects-as-dictionaries, we allow them full access to the tag via a callback, similar to jQuery. Next, we default those two modifiers to no-op if they are not supplied.

We then build up our input block, which consists of the outer div with the input tag and validator tag as children. In our view, we can replace the input block:

<div class="form-group">
    @Html.Label(m => m.Email)
    @Html.InputBlock(m => m.Email)
</div>
<div class="form-group">
    @Html.Label(m => m.Password)
    <div class="col-md-10">
        @Html.Input(m => m.Password)
        @Html.Validator(m => m.Password)
    </div>
</div>

Just to contrast, I included the non-input-blocked version. Now that we have this piece, let’s look at building the largest primitive, the form block.

Form input block

In the same tradition of Angular directives, React classes and Ember views, we can build larger components out of smaller ones, reusing the smaller components as necessary. This also ensures our larger component automatically picks up changes from the smaller ones. Here’s our FormBlock method:

public static HtmlTag FormBlock<T>(this HtmlHelper<T> helper,
    Expression<Func<T, object>> expression,
    Action<HtmlTag> labelModifier = null,
    Action<HtmlTag> inputBlockModifier = null,
    Action<HtmlTag> inputModifier = null,
    Action<HtmlTag> validatorModifier = null
    ) where T : class
{
    labelModifier = labelModifier ?? (_ => { });
    inputBlockModifier = inputBlockModifier ?? (_ => { });

    var divTag = new HtmlTag("div");
    divTag.AddClass("form-group");

    var labelTag = helper.Label(expression);
    labelModifier(labelTag);

    var inputBlockTag = helper.InputBlock(
        expression, 
        inputModifier, 
        validatorModifier);
    inputBlockModifier(inputBlockTag);

    divTag.Append(labelTag);
    divTag.Append(inputBlockTag);

    return divTag;
}

It’s very similar to our input block method, where we provide defaults for our initializers, create the outer div tag, build the child tags, apply child modifiers, and append those child tags to the outer div. Going back to our view, it becomes quite simplified:

@Html.FormBlock(m => m.Email)
@Html.FormBlock(m => m.Password)
<div class="form-group">
    <div class="col-md-offset-2 col-md-10">
        <div class="checkbox">
            @Html.Input(m => m.RememberMe).RemoveClasses()
            @Html.Label(m => m.RememberMe).RemoveClasses()
        </div>
    </div>
</div>

We have one outlier, our “remember me” checkbox, which I try to avoid at all costs. Let’s look at a couple of other examples. Here’s our register view:

@Html.ValidationSummary("", new { @class = "text-danger" })
@Html.FormBlock(m => m.Email)
@Html.FormBlock(m => m.Password)
@Html.FormBlock(m => m.ConfirmPassword)
<div class="form-group">
    <div class="col-md-offset-2 col-md-10">
        <input type="submit" class="btn btn-default" value="Register" />
    </div>
</div>

And here’s our reset password view:

@Html.ValidationSummary("", new { @class = "text-danger" })
@Html.Input(m => m.Code)
@Html.FormBlock(m => m.Email)
@Html.FormBlock(m => m.Password)
@Html.FormBlock(m => m.ConfirmPassword)
<div class="form-group">
    <div class="col-md-offset-2 col-md-10">
        <input type="submit" class="btn btn-default" value="Reset" />
    </div>
</div>

Much more simplified, with conventions around the individual input elements and HtmlHelper extensions around larger blocks. I would likely go an additional step and create an HtmlHelper extension around the buttons as well, since Bootstrap buttons have a very predictable, standardized set of HTML to build out.

We’ve removed a lot of our boilerplate HTML, but still allowed customization as needed. We also still expose the smaller components through InputBlock and Input, so that if the HTML varies a lot we can still keep the smaller building blocks. There’s still a bit of magic going on, but it’s only a click away to see what “FormBlock” actually does. Finally, what conventions really allow us to do is stop focusing on the minutiae of the HTML we have to include on every display/input block of HTML.

We remove bike shedding arguments and standardize our approach, allowing us to truly hone in on what is interesting, challenging or different. This is the true power of conventions – stop pointless and wasteful arguments about things that truly don’t matter through a standardized, but extensible, approach built on conventions.

In our next (and final) post, we’ll look at how we can extend these approaches for client-side templates built in Angular, Ember and more.

Post Footer automatically generated by Add Post Footer Plugin for wordpress.

Categories: Blogs

Three Essential Features for Test Management Products

uTest - Fri, 07/25/2014 - 16:10

Note: The following is a guest submission to the uTest Blog from Nicole Abrahams.

You don’t need us to explain to you the importance of working with a test management product that not only gets the job done, but is a pleasure to work with on an ongoing basis.checklist

Managing the software testing process is by no means glamorous work, and moving between different test procedures, although interesting, certainly isn’t the most exciting activity programmers ever get to do. But it’s an essential activity, and when you’re looking through all the test management products on the market today, it’s within your best interest to find one that not only looks great, but which displays the three essential features listed below.

Whether you’re an amateur tester or you’ve been working in this field for many years, three essential features you should look for (and ask about) before purchasing any test management software are:

Ease of Use

One feature you should look for in a test management product above all else is: How easy is the tool to use? It may sound obvious, but the easier a particular test management product is, the more inclined you will be to use it on a frequent basis, and the shorter the learning curve will be when moving over from another, similar tool.

You shouldn’t, of course, write off certain products just because they’re complex. Indeed, working with a highly complex tool is ideal if you have given yourself the time you need to learn all of its complex functions (or indeed, just the functions you need to worry about), as you’ll be able to do a great deal more with a tool of this magnitude compared to one that’s designed for individuals looking for an easy-out. When choosing a test management tool, make sure you consider these two points in terms of its ease of use.

Does it feel cumbersome? Cumbersome software isn’t fun to use. Any tool you consider purchasing must feel light and airy, while responding smoothly and in good time.

How flexible does it feel? Put it through its paces; how does it deal with undertaking numerous different testing situations? Flex its testing muscles.

Personal Accountability

If there’s one thing that increases the personal accountability of those working in the field of software test management, it’s the ability for the testing tool they’re all jointly using to trace their work as they go about it, allowing these logs to be accessed by anybody with access to the tool.

When such a large amount of data is being tested and processed on a regular basis, it’s important for this level of personal accountability to be in place to ensure that the right, useful tests are being administered, as when it comes to software testing, you can’t mistake testing for the sake of it as a quality exercise unless the right questions are being asked by the testers.

When particular bugs and defects are traced throughout the testing lifecycle, it becomes impossible for certain testers to blame others for their own mistakes, as logs of what tests occurred, when, and by whom will be able to uncover this information in seconds. Over time, this will improve the clarity of the tests that need to be done, as testers will be adamant to get their tests right the first time, improving the overall quality of all tests.

Task Assignment

Following on from the last essential feature, when you have personal accountability of your testers when using your test management product, and the quality of your tests improve as a result of your testers asking for greater clarity surrounding their specific tasks, it helps if your tool has a task assignment feature that allows you to see which specific tasks have been approved for testing (and by whom; whether a product manager or individual tester). It should also have individual tests that need to be looked at further, being assigned a flag status of sorts, letting a specific team member or product manager know that this test requires their immediate attention.

This makes the human side of software testing less prone to error because:

Testers know exactly what their next task entails: Whether a particular test is flagged for their attention or a new test is due to take place, testers should be able to use the tool to see at a glance what they should work on next.

Project managers can assess individual and team performances: Reports can be generated that put into context the success and failures of recent tests by individuals and teams, allowing project managers greater insight into their current quality of output.

When looking for a test management product for either individual (amateur) use, or for the use of a large software testing team, make sure the tool you settle on is easy to use, allows for personal accountability, and can assign tasks to individual team members.

Nicole Abrahams is with QABook, a division of NMQA Limited. They are dedicated to answering the needs of those looking for a quality test management tool.

Categories: Companies

More Reporting - Pitching at the right level

Yet another bloody blog - Mark Crowther - Fri, 07/25/2014 - 15:23
As mentioned before, a key part of any test delivery is the reporting we provide. In my experience, management are often not interested in the majority of what we do. Sure, at a high level they care about whether we know what we're doing, but they're not interested in the low level details as we are. For us, the fun is in the cleverness of analysis, writing great sets of test cases, executing in different ways, maybe adding some automation into the mix and so on. That for us is the important stuff and rightly so, you don't get a delivery without it. However, the management team need mainly just to know what was planned, what happened and where it leaves us. Hence the need for reporting that is informative, easily understood and readily actionable.

When looking at what reporting to provide remember, it's all an 'interpretation' of what happened and you can describe your activities in a way that fits with management expectations. If they're completely on-board with your approach that makes it easier, if not, you might need to get creative. An example that springs to mind was on an engagement where management wanted an approach that followed the typical SDLC phases, weekly steering committee meetings and dashboards produced in Powerpoint slides. Meanwhile the implementation team wanted a more agilistic approach. The desire was to deliver 'something' demonstrable, if not strictly usable, on a weekly basis. That meant following a Scrum like approach to planning and delivery, seemingly opposite to that which management was expecting. Leading this team in a not quite Scrum master role, was a manager who wanted not only weekly reporting updates but end of day updates too.

As the lucky one in charge of environments and testing, it was my job to reconcile the needs of all sides and report out on what the test team were delivering. The technique is to expose essentially the same information but in the way requested. Wow, that was insightful! Let's look at what that means in practice.

The SDLC approach means high level dates on a schedule, spanning key phases, perhaps at best breaking the phase down into key sub-milestones. Phases from this perspective are 'big' - Analysis, Planning, Execution and end of phase Reporting. As these phases proceed a weekly summary of progress for is provided to senior management and execs. This is a sequential, big-up-front approach so senior management expect reporting in that context. Reporting contains data in context of the phase, not so much the activities underneath. For the agilistic mindset, reporting like this can be frustrating, but it needs to be remembered that at some point up the chain, all reporting morphs into this. Board members and Shareholders don't want to know how many test cases in what state there were today. The daily detail needs to be rolled-up into one higher level report.

Where are we through the SDLC phase, are we on target for the end date?
What No. or % of the total are we at and is this matching our plan?
What are the high level common issues being faced?

This provides insight into management concerns which usually revolve around money. Is the implementation of the new software on-track with Product Lifecycle plans? Will the product hit market in time for the marketing activities planned? Is the ROI achievable in the time expected to maintain share price? It's a rare tester that sweats this stuff, it's a rare marketeer that sweats the defects and test automation details. For the team closer to the actual work, this level of reporting is too high - it's not adhering to our rules above of being informative and readily actionable.

Back in the team, the reporting needs to be closer to what we discussed in the End of Day Reporting blog article. With their agilistic mindset, the team need information that shows the heartbeat of the project day by day (half-day by half-day is my preference!). In this way they can slow down or speed up as required. This is informative and actionable for them, but isn't useful by senior management. Rolling the daily reports up into a weekly at the same level is also something the team management can respond to.

Looking in on the project, senior management see the sequential phases, following the SDLC as requested. Underneath, the team can be slicing delivery up into small chunks of daily usefulness.

Mark
Categories: Blogs

Continuous Delivery and Workflow

This is part of a series of blog posts in which various CloudBees technical experts have summarized presentations from the Jenkins User Conferences (JUC). This post is written by Jesse Glick, software developer, CloudBees, about a presentation given by himself and Kohuske Kawaguchi, as well as a session given by Alex Manly, MidVision. Both sessions are from JUC Boston.

At the Jenkins User Conference in Boston this year, Kohsuke and I gave a session Workflow in Jenkins where for the first time we spoke to a general audience about the project we started to add a new job type to Jenkins that can manage complex and long-running processes. If you have not heard about Workflow yet, take a look at its project page, which gives background and also links to our slides. I was thrilled to see the level of interest and to hear confirmation that we picked the right problem to solve.

Alex Manly, MidVisionA later session by Alex Manly of MidVision (Stairway to Heaven: 10 Best Practices for Enterprise Continuous Delivery with Jenkins) focused on the theory and practice of CD, such as the advantages of pull (or “convergent”) deployment at large scale when using homogeneous servers, as opposed to “pushing” new versions immediately after they are built, and deployment scenarios, especially for WebSphere. Since I am only a spectator when it comes to dealing with industrial-scale deployments like that, while listening to this talk I thought about how Workflow would help smooth out some of the nitty-gritty of getting such practices set up on Jenkins.

One thing Alex emphasized was the importance of evaluating the “cost of non-automation” when setting up CD: you should “take the big wins first,” meaning that steps which are run only once in a blue moon, or are just really hard to get a machine to do exactly right all the time, can be left for humans until there is a pressing need to change that. This is why we treated the human input step as a crucial feature for Workflow: you need to leave a space for a qualified person to at least approve what Jenkins is doing, and maybe give it some information too. With a background in regulatory compliance, Alex did remind the audience that these approvals need to be audited, so I have made a note to fix the input step to keep an audit trail recording the authorized user.

The most important practice, though, seemed to be “Build Once, Deploy Anywhere”: you should ensure the integrity of a build package destined for deployment, ideally being a single compressed file with a known checksum (“Fingerprint” to Jenkins), matched to an SCM tag, with the SCM commit ID in its manifest. Honoring this constraint means that you are always deploying exactly the same file, and you can always trace a problem in production back to the revision of the software it is running. There should also be a Definitive Software Library such as Nexus where this file is stored and from which it is deployed. One important advantage of Workflow is that you can choose to keep metadata like commit IDs, checksums, timestamps, and so on as local variables; as well as being able to keep a workspace (i.e., slave directory) locked and available for either the entire duration of the flow, or only some parts of it. This means that it is easy for your flow to track the SCM commit ID long enough to bake it into a manifest, while keeping a big workspace open on a slow slave with the SCM checkout, then checksum the final build product and deploy to Nexus, releasing the workspace; and then acquire a fast slave with a smaller workspace to host some functional tests, with the Nexus download URL for the artifact still easily accessible; and finally switch to a weak slave to schedule deployment and wait. Whereas a setup using traditional job chaining would require you to carefully pass around artifacts, workspace copies, and variables (parameters) from one job to the next with a lot of glue code to reconstruct information an earlier step already had, in a Workflow everything can remain in scope as long as you need it.

The biggest thing that Alex treated as important which is not really available in Workflow today is matrix combinations (for testing, or in some cases also for building): determining the effects of different operating systems / architectures, databases, JDK or other frameworks, browsers, and so on. Jenkins matrix projects also offer “touchstone builds” that let you first verify that a canonical combination looks OK before spending time and money on the exotic ones. Certainly you can run whatever matrix combinations you like from a Workflow: just write some nested for-loops, each grabbing a slave if it needs one, maybe using the parallel construction to run several at once. But there is not yet any way of reporting the results in a pretty table; until then, the whole flow run is essentially pass/fail. And of course you would like to track historical behavior, so you can see that Windows Java 6 tests started failing with a commit done a week ago, while tests on Firefox just started failing due to an unrelated commit. So matrix reporting is a feature we need to include in our plans.

All in all, it was a fun day and I am looking forward to seeing what people are continuously delivering at next year’s conference!


Jesse Glick
Developer Extaordinare
CloudBees

Jesse Glick is a developer for CloudBees and is based in Boston. He works with Jenkins every single day. Read more about Jesse on the Meet the Bees blog post about him.


Categories: Companies

Reminder for September Workshops

Ranorex - Fri, 07/25/2014 - 09:31
We are very pleased to remind you about our upcoming online Ranorex training course, scheduled for September.



Get firsthand training with Ranorex professionals and learn how to get the most out of Ranorex Studio at one of these workshops.



Look at the schedules for additional workshops in the next few months.
Categories: Companies

Knowledge Sharing

Telerik Test Studio is all-in-one testing solution that makes software testing easy. SpiraTest is the most powerful and affordable test management solution on the market today