Sonar for code quality

Sonar is a tool to analyze and visualize code quality in Java projects. It isn’t a static code analysis tool itself, rather it uses a number of open source tools to analyze the code, then Sonar gathers the metrics. Its strength is in providing a dashboard, trend reports, and drill downs to help visualize the state […]

Read more
Three – A Very Special Number

I believe that three is a very special number. I can think of (at least) three things to support my belief: H2O Liquid, Solid, Gas It is what it is, although it exists in three different forms (water, ice, steam). Spacial Dimensions Height, Width, Depth These are used to describe the 3D world in which we […]

Read more
Three Common Coding Omissions

I have worked as part of a team going into client locations and performing software security assessments. While analyzing the findings of these assessments I have seen a common set of coding omissions that, if implemented, would eliminate the majority of the vulnerabilities that were identified. A brief description of each follows. Input Validation Data […]

Read more
Why I write tests first

I was recently having a discussion with some coworkers about test-driven development. There was some discussion about the relative value and cost, and not surprisingly some dramatically different opinions on the subject. It got me thinking about my own habits. I like test-driven development, but I’m not a purist. I almost always write my code with testing […]

Read more
Hierarchy for Ant build properties

When I first start a new Java project, one of the first things I set up is a skeleton Ant build.xml file. I try to set it up so that a new developer on the project should be able to checkout and compile with no configuration. At least that’s the goal. That means setting up some […]

Read more
Making the Best of a Tough Situation

Five years ago, it was not difficult to find companies willing to experiment with Agile on their low-priority, low-visibility initiatives. In my experience, most customers were happy with the transparency and predictability they gained, but where left wondering whether the planning and estimation practices could hold up under the fire of fixed-time, fixed-cost, and fixed-scope initiatives.  In […]

Read more
Progression of Benefits with Agile Adoption

Over the past seven years, Coveros team members have served on scores of agile development projects ranging from five-person, custom-development efforts, to large system integration efforts with hundreds of team members working world-wide. One byproduct of all this experience is the recognition of a surprisingly consistent and predictable pattern of value realized by the organizations […]

Read more
The Agile Test Strategy Document…it does exist!

It is a common mis-perception that agile methodologies view planning and documentation as dated, time-wasting practices that should be avoided. While it is true that the agile manifesto asks us to value response to change over adherence to (static) plans, and working code over comprehensive documentation, it does not ask us to push planning and […]

Read more
X