Modern technology continues to accelerate the speed of delivering software, which directly increases the importance of quality awareness as early as possible within your delivery pipeline. If you don’t know of a problem, you can’t act on it. The Email-ext plugin in Jenkins (https://wiki.jenkins.io/display/JENKINS/Email-ext+plugin) is a great way to notify relevant parties as soon as […]
A little while ago (ok, maybe in the distant past), I started writing about Cucumber. My very first post detailed how to set up Cucumber-JVM, and we’ve come a long way from then. I thought it was worth revisiting, as there are simpler ways to get setup, and better tools out there to use. So […]
One of the most important things in software testing is integrating tests with the build tool that your project uses. Developers need to be able to run your tests easily, otherwise, they’re probably not going to run them. Another reason for integrating tests is that it encourages clearly defining your project’s build process. In the case […]
In a typical CI/CD pipeline, code is build, code is deployed, code is tested. In our specific scenario the code is built through Jenkins and maven on a Jenkins build slave, then the build artifacts are uploaded to an artifact repository. Through an Infrastructure-as-code tool, like Chef, the code is deployed to a test environment […]
I am a big fan of static analysis and formatting tools. I just like my code to be as clean as possible. At the very least, being clean makes the code easier to read and maintain. If I can find a tool that will make it easy for me to keep my code clean, I’ll […]
One of the items on the 2013 OWASP Top Ten is “Using Components with Known Vulnerabilities.” It is new on this year’s list, debuting at number 9. OWASP lists at as being widespread and difficult to detect. The issue is that modern software is made up of dozens, if not hundreds, of third-party components. Even […]
I’ve previously written about PMD, a static code analysis tool that examines Java source files and can detect potential problems. Another significant piece of PMD is called CPD, the copy/paste detector. CPD can look through Java, JSP, C, C++, Fortran, or PHP source code files and find sections of code that are repeated. By using CPD […]
PMD is a static code analysis tool that examines Java source files and can detect potential problems such as code style issues, code defects, race conditions and even security holes. It provides an inexpensive way to avoid the tedium of repeatedly reviewing a large code base. PMD can also find other types of problems, such as, dead […]
