Posted by RISKS List Owner on Aug 03

Posted by RISKS List Owner on Aug 14

Posted by RISKS List Owner on Aug 24

Posted by RISKS List Owner on Aug 26

Posted by RISKS List Owner on Aug 29

Posted by RISKS List Owner on Sep 08

Posted by RISKS List Owner on Sep 14

Posted by RISKS List Owner on Oct 01

Posted by RISKS List Owner on Oct 17

Posted by RISKS List Owner on Nov 08

Posted by Ciro Santilli OurBigBook via dev on Sep 17

Posted by Dave Aitel via Dailydave on Nov 02

This is another episode where we mainly announce topics related to the podcast itself.

In this episode we talk with Gerard Meszaros about problems and challenges doing unit testing in real-world projects. Starting from a short discussion about the importance of automated unit testing we spend most of this episode to talk about every day problems doing unit testing and how those problems can be solved. Based on this book on xunit testing patterns, Gerard talks about his experiences with unit test smells as an analogy to code smells. He describes an impressive set of unit testing patterns to overcome those difficult testing situations and illustrates them with nice examples everybody doing unit testing will feel familiar with.

In this episode we discuss REST (Representational State Transfer) with Stefan Tilkov. We started out by discussing the 5 steps to REST: IDs, links, Standard Methods, multiple representations and stateless communication. We then looked at how to use HTTP for REST, and discussed about how to use it for Web Services. We then we discussed whether and how to use REST for enterprise applications, and not just for apps on the internet. We concluded the discussion with a couple of recommendations.

This episode is a discussion with various authors of patterns reviewed at EuroPLoP 2009. Topics include Product Line Engineering, Distributed Development, Open Source and Embedded Systems

This episode covers the topic of agile testing. Michael interviews Lisa Crispin as an practionier and book author on agile testing. We cover several topics ranging from the role of the tester in agile teams, over test automation strategy and regression testing, to continuous integration.

In this episode we talk with Kent Beck about automated unit testing and JUnit.

We talk with Martin Laforest about topics ranging from how quantum computing works, which different models of quantum computing are explored, current and future uses of the approach as well as the current state of the art.

Sven Johann talks with Steve McConnell about Software Estimation. Topics include when and why businesses need estimates and when they don’t need them; turning estimates into a plan and validating progress on the plan; why software estimates are always full of uncertainties, what these uncertainties are and how to deal with them. They continue with: estimation, planning and monitoring a Scrum project from the beginning to a possible end. They close with estimation techniques in the large (counting, empirical data) and in the small (e.g. poker planning).

Felienne talks with Alexander Tarlinder on how to test as a developer. What can and should developers test?

Bill Venners speaks to Matthew Farwell about Property Based Tests, how they can be used, when they should not be used. We also cover how to define a property, how to generate the data required for a property based test.

What is code coverage, how can you measure it, and what are the pitfalls of this metric? Diomidis Spinellis talks with Marc Hoffmann, a key developer of the JaCoCo code coverage library for Java, on how code test coverage can improve software reliability

Bernd Rücker, who has contributed to multiple open source workflow management projects, discusses orchestrating microservices with workflow management.  As distributed systems evolve into a family of microservices that must handle long-running stateful processes with time-dependent actions, events, multiple paths through the system, and complex rollbacks, the workflow management model provides a way to ensure clear modeling, correctness, and separation of concerns.   Rücker recommends a federated model in which each microservice is paired with its own workflow to handle retries and other policies and failure modes around that service.  Robert Blumen spoke with Rücker about microservice architecture, event-driven systems, long-running stateful processes versus synchronous request/response, event handling, time-outs, and handling exceptional conditions with compensating transactions. Rücker compares the choreography versus orchestration models for collaboration and discusses why orchestration provides a better separation of concerns.  The discussion delves into the implementation of workflow management systems including persistence, scaling, event handling, timers and scheduling, and similarities to CQRS.  The discussion wraps up with monitoring and visualization.

Pete Koomen, Co-founder and CTO at Optimizely discusses A/B testing. Edaena Salinas spoke with Pete about how A/B testing is used in software products, and how A/B tests can be written. Pete explained the components of A/B testing and lessons learned from running over 200,000 A/B tests.

Arnon Axelrod speaks with SE Radio’s Simon Crossley about test automation, a large complex subject that most listeners will have at least some familiarity with. Axelrod has worked in software engineering and test automation in several high-tech companie...

Abhinav Asthana, a founding partner and CEO of the API development tool Postman, discusses API design and testing, where to start, which types of APIs to offer, what tools you can use, what features to expose and what is his favorite API to reference.

Yevgeniy Brikman, author of Terraform: Up & Running: Writing Infrastructure as Code and co-founder of Gruntwork talks with host Robert Blumen about how to apply best practices from software engineering to the development of infrastructure as code...

Casey Aylward, Principal at Costanoa Ventures discusses Venture capital with a focus on early stage investing from the perspective of the entrepreneur and the VC with host Kanchan Shringi.

Kim Carter of BinaryMist discusses Dynamic Application Security Testing (DAST) and how the OWASP purpleteam project can improve early defect detection. Host Justin spoke with Carter about how DAST can provide meaningful feedback loops to developers...

Paul Butcher of AdaCore discusses Fuzz Testing, an automated testing technique used to find security vulnerabilities and other software flaws. Host Philip Winston spoke with Butcher about negative testing, brute-force fuzz testing...

In this episode, we explore the popular pytest python testing tool with author Brian Okken, author of Python Testing with pytest. We start by discussing why pytest is so popular in the Python community: its focus on simplicity, readability, and developer ease-of-use; what makes pytest unique; the setup and teardown of tests using fixtures, parameterization, and the plugin ecosystem; mocking; why we should design for testing, and how to reduce the need for mocking; how to set up a project for testability; test-driven development, and designing your tests so that they support refactoring. Finally, we consider some complementary tools that can improve the python testing experience.

Phillip Mayhew of GameDriver discusses test automation for games and game-like applications. Host Philip Winston spoke with Mayhew about the increasing role of test automation in modern game development, the impact on the QA role, how to run tests...

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP’s primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP’s features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP’s ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP’s future in this AI-powered world of bots.

Gregory Kapfhammer, associate professor at Allegheny College, discusses the common problem of ‘flaky tests’ with SE Radio’s Nikhil Krishna. Flaky tests are test cases that unreliably pass or fail even when no changes are made to the source code under test or to the test suite itself, which means that developers can’t tell whether the failures indicate bugs that needs to be resolved.  Flaky tests can hinder continuous integration and continuous development by undermining trust in the CI/CD environment. This episode examines sources of flaky tests, including physical factors such as CPU or memory changes, as well as program-related factors such as performance issues. Gregory also describes some common areas that are prone to flaky tests and ways to detect them. They discuss tooling to detect and automatically mark flaky tests, as well as how to tackle these issues to make tests more reliable and even ways to write code so that it's less susceptible to flaky tests.

Zac Hatfield-Dodds, the Assurance Team Lead at Anthropic, speaks with host Gregory M. Kapfhammer about property-based testing techniques and how to use them in an open-source tool called Hypothesis. They discuss how to define properties for a Python function and implement a test case in Hypothesis. They also explore some of the advanced features in Hypothesis that can automatically generate a test case and perform fuzzing campaigns.

Eric Olden talks with host Giovanni Asproni about identity orchestration, a software approach for managing distributed identity and access management (IAM) and integrating multiple identity systems or providers (IDPs) to make them look like a single system from a user perspective. The episode starts with a refresher in identity and access management, then introduces identity orchestration and some of the challenges it helps to address, such as integrating disparate identity management systems after company mergers or acquisitions; managing identities in situations where some of the IAM systems are unreachable; and implementing more secure identity management in legacy applications. Brought to you by IEEE Computer Society and IEEE Software magazine.

Llewelyn Falco, creator approval tests, talks with SE Radio host Sam Taggart about testing code in general and the various types of testing that developers perform. Llewelyn elaborates on how approval tests can help test code at a higher level than traditional unit tests. They also discuss using approval tests to help get legacy code under test. This episode sponsored by Data Annotation.

Rishi Singh, founder and CEO at Sapient.ai, speaks with SE radio’s Kanchan Shringi about using generative AI to help developers automate test code generation. They start by identifying key problems that developers are looking for in an automated test-generation solution. The discussion explores the capabilities and limitations of today’s large language models in achieving that goal, and then delves into how Sapient.ai has built wrappers around LLMs in an effort to improve the quality of the generated tests. Rishi also suggests how to validate the generated tests and outlines his vision of the future for this rapidly evolving area. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Goran Petrovic, a Staff Software Engineer at Google, speaks with host Gregory M. Kapfhammer about how to perform mutation testing on large software systems. They explore the design and implementation of the mutation testing infrastructure at Google, discussing the strategies for ensuring that it enhances both developer productivity and software quality. They also investigate the findings from experiments that quantify how mutation testing enables software engineers at Google to write better tests that can detect defects and increase confidence in software correctness. Brought to you by IEEE Computer Society and IEEE Software magazine.

Itamar Friedman, the CEO and co-founder of CodiumAI, speaks with host Gregory M. Kapfhammer about how to use generative AI techniques to support automated software testing. Their discussion centers around the design and use of Cover-Agent, an open-source implementation of the automated test augmentation tool described in the Foundations of Software Engineering (FSE) paper entitled “Automated Unit Test Improvement using Large Language Models at Meta“ by Alshahwan et al. The episode explores how large-language models (LLMs) can aid testers by automatically generating test cases that increase the code coverage of an existing testing suite. They also investigate other automated testing topics, including how Cover-Agent compares to different LLM-based tools and the strengths and weaknesses of using LLM-based approaches in software testing.

Today we're going to perform some AMD TRX40 motherboard VRM thermal testing using the powerful 64-core Threadripper 3990X. To apply load we're using Blender with the system running at stock and overclocked to 3.8 GHz. The typical power draw for this system is around 450 watts, but once overclocked we are hitting as much as 850 watts. Toasty!... [PCSTATS]

If you're tight on cash but want a really good monitor, this is the article for you. For putting together this buying guide we narrowed down our options to displays that give you the best experience for the lowest possible price.... [PCSTATS]

Trees and edible plants are being planted at churches, schools, street corners, and empty lots across the country to provide free shade and food to all.

Palestinians in Gaza and the West Bank fighting for the right to a homeland, and for their basic right to water—which Israel continues to deny.

Sage Regenerative Kitchen’s executive chef explains why she added meat to the menu—and why she believes so deeply in regenerative farming.

Journalist Peter Yeung explains how Los Cedros has remained protected for years thanks to Ecuador’s constitution extending rights to nature.

High-profile, disruptive protests can lead to increased polarization—but often still yield increased public support for the protest’s goals, even if the tactics are criticized.

The United States has historically provided hundreds of billions of dollars in foreign aid to Israel. The flow of taxpayer funds to Israel’s military has only increased since Israeli forces