InfoQ Homepage Articles
-
/articles/chess-secureprog/en/smallimage/static-analysis-logo.jpg)
Brian Chess on Static Code Analysis
Building security into software applications from the initial phases of development process is critical. Static code analysis gives developers the ability to review their code without actually executing it to uncover potential security vulnerabilities. InfoQ spoke with Brian Chess about static analysis and how it compares with other security assessment techniques like penetration testing.
-
/articles/agile-10-years-on/en/smallimage/anniversary.jpg)
Agile 10 Years On
James Coplien looks from the hacker culture of the 1960s, through objects in the 1980s and forward to the future to put the Agile Mainfesto in context of the 20 year cycle of fashion and change. He argues against mindless adherence to a particular set of rules and tools and for carefully thought out application of good practices that support the production of good quality software products.
-
/articles/tesauro-owasp-wte/en/smallimage/owasp2 jpg.jpg)
Matt Tesauro on OWASP Web Testing Environment (WTE) Project
Web Testing Environment (WTE) project, a part of The Open Web Application Security Project (OWASP) organization, makes application security tools available to application developers and QA testers. InfoQ caught up with WTE project lead Matt Tesauro to learn more about the background, current state, various tools it supports and the future road map of the project.
-
/articles/personal-reflection-agile-ten-years-mellor/en/smallimage/anniversary.jpg)
A Personal Reflection on Agile Ten Years On
Stephen J Mellor was one of the original signatories of the Agile Manifesto. He attended the Snowbird meeting “as a spy” with but found himself agreeing with most of what was being said and became a proponent of Agile techniques and emphasizes the value of modelling in the Agile world. We rarely see the words “agile” and “model” in the same sentence, but they are not at all in conflict.
-
/articles/agile-contracts/en/smallimage/AgileContract_V1.jpg)
Agile Contracts
The traditional Waterfall model fits nicely with the way companies buy things: requirements are drawn up, a supplier quotes a price, and everyone signs a legally binding agreement. Contracts written this way seldom offer the freedom to work using an Agile approach. This article examines four separate models available to suppliers and customers for establishing contracts for Agile work.
-
/articles/xtext_ts/en/smallimage/xtext.jpg)
Xtext/TS - a Typesystem Framework for Xtext
Since the release of version 1.0, it has become feasible to build complex expression languages in Xtext. However, once you have expressions, you typically also need a type system. In this article Markus Völter describes a framework for specifying type systems for expression languages built using Xtext.
-
/articles/100SOAQuestions/en/smallimage/ShowCover.aspx.jpg)
Book Excerpt and Interview: 100 SOA Questions Asked and Answered
A new "100 SOA Questions Asked and Answered " book by Kerrie Holley and Ali Arsanjani provides a deep insight into SOA covering a wide spectrum of topics from SOA basics to its business and organizational impact, to SOA methods and architecture to SOA future. InfoQ spoke with Kerrie Holley and Ali Arsanjani about their book.
-
/articles/agile2011-submissions-guide/en/smallimage/agile 2011.gif)
Submissions and Reviews in the Agile2011
Chris Matts who has been part of the Agile Conference submission review team gives advice to submitters of Agile 2011 candidate sessions on how improve their changes of acceptance. Chris also provides advice to session reviewers of Agile 2011, the largest annual Agile event.
-
/articles/ApacheAvro/en/smallimage/avro-logo.png)
Using Apache Avro
Boris Lublinsky presents an introduction to AVRO and evaluate its usage for Schema componentization, inheritance and polymorphism. He also discusses backward compatibility issues and AVRO solutions for this problem.
-
/articles/deft-loft/en/smallimage/async-evented-jvm.jpg)
Asynchronous, Event-Driven Web Servers for the JVM: Deft and Loft
Asynchronous, event-driven architectures have been gaining a lot of attention lately, mostly with respect to JavaScript and Node.js. Deft and Loft are two solutions that bring "asynchronous purity" to the JVM.
-
/articles/surviving-asynchronous-programming-in-javascript/en/smallimage/infoq-vp-async-js.jpg)
Virtual Panel: How to Survive Asynchronous Programming in JavaScript
Using callback-passing for asynchronous actions does not compose very well and might create complex flows of passing callbacks around to handle return values. The JavaScript community is aware of this and has come up with several libraries to deal with it. In this virtual panel, InfoQ has interviewed the creators of the most popular of these libraries.
-
/articles/it-architecture-inside-out-perspectives/en/smallimage/architecture.gif)
IT And Architecture: Inside-Out Perspectives
The software industry is in disarray, costs are escalating, and quality is diminishing. Promises of newer technologies and processes and methodologies in IT are still far from materializing on any significant scale. Bruce Laidlaw and Michael Poulin - each with more than 30 years of experience compared notes on the past and present of IT and provide insights on what IT needs to make progress.