I was working with quality yesterday doing some formal testing. In their procedure they were verifying all files on the test machine were pulled from the release. The way they were verifying these files were the same was by checking the size and the date/time stamp windows put on them in explorer. These happened to be off for another ...
When writing code do you consciously program defensively to ensure high program quality and to avoid the possibility of your code being exploited maliciously, e.g. through buffer overflow exploits or code injection ? What's the "minimum" level of quality you'll always apply to your code ?...
I know most people have code review and standards in place, but I work at a place with poor standards. I'm not saying that my code is flawless by any means, but I find the code my fellow members submit is totally lacking of structure, standards, naming convention, etc. Whole code blocks that have been replaced are still left commented ...
While trying to advocate more developer testing, I find the argument "Isn't that QA's job?" is used a lot. In my mind, it doesn't make sense to give the QA team all testing responsibilities, but at the same time Spolsky and others say you shouldn't be using the $100/hr developers to do something a $30/hr tester could be doing. What are...
I have a product, X, which we deliver to a client, C every month, including bugfixes, enhancements, new development etc.) Each month, I am asked to err "guarantee" the quality of the product. For this we use a number of statistics garnered from the tests that we do, such as: reopen rate (number of bugs reopened/number of corrected bugs...
Hi all, There's a discussion going on over at comp.lang.c++.moderated about whether or not assertions, which in C++ only exist in debug builds by default, should be kept in production code or not. Obviously, each project is unique, so my question here is not so much whether assertions should be kept, but in which cases this is recommen...
G'day, I was thinking about a comment from Kristopher Johnson about my answer to this question regarding Software Development Quality. I'd posted a list of software quality metrics that I could think of off the top of my head that included: McCabe Cyclometric Complexity - basically a measure of the number of linear paths through code...
UPDATED: I'm asking this from a development perspective, however to illustrate, a canoical non-development example that comes to mind is that if it costs, say, $10,000 to keep a uptime rate of 99%, then it theoretically can cost $100,000 to keep a rate of 99.9%, and possibly $1,000,000 to keep a rate of 99.99%. Somewhat like calculus...
When triaging bugs for a release, what criteria are typically used to determine whether the bug will be fixed for the release? ...
Are there any tools available that will calculate code metrics (for example number of code lines, cyclomatic complexity, coupling, cohesion) for your project and over time produce a graph showing the trends? ...
Let's just say the boss is addicted to the price of poor code, and will keep on outsourcing chunks of greenfield projects to cheap labour, only to get inhouse devs to fix the bugs. ...
Are there any tools available for calculating the average number of lines of code per method? I want to know the average size of each method, not just the total number of lines in the project. The per method count will allow me to measure how simple each method is. This will be calculated as part of the build process, and displayed on ...
This isn't so much as a question, as an idea which I think would be helpful. I decided to post it here to get feedback on the idea. I'm not sure if this isn't exactly the right place to post it, but I wanted to see what you guys think. My idea is to create an code checkin policy which displays a diff of each modified file. To be able to...
I would like your opinion (through experience) of implementing stricter processes in the aim of improving quality of shipping software. Assume a fairly large software with lots of processes(89) and databases and messaging, IPC, sockets, web servers and the full works (enterprisy made in Java). Some parts are fairly messy (1000 line funct...
Our team is pretty committed to code walkthroughs. I define a walkthrough as: Where two people sit down next to a computer and look at a diff prior to committing. I do find them to be very time consuming, but it is often the case that good results are generated from such a procedure. So my question is, what is the single technique/...
Hi, Is there a open source or free suite that can integrate testcases, tests, bugs and possibly the fixes(source code) together. Maintaining the requirements in this system is not a necessity (though, it would be nice to enter a requirement id for each testcase in a custom field). We are a small organization and cannot afford something...
About ten years ago, a "Terry Colligan" published a buncha interesting pages on defect-free software. He noticed that a woman who worked for him produced code with lots fewer bugs and his company expanded on this --- even advertising "automatic QA". At least some of his web pages are still up: http://www.tenberry.com/nodefect.htm Wha...
As you work in a legacy codebase what will have the greatest impact over time that will improve the quality of the codebase? Remove unused code Remove duplicated code Add unit tests to improve test coverage where coverage is low Create consistent formatting across files Update 3rd party software Reduce warnings generated by static ana...
What tools do you use to check your C code ? That is, a tool that helps you determine if you don't have unwanted infinite loop, if you silently cast enum to int, etc. (like a C lint) Please, precise if it is opensource and on which OS is runs. Edit : telll also which C standard it supports ...
Imagine you're working with developers who habitually write 300 line nested methods full of errors, possible errors, etc. etc. Applications regularly throw exceptions as a matter of course, and much time is spend hunting odd intermittent bugs. How do you go about making the case for better code and better standards? How do you make the...