Worse though, I don't think that security testing can be made robust enough to protect against someone injecting dangerous code into the software from the inside--and inside, for open source, means anyone who cares to join the project or create their own distribution.
Bosh. Open source project leaders - especially the leaders of popular projects - don't let just anyone have write access. Also, commits almost always go to a mailing list to be reviewed by the other committers and lurkers.
And of course, there's no way a commercial product could be infiltrated by someone who wants to inject harmful code. Impossible!
Subqueries allow you to use the result of one query as a component of a larger query. The MySQL server already supports some forms of this technique, such as INSERT INTO... SELECT..., and this support will be expanded in version 4.1 to include nested SELECT queries, which is one of the most-requested features from our users.
> for running down its prey in open, flat terrain.
Nifty! I'll have to bring that up at our next group noodle. Thanks.
> for a cougar
After working on this program for a couple of years and seeing it spelled "cougaar" over and over, my mind sees the correct spelling "cougar" as a mispeling. Ack!
> how come you're using Ruby and > not a Java wrapper
We've put together a distributed testing and control framework in Ruby, and so we used Jabber as middleware between Java and Ruby. We've got some in house expertise in Ruby and it just made sense to use a scripting language to do some of the sorts of things we're doing.
> Peter Saint-Andre and Matt Miller will > be talking about Jabber
It's because the the Web Ontology Language Working Group disliked the acronym "WOL" and decided to call it OWL.
Also, consider the A. A. Milne character Owl, who "could spell his own name WOL, and he could spell Tuesday so that you knew it wasn't Wednesday, and he could read quite comfortably when you weren't looking over his shoulder saying "Well?" all the time...".
....that is, the Ontological Web Language, you might be interested in SemWebCentral, a new project hosting site for Semantic Web projects that just opened up.
Many of the tools from the DAML project have already moved over to SemWebCentral; it's definitely worth a look.
I do it because it's interesting. It's interesting to see this aspect of an open source codebase - what sorts of things are duplicated? What does the code look like surrounding the duplicate chunks? Often you'll see comments like "whew, gotta clean this up" in the vicinity - it's provides some insight into the program that you might not otherwise see.
If I got modded to Offtopic every time I posted these, I'd stop. But they usually get modded way up, and the links get clicked on a couple thousand times. That's because, I think, a lot of other folks find these reports interesting, too.
Note that I'm not selling PMD or CPD - they're open source, free, on Sourceforge, and are an ongoing project to which many folks have contributed.
Also, I don't post the the reports inline - I just post a link so you don't have to scroll through ten pages. So if you don't like them, you can just hit the down arrow once or twice and you'll be past it.
> have the option of going to a state or county > that will save you 10% in taxes
Well said.
This is one reason why California is in such trouble - the govt made it clear that it detests people with money (by taxing them madly) and so the number of millionaires there has dropped from 44,000 to 27,000. So the folks that were paying all the taxes are gone... leaving the state with no money.
Re:Why do big companies want pseudo-compiled langs
on
How C# Was Made
·
· Score: 2, Insightful
> it is easy to see the logic by just > decompiling the source code.
You mean bytecode, probably.
> the business systems logic can be > EXTREMELY complicated
If it's that complicated, having a bunch of decompiled source code is not going to be that useful. You're better off programming it yourself so you understand it and can change it when you need to.
> Pseudo-compiled languages are slower.
But not _much_ slower. A $3K dual CPU Linux server can serve up a lot of Tomcat hits. Need more? Buy a load-balancer and a few more servers. Not a big deal.
Here's a direct link to the Artima articles...
on
How C# Was Made
·
· Score: 5, Informative
...right here to save you a click thru the MSDN page.
Co-owners Ken and Tom Carlton spent $200 a month to get an ad for their business to pop up when someone searched for "roll forming," a process that turns metal into different shapes.
I bet an article on "roll forming" would have worked just as well. If someone wants to find a SOAP client for GForge, typing "gforge soap client" into Google puts you where it should - right here.
Seems like this is being made a bit more complicated than necessary....
Forty-seven years after IBM unleashed it, Fortran (formula translation), the original "high-level" programming language, would seem to be the infotech equivalent of cuneiform. But it's still widely used, especially in scientific computing.
No need to throw the Fortran libraries away, though, just wrap them in a higher level language. Chances are it'll be fast enough, and it'll almost certainly be a lot easier to use.
...including ant algorithms, simulated annealing, and fuzzy logic is M. Tim Jones' AI Application Programming.
The examples are especially helpful; they're written in nice portable C. I've been working on a little project to translate them to Ruby; porting notes and Gnuplot charts and such are here and the code for the Ant Algorithm translation is here.
$ java net.sourceforge.pmd.PMD ~/tmp/eec/embedded_ethernet_complete_code/ text rulesets/unusedcode.xml -shortnames
Tini/RealTimeWebPage/RealTimeWebPag e.java 42 Avoid unused local variables such as 'server' Tini/SendEmailMailto/SendEmail.java  ; 106 Avoid unused local variables such as 'mySendEmail' Tini/TcpServer/TcpServer.java 35 Avoid unused local variables such as 'myTcpServer' Tini/UdpReceive/UdpReceive.java 31 Avoid unused local variables such as 'myUdpReceive' Tini/UdpSend/UdpSend.java 43 Avoid unused local variables such as 'myUdpSend'
Slashdot Mirror
Bosh. Open source project leaders - especially the leaders of popular projects - don't let just anyone have write access. Also, commits almost always go to a mailing list to be reviewed by the other committers and lurkers.
And of course, there's no way a commercial product could be infiltrated by someone who wants to inject harmful code. Impossible!
Almost there...
> for running down its prey in open, flat terrain.
Nifty! I'll have to bring that up at our next group noodle. Thanks.
> for a cougar
After working on this program for a couple of years and seeing it spelled "cougaar" over and over, my mind sees the correct spelling "cougar" as a mispeling. Ack!
> how come you're using Ruby and
> not a Java wrapper
We've put together a distributed testing and control framework in Ruby, and so we used Jabber as middleware between Java and Ruby. We've got some in house expertise in Ruby and it just made sense to use a scripting language to do some of the sorts of things we're doing.
> Peter Saint-Andre and Matt Miller will
> be talking about Jabber
Cool. I work with Dana Moore and Bill Wright who wrote the Jabber Developer's Handbook. Fun stuff!
> a picture of a cheetah?
Is it? Hm. How can you tell the difference?
...on Sourceforge here, screenshots here.
The mailing list seems pretty active, which is usually a good sign...
....we've been using the Jabber4R Ruby wrapper to route Cougaar status messages for a couple years now.
It's kind of running out of gas on us as our message volume increases, but it's worked well enough so far...
It's because the the Web Ontology Language Working Group disliked the acronym "WOL" and decided to call it OWL.
Also, consider the A. A. Milne character Owl, who "could spell his own name WOL, and he could spell Tuesday so that you knew it wasn't Wednesday, and he could read quite comfortably when you weren't looking over his shoulder saying "Well?" all the time...".
There's also an RDF graph browser here. Open source, too.
....that is, the Ontological Web Language, you might be interested in SemWebCentral, a new project hosting site for Semantic Web projects that just opened up.
Many of the tools from the DAML project have already moved over to SemWebCentral; it's definitely worth a look.
> This guy posts the exactly same
I do it because it's interesting. It's interesting to see this aspect of an open source codebase - what sorts of things are duplicated? What does the code look like surrounding the duplicate chunks? Often you'll see comments like "whew, gotta clean this up" in the vicinity - it's provides some insight into the program that you might not otherwise see.
If I got modded to Offtopic every time I posted these, I'd stop. But they usually get modded way up, and the links get clicked on a couple thousand times. That's because, I think, a lot of other folks find these reports interesting, too.
Note that I'm not selling PMD or CPD - they're open source, free, on Sourceforge, and are an ongoing project to which many folks have contributed.
Also, I don't post the the reports inline - I just post a link so you don't have to scroll through ten pages. So if you don't like them, you can just hit the down arrow once or twice and you'll be past it.
> common semantics of different idioms
I don't understand. How does a 66 line chunk of duplicate code constitute a "common semantic" or a "different idiom"?
...in the report for Video Toaster CG as analyzed by CPD.
> You just bought a bunch of hardware;
> you just proved his point.
Not really; his point was that I'd buy a $60K E6500, my point was that I'd buy a couple of $3K pizza boxes.
> Throwing hardware at the problem is very
> often the cheapest solution
Yup, and if you can cut your development time down by using Java vs C, everyone's happy.
> have the option of going to a state or county
> that will save you 10% in taxes
Well said.
This is one reason why California is in such trouble - the govt made it clear that it detests people with money (by taxing them madly) and so the number of millionaires there has dropped from 44,000 to 27,000. So the folks that were paying all the taxes are gone... leaving the state with no money.
> it is easy to see the logic by just
> decompiling the source code.
You mean bytecode, probably.
> the business systems logic can be
> EXTREMELY complicated
If it's that complicated, having a bunch of decompiled source code is not going to be that useful. You're better off programming it yourself so you understand it and can change it when you need to.
> Pseudo-compiled languages are slower.
But not _much_ slower. A $3K dual CPU Linux server can serve up a lot of Tomcat hits. Need more? Buy a load-balancer and a few more servers. Not a big deal.
...right here to save you a click thru the MSDN page.
...wrapper in Ruby right here. Could be handy down the road...
...might be to use a higher level language wrapper like Ruby/GTK.
Prototyping an app will probably take less time if you don't have the compile/link cycle... worth a try, anyhow.
...the daily build!
Which is in the green, thanks very much.
I bet an article on "roll forming" would have worked just as well. If someone wants to find a SOAP client for GForge,
typing "gforge soap client" into Google puts you where it should - right here.
Seems like this is being made a bit more complicated than necessary....
Right, assuming you're using C. But it might be easier (if you know Ruby) to use, say, Ruby/DL and then do something like (Win32 API example):
No need to throw the Fortran libraries away, though, just wrap them in a higher level language. Chances are it'll be fast enough, and it'll almost certainly be a lot easier to use.
...including ant algorithms, simulated annealing, and fuzzy logic is M. Tim Jones' AI Application Programming.
The examples are especially helpful; they're written in nice portable C. I've been working on a little project to translate them to Ruby; porting notes and Gnuplot charts and such are here and the code for the Ant Algorithm translation is here.
And the usual code quality report courtesy PMD: