Programming Leftovers
-
The Register UK ☛ NIST turns to IT consultants to help clear NVD backlog
Facing a growing backlog of reported flaws, NIST has extended a commercial contract with an outside consultancy to help it get on top of its National Vulnerability Database (NVD).
NIST has an ongoing five-year $125 million contract with Maryland-based Analygence for various bits of IT and security-related work.
-
Leon Mika ☛ Some More Thoughts On Unit Testing
Kinda want to avoid this blog descending into a series of “this is wrong with unit testing” posts, but something did occur to me this morning. We’ve kicked off a new service at work recently. It’s just me and this other developer working on it at the moment, and it’s given us the opportunity to try out this “mockless” approach to testing, of which I ranted about a couple of weeks ago (in fact, the other developer is the person I had that discussion with). And it’s probably no surprise, but I’m finding writing tests this way to be a much nicer experience already.
-
Jamie Brandon ☛ Ruminating about mutable value semantics
In particular, for goal 2 I want to guarantee that deserialize(serialize(x)) == x .
It's tricky to satisfy both goals, because as soon as you allow mutable references you can create circular data-structures and have to deal with questions of identity vs value. Javascript, for example, doesn't satisfy goal 2 even though it has pervasive serialization in the form of json:
-
Francesco Mazzoli ☛ Message authentication codes for safer distributed transactions
I’ve been developing and quickly deploying a distributed system, which is a class of software where bugs are expensive. A few hundred petabytes later, we haven’t lost a single byte of data, also thanks to a simple trick which catches a large class of bugs when delegating responsibilities to possibly buggy software.1 It’s a neat use of cryptography beyond security, so here’s a small description.
-
MaskRay ☛ Understanding orphan sections
GNU ld's output section layout is determined by a linker script, which can be either internal (default) or external (specified with -T or -dT). Within the linker script, SECTIONS commands define how input sections are mapped into output sections.
-
Jim Nielsen ☛ “Just” One Line
But “just one line” is a facade. It comes with hundreds, thousands, even millions of lines of code. You don’t know how many and it’s not usually disclosed.
There’s a big difference between the interface to a thing being one line of code, and the cost of a thing being one line of code.
-
Rlang ☛ Why you need small, informative Git commits
“Make small Git commits with informative messages” is a piece of advice we hear a lot when learning Git. That’s why we might want to sometimes rewrite history in a branch. In this post, I’d like to underline three main (😉) reasons why you’ll be happy you, or someone else, made small and informative Git commits in a codebase.
A disclaimer: these three reasons are only valid if you do not write perfectly working and readable code all the time. If you do, you won’t need to use your Git log for debugging and undoing purposes, so who cares about your Git commits?