Tag: tool

Tool Selection Process

by scmgalaxy KOthers Version Control Systems / Version Control SystemsLeave a Comment on Tool Selection Process

mfeighner created the topic: Tool Selection Process
www.cmbestpractices.com/index.php?option…d=44:tools&Itemid=81

rajeshkumar replied the topic: Tool Selection Process
Hi Mike,
Is it your website? seems the post have been wrongly-linked with other thread..
Regards,
Rajesh Kumar
Twitt me @ twitter.com/RajeshKumarIn

mfeighner replied the topic: Tool Selection Process
no, not mine, Bob Aiello’s…

Tagged :

Is there a command line tool?

by scmgalaxy KGeneralLeave a Comment on Is there a command line tool?

msiexpert created the topic: Is there a command line tool?
Is there a command line tool?

applicationPackaging replied the topic: Re: Is there a command line tool?
The command line tool freeze can be used to build a project from the shell.

1 Launch the Terminal application.
2 Type freeze
3 Drag and drop the Iceberg project from the Finder to the Terminal window.
4

Launch the build by pressing Return.
Note: If you launch the tool with no arguments, the freeze usage will be displayed.
Example:

$ freeze
usage: freeze [-v] [-d ] file …
$ freeze /Users/peter/Documents/PackInstall/PackInstall.packproj

Tagged :

Actual Installer, this tool with its safe and reliable interface creates amazing

by scmgalaxy KGeneralLeave a Comment on Actual Installer, this tool with its safe and reliable interface creates amazing

InstallerGeek created the topic: Actual Installer, this tool with its safe and reliable interface creates amazing
Installation packages are supposed to be the last but not the least step in developing a software. This tool is exclusively designed to remove all possible hiccups caused during installation of software’s and create simple installation packages. The simple interface of the tool comprises of features like; support for single self-extracting executable file, allows excellent compression, supports multi-language installations, specify Readme and License Agreement texts for every language, License Agreement and ReadMe texts displayed in the TXT or RTF formats, auto check for system requirement, registry and INI files modification, file associations, shortcuts, fonts and COM registrations, custom commands execution, User information query and more.

This tool comes in a time saving and money saving package to make installations easier, faster and more reliable.

Tagged :

Top 10 Static Code Analysis Tool | Best Static Code Analysis Tools List

by scmgalaxy KCode AnalysisLeave a Comment on Top 10 Static Code Analysis Tool | Best Static Code Analysis Tools List
top-10-static-code-analysis-tool
Software security is a very important concern for todays Software market and for that you need to do code analysis in the development lifecycle. Now we can not imagine ourselves to sit back and do manual reading each line of codes and find issues and bugs. Those days of manual review in the software development lifecycle to find the flaws in the codes are over now.
Now the mindsets has changed and developing quality & secure code from the beginning is on rise. This is the time of automation and developers & programmers are now shifting towards the adoption of tools which auto detects the flaws as soon as possible in the software development lifecycle.
As the process shifting towards the automation, static code analysis (SCA) has become an important part of creating quality code. Now the question here is, What is Static Code Analysis?

Static Code Analysis is a technique which quickly and automatically scan the code line by line to find security flaws and issues that might be missed in the development process before the software or application is released. It functions by reviewing the code without actually executing the code.

There are three main benefits of Static analysis tools
1. Automation —  Automation can save your time and energy which ultimately means you can invest your time and energy in some other aspects of development lifecycle, which will help you to release your software faster.
2. Security — Security is also one of the major concern and by adopting Static analysis you can cut the doubt of security vulnerabilities in your application, which will ensure that you are delivering a secure and reliable software.
3. Implementation — Static analysis can be implemented as early in the software development lifecycle (SDLC) as you have code to scan, it will give more time to fix the issues discovered by the tool. The best thing of static analysis is that it can detect the exact line of code that’s been found to be problematic.
There are so many Static code analysis tools are available to ease our work but to choose good tools among them is really a challenging task. I have done some research and providing you the list of top 10 static code analysis tools:-

1. VisualCodeGrepper

static-code-analysis-tool-visualcodegrepper
Visualcodegreeper is an open source automated code security review tool which works with C++, C#, VB, PHP, Java and PL/SQL to track the insecurities and different issues in the code. This tool rapidly review and depicts in detail the issues it discovers, offering a simple to use interface. It allows custom configurations of queries and it’s updated regularly since its creation (2012).
2. Coverity

static-code-analysis-tool-coverity

Coverity is also an open source static code analysis tool which supports C, C++, C#, Objective-C, Java, Javascript, node.JS, Ruby, PHP & Python. It is an excellent static analysis product with support of 100 compilers & detailed and clear description of the code issues you can use it in your desktop environment to quickly find and resolve the errors before checking in the code.

3. Veracode

static-code-analysis-tool-veracode

Veracode is also one of the best static code analysis tool which can find security flaws in application binary code – compiled or “byte” code even when the consideration of source code is not available. Veracode supports multi-languages which includes .NET (C#, ASP.NET, VB.NET), Java (Java SE, Java EE, JSP), C/C++, JavaScript (including AngularJS, Node.js, and jQuery), Python, PHP, Ruby on Rails, ColdFusion, Classic ASP, including mobile applications on the iOS and Android platforms and written in JavaScript cross platform frameworks.

4. YASCA

static-code-analysis-tool-yasca

“Yet Another Source Code Analyzer (YASCA)” is an open source stactic code analysis tool which supports HTML, Java, JavaScript, .NET, COBOL, PHP, ColdFusion, ASP, C/C++ and some other languages. It is an easy to extend and a flexible tool which can integrate with variety of other tools which includes CppCheck, Pixy, RATS, PHPLint, JavaScript Lint, JLint, FindBugs and various others.
5. Cppcheck

static-code-analysis-tool-cppcheck

Cppcheck is an open source static code analysis tool for C/C++. Cppcheck basically identifies the sorts of bugs that the compilers regularly don’t recognize. The objective is to identify just genuine mistakes in the code. It provides both interface command line mode and graphical user interface (GUI) mode and has possiblitites for environment integration. Some of them are Eclipse, Hudson, Jenkins, Visual Studio.

6. Clang

 

static-code-analysis-tool-clang
Clang is also one of the best static code analysis tool for C, C++ and objective-C. This analyzer can be run either as standalone tool or within Xcode. It is an open source tool and a part of the clang project. It utilizes the clank library, hence forming a reusable component and can be utilized by multiple clients.

7. RIPS

 

static-code-analysis-tool-rips
RIPS is a static code analyzer tool to detect different types for security vulnerabilities in PHP codes. RIPS also provide integrated code audit framework for manual analysis. It is an open source tool too and can be controlled via web interface.
8. Flawfinder
static-code-analysis-tool-flawfinder
Flawfinder is also one of the best static analysis tool for C/C++. This tool is easy to use and wel designed. It reports possible security vulnerabilities sorted by risk level. It is an open source tool written in python and use command line interface.
9. DevBug
static-code-analysis-tool-devbug
DevBug is an online PHP static code analyser which is very easy to use and written on Javascript. It was intended to make essential PHP Static Code Analysis accessible on the web, to raise security mindfulness and to incorporate SCA into the development procedure. This analyser tool is also available in open source.

10. SonarQube

 

static-code-analysis-tool-devbug
SonarQube is one of the best and well known open source web based static code analysis tool, it can scan projects written in many different programming languages including  ABAP, Android (Java), C, C++, CSS, Objective-C, COBOL, C#, Flex, Forms, Groovy, Java, JavaScript, Natural, PHP, PL/SQL, Swift, Visual Basic 6, Web, XML, Python and also allows a number of plug ins. What makes SonarQube really stand out is that It provides metrics about your code which will to help you to take the right decision and translates these non-descript values to real business values such as risk and technical debt.
So, above we mentioned top selective static code analysis tools which can be helpful, but if you think this lists should contain some other tools than feel free to share in comment box.
Tagged : / / / / / / / / / / / / / /

Top 5 IT Management Tools | IT Management Software

by scmgalaxy KIT Infrastructure Monitoring ToolsLeave a Comment on Top 5 IT Management Tools | IT Management Software

it-management-tools

IT Management Software | Top 5 IT Management Tools

  • Servicenow
  • BMC Remedy
  • Jira
  • Salesforce
  • Sharepoint
Tagged : / / / / / / / / / / / / / / / / /

Best Open Source Scanning Software

by scmgalaxy KGeneralLeave a Comment on Best Open Source Scanning Software

Open Source Scanning Software

  • Palamida

  • openlogic

  • Blackduck

  • fisheye

Tagged : / / / / / / / / / / / / / / / / /

Top 5 git version control software in cloud

by scmgalaxy KVersion Control SystemsLeave a Comment on Top 5 git version control software in cloud

top-5-version-control-software-in-cloud

  1. Cloud Based
  2. cloudforge
  3. Assembla
  4. github
  5. bitbucket
  6. beanstalk
  7. Gitlab

Some of them can be hosted behind the firewall as well in your company premises.

  1. Gerrit
  2. Gitlab
  3. Github
Tagged : / / / / / / / / / / / / /

Interview Questions and Answer for Perforce Version Control Tool

by scmgalaxy KInterview Questions & AnswersLeave a Comment on Interview Questions and Answer for Perforce Version Control Tool

perforce-interview-questions-answers

Some of the perforce commands which is not commonly used but useful.
p4 annotate – Print file lines along with their revisions.
e.g p4 annotate file.c

How to ignore files/folder in perforce workspace/client?
Assuming you have a client named “CLIENT”, a directory named “foo” (located at your project root), and you wish to ignore all .dll files in that directory tree, you can add the following lines to your workspace view to accomplish this:

-//depot/foo/*.dll //CLIENT/foo/*.dll
-//depot/foo/…/*.dll //CLIENT/foo/…/*.dll

The first line removes them from the directory “foo” and the second line removes them from all sub directories. Now, when you ‘Reconcile Offline Work…’, all the .dll files will be moved into “Excluded Files” folders at the bottom of the folder diff display. They will be out of your way, but can still view and manipulate them if you really need to.

You can also do it another way, which will reduce your “Excluded Files” folder to just one, but you won’t be able to manipulate any of the files it contains because the path will be corrupt (but if you just want them out of your way, it doesn’t matter).

-//depot/foo.../*.dll //CLIENT/foo.../*.dll

Reference
How can I exclude a directory from a Perforce command?

P4IGNORE
Specify a file that contains a list of files to ignore when adding files to the depot and reconciling workspaces.
Reference

How to check last 10 submitted, pending, or shelved changelists that include any file under the project directory?
p4 changes -m 5 //depot/project/…

How to check last 10 submitted or pending, or shelved changelists that include any file under the project directory?
p4 changes -m 1 -s submitted | pending | shelved

Interview Questions Related to Perforce Admin

  1. How to take perforce backup
  2. How to restore perforce backup
  3. How to verify health of the perforce repos database
  4. What is the ise of p4 dbverify and p4 verify

What is the use of p4 admin commands.

The p4 admin command allows Perforce superusers to perform administrative tasks even when working from a different machine than the one running the shared Perforce service.
p4 [g-opts] admin checkpoint [ -z | -Z ] [ prefix ]
p4 [g-opts] admin journal [ -z ] [ prefix ]
p4 [g-opts] admin stop
p4 [g-opts] admin restart
p4 [g-opts] admin updatespecdepot [ -a | -s type ]
p4 [g-opts] admin resetpassword -a | -u user
Reference – Click here

How to remove files from perforce permanently?
p4 archive -p with caution. This is the one of only two commands in Perforce that actually removes file data. (The other command that removes file data is p4 obliterate.)

How to set properly in Perforce?
The Perforce service offers three ways of storing metadata: counters/keys, attributes, and properties.

If your application requires only the flat storage of simple key/value pairs, and attempts to implement no security model, use the p4 counters and p4 keys commands.

The p4 property command can be used by administrators to view and update property definitions stored in the Perforce service. The service does not use the property definitions; it provides this capability for other Perforce applications, such as P4V

If your application’s metadata is associated with particular files, use p4 attribute.

If your application’s metadata is not associated with files, and if you have a requirement to restrict its visibility to users, groups, and/or to control the precedence of multiple values using sequence numbers, use p4 property.

p4 property -n name -v value
p4 counter mycounter 123
p4 key mykey 12
p4 attribute -n name [ -v value ] files…

Perforce Integration with other Tools

  1. Gitfushion
  2. Swarm
  3. Replication
Tagged : / / / / / / / / / / / / / / /

Overview of EMMA | Code Coverage Tool – EMMA

by scmgalaxy KCode AnalysisLeave a Comment on Overview of EMMA | Code Coverage Tool – EMMA

emma-overviewOverview

EMMA is a tool for measuring coverage of Java software. Such a tool is essential for detecting dead code and verifying which parts of your application are actually exercised by your test suite and interactive use.
EMMA’s design strives for several, very elusive in their combination, goals:

  • report rich coverage analysis data without introducing significant overhead during either build or execution time
  • be useful in team development environments, while at the same time enabling fast individual develop-test cycle
  • support quick development and testing of small standalone Java applications as well as scale up to massive enterprise sotfware suites containing thousands of Java classes

Advantages of Emma over other coverage tools

EMMA differs from other coverage tools in its extreme orientation towards fast iterative develop-test style of writing software. JVM Profiler Interface (JVMPI)-based tools do not require an instrumented source build, but the runtime overhead of running with JVMPI on is empirically known to be very high and results in depressingly slow testsuite runs. For tools based on source code instrumentation, having to wait for a full source code rebuild just to check coverage metrics is not something a normal developer wants to do several times during a day. EMMA’s goal is to be so unintrusive that frequent daily checking of coverage numbers becomes second nature to every developer on the team, if not a completely automatic byproduct of every test run.

Install and Configuration

Method 1: To run on Command Line.
Copying emma.jar to <your jre dir>/lib/ext/ directory for whichever JRE you use from command line.
Method 2:
Still, if you are wary of adding a third-party library as a standard JRE extension, just make sure that all your EMMA command line invocations add emma.jar to the JVM classpath:
>java -cp …/lib/emma.jar <emma or emmarun command>

Implementing EMMA with Application

  • On the Fly Mode – Based suited for Standalone Application
  • Offline Mode – Best suited for J2EE framework based application

Implement EMMA in J2EE project {WebLogic, Websphere, Tomcat, JBoss, …}?

There are very less opportunities given by Emma that  you would be able setup emma for J2EE Project on the fly mode. The reason behind this to fact that many J2EE features requires specialized class loading that will happen outside EMMA instrumenting class holder. The server might run fine but you will unlikely to get EMMA report.
So, based Procedures to Instrument your classes prior to deployment (offline mode); offline instrumentation always follows the same compile / instrument / Package / deploy / get coverage / Generate report sequence.
There are following steps need to follow to implement EMMA in J2EE based project…

  • Use EMMA’s instr tool to instrument the desire classes. This can be done a post compilation step, before packaging. However many users also find it convenient to let EMMA process their jars directly (either in place, using overwrite mode, or by creating separate instrumented copies of everything, fullcopy mode.
  • do your J2EE packaging as normal, but do not include emma.jar as a lib at this level, that is, within your .war, .ear, etc;
  • locate whichever JRE is used by the container and copy emma.jar into its <jre dir>/lib/ext directory. If that is impossible, add emma.jar to the server classpath (in a server-specific way);
  • deploy your instrumented classes, .jars, .wars, .ears, etc and exercise/test your J2EE application via your client-side testcases or interactively or whichever way you do it;
  • to get a coverage dump file, you have three options described. It is highly recommended that you use coverage.get  control command with the ctl tool available in v2.1.

Notes:

Reference:
http://emma.sourceforge.net/faq.html#q.runtime.appservers
http://emma.sourceforge.net/reference/ch02s03.html#tool-ref.instr.outmodes

Emma Integration with other tools

Emma Integration with Sonar
Emma Integration with Hudson
Emma Integration with CruiseControl

jar instrumentation using Emma

http://primates.ximian.com/~flucifredi/emma-HOWTO.html
http://emma.sourceforge.net/reference/ch02s03.html#tool-ref.instr.outmodes
http://primates.ximian.com/~flucifredi/emma-HOWTO.html
http://groovy.329449.n5.nabble.com/EMMA-Code-Coverage-has-problem-with-Groovy-classes-td360560.html

Tagged : / / / / / / / / / /

List of Free Issue Tracking / Bug Tracking System

by scmgalaxy Kssue-Bug Tracking SystemLeave a Comment on List of Free Issue Tracking / Bug Tracking System

free-issue-tracking-bug-tracking-system

An issue tracking system (also called trouble ticket system or incident ticket system) is a computer software package that manages and maintains lists of issues, as needed by an organization. Issue tracking systems are commonly used in an organization’s customer support call center to create, update, and resolve reported customer issues, or even issues reported by that organization’s other employees. An issue tracking system often also contains a knowledge base containing information on each customer, resolutions to common problems, and other such data. An issue tracking system is similar to a “bugtracker”, and often, a software company will sell both, and some bugtrackers are capable of being used as an issue tracking system, and vice versa.

A

aDefHelpDesk
An open source DotNetNuke based help desk module.

Asset Tracker
Create multiple asset databases containing any information you wish to keep track of. Some examples: put all your IT infrastructure into the database, or if you are a building manager, put all your facilities equipment in the database. Can also integrate with other systems via plugins.

Astres
A PHP based help desk tool, translations in English and French.

B

Bartley Helpdesk
a light weight helpdesk for small to medium size IT departments, includes inventory management.

BATTS
Open source help desk software, designed for use from a Linux/Unix command line. Includes a full featured email interface for customers.

Big Help
A help desk portal built with Ruby on Rails.

BugTracker.NET
BugTracker.NET is an open source, web based bug or issue tracker written using ASP.NET, C#, and Microsoft SQL Server/MSDE. Includes a screen capture utility that allows you to capture a screenshot, annotate it, and post it, with just a few clicks.

Bugzilla
A Perl based software bug tracking system which can also be used for help desk support. Used by the Mozilla Foundation, creators of FireFox.

D

DITrack
Software bug and ticket system designed to use Subversion as it’s backend database. Currently there is only a command line interface.

Double Choco Latte
A GNU Enterprise package that handles both call tracking and project management. It can be displayed inside of a phpGroupWare installation or be used stand-alone.

E

eTicket Support
eTicket is a PHP-based electronic support ticket system.

Eventum
An open source help desk software package from the creators of the MySQL database. PHP based and of course uses MySQL for it’s database.

F

Flyspray

H

Help Desk Lite
Very simple help desk software package for basic issue tracking. It provides two major functions, service ticket tracking and operator assignment.

Help Desk Reloaded
A PHP based help desk software system. Key features include trouble ticket prioritization, multiple customer support technicians, and search.

Helpdesk Issue Manager
Open source helpdesk software tool. Runs on PHP and PostgreSQL.

I

Information Resource Manager
IRM is a PHP based help desk and asset tracker designed for IT departments.

Information Resource Manager – GLPI Edition
This is the same system as above (IRM), but with some additional enhancements.

IssueTrackerProduct
Zope issue tracker which also handles software bugs. The primary focus is on email communication and request tracking and management.

itracker
Java based open source help desk application with an emphasis on modularity. It’s also provides i18n support.

J

JTrac
A Java based open source issue tracking system.

Jutda Helpdesk
A Django-powered ticket tracking system for small enterprise.

L

Liberum Help Desk
Web based help desk software package written in ASP and VBScript. Microsoft SQL Server or Access is required. Automatic case routing, email updates, and reporting.

M

Mantis
A PHP software bug tracking and issue tracking system.

O

One or Zero
Open source help desk software package optimized for task oriented help desks.

OpenPsa
A full project system where the help desk component is just one aspect. Automatically integrates with Midgard CMS.

OpenCSM
An open source help desk solution with a telephony component.

OS Ticket
OS Ticket is a lightweight ticking system designed to be easy to setup and use. It’s written mostly in PHP.

OTRS
A trouble ticket system to track telephone calls and e-mails. Designed to allow your support, sales, pre-sales, billing, internal IT, and helpdesk to operate in one system. OTRS is open sourced under the GPL and is written in Perl.

P

phpBugTracker
A web-based software bug tracker. The design focuses on separating the presentation, application, and database layers making customization easier.

R

Redmine
Redmine is a flexible project management web application. Written using Ruby on Rails framework, it is cross-platform and cross-database.

Request Tracker
RT is an open source ticket tracking tool. It’s primary interface is email with a web back end for administrators. RT has been under development since 1996.

Roundup
A simple issue tracking system with command line, web and email interfaces. Also includes many other modules such as todo lists and sales lead tracking.

S

Savane
Savane is a Web-based Libre Software hosting system. It includes issue tracking, project member management by roles and individual account maintenance. The issue tracking handles bugs, tasks, support, news and documentation management.

Sinergia
Sinergia is a open source framework for creating customized help desk applications written in C# .NET 3.0. It provides a base on which you can develop your own web based help desk solution.

SiT! Support Incident Tracker
SLA aware support incident tracking system, PHP/MySQL.

Slick Ticket
ASP based ticket system with support for SQL Server and Active Directory.

Subissue
Uses the Subversion version control system to store issues within your software code repository. Uses the subversion client, but a web based interface is in progress.

SugarCRM Open Source
The open source version of it’s commercial counterpart. Mostly a CRM system, but it can also handle light help desk duties.

T

Trac
Minimalistic web based project management and bug tracking tool. Trac also includes wiki functionality. Written in Python.

Trouble Ticket Express
Web based CGI help desk system. Both MySQL and Microsoft SQL Server supported.

Z

Tagged : / / / / / / / / / / / / / / / / / / /