Category: Software quality


Cross Site Request Forgery (CSRF)

Defending Against Cross Site Request Forgery   Cross–Site Request Forgery, or CSRF, sometimes pronounced “Sea Surf,” is an alarmingly simple way to perform unauthorized actions on a website. The trick is this: The user is logged into a restricted site or otherwise has authorization to use it. A URL from a hostile site asks the restricted one to take some… Read more →

AngularJS tips

14 tips for developing AngularJS applications

AngularJS is one of the most popular JavaScript frameworks for client-side development. An insight into some AngularJS concepts, such as $scopes, two-way data binding and directives, will bring us some important tips to keep in mind while developing AngularJS applications. AngularJS provides MVC architecture for developing SPA (Single Page Application). Key features are two-way data binding, built-in dependency injection, templates… Read more →


Perform Kiuwan analysis in your ABAP Development Life Cycle

This is the fourth installment of our series on Abap analysis. If you are a new reader, check out previous posts on: 1. ABAP Code Quality & Security Vulnerabilities detection 2. Static analysis for ABAP 3. ABAP: continuous analysis with Kiuwan Chapter 3, ABAP: continuous analysis with Kiuwan, tells us how to run automatically the source code extraction and the Kiuwan analysis,… Read more →


Avoid duplicated code with clone detector

Reusing code is usual in software development, but this practice makes the code less maintainable, besides introducing defects. That’s why we have the Kiuwan Clone detector. As we write an application and this development extends over time, very similar or identical code fragments begin to appear. These fragments are known as ‘clones’. The existence of these clones makes the evolution and maintenance of… Read more →


CIOs vs Technical Debt: A burden for innovation

Technical debt is a euphemism referring to the risk in production and potential rework assumed in software development. Due to rush and other factors, a lack of quality in deployed software developments is allowed. It is normal that resources or quality are limited in every product, but in the business world and in any professional field, the debt must be… Read more →

Rules development for Kiuwan (V): Query API

Once again, we continue our posts series on rules development for KIUWAN. In the last post, we saw the basic functionalities to navigate through the abstract sintax tree (AST): BaseNode, TreeNode, NodeVisitor and NodePredicate; and we also wrote about the two available AST versions:High-Level AST and Low-Level AST. Today, we’ll see the use of another available API for implementing rules: Query API. The com.optimyth.qaking.highlevelapi.dsl.Query class represents… Read more →

Rules development

Rules development (IV): Basic API – navigating through the AST

Let’s continue with our series of posts on rules development for KIUWAN. In a previous post, we explained that the implementation of our rules consisted of a java class that meet certain characteristics, including a visit method where the rule main functionality is made, that is visiting the nodes of the AST object (Abstract Syntax Tree) to retrieve information confirming the existence of a violation… Read more →

Desarrollo de reglas

Rules development (III): debugging custom rules

In previous posts in this series, we introduced the process of creating, executing and implementing custom rules in KIUWAN. Within Rules development series, this post will specifically focus on how a custom rule can be remotely debugged from our favorite IDE. One of the many powerful features in Kiuwan is its ability to execute custom rules. If your Kiuwan account… Read more →

Rules development (II): basis for implementation

In the previous post we introduced the process of rules development, creating custom rules from setting up your development environment to executing our rule in KIUWAN. Now, we begin to see how to implement the rules themselves. We have already explained that, through Kiuwan Rule Developer, we have the option to create new rules, generating two files: the basic structure of the… Read more →