Spelling suggestions: "subject:"dependency managemement"" "subject:"dependency managementment""
1 |
An Impact Assessment and Dependency Management Framework for BPMChristie, Adrian Troy 07 June 2019 (has links)
Business Process Management (BPM) is a relatively new development paradigm that takes a high-level approach to coding by leveraging a graphical, “flow chart” aesthetic that allows users to assemble modular tasks into a larger process. The resulting diagrams effectively enshrine the organizations processes into an executable model that provides an objective and transparent view of the process and the activities contained within. In doing so, BPM models serve as both a system to guide employees through proper business procedures as well as documentation of the businesses processes.
Similar to most other software development environments, BPM development platforms possess several features intended to address the needs of code versioning, dependency management and impact assessment. However, due to the unique way that development is done in BPM platforms, the more traditional functionality of these features sometimes renders them ineffective and ill suited to the task of BPM development. Changes to lower level reusable components in these BPM models can result in impacts to diverse processes across an organization that are difficult to predict and onerous to locate.
There is much room for improvement in BPM development tools. This thesis proposes a new framework for dependency management and impact assessment to improve the usability, effectiveness and efficiency. The framework is composed of a Business Process Component Architecture, a Dependency Data Model and an Upgrade Algorithm which are all used to provide increased visibility over dependent processes and superior guidance during upgrade operations.
Several example case scenarios are be used to evaluate our proposed framework. The cases represent progressive degrees of complexity to test the capabilities and robustness of the framework. Overall, the framework was able to appropriately handle the case examples used and showed promise in terms of providing practical effort, time and cost savings for BPM developers. The framework can also provide developers assistance in locating circular dependencies, but is subject to the same limitations as developers when attempting to upgrade these relationships.
|
2 |
Libviews - uma ferramenta web para visualização de bibliotecas e suas dependências em sistemas de informação / Libviews - a web application for visualization of software projects and their dependenciesFerrarezi, Juliana Cassiano [UNESP] 30 January 2017 (has links)
Submitted by Juliana Cassiano Ferrarezi null (juliana.ferrarezi@fc.unesp.br) on 2017-02-21T19:58:33Z
No. of bitstreams: 1
dissertacao.pdf: 4721300 bytes, checksum: aa217c83d703c5b25017bc890d505b4f (MD5) / Approved for entry into archive by Juliano Benedito Ferreira (julianoferreira@reitoria.unesp.br) on 2017-02-24T19:07:35Z (GMT) No. of bitstreams: 1
ferrarezi_jc_me_sjrp.pdf: 4721300 bytes, checksum: aa217c83d703c5b25017bc890d505b4f (MD5) / Made available in DSpace on 2017-02-24T19:07:35Z (GMT). No. of bitstreams: 1
ferrarezi_jc_me_sjrp.pdf: 4721300 bytes, checksum: aa217c83d703c5b25017bc890d505b4f (MD5)
Previous issue date: 2017-01-30 / Bibliotecas de software são importantes e comumente usadas por permitir que os desenvolvedores utilizem funções básicas já implementadas e se concentrem em atividades complexas relacionadas diretamente às regras de negócio do software em desenvolvimento. Além do que, a disponibilização de bibliotecas na internet facilita sua utilização em larga escala. No entanto, pode haver problemas no desenvolvimento de software quanto a utilização de várias bibliotecas desenvolvidas por terceiros, uma vez que são projetos independentes que funcionarão em conjunto. Este trabalho apresenta o LibViews, um software que, por meio de técnicas de Visualização da Informação, disponibiliza uma representação gráfica de projetos de software e as bibliotecas que eles utilizam. A ferramenta apresentada também possibilita a análise de cada biblioteca utilizada através de métricas que permitem analisar a evolução de bibliotecas. O LibViews foi desenvolvido para proporcionar uma melhor compreensão das bibliotecas e
suas versões, bem como a utilização de bibliotecas em projetos de software. Dessa forma, o software permite o entendimento das dependências do software, ou seja, bibliotecas de terceiros utilizadas que interferem diretamente no funcionamento do software. Pode-se afirmar, portanto, que o LibViews ajuda no planejamento, desenvolvimento e manutenção de projetos, permitindo a descoberta de informações até então desconhecidas. Como exemplo, o LibViews foi aplicado em um projeto de software administrativo de uma universidade, comprovando os benefícios de sua utilização para compreender a relação entre o projeto de software e suas dependências. / Software libraries are important and commonly used for allowing developers to use basic functions already implemented and to focus on complex activities directly related to the business rules of the software being developed. In addition, the availability of libraries on the Internet facilitates their mass use. However, there may be problems in software development regarding the use of various libraries developed by third parties, since they are independent projects that will work together. This work presents the LibViews, a software for visualization of software projects and their dependencies; And analysis of each library used through metrics that allow to analyze the evolution of libraries. LibViews was developed to provide a better understanding of libraries and their versions, as well as the use of libraries in software projects. Thus, the
software allows the understanding of the software’s dependencies, that is, third-party libraries used that interfere directly in the operation of the software. LibViews, therefore, can assist in the planning, development, and maintenance of projects, allowing the discovery of previously unknown information. As a use case, LibViews has been applied in a university administrative software project, proving the gains from its use to understand the relationship between the software project and its dependencies.
|
3 |
Exploring methods for dependency management in multi-repositories : Design science research at Saab Training and simulationPersson, Oskar, Svensson, Samuel January 2021 (has links)
Dependency problems for developers are like sneezing for people with pollen allergies during the spring, an everyday problem. This is especially true when working in multi-repositories. The dependency problems that occur do so as a byproduct of enabling developers to work on different components of a project in smaller teams, where everything is version controlled.Nearly all developers use version control systems, such as Git, Mercurial, or Subversion. While version control systems have helped developers for nearly 40 years and are constantly getting updated, there are still functionalities that do not exist. One example of that is having a good way of managing dependencies and allowing developers to download projects without having to handle dependency problems manually. The solutions that version control systems offer to help manage dependencies (e.g., Git’s submodules or Mercurial’s subrepositories), do not enable developers a fail-safe download or build the project if it contains dependency problems.In this study, a case study was conducted at Saab Training and Simulation to explore methods for dependency management as well as discuss and highlight some of the problems that emerge when working with dependencies in multi-repositories.An argument can be made that the functionality of dependency management systems, both package managers and version control systems’ solutions are not up to date on how dependencies are used in the development, during this time.In this paper, a novel approach to dependency management is introduced with the possibility to describe the dependencies dynamically by providing the utility to describes usages of a repository (such as simulation of hardware or the main project). As well as discussing the necessary functionalities that are required to handle such a system.By re-opening the dialog about dependency management as well as describing problems that arise in such environments, the goal is to inspire further research within these areas.
|
4 |
Supplementing Dependabot’svulnerability scanning : A Custom Pipeline for Tracing DependencyUsage in JavaScript ProjectsKarlsson, Isak, Ljungberg, David January 2024 (has links)
Software systems are becoming increasingly complex, with developers frequentlyutilizing numerous dependencies. In this landscape, accurate tracking and understanding of dependencies within JavaScript and TypeScript codebases are vital formaintaining software security and quality. However, there exists a gap in how existing vulnerability scanning tools, such as Dependabot, convey information aboutthe usage of these dependencies. This study addresses the problem of providing amore comprehensive dependency usage overview, a topic critical to aiding developers in securing their software systems. To bridge this gap, a custom pipeline wasimplemented to supplement Dependabot, extracting the dependencies identified asvulnerable and providing specific information about their usage within a repository.The results highlight the pros and cons of this approach, showing an improvement inthe understanding of dependency usage. The effort opens a pathway towards moresecure software systems.
|
5 |
Managing high data availability in dynamic distributed derived data management system (D4M) under ChurnMirza, Ahmed Kamal January 2012 (has links)
The popularity of decentralized systems is increasing day by day. These decentralized systems are preferable to centralized systems for many reasons, specifically they are more reliable and more resource efficient. Decentralized systems are more effective in the area of information management in the case when the data is distributed across multiple peers and maintained in a synchronized manner. This data synchronization is the main requirement for information management systems deployed in a decentralized environment, especially when data/information is needed for monitoring purposes or some dependent data artifacts rely upon this data. In order to ensure a consistent and cohesive synchronization of dependent/derived data in a decentralized environment, a dependency management system is needed. In a dependency management system, when one chunk of data relies on another piece of data, the resulting derived data artifacts can use a decentralized systems approach but must consider several critical issues, such as how the system behaves if any peer goes down, how the dependent data can be recalculated, and how the data which was stored on a failed peer can be recovered. In case of a churn (resulting from failing peers), how does the system adapt the transmission of data artifacts with respect to their access patterns and how does the system provide consistency management? The major focus of this thesis was to addresses the churn behavior issues and to suggest and evaluate potential solutions while ensuring a load balanced network, within the scope of a dependency information management system running in a decentralized network. Additionally, in peer-to-peer (P2P) algorithms, it is a very common assumption that all peers in the network have similar resources and capacities which is not true in real world networks. The peer‟s characteristics can be quite different in actual P2P systems; as the peers may differ in available bandwidth, CPU load, available storage space, stability, etc. As a consequence, peers having low capacities are forced to handle the same computational load which the high capacity peers handle, resulting in poor overall system performance. In order to handle this situation, the concept of utility based replication is introduced in this thesis to avoid the assumption of peer equality, enabling efficient operation even in heterogeneous environments where the peers have different configurations. In addition, the proposed protocol assures a load balanced network while meeting the requirement for high data availability, thus keeping the distributed dependent data consistent and cohesive across the network. Furthermore, an implementation and evaluation in the PeerfactSim.KOM P2P simulator of an integrated dependency management framework, D4M, was done. In order to benchmark the implementation of proposed protocol, the performance and fairness tests were examined. A conclusion is that the proposed solution adds little overhead to the management of the data availability in a distributed data management systems despite using a heterogeneous P2P environment. Additionally, the results show that the various P2P clusters can be introduced in the network based on peer‟s capabilities. / Populariteten av decentraliserade system ökar varje dag. Dessa decentraliserade system är att föredra framför centraliserade system för många anledningar, speciellt de är mer säkra och mer resurseffektiv. Decentraliserade system är mer effektiva inom informationshantering i fall när data delas ut över flera Peers och underhållas på ett synkroniserat sätt. Dessa data synkronisering är huvudkravet för informationshantering som utplacerade i en decentraliserad miljö, särskilt när data / information behövs för att kontrollera eller några beroende artefakter uppgifter lita på dessa data. För att säkerställa en konsistent och härstammar synkronisering av beroende / härledd data i en decentraliserad miljö, är ett beroende ledningssystem behövs. I ett beroende ledningssystem, när en bit av data som beror på en annan bit av data, kan de resulterande erhållna uppgifterna artefakter använd decentraliserad system approach, men måste tänka på flera viktiga frågor, såsom hur systemet fungerar om någon peer går ner, hur beroende data kan omräknas, och hur de data som lagrats på en felaktig peer kan återvinnas. I fall av churn (på grund av brist Peers), hur systemet anpassar sändning av data artefakter med avseende på deras tillgång mönster och hur systemet ger konsistens förvaltning? Den viktigaste fokus för denna avhandling var att behandlas churn beteende frågor och föreslå och bedöma möjliga lösningar samtidigt som en belastning välbalanserat nätverk, inom ramen för ett beroende information management system som kör i ett decentraliserade nätverket. Dessutom, i peerto- peer (P2P) algoritmer, är det en mycket vanlig uppfattning att alla Peers i nätverket har liknande resurser och kapacitet vilket inte är sant i verkliga nätverk. Peer egenskaper kan vara ganska olika i verkliga P2P system, som de Peers kan skilja sig tillgänglig bandbredd, CPU tillgängligt lagringsutrymme, stabilitet, etc. Som en följd, är peers har låg kapacitet tvingade att hantera sammaberäkningsbelastningen som har hög kapacitet peer hanterar vilket resulterar i dåligsystemets totala prestanda. För att hantera den här situationen, är begreppet verktygetbaserad replikering införs i denna uppsats att undvika antagandet om peer jämlikhet, så att effektiv drift även i heterogena miljöer där Peers har olika konfigurationer. Dessutom säkerställer det föreslagna protokollet en belastning välbalanserat nätverk med iakttagande kraven på hög tillgänglighet och därför hålla distribuerade beroende datakonsekvent och kohesiv över nätverket. Vidare ett genomförande och utvärdering iPeerfactSim.KOM P2P simulatorn av en integrerad beroende förvaltningsram, D4M, var gjort[.] De prestandatester och tester rättvisa undersöktes för att riktmärka genomförandet avföreslagna protokollet. En slutsats är att den föreslagna lösningen tillagt lite overhead för förvaltningen av tillgången till uppgifterna inom ett distribuerade system för datahantering, trots med användning av en heterogen P2P miljö. Dessutom visar resultaten att de olikaP2P-kluster kan införas i nätverket baserat på peer-möjligheter.
|
6 |
Identificação e visualização de dependências em sistemas de software orientados a objetos / Identification and Visualization of Dependencies in Object-Oriented Software SystemsOliva, Gustavo Ansaldi 22 September 2011 (has links)
Degradação do design é um problema central investigado na área de evolução de software. A densa rede de interdependências que emerge entre classes e módulos ao longo do tempo resulta em código difícil de mudar, não reutilizável e que não comunica por si só sua intenção. Dentre outros motivos, designs degradam porque requisitos mudam de maneiras não antecipadas pelo design inicial, ou seja, as modificações no código introduzem dependências novas e não planejadas entre classes e módulos do sistema. A gerência de dependências visa reduzir a degradação do design por meio de uma série de mecanismos que auxiliam na administração da complexidade estrutural inerente de sistemas orientados a objetos. Neste trabalho, investigamos as técnicas de identificação de dependências estruturais e lógicas. Em particular, por meio de um estudo de larga escala, comparamos os conjuntos desses dois tipos de dependências. Em seguida, conduzimos um estudo de caso a fim de identificar as origens de dependências lógicas. Por fim, fazemos um levantamento das técnicas de visualização de dependências e mostramos a ferramenta XFlow. / Design degradation is a central problem investigated in the area of software evolution. The dense web of interdependencies that emerges among classes and modules over time results in code that is hard to change, not reusable and that does not communicate its intention. Among other reasons, designs degrade because requirements changes in ways that were not anticipated by the initial design, i.e. the changes in code introduce new and unplanned dependencies among classes and modules of the system. Dependency management aims to reduce design degradation by means of a series of mechanisms that helps in the management of the inherent structural complexity of object oriented systems. In this work, we investigate structural and logical dependencies identification techniques. In particular, by means of a large scale study, we compare the sets of these two kinds of dependencies. Afterwards, we conduct a case study in order to uncover the origins of logical dependencies. Finally, we survey dependency visualization techniques and present the XFlow tool.
|
7 |
Identificação e visualização de dependências em sistemas de software orientados a objetos / Identification and Visualization of Dependencies in Object-Oriented Software SystemsGustavo Ansaldi Oliva 22 September 2011 (has links)
Degradação do design é um problema central investigado na área de evolução de software. A densa rede de interdependências que emerge entre classes e módulos ao longo do tempo resulta em código difícil de mudar, não reutilizável e que não comunica por si só sua intenção. Dentre outros motivos, designs degradam porque requisitos mudam de maneiras não antecipadas pelo design inicial, ou seja, as modificações no código introduzem dependências novas e não planejadas entre classes e módulos do sistema. A gerência de dependências visa reduzir a degradação do design por meio de uma série de mecanismos que auxiliam na administração da complexidade estrutural inerente de sistemas orientados a objetos. Neste trabalho, investigamos as técnicas de identificação de dependências estruturais e lógicas. Em particular, por meio de um estudo de larga escala, comparamos os conjuntos desses dois tipos de dependências. Em seguida, conduzimos um estudo de caso a fim de identificar as origens de dependências lógicas. Por fim, fazemos um levantamento das técnicas de visualização de dependências e mostramos a ferramenta XFlow. / Design degradation is a central problem investigated in the area of software evolution. The dense web of interdependencies that emerges among classes and modules over time results in code that is hard to change, not reusable and that does not communicate its intention. Among other reasons, designs degrade because requirements changes in ways that were not anticipated by the initial design, i.e. the changes in code introduce new and unplanned dependencies among classes and modules of the system. Dependency management aims to reduce design degradation by means of a series of mechanisms that helps in the management of the inherent structural complexity of object oriented systems. In this work, we investigate structural and logical dependencies identification techniques. In particular, by means of a large scale study, we compare the sets of these two kinds of dependencies. Afterwards, we conduct a case study in order to uncover the origins of logical dependencies. Finally, we survey dependency visualization techniques and present the XFlow tool.
|
8 |
Towards Understanding and Securing the OSS Supply ChainVu Duc, Ly 14 March 2022 (has links)
Free and Open-Source Software (FOSS) has become an integral part of the
software supply chain in the past decade. Various entities (automated tools
and humans) are involved at different stages of the software supply chain.
Some actions that occur in the chain may result in vulnerabilities or malicious
code injected in a published artifact distributed in a package repository.
At the end of the software supply chain, developers or end-users may consume
the resulting artifacts altered in transit, including benign and malicious
injection.
This dissertation starts from the first link in the software supply chain,
‘developers’. Since many developers do not update their vulnerable software
libraries, thus exposing the user of their code to security risks. To understand
how they choose, manage and update the libraries, packages, and other
Open-Source Software (OSS) that become the building blocks of companies’
completed products consumed by end-users, twenty-five semi-structured interviews
were conducted with developers of both large and small-medium enterprises
in nine countries. All interviews were transcribed, coded, and analyzed
according to applied thematic analysis.
Although there are many observations about developers’ attitudes on selecting
dependencies for their projects, additional quantitative work is needed
to validate whether behavior matches or whether there is a gap. Therefore,
we provide an extensive empirical analysis of twelve quality and popularity
factors that should explain the corresponding popularity (adoption) of PyPI
packages was conducted using our tool called py2src.
At the end of the software supply chain, software libraries (or packages)
are usually downloaded directly from the package registries via package dependency
management systems under the comfortable assumption that no discrepancies are introduced in the last mile between the source code and
their respective packages. However, such discrepancies might be introduced
by manual or automated build tools (e.g., metadata, Python bytecode files)
or for evil purposes (malicious code injects). To identify differences between
the published Python packages in PyPI and the source code stored on Github,
we developed a new approach called LastPyMile . Our approach has been
shown to be promising to integrate within the current package dependency
management systems or company workflow for vetting packages at a minimal
cost.
With the ever-increasing numbers of software bugs and security vulnerabilities,
the burden of secure software supply chain management on developers
and project owners increases. Although automated program repair approaches
promise to reduce the burden of bug-fixing tasks by suggesting likely correct
patches for software bugs, little is known about the practical aspects of using
APR tools, such as how long one should wait for a tool to generate a bug fix.
To provide a realistic evaluation of five state-of-the-art APR tools, 221 bugs
from 44 open-source Java projects were run within a reasonable developers’
time and effort.
|
9 |
RefStratERP – A Refactoring Strategy for ERP SystemsPetkovic, Nikola January 2017 (has links)
Enterprise Resource Planning (ERP) systems are used to integrate all functions of an enterprise. They often evolve from a smaller monolithic object-oriented application, covering one functional area and organically grow over time in features and size until all functional areas are covered. Once they reach certain size, unrestricted dependencies among numerous classes increase complexity of the system and make it harder for development team to create new features and maintain code stability. This creates problems to further evolution of the ERP system and poses a risk to economic consequences for company developing it. ERP refactoring strategy, together with process of its creation, is presented in this thesis. It can be used with ERP systems, having architectural issues, with a purpose to improve quality of system’s architecture and thus prolong its lifecycle. The goal of modularizing monolithic system it pursued with intention to reduce complexity and make it easier to reason about the system. This architecture-level refactoring strategy is created for one specific medium-sized ERP system through iterative trial-and-error explorative approach. This thesis is carried out at the main development site for this ERP system by project team consisting of employees working on its development. The result shows the RefStratERP, an innovative refactoring strategy consisting of target architecture, refactoring process to reach it, refactoring principles and refactoring limitations. Contrary to initial expectation, arranging domain modules (modules containing business logic) in directed acyclic graph (DAG) is, in general, not feasible without sacrificing internal module cohesion of business logic. Accidental unidirectional dependency between two domain modules is at risk of becoming bidirectional under changing business requirements. On the other hand, non-domain modules (modules without business logic) could be completely separated from domain modules in a way that domain modules depend on non-domain modules. This comes from underlying nature of business domain and the fact that functional areas of an enterprise are interdependent. / Enterprise Resource Planning-system (ERP) används för att integrera alla funktioner inom ett företag. Oftast utvecklas dem från en mindre monolitisk objektorienterad applikation som täcker ett funktionellt område och växer organiskt över tiden i funktioner och storlek tills alla funktionella områden är täckta. När dem når en viss storlek ökar komplexiteten i systemet vilket gör det svårare fär utvecklingsteamet att skapa nya funktioner och hålla kodstabilitet. Detta skapar problem för fortsatt utveckling av ERP-systemet och utgör en risk för ekonomiska konsekvenser för utvecklingsföretaget. ERP refactoringstrategin, tillsammans med processen med att skapa den, presenteras i denna avhandling. Den kan användas med ERP-system, med arkitektoniska problem, med syfte att förbättra kvaliteten hos systemets arkitektur och därigenom förlänga dess livscykel. Målet att modularisera monolitiska system strävas efter i syfte att minska komplexiteten och göra det lättare att resonera kring systemet. En refaktorstrategi på arkitektnivå skapas för ett specifikt medelstort ERP-system genom en iterativ och försök-och-mistag-explorativ metod. Projektet genomfördes på ERPs huvudutvecklingsplats av ett projektteam bestående av anställda inom ERP utveckling. Resultatet visar RefStratERP, en innovativ refaktorstrategi som består av målarkitektur, refactoringprocess för att nå det, refactoringprinciper och refactoringbegränsningar. I motsats till inledande förväntningar är det i allmänhet inte möjligt att ordna domänmoduler (moduler som innehåller affärslogik) i en riktad acyklisk graf (DAG) utan att påverka interna modulsammanhang (cohesion) i affärslogiken. Oavsiktlig enriktad beroende mellan två domänmoduler riskerar att bli dubbelriktad under förändrade affärsbehov. Å andra sidan kan icke-domänmoduler (moduler utan affärslogik) helt separeras från domänmoduler så att domänmoduler beror på icke-domänmoduler. Detta kommer från underliggande egenskaper av affärsområden och det faktum att verksamhetsområden inom ett företag är beroende av varandra.
|
Page generated in 0.0946 seconds