Exploring methods for dependency management in multi-repositories : Design science research at Saab Training and simulation

Persson, Oskar, Svensson, Samuel

January 2021

Dependency problems for developers are like sneezing for people with pollen allergies during the spring, an everyday problem. This is especially true when working in multi-repositories. The dependency problems that occur do so as a byproduct of enabling developers to work on different components of a project in smaller teams, where everything is version controlled.Nearly all developers use version control systems, such as Git, Mercurial, or Subversion. While version control systems have helped developers for nearly 40 years and are constantly getting updated, there are still functionalities that do not exist. One example of that is having a good way of managing dependencies and allowing developers to download projects without having to handle dependency problems manually. The solutions that version control systems offer to help manage dependencies (e.g., Git’s submodules or Mercurial’s subrepositories), do not enable developers a fail-safe download or build the project if it contains dependency problems.In this study, a case study was conducted at Saab Training and Simulation to explore methods for dependency management as well as discuss and highlight some of the problems that emerge when working with dependencies in multi-repositories.An argument can be made that the functionality of dependency management systems, both package managers and version control systems’ solutions are not up to date on how dependencies are used in the development, during this time.In this paper, a novel approach to dependency management is introduced with the possibility to describe the dependencies dynamically by providing the utility to describes usages of a repository (such as simulation of hardware or the main project). As well as discussing the necessary functionalities that are required to handle such a system.By re-opening the dialog about dependency management as well as describing problems that arise in such environments, the goal is to inspire further research within these areas.

dependency management

dependency problems

dependency conflicts

dependency hell

version control systems

git

mercurial

subversion

Computer Systems

Datorsystem

Distributed collaboration on RDF datasets using Git

Arndt, Natanael, Radtke, Norman, Martin, Michael

23 June 2017

Collaboration is one of the most important topics regarding the evolution of the World Wide Web and thus also for the Web of Data. In scenarios of distributed collaboration on datasets it is necessary to provide support for multiple different versions of datasets to exist simultaneously, while also providing support for merging diverged datasets. In this paper we present an approach that uses SPARQL 1.1 in combination with the version control system Git, that creates commits for all changes applied to an RDF dataset containing multiple named graphs. Further the operations provided by Git are used to distribute the commits among collaborators and merge diverged versions of the dataset. We show the advantages of (public) Git repositories for RDF datasets and how this represents a way to collaborate on RDF data and consume it. With SPARQL 1.1 and Git in combination, users are given several opportunities to participate in the evolution of RDF data.

info:eu-repo/classification/ddc/000

ddc:000

Discretionary Version Control : Access Control for Versionable Documents / Diskretionär versionshantering : Accesskontroll för versionshanterade dokument

Hermansson, Rickard, Hellström, Johan

January 2014

A common problem in the workplace is sharing digital documents with coworkers. Forsome companies the problem extends to wanting the documentskept internally backedup and controlling which people in the company has rights to read and revise certaindocuments.This paper shows different systems and models for access control, version control,and distribution of the documents that can be used to create asystem that solves theseproblems.One requirement for this system was a user interface where users can upload, down-load and manage access to their documents. Another requirement was a service thathandles version control for the documents, and a way to quickly connect and distributethe documents. The system also needed to be able to handle access control of the ver-sioned documents on document level, referred to as "fine grained access control" in thispaper.These models and systems were evaluated based on aspects of the access control mod-els, version control systems, and distribution systems andprotocols. After evaluating,appropriate selections were made to create a prototype to test the system as a whole.The prototype ended up meeting the goals that Nordicstationset for the project butonly with basic functionality. Functionality for retrieving any version from a docu-ments history, controlling access for the documents at document level, and a simpleweb based user interface for managing the documents. / Att enkelt dela dokument med arbetskollegor är något alla företag har ett behov utav.Ofta är dessa dokument interna och skall hållas inom företaget. Även inom företagetkan det finnas behov av att styra vem som har rätt att läsa ellerrevidera dokumenten.Denna examensarbetesrapport beskriver olika tekniker ochmodeller för accesskon-troll, versionshantering och distribution som kan användas för att implementera ettsystem som kan lösa de nämnda problemen.Ett av kraven för systemet var ett användargränssnitt där användare kan ladda upp ochned sina dokument. Ytterligare krav var att systemet skulleversionshantera dokumenetenoch att användare skall kunna komma åt de olika versionerna.Systemet skulle ocksåkunna hantera åtkomstkontroll på dokumentnivå, något denna examensrapport definerarsom "fine grained access control".För att designa ett sådant system så utredes och utvärderades olika tekniker kringåtkomstkontroll och versionshantering samt distributionav dokumenten. För att testasystemet så utvecklads en prototyp baserad på de valda lösningsmetoderna.Den resulterande prototypen uppfyllde de mål som Nordicstation satte för projektet,dock endast med grundläggande funktionalitet. Stöd för atthämta olika versioner avdokument, kontrollera access till dokumentet nere på dokument nivå och ett webbaseratgränssnitt för att administrera dokumenten.

Version control

access control

content management

docu ment control

java content repository

webDAV

document sharing

Computer Engineering

Datorteknik

Discretionary Version Control : Access Control for Versionable Documents / Diskretionär versionshantering : Accesskontroll för versionshanterade dokument

Hermansson, Rickard, Hellström, Johan

January 2014

A common problem in the workplace is sharing digital documents with coworkers. Forsome companies the problem extends to wanting the documentskept internally backedup and controlling which people in the company has rights to read and revise certaindocuments.This paper shows different systems and models for access control, version control,and distribution of the documents that can be used to create asystem that solves theseproblems.One requirement for this system was a user interface where users can upload, down-load and manage access to their documents. Another requirement was a service thathandles version control for the documents, and a way to quickly connect and distributethe documents. The system also needed to be able to handle access control of the ver-sioned documents on document level, referred to as "fine grained access control" in thispaper.These models and systems were evaluated based on aspects of the access control mod-els, version control systems, and distribution systems andprotocols. After evaluating,appropriate selections were made to create a prototype to test the system as a whole.The prototype ended up meeting the goals that Nordicstationset for the project butonly with basic functionality. Functionality for retrieving any version from a docu-ments history, controlling access for the documents at document level, and a simpleweb based user interface for managing the documents. / Att enkelt dela dokument med arbetskollegor är något alla företag har ett behov utav.Ofta är dessa dokument interna och skall hållas inom företaget. Även inom företagetkan det finnas behov av att styra vem som har rätt att läsa ellerrevidera dokumenten.Denna examensarbetesrapport beskriver olika tekniker ochmodeller för accesskon-troll, versionshantering och distribution som kan användas för att implementera ettsystem som kan lösa de nämnda problemen.Ett av kraven för systemet var ett användargränssnitt där användare kan ladda upp ochned sina dokument. Ytterligare krav var att systemet skulleversionshantera dokumenetenoch att användare skall kunna komma åt de olika versionerna.Systemet skulle ocksåkunna hantera åtkomstkontroll på dokumentnivå, något denna examensrapport definerarsom "fine grained access control".För att designa ett sådant system så utredes och utvärderades olika tekniker kringåtkomstkontroll och versionshantering samt distributionav dokumenten. För att testasystemet så utvecklads en prototyp baserad på de valda lösningsmetoderna.Den resulterande prototypen uppfyllde de mål som Nordicstation satte för projektet,dock endast med grundläggande funktionalitet. Stöd för atthämta olika versioner avdokument, kontrollera access till dokumentet nere på dokument nivå och ett webbaseratgränssnitt för att administrera dokumenten.

Version control

access control

content management

docu ment control

java content repository

webDAV

document sharing

Computer Engineering

Datorteknik

Jazykové verze webu / Language Version of Web

Laga, Ondřej

January 2008

This thesis concerns a dilemma of multi-lingual web applications. The document describes some general solutions while suggesting such applications, however first of all it is aimed for information system VUT and its enlargement for translation administration. The text contains structural description of this system and instruments used during its development, but especially it defines system requirements of programming engineers and translators, describes and evaluates new language versions solution and there are possibilities of contingent extensions considered at the conclusion of my thesis.

Securing Data in a Cloud Environment: Access Control, Encryption, and Immutability / Säkerhetshantering av data som överförs genom molnbaserade tjänster: åtkomstkontroll, kryptering och omutlighet

Al Khateeb, Ahmad, Summaq, Abdulrazzaq

January 2023

The amount of data and the development of new technologies used by all society-critical organizations are increasing dramatically. In parallel, data breaches, cyber-attacks, and their devastating consequences are also on the rise, as well as the number of individuals and organizations that are potential targets for such attacks. This places higher demands on security in terms of protecting data against cyber-attacks and controlling access to data that authenticated users want to access. The paper focuses on studying concepts of secure data practices in a GitLab-based cloud environment. The objective is to give answers to questions such as how to ensure the guarantee of secure data and protect it from unauthorized access and changes. The work behind this thesis includes exploring techniques for access control, data encryption, and data immutability. The study is followed by an implementation project that includes fetching code from GitLab verifying user identity and access control, managing data access, and displaying the results. The results of the thesis demonstrate the effectiveness of the implemented security measures in protecting data and controlling access. / Mängden av data och utvecklingen av banbrytande teknologier som idag används av alla samhällsbärande organisationer ökar drastiskt. I samma takt ökar dataintrång, cyberattacker och dess förödande konsekvenser samt antalet personer och organisationer som utgör potentiella offer för sådana typer av attacker. Detta ställer högre krav på säkerheten när det gäller att skydda data mot cyberattacker, men även att kontrollera åtkomsten till data som autentiserade användare vill komma åt. Rapporten fokuserar på att studera hur data säkras i GitLab-baserade molnsystem. Syftet med detta arbete är att ge svar på frågeställningar som till exempel att lova säker åtkomst och skydd för data från obehörig åtkomst och ändringar. Arbetet bakom detta projekt inkluderade undersökning av tekniker som används inom accesskontroll, datakryptering och data-omutlighet. Studien resulterade i en implementation som möjliggör att hämta signerade ändringar (Commits) från GitLab, verifiera användaridentiteten och åtkomstbehörighet, hantera dataåtkomst samt presentera resultaten. Resultaten av detta examensarbete demonstrerar effektiviteten av den implementerade säkerhetsteknikerna i att skydda data och kontrollera access.

Access Control

Authorization

Keycloak

GPG Keys

Encryption

GitLab

Version Control

Neo4j

Data Security

Computer Sciences

Datavetenskap (datalogi)

A decentralized Git version controlsystem : A proposed architecture and evaluation of decentralized Git using DAG-based distributed ledgers

Habib, Christian, Ayoub, Ilian

January 2022

This thesis proposes an implementation for a decentralized version of the Git version controlsystem. This is achieved using a simple distributed DAG ledger. The thesis analyzeshow the decentralization of Git affects security. Use and misuse cases are used to compareand evaluate conventional Git web services and a decentralized version of Git. Theproposed method for managing the state of the Git project is described as a voting systemwhere participants in a Git project vote on changes to be made. The security evaluationfound that the removal of privileged roles in the Git version control system, mitigated thepossibility of malicious maintainers taking over the project. However, with the introductionof the DAG ledger and the decentralization, the possibility of a malicious actor takingover the network using Sybil attack arises, which in turn could cause the same issues as amalicious maintainer.

Blockchain

Distributed ledger technology

Git

Version control systems

Software Security

Web3

Misuse cases

Computer Sciences

Datavetenskap (datalogi)

Facilitating Development in Software Engineering by Incorporating Version Control Systems into Immersive, Collaborative Virtual Environments

Schendel, Joshua M.

27 April 2009

No description available.

Electrical Engineering

Engineering

version control systems

software engineering

second life

software visualization

subversion

3D environments

VCS

distributed development

Architecting the deployment of cloud-hosted services for guaranteeing multitenancy isolation

Ochei, Laud Charles

January 2017

In recent years, software tools used for Global Software Development (GSD) processes (e.g., continuous integration, version control and bug tracking) are increasingly being deployed in the cloud to serve multiple users. Multitenancy is an important architectural property in cloud computing in which a single instance of an application is used to serve multiple users. There are two key challenges of implementing multitenancy: (i) ensuring isolation either between multiple tenants accessing the service or components designed (or integrated) with the service; and (ii) resolving trade-offs between varying degrees of isolation between tenants or components. The aim of this thesis is to investigate how to architect the deployment of cloud-hosted service while guaranteeing the required degree of multitenancy isolation. Existing approaches for architecting the deployment of cloud-hosted services to serve multiple users have paid little attention to evaluating the effect of the varying degrees of multitenancy isolation on the required performance, resource consumption and access privilege of tenants (or components). Approaches for isolating tenants (or components) are usually implemented at lower layers of the cloud stack and often apply to the entire system and not to individual tenants (or components). This thesis adopts a multimethod research strategy to providing a set of novel approaches for addressing these problems. Firstly, a taxonomy of deployment patterns and a general process, CLIP (CLoud-based Identification process for deployment Patterns) was developed for guiding architects in selecting applicable cloud deployment patterns (together with the supporting technologies) using the taxonomy for deploying services to the cloud. Secondly, an approach named COMITRE (COmponent-based approach to Multitenancy Isolation Through request RE-routing) was developed together with supporting algorithms and then applied to three case studies to empirically evaluate the varying degrees of isolation between tenants enabled by multitenancy patterns for three different cloud-hosted GSD processes, namely-continuous integration, version control, and bug tracking. After that, a synthesis of findings from the three case studies was carried out to provide an explanatory framework and new insights about varying degrees of multitenancy isolation. Thirdly, a model-based decision support system together with four variants of a metaheuristic solution was developed for solving the model to provide an optimal solution for deploying components of a cloud-hosted application with guarantees for multitenancy isolation. By creating and applying the taxonomy, it was learnt that most deployment patterns are related and can be implemented by combining with others, for example, in hybrid deployment scenarios to integrate data residing in multiple clouds. It has been argued that the shared component is better for reducing resource consumption while the dedicated component is better in avoiding performance interference. However, as the experimental results show, there are certain GSD processes where that might not necessarily be so, for example, in version control, where additional copies of the files are created in the repository, thus consuming more disk space. Over time, performance begins to degrade as more time is spent searching across many files on the disk. Extensive performance evaluation of the model-based decision support system showed that the optimal solutions obtained had low variability and percent deviation, and were produced with low computational effort when compared to a given target solution.

004.67

PACCS uma ferramenta para detecção proativa e resolução colaborativa de conflitos de código fonte

Armino, Daniel Bruno

23 March 2016

Submitted by Silvana Teresinha Dornelles Studzinski (sstudzinski) on 2016-06-13T17:33:37Z No. of bitstreams: 1 Daniel Bruno Armino_.pdf: 1677240 bytes, checksum: 278b4e6ed4b8adf54258b557940f77df (MD5) / Made available in DSpace on 2016-06-13T17:33:37Z (GMT). No. of bitstreams: 1 Daniel Bruno Armino_.pdf: 1677240 bytes, checksum: 278b4e6ed4b8adf54258b557940f77df (MD5) Previous issue date: 2016-03-23 / CAPES - Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Em desenvolvimento de software colaborativo, desenvolvedores compartilham código fonte e modificam partes deste código em paralelo, visando aumentar a produtividade. Para isso, times de desenvolvimento, tipicamente globalmente distribuídos, fazem uso de sistemas de controle de versão (SCV), os quais são responsáveis por versionar o código fonte e reconciliar as alterações conflitantes realizadas pelos desenvolvedores em paralelo. Em geral, cada desenvolvedor possui uma cópia local dos arquivos do código fonte do repositório, podendo realizar qualquer tipo modificação e tendo que posteriormente integrar a sua versão local do código fonte com as alteradas pelos outros membros do time de desenvolvimento. O problema é que usualmente os sistemas de controle de versão (por exemplo, GIT e SVN) não dão suporte a detecção antecipada dos conflitos, nem auxiliam os desenvolvedores na resolução dos mesmos. Na prática, um conflito trata-se de alterações divergentes realizadas em um mesmo trecho de código em paralelo por diferentes desenvolvedores. Consequentemente, detectar e resolver conflitos passam a ser duas atividades altamente propensa a erros e que exige bastante esforço do desenvolvedor. Para explorar esta problemática, este trabalho propõe o PACCS, uma ferramenta capaz de: (1) detectar proativamente conflitos; (2) analisar a propagação de conflitos; (3) identificar conflitos sintáticos e semânticos; (4) resolver automaticamente conflitos detectados; (5) apoiar os desenvolvedores na resolução colaborativa dos conflitos; e (6) checar as integrações realizadas e submetidas ao repositório de acordo um conjunto de regras. A ferramenta desenvolvida abordará os requisitos citados anteriormente e possui duas partes: o lado cliente (plugin para o eclipse) e o lado server (gerenciador de alterações entre workspaces). Após a construção da ferramenta será efetuado um comparativo entre desenvolvedores que utilizam a ferramenta versus os que não utilizaram, objetivando aferir as vantagens ou desvantagens da ferramenta. Os resultados demonstraram que (1) ao contrário do que a literatura prega, VCS centralizados tendem produzir um código fonte mais próximo do desejado e (2) a abordagem colaborativa pode ser mais eficiente e necessitar de menos esforço na resolução de conflitos. / In collaborative software development, developers share source code and modify parts of code in parallel, to increase productivity. For this, development teams typically distributed globally, make use of version control systems (VCS), which are responsible for versioning the source code and reconcile conflicting changes made by developers in parallel. Generally, each developer has a local copy of the source code files from the repository, and can perform any modification and having to later join their local version of the source code with the changed by the other members of the development team. The problem is that usually the version control systems (eg, GIT and SVN) do not support early detection of conflicts, or assist developers in solving them. In practice, a conflict it is divergent changes made in one piece of code in parallel by different developers. Consequently, detect and resolve conflicts become two highly prone to errors and activities that require a lot of effort from the developer. To explore this issue, this paper proposes the PACCS, a tool capable of: (1) detect proactively conflicts; (2) to analyze the spread of conflicts; (3) identify syntactic and semantic conflicts; (4) detected automatically resolve conflicts; (5) support developers in collaborative conflict resolution; and (6) check the integrations carried out and submitted to the agreement of a set of rules repository. The developed tool will address the above requirements and has two parts: the client side (plugin for Eclipse) and the server side (change manager between Workspaces). After the construction of the tool will be made a comparison between developers using the tool versus those who did not use, in order to assess the advantages or disadvantages of the tool. The results showed that (1) contrary to the literature preaches, centralized VCS tend to produce a code nearest source of the desired and (2) a collaborative approach can be more efficient and require less effort in resolving conflicts.

Controlador de versão

Conflitos

Repositório

Pró-ativo

Colaboração

Ferramenta

Version control

Conflicts

Repository

Proactive

Colaboration

Tool