Automated Reporting of Anti-Patterns and Decay in Continuous Integration

Continuous Integration (CI) is a widely-used software engineering practice. The software is continuously built so that changes can be easily integrated and issues such as unmet quality goals or style inconsistencies get detected early. Unfortunately, it is not only hard to introduce CI into an existing project, but it is also challenging to live up to the CI principles when facing tough deadlines or business decisions. Previous work has identified common anti-patterns that reduce the promised benefits of CI. Typically, these anti-patterns slowly creep into a project over time before they are identified. We argue that automated detection can help with early identification and prevent such a process decay. In this work, we further analyze this assumption and survey 124 developers about CI anti-patterns. From the results, we build CI-Odor, a reporting tool for CI processes that detects the existence of four relevant anti-patterns by analyzing regular build logs and repository information. In a study on the 18,474 build logs of 36 popular Java projects, we reveal the presence of 3,823 high-severity warnings spread across projects. We validate our reports in a survey among 13 original developers of these projects and through general feedback from 42 developers that confirm the relevance of our reports

Configuration Smells in Continuous Delivery Pipelines: A Linter and a Six-Month Study on GitLab

An effective and efficient application of Continuous Integration (CI) and Delivery (CD) requires software projects to follow certain principles and good practices. Configuring such a CI/CD pipeline is challenging and error-prone. Therefore, automated linters have been proposed to detect errors in the pipeline. While existing linters identify syntactic errors, detect security vulnerabilities or misuse of the features provided by build servers, they do not support developers that want to prevent common misconfigurations of a CD pipeline that potentially violate CD principles (“CD smells”). To this end, we propose CD-Linter, a semantic linter that can automatically identify four different smells in pipeline configuration files. We have evaluated our approach through a large-scale and long-term study that consists of (i) monitoring 145 issues (opened in as many open-source projects) over a period of 6 months, (ii) manually validating the detection precision and recall on a representative sample of issues, and (iii) assessing the magnitude of the observed smells on 5,312 open-source projects on GitLab. Our results show that CD smells are accepted and fixed by most of the developers and our linter achieves a precision of 87% and a recall of 94%. Those smells can be frequently observed in the wild, as 31% of projects with long configurations are affected by at least one smell

GEANT4 : a simulation toolkit

Abstract Geant4 is a toolkit for simulating the passage of particles through matter. It includes a complete range of functionality including tracking, geometry, physics models and hits. The physics processes offered cover a comprehensive range, including electromagnetic, hadronic and optical processes, a large set of long-lived particles, materials and elements, over a wide energy range starting, in some cases, from 250 eV and extending in others to the TeV energy range. It has been designed and constructed to expose the physics models utilised, to handle complex geometries, and to enable its easy adaptation for optimal use in different sets of applications. The toolkit is the result of a worldwide collaboration of physicists and software engineers. It has been created exploiting software engineering and object-oriented technology and implemented in the C++ programming language. It has been used in applications in particle physics, nuclear physics, accelerator design, space engineering and medical physics. PACS: 07.05.Tp; 13; 2

The automation of next-to-leading order electroweak calculations

We present the key features relevant to the automated computation of all the leading- and next-to-leading order contributions to short-distance cross sections in a mixed-coupling expansion, with special emphasis on the first subleading NLO term in the QCD+EW scenario, commonly referred to as NLO EW corrections. We discuss, in particular, the FKS subtraction in the context of a mixed-coupling expansion; the extension of the FKS subtraction to processes that include final-state tagged particles, defined by means of fragmentation functions; and some properties of the complex mass scheme. We combine the present paper with the release of a new version of MadGraph5_aMC@NLO, capable of dealing with mixed-coupling expansions. We use the code to obtain illustrative inclusive and differential results for the 13-TeV LHC.Comment: 121 pages, 16 figure

Investigation into the use of NMR-based bioinformatics in determining the composition and quality of immune supplements in Australia

The outbreak of the SARS-CoV-2 virus has brought prominence to the concept of immune health for individuals. A common means of attempting to do so is by incorporating immune supplements into everyday life. While immune supplements generally contain well-documented traditional herbs, knowledge about the quality and safety of these commercial products is minimal. In Australia, the Therapeutic Goods Administration (TGA) regulates and enforces advertising, labelling and compositional consistency of immune supplements; however, minimal pre-market assessment omits the potential harm and adulteration regularly cited in the literature. A multifaceted approach to these products’ overall safety and quality is essential in safeguarding human health. Following TGA guidelines, seventeen immune supplements were investigated for their labelling compliance with the Therapeutic Goods Order No. 92 for non-prescription medicines. Although systemic labelling non-compliance was observed throughout the products, this was not associated with their potential to cause harm. Thus, stringency in this area is not necessarily applicable to protecting consumers. More focus should be put on high throughput pharmacovigilance methods that examine immune supplements' compositional integrity and consistency. For this study, the composition of immune supplements was analysed via nuclear magnetic resonance (NMR) spectroscopy using metabolomics. NMR provides detailed ‘snap shots’ into the chemical profile of immune supplements that can be interpreted via multivariate statistics to indicate the consistency of products across numerous batches. Therefore, this thesis aims to provide an overview of the quality and safety of Australian immune supplements. At the same time, it is recognising the place of metabolomics in regulatory environments as a high throughput mechanism of quality assurance

Automated Data for DevSecOps Programs

Excerpt from the Proceedings of the Nineteenth Annual Acquisition Research SymposiumAutomation in DevSecOps (DSO) transforms the practice of building, deploying, and managing software intensive programs. Although this automation supports continuous delivery and rapid builds, the persistent manual collection of information delays (by weeks) the release of program status metrics and the decisions they are intended to inform. Emerging DSO metrics (e.g., deployment rates, lead times) provide insight into how software development is progressing but fall short of replacing program control metrics for assessing progress (e.g., burn rates against spend targets, integration capability tar-get dates, and schedule for the minimum viable capability release). By instrumenting the (potentially in-teracting) DSO pipelines and supporting environments, the continuous measurement of status, identifica-tion of emerging risks, and probabilistic projections are possible and practical. In this paper, we discuss our research on the information modeling, measurement, metrics, and indicators necessary to establish a continuous program control capability that can keep pace with DSO management needs. We discuss the importance of interactive visualization dashboards for addressing program information needs. We also identify and address the gaps and barriers in the current state of the practice. Finally, we recommend future research needs based on our initial findings.Approved for public release; distribution is unlimited

Automated Data for DevSecOps Programs

Excerpt from the Proceedings of the Nineteenth Annual Acquisition Research SymposiumAutomation in DevSecOps (DSO) transforms the practice of building, deploying, and managing software intensive programs. Although this automation supports continuous delivery and rapid builds, the persistent manual collection of information delays (by weeks) the release of program status metrics and the decisions they are intended to inform. Emerging DSO metrics (e.g., deployment rates, lead times) provide insight into how software development is progressing but fall short of replacing program control metrics for assessing progress (e.g., burn rates against spend targets, integration capability tar-get dates, and schedule for the minimum viable capability release). By instrumenting the (potentially in-teracting) DSO pipelines and supporting environments, the continuous measurement of status, identifica-tion of emerging risks, and probabilistic projections are possible and practical. In this paper, we discuss our research on the information modeling, measurement, metrics, and indicators necessary to establish a continuous program control capability that can keep pace with DSO management needs. We discuss the importance of interactive visualization dashboards for addressing program information needs. We also identify and address the gaps and barriers in the current state of the practice. Finally, we recommend future research needs based on our initial findings.Approved for public release; distribution is unlimited

Length-dependent disassembly maintains four different flagellar lengths in Giardia.

With eight flagella of four different lengths, the parasitic protist Giardia is an ideal model to evaluate flagellar assembly and length regulation. To determine how four different flagellar lengths are maintained, we used live-cell quantitative imaging and mathematical modeling of conserved components of intraflagellar transport (IFT)-mediated assembly and kinesin-13-mediated disassembly in different flagellar pairs. Each axoneme has a long cytoplasmic region extending from the basal body, and transitions to a canonical membrane-bound flagellum at the 'flagellar pore'. We determined that each flagellar pore is the site of IFT accumulation and injection, defining a diffusion barrier functionally analogous to the transition zone. IFT-mediated assembly is length-independent, as train size, speed, and injection frequencies are similar for all flagella. We demonstrate that kinesin-13 localization to the flagellar tips is inversely correlated to flagellar length. Therefore, we propose a model where a length-dependent disassembly mechanism controls multiple flagellar lengths within the same cell