“Comments are – at best – a necessary evil” (Uncle Bob, “Clean Code”) – Over the years I gathered quite a collection of examples for bad code comments. The most precious gems among them I would like to share with you. You will listen in on developer monologues and dialogues, try to analyze cryptic bylines, experience different levels of UnCamelCasing(tm) skill and fight your way through a redundant, useless and misleading inline thicket. You will also hear about well-meant tools and plugins that should not even exist if the motto “No Comment!” would be valued as it should be.
You can find the original presentation slides here: http://no-comment.kimminich.de
Some comments on // No Comment! from Clean Code Days 2015:
This is a brief introduction to “Java 8 Streams” featuring:
- Bulk Operations
- Lambda Expressions
- Method References
- Functional Operations
Accompanying source code and examples can be found on https://github.com/bkimminich/java8-streams
These are the slides of my session at Agile Saturday IX on 28th Sep 2013 in Tallinn, Estonia. I was invited there to give an entry level introduction talk into the ideas and methods of Agile Software Development.
You are an expert in TDD & Pair Programming, hold a Scrum Master certificate and know the Agile Manifesto from heart? Then this talk is probably too basic for you! Everyone else in invited to jump head-first into a journey through space, learning about many core agile methods and concepts on the way, like: Iterations, User Stories, Planning Poker, Test Driven Development, Pair Programming, Collective Code Ownership, Continuous Integration and more! Our journey will end on Mars where we will use SCRUM to conceive, build and continually improve the first Mars Station of mankind! Well, at least sort off..
These are the slides of my talk at the Clean Code Days 2013 in Dresden, Germany. They are in German, so I didn’t bother writing an English abstract. Sorry!
Themen wie Clean Code oder praktische Aspekte agiler Softwareentwicklung tauchen in den Curricula der wenigsten Hochschulen an prominenter Stelle auf. Warum ist das eigentlich so? Wieso fragen wir Bewerber nach ihren beherrschten Programmiersprachen oder bereits verwendeten Frameworks, aber selten nach ihren tatsächlichen handwerklichen Fähigkeiten. Sauberen, nachvollziehbaren und wartbaren Code zu schreiben, sollte viel weiter oben auf der Checkliste bei Bewerbungsgesprächen stehen.
In dem Vortrag “Kommt Clean Code in Studium und Ausbildung zu kurz?” wird von Erfahrungen aus mehreren Clean Code-Schulungen sowie Hochschulvorlesungen zum Thema berichtet. Ziel des Vortrags ist es, für eine deutlich qualitätszentriertere Ausbildung von Softwareentwicklern zu werben, sowohl an Hochschulen als auch in Ausbildungsbetrieben. Ausserdem können Manager einige Tipps mitnehmen, wie man Bewerbern auf Entwickler-Positionen die richtigen Fragen nach ihren wirklich wichtigen Fähigkeiten stellt.
These are the slides to my “Agile Software Development in Practice” lectures. They are intended especially for Software Development students but have also partially been used in inhouse Clean Code developer trainings.
The following topics are covered:
- most aspects of Agile Methodology from Pair Programming to Collective Code Ownership
- Clean Code based on Robert C. Martins work
- Test Driven Development
- advanced Unit Testing techniques like Mockito mocks and Hamcrest matchers
The deck is divided into 9 lectures which each consist of a theoretical part and a practical excercise for the students. Included are building a Mars Station from building blocks (using agile methods and SCRUM roles), Uncle Bobs famous Bowling Game Code Kata and a smallscale Code Retreat.
Accompanying source code and examples can be found on https://github.com/bkimminich/AgileSoftwareDevelopmentInPractice
These are the slides to my 2-day “Web Application Security Training Workshop”. The workshop is intended for all IT staff involved in web application development, e.g. software engineers, system analysts, quality engineers or application administrators.
The goals of the workshop are:
- Build security awareness for web applications
- Get to know attack methods of hackers
- Learn ways to discover security vulnerabilities
- Learn the basics of secure web development
Day one starts with a motivation of the topic and then covers the most severe vulnerabilities of web applications based on the OWASP Top 10 list. The attacks on those vulnerabilities are discussed and can be tried out in several examples.
Day two starts with a two hour hacking contest where each participant attacks the locally installed BodgeIt store and tries to get as many points on the score card as possible. Next the Secure Software Development Lifecycle is briefly discussed in order to prevent security flaws as early as possible.
Performing attacks on any website or server you do not own yourself is a crime in most countries!