Category Archives: CS-348

Code Security First: Tackling CVEs in Your Development Workflow

In the ever-evolving landscape of cybersecurity, Common Vulnerabilities and Exposures (CVEs) are publicly disclosed security flaws that pose a significant risk to software systems. These vulnerabilities, if left unchecked, can be exploited by malicious actors. Developers, therefore, play a critical role in defending their code against known CVEs, ensuring secure software development from the very first commit. The article “Defending Your Commits from Known CVEs” explores a tool that developers can use to safeguard their work, integrating security seamlessly into the development lifecycle. This blog post reflects on the key insights from the resource, what I’ve learned, and how I plan to apply these practices in my future as a software professional.

The article emphasizes the prevalence of open-source components in modern projects and warns about how these components can add vulnerabilities to your project. This article particularly stresses the use of the tool Git Guardian Software Composition Analysis to catch CVE’s before they are added in a commit. Git Guardian SCA is a vulnerability scanner made by Hacker News to catch risks early.

I selected this article because it connects directly to our course discussions on open-source development and using Git. Understanding how to mitigate CVE risks is essential in order for us to be modern developers, and this article provides a useful tool to enable us towards this goal. It also touches on the use of open-source software.

From this article I learned that the open-source movement has a profound place in current development. It blows my mind that 96% of current projects have open-source components and that anywhere from 70% to 90% of any given modern software is open-source components. I don’t know if I should be happy that the world is working together so much or sad that apparently a lot of software development is not as much coding as I initially thought. It also explained how you can automate the tool’s use with Git hooks which was a new resource that I was introduced to. It allows the developer to automatically trigger actions at different points of gits execution.

Going forward I will be much more vigilant in using any piece of open-source software since apparently a large number of those projects could be using CVE’s. I will also try to expand this vigilance to the rest of any future teams I am a part of. I will probably also look into making my own tools to integrate with git hooks.

link to the article :
https://thehackernews.com/2024/05/defending-your-commits-from-known-cves.html

From the blog CS@Worcester – Coder's First Steps by amoulton2 and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.

What is Clean Code?

Once you’ve moved past coding your first “Hello World” and learned some foundational concepts, your programs will naturally grow more complex. Without proper structure, they can quickly become cluttered and hard to follow. To avoid this, it’s crucial to keep your code organized, readable, and understandable—not just for yourself but for others you’ll collaborate with as a professional programmer.

This is where learning about “clean code” becomes essential. Writing clean code focuses on maintaining consistency, clear formatting, appropriate line counts, and effective use of comments, whitespace, and methods. To deepen my understanding, I read an article called “A Deep Dive into Clean Code” on Codacy.com, which explores principles and methodologies that help developers write better code. Here are the key takeaways I learned from the article that could help other studious coders out as well:

1. KISS (Keep It Simple, Stupid)

Simplicity is key. Avoid unnecessary complexity to make your code more readable and maintainable. Simple solutions are easier to debug, modify, and adapt, reducing the risk of introducing errors during updates or when new developers join the project.

2. DRY (Don’t Repeat Yourself)

Eliminate redundancy. Repeated logic scattered throughout the code increases the chances of inconsistencies and bugs. By consolidating repeated logic into functions, methods, or classes, you streamline updates and make the codebase more efficient and maintainable.

3. SRP (Single Responsibility Principle)

Each class or function should serve a single purpose. This modular approach makes code easier to test, debug, and update. With clear responsibilities, changes in one part of the code are less likely to cause unintended effects elsewhere, ensuring stability and flexibility.

4. Meaningful Naming

Descriptive names for variables, functions, and classes make the code self-explanatory, reducing the need for excessive comments. Clear naming improves communication and helps everyone on the team quickly grasp the logic and purpose of each component, especially in collaborative projects.

5. Improved Testing and Maintenance

Clean code principles directly enhance testing and maintenance. With organized and readable code, bugs are easier to identify and fix. Additionally, by minimizing technical debt, you can adapt the code for future features or changes without major overhauls, ensuring long-term project sustainability.

Incorporating these principles into your coding practices leads to better software and a smoother development process for everyone involved. By focusing on simplicity, eliminating redundancy, maintaining clear organization, and using meaningful names, you not only make your work easier but also set the stage for collaborative success.

From the blog CS@Worcester – KeepOnComputing by CoffeeLegend and used with permission of the author. All other rights reserved by the author.

Docker and it basics

    Since I use different
computers from home, class, and work, after learning from class about docker
and setting up the same environment for all the devices, I thought it was time
to look into docker more. The article is about what is docker, why it became
popular and comparing it with other tools. That is why I choose this article
because “Docker overview” by Marsdev gives comprehensive introduction about docker,
comparing to virtual machine, use cases and advantage over other tools over the
internet. It clearly explains these things easily and detailed make it ideal
choice to learn how docker works and its benefits.

    The article covers essential components of Docker including
Docker Engine, Images, Dockerfiles, Docker Hub, Volumes, Compose, and Desktop
and how they work. For example, Docker Engine serves as the backbone of the
platform, enabling the creation and management of containers, while Docker
Compose allows developers to manage multiple interconnected containers with
ease. Not only that, but it also compares other tools that have similar functions
like Jenkins, Kubernetes. Not only that this article summarizes how container are
“given resources that no other process can access and cannot access any
resources that have not been specifically allotted to them”. In the end, Docker
is a powerful tool that makes development processes faster and build, test and publish
apps faster and efficiently than before.

Reading this article
and idea of ‘container’ showed why docker became a powerful tool for environmental
consistency. Also, I learned that I could have the same development environment
in different devices and applications now after installing docker, I don’t have
to constantly upgrade and downgrade versions of angular, node.js and different
things between different computers, applications. It was a pain going back and
forth and just a single program solves that mess I had. This program gave me a
clear roadmap for implementing containerization in my own work.  This article decreased the time I had to use
for development workflow compared to before. Not only that, but I am also
trying to use different dockers extension mentioned in the blog and others in
the marketplace for future use. Extensions like Disk usage help me double check
resource usage during development too. In the end, docker will save me time
during development and expand my base as a programmer as it decrease level of
errors between different versions of my program and the time to find those
errors.

Link to article – https://www.marsdevs.com/blogs/what-is-docker-why-is-it-getting-popular

 

From the blog Sung Jin's CS Devlopemnt Blog by Unknown and used with permission of the author. All other rights reserved by the author.