The author spent two years researching every bug avoidance technique she could find. This book contains the best of them. If you want to program faster, with fewer bugs, and write more secure code, buy this book!

    It was written (and illustrated!) by an all-star team:David Flanagan, bestselling author of programming language "bibles" (including JavaScript: The Definitive Guide and Java in a Nutshell) and committer to the Ruby Subversion repository.Yukihiro "Matz" Matsumoto, creator, designer and lead developer of Ruby and author of Ruby in a Nutshell, which has been expanded and revised to become this book.why the lucky stiff, artist and Ruby programmer extraordinaire. This book begins with a quick-start tutorial to the language, and then explains the language in detail from the bottom up: from lexical and syntactic structure to datatypes to expressions and statements and on through methods, blocks, lambdas, closures, classes and modules. The book also includes a long and thorough introduction to the rich API of the Ruby platform, demonstrating -- with heavily-commented example code -- Ruby's facilities for text processing, numeric manipulation, collections, input/output, networking, and concurrency. An entire chapter is devoted to Ruby's metaprogramming capabilities.The Ruby Programming Language documents the Ruby language definitively but without the formality of a language specification. It is written for experienced programmers who are new to Ruby, and for current Ruby programmers who want to challenge their understanding and increase their mastery of the language.

    You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

    Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging. Written by a team of world-renowned cryptography experts, this essential guide is the definitive introduction to all major areas of cryptography: message security, key negotiation, and key management. You'll learn how to think like a cryptographer. You'll discover techniques for building cryptography into products from the start and you'll examine the many technical changes in the field.After a basic overview of cryptography and what it means today, this indispensable resource covers such topics as block ciphers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and more. Helpful examples and hands-on exercises enhance your understanding of the multi-faceted field of cryptography.An author team of internationally recognized cryptography experts updates you on vital topics in the field of cryptography Shows you how to build cryptography into products from the start Examines updates and changes to cryptography Includes coverage on key servers, message security, authentication codes, new standards, block ciphers, message authentication codes, and more Cryptography Engineering gets you up to speed in the ever-evolving field of cryptography.

    By scale, we mean having numbers of users in the millions and being built by large engineering teams.For mobile engineers, this book is a blueprint for modern app engineering approaches. For non-mobile engineers and managers, it is a resource with which to build empathy and appreciation for the complexity of world-class mobile engineering.

    Most developers have a limited understanding of compositional techniques. It's time for that to change.In "Composing Software", Eric Elliott shares the fundamentals of composition, including both function composition and object composition, and explores them in the context of JavaScript. The book covers the foundations of both functional programming and object oriented programming to help the reader better understand how to build and structure complex applications using simple building blocks.You'll learn: • Functional programming • Object composition • How to work with composite data structures • Closures • Higher order functions • Functors (e.g., array.map) • Monads (e.g., promises) • Transducers • LensesAll of this in the context of JavaScript, the most used programming language in the world. But the learning doesn't stop at JavaScript. You'll be able to apply these lessons to any language. This book is about the timeless principles of software composition and its lessons will outlast the hot languages and frameworks of today. Unlike most programming books, this one may still be relevant 20 years from now.This book began life as a popular blog post series that attracted hundreds of thousands of readers and influenced the way software is built at many high growth tech startups and fortune 500 companies.

    You’ll learn how to create structured JavaScript applications, using Backbone’s own flavor of model-view-controller (MVC) architecture.Start with the basics of MVC, SPA, and Backbone, then get your hands dirty building sample applications—a simple Todo list app, a RESTful book library app, and a modular app with Backbone and RequireJS. Author Addy Osmani, an engineer for Google’s Chrome team, also demonstrates advanced uses of the framework.Learn how Backbone.js brings MVC benefits to the client-sideWrite code that can be easily read, structured, and extendedWork with the Backbone.Marionette and Thorax extension frameworksSolve common problems you’ll encounter when using Backbone.jsOrganize your code into modules with AMD and RequireJSPaginate data for your Collections with the Backbone.Paginator pluginBootstrap a new Backbone.js application with boilerplate codeUse Backbone with jQuery Mobile and resolve routing problems between the twoUnit-test your Backbone apps with Jasmine, QUnit, and SinonJS

    Create a tiny virtual environment, called a container, for your application that includes only its particular set of dependencies. The Docker engine accounts for, manages, and builds these containers through functionality provided by the host operating system. Software running inside containers share the Linux OS and other resources, such as libraries, making their footprints radically smaller, and the containerized applications are easy to install, manage, and remove. Developers can package their applications without worrying about environment-specific deployment concerns, and the operations team gets cleaner, more efficient systems across the board. Better still, Docker is free and open source.Docker in Action teaches readers how to create, deploy, and manage applications hosted in Docker containers. The book starts with a clear explanation of the Docker model of virtualization, comparing this approach to the traditional hypervisor model. Developers will learn how to package applications in containers, including specific techniques for testing and distributing applications via Docker Hub and other registries. Readers will learn how to take advantage of the Linux OS features that Docker uses to run programs securely, and how to manage shared resources. Using carefully-designed examples, the book teaches you how to orchestrate containers and applications from installation to removal. Along the way, you'll learn techniques for using Docker on systems ranging from your personal dev-and-test machine to full-scale cloud deployments.

    At long last you'll be united with the programming language you've been longing for: Clojure!As a Lisp-style functional programming language, Clojure lets you write robust and elegant code, and because it runs on the Java Virtual Machine, you can take advantage of the vast Java ecosystem. Clojure for the Brave and True offers a "dessert-first" approach: you'll start playing with real programs immediately, as you steadily acclimate to the abstract but powerful features of Lisp and functional programming. Inside you'll find an offbeat, practical guide to Clojure, filled with quirky sample programs that catch cheese thieves and track glittery vampires.Learn how to: Wield Clojure's core functions Use Emacs for Clojure development Write macros to modify Clojure itself Use Clojure's tools to simplify concurrency and parallel programmingClojure for the Brave and True assumes no prior experience with Clojure, the Java Virtual Machine, or functional programming. Are you ready, brave reader, to meet your true destiny? Grab your best pair of parentheses—you're about to embark on an epic journey into the world of Clojure!

    Although its remarkable capabilities have made Ruby on Rails one of the world’s most popular web development frameworks, it can be challenging to learn and use. Ruby on Rails™ 3 Tutorial is the solution. Leading Rails developer Michael Hartl teaches Rails 3 by guiding you through the development of your own complete sample application using the latest techniques in Rails web development.Drawing on his experience building RailsSpace, Insoshi, and other sophisticated Rails applications, Hartl illuminates all facets of design and implementation—including powerful new techniques that simplify and accelerate development.You’ll find integrated tutorials not only for Rails, but also for the essential Ruby, HTML, CSS, JavaScript, and SQL skills you’ll need when developing web applications. Hartl explains how each new technique solves a real-world problem, and he demonstrates this with bite-sized code that’s simple enough to understand, yet novel enough to be useful. Whatever your previous web development experience, this book will guide you to true Rails mastery.This book will help you Install and set up your Rails development environment Go beyond generated code to truly understand how to build Rails applications from scratch Learn Test Driven Development (TDD) with RSpec Effectively use the Model-View-Controller (MVC) pattern Structure applications using the REST architecture Build static pages and transform them into dynamic ones Master the Ruby programming skills all Rails developers need Define high-quality site layouts and data models Implement registration and authentication systems, including validation and secure passwords Update, display, and delete users Add social features and microblogging, including an introduction to Ajax Record version changes with Git and share code at GitHub Simplify application deployment with Heroku

    With this hands-on guide, you'll learn how to write effective, idiomatic Python code by leveraging its best and possibly most neglected features. Author Luciano Ramalho takes you through Python's core language features and libraries, and shows you how to make your code shorter, faster, and more readable at the same time.Many experienced programmers try to bend Python to fit patterns they learned from other languages, and never discover Python features outside of their experience. With this book, those Python programmers will thoroughly learn how to become proficient in Python 3.This book covers:Python data model: understand how special methods are the key to the consistent behavior of objectsData structures: take full advantage of built-in types, and understand the text vs bytes duality in the Unicode ageFunctions as objects: view Python functions as first-class objects, and understand how this affects popular design patternsObject-oriented idioms: build classes by learning about references, mutability, interfaces, operator overloading, and multiple inheritanceControl flow: leverage context managers, generators, coroutines, and concurrency with the concurrent.futures and asyncio packagesMetaprogramming: understand how properties, attribute descriptors, class decorators, and metaclasses work"

    This groundbreaking new book sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers, and operations, delivery teams can get changes released in a matter of hours-- sometimes even minutes-no matter what the size of a project or the complexity of its code base. Jez Humble and David Farley begin by presenting the foundations of a rapid, reliable, low-risk delivery process. Next, they introduce the "deployment pipeline," an automated process for managing all changes, from check-in to release. Finally, they discuss the "ecosystem" needed to support continuous delivery, from infrastructure, data and configuration management to governance. The authors introduce state-of-the-art techniques, including automated infrastructure management and data migration, and the use of virtualization. For each, they review key issues, identify best practices, and demonstrate how to mitigate risks. Coverage includes - Automating all facets of building, integrating, testing, and deploying software - Implementing deployment pipelines at team and organizational levels - Improving collaboration between developers, testers, and operations - Developing features incrementally on large and distributed teams - Implementing an effective configuration management strategy - Automating acceptance testing, from analysis to implementation - Testing capacity and other non-functional requirements - Implementing continuous deployment and zero-downtime releases - Managing infrastructure, data, components and dependencies - Navigating risk management, compliance, and auditing Whether you're a developer, systems administrator, tester, or manager, this book will help your organization move from idea to release faster than ever--so you can deliver value to your business rapidly and reliably.

    Though it may not seem this way for those who have been in the field for most of their careers, in the overall scheme of professions, software builders are relative "newbies." In the short history of the software field, a lot of facts have been identified, and a lot of fallacies promulgated. Those facts and fallacies are what this book is about. There's a problem with those facts-and, as you might imagine, those fallacies. Many of these fundamentally important facts are learned by a software engineer, but over the short lifespan of the software field, all too many of them have been forgotten. While reading Facts and Fallacies of Software Engineering , you may experience moments of "Oh, yes, I had forgotten that," alongside some "Is that really true?" thoughts. The author of this book doesn't shy away from controversy. In fact, each of the facts and fallacies is accompanied by a discussion of whatever controversy envelops it. You may find yourself agreeing with a lot of the facts and fallacies, yet emotionally disturbed by a few of them! Whether you agree or disagree, you will learn why the author has been called "the premier curmudgeon of software practice." These facts and fallacies are fundamental to the software building field-forget or neglect them at your peril!

    In fact, EJB 3.0 is being hailed as the new standard of server-side business logic programming. And O'Reilly's award-winning book on EJB has been refreshed just in time to capitalize on the technology's latest rise in popularity.This fifth edition, written by Bill Burke and Richard Monson-Haefel, has been updated to capture the very latest need-to-know Java technologies in the same award-winning fashion that drove the success of the previous four strong-selling editions. Bill Burke, Chief Architect at JBoss, Inc., represents the company on the EJB 3.0 and Java EE 5 specification committees. Richard Monson-Haefel is one of the world's leading experts on Enterprise Java."Enterprise JavaBeans 3.0," 5th Edition is organized into two parts: the technical manuscript followed by the JBoss workbook. The technical manuscript explains what EJB is, how it works, and when to use it. The JBoss workbook provides step-by-step instructions for installing, configuring, and running the examples from the manuscript on the JBoss 4.0 Application Server.Although EJB makes application development much simpler, it's still a complex and ambitious technology that requires a great deal of time to study and master. But now, thanks to "Enterprise JavaBeans 3.0," 5th Edition, you can overcome the complexities of EJBs and learn from hundreds of practical examples that are largeenough to test key concepts but small enough to be taken apart and explained in the detail that you need. Now you can harness the complexity of EJB with just a single resource by your side.

    But while most of us today can work a computer--albeit with the help of the ever-present computer software manual--we know little about what goes on inside the box and virtually nothing about software designor the world of computer programming. In Patterns of Software, the respected software pioneer and computer scientist, Richard Gabriel, gives us an informative inside look at the world of software design and computer programming and the business that surrounds them. In this wide-ranging volume, Gabriel discusses such topics as whatmakes a successful programming language, how the rest of the world looks at and responds to the work of computer scientists, how he first became involved in computer programming and software development, what makes a successful software business, and why his own company, Lucid, failed in 1994, tenyears after its inception. Perhaps the most interesting and enlightening section of the book is Gabriel's detailed look at what he believes are the lessons that can be learned from architect Christopher Alexander, whose books--including the seminal A Pattern Language--have had a profound influence on the computer programmingcommunity. Gabriel illuminates some of Alexander's key insights--the quality without a name, pattern languages, habitability, piecemeal growth--and reveals how these influential architectural ideas apply equally well to the construction of a computer program. Gabriel explains the concept ofhabitability, for example, by comparing a program to a New England farmhouse and the surrounding structures which slowly grow and are modified according to the needs and desires of the people who live and work on the farm. Programs live and grow, and their inhabitants--the programmers--need to workwith that program the way the farmer works with the homestead. Although computer scientists and software entrepreneurs will get much out of this book, the essays are accessible to everyone and will intrigue anyone curious about Silicon Valley, computer programming, or the world of high technology.