Business, webdev

Product Management – From Mission to Roadmap

When we are talking about a roadmap in the context of product management, we mean A shared source of truth that outlines the vision, direction, priorities, and progress of a product over time. It’s a plan of action that aligns the organization around short and long-term goals for the product or project and how they will be achieved.

It is an essential tool for product planning and serves as a communication channel between product management and other stakeholders. Product managers need to understand how to create a product roadmap and how to keep it updated, and keeping it updated with reality is the challenging part.

As Mike Tyson said: “Everyone Has a Plan Until They Get Punched in the Mouth.”
Or in other version (popular in the army) – “No plan survives first contact with the enemy.”
That’s why we must invest in keeping it as close as possible to the changing reality.

Continue reading
Advertisement
Standard
Business, webdev

How to record a Demo/Meeting on MacOS

To record a meeting or a demo on a Mac, you can use the built-in QuickTime Player app.

Here’s how:

1. Open the Quicktime Player app from your Applications folder.
QuickTime Player is the default media player for your Mac.
It lets you record audio and video.
You can use Spotlight (cmd+space bar) to open it.

2. In QuickTime Player, choose File > New Screen Recording.
This will open Screenshot and display the tools.

Continue reading
Standard
JavaScript, webdev

JavaScript Objects 101

The Object type represents one of JavaScript’s data types. It’s important stuff as we will use them—a lot.

It is used to store various keyed collections and more complex entities. Objects can be created using the Object() constructor or the object initializer / literal syntax. Did you know that all modern JavaScript utilities for working with objects are static?

Here is an example of a JavaScript object that contains two names and one key:

let obj = {
  name1: "John",
  name2: "Jane",
  key: "value"
}
Continue reading
Standard
JavaScript, webdev

RegEx 101

Regular expression or in short Regex is a string of text that lets you create patterns that help match, locate, and manage text. It’s an important tool in a wide variety of computing applications, from programming languages like JS, Java and Perl, to text processing tools like grep, sed, and vim.

Here are a few helpers to refresh your mind when you need some ‘simple’ regex to do the job.

Continue reading
Standard
cloud, JavaScript

Integrate JFrog Xray with Slack

The need to protect your software and to be updated about vulnerabilities is getting stronger. JFrog Xray is unique in its capabilities to perform analysis of all the binaries you are consuming in your project. It works with Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. Xray provides great visibility into issues lurking in components anywhere in your organization and there are many cases where you wish to get notified on a security violation (or a license breach) directly to Slack.

Getting Started

We will use Xray’s Webhooks to define our server’s and base on the policies/rules our Webhook will be notified with the alerts about violations (security or licenses).

Continue reading
Standard
cloud, JavaScript

Export Violations From JFrog Xray to CSV

The trend of #DevSecOps is growing fast and it is no longer just part of your security team. More and more organizations wish to integrate their security team in all the phases of development and operations. To achieve it, there are cases where you need to export data from JFrog Xray (in our case to a CSV format) so you can ingest it to your current logging/monitoring system. 

What is Xray?

In a nutshell, JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to more trust in your software. 

By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.

Xray API

One of the best parts is that JFrog Xray is also fully automated through a rich REST API. We will use it to create this Exporter. Please feel free to clone/fork the code below and use it, but remember you might need to add pagination and a watchdog for a real system.

Continue reading
Standard
cloud, JavaScript

How To Build An Integration With JFrog Xray?

The trend of DevSecOps is not new but it’s growing fast. More and more organizations wish to integrate their security team in all the phases of development and operation. 

Many security products keep your code safe from vulnerabilities at different stages (dev, test, qa and prod). However, JFrog Xray is unique in its capabilities to perform analysis of all the binaries you are consuming in your project.

JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to (more) trust in your software. By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.

One of the best parts is that JFrog Xray is also fully automated through a rich REST API that lets it integrate with a CI/CD pipeline and allows other binary analysis tools to build on its unique capabilities.

Continue reading
Standard
cloud, webdev

Code Reviews Will Improve You (And Your Code)

Fog on mountains

There are many options to improve your software quality.
One of the most effective methods is to do code reviews with other developers.
Code reviews are as much a social interaction as a technical best practice. In a healthy engineering culture (egoless), team members engage their peers to improve the quality of their code and increase their productivity. Developers understand that the time they spend looking at a colleague’s code is repaid when other team members examine their own deliverables. These days, most of the companies (e.g. Facebook, Netflix, Google, Amazon, Uber) are embracing it, so it’s another sign that something is working well here.
The important thing to remember when you are doing a code review is to be kind and to ask questions (clarifications) before you suggesting anything.

Why Ask For A Peer Review?

  1. The most basic reason is to find bugs.
    If you won’t ask for it, you will miss bugs in your code:
    a. Accidental errors – typos or mixing variables.
    b. Structural errors – dead code, logic or algorithm bugs, performance or architecture concerns. These are often much easier to spot for an external reviewers the see your work from their perspective.
  2. You preventing from yourself a great way to learn and get better – Committers are motivated by the notion of a viewer who will look over the change request: the committer tends to clean up loose ends, consolidate TODOs, and generally improve the commit.
  3. Your code is not as clear as you think. Another developer will make it better both from its testability and readability aspects.

Code reviews are very important not only for developers but also to product managers, test engineers, designers and others.

In many cases, developers will be the first ones to see the benefits. It will allow them to move faster and with higher quality. Continue reading

Standard