Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 3 years ago.
Improve this question
I'm interested in ESAPI to use in a production environment.
Is there any official documentation on how to setup properly a web application, and if so, where?
ESAPI has good intentions, it is referenced de facto in OWASP Top 10 issues.
However its main development is not really active. The library is provided as is.
There are two Java libraries depending on the versions:
OWASP Enterprise Security API for Java: version >= 3.x
Maintained by one contributor (Chris Schmidt), last code commit (as of today) was on Nov 20, 2013.
Enterprise Security API for Java (Legacy): version <= 2.x
Maintained by at least 3 contributors, last code commit (as of today) was on May 30, 2015.
There is a wish to have documentation (https://www.owasp.org/index.php/ESAPI_Documentation), especially: How to Use ESAPI in a New Application.
But currently, it is really light...
As of March 2014 the project was downgraded away from flagship status (http://off-the-wall-security.blogspot.fr/2014/03/esapi-no-longer-owasp-flagship-project.html). (credits to avgvstvs)
If you still want to learn ESAPI, the best you can have currently:
The ESAPI swing set, a "web application which demonstrates the many uses of the ESAPI" (https://www.owasp.org/index.php/ESAPI_Swingset)
The tests of the legacy version (https://github.com/ESAPI/esapi-java-legacy/tree/master/src/test/java/org/owasp/esapi).
The wiki of the legacy version (https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API)
The mailing list archives (http://lists.owasp.org/pipermail/esapi-dev/)
The README on the new version annonce new stuff to come:
2 Sept 2014 - We are gearing up to get some great stuff done at AppSecUSA in Denver this month. We'll be announcing our schedule and where we'll be at the conference soon! Stay tuned!
Maybe the doc will arrive one day...
If you want to learn secure programming with ESAPI, check out the ESAPI swing set: https://www.owasp.org/index.php/ESAPI_Swingset
However, as superbob has pointed out, you probably shouldn't use it in new production applications.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Is this something worth learning, just as a side thing, or is this something that may not be widely used or around much due to other things like andruino?
EDIT: I am asking this question to those individuals who have used gadgeteer. Not to see if they liked it but to see if they are still using it in the same capacity when they first started or have they gone to other things, either personally or due to company reasons. So if someone was using gadgeteer 3 years ago, are they still using it to the same degree they used it back then. I gave, in the comments, the example of FrontPage. Even though, back then, FrontPage could still be used it was already widely known that not many newer development was using FrontPage. That is what I was looking for and not opinions on whether people liked gadgeteer or not. I am looking for if this could possibly be something that is already, slowly or whatever, being phased out in terms of usage.
I've asked myself the same question while working on some recent personal projects with the .NET Micro Framework and the related hardware. Lots of risk for opinion as stated, so I will share some observations I've made.
The Dot Net Micro Framework has seen the following recent releases.
http://netmf.codeplex.com/ .NET Micro Framework V4.3 SDK-R2-Beta DATE Tue Sep 23, 2014
http://gadgeteer.codeplex.com/ Gadgeteer Core Oct 2, 2014
Codeplex has quite a few Micro Framework code libraries: 9 have been updated in 2014, 4 since June
I've been ordering development boards from GHI (I'm not advertising so no Link, just providing the name so my statement can be proven.) It seems like when I look at their Catalog at least one board is sold out with more on order and the out of stock board is different every time.
I would also suggest that hobby level and professional consumers are very different. The above company has products in both categories. Professionals don't usually advertise their technology choices. They are more about Time to Market and Reliability.
Edit
I just found this link. It reaffirms Microsofts commitment to the MicroFramework
http://ms-iot.github.io/content/WelcomeAndFAQ.htm It's about 2/3rds of the way down. Basically they are making it part of their Internet Of Things initiative. April 2014 Build Conference 9:19 and 14:50 (mm:ss).
Opinion
The way I look at it, does it solve your problem? I might not plan large scale product plans without talking to a vendor about volume and EOL plans, for personal use it's been great.
End Opinion
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
Does anyone know of a free build server service to coincide with scm/forum/issue tracking services such as sourceforge/googlecode?
Obviously hudson/jenkins service would be my first preference related to primarily java/maven2, but anything would be nice!
Thanks!
Cloudbees has an offering for FOSS projects.
Another one (especially for public Github repos): http://travis-ci.org/
Researching the same thing currently, I stumbled over jenkinshosting.com (reported as suspicious site, Aug2012)- Jenkins build server, free for FOSS. Haven't tried it yet, though.
Atlassian offers licensed and on-demand products to open-source projects. Bamboo may be included.
https://www.atlassian.com/software/views/open-source-license-request
A TeamCity based server farm is available for open source projects through http://teamcity.codebetter.com/. Read the announcement.
Another option for OSS is http://www.appveyor.com/, which is including support for Windows 8.1 store apps.
Jenkinshosting.com use to offer free open source hosting. It's worth checking out to see if it's still continued.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
Where can I find the release dates for each past release of the Zend Framework?
I'm constantly referring to blog articles and tutorials in my effort to learn the framework. The articles are usually dated however without knowing the release dates of the framework, its difficult to marry up articles with their intended Zend version.
Thanks!
You dont need to watch for every single version
I think since 1.8 there are no significant changes that may affect the article so if it is from 2009 it should work.
Along with http://framework.zend.com/downloads/archives you may also try to check http://framework.zend.com/changelog
Edit: brief history of major changes
1.0 first release - July 2007
1.5 Zend_Form, Zend_Layout - March 2008
1.8 Zend_Application - April 2009, major difference in bootsraping
1.9 Php 5.3 support - August 2009
1.10 ControllerTestCase - January 2010
1.11 Zend_Cloud - November 2010
You can find the older releases (and their dates) of zend framework here:
[Edit]
Zend
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
Is there any software for viewing UML-like diagrams of postgreSQL DB schemas for the Mac? Here's an example of what I would like to see.
(source: google.com)
Cheap's good, free's better.
A similar question was asked here, but the software pointed to here appears not to be available for the Mac, and is no longer being supported anyway.
Some days ago I had the same question. I found several, but the one that I'm using is DbVisualizer. It is multi-platform, free, and easy to install. It also has a paid version, but the free one is enough for visualization purposes. It supports PostgreSQL, MySQL, Informix, Oracle, Microsoft SQL Server, and many other DBMS'.
Here is the download link
DbWrench is not free (but not expensive either) and quite good: http://www.dbwrench.com/
PowerArchitect Community edition is free, but the really interesting features seem to go into the enterprise edition: http://www.sqlpower.ca/page/architect
Both are Java based and work on the Mac
Aqua Data Studio offers an ER diagram generator and ER modeler but it's pricey now.
Free licenses for qualified open source developers; reduced licenses for qualified academic users.
The accepted answer's link doesn't work any more.
Here is an acceptable tool that's free and produces graphic diagrams: http://www.dbvis.com/
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
Does anyone know if there is a book about Sparx systems Enterprise Architect ? (besides sparx site and reference)
Sparxsystems Central Europe offer their own book, based on Enterprise Archtect.
Project Management with UML and Enterprise Architect
ISBN-10:3-9502692-1-5
ISBN-13:978-3-9502692-1-5
An adoption to EA 8.0is is in work and will released end of Aug. 2010.
Further Info http://www.sparxsystems.eu/ea-sparx-systems/ea-news/news-beitrag/article/new-book-released-project-management-with-uml-and-enterprise-architect/
There is a good book with a practical example.
"Use case Driven Object Modeling with UML" written by Doug Rosenberg and Matt Stephens
They explain there methode how to develop with the relevant parts of UML. They refer a lot to the Sparx Enterprise Architect tool.
There is also a digital version of the book mentioned above: you can find it at http://leanpub.com/entarch
Advantages of the ebook:
available in pdf, epub (for iPad, iPhone, eReaders) and mobi (for Amazon Kindle)
cheaper
includes a bonus chapter
free updates
immediate download
Peter Doomen has recently released an e-Book (pdf, ePub, Mobi-Kindle) version of Fifty Enterprise Architect Tricks. Also available in paperback which I've read and enjoyed. Find it at https://leanpub.com/entarch