I understand that the functionality to reverse engineer a schema from an existing database is in development for slick-2.
Could someone point me to the api for doing this and what the status of this functionality is.
Is it in master or do I need to switch branches? Pointers to any kind of doc for this feature would also be great.
The feature that will make it into 2.0 is in this PR
https://github.com/slick/slick/pull/233
There is no documentation at the moment besides the code. To understand how to use it you will have to look at
the type provider config files
the Scala object GeneratedClasses that uses them to run the code-generator
the part of the sbt build file, that triggers GeneratedClasses during the build
the corresponding test cases
(UPDATE: added links to the source code above)
There is also an older prototype which I wrote taking a different approach for Slick 1.0. bhudgeons wrote a blog post about how he used it https://bhudgeons.telegr.am/blog_posts/slick-tool-for-db-schema-generation
There has been some experimental work going on using type macros, but they wont make it into Scala, so we have to rewrite it for annotation macros at some point.
Related
Can we write the Feature files and step definitions in Swift Automation framework using XCUITEST Framework ?Is yes , Any jar files or plugins we need to install ?
I am unable to find much support in this
While this is not an appropriate question for StackOverflow, I will oblige you an answer with Cucumberish. I have used it in the past, it works, but I generally steer clear of third party frameworks as they add a layer of complexity and leave you in the lurch if they lose support.
I have worked a bit with CucumberSwift and got it to work fine, reading German-language Feature files and letting me define steps in Swift using all the functionality that XCUITest provides.
However, we have not adopted this in the end but are writing Feature files in Gherkin and then write ordinary XCTestCases that we link to the Feature files by mentioning Scenario names in comments. We develop the same functionality for three platforms and it was difficult to see how BDD tooling would work across all three or how we could make it work given the resources we have. Like Mike Collins we also felt that running without the complexity of additional frameworks was an added benefit.
Having said this, CucumberSwift seems promising, perhaps check out this discussion about documentation and add to it?
I'm starting a project and already check how useful is gobuffalo/pop.
I have never previously used a framework for my GO projects. I just used the stdlib and I'm used to working with Django too.
In Django it is pretty straight forward to create/update a model and generate its migrations. It gets the current DjangoModel and generates a migration with the changes. What a surprise to me when I can't find how to do it with pop.
I already checked the documentation but I couldn't find any examples.
How do you do that?
Right now, you can only generate empty migrations and write them yourself: https://gobuffalo.io/en/docs/db/migrations#writing-migrations
There's an issue asking to implement a Django-like migrations generator (https://github.com/gobuffalo/pop/issues/184), but it's not done yet and requires a lot of work.
I have been trying to scan my code by using SonarQube + FindBugs + FindSecBugs plugins.
The idea is to detect vulnerabilities in the code, and as it says in the github project subject, it works with scala https://github.com/find-sec-bugs/find-sec-bugs
I have installed the plugin as the documentation says, and tried a few scans but nothing related to vulnerabilities in scala is coming up.
So, in order to figure out if the code was really good or there was a misconfiguration on my SonarQube settings, I went to http://find-sec-bugs.github.io/bugs.htm, I took one of the examples (Potential Path Traversal), inserted the example code and I ran the scanner again. It was not found.
The rule (Security - Potential Path Traversal (file read)) is activated in the Quality Profile, and despite it is a Java profile, it is assigned to the project, since the code in the mentioned example is Scala.
I noticed that all the rules coming from find-sec-bugs are java ones, so I'm wondering if they don't work on scala or there is something else I can do to make it work.
Thanks in advance, and let me know if you need any extra information, I'd be glad to provide you.
Looks like the main reason for that to happen is that Scala bug patterns are explicitly excluded for some reasons:
Their are plenty of limitation with the SonarQube architecture regarding the multi-language support.
It is closely tie to the sonar-source plugin design.
Language can't have the same extension (https://jira.sonarsource.com/browse/MMF-672)
Repository can't contains rule that apply to multiple languages. (If you would have Scala only code, the Java core rules would not be enable unless you have one Java file present)
Sensor are couple to the language definition (depends on the most popular plugin that declares it).
etc, etc..
Source: https://github.com/spotbugs/sonar-findbugs/issues/108#issuecomment-305909652
All the exclusions can be seen here: https://github.com/spotbugs/sonar-findbugs/commit/526ca6b29fae2684f86b1deba074a4be8a05b67e
Particularly, for Scala:
static exclusions = ['CUSTOM_INJECTION',
'SCALA_SENSITIVE_DATA_EXPOSURE',
'SCALA_PLAY_SSRF',
'SCALA_XSS_TWIRL',
'SCALA_XSS_MVC_API',
'SCALA_PATH_TRAVERSAL_IN',
'SCALA_COMMAND_INJECTION',
"SCALA_SQL_INJECTION_SLICK",
"SCALA_SQL_INJECTION_ANORM",
"PREDICTABLE_RANDOM_SCALA"]
I'm trying to ignore Lombok code (generated code) from Sonar analysis based on files which have a custom annotation, #ExcludeLombok.
I've tried this guide which did not work.
In fact, I've even tried excluding an entire directory from analysis and it still wouldn't work.
I've also tirelessly searched through StackOverflow looking for a solution, and I've seen this has been discussed a good bit on here, but I've seen that people have been suggesting to write a single test to get the coverage up, which is pointless since we should not test auto generated code.
The solution I'm looking for is to exclude files based on a custom annotation.
But so far, anything I attempt to exclude does not get excluded.
Any help would be greatly appreciated.
There is currently no easy way to exclude issues raised by the SonarQube rules from the SonarQube Java Analyzer, except from using approaches described in the "Narrowing the focus" documentation you quote.
Now, we introduced recently the concept of issue filters in the SonarQube Java Analyzer. This mechanism is at the moment only used internally to exclude issues raised by rules at analysis time, based on specific criteria.
We plan to extends this mechanism in order to allow users to implements their own custom issue filters, the same way custom rules can be implemented. This approach would cover your case and allow you to filter any rules on code annotated with your custom annotation. This new feature will be handled in the following JIRA ticket: SONARJAVA-1761
Another option you have is to run Sonar over delomboked source. There are various ways to delombok depending on your build system see:
Delombok Overview.
For maven there's an example of running analysis on delomboked code: Delombok test pom
In each case you would make sure you ran the checks over generated source.
I've spent a good few hours googling for something to allow me to open Zip files in Scala (I know you can just use the Java API, but I was hoping to find a Scala friendly wrapper for it instead of faffing about writing Buffered/FileInputstream and so on)
So I was just messing about in the REPL and found this package
scala.tools.nsc.io.ZipArchive
Which after some digging and using this scala.tools.nsc.io.File, I managed to open a zip archive with all of the Scala niceness (being able to foreach etc)
The thing is I can't see any mention of this package in the official Scala 2.8.1 API document, so I was just wondering why there's no documentation on it? What is it?
this package contains Compiler-related classes. It's mainly used (as far as I know) for Plugin creation.
Due to it being related to Scala compiler, I'm not sure to which point it is a "stable" package and how much may it change between Scala versions, so be careful there.