PhoneGap is an open source development tool for building fast, easy mobile apps with JavaScript.
If you’re a web developer who wants to build mobile applications in HTML and JavaScript while still taking advantage of the core features in the iPhone, Android, Palm, Symbian and Blackberry SDKs, PhoneGap is for you.
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all. The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software. The list is the result of collaboration between the SANS Institute, MITRE, and many top software security experts in the US and Europe. It leverages experiences in the development of the SANS Top 20 attack vectors (http://www.sans.org/top20/) and MITRE's Common Weakness Enumeration (CWE) (http://cwe.mitre.org/). MITRE maintains the CWE web site, with the support of the US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them. The CWE site contains data on more than 800 programming errors, design errors, and architecture errors that can lead to exploitable vulnerabilities. The 2010 Top 25 makes substantial improvements to the 2009 list, but the spirit and goals remain the same. The structure of the list has been modified to distinguish mitigations and general secure programming principles from more concrete weaknesses. This year's Top 25 entries are prioritized using inputs from over 20 different organization
This article is part of a series on testing untestable code:
Testing private methods Testing code that uses singletons Stubbing static methods Stubbing hard-coded dependencies
Windmill is a web testing tool designed to let you painlessly automate and debug your web application.
Originating at the Open Source Applications Foundation Windmill was built to help QA keep up with the rapid release cycles of the Chandler Server Web UI (Cosmo) project. As the Cosmo client is heavy in JavaScript and AJAX functionality, Windmill makes the communication between the service and the client code a priority.
Open-source project management tool, intended to assist the collaborative aspect of work carried out by agile software development teams.
Free / Open-source (MIT License) Full Development Life-cycle Comprehensive Adminstration Multiple projects within one instance Powerful Add-on Interface REST-API (Example) & RSS Support (Example)
Stalkr is a data persistence library. Stalkr enables your PHP web application to interact with database servers in a fully object-oriented pattern. No more messy SQL, no more nasty injection attacks!
This type of library is usually called an object-relational mapper, or ORM for short. However, Stalkr is different from your typical ORM. In addition to the usual “mapping” between PHP objects and SQL rows, Stalkr also boasts a wealth of scalability-friendly features, such as:
Exclusive features (of sorts: see the Yet Another ORM!? wiki page for more information)
Automatic and transparent integration with Memcached (drivers included!) Support for key-value stores, with built-in consistent hashing and redundancy (now with Redis support!) Seamless utilization of multiple clusters of potentially different database software Unique access control mechanism for additional security
