Tutorial 1: A Primer on High-Quality Identifier Naming
June 15, 14h-17h15 (UTC+2)
Speaker : Anthony Peruma – Rochester Institute of Technology, Rochester NY 14623, USA

Abstract : A precursor to many software maintenance tasks is program comprehension, where developers read the source code to understand the system’s behavior. Consuming a majority of this source code are identifier names, i.e., lexical tokens that uniquely identify entities in the code (such as classes, methods, variables, etc.). Hence, to assist with developer productivity and the quality of their work and thereby with software maintenance costs, it is imperative that identifier names are both readable and understandable. A strong or high-quality name is one that reflects its intended behavior.

This tutorial provides an overview of the importance of identifier naming in source code and past research in this field. We also examine common identifier naming structures, best practices, and semantics through ex- amples. More specifically, we introduce the attendees to the concept of naming evolution, grammar patterns, and linguistic anti-patterns. Additionally, we explore how readable names can be of poor quality by examining the context around the usage of terms in the name and their relationship to the surrounding code. Finally, we will also demonstrate tools that help developers with identifier name appraisals and recommendations.

Tutorial 2: Extract Method Refactoring: Challenges, Opportunities and Recent Applications
June 15, 14h-17h15 (UTC+2)

Speaker : Eman Abdullah AlOmar – Stevens Institute of Technology, Hoboken NJ 07030, USA

Abstract : Refactoring is a critical task in software maintenance and is usually performed to enforce best design practices, or to cope with design defects. Extract method refactoring is widely used for merging duplicate code into a single new method. Several studies attempted to recommend extract method refactoring opportunities through program slicing, program dependency graph, code modification analysis, structural similarity, and feature extraction. However, all approaches thus far are interfere with developer workflow, consider all refactoring suggestions in the entire projects without focusing on the context of development. To increase the adoption and usage rates of extract method refactoring, in this tutorial, we aim at investigating the effectiveness of machine learning algorithms in recommending extract method refactoring by maintaining the workflow of the developer, and then reporting on a user study that evaluates the proposed technique. The proposed system that has been implemented as IntelliJ IDEA plugin, called AntiCopyPaster, relies on mining refactoring and non-refactoring code changes and extracting code metrics.

This tutorial provides an introduction to the concepts of refactoring, code clone, their use in software engineering research, such as their im-pact on software quality, clone detection tools (including demonstrations, using tools such as AntiCopyPaster, JDeodorant and JExtract). Finally, we will also discuss challenges with recommending refactoring and avenues/opportunities for future research in this field.

Tutorial 3: Test Anti-Patterns: From Definition to Detection
June 15, 17h25-19h25 (UTC+2)

Speaker : Anthony Peruma – Rochester Institute of Technology, Rochester NY 14623, USA

Abstract: Software maintenance is both an essential and expensive phase of the software development life cycle. Hence, developers must adhere to best practices when designing systems and writing code. An indicator of potential design problems in the system is usually associ- ated with the presence of smells in the code. Smells are deviations of best practices and fundamentals in developing the systems. While smells are not bugs, they signify weakness in the design and increase the risk of defect injection or system failures. Similar to source code, (unit) test code can also suffer from poor programming practices (i.e., smells or anti-patterns) that can impact the overall quality and maintainability of the system.

This tutorial provides an introduction to the concepts of test smells (i.e., smells in test code), the different types of test smells (including exam- ples), their use in software engineering research, such as their impact on software quality, smell detection tools (including demonstrations, using tools such as tsDetect and PyNose,). Finally, we will also discuss challenges with studying test smells and avenues/opportunities for future research in this field.

Tutorial 4: Open Source Software: An Approach to Controlling Usage and Risk in Application Ecosystems
June 15, 17h25-19h25 (UTC+2)
Speaker : Stan Zajdel, Independence Health Group

Abstract: The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the wide-spread availability of libraries and frameworks that provide many functionalities. Developers are saving time and money incorporating this functionality into their applications resulting in faster more feature-rich releases. Despite the growing success and the advantages that open source software provides, there is a dark side. Due to its community construction and largely unregulated distribution, the majority of open source software contains bugs, vulnerabilities and other issues making it highly susceptible to exploits. The lack of oversight in general hinders the quality of this software resulting in a trickle down effect in the applications that use it. Additionally, developers who use open source tend to arbitrarily download the software into their build systems but rarely keep track of what they have downloaded resulting in an excessive amount of open source software in their applications and in their ecosystem. This presentation discusses tools and practices that users of open source software can implement into their environments that can safely track and control the introduction and usage of open source software into their applications, and report on some preliminary results obtained in an industrial context. The presentation will conclude by discussing governance issues related to the disciplined use and reuse of open source source.

Biography: Full-stack software engineer currently working in DevSecOps with a focus on the use of automation and innovation to help developers produce better quality, more resilient, secure software.   Broad and deep understanding of software technologies, development tools, practices and processes with expertise in designing and building secure scalable back-ends (REST APIs) against relational and NoSQL databases, web-based front-ends with modern, highly interactive and responsive Ajax UIs, and CI/CD pipeline automation

Links: https://www.linkedin.com/in/zajdelstan/