For example, on nuget.org there are these preview packages published for System.Text.Json:
6.0.0-rc.2.21480.5
6.0.0-rc.1.21451.13
6.0.0-preview.7.21377.19
6.0.0-preview.6.21352.12
6.0.0-preview.5.21301.5
6.0.0-preview.4.21253.7
6.0.0-preview.3.21201.4
6.0.0-preview.2.21154.6
6.0.0-preview.1.21102.12
I get the 'preview.n' and 'rc.n' parts. I believe these relate to the wider .NET releases.
I wondered if the third number is number of days since some baseline date, but that doesn't seem to be consistent (based on subtracting that number from publication date you get different baseline dates); if it was then I would have guessed the fourth number to be the build number within a given day.
I ask because I am interested in understanding what package versioning strategies are in use in the wild, and whether there is anything to be learned from this scheme in use by Microsoft.
Related
I am creating an archive of pdf files (magazine issues) and currently in the process of determining the file naming convention I want to adopt. So far I have thought of Title_Title-YYYY-MM-DD-VVV-NNNN where Title is the magazine name (possibly two words separated by an underscore), then the ISO 8601 date standard, followed by volume number, then issue number.
My problem is the following: not all magazines have the same types of data, for example, some have volume numbers while others only issue numbers, and more to the question here, some are issued on specific days while others on a month without a day.
My question: when faced by a magazine for which a field (say DD or VVV) does not apply, should I replace the field with zeros or drop the field completely?
And would adding zeros ruin the compatibility of my file names with ISO 8601 and any services working with it?
I am thinking about both human- and machine-readability. These files will be hosted on a website and my idea is to maximize compatibility (with google SEO for example) as well as maintain a convention that facilitates retrieval locally.
Thank you very much,
For (non regression) testing purpose, I frequently need to make DB2 LUW return a "fake" current date.
This is of course due to application code that rely on the current date / timestamp , and which will behave differently when run during a different date.
We have the possibility to change the operating system (Linux for instance) date , since the testing environment are isolated and dedicated per tester.
Unfortunately, this doesn't help a lot, since we face at least two problems :
1) Binding programs (Cobol) when the system date goes backward gives errors (tables not found, ...)
2) Functions created after the 'past' system date are also not usable....
For the point 1), we can set the date to present , then bind, then come back to past,
But for point 2), I didn't find a workaround.
Does anybody have experience on this problem ? Any alternatives including free or proprietary software are welcome.
Many years ago, our shop purchased a proprietary utility to assist in testing Year-2000-related program changes.
The software allowed us to specify an arbitrary "current" date and time in our test JCL, using parameters "ALTDATE" and "ALTTIME":
//STEP1 EXEC PGM=MYPGM,ALTDATE=MM/DD/YYYY,ALTTIME=HH.MM
Program calls to system date routines, like COBOL "ACCEPT . . . FROM DATE" or DB2 "CURRENT TIMESTAMP", would then return values based on a "fake" system clock that started with the specified date and time.
I believe the product also supported use of a simulated clock in CICS regions for testing of on-line applications, but I could be mistaken. Unfortunately, management decided to stop renewing the product license some time after Y2K had passed, even though several of us developers found it to be very useful for testing date-sensitive logic.
Although I do not know the name of the product we used, a Google search turns up one called "Simulate 2000" by DTS Software that appears to have identical functionality.
I am trying to map information of Linux packages (name + version) to their corresponding CPE strings (see http://nvd.nist.gov/cpe.cfm) in order to be able to automatically find possible vulnerabilities of a system.
There is an XML document provided by NIST which contains all relevant CPE. I thought about parsing this information into an SQL database so I can quickly search by name and version number. That would be some 70.000 rows.
The problem now is, of course, that there are variations of the spellings of the CPEs and the package names. For example, the CPE for Tomcat 6.0.36 would be cpe:/a:apache:tomcat:6.0.36 so you have the name tomcat and the version 6.0.36. Now, the package manager could give you something like tomcat6 for the name and 6.0.36-3 for the version. Its likely that both programs are the same or have at least the same vulnerabilities. So I need to be able to automatically identify the above mentioned CPE as the correct one for my tomcat package.
The first thing to do would be some kind of normalization, maybe converting everything to lowercase. But as you can see from the example, that's not enough. I need some kind of fuzzy search. From what I already found out, there are some solutions for identifying matches in the case of misspelling. That is not exactly what I need, though. The package names are not misspelled but may contain additional characters (or miss some).
The fuzzy search must also be relatively fast, since I need to execute it for multiple hosts which each could have some hundred packages installed and as I said, the database would have around 70.000 rows. I can introduce a primary lookup which tries to find an exact match first, but since I suspect many package will not have any corresponding CPE string, that will not decrease the amount too dramatically.
Another constraint is that the solution should be working on a non-proprietary database, since I don't have the financial means for anything else.
So, is there anything that matches these requirements? Or can you think of any solution to my problem except some kind of fuzzy searching?
Thanks in advance!
A general comment, first. The CPE nomenclature seems to have evolved organically, often depending on the vendors' (inconsistent) nomenclature. For example, Sun Java has major.minor.point_version. Adobe uses major.minor.point.subpoint. Microsoft operating systems use Service Packs_Language Packs. Some other vendors would use point releases with mostly numbers but occasional letters sprinkled in (e.g., .8, .9, .9R2, .10).
When I worked on the stated problem, I started from their XML files and manipulated them in Excel, splitting on the periods. Then I would sort either numerically (if they were all numeric) or as a text string. (Note that the letters sprinkled in to mostly numbers causes havoc, and that .10 comes lexically before .8)
This inconsistency is why third-party software vendors have sprouted like mushrooms after a spring rain. Companies would rather pay the software vendors than untangle this Gordian knot.
If you want a truly fuzzy search, please take a look at this question about using Soundex. Expect to get a lot of false positives.
If your goal is accurately mapping the CPE strings, you should probably think about implementing a lookup table that translates from CPE to a library name.
I'm having hard time with this project, I'm building a boat configurator which is divided in categories / packages / extras.
Each category is disconnected with the other, so it's not a big problem.
The problem comes out with packages and extras. Extras are options that can be chosen within a package (increasing the total price). I'll explain all dependencies that can exists between these 2 objects:
There are times where you can also purchase a package all toghether, which could have an extra (or 2) that are upgrades to that package
There are times where you can buy a single package between 4-5 and additionally you can buy some extras in another 6th package
Sometimes an extra can be bought only if you have at least one item in a given package
Sometimes an extra can be bought only if you have a specific extra
At the moment I don't have any other dependency in my mind (but I'm sure there are others possible).
I don't know which approach I should take to store all this dependencies, I have 3 basic sql tables (category, package, extra which are not connected because a Package => Extra dependency could be different for other categories) and CategoryRelationship, PackageRelationship, ExtraRelationship but I'm having hard time in express some dependencies, expecially the 2nd which is not limited to a single id field.
How is normally handled all these interdependencies?
I never faced this problem, thanks for any suggestion
Edit 1:
I'm thinking about changing the approach to 1 Table for each "type" of dependency, can it be considered a good way to handle instead of a single table with all type of dependencies?
Because no one answered this, I'm posting the approach I finally used for this project and which I find interesting.
I created 1 table for each type of dependency (as I told in Edit 1). Each table can have multiple reference to an item of any id and is possible in this way to organize quite well all columns that represents dependencies.
The approach is inspired by CakePHP Validation model, where each validation is a class that has a validate method which will be run.
Hopefully this will help someone else; I'll mark this as answer if no one provide an answer with a better suggestion.
We are interested in finding out some statistics of various frameworks
Mailing list activity on say richfaces. Much similar to what is available on http://code.google.com (Low, Medium, High) + average number of emails per day | per month.
Number of releases made in a year including patch, minor, major releases. We did look at the maven repositories but that wasn't very useful either.
We did look at ohloh, but didn't get the desired information. Any other ideas on where to get this information (any maven-2 plugins)?
Mailing list activity on say richfaces. Much similar to what is available on http://code.google.com (Low, Medium, High) + average number of emails per day | per month.
You'll get these informations on markmail (check also the other lists for richfaces, e.g. the svn-commits).
Number of releases made in a year including patch, minor, major releases. We did look at the maven repositories but that wasn't very useful either.
I would use Jira's Change Log for that.