Search for: All records

Microservice Architecture (MSA) is rapidly taking over modern software engineering and becoming the predominant architecture of new cloud-based applications (apps). There are many advantages to using MSA, but there are many downsides to using a more complex architecture than a typical monolithic enterprise app. Beyond the normal bad coding practices and code-smells of a typical app, MSA specific code-smells are difficult to discover within a distributed app. There are many static code analysis tools for monolithic apps, but no tool exists to offer code-smell detection for MSA-based apps. This paper proposes a new approach to detect code smells in distributed apps based on MSA. We develop an open-source tool, MSANose, which can accurately detect up to eleven different types of MSA specific code smells. We demonstrate our tool through a case study on a benchmark MSA app and verify its accuracy. Our results show that it is possible to detect code-smells within MSA apps using bytecode and or source code analysis throughout the development or before deployment to production. 

The adoption of Microservice Architecture (MSA) is rapidly becoming standard for modern software development. However, the added benefits of using a distributed architecture, including reliability and scalability, come with a cost in increasing the system’s complexity. One way developers attempt to mitigate the effects of an overly complicated system is through Systematic Architecture Reconstruction (SAR), which creates a high-level overview of the system concerns. This is typically done manually, which takes a great amount of effort from the developers. This paper proposes a method for automatically completing SAR of an MSA application through code analysis and demonstrating it on a case study on an existing microservice benchmark application. 

Abstract We present the full Hubble diagram of photometrically classified Type Ia supernovae (SNe Ia) from the Dark Energy Survey supernova program (DES-SN). DES-SN discovered more than 20,000 SN candidates and obtained spectroscopic redshifts of 7000 host galaxies. Based on the light-curve quality, we select 1635 photometrically identified SNe Ia with spectroscopic redshift 0.10 <z< 1.13, which is the largest sample of supernovae from any single survey and increases the number of knownz> 0.5 supernovae by a factor of 5. In a companion paper, we present cosmological results of the DES-SN sample combined with 194 spectroscopically classified SNe Ia at low redshift as an anchor for cosmological fits. Here we present extensive modeling of this combined sample and validate the entire analysis pipeline used to derive distances. We show that the statistical and systematic uncertainties on cosmological parameters are ${\sigma }_{{\mathrm{\Omega }}_M,\mathrm{stat}+\mathrm{sys}}^{\mathrm{\Lambda }\mathrm{CDM}}=$0.017 in a flat ΛCDM model, and $({\sigma }_{{\mathrm{\Omega }}_M},{\sigma }_w{)}_{\mathrm{stat}+\mathrm{sys}}^{w\mathrm{CDM}}$= (0.082, 0.152) in a flatwCDM model. Combining the DES SN data with the highly complementary cosmic microwave background measurements by Planck Collaboration reduces by a factor of 4 uncertainties on cosmological parameters. In all cases, statistical uncertainties dominate over systematics. We show that uncertainties due to photometric classification make up less than 10% of the total systematic uncertainty budget. This result sets the stage for the next generation of SN cosmology surveys such as the Vera C. Rubin Observatory's Legacy Survey of Space and Time. 

Abstract We report the discovery of six ultra-faint Milky Way satellites identified through matched-filter searches conducted using Dark Energy Camera (DECam) data processed as part of the second data release of the DECam Local Volume Exploration (DELVE) survey. Leveraging deep Gemini/GMOS-N imaging (for four candidates) as well as follow-up DECam imaging (for two candidates), we characterize the morphologies and stellar populations of these systems. We find that these candidates all share faint absolute magnitudes ( M V ≥ −3.2 mag) and old, metal-poor stellar populations ( τ > 10 Gyr, [Fe/H] < −1.4 dex). Three of these systems are more extended ( r 1/2 > 15 pc), while the other three are compact ( r 1/2 < 10 pc). From these properties, we infer that the former three systems (Boötes V, Leo Minor I, and Virgo II) are consistent with ultra-faint dwarf galaxy classifications, whereas the latter three (DELVE 3, DELVE 4, and DELVE 5) are likely ultra-faint star clusters. Using data from the Gaia satellite, we confidently measure the proper motion of Boötes V, Leo Minor I, and DELVE 4, and tentatively detect a proper-motion signal from DELVE 3 and DELVE 5; no signal is detected for Virgo II. We use these measurements to explore possible associations between the newly discovered systems and the Sagittarius dwarf spheroidal, the Magellanic Clouds, and the Vast Polar Structure, finding several plausible associations. Our results offer a preview of the numerous ultra-faint stellar systems that will soon be discovered by the Vera C. Rubin Observatory and highlight the challenges of classifying the faintest stellar systems. 

This essay discusses impacts of COVID-19 on food access for Indigenous individuals in Alaska, drawing on a collaborative study initiated by the Indigenous Foods Knowledges Network. Key lessons include: • The COVID-19 pandemic has exacerbated existing challenges for Alaska Natives in accessing traditional and store-bought foods. • The strength of Indigenous cultural and economic practices such as food sharing networks helped mitigate these challenges. • Policies and programs that support access to traditional foods and Indigenous sovereignty strengthen the ability of individuals and communities to respond to significant events that break down supply chains and restrict mobility. 

Software system security gets a lot of attention from the industry for its crucial role in protecting private resources. Typically, users access a system’s services via an application programming interface (API). This API must be protected to prevent unauthorized access. One way that developers deal with this challenge is by using role-based access control where each entry point is associated with a set of user roles. However, entry points may use the same methods from lower layers in the application with inconsistent permissions. Currently, developers use integration or penetration testing which demands a lot of effort to test authorization inconsistencies. This paper proposes an automated method to test role-based access control in enterprise applications. Our method verifies inconsistencies within the application using authorization role definitions that are associated with the API entry points. By analyzing the method calls and entity accesses on subsequent layers, inconsistencies across the entire application can be extracted. We demonstrate our solution in a case study and discuss our preliminary results. 

Static analysis is one of the most important tools for developers in the modern software industry. However, due to limitations by current tools, many developers opt out of using static analysis in their development process. Some of these limitations include the lack of a concise, coherent overview, missing support for multiple repository applications and multiple languages and lastly a lack of standardized integration mechanisms for third-party frameworks. We propose an evaluation metric for static analysis tools and offer a comparison of many common static analysis tools. To demonstrate the goal of our metric we introduce the Fabric8-Analytics Quality Assurance Tool as a benchmark of a tool which successfully passes our evaluation metric. We demonstrate usage of this tool via a case study on the Fabric8-Analytics Framework, a framework for finding vulnerabilities in application dependencies. We issue a challenge to developers of modern static analysis tools to make their tools more usable and appealing to developers. 

ABSTRACT We use the SMASH survey to obtain unprecedented deep photometry reaching down to the oldest main-sequence turn-offs in the colour–magnitude diagrams (CMDs) of the Small Magellanic Cloud (SMC) and quantitatively derive its star formation history (SFH) using CMD fitting techniques. We identify five distinctive peaks of star formation in the last 3.5 Gyr, at ∼3, ∼2, ∼1.1, ∼0.45 Gyr ago, and one presently. We compare these to the SFH of the Large Magellanic Cloud (LMC), finding unequivocal synchronicity, with both galaxies displaying similar periods of enhanced star formation over the past ∼3.5 Gyr. The parallelism between their SFHs indicates that tidal interactions between the MCs have recurrently played an important role in their evolution for at least the last ∼3.5 Gyr, tidally truncating the SMC and shaping the LMC’s spiral arm. We show, for the first time, an SMC–LMC correlated SFH at recent times in which enhancements of star formation are localized in the northern spiral arm of the LMC, and globally across the SMC. These novel findings should be used to constrain not only the orbital history of the MCs but also how star formation should be treated in simulations.