This repository is a collection of Software Engineering learning resources.
Click here to start exploring the resources.
Guidelines for Contributors | Contact | License: MIT
:books: A collection of learning resources for Software Engineering students
Home Page: https://se-edu.github.io/learningresources/
This repository is a collection of Software Engineering learning resources.
Click here to start exploring the resources.
Guidelines for Contributors | Contact | License: MIT
Outline:
Outline:
I would like to:
I would like to write a chapter on storing passwords
Textbook outline:
Password storage intro
What's wrong with plaintext?
What is hashing?
Why isn't hashing enough?
Adding salt
The salted hash
If an attacker has gained access to the entire application, what does it matter if my passwords are stored in plaintext or not?
Word of warning
Further reading
Assumptions:
Aim: Introduce the characteristics of non-relational databases, their benefits, using mongoDB as an example.
What is NoSQL?
Why NoSQL ( vs SQL )
How NoSQL works ( with reference to mongoDB as an example for all points, and vs SQL )
How to get started with NoSQL?
Outline:
Outline:
Overview - What is docker?
Why Docker is important to know?
Getting started with docker
Applications of docker
Further techniques/tools that you can use with Docker
Additional Readings
<Script>
, CommonJS, ES6 Import/Export)Source:
https://medium.freecodecamp.org/javascript-modules-a-beginner-s-guide-783f7d7a5fcc
Some links are broken. We should investigate to see whether the files have simply been moved and change the links accordingly or provide alternatives for material that has been removed or taken down.
The following excel sheet contains a list of broken links and their occurrences.
Broken Links.xlsx
Rationale: The current introduction to cryptography provides a good overview of cryptography from a theorectical perspective. However, I feel that an equally important topic is how should we go about implementing cryptography in our applications, because incorrect implementation choices can lead to vulnerabilities in your application.
Could be an extension, but feel like the below is enough content for its own chapter.
Outline:
I am getting complaints from Netlify that the learningresources website is serving insecure mixed content.
HTTP serves content through an un-encrypted channel, which means anyone can intercept the content and modify it without anyone knowing. That is why websites are recommended to activate HTTPS (which our website does), to send them through an encrypted channel.
However, even if the webpage is served in HTTPS, if the webpage embeds other resources using HTTP, then the embedded resources themselves can be compromised, even if the main webpage cannot be tampered with. Hence, this is 'insecure mixed content'.
Netlify found several images that are served through http
rather than https
(see the Netlify log for the list of insecure images).
Force browsers to always access content via the https
protocol by using a meta tag. That way, regardless of whatever protocol the page authors specified for their resource's reference uri, it will always be served through https
protocol.
This can be done by putting the following in _markbind/head/head.md
:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
Some http
content just don't have https
equivalent, so forcing https
will cause them to be broken. So, we either have to (1) save these images onto our repository and serve it ourselves, (2) find alternative subsitutes, or (3) not use them.
The list of images that needs checking and fixing can be found in the Netlify logs.
Note: Be sure to put proper attribution if you do (1)!
For more info: https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content
A functional programming language for developing web apps that compiles to JavaScript.
Promises features like no runtime exceptions due to it being a functional programming language, and has the one of the best compiler error messages out there:
https://mobile.twitter.com/gregoryschier/status/732830868562182144?lang=bn
Hi, I want to revise and improve the page of Swift
to fit the guideline.
Why should learn swift
sectionBenefits
Where to go from here
sectionGetting start
to Where to go from here
, and add learning path in Getting start
section.Outline:
The first few examples all assume the usage of jQuery ($, jquery selectors, $.ajax etc), but is not stated anywhere before them.
Should we try to change these examples so that they don't require any extra libraries, and use vanilla js instead so that they can be applicable to anyone who uses js?
Link:
JavaScript has modules already (as described in the section directly above). While the above code does make use of the module pattern (wrapping all related code inside one global), calling that a module just adds to the confusion with the already two different module systems: ES6 modules and CommonJS modules.
I propose we change rename module pattern to 'namespace pattern'
to better reflect what is going on: the reduction of global variables pollution by only creating one global variable, with all other functions and variables inside that object.
Proposed outline:
Outline quite similar to React, since they are libraries used quite often together.
Outline:
using await to improve javscript promises
The example:
// es5 syntax
function createPopUp(title, content, status, optionals) {
var headerColor = optionals.headerColor || 'default';
var bodyColor = optionals.bodyColor || 'default';
...
}
// es6 syntax with destructuring and default parameters
function createPopUp(title, content, status, optionals) {
const { headerColor = 'default', bodyColor = 'default' } = optionals;
...
}
the destructuring is more declatively done like:
// es6 syntax with destructuring and default parameters
function createPopUp(title, content, status, {headerColor = 'default', bodyColor = 'default'}) {
...
}
Quote from chapter:
https://github.com/se-edu/learningresources/blob/master/contents/javascript/javascript.md#writing-reusable-javascript
Method chaining is syntax such as
array.concat([1, 2]).push(1).filter(isEven)
However, Array.prototype.push
doesn't return an array, the above code doesn't do what it intends to do.
Update Contribution Guide to reflect need for content page (PR #181)
Programming Languages
SE Topics
App Frameworks
Tools Useful for Software Engineers
Other Topics
11 / 45 topics currently have a table of contents. I personally find that the table of contents adds unnecessary clutter as there is already a navigation sidebar to the right that serves the same purpose.
This is especially prominent on the CUDA page, where the table of contents occupies the whole initial screen:
I propose that the 11 topics have their table of contents removed and the contribution guidelines updated to reflect this as well.
This is the CUDA page, with table of contents removed:
Much cleaner and less overwhelming in my opinion.
What are your thoughts?
I have a few suggestions for nesting/grouping articles in a way that I think makes more sense:
Move Databases
and Security
from Other Topics
to SE Topics
Move Static Analysis
into Code Quality
Rename SE Topics
to Software Engineering Topics
Remove Project Management
and move Agile Development
and DevOps
into SE Topics (DevOps isn't related to project management)
Remove Tools Useful for Software Engineers
and move Regular Expressions
into SE Topics
Move Writing Testable Code
from Testing
into Code Quality
(the contents of that chapter are more closely related to code quality than testing)
Rename Architecture
to Software Architecture
Move Scalability
into Performance
and rename the category to Scalability and Performance
Swap the order of SE Topics
and App Frameworks
So that the overall structure flows more smoothly:
Proposed Category: SE Topics -> Testing
Primary Reference: OWASP Testing Guide
Secondary References: Guru99.com, SoftwareTestingHelp.com
The JS chapter Writing Testable Javascript
's file name is javascript.md
which is rather confusing.
I propose renaming it to WritingTestableJavascript.md
My outline to improve the SQL-injection page:
What's SQL-injection:
Give an overview about SQL-injection.
Why preventing SQL-injection is important:
How does SQL-injection work:
How to prevent SQL-injection:
The Spring Framework is an application framework and inversion of control container for the Java platform. The framework's core features can be used by any Java application, but there are extensions for building web applications on top of the Java EE (Enterprise Edition) platform.
Proposed outline:
I have a suggestion of an online regex tester (https://extendsclass.com/regex-tester.html) for the article "Introduction to Regular Expressions".
Proposed outline:
Outline (will work on these progressively, unlikely to cover all aspects in the first iteration):
TOC for the book chapter:
Remove all the <a id="overview"></a>
in section headings, because MarkBind already does this automatically for us.
.NET is a traditional platform used to develop Windows desktop applications. In recent years, with the help of the Mono project and Xamarin (formerly known as Xamarin Studio), .NET developer platform has been extended for building cross-platform apps on Android, iOS and MacOS as well. .NET also plays an important role in game development due to its use in Unity.
Rationale:
We currently do not have any resources directed at testing with JUnit 5. The SE-EDU Software Engineering for Self-Directed Learners book covers principles of testing (e.g. using stubs, differentiating between unit, integration and system tests), but does not cover how to write unit tests that make use of JUnit 5's powerful API library.
JUnit 5 has a wonderful user guide in place already, but (as I learnt from personal experience) the numerous terminologies would make it difficult for a new learner to Software Engineering to understand and make full use of the API.
Hence, I wish to write a book chapter that leverages on examples (that will be added to AB4 in the near future) and which bridges the theory in SE-EDU book with actual practice. This aims to be a good starting point of reference for future students aiming to write unit tests for a SE project in Java.
Outline:
The chapters on VueJs, NodeJS and React are not consistent with each other (content and structure-wise).
Suggestion: Make all three chapters consistent structure-wise at least. And as far as possible content-wise too.
One example of this happening is in this article -> click on Java Concurrency
. Seems like the .md
links used to work in the past, but are currently broken due to the website being generated by MarkBind.
This is an easy fix - we just need to replace all the broken links with a .html
extension.
Proposed outline:
The introduction to Python learning resource article doesn't cover the differences between 2.7.x and 3.x.
As a piece of introductory material to Python, it might be a good idea to cover these differences.
Many beginners often question why there are two widely supported versions, and what the differences are.
(Personally I advocate the use of 3.x, and 2.7.x only for legacy reasons)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.