I'm building a software using SDK provided by third party software. To secure the application that I build, I must set correct values in some attributes in the SDK. I'm thinking of building a wrapper around SDK which would ensure correct properties in the SDK are set. Only challenge with the approach is making sure other developers helping me to build the application would always use the wrapper as an abstraction layer rather than using the SDK directly downloaded from third-party repository.
I was initially thinking of using Software Composition Analysis (SCA) tool. But I couldn't find a SCA tool helps to block direct use of a third-party library instead of using SDK wrapper/abstraction layer.
What is the best way to solve this problem?
Thanks
Related
Is there anything available for Haxe which would be suitable for real-life enterprise application development? (i.e. A professional high level UI component framework.)
Just a note - I know we all love our tools of choice, but please try to keep it objective.. don't just recommend Haxe for something without thinking about whether it's really an effective tool for business requirements.
On one hand, as Jason suggested in his comment, there is missing a haxe-based native UI framework.
On the other hand, we don't really need a haxe-based UI framework, but using the UI framework available to the target platform is enough. Unlike building a library, which is better to be target independent, building a "real-life enterprise application" only requires targeting a specific platform. Since UI is highly dependent on the target platform, it means that we should use a target-specific UI framework. For example, the best UI solutions to an web app are probably jQuery, ReactJS, AngularJS etc., which all can be used in Haxe (jQueryExtern, react.hx, angular.haxe). For Flash/Java/C#, we can simply use any "native" libs by -swf-lib path/to/lib.swc, -java-lib path/to/lib.jar, and -net-lib path/to/lib.dll. For C++, however, although there is continuous improvement (watch the wwx2014 talk), it is still somewhat hard to use native libs.
We are making games in haxe + OpenFL + StablexUI. Not sure if it suitable to post their urls, so that you could see the quality. But it helps if you need your custom ui not native (iOS, Android).
We have an app written in Objective C. It uses CoreData, RestKit, about 10 viewcontrollers.
We would like to migrate it to Xamarin (so we can target Android and Windows).
I was hoping there was a way to bind the current code to a Xamarin solution and kind of rewrite features step by step within Xamarin (eg: replacing a viewcontroller at a time, and at the end replacing RestKit+CoreData, by SQLite + ServiceStack).
I am aware of the binding to Objective C option that they provide, however, it doesn't look to be the appropriate fit for this (way too complex, probably easier to rewrite the app from scratch).
Is there a way to migrate our current project to Xamarin so we can convert? or do we start from scratch?
Thanks.
Options:
Migrate full project - no;
Automatically create binding for libraries, rewrite business-code, UI-code - yes;
Rewrite from scratch using .Net/Mono classes - yes.
If code size is relatively small, you should rewrite the whole app. Moreover, thus you could have a chance to separate business-logic from UI code and tools libraries (RestKit, CoreData). In perspective, that code will be more reliable and cross-platformish.
This tool can help. It does Obj-c to C# translation (some manual cleanup required):
Automagical
Quite probably, a re-write, from scratch. One thing to keep in mind, if your back-end is .net.. and you are using DTO's.. like with AutoMapper from Entity Framework objects.. you'll be able to re-use those DTO objects on your mobile side with Xamarin. If you are using OData, I'm not sure if this is still a problem, but Xamarin studio wasn't generating OData service clients. So you had to generate them in Visual Studio, then take the generated client code and throw them into your Mobile projects.
sqllite-net is awesome. I've never had any problems with it.
https://github.com/praeclarum/sqlite-net
I currently have a project, with DTO Objects from an Azure WCF service, that I push directly down into SQLLite objects on IOS and Android with Xamarin. I use RestSharp, rather than Service Stack. I should probably go learn the difference.
If you are looking to use SQLCipher from the Component store, to encrypt your sqllite db locally on your device (Good advice to do so), you should be aware that there is an issue in android.. going to 2.2 or 2.3 with SQLCipher. Works for ICS and above though, if I remember right.
Just be careful on your security implementation for allowing clients to connect. I want to say.. don't take too much advice.. and don't take too little either. : )
I want to track usage for my Cross Platform Apps developed with the Xamarin Tools (MonoTouch, MonoDroid, Windows Phone) with Google Analytics. While there is a MonoTouch binding around, it seems I need to create the MonoDroid binding myself (see this hint). I've not jet investigated WP.
Because some of my tracking takes place in the shared code between platforms --- and for general ease of use, I am looking for a common library to be utilized in all three projects. Is there something like this around? If not, is there some hidden problematic why such a library can not easily be created?
I know this is an older thread, but I thought that I would add that there is now a component for Google Analytics: http://components.xamarin.com/view/googleanalytics.
You should be able to make the Google Analytics requests yourself, using Google's API in C#.
This would work on all three platforms, but I have not found an open source project for this. There are several code examples, online however, here is a link.
I found a native C# implementation which generates the tracking requests by itself instead of wrapping the platform specific tracking libraries from Google into a common API: https://github.com/maartenba/GoogleAnalyticsTracker
Unfortunately the code does not accumulate tracking requests to dispatch them in intervals, but for my purposes it's sufficient.
There is also another implementation where tracking methods and request dispatching are separated (but not carried out automatically): http://www.diaryofaninja.com/projects/details/ga-dot-net
Is it possible to develop a Web Part without usage of .NET technologies? I'm looking for possibilities of integration of legacy (for example java) applications into SharePoint.
Any valid way for .Net CLR to call your code will do what you want. However with that said, it is likely to be very low level, very obscure and very difficult to do.
A more straightforward approach to reusing your Java or whatever code was if there was some sort of public cross language interface for you to exploit in your .Net skeleton. The obvious answer is a REST or SOAP wrapper around the Java code but it doesn't have to be that. It could be CORBA or JMS or all sorts of things.
Even if you want to integrate Java apps, the web Part will be coded in .NET.
There are a few ways to accomplish this, all of which involve a .NET web part exposing external data. All of your common integration methods apply including exposing the legacy application through web services or even directly accessing the database - you could use whatever your organization is accustomed to with other integrations.
Another possible option, depending on your SharePoint version is the Business Data Catalog (2007) or Business Connectivity Services (2010). These options, while can be a little bit of a pain to set up (though third party tools are available) do allow for some automatic integration of other applications into SharePoint.
I want to use the Web Platform Installer to perform installations and manage dependencies, but because we store version information in a database, the options for discovery that are supported by the WPI won't work for us.
Based on what I've learned so far setting up a custom feed, I don't even know how you would inject any sort of custom logic into the application, but I thought I'd better throw a question out here before I give up.
Is it possible to add custom logic for how the Web Platform Installer discovers which services have been installed?
Thanks!
As far as I've been able to tell, this is not possible. We ended up coming up with a custom solution to fit our needs.
For those interested, chocolatey (http://nuget.org/List/Packages/chocolatey) is another great utility for custom installations.