Supply Chain Attack on XZ Utility: Lessons in Cyber Security

173: Mocking and Unit Tests

Intro topic:  Headphones

News/Links:

• Texas A&M University Physics Festival
  • https://physicsfestival.tamu.edu/
• Rust vs Cpp at Google
  • Lars Bergstrom (Google Director of Engineering): Rust teams at Google are as productive as the ones using Go and 2x those using Cpp
  • https://youtu.be/6mZRWFQRvmw?t=27012
• Is Cosine Similarity Really About Similarity
  • https://arxiv.org/abs/2403.05440
• Xz utils supply chain attack
  • Andres Freund at Microsoft
  • https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/
    
    

Book of the Show

• Patrick:
  • 80/20 Running by Matt Fitzgerald
  • https://amzn.to/3xyEKLo
• Jason: 
  • A Movie Making Nerd
  • https://amzn.to/49ycDJj

Patreon Plug https://www.patreon.com/programmingthrowdown?ty=h

Tool of the Show

• Patrick: 
  • Shapez Android: https://play.google.com/store/apps/details?id=com.playdigious.shapez&hl=en_US&gl=US
  • Shapez iOS: https://apps.apple.com/us/app/shapez-factory-game/id6450830779
• Jason: 
  • Dwarf Fortress
  • https://store.steampowered.com/app/975370/Dwarf_Fortress/
    
    

Topic: Mocking and Unit Tests

• What are Unit Tests
  • Balance between utility, maintenance, and coverage
  • Unit Test: testing small functions
  • Regression Test: Testing larger functions
  • System Test: End-to-end testing of programs
• What are mocks & fakes
• When to use mock vs. fake
• Mocking libraries in various languages
  • Python: https://docs.python.org/3/library/unittest.mock.html
  • Java: https://github.com/mockito/mockito
  • C++:  https://github.com/google/googletest