Systems, computer-implemented methods, and computer program products that can facilitate generating and applying meta-policies for application deployment environments are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a state analyzer that can analyze a first application deployment environment to identify a first configuration of the first application deployment environment. The computer executable components can further comprise a policy generator that generates a meta-policy based on the identified first configuration.

A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Computer code is received that is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment. A compiler performs static compiler analysis on the computer code. The static compiler analysis includes referencing a security policy defining one or more unacceptable program behaviors. During compile time at the compiler, runtime security checking functionality is performed leveraging compiler extensions, type information, and environment specific compile context. Results of the static compiler analysis are used to indicate when execution of the computer code would result in performance of the one or more unacceptable program behaviors. The one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL.

A computer system is configured to analyze a codebase containing source code and specification of intended behavior of at least a portion of the source code. The analysis of the codebase identifies a callsite of a method within the codebase, obtains a set of bounds associated with one or more parameters being passed to the method at the callsite, and identifies a set of specification associated with the method. The set of specification includes at least a precondition specifying an intended behavior of the method. The method is then analyzed based on the set of specifications and the set of bounds to determine whether the method deviates from the intended behavior specified by the precondition. The computer system then visualizes a result based on analyzing the method.

Computerized systems and methods for managing API information. An exemplary method includes receiving an input from a user device associated with a first computer system, the input not including identity of a second computer system. The method includes determining a target API based on the input, the target API being the second computer system's API. The method also includes determining whether a user of the user device has access to the target API. The method includes retrieving documentation of the target API from an API database if it is determined that the user has access to the target API. The method includes providing the user device with the retrieved documentation.

A computer-implemented method of monitoring programmatic containers (containers) through executing a computer program in a kernel space is disclosed. The method comprises storing trace data in a memory buffer that is shared by the kernel space and a user space, the trace data being related to execution of a process associated with a container at an execution point of the process. The method also comprises retrieving container data related to the container through raw access of one or more kernel data structures when execution of the process is stopped. In addition, the method comprises storing the container data in association with the trace data in the memory buffer.

Techniques for component-based software engineering, and more particularly, to techniques for enhancing component based development systems by making components self-aware with respect to the applications that they may be consumed in or other peer components within the applications. An exemplary technique includes determining an addition of one or more components to an interface of an application; identifying an asset definition within metadata of a component of the one or more components added to the interface of the application, where the asset definition provides self-wiring or self-configuring instructions for an asset that needs to be created for the component within a predefined scope when the component is added to the interface; and creating the asset for the component based on the asset definition.

Techniques are disclosed for associating environmental condition information with a software component so that the environmental conditions can be automatically verified when a software package containing the software component is deployed. As a result, environmental conditions can be established when a software component is initially developed by the operators who may be best-suited to determine appropriate environmental conditions. Further, environmental condition enforcement can be performed automatically at the time of deployment, without human intervention. For example, when the software component is about to deployed, a deployment system can automatically examine the information about the target environment to verify that target environment satisfies the encoded environmental conditions.

A three-dimensional data encoding method includes: generating an N-ary tree structure of three-dimensional points included in three-dimensional data, where N is an integer greater than or equal to 2; generating first encoded data by encoding a first branch using a first encoding process, the first branch having, as a root, a first node included in a first layer that is one of layers included in the N-ary tree structure; generating second encoded data by encoding a second branch using a second encoding process different from the first encoding process, the second branch having, as a root, a second node included in the first layer and different from the first node; and generating a bitstream including the first encoded data and the second encoded data.

Described herein is a computer implemented method. The method comprises executing an application defining a feature flag, the execution of the application being associated with a user identifier. The method further comprises determining if version data associated with the feature flag and user identifier is stored in a local data store. In response determining that the version data associated with the feature flag and user identifier is stored in the local data store an evaluation request is generated that includes the version data and the user identifier. The evaluation request is then communicated to a feature flag evaluation service.