Community Workshop: Improving software quality in the .Stat Suite

May 5, 2023


Product excellence and especially quality assurance has been an important area of continuous improvement for the Community, so this workshop was extremely timely for Community members, partners, and invited experts to share their experiences, and contribute to the shaping of a vision for the Community strategy in the mid- and long-term.

The workshop brought together 54 participants from 16 organisations, in hybrid mode, to discuss non-functional and functional quality assurance. This third workshop concluded the series of workshops started mid-2022.

The workshop was articulated around two main topics:

  1. Non-functional quality assurance to minimise vulnerability through automated security testing​ and assure technical fit for purpose through performance testing ​and a scalable architecture.
  2. Functional quality assurance to reduce functional regressions and accelerate acceptance with automated functional testing: unit, integration, e2e, web accessibility.

Two interesting keynote speakers were invited: Michael Man from Veracode, who has more than 20 years of IT security experience and who founded one of the largest DevSecOps community meetups DevSecOps – London Gathering, gave a presentation on how to safeguard your software factory, with a special focus on measuring and monitoring quality assurance, “you can’t improve what you don’t measure”.

On the second day Liviu Lupei, Solutions Architect and Founder of Endtest, presented his insights on new horizons on the assurance quality, trends and challenges to watch out for. The most obvious trend is using AI, to help us work faster and smarter. But also the use of less internal tools, since there is a tool for almost anything today. And lastly, more consideration for accessibility and the question if it is as important as privacy?

The community concluded that a clear framework for security and performance is needed, which describes business scenarios, shared concrete objectives and priorities to complement the current well-established development processes. It was further suggested that a practice should be established for the Community members to contribute to the ongoing improvement of both security and performance. Another suggestion that emerged is that experts are to join forces and set up a platform to share information, experiences, and issues, to reinforce regular interactions and motivate learnings from each other. During the workshop the .Stat Suite team announced a new release management policy that will allow organisations to profit from security hotfixes for any major release for a period of up to one year from its release date.

The workshop helped to get a common understanding where the community stands in terms of quality assurance, highlighting the important work done, the level of quality achieved so far, especially in terms of security as well as defining the next steps and goals. Again, it appeared that the greatest strength of the community is the ability to co-innovate and co-invest according to a common vision by sharing resources, knowledge, and experiences