Agile: A project management methodology that is especially popular in software development projects but can also be used in other sectors.

Algorithm: A sequence of steps or operations that are created to solve a problem.

AppSec: Application security: the complex art of protecting software from being compromised by removing vulnerabilities that could be maliciously exploited.

Backlog: In the Agile methodology, a backlog is list of deliverables that need to be created for a given software development project.

Black box testing: Testing the functionality of a software product without considering (or having any knowledge of) the underlying code.

Changeover strategy: A planned process for changing from one way of doing something to another (e.g. moving from a paper-based accounting system to a computerised one).

Class: A software ‘capsule’, consisting of interrelated properties and methods that relate to a particular ‘thing’ that exists (e.g. a car, a person or a bank account).

Client-side: Where the actions take place on the user’s own computer system (e.g. JavaScript running within a web browser).

Codebase: The collective term for the various files and lines of code in a computer program.

Commit: To confirm changes and make them permanent, particularly in version control; can be used as a verb or a noun.

Compilation: The process of translating source code into machine code for the CPU to execute.

Construct: A building block which is used in the development of a program. They are sequence, selection (choice) and iteration (loop).

Container: A data type which groups together multiple data items (e.g. an array, a queue or a stack).

Development environment: The working platform (hardware, operating system etc.) on which program code is initially written and tested by the software developer.

DevOps: The practical combination of software development, IT operations and quality assurance in order to produce high-quality software.

DevSecOps: The same as above, but also focusing on application security.

Encapsulation: The process of combining the attributes and methods of an object (which forms a class).

Enterprise glue: Programs or scripts that connect different parts of a system together to form a working data pipeline or process.

Environment tier: Different contexts where software is developed or used. For example, a sandbox has a full working version of a system, including its data, but is isolated from the live version currently available to users. This allows the developer to experiment with the components of the program without affecting the live version. See also Development environment; Production environment; Staging environment.

Evergreen: Something which is considered always relevant. For example, evergreen content on a website does not become dated.

Floating-point number: A number with a decimal part (e.g. 31.56).

Formative testing: Testing which is carried out on code while it is being developed.

Functional programming: A programming paradigm where data processing can be completed using many different functions in concert; a popular aspect of data-mining techniques.

Heap: Free memory which is allocated dynamically by a programmer at run-time and is larger than the memory afforded by a stack.

HTTP request: Part of the communication between a computer and a server which uses the Hypertext Transfer Protocol. A request is usually followed by a response.

Instantiation: The process of creating instances of a class as individual objects.

Integer: A whole number with no decimal part (e.g. 101).

Interoperability: Compatibility of a new system with other existing components, products or technologies. This is typically a result of different organisations working to shared standards.

Language: A set of computer instructions (such as C++, PHP, Python or Visual Basic) that are used to create applications, programs and apps. The syntax of languages invariably differs, although they have common constructs and parallels can often be found.

Library: A collection of functions and methods with a common theme (e.g. a maths library containing prewritten mathematical functions, or a string-handling library with functions to manipulate the string data type).

Linting: The process of checking for common coding problems (such as badly chosen variable names, inconsistent logic or the presence of unused variables).

Minimum viable product (MVP): An MVP will do a basic job, but it would benefit from refinements with additional functionality or the incorporation of emerging technologies.

Modularity: The process of dividing a problem into small, manageable chunks so that they can be developed individually and then merged at the end to form a software product.

Namespace: This term is used as a container for constants and variables. It defines the scope in which these items can be accessed.

Object-oriented programming: A software approach which is based on the concept of modelling the ‘things’ which interact in the real world. These things may be physical, such as people, or logical, such as a bank account.

Operator: A symbol (or symbols) which tells a compiler what to do to produce a result. A ‘+’ will add two numbers together. A ‘<=’ will check whether the number on the left of the symbols is less than or equal to the number on the right and will produce a result of true or false accordingly. Operators are sometimes overloaded to perform different actions on particular data types – for example, for strings, a ‘+’ may mean concatenation.

Pair programming: An Agile software development technique which involves two programmers working together on a single problem at the same terminal.

Procedural programming: A programming paradigm where problems are solved using a defined set of instructions.

Production environment: A live system where a software solution is executed.

Requirements specification: A blueprint for a software development which sets out what the final product should do, often separated into ‘must haves’ and ‘desirables’.

Run-time library: A set of routines which are needed when a program is run to manage the behaviours of the program in the executable environment.

Scrum: An Agile framework that is based on the acceptance that a customer’s needs will change over time. This enables software developments to flow and change, rather than sticking to a rigidly defined plan. It results in short iteration cycles which deliver new/changed products as quickly as possible.

Server-side: Where the actions take place on a remote server rather than on the user’s computer system (the opposite to client-side).

SQL injection: An aggressive hacking technique which exploits vulnerabilities in programming code by allowing malicious code to be run by modifying the purpose of existing SQL statements. Often occurs when HTML form-based inputs are not correctly sanitised before processing.

Stackframe: Data which gets pushed onto the stack when a function is called. It normally contains the actual function call, its arguments and local data.

Stacktrace: Sometimes called a backtrace, it is a reverse chronological listing of functions called at the point when a run-time error/exception occurs; it helps the software developer to determine the root cause of a problem.

Staging environment: A duplication of the hardware, operating system and so on that a software product is designed to be used in. Unlike a production (‘live’) system, it is not in the public domain and can therefore be used for realistic testing.

Summative testing: Testing which is carried out on code once development is complete to check it meets the client’s requirements (among other things).

Superset: Enhanced or expanded features in a programming language.

Syntax: The written elements, structure and rules of a programming language.

Toolchain: A group of programming tools which are used together to perform a complex programming task; often includes the editor, compiler, linker, debugger and so on.

Unit testing: Testing small parts of a program (such as individual functions) using a white box testing approach to check the accuracy and performance of an individual component.

Virtualisation: The creation of a non-physical version of a computer system on a host, including its operating system and underlying hardware.

Webhook: An automated process which is executed in response to an event occurring on a website (e.g. a developer pushing their code to a remote repository or a customer submitting a complaint via an online form).

White box testing: The process of testing the logic of the program. This means that each pathway through the program (each selection and each loop) is individually tested for all possible routes to make sure that each works as intended. For example, it might test that every option on a menu executes when chosen and that the ‘exit’ option closes the program. The functionality is not relevant at this stage (that will have been tested in black box testing).