I’ve just opened up a new command shell, without thinking about it. Inside an Emacs session. Which is running inside GNU screen. Which is running inside Putty. Transparent? Clear as mud.
Month: November 2005
London Perl Workshop
Yesterday was the London Perl Workshop. Thanks to the joys of the british railway system I had to catch the 07:19 train from Brighton in order to make it in reasonable time. This included an extra half hour on the train due to “maintenance” being carried out. I was only diverted about 10 miles, you do the math. When I eventually arrived, I was there for about 3 seconds before bumping into Muttley who was worrying about the lack of signs. Apparently all the signs had been destroyed by a beer infestation the previous night. So I volunteered to go outside with Acme and guide people in to the main lecture theatre. I also bumped into mirod whilst standing there—I’ve been using XML::Twig for years, so there was plenty to talk about. Eventually, Mark turned up with the signs, so we went inside to the talks.
After a lot of faffing around trying to find U214, I got to Abigail’s first talk on Regexp::Common. It’s a repository of useful regexes (NB: I have no idea of the correct pluralisation). It can match things like numbers, URLs, email addresses, postcodes and a tonne of other stuff. But what’s really cool/scary is the interface. It acts as a string, or a hash, or a regex, or an object, or a function, all depending on how you use it. Naturally, it’s originally a DCONWAY production. If that wasn’t scary enough, you need to look at how it uses uses tied hashes to pass flags in when creating a regex, so you can adjust the details of how it recognises a number. I really need to go back and use this module in lots of places. What’s nice is the ability to extend it seamlessly without having to understand all the magic.
I popped back to the beginners track briefly to hear <a href="http://search.cpan.org/arc/”>Aaron Crane talk about Content Management at El Reg. Most of the talk appeared to be why they found Bricolage inappropriate and instead refactored their old system to come up with Troi, their custom CMS. What’s good to see is that they publish to static files and use rsync to distribute amongst several web servers. A great way of serving a lot of content. They also use SSI to do the page template, which is about as quick as it gets. I really liked the way that they use libtidy to get very clean HTML which then gets chucked through some XSLT to generate the final content. All in all, it sounded quite a neat solution. He did admit that there was no version control at all, but justified it on the grounds that there wasn’t a real business case for having it. Oh, and they’re still using Falk.de for advertising, but it’s apparently quicker now (yeah right).
After a quick nose through the O’Reilly stand outside (30% off! Woo!), I wandered back to the other room to hear Abigail on “Lexical Attributes.” I caught the end of the Parrot talk, but I don’t think that I missed much that I need right now. I also managed to discover from talking to <a href="http://search.cpan.org/nwclark/”>Nicholas that <a href="http://search.cpan.org/kane/”>Jos Boumans, due to speak next was not present due to unit testing the new licensing laws (unfortunately, it’s still very easy to say “ok” after several units of alcohol 🙂 )
Anyway, Abigails second talk was very interesting. He covered lots of problems with the standard way of implementing objects in Perl, and then set about trying to find the best way to solve them. He started out exploring the Flyweight pattern, and moved through several other ideas, before arriving at (more-or-less), Class::Std (aka Inside-Out objects). This appears to fix most of the problems, like good encapsulation. But he also went on to describe the <a href="http://search.cpan.org/abigail/Lexical-Attributes-1.4/lib/Lexical/Attributes.pm”>Lexical::Attributes module, which goes even further at solving the problem. The only catch: it’s a source filter. So, it turned out to be a nice possibility, but not good for production code. Wait for Perl 6 instead.
I have to praise Abigail as a speaker. Even though his slides have some odd colour schemes, he managed to get the point across swiftly and also managed to be brutally funny at the same time. He had the typical dutch poker face whilst producing very funny, brutal insults. Good stuff.
After this, I pottered off to lunch with Mirod and Maddingue. We found a nice looking cafe and found Robin Houston (with less hair than I recall) there as well, a nice surprise. It’s great to actually be able to talk shop with some new people a bit. You can’t really talk about computers in polite company without a lot of peoples’ brains dribbling out of their ears.
After lunch, I popped into the talk on Perl at the Sanger institute, but to be honest found it a bit uninformative. I already know something of both DNA and Perl and this didn’t tell me much new. As always with biological computing though, the numbers are terrifying: 350Tb disk, 450 node clusters for doing sequencing. Fun stuff. Naturally, the compute intensive bits are all in C, and Perl is just the glue. Sadly, there wasn’t much on Bio Perl, which would have been interesting. Although there was stuff on their derivative, ensembl.
Coming out, I picked up two new O’Reilly books. I was too tempted by the shiny “30% off” offer. I also overheard muttley frantically trying to locate MJD for the final talk…
Meanwhile, I went to see Casey West on “Using Attributes.” This is one of the few areas of Perl where I know absolutely zilch, so I was really looking forward to it. And in the first few slides, you could really see why this was part of the “Advanced Perl” track. The summary is that attributes let you attach arbitrary bits of code to a subroutine or variable. And you need to use Attribute::Handlers in order to avoid going insane. But it made it really easy to see how you could implement a
:Private attribute for an object. Pretty cool stuff.
Afterwards, back to the main hall to hear MJD. But I managed to catch the final 5 minutes of acme and Leo talking about MighTyV, their project that wone them a prize from the BBC. I wished I had heard the rest of that. They make a great double act.
Shortly thereafter, MJD arrived, completely spaced out from the flight over still. He was giving a talk on “Red Flags”—things you see in a Perl program that make you think “Hmmm, that doesn’t look right.” They seem similiar to bad code smells. Apparently, this was a 3 hour class usually, and he was trying to get through it in an hour and a half…
MJD started out by saying he wasn’t here to tell us how to do clever stuff. Merely how to make existing code better by thinking about simple things. “You don’t have to be clever to write good code” was his mantra. Most of what he talked about was a very simple example. He’d taken a script from usenet or Perlmonks or somewhere which copied files from two input directories into an output directory. A really simple task, mostly trivial, which sysadmins everywhere love to use Perl for. But the script had many, many flaws. Basically, everything was repeated twice, once for each input directory. So, in his words, he was going to “fix the hell out of it.” He went through lots of bits of it, pointing out the slightly daft bits, and how to pick up on them in general. Stuff like “For repeated variable names, use an array” and “for related variable names use a hash.” Common sense stuff, but things that are often missing in code that you happen to inherit.
His biggest lesson was “Repeated Code is a Mistake.” This is the same as the pragmatic programmers saying “Don’t Repeat Yourself.” While none of what he said was a cast iron rule, more a guideline, this came closest to being 100% enforceable.
Like Abigail before, MJD was an fantastic public speaker (which is probably why he gets paid to do it). Despite significant heckling from the audience (participation), he kept up the snappy comebacks. Very entertaining. In fact, nobody wanted to interrupt him at 17:30, so we ran on until 18:00. Sadly, I had to get away quickly in order to travel back to Brighton. I didn’t get in my front door until 21:00. 😦
Overall, I had a great day. I’m enourmously grateful to the sponsors for enabling such a fantastic event to be put on for free. It was a triumph for all concerned.
This mornings cycling
I went out a bit late this morning—9am. If I’d gotten out earlier, I could have cycled for longer without it eating into the remainder of the day’s activities. So I took a short ride, similiar to last weeks (which I failed to mentioned, but which was utterly freezing thanks to the fog).
First I went up to Devils Dyke. This was the only cold bit, thanks to the brutal wind along the top of the ridge. Because I hadn’t been going for long, I was still warming up as well. My arms were exposed and turned bright red in a matter of minutes. At the Dyke, I saw some parents taking their small girl for a walk, in the most fabulous pink wellies. Kids clothes are always so much more interesting.
I turned back from the Dyke and headed left down the path towards Saddlescombe farm. This was surprisingly dry. There was a bit of mud, but nothing serious. It started getting a bit slippery as I got towards the road about, but that was it.
Crossing the road into Saddlescombe farm, I went through the farm, to the left and up the path under the trees. Full of branches and rocks, as well as being quite steep, this was a bit of a sod to get up. I came off twice. Finally getting through that, I went into the open fields and the steep climb up Newtimber hill. That was good, with plenty of work required, but pretty good traction on the grass. No wheel spinning.
At the top of the hill, I turned right to start the journey back home. I went through the gate down a small path which didn’t look as overgrown as the last time I went through there. This was a shortcut in order to cut out about 500 yards of cycling. Silly mistake. I got half way through the path and it was nearly completely enclosed in brambles. Thankfully, somebody else had obviously realised the same thing at the same point and there was a large escape hatch in the hedge where the previous person (probably a pony actually) had cut through back to the main path.
From there it was a regular farm road all the way down sweet hill to waterhall playing fields. Unfortunately, this is where I really started to encounter the mud. I had been this way once before in a thunder storm with some friends and the chalk had really stuck to my wheels. But this time, the mud was like super glue. It didn’t just stick to my wheels, it stuck to itself very well. So that every few metres a large clump of mud would gather on the front wheel and wedge itself into the arches, bringing me to a complete halt. Very frustrating. Especially when it happens in front of some farmer unloading hay for the cows.
The end result was that I had to repeatedly cycle for a few yards, and then shake the bike to clear the mud off for several hundred metres. Grrr. As I turned into the final downhill stretch of Sweet hill, I hit tarmac and managed to shake off some of the mud. But even when I got home about 10 minutes later, I still had more mud on my bike than I’d managed before. So I had a lovely afternoon cleaning mud off the bike. What a bonus…
The Wrong Defaults
Aristotle points out a post from Anne van Kesteren about draconian error handling. FWIW, I agree with Aristotle. But both of them are really missing the point.
The simple fact of the matter is that the defaults in all of our tools are wrong. Yup, you heard right.
When you’re working with some server-side framework, variables are almost invariably output as-is. If you need to include data from a source that might contain angle brackets or ampersands, you have to call a function first to escape the output before inserting it into the page. Some frameworks (eg: rails) attempt to make this easier by reducing it to a single character (the h function).
But the simple fact of the matter is that it’s the wrong defaults. The default should be to escape everything that’s output, unless the programmer asks otherwise. This is the only way that we will start seeing a reduction in Cross Site Scripting attacks.
The fact that I can flip this default is one of the reasons that I like working with HTML::Mason, even though it’s otherwise a bad mix of code and template.
The SQL guys learned years ago that if you rely on programmers to do the escaping, they won’t bother half the time. Result: lots of applications with SQL injection attacks. The solution: placeholders. Make it simpler and easier to do the correct thing and the problem goes away.
Sadly, I don’t hold out much hope for this being achieved.
FreeBSD Crash Dump Analysis
Unfortunately, I had a crash earlier on my FreeBSD server. It’s probably due to bad hardware. But I decided to take a look at the dumpfile anyway. The best resource is the FreeBSD handbook section on Debugging a Kernel Crash Dump with kgdb. That’s invaluable.
Sadly, it didn’t tell me much:
Fatal trap 12: page fault while in kernel mode fault virtual address = 0x8 fault code = supervisor write, page not present instruction pointer = 0x20:0xc04c8f79 stack pointer = 0x28:0xd13ddb44 frame pointer = 0x28:0xd13ddb54 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 864 (squid) trap number = 12 panic: page fault
So at the time, squid was sitting around waiting for things to happen (the stacktrace showed it as being inside
poll()) and the machine blew up. Darn. Ah well, the standard response is to just
make world and try again.
London Perl Workshop
The list of talks for the London Perl Workshop is now up. There’s only one problem: two tracks, one me. I really want to see both. I’m kind of curious about bits of stuff in the advanced talk (attributes in particular, I need to know more about). But there’s stuff in the Learning Perl track that I really need to look at, like “Packaging Perl Applications.” And yet the amusement factor of “Barely Legal XXX Perl” cannot be denied.
I sense much flicking between talks ahead.
Yesterday, I went to Comic Expo 2005. I couldn’t really miss it seeing as it was in town. I wish I’d gone on Saturday as they were screening some great films (including Grass Roots) and had Dave Gibbons doing a session. And Harry Harrison too. Never mind. I did get to see Mark Millar instead, which was cool.
Unfortunately, I forgot to buy tickets ahead of time, so it cost £10 to get in. Bleargh. This was further compounded by my purchasing several new graphic novels. Needless to say my £50 that I’d got out didn’t last long.
The highlight of the show was watching Gilbert Shelton draw Fat Freddy’s Cat in front of me. Being completely unartistic myself, it was absolutely magical to see it all appearing right there in front of my very eyes.
I loved the Dalek that was wondering around as you walked in. Very flashy & noisy, just like a happy pet.
I was very glad to see Weebl had a stall selling DVD’s and soft toys and stuff. Nice to see the lads and I picked up a DVD from them, which I’d been meaning to for ages.
I was amused to see David’s Comics present. Their stall seemed to be about three times the size of their shop in the laines. 🙂
The worst bit was the interior of the Metropole. As one of the two “top hotels in Brighton”, the decor was a little bit shabby in the conference area. There were bits here and there with wallpaper peeling. Not awful, but definitely ranks a “could do better.”
Anywhow; I sure hope that they come back next year!
Web Frameworks Evening
On thursday, I attended the London Web Frameworks evening, basically because of the large london.pm contingent. There were three speakers for the evening: Matt Trout on Catalyst; Simon Willison showing off Django and Matt Biddulph exploring Rails. All this was happening in the large lecture theatre (really! That’s its name!) at the University of Westminster.
First up was Matt Trout. He pointed out that there are over 120 CPAN modules covering Catalyst, and only 25 minutes for the presentation, so he skipped a few. 🙂 Catalyst is billed as an “Elegant MVC web framework.” In practise, it seems to be somewhat Rails-like (it has the standalone web servers, the testing stuff and the generator scripts), apart from the fact that it’s more or less completely agnostic about the Model and View bits (and the environment in which it runs). And it likes plugins. A lot.
For the Model stuff, the most popular plugins are Class::DBI and DBIx::Class. But there are more, including stuff like LDAP, Subversion and Plucene.
The views are a similiar situation. The most common plugin is Template Toolkit, but there’s also support for Mason and HTML::Template, as well as a lot of other less used stuff, including PHP!
Again for authorization and authentication, there are plugins for pretty much anything that you would want: Databases, LDAP, PAM, Radius, Samba. The list goes on. Apparently, Catalyst has its own internal implementation of Roles and ACLs, but Matt didn’t go into much detail on that. When it comes to deployment, there are plugins for every option (Catalyst calls them Engines): Apache, Apache2, FastCGI, and a standalone server using HTTP::Daemon.
Probably the most important plugin mentioned was Config::YAML, which lets you configure the site using textual config files.
Other good points include the nice use of subroutine attributes and excellent testing support. And the packaging support making it very easy to distribute your applications.
Second was Simon Willison. Django is a relatively new Open Source project, but it’s been in development for about two years. It seems to be more designed around CMS needs, although it’s pretty flexible. Simon was a co-creator on his placement year. It was originally designed for running lawrence.com, an entertainment site for a small university town in Kansas.
Much of Django appears to have parallel evolution with Rails. They’re about the same age and they seem to have more-or-less independently arrived at the same solution.
Django philosophy: Less code; Loose coupling; Explicit over implicit (very pythonic); Consistency; Efficient SQL (raw SQL is encouraged where it provides benefits); Cool URLs.
Interestingly, Django implements its own ORM, instead of using something like SQLObject. As part of this, it does all the schema definition in Python, so it should be readily portable between databases. Apparently it already does the usual suspects: MySQL, PostgreSQL, SQLite.
One tiny feature which I really like is the ability to raise an HTTP status as an exception.
The templating language they use is something that was written specifically for Django. Apparently it was “inspired by Smarty” which in turn was inspired by Template Toolkit. How the wheels turn…
They have this feature called “Middleware”, which basically looks like stackable input/output filters.
The Django people are really big on getting the community involved in the design. They’ve already had a lot of translations and a large refactoring of the admin screens from the community. Because the deployment of Django is so small at this stage, they’re quite willing to break backwards compatibility if you can argue a good case.
Lastly, Matt Biddulph came up to talk about Rails. This was particularly interesting because unlike the other two people, he’s not a rails developer at all, he’s a rails user. And only for 3 months at that. This gave him a very good perspective on it, as opposed to “it’s all shiny!” He also acknowledged how good the Rails people are at marketing—nearly everybody in the audience knew something about it.
Rather than specific technical details, he talked more about the Rails philosophy. Stuff like “Convention over Configuration” and Rails being “Opinionated Software.” He came up with the phrase “The golden path”—which is how to develop in a Rails like manner. It’s possible to stray from it, but your life gets harder. Rails is very well integrated, with a clear direction.
Bits that he noted as being particularly useful: The Generators, which help point you in the right direction. The ease of Ajax integration. The really useful console and breakpointer scripts (which I wish I had in Perl for work).
He also outlined some good “Gotchas” for Rails. Stuff like the pluralisation sometimes being surprising—“try adding or removing an S if something doesn’t work.” The fact that Rails lazy loading can lead to some really inefficient SQL. Generally, Rails can be quite slow (compared to MySQL). And Ruby in the templates, which could end up being very chaotic (although he did point at Liquid as a new and better alternative).
Matt had a demo app with him—the BBC Programme Catalogue. This is a new interface to all the BBC’s programme metadata. The BBC librarians have been maintaining this enourmous amount of information for years, and it’s now getting a shiny new web frontend. Did you know it takes 8 hours for a single person to fill in the data for a single episode of Newsnight? Incredible. Anyway, he’s done an incredible job of getting all that data into Rails. The interface is still sucky, but will get a makeover before being released to the hounds^Wpublic early next year. I can’t wait to get my hands on that data.
After that, there was really only time for one question. Muttley piped up with “What do each one of you guys want to steal from each other?” Djangos admin screen’s were the main ones. Generally, they all feel that they would steal any useful features that they could from each other. Isn’t cross fertilisation great?
Unfortunately, I had to rush off afterwards to catch a train. Otherwise I would have enjoyed going to the pub with them all to talk over the bits some more. Anyway, my thanks to Dean Wilson for organising all this. Great to hear about things going on out there. See you all next weekend at the London Perl Workshop, I guess!
We’ve just got back from an evening at Circus Oz. Absolutely fantastic entertainment—great costumes, stunning performance and wickedly funny. If you get within a hundred miles, go and see them! And no, there were absolutely no animals. Excepting the hooman variety.
Best bits? A stunningly agile and graceful performance from Mel on the hoop. Oh, and the utterly fabulous percussion / juggling combo from Sosina. Maybe Captain Frodo going through two tennis rackets. I loved Scott doing his bmx routine. But it’s a damned hard choice to make—there wasn’t a duff part in there.
The other day, I released <a href="http://search.cpan.org/hdm/Log-Dispatch-Atom-0.02/lib/Log/Dispatch/Atom.pm”>Log::Dispatch::Atom. Originally, I just wanted to log messages to an Atom file, so I could get my web app to record errors that I can pick up through my feed reader. But I haven’t gotten around to implementing that yet.
About half way through writing it, I remembered the <a href="http://search.cpan.org/drolsky/Log-Dispatch-2.11/lib/Log/Dispatch.pm”>Log::Dispatch module. So, when I was happy that the module was working OK, I refactored it to be usable by Log::Dispatch (which was very simple—a testament to the simple design of Log::Dispatch::Output).
Anyway, I’ve now released Log::Dispatch::Atom to CPAN, for all your feedy needs. Almost. At the moment, it’s still a bit too easy to create Atom feeds that the feed validator doesn’t like. I need to have a bit of a think about the best way to get things like “id” in there for each log message. But it should still be usable for now.