On F.lux

January 5, 2012 § Leave a comment

F.lux is a great little tool that changes the temperature of your screen to match the room you are in, syncing with the sunrise and sunset automatically and adjusts your screen to optimal levels. It’s a subtle difference but one that my eyes are very happy about.

On Personal Configurations

January 3, 2012 § Leave a comment

In a lot of the Rails projects I work on we use yaml files to set up configuration variables, things like domain urls, facebook and paypal keys, smtp configurations and many more. A lot of these can be different across different environments. The domain we use in our development environment might look like where in production it would look like awesome.com. We use Rails’s database.yml as a template for the rest of our configuration files, so an example of our config/config.yml might look like this:

  name: AppName
  push_endpoint: http://lvho.st:8080/app/cometd

  name: AppName
  host: lvho.st:3000
  push_endpoint: http://lvho.st:8080/app/cometd
  user_dev_tweaks: false

  name: AppName
  host: sweetdomain.com
  push_endpoint: http://sweetdomain.com:8080/app/cometd

We then slurp the current environment’s settings into a global constant in config/application.rb with the following:

CONFIG = YAML.load_file("#{::Rails.root.to_s}/config/config.yml")[::Rails.env].symbolize_keys

See all of the code in the gist for easier reading.

On Riding the Latest Rails

December 29, 2011 § Leave a comment

Note: I wrote this up a few weeks a go, but didn’t publish it for some reason. It is a touch out of date since Rails 3.2 RC1 was recently released, but should be close enough to give you a good idea on how to get up and running on Rails master.

I wanted to play with the latest and greatest for Rails, which at the time of writing is 3.2.0.beta (RC 1 is now out). This means building and installing the rails gem locally. It took me a good while to figure out how to get everything working, so I figured I’d throw it down here for future reference… and for anyone else running into the same problems I did.

I am using rvm to isolate my different gem set ups, so as not to get random version conflicts. These are the lists of commands with notes I ran to get everything up and running:

# create a new gemset to use with rails master
rvm gemset create rails-master
rvm gemset use rails-master

# this is where I am going to put all of the git repos
cd ~/src

# Rails 3.2.0.beta requires the most recent (as in master)
# versions of arel and journey

git clone git://github.com/rails/arel.git
cd arel
gem build arel.gemspec
gem install arel-*.gem

cd ..
git clone git://github.com/rails/journey.git
cd journey
gem build journey.gemspec
gem install journey-*.gem

# now get Rails
cd ..
git clone git://github.com/rails/rails.git
cd rails

# install all of the Rails pieces,
# i.e., ActiveRecord, ActiveSupport, etc...
cat RAILS_VERSION | xargs ruby install.rb

# check to make sure you are riding the correct rails
ruby -r 'rails' -e 'puts Rails::VERSION::STRING'

You can get just the commands in a gist too.

On My Projects Becoming Obsolete

December 27, 2011 § 1 Comment

Rails 3.2 RC1 was released last week and it announces some pretty cool new things. One of those things is something that I have played with building out myself (tagged logging) and another is something I actually did (ActiveRecord Store). When I wrote my data-attributes gem, I was inspired to do so because I had a users table that had an ever-growing number of email permission checks. I never queried against these, and they made doing a SELCET * FROM users; really painful to try and read. I decided to just throw them all in a serialized column and be done with it.

When I first read the release notes for 3.2 I had two thoughts go through my head.

1) Well, crap. data-attributes is now dead and useless. (yes, I use <code> tags in my head)

2) Awesome, the solution I came up with for a problem I was having is the same one that the Rails team came up with. Maybe I might know a thing or two about what I am doing.

But as I started to compare the new ActiveRecord::Store with data-attributes, I began to realize that my little project isn’t dead quite yet. The accessors generated by the store call with AR::S aren’t full attribute accessors. By this I mean they don’t go through read_attribute and write_attribute before committing the new data to the serialized hash. This prevents you from intercepting the accessor call and doing some pre/post processing. You also don’t get default values as with other attribute accessors. Definitely not a huge deal in the least, but something to be aware of. AR::S does mark things as dirty though. data-attributes does not do this as of yet.

As for the future for of data-attributes, I think that it is actually dead in the long run. If I were to work on this problem more in the future, I’d probably do so by adding the AR::S instead of continuing working on data-attributes.

On Why id is Faster

November 14, 2011 § 1 Comment

Database performance is always something that has fascinated me. Not on a admin level, but from the point of view of a developer. Even with a stock database setup there are things that a developer can do to help optimize access. If you do any middle or backend web development you will be familiar with running queries against a database. You will also be familiar with how adding indexes on the commonly queried columns of your tables can increase performance. But it turns out, that not all indexes are created the same.

I have been working with the InnoDB storage engine of MySQL in a Ruby on Rails web development for a while now. Over the years I began to noticed something but was never able to figure out what was causing it . When ever I would queries tables using the id column, The queries would return much faster than when I queried against some other indexed column, even if that column was an indexed integer. For those not familiar with Rails conventions, every table is created with an integer column, id, that has the table’s primary index placed on it. It is auto-incrementing so every row has a unique value, a requirement of it being a primary key. Now the InnoDB constructs the primary key in a special way, using a clustered index. What this means is that the primary key index points directly to the page the row data resides on either on disk or in memory. Non-clustered, or secondary indexes, point to the primary key instead of the row data. This little bit of indirection cause the secondary indexes to be slower than a look up on the primary key.

It’s always satisfying figuring out the reasons behind behavior you do not initially understand.

For some more information you can check out the MySQL Reference Manual. This investigation was prompted by an answer to a question I posted on Stackoverflow about partial indexes and the group by operation.

On Not Rolling Your Own Verification or Encryption

November 10, 2011 § Leave a comment

When developing code, there are somethings that you should leave to the experts. Encryption is one of them. When I wrote my encrypted cookies and encrypted cookie sessions gems, one of the the things I didn’t want to do was write any sort of encryption routines. Luckily ActiveSupport has some help in the way of ActiveSupport::MessageEncryptor. It’s used much like ActiveSupport::MessageVerifier which is used for signed cookies in Rails. People much smarter than me have put these pieces together, so it just makes sense to use them. Almost nothing good can come from trying to do this stuff yourself. Here are some examples of a verifier and encryptor being used.


> secret = ActiveSupport::SecureRandom.hex(10)
 => "379af645b8dcce20b607"

> verifier = ActiveSupport::MessageVerifier.new(secret)
 => #<ActiveSupport::MessageVerifier:0x00000103d7ce50 @secret="379af645b8dcce20b607", @digest="SHA1">

> signed_message = verifier.generate("sign this!")
 => "BAhJIg9zaWduIHRoaXMhBjoGRVQ=--af1e810b074b1abd6d9dcd775f71b1fafa53c218"
# this is "<base 64 encoded and serialized string>--<digest of string>"

> verifier.verify(signed_message)
 => "sign this!"

> verifier.verify(signed_message + "alittleextraontheend")

> verifier.verify("alittleextraatthebeginning" + signed_message)


> secret = ActiveSupport::SecureRandom.hex(20)
 => "c1578de6ec2e1789940729dc9d97b335fc7df588"

> encryptor = ActiveSupport::MessageEncryptor.new(secret)
 => #<ActiveSupport::MessageEncryptor:0x000001295337c8 @secret="c1578de6ec2e1789940729dc9d97b335fc7df588", @cipher="aes-256-cbc">

> encrypted_message = encryptor.encrypt_and_sign("Nothing to see here...")
 => "BAhJIl9YbDZkK0czS3o0ZkI0Yml6K05uYzgzM05meDJjWWU4QWh0YzdFeFFrbC85b3BocHFORWtRWXdDVWIxaW45TEQ5LS1yVkxGTURJYzFWb2pva0UrVkkwTkFnPT0GOgZFRg==--e61e02a818960d66c7865f5624fad63b1564283f"

> encryptor.decrypt_and_verify(encrypted_message)
 => "Nothing to see here..."

If your secret is too short you’ll get a OpenSSL::Cipher::CipherError. Make sure your secret is at least 32 bytes. Using ActiveSupport::SecureRandom.hex(16) should satisfy this requirement, but obviously longer is better. You can also pass in a :digest => <digest> option as a second argument to both initializers to specify a different algorithm to use.

One of my thoughts is to submit these two gems into Rails so that people don’t make the mistake of trying to roll their own encryption systems for cookies. We’ll see how it goes.

On New Milestones

November 7, 2011 § Leave a comment

Earlier this year I got the itch to start doing some open source stuff. I hadn’t done anything of the sort before, so I didn’t really have any idea where to begin.  There have definitely been some bumps along the way, but I think that I have made some progress.  Looking back on my progress I identified a few milestones I hit along the way.  They weren’t obvious at the time, and I certainly can’t say that I meant to achieve each one, but I can clearly see them now.  Each one helped me a little more on my way to being an open source contributor.  Each one also elicited different thoughts and feelings.  Now in no particular order and mostly for me to remember what I was thinking…

First Repository Uploaded to GitHub

I signed up for GitHub back at the end of 2008.  I forked a few repos here and there just because there was a button to do it.  I didn’t really know anything about git and didn’t do anything with repos I had forked.  I didn’t actually upload a repo of my own until the end of March 2011.  I had been working with subdomains in Rails 3 and experimenting with the new cookie jar chaining.  I found a use case for adding another cookie jar that assigned the domain of the cookie.  I abstracted it out, gave a poor project name and put it up on GitHub. [tld-cookies]

It was a bit nerve-racking putting something you have made out there for whole world to see.  I am sure artists feel the same way when they show their paintings or writing to the general public.  I had no expectations that people would look at it or care about it, but still it was out there for people to scoff at if they saw fit to.  Nervous as I was, I felt something that I wasn’t expecting… liberation.  Even if no one ever used my code, I was now a contributing member of the open source community.  It felt great.

Two more repos went up almost immediately.

First Gem Published

When I pushed my first repos, the code was more or less in it’s finalized state, so the gem(s) followed quickly behind.  I remember having my RubyGems.org dashboard up all day watching the those first downloads trickle in.  I quickly realized that the first dozen or so were mirrors downloading all the new and updated gems.  Not going to lie, was a little sad when I realized that.  That first gem still sits at 50 downloads, probably because of it’s bad name, but some of the other ones have a few hundred downloads.

It’s awesome.  Some of my peers, not my coworkers, are using my code.  Building things that people use is awesome, whether it’s a website or a library.  As a software developer, I get a thrill when websites I work on get traction and usage.  Building successful businesses is my end goal, but with that being said, I get a very different and more personal thrill when I see some of my code being used by other developers.  It is a type of validation of your technical skills and it feels great.

First Gist Uploaded

We are a rails shop at work.  One of the things that I was getting annoyed with when dealing with debug statements was where to print these statements out to.  Do I print them to the log file or to standard out?  The log file is the obvious choice, but if you are working in the console, then using puts so you don’t have to switch terminal windows might be preferable.  I spent some time and came up with a useful little function.  I realized that this might be useful to others so I put it up on GitHub as a gist, and called it a day.  Looking back, this was really the first time I just casually threw something out there that I thought might be interesting, but wasn’t a fully functioning library.

First Issue Filed Against Me

Then came the bugs… I had my first GitHub issue opened against me about two months after I published my first gems.  Now here is the funny thing, I got excited.  Like watching the downloads trickle in on RubyGems.org, someone opening a bug against you means they care enough about what you are doing to want/need it to work right.  Obviously I want it to work as well, but I know that I am bound to let bugs slip through.  When someone took the time to report a bug and identify the potential source of the problem, I knew that I was doing something right.  Well, something was wrong but the situation was right… right? [bug]

First Issue Filed Against Me Fixed

Fixing the issue and pushing out a new version was satisfying.  I had the satisfaction of knowing that I cared enough about a little side project and the people using it to fix the issues and rerelease the gem.

Dealing With Future Compatibility

When I first pushed out my encrypted-cookie-store gem it was Rails 3.0 only. I figured I’d update it when 3.1 was released because I wasn’t expecting people to really care that much about it. Turns out I was mistaken. Not long after it was pushed out I got a request to add 3.1 compatibility. Well, one of my customers was asking for it and I was going to have to do it sooner or later, so I fired up rvm and got to work on figuring out what changed between 3.0 and 3.1. It wasn’t that big of a deal, but having different methods defined based on the which gems are installed seems like a less than ideal way to go about things. Thus concluded my first attempt at programing against an unreleased version of a project.

First Pull Request for One of My Projects

Now having someone open an issue against you and pointing you in the direction of the problem is nice and all, but having someone open a pull request against your project because they liked/needed it enough to fix the issue themselves, that is an awesome feeling. My little sparse matrix library was getting some love from across the Atlantic. Couldn’t have been happier.

First Issue Opened Against Another Project

Almost as scary as putting your own code out there is opening an issue against a well established project like Rails. You keep asking yourself, “Am I doing something wrong?” or “Do I just not understand what is going on?” I mean, what if your issue is just a result of you being stupid and not knowing what you are doing? These guys are busy and don’t really need to deal with bugs that probably aren’t actually bugs. So you run every test case you can think of, and then some that have nothing to do with your issue, you know, just in case. Then you hope that everyone is nice to the newbie. PS – They were.

First Pull Request to Another Project

It made me even more nervous to offer up a fix. Opening that Pull Request was nerve racking. I was patching one of the most used methods in ActiveRecord, so I obviously didn’t want to mess up. My pull request went through a couple of iterations, mostly on my test cases, but was finally accepted and merged into master 11 days after I opened the initial issue. Once again everyone was great and very helpful.

Started Blog

And then the blog started. I won’t lie to you, the last bit of motivation I needed to finally get this blog up and running was bit of selfishness. I realized that I needed some way to let people know about the stuff I had put out there that might be useful to them. This obvious thought happened when I came across a blog of someone working on a similar problem with encrypted cookies saying that they were thinking about packing it up and submitting it to rails. Since I liked the way I was doing it better, I figured I needed something other than the GitHub page as a way to promote it. Since then I have started writing on more topics than just the gems I have written. A blog, when properly utilized, is much more than just an advertising platform for your own code.

Being Asked to Contribute to a Project

The most recent development in my open source career is being asked to contribute to SciRuby. They liked the work I was doing on a sparse matrix library I was working on, and asked if they could include it in their offerings. Obviously I was ecstatic. Then I started thinking about the state of the code and how much work was left to do on it. Then I started worrying. It is very much still in an alpha/incomplete state. But now that I know that I have some people that are interested in it, I should be able to get working on it some more. Get that math side of my education some more use.


I have come a long way with my contributions to the open source community. From using to creating to contributing, each of these milestones has been a new challenge and a new experience. This isn’t a how to get a start in OSS, but it a list of things that you can look at for next steps when you are stuck and want to get more involved. It’s easy and most people will be excited that you want to help or are offering something up they can use. Even if you don’t want to write something, use OSS. That is your true first step.

%d bloggers like this: