Merb Herbs

Just a couple of crumbs from my brush with Merb tonight:


After merb-gen app, edit config/dependencies.rb to fix version numbers of dm_gems_version and do_gems_version gems used by the generated app. To find out what which version you have, type

gem list {gem-name}.

Missing some MySQL dylib on OS X

When I got some errors like “dyld: NSLinkModule() error “, probably after doing sudo gem install do_mysql for reasons I can’t recall, I fixed it with this:

sudo mkdir /usr/local/mysql/lib/mysql
cd /usr/local/mysql/lib/mysql
sudo ln -s /usr/local/mysql/lib/*.dylib .

I’ll add to this post over time as more crumbs fall. Note that I am not a Merb, Rails, nor Ruby guy. I am not a guru in anything but everything which means exactly nothing. Yes, I am trying to confuse you. ;-p

Google App Engine Launcher Options

If you are not a geek, sorry about these tacky-techy posts. I like posting them to help others geeks running into same problems later.

I’ve been running my GAE apps locally on my Mac using Google App Engine Launcher. The tool makes it simple and easy to develop and test apps designed to run in Google’s App Engine cloud but I ran into a problem when I tried to test my apps with Internet Explorer (running locally in VMware Fusion). Basically IE couldn’t see my apps.

After a few minutes of googling and poking about, I concluded that GAE Launcher was binding my apps to loopback IP ( instead of an external subnet IP (192.168.0.x). The fix was simple:

  1. Stop target application
  2. Open its application settings dialog by double-clicking on the app in the list of apps.
  3. Add to Extra Flags box: –address=192.168.0.x
  4. Start target application. If you have firewall on, you’ll be asked to allow to accept incoming connections.

Other options for GAE Launcher are:

--help, -h               View this helpful message.
--debug, -d              Use debug logging. (Default false)
--clear_datastore, -c    Clear the Datastore on startup.
--address=ADDRESS, -a    Server binding address
--port=PORT, -p PORT     Port for the server to run on.
--datastore_path=PATH    Path to use for storing Datastore
                         file stub data
--history_path=PATH      Path to use for storing Datastore
--require_indexes        Disallows queries requiring composite
                         indexes not defined in index.yaml.
--smtp_host=HOSTNAME     SMTP host to send test mail to.
--smtp_port=PORT         SMTP port to send test mail to.
--smtp_user=USER         SMTP user to connect as.
--smtp_password=PASSWORD Password for SMTP server.
--enable_sendmail        Enable sendmail when SMTP is not
--show_mail_body         Log the body of emails in mail stub.
--auth_domain            Authorization domain


Yesterday, I went over to checkout Google App Engine and, because GAE made it so easy, ended up writing a little webapp I’ve been thinking about writing for a while. Besides, it’s been a while since I used Python so any excuse would have worked. Currently, it runs only on my laptop because I haven’t added security bits yet but it shouldn’t have any problem on the real thing.

Oh, shit. My MBP’s video memory seems to be on the brink. I am getting random lines on-screen now.

The app is a port/extension of part of the Twitter client functionality I had in Appily, my AIR client from more than a year ago that I shelved before starting SafePage. It scratches a usability itch that prevented me from using twitter more frequently. I wrote it to see how improving accessibility radically affects usage patterns. So far, it’s working but more time will tell.

What I found frustrating while coding for GAE are the usual constraints of sandboxing but, for languages with rich third-party library support like Python, it gets really bad because many of those libraries have to be rewritten or replaced to varying degrees. For example, I couldn’t use existing crop of Twitter client libraries so I had to code the necessary calls myself. Each such incident is no big deal but the difference between hastily handcrafted code and libraries polished over time piles up.

Anyway, it was fun. Hopefully, I’ll still be in playful mood this afternoon so I can add the missing security bits and let others play with it too. Be warned, it’ll be rough as concrete floor as I don’t have the bandwidth to apply normal furnishings over the gears. My intention is to keep churning out snack-size apps like this one until one of them gains some traction then dig-in to see if it has legs, conversing with the users all the way.

Call it, conversational entrepreneuring. 😉

Update: Wonderful. Just in time to catch the newly arriving shortend of the stick. I can understand why Twitter is doing this. They are riding a tiger that’s moving faster and faster, trying to turn it into a golden goose without getting eaten. The problem is that it’s neither impossible nor easy. I say, Hi Ho Silver!

Java Cloud

Still undecided about deployment strategies, I looked around to see if there are solutions like Aptana Cloud for Java, preferably with Eclipse support. Unbeknownst to me, Java cloud support started to bloom while I was busy wriggling over SafePage’s fate late last year.

Notables are Stax Networks (TechCrunch mention) which is a service (just got the invitation code) and CloudTools, an open source tool by Chris Richardson of Cloud Foundry that makes it as simple to deploy a webapp cluster as writing a Groovy script. A common trend I noticed is moving away from using AMI as unit of change to using script to modify base AMI image on the fly. Also RightScale’s CentOS 5 AMI image called RightImage seems to be quite popular.

Are there any other Java cloud services or open source projects I overlooked?

Update: Stax uses a command-line tool with a handful of webapp template types to create and deploy. I’ll have to dig in deeper into templates to see how flexible it is.

Update 2: g-Eclipse also looks interesting. I am going to dig into 1.0RC1 release last month and play with EC2 and S3 connectors. I also found Typica and jets3t which can be used to build a custom cloud deployment tool in Java if need be *eyeroll*.

Update 3: My conclusion for the day is that Aptana Cloud stands alone as end-to-end solution so far although others are catching up fast. Note that Aptana Cloud is essentially a cloud reseller, focusing more on development and initial launch phases of startup where companies like RightScale seems to be focusing more on post-launch operational headaches.

Crypto Interop

Most of this week was spent porting some Java code to .NET and debugging interop, crypto interop in particular. Definitely not my favorite type of work and it didn't help that .NET crypto library refuses to encrypt with weak keys. They are doing the Right Thing but it was a surprise for me because I don't think they are doing the Expected Thing which is to just do what I tell it to do regardless of what it thinks of the key.

Anyhow, that forced me to chase down why the keys were weak which uncovered other issues, blah blah. Chasing problems can be like pulling loose strings off a sweater: you might not have a sweater any more in the end. Thankfully, it wasn't so bad this time.

Just when I had all the clues and patches together, remote CVS and database I was working against went AWOL on me. Oh, well. It's now officially weekend so I think I'll go AWOL as well, perhaps do some six-pack induced meditations.

Surface Authentication

No two natural surfaces are equal so characteristics of each can be combined for authentication.

This is a system so secure that not even the inventors would be able to crack it since there is no known manufacturing process for copying surface imperfections at the necessary level of precision.

Excellent idea although I am not sure whether it's a mass market technology or not.

Debugging Win32 Shell Extensions

It's been a while since I wrote a Win32 Shell Extension. FYI, shell extensions are used to extend Windows Explorer and Internet Explorer. By extension, I mean custom context menu items, property pages, detail columns, shell namespaces, etc.

Like everything, shell extension is a double-edged technology. While it enables deeper integration with Windows, buggy implementations can ruin user experience severely. For example, TortoiseSVN, which integrates Subversion nodes as shell namespaces, occasionally causes Explorer to crash.

Anyhow, I learned a new debugging trick this time (adding a custom detail view column and a custom property sheet for executable files) which made debugging much easier.

  1. Open 'Turn Off Computer' Dialog (Start>>Turn Off Computer).
  2. Press Cancel button with ALT-CONTROL-SHIFT keys down.

This shuts down current Explorer.exe cleanly. With your shell extension project set to use explorer.exe as debug target application, just launch and debug. When you are done, repeating the above steps will end your debug session. Just killing your debug session also seems to cause little problem. I know that there are other debugging tricks like configuring Explorer to launch new instances for each window but I found them to be confusing in practice.

Note that the instance of Explorer launched by Visual Studio will be owned by Visual Studio so it will shutdown also if you shutdown Visual Studio, causing Windows to relaunch Explorer. You should keep a pair of script files to register and unregister your shell extensions.

Atomic Pedantics

Apparently, Atom 1.0 syntax spec is now at the end of the runway. Whether it takes flight or loudly ignored, they don't seem to realize that pedantic assertions like the below undermines their work:

The RSS 2.0 specification is copyrighted by Harvard University and is frozen. No significant changes can be made and it is intended that future work be done under a different name; Atom is one example of such work. – RSS 2.0 and Atom Compared

They have taken words in the roadmap section of the RSS spec and used it to portray RSS 2.0 as a deadend road when they are fully aware that those very words came into existance to encourge those who were undermining RSS 2.0 to either vent their harmful creativity elsewhere or redirect them to more constructive activities such as building modules like Apple, Microsoft, and Yahoo are doing now.

Under payload comparison between Atom 1.0 and RSS 2.0:

Escaped HTML is ugly…RSS 2.0 cannot contain actual well-formed XML markup…

Sillyness followed by misinformation. HTML is not XML which is why HTML had to be escaped. They also failed to note that there are XHTML embedding issues.

Under Digital Signature/Encryption:

RSS 2.0 can be encrypted or signed like any other web content, if treated as a bag of bits.
Rules for applying standard XML Encryption and XML Digital Signature on entries are included in Atom 1.0. Alternatively, the feed can be encrypted or signed, like RSS 2.0, as a bag of bits.

More half-truths. Both mentioned specs can be used in RSS 2.0 just fine.

Under Deployment:

RSS 2.0 is widely deployed and Atom 1.0 not at all.

Well, I am happy to see that they just need to grow up instead of needing therapy.


p dir=”ltr”>Most of the differences can be easily added to RSS 2.0 as modules and the remainders are meaningless in practice. If they want Atom to take off, they need to introduce equivalent RSS 2.0 modules. Do they realize that? Their display of pedantics makes me doubt it.

Ducky Boo

Boo is a lanugage that looks like Python (differences) but is statically typed like Java/C# and runs on for CLI (read .NET and Mono). It's most interesting feature (I thought) is how it supports duck typing: with a type named 'duck'.

static1 as int
dynamic1 as duck

Hillarious. Boo still has many issues to resolve before it can be used in production but it's already quacking. To a whitespace freak like me, Boo looks reasonably elegant at first glance. I hope it stays that way.

Labor of Curvaceous Love

Consistently good looking bezier curves are difficult to draw, let alone doing it fast, but Maxim Shemanarev shows how in Adaptive Subdivision of Bezier Curves. At first glance, I don't see much difficulty in applying the same technique for bezier surfaces.

Don't be scared by all the math. After all, following a trail is easier than making one. And afterward, you can appreciate curves a whole lot more.