MacKuba

Kuba Suder's blog on iOS & Mac development

Pick holes in your Gemfiles

Categories: Ruby/Rails 3 comments

The beginning of 2013 was a really bad time for the Ruby community. In the first few weeks of the year a few separate security issues were found that made everyone run to their SSH consoles to update their Rails apps. Rails itself had to be updated 4 times so far because of this, and even the rubygems.org gem repository has been hacked.

And we aren’t talking about a minor “someone with enough luck and determination can use this for some malicious purpose one day” kind of issue; some of these were the nastiest security holes we’ve seen in years. Check out this article by Patrick McKenzie about what can happen (or rather: will happen) because of these vulnerabilities.

The worst part: it’s probably not the end. The general nature of these bugs – see another article by Aaron Paterson analyzing all the ways in which you can do harm to a Ruby app – means that it’s quite likely that there’s more where that came from.

Now, I don’t know about you, but for me it’s starting to get hard to keep track of all these issues. I know Rails should be updated, but which version was that, 3.2.10 or 3.2.11? Is 2.3.17 OK or was there something newer? And what else was there, json, rack, or was it rake?

Read more »

Extending asset pipeline with custom preprocessors

Categories: Javascript, Ruby/Rails 3 comments

If you’ve read the Rails 3.1 asset pipeline docs, you’re probably aware that you can add preprocessors to your asset files by appending extra file extensions. For example, to write your JS files in CoffeeScript you need to add the suffix .coffee, and if you also want to pass something from Rails to those files, like paths to image files, you also need to add the .erb suffix. All the extensions are added together, so you end up with e.g. profile.js.coffee.erb (it’s simpler with stylesheets, because by adding a Sass preprocessor you get a bunch of asset path helpers for free).

What the docs don’t tell you is that Sprockets can also be configured to include preprocessors implicitly based on a content type.

Read more »

Psionides Blog: Sinatra Edition

Categories: Frontend, Javascript, Ruby/Rails 0 comments

I started this blog almost 3 years ago. It was a bit of an experiment, as I wasn’t sure if that actually made sense, if I would want to keep writing it a few months later – so I put it on Jogger (Polish Jabber-based blog service) and I used the classic Kubrick design.

Since I’m rather happy with how this experiment ended up, it was time for a change. The new version is hosted on Linode (definitely the best hosting I have used), and uses a custom-made engine based on Sinatra. Hopefully with this new design I’ll have a bit more motivation to write, because I just couldn’t look at the old one anymore…

If I find some more time, later this year I’m planning to learn some NodeJS and rewrite the engine using it (e.g. with Express).


There’s a few things that I’ve learned while working on the redesign:

Read more »

JSLint on Rails available as gem

Categories: Javascript, Ruby/Rails 0 comments

I released version 1.0 of JSLint on Rails yesterday. It has a few new options (see Github project page for more info), but the biggest change is that it’s now available both as a plugin and as a gem, so it can be used also with Merb and other frameworks which don’t support Rails plugins.

To use JSLint as a gem:

  • install the gem (gem install jslint_on_rails, or via bundler)
  • include JSLint’s tasks in your Rakefile: require 'jslint/tasks'
  • also in the Rakefile, set path to your config file: JSLint.config_path = "config/jslint.yml" (put it anywhere you want)
  • create a sample config: rake jslint:copy_config

After that, you can update your config and run the test as described in the previous post (rake jslint).


Check your scripts with JSLint on Rails

Categories: Javascript, Ruby/Rails 1 comment

This year, for several months I’ve been working on a project which involved quite a lot of JavaScript. I’ve already written about how this prompted me to start writing JavaScript unit tests. But as I found out later, there were some kinds of JavaScript errors which the unit tests didn’t help me find. Let me give you an example…

(TLDR: link to the Github project page)

When I work on a Rails web app, I don’t usually test the project in Internet Explorer all the time – if I did that, I’d have gone mad long time ago. Instead, I do everything in Firefox, and leave IE testing for more patient people – either our tester, or even the client in smaller projects. This seems to work well most of the time; however, in this project every 2 weeks or so I used to get such bug report: “The site crashes in IE”. Crashes here means that it doesn’t load at all. You see, if JavaScript is just a nice optional add-on to your project, it’s not a big thing if something doesn’t work; but if your entire application depends on JavaScript for everything it does, then one tiny mistake and you’re screwed.

The problem is that IE has this nasty habit of breaking on code that has a comma at the end of a hash – you know, something like this: { a: 1, b: 2, c: 3, }. And I do this mistake surprisingly often, because that tiny little comma is so easy to miss, and no one ever complains about it except IE – Firefox works fine, unit tests work fine, but next morning I get that dreadful bug report that IE just explodes. Then I wait for VirtualBox to boot Windows and eat all remaining memory, and spend half an hour debugging, only to find that this was all because of one comma…

Read more »

Installing Sphinx on MacOSX from ports

Categories: Databases, Mac, Ruby/Rails 4 comments

A few days ago I spent a couple of hours trying to install the full text search engine Sphinx on my work computer in order to use it in my current project. I’m posting the details here, maybe this will save someone some time…

Firstly, if you’re like me and you look for some kind of binary package (like .dmg) first – sorry, there isn’t one. This leaves us two options: compiling Sphinx manually from the source, or using a package manager like MacPorts. I always avoid the first method if I have any other option, so I tried the ports.

Here’s the first problem: Sphinx requires MySQL, and while I have it on the disk of course, I’ve installed it from a dmg package, not from ports – which means it’s in a different path than ports expect and they have no idea where that is. I got scary errors like:

$ sudo port install sphinx
---> Building sphinx with target all
Error: Target org.macports.build returned: shell command " cd "/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.​macports.​org_release_ports_textproc_sphinx/​work/​sphinx-0.9.7" && make all " returned error 2
Command output: sphinx.cpp: In member function 'virtual const char* CSphSource_MySQL::SqlError()':
sphinx.cpp:9397: error: 'm_tMysqlDriver' was not declared in this scope
sphinx.cpp:9397: error: 'mysql_error' was not declared in this scope
sphinx.cpp: In member function 'virtual bool CSphSource_MySQL::SqlConnect()':
...

Read more »

Javascript unit testing

Categories: Javascript, Ruby/Rails 6 comments

I’ve read a lot about good programming practices recently. I’ve read the “Pragmatic programmer” book (which is awesome, one of the most useful books I have read, seriously); I’ve watched a great presentation “Craftsmanship and ethics” by Robert C. Cooper. And it seems that everyone seems to emphasize that one thing that is extremely important to write good software is writing unit tests (and writing them “all the fucking time”, as that black dude said in that presentation ;). I must admit I still haven’t had the courage to switch to TDD (although I try it for single tasks from time to time), and my test coverage is nowhere near what it should be ― it ranges from 20% to 80% depending on the project and its layer. But I know it’s important and I’m working on it…

Anyway, one day I had a thought: even if I test all models and controllers thoroughly, am I not leaving something out? Didn’t I forget about something that is a quite important part of the application ― about my Javascript code? After all, it’s code too, right? And sometimes it’s very important code; and not having any tests for it means the code is very fragile, it’s easy to break things, already fixed bugs may reappear again, and so on. Of course, Javascript may be harder to test, because it’s sometimes very closely coupled to HTML, but at least some part of it could surely be tested.

But how do you unit test Javascript?… I had no idea how to do this.

So I started googling, and I found that there are plenty of different unit test frameworks for Javascript. Of course I couldn’t resist and I had to take a look at every single one and compare them to choose the best one :) (I heard that it’s called “maximiser” and that it’s bad…). The result of this looking is the list below.

Read more »

Code like a hobo

Categories: Ruby/Rails 6 comments

For the last 2 months, I’ve been using a new Ruby framework at work. A very… interesting framework :) It looked very promising in the beginning, only to become a complete disaster a few weeks later. I thought I could share some of my experiences with it here, although not to recommend it, but rather to warn you not to use it…

Its name is Hobo, which makes most people think of homeless people, and makes it a constant object of jokes in my company (see below :)…

'Hobbo land' sign
A sign hanging in my room – copyright by Wombat

Read more »