Friday, May 30, 2014

Programming without Null

Those of you who know me well know that there are two things in programming that I hate, yea, two that are an abomination to me:
  • null references
  • if statements
This article is about null references:
The article begins two quotes, which I quote:
"Null sucks." -Doug Lea

"I call it my billion-dollar mistake." - Sir C. A. R. Hoare, on his invention of the null reference
Now go read it, meditate on it, and agree with it.

Friday, June 29, 2012

Grails - Cute Yet Annoying! - transitive dependency of plugin is not evicted by direct project dependency

You might think I'm being mean, but it's not just this issue. It's literally metaphorically countless little issues like this!

Here's another: (Maven classifier not working for deps)
or (NoSuchMethodError at Command Object Validation).

It seems that every time you want to do something in Grails you run into some bug!

Did I mention the enum bug? (Dont support method override in enum). That's right - tell Josh Bloch to take his highfalutin Enum Strategy Pattern and shove it!

In my opinion, you can work more efficiently with plain old Spring MVC, Hibernate (with Annotations and Bean Validator), Sitemesh, JSP, AOP, Maven (with the Eclipse plugin and the Jetty plugin). For unit testing, you can't really do better than JUnit / TestNG + Mockito.

Grails - Cute yet annoying.

P.S. I am not a Java purist. I really like Python and prefer it to Java (and grails) for most things nowadays. Python - Cute yet ... just cute!

Friday, May 25, 2012

Finally got Gnome-Shell working on my brand new Lenovo W520 with Ubuntu 12.04 LTS

First, I don't have anything against Unity per se. It's just that I've always been a Gnome guy. There has been a lot of hating on Gnome 3, so I wanted to give it a shot.

Unfortunately, it was a beast to get working. Eventually, after much searching, I found this guys website, and in frustration, just pasted all of his commands in to my shell. He may have installed a root kit, but given that my Gnome Shell is working, it's worth it!

sudo apt-get purge nvidia*
sudo apt-get install --reinstall xserver-xorg-video-intel  libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core
sudo dpkg-reconfigure xserver-xorg
sudo update-alternatives --remove gl_conf /usr/lib/nvidia-current/
Reboot after entering all those commands and voila. Gnome Shell on your Lenovo W520!

Permanently ignore local modifications to a versioned file in Git

From: (thanks!)

git update-index --assume-unchanged FILENAME

What? I just saw in the compose post sidebar of Blogger that an ad can be added to posts with about two clicks, as seen below:
 Is this the future of blogging? I could easily see this being abused.

Sunday, April 22, 2012

But, don't do that. It's silly.

From the Django Tutorial
Because the URL patterns are regular expressions, there really is no limit on what you can do with them. And there's no need to add URL cruft such as .php -- unless you have a sick sense of humor, in which case you can do something like this:
(r'^polls/latest\.php$', 'polls.views.index'),
But, don't do that. It's silly.

Tuesday, January 17, 2012

Verify SHA1 checksums from Windows using Cygwin

I have a dirty little secret. I never verify my checksums. I mean - I never used to verify my checksums.

Here's an easy way to verify a sha1 checksum in Windows, assuming you have Cygwin installed:

echo "60ab4099e811d79fe90ae8d8f184b163bdc57fa8 TortoiseGit-" | sha1sum -c -

You can use the "Bash here" Explore menu to open a Cygwin Bash shell in the directory containing the file.  There are also other commands, such as 'md5sum' and 'sha256sum'. As always, RTFM for more details.

Now, I can verify my checksums for the sake of it.

Monday, October 3, 2011

Amazon ELB SSL Redirection using Tuckey's URLRewrite Filter

The Great One - URLRewrite

URLRewrite is one of the greatest things since bread was first sliced. To get one in your Maven 2 project, you will need to in the very least take the following steps (complete details are available in the URLRewrite manual, of course):

Add this dependency to your pom.xml:


Add a filter definition to web.xml

A then a filter mapping to web.xml:

Finally, create a file named urlrewrite.xml and place it in the WEB-INF directory (this can be customized, if desired).
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE urlrewrite PUBLIC "-// UrlRewrite 3.0//EN"
<urlrewrite default-match-type="wildcard">

That's all of the plumbing that's necessary. If URLRewrite filter is set up correctly, then you should be able to see a URLRewrite status page on localhost:{YOUR_PORT}/rewrite-status . This page will be extremely useful as you develop rules (if you have an error in your urlrewrite.xml file, then the status page will tell you what it is).

SSL Redirection with Amazon's Elastic Load Balancer (ELB) and URLRewrite

Now comes the fun part. URLRewrite is set up and working and your application is deployed in EC2 and you have an ELB configured to listen for both HTTP and HTTPS traffic (on ports 80 and 443, respectively). ELB handles all of the HTTPS certificate shenanigans for you.

Now you want to automatically redirect users who visit the HTTP site to the HTTPS site. ELB does not have this capability at the present time, unfortunately. You cannot use the standard servlet mechanism to ensure a confidential transport because the traffic between the ELB and your servlet container is HTTP.

There are a few options, one of which is to move the HTTPS certificate down to your servlet container, etc. That would be a respectable option - maybe even the best option - but let's assume for the sake of a blog post that you would like have the ELB handle the SSL.

To implement the redirection, we will take advantage of a header that the ELB adds to forwarded requests - "X-Forwarded-Proto". It's value will be "HTTPS" or "HTTP" depending on the client's original request. URLRewrite has the ability to active a rule depending on a header value, and so here you are - HTTPS redirection:

<rule match-type="regex">
		<condition type="header" operator="notequal" name="X-Forwarded-Proto">^HTTPS$</condition>
		<to type="permanent-redirect" last="true">https://%{server-name}%{request-uri}</to>

That's it. Non-HTTPS traffic will be permanently redirected to the HTTPS site and HTTPS traffic will flow to your application unimpeded.

Development Mode

The above works fine for production mode, but when developing we might not have HTTPS enabled. To get around that, you can add a condition to your rule as follows:

<condition type="port" operator="notequal">8080</condition>

(add it before the "from" element). You can add multiple conditions, if necessary. For example, you can also add a condition that the server-name is not equal to "localhost".


In the example above, I have assumed that URLRewrite was added to the WAR file of the application being developed. This is not strictly necessary. Tomcat, for instance, will allow you to add the filter to a global web.xml that applies to all applications. You would then need to add the URLRewrite jar to the appropriate directory. This could be useful if you have a lot of applications and you want them to use the same rules.

It is often convenient to use URLRewrite to add a version identifier (determined at build time) to each URL under a certain path encoded with response.encodeURL (including the JSTL c:url). Doing so allows you to "bust the cache" when a new version of the application is deployed. In successive testing rounds, we've often had to tell testers to refresh pages or empty browser caches in order to get the latest bug fixes. In a future blog post I would like to document a rule for this.

Sunday, June 5, 2011

Foo Hack - Isaac Schlueter on Web Development

Foo Hack - Isaac Schlueter on Web Development:
"npm is a development tool, first and foremost. People sometimes say “Yeah, I haven’t gotten time to check out that package manager stuff yet. Maybe I will when my code is more stable.”

That’s like saying that you’re going to start using source control when your code is done. It’s just silly. Source control should make your process easier, and if it doesn’t, then you’re using a broken SCM. Same for package management. It should make it easier, and if it doesn’t, then something is wrong."

Sunday, May 8, 2011

Thinking Inside a Bigger Box - Refactoring: The Good, The Sad and The Ugly

Thinking Inside a Bigger Box - Refactoring: The Good, The Sad and The Ugly:
"When a project schedules “refactoring tasks”, I find myself sad. The need for scheduled refactorings is a symptom that we don’t do the necessary good or even sad refactorings as we should. And scheduling refactoring tasks is an excuse to perpetuate our bad habits."

Friday, May 6, 2011

Scrum Vs. XP - Why Scrum is easier to sell - Blog - Osherove

Scrum Vs. XP - Why Scrum is easier to sell - Blog - Osherove:
"When I interview companies, the managers always think that they (sic) people under them work in a specific way. Interviewing the actual people who do the work usually shows a very different picture - that of people making stuff work despite the rules given, not because of them. It's really enlightening."

Saturday, April 23, 2011

An Improved "Gmail This" Bookmarket

I was talking to my non-programmer brother and he was asking me whether there was a way to click one button to email someone something you are reading online (read: killer application idea). My answer was, "surely" and "it must exist" because it is such a trivial thing to implement with bookmarklets. "I could probably do it right now while we are on the phone." And so I did ...

I first did a quick search for "gmail bookmarklet" and the first thing that came up was Add a "Gmail This" Bookmarklet to Your Browser from (via this Life Hacker post), the source code of which is reproduced below:

// original ^

The user of this bookmarklet, assuming she is new to such things, will likely be pleased for about 15 minutes. But then she will quickly realize that it doesn't do what she wants it to do. Namely, she wants to select a portion of the page she is reading and include that in the email along with a link to the page. The original version from does not do that - it just includes the link of the page, not the highlighted text.

Still on the phone and frustrated by this, I then 1) quickly tried and failed to find another Gmail bookmarklet that has my feature, and 2) decided to write one using the best copy-and-paste techniques known to man.

The first task is to get the text the user has selected on the webpage. So, how do you do that in JavaScript? Who cares! I searched for a snippet and found the following one on DZone Snippets, reproduced below:

function getSel(){
var w=window,d=document,gS='getSelection';
return (''+(w[gS]?w[gS]():d[gS]?d[gS]():d.selection.createRange().text)).replace(/(^\s+|\s+$)/g,'');

I then integrated that, slightly modified, into the original bookmarklet, as shown below:

javascript:(function(){var w=window,d=document,gS='getSelection';var s=(''+(w[gS]?w[gS]():d[gS]?d[gS]():d.selection.createRange().text)).replace(/(^\s+|\s+$)/g,'');m=''+encodeURIComponent(document.title)+'&body='+encodeURIComponent(document.location+'\n\n'+s);,'addwindow','status=no,toolbar=no,width=575,height=545,resizable=yes');setTimeout(function(){w.focus();},%20250);})();
// improved ^

And that's it! Now there is a new and improved Gmail This bookmarklet (right-click the link and add it to your favorites or drag the link to your toolbar to install it).


You might have guessed that this blog post is not really about bookmarklets. Like all great works of literature, it is about the meaning of life.

This blog post is about the "scratching an itch" principle that makes free and open source software (F/OSS) so desirable and powerful. When the source is available, hackers, that is, superheroes with the power to manipulate the source - hackers like me, and others way more powerful - modify it to satisfy their needs, improving the original software. And they share those changes with whosoever wants them. The user community tends to choose the most useful variants of the software, enabling a kind of "evolution by user selection". Why do the hacker-gods do this? You might as well ask Superman why he does what he does. And in case you haven't figured it out yet, that is the meaning of life.

Now if I can only explain to my brother how to install bookmarklets ... users ... sigh ...

Sunday, April 17, 2011

What sacrificing quality gets you according to Kent Beck ...

Here are two passages from Extreme Programming Explained by Kent Beck that figuratively made me shout "AMEN!" at the top of my voice:
Temporarily sacrificing internal quality to reduce time to market in hopes that external quality won't suffer too much is a tempting short-term play. And you can often get away with making a mess for a matter of weeks or months. Eventually, though, internal quality problems will catch up with you and make your software prohibitively expensive to maintain, or unable to reach a competitive level of external quality.
There is a human effect from quality. Everybody wants to do a good job, and they work much better if they feel they are doing good work. If you deliberately downgrade quality, your team might go faster at first, but soon the demoralization of producing crap [emphasis mine] will overwhelm any gains you temporarily made from not testing, or not reviewing, or not sticking to standards.
These two passages appear in his discussion of the three familiar control variables in software development - quality, time, and cost - and a less widely known one, scope. In the extreme programming methodology (XP), management gets to pick the values of three of the variables and the development team picks the value of the fourth - without exception.

Beck's position is that quality is a horrible variable to mess around with - either by explicitly demanding low quality or by picking the values of the other three variables such that the implied quality is low. He instead advocates that the fourth variable, scope, is the best one to fiddle with. By reducing scope, you can give quality room to breathe, reduce cost, and deliver on time. Assuming that quality is fixed reasonably high, by increasing scope you imply either an increase in time, cost, or both. And so on.

The book is really good (so far, I haven't finished) and I especially encourage all management types to read it.

Thursday, April 7, 2011

... the key, the whole key, and nothing but the key, so help me Codd!

Third normal form - Wikipedia, the free encyclopedia:
"A memorable summary of Codd's definition of 3NF, paralleling the traditional pledge to give true evidence in a court of law, was given by Bill Kent: every non-key attribute 'must provide a fact about the key, the whole key, and nothing but the key.'[5] A common variation supplements this definition with the oath: 'so help me Codd'.[6]"