Year Fourteen with Rails

This last year saw the launch of RailsWorld in Amsterdam celebrating 20 years of Rails, while RailsConf on the other hand is being wound down. Honeypot released a documentary on Rails’ origins. Rails 7.1 shipped with default Dockerfiles. Ruby 3.3 shipped with Prism and RJIT and a Bun 1.0 Javascript runtime was released.

At my employer we upgraded our database hardware and software, enabling more data model refactoring and simplification. react-rails and Webpacker were removed from our web stack as we made increased use of Turbo. Microsoft/Github Copilot has become an everyday pair programmer with suggestions ranging from sublime to clueless to beguilingly incorrect. The result has been more code comments and tests, both as LLM input and output, and a bump in productivity accepting suggestions ranging from insightful to good enough. SolarWinds Librato was replaced by AWS CloudWatch.

On the open source side I released activeadmin-rails v1.7 but made little effort to market it as my attention has been elsewhere. paypal-sdk-subscriptions reached 130,000 downloads.

TIOBE Index for August 2017: A new set of languages is gaining ground…

TIOBE replaces their index content each month, so I quote:

“The top programming languages are in a long term decline: both Java and C have all time low scores in the TIOBE index. And almost all of the other top 10 languages are going down as well year to year. So what languages are taking advantage of this? It is all happening down in the charts around position 40. A new set of languages is gaining ground, notably Crystal (#32), Kotlin (#41), Clojure (#42), Hack (#43) and Julia (#46). Especially Crystal with its jump from position 60 to 32 in one month is doing very well. The Crystal programming language is a statically typed Ruby variant. Since it is compiled it is superfast and has a small memory footprint without losing the feeling of being easy to use. It seems worthwhile to give it a try.”

Refresh Miami ‘Founder Match Making’ Event

Well attended event last night hosted by Brian Breslin, filling the Storer auditorium at the Miami University Business School. Pitches for the upcoming Americas Venture Capital Conference at FIU and Lead305.org before a panel discussion including Ed Toro, Charles Irizari, Steve Repetti and Stewart Davis.  Topics discussed:

  • The best way of finding a tech co-founder is to attend tech community events. Tech leads, like investors, expect entrepreneurs to be able to articulate their ideas, for example with a two minute online video.
  • Asking for an NDA too quickly is unlikely to be agreed to. Having an established relationship with a tech lead makes a less formal pitch more likely to be listened to.
  • Ideas without the ability to execute are worth little, all sides should be looking for partners they believe can get things done: startups are much less forgiving than working in a larger corporate environment.
  • Ultimately the goal is to find an idea that can be turned into a company, and find compatible partners that can raise funds, build a product and operate a business. Red flags include a lack of respect and too much ignorance of the technology that the business is built on.
  • Tech leads may not be strong at negotiation but they will typically value equity at 25-50% of it’s current valuation when calculating their total compensation. Tech lead’s equity should be vested over time in case they fail to execute.
  • Capital in Southern Florida can be a problem as 90% of the wealth is from real estate development and not very tech savvy.  Nonetheless individuals can be found through networking.

Granite Telecommunications

I met this week with Rob Hale, CEO of Granite Telecommunications.  Granite Telecom is an enterprise wireline wholesaler specializing in providing consolidated billing and service for multi-location businesses: 3/4 million lines from Verizon, Qwest, AT&T; and others to 10,000 customers in over 100,000 locations.  The company was established in 2002 and ranked in the Inc. 500 in 2007 and 2008: revenues in 2009 are expected to approach $400M.  Customers include USPS, Walmart, CVS, 7-Eleven, McDonalds, Verizon, Sprint, Comcast, GE and over half the Fortune 100.  Interestingly Rob’s previous business, Network Plus (NPLS), was also a telecom wholesaler, growing from its inception in 1990 to a public IPO in 1999 to 300,000 lines, 75,000 customers and $284M sales before overspending on network hardware, being forced into bankruptcy in February 2002 and having its assets sold to Broadview Networks for $16M.  Granite was started four months later and is still debt free.

Reporting Tools

Having built and populated a reporting database I’ve been looking at reporting tools for the front end. In the past I’ve used Crystal Reports, Oracle Reports and MicroStrategy, but with the BI industry in flux over the past couple of years as a result of acquisitions and new open source businesses, I thought now is a good time to look at alternatives like BIRT, JasperSoft and Pentaho. My requirements are:

  • easy and powerful report designer and engine with relevant examples
  • secure report repository with end user web access including external authentication
  • scheduled report execution and delivery by email
  • value for money given tech savvy in-house support

Starting with report designers I looked at BIRT RCP Report Designer 2.3 vs. JasperSoft iReport 3.0.  BIRT has a field guide included in the online help, report layouts may be fixed or automatic, and the BIRT report engine was described as stronger than JasperReports on a ServerSide forum.  iReport struck me as undistinguished, and the user manuals need to be purchased as they are not available for download, which was irksome to perform a review.  It does, however, provide a ‘pixel perfect’ layout and there were demo samples in jasperreports-3.0.0-project.zip.  The first report I built failed to run, and I could not find any explanation.

Looking at report repositories I compared BIRT Report Server vs. JasperServer 2.1, Pentaho Reporting and OpenReports.  BIRT Report Server was previously Actuate iServer Express, and is still a commercial product costing $1,995/core.  There is a BIRT Deployment kit with repository (but no scheduler) available at $995/core.  There is a 90 day evaluation available and manuals are available online.  JasperServer 2.1 installation was bundled with Apache Tomcat 5.5, MySQL 5.0, Java JDK 1.5 and iReport 2.0.2.  Novell SLES 10.2 is documented as a supported platform.  I found the Pentaho Platform documentation to be jumbled and immature, with different dates more like an online support knowledgebase.  The Pentaho wiki, however, does include articles on integrating BIRT and JasperReports.  Also Pentaho is certified on Novell SLES 10 and has also been installed on Ubuntu.  Finally OpenReports supports multiple report engines, including BIRT, JasperReports and Pentaho.  External integration is supported using Spring Framework, but not well documented.

My conclusions from this research is that these products are still maturing, and I would not want to mix and match components from different products.  I was not persuaded to pay for a commercial BIRT Report Server licence, even if the price is relatively modest compared to competing products a few years ago.  That leaves Pentaho Reporting and JasperServer as the best alternative repositories, and they rate about equal.  In my case I’m focusing on JasperServer as being easier to integrate seamlessly with our own software.

scp-restricted

Moving data files securely from one environment to another is a frequent business application requirement, so I was disappointed to learn scp doesn’t support a ‘least privilege’ approach ‘out-of-the-box’. The authors of O’Reilly’s book give an incomplete solution and note various issues, but that’s about it. Other solutions involve jailing SSH, a custom SSH shell like rssh or switching to WebDAV or ftps and using certificates. I thought these were overkill so I came up with this alternative to scp-wrapper

#!/bin/ksh
#
# scp-restricted
# 1.0  Piers C  Oct-07  Original
# Inspired by http://www.snailbook.com/faq/restricted-scp.auto.html
# Tested with OpenSSH 3.x server and Putty client
#
integer argc=0
typeset command="exec /usr/bin/scp"
typeset filename
readonly SCRIPTNAME=$(basename $0)

function fail {
  print "$SCRIPTNAME: $2" >&2
  print "$SCRIPTNAME: SSH original command should be 'scp [-v] [-t|-f] filename'" >&2
exit $1
}
if [[ "$1" == "-T" ]]; then # see test-scp-retricted
  command="print "${command}
fi

if [[ -z $SSH_ORIGINAL_COMMAND ]]; then
  fail 1 "environment variable SSH_ORIGINAL_COMMAND not set"
fi

for arg in $SSH_ORIGINAL_COMMAND; do
  argv[$argc]=$arg
  argc=argc+1
done

if (( $argc == 4 )); then
  if [[ ${argv[1]} != "-v" ]]; then
    fail 6 "arg 2 of 4 not '-v'"
  fi
  command=${command}" -v"
elif (( $argc != 3 )); then
  fail 2 "wrong number of args"
fi

if [[ ${argv[0]} != "scp" ]]; then
  fail 3 "arg[0] must be 'scp'"
fi

filename=${argv[argc-1]}
# be very conservative with filenames that we'll accept
if print ${filename} | egrep -vs '^[a-zA-Z0-9][.a-zA-Z0-9]*$'; then
  fail 5 "bad filename: $filename 
(must be alphanum, may include but not start with period)"
fi

if [[ ${argv[1]} == "-t" ||  ${argv[2]} == "-t" ]]; then
  cd $HOME/inbound || fail 7 "unable to cd ~/inbound"
  ${command} -t ${filename}
elif [[ ${argv[1]} == "-f" || ${argv[2]} == "-f" ]]; then
  cd $HOME/outbound || fail 8 "unable to cd ~/outbound"
  ${command} -f ${filename}
else
 fail 4 "args must include -t or -f"
fi
#end#
#!/bin/ksh
#
# test-scp-restricted
#
integer succeeded=0
integer failed=0

function dotest {
  export SSH_ORIGINAL_COMMAND=$1
  print "======================================"
  print 'SSH_ORIGINAL_COMMAND="'$SSH_ORIGINAL_COMMAND'"'
  print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=="
  ./scp-restricted -T; rc=$?
  print "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=="
  if (( $rc == $2 )); then
    print 'exited ('$rc') - test **SUCCESS**'
    succeeded=$succeeded+1
  else
    print 'exited ('$rc') - test **FAILED**'
    failed=$failed+1
  fi
}
dotest "" 1
dotest "x" 2
dotest "x y z" 3
dotest "scp -p z" 4
dotest 'scp -t foo.dat' 0
dotest 'scp -t 7' 0
dotest "scp -t .." 5
dotest "scp -t a;ls" 5
dotest 'scp -t a*ls' 5
dotest 'scp -t a/ls' 5
dotest 'scp -t a�73ls' 5
dotest 'scp -f bar.dat' 0
print "Succeeded: $succeeded"
print "Failed: $failed"

Bio

I’ve been interested in computers since my mathematics teacher introduced me to Forth running on 8-bit microprocessors around 1980.

I studied physics at Oxford, which involved a lot of applied mathematics, but relatively limited access to computers. I bought an early IBM PC clone and learned C using the Whitesmiths compiler.

My first job was maintaining a forex arbitrage calculator for a banking software consultancy using Lattice C. After less than a year I moved to another financial software house and wrote a eurobond trading system in Microsoft C, first on DOS, then on the new OS/2 operating system. Having learned OS/2 GUI programming I was hired by GE to work on applications using CUA, then I was contracted by IBM to work on OS/2 2.0 in Austin, Texas. After that I consulted on OS/2 related projects for several years using VisualAge C++ and IBM Open Class until IBM announced eventual abandonment of OS/2 after release 4.0.

Wanting a break from programming I learned Oracle Database, moved to California, and switched career to database and Unix administration. Within eighteen months, however, I was at a dot-com designing a B2B marketplace, using IBM Websphere Commerce and learning Java. The project bombed and I went back to database administration and implementing Oracle Financials, then directing systems development for a retailer, where I specialize in PL/SQL

MythTV

Here are my experiences building an HTPC with MythTV.

Installation. You can start with a common Linux distro like Fedora or Ubuntu and install MythTV on top of the distro, or you can use a specialized distro like KnoppMyth. As of June ’06 I had trouble finding stable MythTV packages to install or figuring out all the dependencies needed to compile from source. I finally gave up and used KnoppMyth R5C7, which is easiest if you let it take over the machine and delete all other partitions on the boot drive, otherwise you have to know what you are doing with lilo.

Hardware. I have a couple of HDTV tuners: fortunately support for them had been added into the kernel during early ’06, but otherwise I would have been faced with applying kernel patches. Even so, it took me a while to figure out I needed the latest kernel. Decoding HDTV signals takes significant processing power: I have a 2.4GHz Celeron CPU and originally output stuttered badly. Fortunately I had an nVidia video card and selecting the XvMC option allowed the card to assist with MPEG-2 decoding and eliminate the stutter (in MythTV’s frontend menus, navigate to: Setup -> TV Settings -> Playback). To take advantage of the 16:9 aspect ratio of my Sharp Aquos display I had to manually customize my /etc/X11/XF86Config file. I’m not sure I did it right but it seems to work.

Noise. To record and play programs the HTPC has to be left switched on for extended periods of time. Even though I already had a Zalman CPU cooler the whine of the small northbridge cooler drove me to distraction: I had to special order a Zalman northbridge heatsink with an epoxy binding as the motherboard had no mounting holes for anything else. I was able to quieten my disk drive by using ‘hdparm -M128 /dev/hda’ to set its acoustic management feature.

Power. To get my HTPC to power off between recordings I had to figure out how to configure /etc/nvram-wakeup.conf for my motherboard. My motherboard (a FIC Dynasty) did not appear supported and I was unable to get it to work.

Scroll to top