Those who want to play with XMLHTTPRequest and Common Lisp should check out CLiki : cl-ajax, which provides the necessary framework for easily integrating Common Lisp functions into web applications based on Araneida.
programmierung - 23.1.2005 - 16.3.2005
Naked Objects are not indecency and impropriety, but simply the idea of exposing your objects in Smalltalk directly to the world - each object thus has its own mini-GUI so to speak. As a result, users work directly with the actual objects and many problems of GUI frameworks are eliminated - there is no longer a need to explicitly mediate between GUI and object, the objects do this themselves.
And for those who don't like or can't use Lisp, perhaps SAJAX - Simple Ajax Toolkit by ModernMethod - XMLHTTPRequest Toolkit for PHP can help, which supports not only PHP but also Io, Lua, Perl, Python, and Ruby.
Usable XMLHttpRequest in Practice is an interesting little article that explains the use of XMLHttpRequest using an example and discusses usability aspects.
ParenScript is a compiler that converts Lisp to JavaScript. Certainly a pretty brilliant thing for Lisp-based web servers and application frameworks, because the programmer can work in his familiar language tools. Clientside Lisp by detours, so to speak ...
CherryFlow - Continuations in Python
CherryFlow is a continuation-based framework for Python and CherryPy. With it, you can also build continuation-based web servers in Python. The special feature: CherryFlow uses either Stackless' dumpable generators or StateSaver, a small C extension that allows copying running generators under normal Python. Exactly what I back then was looking for to complete my continuations for Python.
Poly/ML Home Page
Poly/ML is a very fast implementation of Standard ML 97. Interesting feature (apart from performance): the system is much more oriented towards Lisp systems than towards classic command-line compilers. You have an interactive working environment and an image that is automatically saved when the session ends and thus makes all definitions available again in the next run.
The advantage of this way of working is simply that you can adapt your system to your own needs over time. Together with the FFI and external libraries, you can gradually put together a nice environment that is optimized exactly for the intended goals. In addition, you often save extra object databases: you simply save values (or in the case of ML, structures) in the image and keep them there.
Since Poly/ML simply hangs the image in the address space using mmap and does not first read and then write it later, the whole thing is also quite fast - with image systems, the system start often bothers.
Oh, and by the way, Poly/ML runs smoothly under OS X ...
The speed of the compiler unfortunately does not necessarily continue in the generated code, as can be seen from this comparison. But just like with OpenMCL, the fast environment is definitely advantageous for prototyping. You can then set a compiler that takes longer but then spits out better optimized code like MLTon.
Ruby stuff for Macs
Ruby stuff for Macs is a ready-made DMG for both Panther and Jaguar with pre-installed Ruby 1.8.2 and various extensions (including Rails and Rubygems!). Unfortunately, the 10.2 DMG is broken - I've contacted the author.
You can of course also compile Ruby yourself, it's not particularly complicated. For OS X, there's also DarwinPorts. However, the port under 10.2 is acting up and cannot be compiled cleanly. Something in the iconv module - syntax error.
Somehow my system doesn't like Ruby today
Update: now the package works.
The fate of reduce() in Python 3000
The fate of reduce() in Python 3000 - well, it's probably time for me to switch languages. Because anyone who is so stupid as to cut themselves off from Lisp roots will only manage to rebuild more powerful possibilities with primitive means. Ruby also looks very useful and I'm slowly getting used to the syntax ...
Anonymous functions (lambda in Python, blocks in Ruby or Smalltalk) are far more than just obscure Lisp relics. I have many code snippets that live precisely on the fact that I can pass around anonymous code blocks - ultimately, this is about writing your own program structures. In Smalltalk and similar languages (and to some extent in Ruby) you can use this to extend and develop the language itself - which is one of the strengths of Lisp and its friends (and that's why it's also found in Smalltalk and its friends - the Smalltalk developers had a lot of Lisp know-how).
Languages that castrate themselves at this point and think that iterators and list comprehensions (basically nothing more than loops written in shorthand) are a viable replacement for being able to program your own control structures and your own language tools have become completely uninteresting to me. I don't like language designers who think they are smarter than the later programmer and want to impose a language corset on them.
UnCommon Web Tutorial
The article hyper-cliki : Web/Continuation describes how to write web applications with the continuation-based web framework UnCommon Web in Common Lisp. Very interesting, as Common Lisp itself is much more handicapped with continuations than Scheme - in Scheme continuations are first-class objects by standard, in Common Lisp they are not.
Continuation-based web servers have the advantage that the actual code can be structured very similarly to classical applications. You don't have to deal much with the event model of classical web programming and you rarely have to deal with explicit session constructs, because the session in a continuation-based web system is implicit.
There are continuation-based web frameworks for the following languages:
- [Smalltalk][1]
- [Common Lisp][2]
- [Scheme][3] (unfortunately no direct link to the web server itself)
- [SISC Scheme][4]
- [Ruby][5] [twice][6]
- [Python (via CherryPy and either Stackless or StateSaver)][7]
There are certainly more, but these are the ones I could find quickly.
Hedgehog is a nice little Lisp compiler and bytecode interpreter with a special focus on low resource consumption. Unfortunately, interactivity and debugging suffer as a result: no tracebacks and no REPL, just running scripts and searching for the breakpoint in the pseudo-assembler source via grep. It would be nice if the language could offer these interactive features as an option - you can then leave them out in small boxes.
cyrusharmon.org: More GCC-XML (new and improved -- now with pr0n!) - crazy title, but a brilliant thing: SBCL gets native bindings to the Carbon API. And thus becomes the second Open Source Lisp system with integration into the OS X world (although Cocoa bindings would of course be cooler - but so far in the Open Source area only OpenMCL offers that).
How to setup WebObjects 5.1 on Linux
How to setup WebObjects 5.1 on Linux describes how to get WebObjects (the original from Apple) running under Linux - due to the Java basis of the 5.x versions, this has become significantly easier by now. Although I am naturally much more interested in the Objective-C version for Linux - Java is not the big performer on Linux in terms of performance ...
Well, for the Objective-C version, you can also fall back on SOPE (I reported), it is compatible in many areas. For using XCode, there are also project templates, so you get similar comfort during development. I have to try how it looks with ProjectBuilder.
OpenACS
OpenACS is a web application platform that is often overlooked, based on AOLServer and PostgreSQL.
OpenACS also comes with a whole set of ready-made modules - true to its name as Ars Digita Community System, it offers a whole stable of ready-made applications. A complete CMS is also included. And all of this is partly several years old - from times when other CMS projects were still dreaming of being conceived.
The AOLServer is a multithreaded web server that uses TCL as a scripting language, just as Apache is often combined with PHP. However, the AOLServer is very fast and surprisingly resource-efficient. The thing is called that for a good reason: larger parts of AOL run on the server and it originates from there. It's still worth something.
All in all, an exciting old-timer with interesting features and - due to its age - quite good documentation. But also some warts and edges that may seem a bit strange nowadays. One must keep in mind that when ACS was developed, the definition of CMS was only in its infancy.
SKYRiX Object Publishing Environment
The SKYRiX Object Publishing Environment is a free variant of a web application framework based on the WebObjects model. Specifically, considering that WebObjects is now migrating from Objective-C to Java, SOPE is very interesting - as it is still entirely Objective-C.
Moreover, it runs not only on OS X, but also on Linux. And of course, I like that it is based on PostgreSQL and not on this glorified index card box ...
Would be a good reason to refresh my somewhat rusty Objective-C skills. However, the documentation is still quite sparse - but you should be able to refer to the WebObjects documentation for many areas.
By the way, for Debian Sarge there is a repository with ready-made packages for SOPE. It is not yet on their homepage, only on the Freshmeat project page for SOPE.
It is, by the way, the basis for OpenGroupware.org - a groupware construction kit (according to the developers themselves). And there is a Live-CD with which you can test the whole monster without having to install much.
Can someone explain to me why I have never seen this project before? Do I have tomatoes on my eyes? Strange ...
A warning to those who want to get started (I just compiled, installed and tested everything): describing the documentation for SOPE itself as non-existent would be flattering.
Tip: a WebObjects application is so to speak a small web server in itself - you simply start it and attach Apache to it using the mod_ngobjweb module to this small mini-server, and then you can access the elements of the application. It is not immediately obvious for someone who does not know WebObjects ...
Stu Nicholls Cutting Edge CSS An amazing CSS puzzle is a small maze game that was implemented using only CSS - no JavaScript. Wow. (found at photomatt)
I didn't know that the SmartEiffel The GNU Eiffel Compiler now also compiles to Java bytecode. Maybe you could use it on the Mac together with the Java-ObjC bridge to write programs there and play with Eiffel again.
Back to the Future: The Story of Squeak - how one of the coolest Smalltalk environments came to be.
PL/I for GCC is an implementation of PL/I as a frontend for GCC. Very interesting, as it is not a precompiler with C output and, unlike earlier projects, does not aim to be only a subset implementation (although, of course, at the moment only a subset is implemented - but it is constantly growing). I admit, I still like the baroque syntax of PL/I, even though it has been many years since I programmed with it.
Moderate trackbacks in general
For WordPress, there is a plugin that automatically sets trackbacks to moderated. However, this plugin uses additional database accesses (sets the moderation flag after the creation of the trackback), which is rather annoying for trackback spammers - every additional database access increases the system load. Therefore, I wrote my own version of it, which does not require any additional database accesses. The source is available here.
BA is said to have favored Accenture in online job exchange
BA allegedly favored Accenture in online job portal - does this still surprise anyone? The botched work on this thing knows no bounds. And now it's botched work and favoritism - which was to be expected with such a poor result.
What always makes me angry about this: if you yourself are active in the industry, you only wonder about the exorbitant prices that are charged for such deals - and how poor the performance is that is delivered. But you yourself have to invest three hours of documentation work for every hour you work to get your money, because with smaller deals, cheap is great.
A Call to Action in OASIS
A Call to Action in OASIS is an open letter from a whole range of Open Source big names against the latest OASIS framework conditions. OASIS deals with the standardization of data formats and web services, and in the latest framework conditions, standards should also allow those based on patented techniques - and thus ultimately give companies the means to exclude Open Source programs with these standards. In principle, a rehash of the same stupid idea from the W3C - which then withdrew this idea in response to the protests.
The Plugin API for WordPress lists actions and filters defined by WordPress. Currently being filled with content.
Ape can transparently map Python objects in Zope to filesystem objects or PostgreSQL databases. Could be very interesting for work. Can also be used standalone (without Zope).
Ian Bicking compares FileSystemView vs. LocalFS as alternatives to store Zope objects in the file system.
Apache Rivet - Integrate TCL as an alternative to PHP into Apache and design dynamic pages with it. Fighting fire with fire?
Introducing sIFR: The Healthy Alternative to Browser Text
Introducing sIFR: The Healthy Alternative to Browser Text describes a method based on JavaScript, CSS, and Flash to free text styling from the limitations of CSS and use any fonts.
The technique works similarly to CSS image replacements, except that the replaced text can grow with the page (e.g., if the user has set a larger base font). If a visitor has Flash and JavaScript available, correspondingly marked text areas are replaced by a Flash rendering.
If the visitor has no Flash or JavaScript is disabled, they will see normal text content via the browser's capabilities. Accessibility is thus largely preserved - the HTML remains semantic, and screen readers for text browsers as well as semantically controlled HTML readers should have no problem with it. Visually impaired users with large fonts can also benefit - for example, by disabling Flash, the user's chosen font size will be selected.
It is definitely better than CSS image replacement for headers, as it can adapt to the dynamic environment much better. Image replacements are not zoomed and do not support copying and pasting of content (which is also supported by Flash).
The Technorati Plugin Beta provides a similar list to regular comments - except the links and text excerpts come from the Technorati link cosmos for an article. I'm currently wondering whether something like this couldn't also be done meaningfully with blogger.de - this way you could also catch those who aren't automatically linked via Trackback or Pingback. Of course, you'd have to check for duplicates against the regular trackbacks and pingbacks. Hmm.
phpOpenTracker is a live access analyzer for websites. It can be integrated directly into PHP applications or data can be collected from static websites via web bugs (small invisible graphics). You can use it to learn quite a lot about user behavior on websites. And Asymptomatic is currently working on a WordPress plugin for it, which will allow you to see the corresponding evaluations in the WP backend...
javascript:xmlhttprequest [JPSPAN] - XMLHttpRequest is what makes Gmail and other highly interactive web applications tick. Integration of JavaScript code with server code through small HTTP requests that then update only parts of the page.
What to expect when updating MySQL 4.0 to 4.1. Okay, database version upgrades are never easy and can always cause problems.
Microsoft Interoperability
Ian Bicking describes what Microsoft Interoperability really means. A quote from a Microsoft support employee:
Microsoft isn't in the business of integrating with non-Microsoft software.
Finding Deep Links in Log Files
I asked Pepino about it recently, so I put my Deep Link Finder Script online. It's a simple Python script. Should run on Python 2.2 and up, possibly even Python 2.1 (but that hasn't been tested). The script is configured in the source code (I've added comments for it) and then simply called with multiple logfiles as parameters. It extracts from Apache Combined Logs which sites deep link to specified file types (configurable, some image types are set by default) and how often. It outputs an HTML fragment that you can add headers and footers to in order to put it online - for example, that's how my Zeitgeist page for deep links is created. The other pages have similarly structured scripts, except they collect search terms and general referrers instead.
I take a look at the deep linker list now and then, and if someone shows up there who deep links quite a lot and isn't an aggregator or news service, they get shown a corresponding replacement image. But really only those sites. It bothers me too when my feed reader suggests I'm an image thief or traffic robber.
Firefox - IDN - 0 Info - 0 Transparency
Kai is ranting about Firefox - IDN - 0 Info - 0 Transparency - and he's right with his rant. You're used to this security secrecy from commercial providers, but with open-source projects it annoys me every single time as well. When will people finally understand that only early disclosure gives users a chance to protect themselves? Keeping bugs secret is based on the absurd assumption that you're the first to notice this bug. Which is simply silly: a blackhat who notices this bug will certainly not broadcast it but instead exploit this bug for as long as possible. And so only those benefit from keeping it secret for too long - the ones we shouldn't be helping anyway.
User security needs to be the focus of security considerations - and specifically the informed user who is capable of turning information into meaningful action. The uninformed user doesn't care anyway, they click on everything. But a sysadmin who knows about a problem can at least contribute through educating their own users so that they maybe act more cautiously for a certain period of time. An uninformed sysadmin doesn't even have a trace of a chance to do that.
In "On the GPL" Isotopp writes about the GPL and what is actually in it and how one can understand it. A pretty good explanation, I think. Should be recommended reading for anyone who believes the nonsense that Microsoft, SCO and some others spread about the GPL.
The MBROLA PROJECT HOMEPAGE - the MBROLA project provides a free phoneme synthesizer. Phonemes in, speech out. It is based on diphone databases, which are available for a wide range of languages. The project page also contains links to text-to-speech projects that build on MBROLA.
Optimization Surprises
In dirtSimple.org: Optimization Surprises, Phillip J. Eby writes about optimizations he made to his implementation of generic functions in Python. I find it fascinating whenever he writes about this project, because generic functions are well-known to me from Common Lisp. However, what's equally fascinating is how he squeezes out half microseconds of performance.
In his case, it actually makes a lot of sense, since it's about central machinery that gets called constantly with generic functions. Minimal performance improvements make a huge difference in tight loops.
Also very interesting is what he discovers about Python's internal mechanisms and what effects, for example, simply the existence of closures in a function has on processes.
Exciting. Absolutely exciting.
eAccelerator is another PHP accelerator. It is based on the Turck mmCache source, but is actively being developed.
The Free Legal Advice for Open-Source Developers is certainly probably only really useful for US American developers - but perhaps something comparable will come to Europe as well.
Away with Trackback
Isotopp is pondering trackback spam on the occasion of spam day and presents several approaches. One of them uses a counter-check of the trackback URL against the IP of the submitting computer - if the computer has a different IP than the server advertised in the trackback, it would probably be spam. I've written down my own comments on this - and explained why I'd rather be rid of trackback today than tomorrow. Completely. And yes, that's a complete 180-degree turn on my part regarding trackback.
The IP test approach once again comes from the perspective of pure server-based blogs. But there's unfortunately a large heap of trackback-capable software installations that don't need to run (and often don't run) on the server where the blog pages are located - all tools that produce static output, for example. Large installations are Radio Userland blogs. Smaller PyDS blogs. Or also Blosxom variants in offline mode (provided there are now trackback-capable versions - but since they're typical hacker tools, they definitely exist).
Then there are the various tools that aren't trackback-capable, where users then use an external trackback agent to submit trackbacks.
And last but not least, there are also the various Blogger/MetaWeblogAPI clients that submit the trackback themselves because, for example, only MoveableType in the MetaWeblogAPI allows triggering trackbacks, but other APIs don't.
Because of this, the IP approach is either only to be seen as a filter that lets through some of the trackbacks, or it's a prevention of trackbacks from the users mentioned above. And the latter would be extremely unpleasant.
Actually, the problem is quite simple: Trackback is a sick protocol that was stitched together with a hot needle, without the developer giving even a moment's thought to the whole thing. And therefore belongs, in my opinion, on the garbage heap of API history. The fact that I support it here is simply because WordPress implemented it by default. Once the manual moderation effort becomes too high, trackback will be completely removed here.
Sorry, but on the trackback point the MoveableType makers really showed a closeness to Microsoft behavior: pushed through a completely inadequate pseudo-standard via market dominance - without giving even a thought to the security implications. Why do you think RFCs always have a corresponding section on security problems as mandatory? Unfortunately, all the blog developers faithfully followed along (yes, me too - at Python Desktop Server) and now we're stuck with this silly protocol. And its - completely predictable - problems.
Better to develop and push a better alternative now - for example PingBack. With PingBack, it's defined that the page that wants to execute a PingBack to another page must really contain this link there exactly as it is - in the API, two URLs are always transmitted, its own and the foreign URL. The own URL must point to the foreign URL in the source, only then will the foreign server accept the PingBack.
For spammers this is pretty absurd to handle - they would have to rebuild the page before every spam or ensure through appropriate server mechanisms that the spammed weblogs then present a page during testing that contains this link. Of course that's quite doable - but the effort is significantly higher and due to the necessary server technology, this is no longer feasible with foreign open proxies and/or dial-up access.
Because of this, the right approach would simply be to switch the link protocol. Away with Trackback. You can't plug the trackback hole. PS: anyone who looks at my trackback in Isotopp's post will immediately see the second problem with trackback: apart from the huge security problem, the character set support of trackbacks is simply a complete disaster. The original author of the pseudo-standard didn't think for a minute about possible problems here either. And then some people still wonder why TypeKey from the MoveableType people isn't so well accepted - sorry, but people who make such lousy standards won't be getting my login management either ...
Orange Data Mining
Another link for the number crunchers: Orange is a data mining library with Python integration and—at least judging by the screenshots—an interesting GUI.
darcs - Distributed Versioning
darcs is one of many version control systems vying to succeed CVS. Specifically, darcs belongs to the class of distributed version control systems and is thus naturally superior to Subversion with its centralist approach (at least if you want to manage a distributed project and can't just get by with the central repository). Normally I wouldn't say much about something like this — after all, there are currently more version control projects than there were editors in the 80s. But seriously now: who can ignore a version control system that is written in a functional programming language with lazy evaluation (yes, exactly, this thing is in Haskell — so much for the claim that Haskell is unsuitable for practical projects) and describes itself as being based on a "theory of patches" with roots in quantum mechanics? And the programmers even use literate programming — yes, that somewhat forgotten method by Knuth of combining documentation and code in a single source file and developing a program from a documentation-centric perspective. Simply cool.
Using the .Mac SDK - Objective C (and probably also Python via PyObjC) interface to .Mac.
freshmeat.net: Project details for JRuby - cool, JRuby has now reached Ruby 1.8. A nice alternative in the Java environment to simply program with Ruby. The Jython folks should get a move on and finally make Jython fully Python 2.3 compatible - there's still a lot that needs work there.
Introducing JSON - another object ASCII notation, this one based on JavaScript syntax. Quite interesting - not as fussy about whitespace as YAML and not as verbose in syntax as XML.
.: json-rpc.org :. - an RPC library based on JSON.
Asymptomatic » New "Secret" Project - something like a peer-to-peer network built on standard technologies like HTTP and DNS. DynDNS for mutual discovery, HTTP for file transfer, and RSS and HTML for file lists. Actually a nice idea.
RSS 1.1 and Postal's Law
The RSS 1.1: RDF Site Summary (DRAFT) contains a passage that I only noticed today ( through this posting). This fits well with the topic of developer arrogance. Because here again a developer has easily strayed from the path of reason. Of course, it's important that a standard is cleanly defined and that producers of formats adhere to these standards. It's also okay to require that a consumer of this format checks it and provides messages when deviations occur (though few users can make sense of their aggregator's messages anyway). But it's completely unrealistic to believe that aggregator users are satisfied when their aggregator just spits out an error message and no content. That's just as stupid as the same approach with XHTML - where some browsers actually implement it and don't go into Quirks Mode for broken XHTML, but simply deliver the XML parser error. Sorry, but that's complete nonsense. Every communication protocol has two ends - the producer and the consumer. And Postal's Law - be conservative in what you produce and liberal in what you accept - is simply the most sensible way to approach such communication protocols that transport content intended for humans. Requiring that consumer applications not display existing content due to format errors is simply unrealistic.
Thinking Forth
Thinking Forth is now available online. My first Forth book - it really fascinated me with the language back then. Especially because it was much more suitable for the computers that were accessible to me at the time than most other programming languages.
Audioscrobbler :: Development - Last.fm Streaming API - an API to access your last.fm station.