I'm about to embark on a project to rewrite a mod_perl2 application to Catalyst.
I promised mst I would blog about it, or otherwise make the process known, so that others might follow my example.
Sure, I'll do that, but is it really a good idea to follow in my footsteps?
I'll leave that up to you, my reader. I obviously have at least ONE reader, as you're currently reading this. Right?
I can't share any of the source code in the larger context, since I don't own it. My employer would probably fire me outright if I shared the proprietary software, and I'll even do my best to keep my employers name out of this. This is about the process of rewriting, not about my job in general.
I also won't go into the old software too much, except where it's relevant for the rewrite, and I won't comment on the choices made when it was written or anything of the sort. This is about modernizing, not about dredging up the past.
Let's just hope I remember to update this as frequently as I want!
A few friends of mine are currently working on a community website of sorts, which means they'll have tons of user-provided content and interaction. This also means there are possible XSS problems all over the place.
So they stated dutifully adding `| html` all over the place. But that's stupid. It's playing whackamole because this sort of issue will keep cropping up again and again, often only to be noticed after it's abused.
However now it's really easy to fix this by having the html filter applied to all tokens in a template:
To break this down:
This is your typical TT view for your Catalyst app. It uses on Catalyst::View::TT as base class, but defines v0.37 as a minimum. This version (released today) supports the CLASS parameter, which allows you to set the class to be used to create the TT object.
Documentation is a social asset, but it's balanced by a technical debt. Documentation describes code that changes over time. As the code changes, so must the docs.
I want to write good documentation for my Perl distributions, but my standard of "good" documentation requires a lot of effort to write and maintain. I'm working on Pod::Plexus to make it easier. It doesn't replace anything, as far as I know. In fact, I've begun using it with Pod::Weaver in my Reflex distribution.
For example, I tend to write modular, cross-referenced code. Everything but the most superficial interfaces is used somewhere else in the distribution. I'd rather not contrive usage examples, so why not reuse parts of the distribution in the documentation? So Pod::Plexus includes an "=example" directive to insert live code into the documentation.
It has been a while since I've blogged, even more so over a webapp such as this. It has been quite some time even for my own personal blog, which I'm now considering to retire as so much of what I share usually now goes to Plurk (and recently, Google+.) Still, I would like to write more about my Perl experiences in depth, so getting an account on this side sounds like a good idea.
Oh, BTW, introductions are in order: I'm Zak, just another Perl hacker from the Philippines. My day job as the head BOFH of Orange and Bronze has me mostly working with infrastructure like Ubuntu and OpenBSD, and dealing with issues with some Java webapps (*cough*) for clients, but I've been a fan of Perl for quite some time. I currently maintain a couple of CPAN modules, with a third one coming, and have been meaning to break into some more serious web development work with Perl, via Mojolicious.
Most of my distributions are on GitHub and built using Dist::Zilla. As the dependencies of each vary widely and I don’t want to muck up my workstation’s libraries, I set up a local::lib for each distribution’s development.
Tussle, or "Tom's Unicode Scripts So Life is Easier", is a collection of some of the utilities that Tom created to explore various Unicode things. If you've read some of his Unicode treatises, you've probably seen him uʍop əpᴉsdn ʇsod. With his leo script, you can type just like Leonardo too. Some of this will undoubtably be in Pʀᴏɢʀᴀᴍᴍɪɴɢ Pᴇʀʟ (there's a script to do small caps too), but you don't have to wait (that's not CSS doing that).
Besides the fanciful programs, there are various utilities to check the normalization forms, do better case mapping than Perl's builtins do, and various programs to search the Unicode Character Database. I've been having quite a bit of fun playing with them today as I tried to figure out how to write a short description for each.
Another tool to debug your Plack application is InteractiveDebugger
You can dive into your code, explore your stack and see all variables in each frame.
And execute arbitrary code at some level!
Just try it:
plackup idebug-demo.psgi
firefox http://127.0.0.1:5000/
It is only one month left before YAPC::Europe 2011 Modern Perl! The conference is on 15-17 August in Riga, Latvia.
Yesterday we reached another record of 200 committed attendees. We know that Perl community is much bigger and would like to see everybody in Riga. People from 40 countries and 60 monger groups are going to attend the conference.
Our talk list is enormous and dense. Three days of four or five talk tracks. Three hours of lightning talks. Track for beginners. Larry Wall Monday morning, Damian Conway Tuesday morning, Jesse Vincent Wednesday morning. Talks about Perl 5, 6, 5.14 and even 5.16. Talks on web frameworks, DBIx et. al., NoSQL and clouds, and much much more.
As an update and continuation of my last post: lot has happened. This is also a kind of Grant report since the Perl 6 Tablets are rolling again and I plan to cash in the first half of the TPF grant around YAPC in Riga but definitively before Frankfurt (german perl workshop).
You may ask what took so long or why I believe to be now much faster. I just see how much I was able to do in last months. There was the perl tutorial which was very successful in his first part, but 7 or 8 other will follow. You can watch them growing or participate in our wiki.
Yesterday I had a lot of work to push my code to dotcloud, using the new client, 0.4.1. This mainly because the structure of DotCloud services changed.
These are some pointers to help if you get into the same problems:
Now the dotclout push command doesn't copy your code to a specific service. It is copied to all services, even for mysql servers. Also, the copy is not performed directly to the server. First, it is done to an intermediate upload server, and then sent to all your service servers.
Back in May there was some discussion on the CPAN Testers Discussion list regarding the statistics available on the CPAN Testers Statistics website. As I was already in the process of cleaning up several pages, some of the ideas looked worthy of including in the next release. Two have made it, and are now available for those interested in the reporting statistics.
MetaCPAN went live with the switch over to Catalyst (previously we hadn't been using a framework at all) this morning.
The main aim was to make it easier for people to contribute and also to extend.
An unintended consequence was a significant increase in speed. We've not delved into the details - but the lesson learned is that using something as established and polished as Catalyst really makes a big difference compared to putting something together from scratch.
We've also added an experimental 'Sign In' button - have a play! You can use either Twitter, Facebook, GitHub or PAUSE to log in. Once you have authenticated against PAUSE, you will be able to edit your author's profile page via the front-end.
Sherm Pendley passed away this last weekend. He was a regular on usenet
and also the author of CamelBones, a Perl/Objective-C bridge. I got to
know him well over the several months as I placed him at his current
job. He was very well respected and liked at that company and all his
colleagues and I are all very shocked and saddened at this news. I
haven't heard an official cause of death but he was ill last week and
something must have gotten very bad. He will be missed.
Let this blog post be also an invitation to my talk that I'll have on this years YAPC::EU::2011 in Riga and a reason "Why?" there will be more questions then answers.
There is one question that keeps me busy for quite some months now already and that is: What if the knowledge and wisdom is not in answers, but in questions?
As it kept me busy for just too long and as I'm a full-time Perl programmer, I've decided to write a code to help me answer "Why?".
Sherm Pendley passed away on Saturday, July 9th. He was best known in the Perl community as the primary author and maintainer of CamelBones, an Objective-C/Perl bridge for use in Cocoa development. He was known among his friends and loved ones for his wit, humor, and intelligence. Sherm once wrote: "Simply put, my overall goal is to leave the world a better place than I found it."
I'm grateful to have found such a wonderful language to help me do almost any job at work better, and for keeping me entertained long into the night away from the office. I look forward to another 10 years. Thanks Perl!
Ran into an issue today and wanted to share in case anybody else hits the problem.
Using the good-old cpan client I found myself unable to install a module.
It took me a while to track down the problem...
I had CPAN::SQLite installed and that appears to have a bug
(which I filed as RT 69415):
If a greater version of a dist is removed from the CPAN,
CPAN::SQLite will fail to reindex the "current" (lesser) version,
which means the cpan client will spiral into a 404 loop and give up.
So if you try to install a module and cpan spews 404 errors for a different version than you're expecting, open up ~/.cpan/cpandb.sql with sqlite3 and delete that record with something like:
