Posts tagged: conferences

Reports from YAPC::NA 2014

Greetings from Orlando, where several hundred Perl programmers are gathered to talk shop and improve our craft. Is it a tribe? Is it a cult? Is it a movement? It’s something like all three.

It could be a nation…

As I do each year, I will blog the conference, conferring more or less detail about each session I attend, as time and enthusiasm permit. Thanks to the University of New Hampshire for sponsoring my attendance. Those who might want to drop in from afar can check out the live feeds on YouTube.

Day 1

If you don’t know much about Perl, and where it comes from, it comes from this community. Perl is not owned by any company or individual. The treasurer of the Perl Foundation is thanking various donors, the money from whom is channeled into grants for those maintaining the core of the language. Perl’s vast repository of useful modules, CPAN, is almost exclusively thanks to code uploaded by programmers as free and open source, just like the language.

Mark Keating is now running the numbers on CPAN contributions over time, demonstrating with no uncertainty that Perl development is alive and thriving. Because Perl made its debut in 1987, and is one of the older dynamic languages, we sometimes fight the misconception that the language is now dead or dying. Far, far from it. And speaking of far from dying…

Our Benevolent Dictator For Life, Larry Wall, is now up for the keynote. Good news: he has been cancer free for a year. Long round of applause for the man we all adore.

Quick aside: at hardcore geek conferences, you *never* hear peoples’ devices making unwanted noise. This is either because we know better how to use our devices, or, because nobody calls us. Leaning towards the latter. [update: I take that back, thanks to a King of Pop ringtone. \fail ]

Larry is diving right into Perl 6 and the many improvements being made to the language. A key principal is that Perl should remain Perl: a language that enables complexity when needed, but tries hard not to force it when it is not needed. This is how they lured me down the rabbit hole of programming: Perl made it look easy when I started out. Heck, it still is easy (except when it’s not). The capsule motto: making easy things easy, and hard things possible.

When will Perl 6 be available? By Christmas. Don’t ever ask again. (Writing a computer language itself? Not easy.)

Time for some lightning talks. Blogging these might test my typing skills, so don’t expect much.

[lunch happens]

The regular sessions have begun. I am starting off with First Time CPAN Contributor. I’ve never contributed a module myself, but if I decide to, this information might come in handy. A particularly interesting resource mentioned is dzil.org.

Day 2

Well, I have been feeling a bit under the weather, but the world ain’t stoppin’ for me, folks. Bring it on, Day 2.

Starting off with a session about Scrum. I’m generally not a fan of buzzy sounding development methods, probably because I often work alone. I don’t need to coordinate development efforts amongst my seven personalities (much, at least). These methods are for helping teams work effectively together, teams who are all actively coding on the same project.

[snip! I just excised some truly disparaging thoughts about Scrum. Hey, who am I to criticize? If Scrum is your development religion, I'll respect it. I just don't worship it myself, currently.]

The speaker is making some interesting points about what motivates people though. He is pointing out how the desire to have agency in one’s like is a prime motivator. I can attest to that. There was a school that imposed fine when parents brought their children to school late. Despite the fines, tardiness doubled after the fines were imposed. Parental agency was removed, and money was found to be a lesser motivator. I can see that applies to programmers quite often as well.

On to Object Oriented Selenium Test Suites. This presentation is from a full-time QA engineer. It’s unfortunate but this is very much the territory of, well, full-time QA engineers. His Selenium-based test suite is a full-time coding project in and of itself, not something I could undertake at the same time as coding actual apps for end users. UNH: can we hire this guy?

Nevertheless, it’s good to know that did I have the time, I’d probably use Selenium. This is pretty neat technology, and open source, driving testing automatically through browsers and testing for expected behaviors. It’s slick, and I like slick.

On to a session on iCal called Calendars Hate The Living, which coders know is true. Date and time handling is notoriously tricky. Unfortunately no actual code was shown in this talk so I had a hard time referencing it to what I am doing…

On to MetaCPAN::API, first introduced by SawyerX, but for which now MetaCPAN::Client is more recommended (and the author steps up to the mic). MetaCPAN is an extension of CPAN for better retrieval of data from this vast repository. MetaCPAN::Client returns objects which are more convenient to use than the hashes that MetaCPAN::API returns.

Speakers thus far, aside from the Selenium guy, have not been showing much code. Show me how it works, people! That’s the point here. The high-level descriptions are largely things I already know or have inferred.

I complained too soon. Code! Ahhhhhhh. Thank you. Yes, the MetaCPAN::Client interface does look nice and clean. We’re a little too obsessed with pulling data by author here (how does this help me?) but I am sure the other searches work similarly. My main interest is in version and deployment controls. Ah! Now we have an example of pulling all of a module’s dependencies on other modules. That indeed could be useful, and is likely what the author of Carton, Tatsuhiko Miyagawa, is using.

On to State of rt.cpan.org and rt.perl.org, the bug trackers for CPAN and for Perl core itself (including both Perl 5 and Perl 6). Details of this are not particularly worth relating… just the details a sys admin / developer deals with in the Perl bug tracking world.

Now a session on perlcc (or, B::C), which is a way to precompile your Perl program, to save on startup time when it executes. Perl is an interpreted language that incurs a startup cost as your program is interpreted and compiled to execute at runtime. In performance sensitive situations you may want to use this method. It’s done like this:

perlcc -o foo foo.pl

And you’re done. Optimizations are done at the C level, etc., you don’t want to know.

Time for Ricardo’s talk (after a mediocre yet satisfying lunch buffet by the hotel). Ricardo is still the Perl pumpking, going on… three years? I’m not sure. Maybe more. The “pumpking” is basically the build manager for Perl 5 releases. But this is not primarily a Perl 5 futures talk. This is a series of Ricardo-only lightning talks full of tips and utilities he uses or has written. Any overactive programmer can and should give a talk like this sometime, a miscellaneous grab bag of ideas that could inspire others. Too may tidbits to share here, coming in too fast. “Lightning” is a good description of the speed here. Lots of Perl, git, shell productivity goodness.

Day 3

My third day here at YAPC::NA starts off with a session on choosing a web framework. The speaker has undertaken a good exercise: to implement a personal website of his in three different frameworks (Catalyst, Dancer, and CGI::Ex::App), and compare the experiences of doing so. He is showing plenty of code but sadly the projector in this room is not projecting largely enough for some slides. He says Catalyst is fast, but the dependency chain is the largest of the three. Dancer, he says, is fast *to develop in*, and the ‘cons’ were not quite as evident. CGI::Ex::App is a less known framework, which is used at the speaker’s company Bluehost. Its main advantage is most likely that Bluehost programmers are intimate with it and have complete control over it. I can identify with that approach, as that is the approach I use.

Caught a bit of Getting Testy with Perl before the Devel::NYTProf talk. Wish I had seen the whole testing talk because Steven is excellent and there was a tiny helicopter involved. Nonetheless, on to performance profiling with Devel::NYTProf. I’ve seen a version of this talk before but I could use a refresher because I’ve never yet had to reach for this tool (but I sense the day could come).

Tim Bunce, the speaker is recommending the measurement of real time over CPU time, in most cases. [I would have more notes here on this session but some UNH work has intervened a bit.]

It’s afternoon, and time for Ricardo’s talk on Perl 5.20, the very latest version of Perl 5. Check this out:

use experimental 'smartmatch';

This turns on the ‘smartmatch’ feature, which is experimental. Experimental features may be changed or even removed in future versions of Perl, therefore, the language is explicit about that. This is cool because sometimes you don’t know if or how new features will work until a bunch of people actually try them in the language. But you don’t want to lead folks down the path to ruin, thinking the feature is stable before it isn’t.

Now check this out:

use experimental 'postderef'

# now wherever you were deferencing like this...
my @array = @{$array_ref};

# ...you can choose to deref like this:
my @array = $array_ref->@*;

Notice: The new way requires one additional character to write. Huh?

But it’s not about that. It’s a readability thing. Nested data structures can get funky to read with standard curly in-place dereferencing, so, this new postfix dereferencing is a big improvement. Check this article for a more complete treatment of the subject.

He’s now running through a series of super-obscure bug fixes, to great acclaim. A language as stable as Perl is only going to have hilariously oddball bugs.

Finally, a new feature you’ve seen in many other languages: subroutine signatures…

# where Perl has required passing params like this...
sub foo {
    my ($x, $y) = @_;
    # do stuff
}

# ... it can now pass them like, well, a lot of other
# familiar languages
use experimental 'signatures';
sub bar ($x, $y) {
    # do stuff
}

And, yes! You get an error if you try something like…

bar($x);

… because we’re now expecting two scalar variables, and we mean it. That is all kinds of awesome.

I may have mentioned some of these features in blogs from previous conferences, but there is a difference now: they’re available in Perl 5.20, no longer just in the pipeline!

A big hand for Ricardo, who is a master presenter and a truly great communicator at the helm of Perl. I’m pretty sure most of us wouldn’t mind a few more years of him as Pumpking.

Days 4 & 5

Conference days 4 and 5 are dedicated to hackathons, hardware and otherwise. Hacking is not about breaking into systems (at least, most usually it isn’t), but about the culture of inventing new ways of doing things, extending existing systems, etc. More than anything, at a hackathon, we gather and work, some on collaborative projects, some on their own, simply because it’s fun. Working alongside likeminded programmers is inspiring and almost always instructive.

So, I’m actually hoping to get some stuff done today and tomorrow.

What, pray tell, am I working on? Why, stuff for UNH of course! Aside from helping my department, UNH Telecommunications, through its end of fiscal year processing, I an now at work on the next release of Contracts. Contracts is the website used by UNH IT to manage service level agreements and recover revenue from our customers across UNH, RCM style. Aiming to save time for everyone involved… customers, IT managers, BSC staff, etc… this has been a very rewarding project to work on.

UPDATE: If you ever see a person with a laptop in a hotel lobby, arms flailing and cursing and intermittently smiling like a psychotic, they are just writing code. Treat like a zoo animal: observe, but do not disturb.

Reports from OSCON 2013

Guess who and guess what? That’s right it’s Marcus once again, at OSCON 2013, the open source convention held annually in Portland, Oregon. There is no other gathering where you can find such a diversity of computer language and tooling expertise. To say that the open source world has a richer, more collaborative programming community than the commercial world isn’t just an understatement: it’s the very definition.

So, thanks once again to the University of New Hampshire for sponsoring this trip. I will try to return the favor by continuing to write software which will not require expensive licenses, be poorly interoperable, or tied to the whims of a single corporate overlord.

That said, let’s convey some actual information…

My first two days will look like this:

Monday morning – yet another introductory git session. I know. I take these all the time and still use Subversion. So shoot me. This talk is delivered by a github instructor. They evangelize quite well for git, as they should, and teach it very well too.

Monday afternoon – Optimizing Your Perl Development by Damian Conway. Can’t *wait* to see Damian again. This session has a good chance of being the highlight of my week.

Tuesday morning – Web Accessibility for the 21st Century. I am wondering, what year will “…for the 21st Century” stop seeming forward-looking? 2020? 2050? Is there a rule about this?

Tuesday afternoon – Backbone Workshop. Backbone is a Javascript framework to facilitate the writing of a fatter client in the browser while avoiding typical Javascript pain points.

Day 1

Getting Started with Git

I’m spending much of this session aping the exercises to ‘git’ some practice.  See what I did there?  Anyhow, that’s why I’m not writing much about this session, but here is a tiny detail about git (vs. SVN):

Ignoring files in SVN is done via the svn:ignore ‘property’; in git, you create a .gitignore file, which git looks at to know what to ignore. Add and commit .gitignore itself as well. I’m not sure which approach to prefer, but there they are.

This is perhaps my third stint in a beginner’s git class.

Damian Conway’s Development Talk

Neat new tool from Damian called ‘polyperl’, which, in conjunction with Perlbrew, allows you to designate *exactly* which version of Perl your program is running, using the normal ‘env’ on the shebang. It look like:

#!/usr/bin/env polyperl
use 5.012;

Note that ‘use 5.012;’ *without* polyperl in the shebang would only ensure that the *minimum* version you run will be 5.12. Specifying the actual version, no greater and no lesser? Polyperl! Someday Perl will have this natively, but live for today people, and use the Perl and nothing but the very Perl you want.

[skipping a bunch of vim tricks and plugins here...]

Recommendation: Method::Signatures. Damian prefers it over Params::Validate. I’ll have to check to see if it can be used without dying on validation failures (checked: it appears it can). I should probably mention what these modules do. They help you validate that the variables being passed to a subroutine are correct in number, type, etc.

Recommendation #2: Getopt::Euclid as a replacement for Getopt::Long (or any of the other 3,000 modules for writing CLIs on CPAN). This is one of Damian’s own. Cool thing about Getopt::Euclid? The way you define the incoming parameters is to *write the POD documentation* for your CLI. That’s right! Getopt::Euclid reads your POD and uses it as the interface declaration. Gorgeous. Can’t get away without documenting *that* now can you?

And now, I am laughing inside. Damian has his CPAN build/test/release process completely automated. I’ve done the same general type of work to release/deploy my own code to UNH production environments in a scripted, less error prone way. It’s pretty clear that years of reading and listening to Damian have affected me. I am now just as crazy as he is, if only 1/100th as clever.

Day 2

Web Accessibility

It’s now Tuesday morning and I’m in the web accessibility session mentioned above. One point that is being hammered home from the start: there is no standard that’s a silver bullet for accessibility. Many ‘official’ accessibility guidelines, even if met to the letter, don’t *actually* address the problems that users are having in accessing and understanding the content on your websites.

Also, a website which is accessible in one way, for a certain disability, is often totally at odds for being accessible to another disability. Those things are depressing, but they are the truth. If you’re designing, or redesigning, for accessibility, the best approach is to use real assistive technology tools.

NVDA for Windows (a screen reader for the blind) is particularly useful in that as a sighted person, you can turn off the audio and simply have the reader log the text that it *would* read in a separate window. This shows you the ‘flow’ of your page from a screen reader’s point of view, without the constant screen reading chatter. Screen readers are intensely annoying if you don’t absolutely need them.

One useful piece of advice: use page headings, but not to excess. Here we are talking about the h1, h2 etc. HTML elements. Use them as intended as a general outline for your content, but don’t overdue them for design purposes or whatnot. A screen reader user will be using these to hop around to the different logical sections of your content.

A website highly recommended by the speakers: WebAIM.

Another key approach to accessibility testing is mouseless navigation. Stick to the keyboard and you’ll get a much better idea of how the elements flow on your pages. Use the ‘tabindex’ attribute to fix such flow issues.

Coming under severe criticism here: carousels and privileged links…

Carousels: carousels are rotating or self-changing images or content. These are apparently hell on accessibility, for an obvious reason: elements of the page are moving around on their own. We commit this sin on unh.edu itself, despite the very nice design. Perhaps we have something in place to mitigate this for those using assistive technologies? The experts here say to avoid them wholesale. Hey, I didn’t realize it either.

Privileged links: links that, when clicked on, do not grant access to the resources behind them (even with login). A typical message would be “you do not have permission to access this resource” or similar. Repeat offender? Sharepoint. I’ve always despised this. The geniuses at Microsoft probably call these ‘teasers’ or something. Don’t tease me, thanks.

Backbone.js

Backbone.js is an MVC (Model-View-Controller) Javascript framework.  There are approximately eight thousand of these coming out every week these days (slight exaggeration).  Aside from separation of concerns via the MVC approach, Backbone.js and other similar JS frameworks focus on moving state management to the client side.  This means getting away from the request/response model that even AJAX employs.  Instead, the client says ‘Saved!’, and *then* sends the data to the server.

I know.  Sounds dangerous.  But there are ways of handling errors with this approach.  The whole goal is raising the perceived performance of an app.  Milliseconds matter, which the speaker supports which such figures as: if Amazon pages load just 100ms slower than usual, they lose 1% of sales.  That’s compelling.

Another thing Backbone.js brings to Javascript programming is better scoping, which is absent in JS.  By default, you are generally searching the entire DOM (think: an entire webpage) for an HTML element that you’d like to work with.  This narrowing of scope means selectors are greatly simplified and you get further separation of concerns.

The speaker seems to be assuming that we studied for this or something.  The exercises are like Go!  … with no ‘Ready… Set…’.  I think the majority of folks here spend 90% of their time writing Javascript on similar frameworks already.  With about 10% of my time allotted for Javascript, I’d need to move a bit more slowly until I get comfy.  (Let me take a moment to express my envious hatred for natural polyglots who see new syntax and immediately parse it effortlessly. I hate you.  I’ve always had to work for it.)

Yeah… he’s literally explaining the exercise *after* we’re suppose to have finished it.  What?  I’m not psychic, man!

Still, it’s a good talk, and I’m picking up the spirit of things.  I can see that somewhere down the road, I’ll likely be using of the 8,000 JS MVC frameworks.

Note: things like Backbone.js work at a slightly different layer of abstraction as jQuery, which is *also* called a Javascript framework.  In fact, Backbone.js works in conjunction with jQuery.  jQuery provides better looking code to write JS in, while something like Backbone.js helps wrangle the overall structure of a large client-side application.  That’s a gross over-simplification, but… gross and simple are two things I do well.  :)

Day 3

The convention proper really starts on Day 3, today, with some relaxing keynote talks attended by all.  There are a couple thousand people here, ballpark.

First there was a neuroscience/AI guy who actually got me excited about the state of brain research for a few minutes.  Next up, a Facebook honcho.  No matter how much I may resent Facebook and distrust the current look of ‘social’, it can’t be denied that Facebook is a more modern company than, say, Microsoft or Oracle, in its disposition towards open source.

If you are reading this and remain a bit unsure about the open source approach, let me take a moment to explain why a company like Facebook would open some of its coding projects to the world.  Wouldn’t this reveal trade secrets and squander the intellectual property value they’ve created?  Not really, as it turns out.  The code they are open sourcing is attacking difficult problems such as the scaling of big data storage and delivery.  These problems are nowhere *near* perfectly solved.  By open sourcing these code projects, Facebook can attract meaningful contributions from other interested companies like Intel and Broadcom.  This collaboration raises all boats without diluting the core competencies of each company.

What’s even cooler about open source is that *even little guys like me* have access to that work.  Had I more entrepreneurial spirit, I could fuel a startup on the very code running some of Facebook’s systems today.  I could contribute my own R&D back to the project.

That’s how it works.  You might also check out this amazing open source effort for another perspective on the kinds of problems open source can help us all to solve together.

Back to the keynotes… just saw an incredibly futuristic demo of a flying drone being controlled by open source Clojure code.  This drone hovered as well as any Hollywood robot has ever hovered, could recognize images, stream video, recognize faces… you name it.  Audible “wows” in the audience, one of which was mine.

Final keynote (after a good one from In Bloom, who are here to open source their work) is Mark Shuttleworth, founder of Ubuntu.  He’s talking about Ubuntu’s one-OS (very Windows 8ish) approach to unifying user experience across all types of devices.  But of course, on Linux.  Now he’s talking about Juju, a tool for deploying and connecting various software infrastructure elements (think MySQL, Cassandra, MongoDB, WordPress, etc… whatever your cocktail may be).  Pretty amazing level of automation.

Shuttleworth just called Mac OS X (perhaps the primary Ubuntu competitor, if you think about it) “the gilded cage”.  Great line.  But gilded it remains, by comparison, for the time being…  and they know it.  He was in the process of announcing Juju for Mac OS X.

The first focused session of my day is about Asterisk, an open source PBX.  Asterisk has been around for quite some time and is very mature.  Although we are invested in Avaya at UNH, I myself can definitely benefit from any PBX-related knowledge, as a non-PBX-expert in the Telecom group.  It’s possible we could add Asterisk as a sort of sister system connected to the main PBX, to offer discrete features that we are otherwise unable to provide (or unable to provide cost effectively).  It does call queuing!  Neat.

I once wrote a CDR reporting app on top of Asterisk, almost ten years ago now.  It was not open sourced by the company I worked for.  Looking around, there is so much more available out there now.

The speaker is recommending Wireshark’s advanced VOIP diagnostic features.  Never realized Wireshark had stuff as specific as this.  Also ‘ngrep’, for ‘network grep’, a sort of filtering tool for tcpdumps similar to some of Wireshark’s functionality.  Now ‘sipp’ which is a SIP performance testing tool.  Now ‘sipsack’ for generating specialized SIP packets for troubleshooting purposes.  It’s good to know these tools are out there in case I’m ever asked to work on this stuff, which is always possible.

Of all new PBXs deployed in North America today, 16-18% of them are Asterisk.  One guy in the audience suggests it’s closer to 35%.  The FAA is looking at it as a possible solution to connect control towers.

Next up, a session on running on your company’s internal applications using open source practices.  We are collaborating more and more across IT units at UNH, as the desire for better interconnected systems grows.  The speaker begins with how to deal with the necessary communication overhead involved in working together.  Some key concepts are transparency (work in the open, make your code source examinable across organizational units, govern projects in the open), quality (code reviews, good testing), community (points of contact outside your primary team).  This latter point she illustrates can lead to good people staying longer at a company, having connections across business units.

The central concept is “internally open source”.  Yes, please!  We would gain ridiculous efficiencies if we did this, I think.  Silos are full of nothing but corn.  :P   I am sure we have countless shared needs that would be opportunities to work smarter, not harder.  A small DevOps swat team could do wonders in this area if we could dedicate the resources.  The speaker is expounding on that very thing: a core team which “owns” (think of ownership loosely) all centralized code for an organization.

Note that the above is not geared towards homogenizing our various codebases.  Different coding standards and technology choices can be applied on a project by project basis.  We can continue to pursue diverse approaches while doing this.  It’s important to preserve the evolutionary advantage of using diverse technologies while centralizing certain efforts.  <– Yes, this is a challenging balance to achieve, but the first step is to be mindful of it.

Belly full of lunch now, the next session for me is Randal Schwartz’s Half My Life With Perl.  My four planned afternoon sessions are in fact all on the Perl track.  That is part of what’s great about OSCON: you can fill your own schedule with talks most pertinent to your work or interests.  As always there is a strong contingency here for Perl.  After all, OSCON started off as just The Perl Conference way back when.

This autobiographical talk from Randal is a bit unusual as these talks go, but, very interesting to us Perl folk.  Perl has a few more years of history behind it than most of the projects here.

Next up: Start Contributing to Perl, It’s Easy!  This is a good overview from a relatively (2007) new Perl community member.  I have a grand total of 1 patch accepted on CPAN, but that’s one more than I did last year at this time.

I am pumped for the next session: Carton: Manage CPAN Dependencies Without The Mess.  Carton is a tool I am hoping to use within the next year in conjunction with Perlbrew, cpanminus aka cpanm (also written by the speaker), and Damian’s polyperl, mentioned way up above.  Armed with all these goodies I hope to create my first set of discrete Perl stacks on the same box, each running their own chosen version of Perl core, and its own CPAN module dependencies right down to the module versions.  This panacea has eluded me for some time, but luckily Miyagawa is hard at work to make my life better.

“Dependencies are part of the app.”  Yup!

Note to self: run ‘carton check’ as part of the IX::update() routine, and if there are installations to perform, run ‘carton install –deployment’ or ‘carton install –cached –deployment’.  This is going to be like butter!  Mmmmmm.

Day 4

First session for me is: Evolutionary Architecture and Emergent Design, which sounds fancy.  He has an interesting graph up showing the relative complexity (complexity-per-line) of a code base over time.  Add features tends to increase complexity, refactoring (paying off the technical debt) lowers it.  He makes some good arguments for component-based architecture and against over-engineering early in a project.  A high level talk but engaging.

Next up, Dealing With Multiple Types of Input in HTML5 and Javascript Code.  A good reminder to start using the HTML5 input types that touch browsers will offer different keyboard options for: ‘email’, ‘tel’, ‘url’, etc.  But the talk focuses on ‘pointer events’ which are vary much like mouse events except you can get fine-grained control over touch, pen or mouse inputs specifically, for instance, tweaking game play dynamics in an HTML5 game based on the type of input being used.  There are also ways to test for touch pressure and the orientation of the device.  So this is the basically the next generation of event handlers which account for the new generation of input devices.

Belly full of lunch, I will now be hearing about The Perl Renaissance from Paul Fenwick.  Paul is a fun Australian who can often be seen in a funny hat.  He is reminding us of some great tools such as cpanm, perlbrew, and Dist::Zilla (for CPAN authors).  Now some talk of Moose and Moo, and another positive word this conference for Method::Signatures.  Now a reminder about a feature available as of Perl 5.10: named captures from regular expressions (a good description of these can be found here).  This frees you from having to use ordinality in capturing string matches from regexes.

And now for Ricardo’s (the Perl Pumpking) update on Perl 5.  This is really the Perl 5.18 changes update I saw last month, some of which I covered in my Reports on YAPC::NA 2013.  Can’t wait to get my stack upgraded.  But, one step at a time.

Day 5

Thank goodness they schedule Friday to break earlier in the afternoon, because after 5 days of conferencing I really am shot. But today does have my most anticipated session, the Damian Conway Channel. He has a new module called Running::Commentary which is a nice way to write scripts that have lots of system commands. I could see using this for something like Oracle database backup scripting. Lexical::Failure is a way to give your module users a choice of return types upon failure, rather than imposing an undef, a die, or anything. Lexical::Hints is an advanced way to implement debug statements, which could even be code references. Lingua::EN::Grammarian is a fairly ambitious attempt to find grammar (not spelling… grammar) mistakes in English text.  He’s got it plugged into vim.  Wow!

Next up: BASH As A Modern Programming Language from an eBay guy.  He is explaining why eBay selected BASH to write a utility to set up user environments to run their specialized web framework (surprise!  eBay has a custom web framework).  Reason #1 is portability as expected, BASH being the default shell in all major OSes except Windows, which can run it via Cygwin… so no problem there either.  As a shell, it easily calls other binaries (perhaps even the runtime of other languages) and all languages have a way to call back out to the shell.  This talk is reminding me how badly I want to avoid ever trying any serious programming in BASH.  Gosh, what a clunky and confusing language.  Tip of the hat to Mario Malizia who has worked wonders with BASH in the creation of CMU (ECG’s venerable Code Management Utility).

My final session of the conference is on Secure Open Source Development, from a Red Hat guy.  This is a high-level discussion of how to communicate about security issues proactively (before release) in the open source development cycle.  Red Hat in particular has a huge challenge because they are pulling hundreds of projects from various communities into their releases.  He makes the fairly obvious point that things like static code analysis (programs that analyze code for security) are the future of the field.  These tools exist in the present but are far from perfect; manual audits remain necessary.  Unsurprisingly, security hasn’t become a whole lot easier in 2013 than it was in 2012.

Well, that concludes my visit to OSCON this year.  As usual the week flew by.  The hardest part was paying attention to each session while dying to try out something I’d learned in the previous one.  So now I’m taking a little time to play around with cpanm/perlbrew/polyperl/local::lib before lunch and perhaps a dip in the hotel.  Life is good!

If you read this far, congratulations, you’re a nerd.  If you’re *that* interested in this stuff then I hope you’ll consider going to OSCON yourself next year.

Reports from YAPC::NA 2013

Here I am again at YAPC (Yet Another Perl Conference), which I pledge to blog, as always, to the extent allowed by my attention span. I arrived here in Austin, Texas yesterday. The birds here are loud and aggressive, and the weather is nice.

YAPC::NA 2013

If you’d prefer not to read my drivel and instead eaves drop on the conference itself, check out the live feeds.

Day 1

The keynote speaker this morning is reviewing 25 years of Perl, the last 15 of which I’ve been along for the ride. Time flies. I am currently forgiving myself for writing my own web framework in Perl, being reminded that Catalyst (probably the leading Perl framework today) was only three years old and not particularly mature when I was looking for such a solution.

First focused talk: Bruce Gray, “Exception to Rule“, about… yup, exceptions, in lieue of returned errors, for error handling. He’s talking about the frustration of a module throwing ‘die’, and of course, the utility of ‘eval’. The bottom line is however that the Perl 5 core still does not boast a consistent error handling approach.

“It is almost always better to die than to give the wrong information.” (which includes silent failure)

Another recommendation for autodie (wraps all core IO keywords to return exceptions rather than whatever they do natively) as well as Try::Tiny (for more advanced handling).

When writing a module however, it should be the user’s (higher-level programmer’s) choice as to what style of error handling to use, and for this Damian Conway will be revealing a Lexical::Failure module which module authors will be able to use to offer this choice to users. Apparently this will be introduced at OSCON.

Next up, John Anderson on how to Automate Yo Self. First he offers a common suggestion to manage your home directory and shell config with source control. He’s also written a few tools such as App::GitGot, for help managing multiple git repositories. These are some fairly specific tools which I won’t list out here. Lastly he recommended tuning your text editor to save you time.

After lunch, I am listening to Curtis Poe on his new module Test::Class:Moose. I’m not a Moose user yet (translation: I don’t always use objects in Perl, but when I do, I don’t use Moose. Stay thirsty, my procedural friends.). However, I am very likely to encounter Moose in the future, so this might come in handy. People have been using Test::Class to test Moose, but this new module irons out a lot of the cruft and edge cases when just using Test::Class.

Now, Bill Humphries on Perl Meets Modern Web UI. He’s demonstrating the idea of a ‘single page website’, which means, after an initial full page load, the rest of the calls are AJAX. I’ve never really done this… I use AJAX opportunistically when it makes sense… and to be honest I don’t think the pros of ‘singe page website’ architecture quite outweigh the cons (I realize I am omitting most of both here since I can’t type that fast). The one compelling reason he did provide was for situations where you want to offload much of the work to the client, because your server (example: cPanel in shared hosting environments) has limited resources and needs to use them sparingly.

Time to finish off the day with Larry Wall’s keynote, which he has entitled “Stranger Than Fact”. Good quote: “We’re not only stranger than we imagine. We’re stranger than we can imagine.” Larry is the creator of Perl.

One thing I didn’t imagine was that Larry would announce he has prostate cancer. Here’s hoping he makes it out of this ok. There is much love in the room for this man. This is the cult of TIMTOWTDI (“There Is More Than One Way To Do It”), the cult of personal freedom in computing, and he is inarguably our leader. He spoke of his cancer, of programming language design, of the emerging codes of conduct at tech conferences. None have articulated my feelings about this latter better than Larry, who contrasted Law (the codes) with Grace. Have a big soul, he says (I paraphrase)… big enough that they can grind away as much as they want and you’ve still got more. That’s Grace.

I’ve rarely, if ever, encountered a person with such interdisciplinary reach in his worldview, someone not only with a deep technical mastery, but the ability to connect this with philosophy, cosmology, spirituality. Pfft, you say, I’ve seen that in a TED talk. No, you haven’t. Larry pulls this off with a down to earth humility that’ll make you feel both unworthy and totally welcome at the same time. All I can say is, long live the King! Long live Larry Wall and Perl.

Okay… there were also lightning talks after Larry. I’m no lightning typist, so, I give you this single highlight:

“Sufficiently encapsulated ugly is indistinguishable from beautiful.” -Matt Trout

Day 2

To start off the second day, I am in a session called Hack Your Mac With Perl by Walt Mankowski. First we are covering the OS X concept of ‘services’, which govern inter-application communication. These are not to be confused with Windows services– different mechanism entirely. First, download an app called ThisService which aids in the service creation. I can see myself using this. In the end, you get: a Perl script that is key-bindable to process highlighted text. Nice.

Getting rid of services is tricky; try something called ‘Service Scrubber’ for this.

Next he is talking about ‘FSEvents’. This is what tracks changing files/directories for apps like Spotlight and Time Macine. For this we use a module called Mac::FSEvents. Triggering a Perl script when something in the filesystem changes (an ‘upload this’ directory, for instance); I could see myself using this someday too. Nice talk.

Now it’s time for Tim Bunce’s talk about Profiling Memory Usage (in Perl). This is a highly technical session. I’m no expert on Perl internals but I like to hang around and pretend I know what’s up. Tim has written a module called Devel::SizeMe. Wow. He’s actually doing graph visualizations of nested data structures and the memory allocated for each element of each array, hash key/value pairs, etc. Also subroutines! Dizzying levels of detail here. It’s amazing to visualize the amount of memory/pointers that are set up by the interpeter even for a Perl process that does exactly nothing.

Now Liz is presenting an overview of offshoot projects across Perl history entitled Perl’s Diaspora. This covers Parrot, Perl 6, Rakudo, various VM projects targeting both Perl 5 and Perl 6, etc. Most of this is not worth recounting here despite being a great summary of the many and varied Herculean efforts by some of the smartest members of this community. If you have an interest in this stuff, you have probably already been following it.

Next up: Unicode Best Practices, a talk from Nick Patch. Unicode is notoriously difficult to work with, but you’ll have to if your applications need to be internationalized. Perl has some of the best unicode support among programming languages. First off, put use utf8 at the top of your program, which will indicate that your source code itself will use the utf8 encoding. This frees you from having to use escape sequences and external reference tables. This is perhaps how I ought to approach a problem we have at UNH with our SOAP services; XML loves to barf on invalid characters and much of the data we’re shucking is user inputted.

Note: with utf8 on, don’t use

\d
in regular expressions, use
[0-9]
if you’re really only looking to match on standard ‘western’ digits. Because yes, even digits look different in many languages.

The properties matcher,

\p
or non-matcher
\P
can be used to match or not-match ASCII like so:
\p{ASCII}
Super useful, there.
\p{L}
stands for letter, and there are a number of incredibly useful properties matches (such as for currency symbols etc.).

Although internationalization is obviously a challenging aspect of programming, I really hope I get to tackle it at some point. Breaking down language barriers and unwinding that whole Tower of Babel (Babble? heh.) thing just seems like a noble application of labor. Babble on! (Babylon?)

After my first (I know! I’m sheltered…) meal at an Ethiopian restaurant (yummy) with a couple fellow hackers, I am now at Auditing Open Source Perl Code for Security by John Lightsey. Not seeing any code yet–so far, this is high-level “how to plan a security audit”. Now he has moved on to, once you have discovered a security vulnerability in a piece of open source code, what are the various options for disclosure (or less ethical options involving non-disclosure). So, this is more of a community management talk than a technical talk.

Wait, no… now he’s showing some of the vulnerability reports he’s given to CPAN module authors, some fixed, some not. Glad to see I’m not using any of the unpatched modules.

Now Karen Pauley will give an update on what The Perl Foundation has been up to in the past year. This was mostly a review of grant applications and money distribution, which I won’t recount, but various Perl efforts are always open to donations. Considering the extensive use of Perl in our systems, I would love to see UNH consider throwing a few bucks in this direction.

Onward we go… now listening to the ever-entertaining Matt Trout on Architecture Automation, One Alligator at Once. The thrust of this talk is how, when hired to consult on a codebase that needs an overhaul, and especially when all knowledge of said codebase has left the building, what investigations should you apply to learn about what in heck you’re dealing with? Dist::Surveyor is a notable mention here, which will tell you as best it can what your entire module dependency list is.

Finally, today’s keynote from Stevan Little is Perl – The Detroit of Scripting Languages. His main point is that when the Perl 6 design and implementation process began in 2000, Perl 5 development stalled. This is largely due to a not-entirely-wrongheaded commitment to preserving backward compatibility. But that can make it pretty tough to move forward, too.

Day 3

I’m starting off my third conference day with A Date With Perl (great title), a talk from Dave Rolsky who maintains the DateTime suite of modules. I saw Dave speak at YAPC::NA 2007 on this topic as well; the guy deserves a Presidential Medal of Honor for doing this work. When you realize that not only are there leap years, but leap seconds, and when you are told that there is an ‘EST’ time zone in both North America and Australia, and knowing that time zone and daylight savings time changes are at the discretion of politicians… you start to get an appreciation for Dave Rolsky. Don’t try to do datetime calculations by yourself, EVER, use a library like DateTime.pm, so you can get the benefit of all the hard work that’s been done for you.

And by the way, date and time related edge cases listed above are just the tip of the iceberg. There are hundreds if not thousands of weird exceptions to the rules that govern when. Don’t go it alone.

Dave’s jokes are hilarious; too bad it’s so early for a lot of the people here. These deserve more laughs.

Side note: I am sure a lot of people at this conference hold degrees and advanced degrees in computer science, but I haven’t actually spoken to one yet. Dave was a music major, I’ve been chumming around with a guy (about twice as smart as me) who never went to college, met another guy who majored in theatre like I did, etc. I love this field. I do work for a University, but clearly even UNH acknowledges it needs more IT help than it can find in credentialed applicants.

Next up: Unit-test CGI Scripts with mod_perl2 via Plack by Nathan Gray. I sorely need to understand Plack better, as it likely has a future in my stack. Unfortunately this talk is addressing using Plack for testing existing CGI scripts, and is not enlightening me in the ways that I need.

Now Sawyer X is speaking on Asynchronous Programming FTW (“For The Win”). This is a talk about event loops, although forking and threading are similar options for parallel processing. Sawyer X prefers the AnyEvent module (there are many choices) for handling event loops, due to its slim interface (as opposed to POE, which requires more lines of code to do the same thing). Hmmm… there is also an AnyEvent::XMLRPC which I could possibly use. I’ve never really considered that my XMLRPC services could be blocking, but of course they do. They’re just so darn fast in general that haven’t seen the need to optimize them. And I still won’t…. but I might add some benchmarking code to the services themselves to see if they ever block for as long as a second or half-second, in which case, AnyEvent::XMLRPC could come to the rescue for me. Because let’s face it: calls from to a service from different clients are going to be asynchronous by definition.

The next session for me is Inside Bokete: Tips of making web applications with Mojolicious and other components by Yusuke Wada who has traveled here form Yokohama, Japan. Mojolicious has views and controllers, but no object model (didn’t know this. My own web framework is similar in this way). He prefers DBIx::Skinny over DBIx::Class, since in Mojo you get to choose if and how to add your ORM (Object Relational Model). He also uses Carton, which is still labeled as experimental, but many of us are so desperate for a method of pinning down CPAN module versions in our applications that we just might experiment. He also uses an interesting deploy-from-git module that is very like the work I’ve been doing to deploy from Subversion. Good talk, funny guy. You have to respect all the people here for whom English is not a first language. Coding is challenging enough, imagine if all the keywords, documentation, etc. was not in English.

After lunch, Ricardo Signes, the current Perl 5 pumpking, is bringing us up to date on the language; his talk is entitled Perl 5: Postcards from the Edge. Something soon to come in a Perl 5 release sounds like a great idea: lexical subroutines. In other words, you can do

my sub foo {}
or
our sub foo {}
and scope the availability of your subroutines. Forgive me if I’ve gotten this wrong, because I’m no Java guy, but I believe this is roughly the feature you get with
public
vs.
private
vs.
protected
etc., when you are defining a Java class. Please feel to correct me in the comments because it’s likely these things are not 100% analogous.

Now Joe Axford is giving his Notes From A Newbie. It’s always impressive when a newbie looks to be about 20 years my senior… learning is a lifelong pursuit! What a positive and energetic dude. I aspire.

Now I’ve somewhat accidentally landed in Perl 6 Debugger Highlights, from Jonathan Worthington, which will likely be several meters over my head. But that’s ok. Just by looking up to try and see these things, I tend to get a little smarter. [... much interactive debugging on Perl 6 with jokes I wish I understood from Larry and Patrick in between ...] These guys are smoking my neurons. Yowza.

Day 4 and Day 5

I will not be blogging days 4 and 5, as I am in a class entitled Web and Mobile Development Using Perl, HTML5, CSS3, and JavaScript, taught by Gabor Szabo.

Reports from OSCON 2012

Day 1

git

It is Monday morning, and I am attending a(nother) tutorial on git (Get Better at Git). I am fully convinced that git is a better tool than Subversion at this point; I am also convinced it’s harder to fully understand and use. How these things can both be true speaks to the complexity of managing source code. It’s pretty clear that in a highly collaborative project, git is the way to go. That isn’t to say there aren’t thousands of projects using Subversion successfully, but, mastery of git would certainly reduce the pain in reaching the same success.

But mastery of git takes time. Fluency takes time. It occurs to me that the quickest path to fluency is immersion, and taking one or two classes on git does not immersion make. I do long, at times, to work in a hardcore dev shop to become fluent in git… just as I long, yet more often, to live in Quebec City or Paris and become fluent in French.

Moose

My Monday afternoon session is on Moose, the most popular set of modules that extends Perl’s object support. As with git, I won’t write all my technical notes here… I’m just going to soak it in. Immerse myself as it were for the three hours I’ll have.

Okay I lied. I am already sort of liking Moose. When defining an object, you can label its attributes (think ‘values’) as ‘ro’ (read-only) or ‘rw’ (guess), make any of them required, and strongly type them. This is really fantastic. Honestly, I am often fairly lazy on the server side when it comes to validation, having already done the work on the client end in Javascript to try and assure the right values come in. But the client side is not completely in a developer’s controlling hands, so, it cannot be relied upon. Granted, Moose will crash your program if your constraints are violated, but I’d rather crash in such event than enter into an unexpected state.

I’m tempted to rejigger my Remedy and Pinnacle modules to use Moose, but I sort of hope I can get away with Moose::Lite. Performance won’t be much of an issue running atop FastCGI, but the dependency tree for Moose proper is massive, and I don’t want to acquire that much baggage quite yet.

But dang, Moose is neat. I love the concept of ‘advise’. This is a kind of flow control in object land. You can define what happens ‘before’ or ‘after’ a method is run, or even wrap a method with ‘around’ if you need access to its internals. The best analogy I can make is probably applicable to object orientation in general… it’s like stuffing your money deeper in your pocket so it has less chance of falling out. Substitue ‘logic’ for ‘money’.

When you have a class that inherits from more than one, it is called ‘diamond’ or ‘multiple inheritance’. It’s dodgy and error prone. Moose solves this with the concept of ‘roles’. I’m trying to wrap my mind around this, but it seems as though a role is a kind of validation for the relationship between classes. Ah: it enables horizontal code reuse (roles and classes) rather than strictly vertical (classes and sub-classes). Apparently, using roles in Moose is far more common than subclassing at all.

Moose finally broke my mind this afternoon. Much of this I’d need to work with to begin to understand.

Day 2

Modern Perl

Tuesday morning and I am pleased to be attending New Features of the Modern Perls by Damian Conway. Damian’s talks are worth the price of admission in themselves and everything else is gravy.

Something I did not know: when upgrading from 5.8, any XS modules you use need to be recompiled for any new version of Perl you move to. Damian is making a plea for Perl developers to upgrade, commenting that the Perl community will only be supporting the latest release and the previous two releases… meaning, security updates only for older versions of Perl. This means if you encounter an obscure, non-security related bug in an older version of Perl, it may not get fixed, and more importantly, module authors will be requiring more recent versions of Perl and the CPAN will move past you. He recommends targeting 5.14 at this time.

Interestingly, to preserve backward compatibility, you must enable new features explicitly in Perl versions starting with 5.10. This is to prevent new keywords from accidentally clashing with user subroutine names. But if you’re ready to move forward, you can enable all features in addition to requiring a minimum version of Perl simply with:

use v5.14

Now he’s making me want to upgrade just to use say (which is print with an implicit newline). Also, smartmatching (the new ~~ operator) is brilliant, a feature Damian invented for Perl. Another double-character operator added to recent Perls is //, the defined-or operator, which is better for setting default values (as below) than using ||, because || tests for true/false, not defined-ness.

my $number = $number // 42;

The above case would assign $number a value of 0 if it had started off that way, whereas using || would have seen a 0 as false and assigned $number the 42.

Damian on Moose: “It annoys me just enough so that I don’t want to use it.” Now, he also has a lot to say in favor of Moose, but mostly complains of the startup time and isn’t crazy about the declaration syntax.

Another very cool feature in recent Perls is named captures out of regexes… numbered captures are too easy to get wrong. Think using named parameters to pass to subroutines instead of an order-dependent array. It’s just better.

jQuery Mobile

My Tuesday afternoon session is on jQuery Mobile. It’s safe to assume that I’ll be building some mobile apps in the coming decade, and this is one of my likely tools. If I remain at the University during that time, jQuery Mobile is a *more* likely platform than native applications targeted to iOS, Android or some other emerging mobile OS. That is, unless successful alum donate a native apps development budget. But that wouldn’t be the best use of money, would it?

I’ve been following the jQuery projects (core, jQueryUI, and now jQuery Mobile) pretty closely for the past few years, and now load core and UI by default in my webstuff. Bring mobile into the mix is the logical next step. I already have an idea of the app I want to write… but have a ton of backend work to complete before I get proper access to the data I need. I suppose that shouldn’t stop me from prototyping the front end… in my free time (stop laughing).

Day 3

Day 3 begins the shorter sessions of the conference proper, following the keynotes. They had the mayor this year, who proclaimed Portland an ‘open source city’, and who made some funny jokes. There were some other semi-inspiring appearances amongst the keynotes, but as I decided to watch instead of type, I don’t have the time to relay these now.

Perl 5 Today, Tomorrow and Christmas is the first session I am attending this morning. Ricardo Signes is the current Perl 5 project lead (Pumpking), so you might call him a reliable source on the subject. He was also the guy who presented on Moose a couple days ago.

This is mostly a talk about the challenges in managing the Perl project, most of which (surprise!) are human in nature. Apparently the p5p (Perl 5 Porters) mailing list is a great place to get into an argument but not always a great place for a Pumpking to spend his days. There is a lot of talk at these conferences about ‘getting along’ in open source communities. Now he’s making an analogy I’ve often thought of, that of software coming about via ‘intelligent evolution’… a mix between intelligent design and evolution.

Next up, Programming In The Future, a look at how the craft might evolve in the next 25 years through the lens of how Perl has evolved over the past 25. This turned out to be a nit of a meandering talk, but included an interesting history of the most significant moments in Perl history, 1987 to present. It’s hard to imagine you couldn’t write a Perl module until 1994. Now he’s talking about parallel and functional programming, two somewhat advanced programming tasks that people seem to imagine becoming easier in the future, and some examples of how we do these things in Perl today.

Another yummy lunch, this one thanks to Google, and now I am in Test Driven UI Development. This is a very challenging endeavor. This talk centers on a toolset from the Java/Groovy world, but which could be applied to other platforms. I must say though: I cannot watch much of this test-driven development stuff without being secretly glad I don’t do it. I just seems like another codebase to maintain, which itself would always be breaking, perhaps saving me an error here or there, but which would in general dilute my productivity. It is interesting to see the speaker write the test before he writes the HTML for a simple form, though, complete with human readable comments… all very nice documentation. The notion of ‘testable code’ is about being able to select the elements in the DOM that you need to test, so, jQuery-like, you may be adding ids, but in this case, perhaps only to select them in the test suite. Dear me. The speaker discourages uses CSS classes as selectors in your test suite, because you may have front end developers mucking with class names. He mentions testing AJAX can be tricky, which I would have guessed, but that you can access return methods with jQuery and similar in order to check success in many cases.

To finish off the day, I’m attending The Conway Channel, another Damian Conway talk. Entertaining as expected, and I immediately went to play with IO::Prompter and Lingua::EN::Inflect, two of the modules he has updated this year. However IO::Prompter required Perl 5.10+, so… heck, why have I been putting off trying Perlbrew so I can run any version of Perl that I want? Now building and compiling 5.14.2. :)

Day 4

Thursday morning and I had been planning to attend this EFF session, but it was full. So I walked around the Expo Hall, checked out the booths, grabbed some stickers and pens, that kind of stuff.

Next up is the long awaited Taming Perl Regexes, another Damian Conway talk, in which he will is launching a tool called ‘rxrx’ that he had hinted at in the video he sent to YAPC::NA. It’s an incredible debugger for regular expressions, installable from CPAN as Regexp::Debugger. I will try to post a short screen cap of this tool at work once I get it installed.

I’m starting my afternoon with Advanced MySQL Replication Architectures, presented by some Oracle guys. So far this is high-level view of different replication architectures; I was hoping for a little how-to with some commands. Oh well, sometimes you hit a session that isn’t what you’re looking for.

Next up is Cooking Perl with Chef, which I have high hopes for. Having used Perlbrew for the first time today, I am feeling bold about tossing Perl itself around. Here are the problems and their solutions as presented:

  • application-specific Perl: Perlbrew
  • application-specific @INC Path: local::lib
  • versioned application code: git, SVN, etc.
  • versioned module dependencies: Carton
  • automate the previous four: Chef (scripted using Ruby)

Chef usually requires a server of its own, but if you want to save on that overhead and only have a handful of nodes to deploy to, you can use Chef Solo. Still, I think Chef would be the last piece I’d add to this puzzle, if at all, considering that I already have a scripted deployment routine that is beginning to pull all the same levers and push the same buttons. But adding Perlbrew and Carton (which leverages local::lib) are musts. Hopefully I’ll be deploying with those within a year. We’ll see!

These last session I am attending today is What Every Web Developer Should Know About Database Optimization. This was largely review for me, but I did get a reminder that occasionally JOIN order could be important, and oddly enough, yet another warning about ORMs. Object Relational Mappers can be hell on your database, especially if you don’t give the proper cues, similar to how you’d optimize SQL, just not directly. Explain to me why I want to use an ORM, again? (I know, I know…)

At 7pm (PST of course) is Larry Wall’s State of the Onion address, the official update on Perl’s present and future, but I’m whupped.

Day 5

I skipped the keynotes this morning in favor of a long breakfast. This last day is a half day of sessions.

The first for me is another database session: Optimizing MySQL Configuration. Thus far we’re getting a list of optimizations not to try. The

mysqltuner
utility sounds worth trying out. Here’s an interesting recommendation: set skip_name_resolve to 1 and don’t use hostnames in GRANTs. It makes sense that skipping name lookups would increase performance a tad, but, it also increases your administrative overhead in maintaining IP addresses in GRANTs, since IPs change more often than names. Now we are going over the million and one configuration variables available to change in MySQL, many of which are MyISAM or InnoDB dependent (this had me detouring to a storage engine comparison since I have been using MyISAM all this time).

I don’t think I’d like to be the steward of a large database that was always needing tuning. It seems so fiddly.

Next up, some attention to the front end of things after dwelling on the back end for while: Designing HTML5 Components. Okay, this was not what I expected at all. He is using a Java framework called Vaadin (the Finnish word for ‘reindeer’) and the goal is apparently to create reusable web components. This is really yet another web framework, this one from Java land, and by reusable he means, reusable in this particular framework’s ecosystem. You write in Java, and it compiles some Javascript for each of your target browsers. Pretty slick, but you’ve got to go ‘all in’ to get the bennies.

The last session I am attending this OSCON is Instantly Better Vim. Another Damian Conway talk, a longer version of which I’ve previously attended, but let’s face it… I still haven’t adopted most of the Vim tricks he taught me the first time, and I could use a refresher.

Wow… by the end of this conference, word has gotten around about Damian’s talks. He is just too entertaining to miss. They had to get a second room and pull out the wall to accomodate his final talk. And as usual he sent me away wanting to try some Vim tricks right away.

Well, that was my OSCON 2012. As usual, a very well organized event, chock full of learning and networking opportunities, jobs for those that want them, and generalized geeky inspiration. I often find myself back in the hotel room coding, or tucked away somewhere in the conference hall, slowly exploring some of the new ideas I’ve been exposed to. Thanks to UNH for my funding.

Reports from YAPC::NA 2012

Since 2007, I have followed the Perl community to Houston, Pittsburgh, Asheville NC, and today: Madison, WI. This is YAPC::NA, Yet Another Perl Conference, North America, and as usual I will try my best to “live blog” it for posterity.

This year, though, there is a yet higher res option available to you: the entire event will be live streamed. Rock on. There’s no substitue for being here, but the streams should be a close second.

UPDATE (6/25): They are now posting the presentation videos, in retrospect, on YouTube.

The first two days of the conference are ‘hackathon’ days; those working on open source projects together presumably do this, while others take the opportunity to socialize, work on work-work, and genrally begin to get their geek on in the company of like-minded free software folk.

Below the break, live-ish blogging. No auto-refresh; that’s on you. :)

You may also enjoy a few pictures I took of scenes I saw in Madison.

a scene from Madison, WI
——-
Day 3 (regular sessions)

9:11pm: The conference is now over, but I just had great Hibachi at a Japanese restaurant on Madison’s State Street, complete with preparation performance and fire. Best meal I’ve had in recent memory.

5:11pm: Larry Time was a question and answer session, which turned out to be just as rewarding as a prepared speech. Larry is brilliant in a very interdisciplinary way… which may be redundant, considering brilliance might be something about integrating disparate ideas. But it strikes me that Larry Wall’s approach to designing Perl has been integral to its success, in that, he made it capable of great things while maintaining an easy, unintimidating on-ramp for newbies. This was evident in one his responses to a computer science guy, whose question I won’t embarrass myself by paraphrasing.

Following Larry was Damian Conway, who sent a prepared video in his absence. He is working on an amazing tool called rxrx (regular expression diagnostics– the name itself is genius) which actually shows you, visually, Perl’s thinking process as it attempts to match a string you provide with a regex you provide. This is nothing short of magick, and he hopes to release it by OSCON next month.

3:24pm: At long last… it’s Larry Time.

2:24pm: Time for Web Security 101. Please don’t be totally scared; I do know a little about the subject. But if you’re doing this stuff professionally, you can never attend too many ’101′ sessions on security. A tidbit you might have missed just may be shared.

I am going to bullet point these tidbits today, as many as I can keep up with:

  • whitelist inputs, don’t blacklist
  • no easy solutions. Security is everywhere.
  • Perl has an excellent security track record, but know your tools. PHP, really, does not. (conference bias? not really)
  • FILE::SPEC->no_upwards($path) to scrub input to be used for system commands. Nice. Taint mode won’t catch this on its own, it’ll just force you to have a look at the inputs in question. This one is going on the to-do.
  • Bind variables to prevent SQL injections. Check.
  • Interesting, you cannot leverage bind variables with LIMIT (a MySQL-ism), but since LIMIT value must be a number, this is be easy enough to sanitize on your own.
  • Wow. Paul Fenwick just picked out a potential security exploit in a code example, involving the possibility of a list coming in from CGI as opposed to a single value on a param. I bow now.
  • Now, XSS. Escape HTML characters on output, but not necessarily when storing it. Never output user-entered event handling, etc.
  • CSRF. Block important actions that don’t come from HTTP-REFERER that is you. Not always possible because sometimes you actually wan to support remote actions. You can also use per-user-request tokens which can help block CSRF attacks, but there is a tradeoff on how long these should be valid for.
  • DOS. Denyhosts and such at the host level, but stopping DOS at the network level is more effective.
  • DDOS. There are appliances as well as services that can help detect distributed denial of service, because this is hard. The services will often be aware of known botnets, which can be handy.
  • Buffer overflows. Use vetted, open software if it is written in C. Write your own C at your own peril, if it is internet exposed.
  • Salted hashes and rainbow tables. LinkedIN, we’re looking at you. Crypt::PBKDF2 does automatic salting and multiple iterations. That’s going on the to-do. A bit of discussion on the pain in converting to new encryption, considering you can’t revere engineer even your older, weaker hashes.
  • Avoid leaking information through error messages (especially in production). Bill Costa handles this nicely in a module of his that I use. Thanks Bill.

Great security war story was just told, about using mod_rewrite to reflect DDOS attacks back on the attackers.

Talk is over. Well worth attending. I got two to-do’s out of this. Worth the price of the conference alone.

1:38pm: I am now in The Lacuna Expanse. Well, not literally, because that is in a galaxy far, far away. How cool is this. A massive, multiplayer game written in Perl. They have a web client, a desktop client, an iPhone client, and a command line client. Said ‘wow’ yet?

Without sharing everything we learned about the stack this game is built on, I have to observe: games are among the more impressive technological achievements in programming. Really. Most completely wipe the floor with any business app I’ve ever seen. I guess (coding) time flies when you’re having (even more) fun.

11:30am: Next up, Baby XS To Get You Started. XS is the way to write a Perl module that is actually much faster C code. CSV_XS, mentioned below, is one of these. This is interesting because, within XS, you are not locked into pure C. You can leverage many of Perl’s niceties, you just have to use the ‘perlguts’ functions, which are not by the same names as Perl’s userspace keyword functions, but provide that same support.

XS is definitely advanced stuff, but if your journeys in Devel::NYTProf reveal a bottleneck that is Perl itself, converting that code to XS may be an option to speed things up. Inline::C actually loads XS support and dynamically links it, so you throw around C code in your scripts at will, should you be so incline… of course, in that case, you are not building a module, you’re writing one-offs.

11:10am: I am currently attending Refactoring Perl Code. He begins with the risk/benefit analysis of doing so, and the importance of a test suite if you are refactoring a large codebase. The perils of global replace are now being mentioned, such as when changing variable names.

9:55am: Now: Introduction to Performance Tuning Perl Web Applications. This could prove interesting, since my only true adventures in performance tuning involved implementing FastCGI and rewriting some narsty SQL statements. Yes, that’s ‘narsty’, as ‘nasty’ does no justice to some of the sub-selects I have attempted.

As might be expected, Devel::NYTProf has a big place in this talk, as this module has been “the only game in town” for some years now. I don’t use it yet, because I mostly support *relatively* low traffic, internally used applications.

The speaker got a good chuckle out of the crowd with this one: “Now that you have this awesome Perl profiling tool… ” Next slide: IT’S PROBABLY YOUR DATABASE. Oh so true. SQL can be narsty. He recommends pt-query-advisor for MySQL, part of the Percona toolkit. He is also mentioning having to escape your ORM (object-relational mapper) in many cases, due to performance issues, which I’m sure I have mentioned before is one of my reasons for still having avoided ORMs.

DBI tip: for large numbers of inserts and updates, managing your db commits can speed you up immensely. That is, if things like LOAD_INFILE or CSV_XS aren’t options. Those will always be faster.

He is now addressing caching, which will make your code more complex, because you have to track your data dependencies and invalidate portions of the cache in order to pick up changes… lordy lord, please don’t let performance issues ever lead me down this path. If they do however, the speaker is recommending the CHI module from CPAN to help manage this stuff.

Now, the requisite mentions of the persistent daemon environments: FastCGI, mod_perl, and Plack. Implementing FastCGI was definitely of the best decisions I ever made. Snappety snap snap page loads. Yum. I can still remember my initial joy over whatever X-Mas break I did that on.

“A boatload of RAM hides a multitude of sins.” SSDs, too. Of course, you need to know where your bottleneck is in order to throw the right hardware at it.

9:00am: After falling off the blogging wagon yesterday, here I am again to report on the final day of what has been (yet!) another great Perl conference.

First up this morning: Utils Are Your Friends. The ‘Util’ family of modules is one of the oldest, comprised of things that weren’t in Perl core… some of the ‘one more thing’ features. Perl core since 5.10 actually does contain features previously only support by Util modules, but Util still does many things that core does not.

Some extended discussion of inside-out classes now. Apparently Scalar::Util provides the tools to make this more possible. Using inside-out classes has something to do with a module author wanting to better protect the data stored in an object. The concept was invented (in Perl) by DBI author Tim Bunce.

Wow: This does not work (in all cases):

# check for number
if ( $var =~ m/^\d+/ ) {

… there is actually a Scalar::Util function to do this for you in a more reliable and way more readable way:

# really check for a number, in all exotic cases (avoiding 'false' positives)
if ( looks_like_number($var) ) {

There is also ‘set_prototype’ which allows you to override a sub’s prototype. The speaker calls into question if prototypes are even a good idea. Being able to override them makes the idea seem worse. But I’m going to admit right here that I still don’t completely grasp the pros and cons of this. I have yet to use prototypes myself.

a scene from Madison, WI

Day 2 (regular sessions)

6:10pm: Blogging lapsed today, as I lapsed into some work that needed to be done. See you tomorrow.

11:50am: Okay, it was entirely review. But that’s ok, since I can barely focus my eyes at this point. Time for a much needed lunch break.

11:23am: And now, Intro To Writing Perl Documentation. I already know me some POD (Perl’s ‘Plain Old Documentation’ markup), but this won’t be entirely review.

11:11am: PhoneGap is a nice cross-platform, HTML5 platform. Not quite as fast or feature-complete as native development, but pretty good. This is almost certainly the way I’d go. I’d never have time for native mobile app development in my current role. Neat little demo of using an Android API key and a small Perl script to send an alert to the phone. Android and iOS do this quite similarly, we are told.

11:00am: Next up, Perl, Mobile App. Glue. Despite being smartphone-free myself, I’d love to mess with mobile apps and increase the joy of others. The Perl is essentially for web services, regarding phone apps. Perl will only run on jailbroken phones.

“PHP is Perl’s ugly, fat sister”. Ouch! (May be worth pointing out that ‘fat’ is not used spuriously, but refers to a rather bloated function namespace in the PHP language.)

He’s lapsing a bit into mobile app marketing right now.

10:57am: git will definitely be a commitment to learn, and is a fairly big paradigm shift from centralized version control systems like Subversion (SVN). Great talk though… I am certainly closer to Grokville than I was before. Maybe I can spend some time on #git IRC and hitchhike into town.

10:18am: It was a late one at the club last night, so the man snoring loudly in this git presentation will be forgiven. :)

8:57am: Git: a brief introduction is the first session I will be attending this morning. As an SVN user, I am already behind the times. Still, I’ve met quite a few folks still on SVN here. As Randal commented last night however, “those who swear by SVN, swear at SVN”. True, true.

I’ll be trying pretty hard to absorb the information at this talk, similar to yesterday’s CPAN talk, so I’m not sure how much will be written here about it.

a scene from Madison, WI

Day 1 (regular sessions)

4:26pm: CPAN session done. That was quite a brain dump, and I mostly kept up. Am I an expert CPAN uploader yet? Not quite. But this is a great head start. I thanked Brian for the session and told him it really ought to be standard at every Perl conference. Facility with CPAN is definitely a barrier to entry for contributing.

2:31pm: Brian d Foy is now giving a hands-on CPAN authors class. I may not be blogging this much, but doing what he says instead.

1:33pm: Lunch has been had, after which I got caught up in work-work for a bit. This is pretty common for programmers here, as the world doesn’t stop for conferences.

So, I am coming in late to 29 Ways To Get Started In open Source Today. The speaker, Andy Lester, the speaker, has written quite a bit on this topic, on his blog. He is also the author of ack among other things, and the maintainer of Perlbuzz blog. He preaches how low the bar to open source contribution is, including simply submitting bug reports, doing translations, adding to existing bug reports, closing tickets, and the like.

11:31am: I am now at a session entitled The Perl from Ipanema. I am here as an Antonio Carlos Jobim fan. Only partially kidding, there. And no, I am not intentionally avoiding the more technical sessions, it’s just happening that way so far.

I’ve long noticed that Latin America is huge on open source adoption and contribution. Brasil (do English speakers really need to use a ‘z’?) is no exception. It’s the 5th largest country in the world, and the 6th biggest economy (and rising).

And now, to Perl. The language’s usage growth in Brasil has mirrored its growth elsewhere… originally a tool reached for primarily by sysadmins, and a strong presence in biochemical research. There are 13 Perl Monger groups in the country now, and growing (3 new groups this year).

‘Only’ 24% of Brasilians in IT speak any English at all, and that’s often very little. Spoken language can certainly be a barrier when trying to work in a common computer language. The speaker’s English is impeccable though.

They give free courses in Perl at universities in Brasil. Not sure how common this is, but as a fellow American pointed out, we don’t do that here.

11:02am: Next up: There’s More Than One Way To Run A Project: The Apache Way. This talk relates to some of the points in the keynote, specifically that dictatorship is not the only way. The Apache Software Foundation actually shepherds many more projects than just the Apache web server. They take of legal issues, project trademarks, marketing, project governance, and the like. In short, the Apache Foundation provides at least one model for how to effectively run a large open source effort.

Amongst all Apache Foundation-governed projects (current count, 102), the average contribution rate is about 1 commit (to version control) every 4 minutes. Pretty impressive activity there. Subversion itself is an Apache project.

Companies and organizations may donate, but they may not join. Every member of the Apache Software Foundation is an individual.

10:33am: The first session I am attending is Get More Out Of Your Meetings. This is a collection of suggestions for keeping meetings swift and productive… running them almost like lightning talks (30-60 seconds per team lead, timed, for a daily update meeting). Cancel if you need to, don’t be shy. Don’t be late. Most of the suggestions seem obvious, yet, they bear reminding. I think we all continue to waste quite a bit of time at meetings.

9:29am: Now Michael Schwern, with the keynote. He takes the podium to the tune of the Star Wars theme. He’s focusing on the gender gap in the Perl community, and in open source. Other gaps, too… but gender being perhaps the most obvious. He suggests that there are more ‘Michaels’ here than women. Funny, but likely true. He’s doing a pretty good job of alternating the seriousness of the topic with jokes. He’s now comparing Kirk and Picard, and how the world has changed between generations of Star Trek. There is rarely a second to forget that we are at a geek conference here. :)

“Perl has become an aristocracy.” CPAN module maintenance is done by dictators, who pass the baton to the next dictators. Schwern prefers a meritocracy, despite being one of those dictators. Picards (meetings, collaboration, merit) are better than Kirks (mavericks).

I hope some folks are live streaming this. I can do it no justice. Schwern is funny, on point and brilliant. Handles metaphor deftly.

9:23am: Now Karen Pauley, Perl Foundation President.

“There are very few people in the world capable of working on the Perl 5 core.” I’d believe that. That’s a lot of C. That’s a lot of backward compatibility.

9:17am: Beer on the roof of the Pyle Center tonight, sponsored by Linode. Game Night and MST3K-style Movies tomorrow, sponsored by Cpanel.

9:05am: We’re getting started. Time to thank some sponsors (more than ever it seems?). JT Smith tells us that YAPC::NA has sold out this year, as YAPC::Asia does every year, apparently. There are 446 people here. I again have YAPC staff-shirt envy, as it is a mix of the Grateful Dead / Perl Onion logo.

They have cool raffles going this year, to raise money for The Perl Foundation. I put in $5 for a chance at ‘Lunch with Larry (Wall)’. Wish me luck!

a scene from Madison, WI

Reports from OSCON 2011

Here I am once more at the best organized open source gathering in the world, OSCON. This is my third trip to Portland, OR for this event, having attended in 2008 and 2010. Portland is modern and vibrant, lush, young, exciting. I would live here in a heartbeat.

the Portland, OR Lloyd Center District

This time at OSCON, I’ve registered for the extra half-day tutorial sessions. These are more intensive than the shorter sessions of the conference proper. I will attend four of these, today and tomorrow. Instead of posting notes in real time as I usually do, I will summarize these tutorials after the fact.

Monday morning – Damian Conway on ‘Presentation Aikido’

As some of you might know, I occasionally like to give presentations on technical topics. This probably comes from attending a lot of them, and feeling the benefit of this format for information exchange. It may also be a symptom of my having majored in theatre, while ending up working in computers. Either way, selecting Damian Conway’s talk was a no-brainer for me, as I’d love to do a much, much better job at giving what I call ‘good slide show’.

Damian is a genius and a master showman, in addition to being the author of Perl Best Practices and other books. Confidence in his methods, if not proven to you in the pudding as he speaks (it will be), is supported by the fact that Damian’s sole income is from speaking engagements. I hadn’t known this, and wonder how long that’s been the case.

I took pretty detailed notes on Damian’s talk, despite the hardcopy he also provided, but will only bullet out a few favorite quotes and observations…

  • “I like telling anecdotes. It humanizes me.” [humanizing oneself can be important when giving technical talks. -ed.]
  • “Prowl the stage like a lion.”
  • Damian introduced me the Takahashi method of presenting slides. Obviously very influential but I hadn’t known there was a name for it.
  • Content, Damian explains, doesn’t matter so much as style in giving presentations. So true. Of course, if you have both, you have a real winner.
  • Oops. I’ve definitely made a couple mistakes Damian is pointing out. Putting complete sentences on slides. Overwhelming the audience with information or too-complex charts.
  • If you don’t have your own style, steal from those who have the best style. Bang & Olufsen and the Japanese are given as examples.
  • Damian’s approach to presenting to humans is a zoological study. Many of his insights on the social dynamics of speaking to a group are insights on speaking to a group of primates. Can’t argue with any of it; he’s one of the best speakers I’ve ever seen. Anyone got a banana?
  • Damian admires David Attenborough for the way he engages with his subject matter (usually, animals) in his documentaries. Oddly I discovered Attenborough recently, having watched his Life of Mammals series early this summer.

I could say so much more about Damian Conway and this talk, but I won’t. You might have the chance to see it sometime. I can think of no reason not to attend his ‘Advanced Vim’ tutorial this afternoon (Tuesday), despite several other interesting offerings. I could certainly stand to be better at Vim, and Damian never disappoints, promising even more style than content, entertainment being king.

Monday afternoon – Joshua Marinacci on ‘HTML5 Canvas Deep Dive’

‘Canvas’ is a new feature available in modern browsers. If SVG is the Adobe Illustrator of the web (vector graphics), Canvas is the Photoshop (bitmap, pixel-oriented graphics). I am sure graphics experts would correct me on several points here, but these generalizations are good enough for the rest of us.

To be honest, I knew from the beginning of this talk that I wouldn’t be programming directly against canvas in my day to day work. So although the low-level exercises we did were fun, my mind was elsewhere. For a business programmer like me, it’s only important to know which browsers support canvas, and what options might be available for it. For instance, I have begun switching from the Flash-based charting solution to RGraph, which uses canvas and therefore support iOS devices.

I think it would be a blast to work on graphics projects again… I used to do a fair amount of Flash and other graphics work… but in recent years I’ve been asked for practical machines more than glossy covers… content, I suppose, over style. So my skills have slipped in the aesthetics department.

Tuesday morning – Remy Sharp on ‘Is HTML5 Ready for Production?’

Similar to Monday’s second talk, this is an HTML5 talk with coverage of canvas and plenty of little exercises for us to do. So, this is mostly a tutorial, although Remy does address the ‘production ready?’ issue by pointing out that even CSS 2.1 isn’t completing implemented, to spec, in all modern browsers, but we’ve all been cherry picking the best-supported features for years. True. Specs are almost always implemented incompletely, so we really need to make judgment calls about feature support on a case-by-case basis. This is part of what continues to make professional web development a challenging and expert-oriented field.

The most enlightening portion of this talk, for me, was Remy’s explanation of Web Storage as a replacement for cookies. Web Storage is its own spec, separate from HTML5 (like many features are, actually, despite being bundled with HTML5 in common parlance), and needs to be considered on its own. But this looks good to me. If I end up implementing a more robust session management system than my current one, I’ll be looking at Web Storage more closely.

Tuesday afternoon – Damian Conway on ‘Advanced Vim’

I am particularly glad for Damian’s practice of providing hardcopy handouts for his presentations in this case. Lots of Vim commands in a short period of time, none of which I’d like to be writing down as he covers them. Later on, I’ll have a grand old time spiffing up my .vimrc file, going by his pamphlet.

Terminal-based text editors hail from a time before the mouse, but I still use Vim quite a bit when I’m roaming around servers, wearing my sys admin hat, messing with config files and such. I ought to get a *little* better at it, at least. Luckily, most of the things I am learning today will simply be permanent settings in my .vimrc file, not things I will need to ‘download into my fingers’, as Damian put it.

Wednesday at OSCON

Summarizing the keynotes:

  • Ubuntu community manager, on the growth of community management as a career path.
  • Python guy, giving an award to a major Python contributor
  • Microsoft guy from Italy, with a couple of interesting announcements about what he terms ‘open surface’ projects: first, that they will support Red Hat 6 on their new VM platform, and second that PHP and node.js will be supported on their Azure application platform. This is what is meant by ‘open surface’… the core of the product is commercial, Microsoft stuff… but the surface… the functionality they are selling… is open source. Quite a strange twist of fate Microsoft is experiencing these days.
  • Now the gal who created spacehack.org, with a snappy slideshow, is being well received.
  • Now a guy selling OpenStack/OpenCompute… this talk seems too sales-y… no matter how cool his product might be. Pep talk at the end about opening up hardware as well as software may have redeemed him.

Now that the keynotes are over, I’ll switch to my timestamped notes format.

11:57am: wrapping up a session now on ‘Programming Well With Others: Social Skills for Geeks’. These are two guys form the Subversion project, telling some community anecdotes, such as when a famous geek (unnamed) filed a bug report along with a slew of insults, or when a lurker on the mailing list started posting every little thing on his mind. Also a contributor who tried to insist on having his name in ‘his’ file.

2:26pm: Continuing my HTML5 binge at this conference, the talk I just attended was called ‘HTML5: All About Web Forms’. Considering how support for the new input types is being handled by smartphones, it’s starting to become tempting to use HTML5 in earnest. One still has to consider folks on older browsers, of course, if by some chance they are also potential users… but what about application power users? Administrative users? I may start dabbling in HTML5 for this population and require modern browsers for them, especially if I can support mobile better in the process. I feel like 2 or 3 years from now, web development is going to be in an even better position than it is today, as far as developer efficiency.

2:32pm: ‘HTML5 in Your Pocket: Application Cache and Local Storage’. The HTML5 beat goes on. I think this conference is scaring me into taking mobile as seriously as I should.

I like this guy. He’s preaching bypassing the app store and native development and reaching for HTML5 first. The barrier to entry, development-wise, is infinitely lower, and the same code will run on desktops and laptops. He also just recommended this book, free online.

The meat of this talk is about Local Storage and Application Storage, the former being the heir apparent to cookies in session management. Second time I’ve heard it here; must be true. Cookies provided about 4K of space; Local Storage provides 5MB.

Another site recommendation: HTML5 Rocks.

[I totally petered out Wednesday afternoon. My mind buckled beneath the weight of a growing to-do list, which was fertilized by all this new information. A nap ensued.]

The Portland, OR MAX

Thursday at OSCON

9:20am: since the continuing keynotes are being streamed live on oscon.com, you could always head over there and check them out. Right now Jim Zemlin of the Linux Foundation is reviewing 20 years of Linux. It really is amazing how far the operating system has come. I hadn’t realized that Red Hat has outperformed Microsoft on the stock exchange by a factor a 4 over the past decade. I had heard that MS has fallen below both Apple and IBM in market cap in the past couple of years.

9:28am: This next keynote is quite interesting. I knew that antibiotics were becoming less and less effective, making hospitals more dangerous, but I didn’t realize that health industry analysts are aiming to move health care outside of hospitals entirely. This would be aided by healthcare IT, which as you might suspect, is woefully behind the times. Speaker ends the keynote by stating that it’s less risky to go skydiving today than it is to go to the hospital. Ouch.

9:34am: Now it’s Eri Gentry of BioCurious, which has to be one of the great company names of all time. She’s explaining how the world of biotech is not friendly to ‘lean’ startups. The field is also fraught, like many big money fields, with intellectual proprietorship. It’s pretty easy to see why visionaries in the health and biotech fields… those with new ideas and hoping to innovate… are looking to open source geeks for tips on how to set information free.

Setting science free from the PhDs… I like that. Imagine if you needed a PhD before you were allowed to write a line of production code? We’d still be on paper.

It strikes me that what we’re trying to do… or preserve?… with open source and open approaches to non-computer-related ideas… is something like the American dream itself. Capitalism enables that dream, but turns evil only as the early winners wall their gardens, and raise the barrier of entry to that dream. Is this too lofty a description of the spirit of open source?

Great motto: BioCurious? Experiment with Friends.

9:54am: John Graham-Cumming was unable to attend due to flight problems, but delivered a video instead, largely looking back on Alan Turing and on the future of inclusiveness in the computing community.

10:11am: Next up, Gabe Zichermann points out how open source needs to better engage end users through the use of ‘gamification’. What would motivate end users to care as much about this stuff as we do? The Gamification Summit in NYC this September looks interesting.

One gamification concept: speed camera lottery. You know those automatic radar traps that send you a ticket if you speed? In Sweden, there are deploying a ‘speed camera lottery’ which enters non-speeders in a lottery to receive the monies earned from ticketed speeders. Reduction in speeding violations over vanilla auto-ticketing methods: 20%.

And how much will a speeding ticket cost you if you speed anyway? Welcome to Socialism; it’s based on your income.

10:40am: Penance will now be paid for my having missed Damian Conway’s Perl 6 talk yesterday. Yes, I’m officially a Damian fanboy now; if he’s talking (and I’m awake), I’m listening. This talk is simply titled The Conway Channel 2011, so your guess on the topic is as good as mine. But this is the blind faith observable in all fandom.

Turns out he will talk about four of his modules on CPAN.

First up: Regexp::Grammars. This involves the advanced parsing techniques for domain specific languages (DSLs). If you’re lost already, don’t expect me to find you, because folks, I’m still looking for myself. Suffice it to say that the regular expressions are the least confusing aspect here, and I do not have a computer science background.

But weirder: I’m sort of following this. In these areas you might say, I am able to appreciate the some of the nuances of a great film, but not quite direct one.

Next up IO::Prompter (an improvement on IO::Prompt) for prompting at the command line. It requires Perl 5.10+. It has builtin validation for entered data (nice), including a distinction between ‘must’ (invalid data will be reprimanded for) and ‘guarantee’ (keyboard will not work for invali data). Draconian!

It also has timeouts and defaults when the timeout expires. Very neat. Supports password data type, to obscure what’s typed on the screen ala HTML password type. Wow, it also has history and filename completion.

This module is awesome. I’ve long been wanting to teach some basic Perl to my daughter, some kind of command-line prompted program… this would make that a lot easier and more fun, skipping the annoying bits and letting her get into her own ideas quicker.

Next up: Data::Show (and Data::Show::Names). An improvement on Data::Dumper and Data::Dump, giving you the option of viewing the data being handled by Perl in much more granular (line-identified) format.

Funny Voltaire joke: “The perfect is the enemy of the good,” wrote Voltaire. Modern day IT translation: “If it compiles, ship it.”

This was followed by a slew of yet geekier in-code jokes to which I’d be doing a disservice to attempt retelling. Check out the Acme::Crap module on CPAN… and don’t tell it I sent you.

11:30am: Now for Jacinta Richardson with “Perl Programming Best Practices 2011″. Hopefully she will contrast any updated suggestions with the ones in Damian’s classic PBP book, since that’s the bible. Interestingly, Jacinta is yet another Australian.

She’s going fast. Real fast. So I can’t capture what I’d like to here. The rub is however, use the most recent version of Perl that you can, and read up on some of the new features. Mentions of autodie, Try::Tiny, etc.

A module should not use die for error handling, it should use Carp and croak. This makes sure that the error is reported at the line of the main program, not the module, placing blame in the correct place.

Bearing more research: local::lib. Not quite sure what it gives us beyond ‘use lib;’ but clearly it does and I’ll need to find out.

Interesting: minicpan. All the latest module versions on CPAN add up to about 5GB, so why not have them on your development machine, ready to be installed if needed while online? Nice airplane mode for Perl, right there.

Smart::Comments. Also worth checking out. Excuse my brevity, she’s cruising here.

Hmmm… Method::Signatures as a replacement for IX::Args? Maybe. Will it handle my cgi params? Will I care if I switch to Plack? Help me, somebody, the options overwhelm me.

By the way, if I haven’t mentioned it before: interested in all the goodies that might be available in Perl 6 when it’s finally ‘production ready’? A good many of those have been added to the more recent versions of Perl 5.

1:44pm: No, I am not punishing myself, but I am sitting in another HTML5/mobile talk. PhoneGap is being recommended; will have to look into that (note: this is about taking web code into the native mobile space, so… not that interested right now). Also, maybe I should start developing using an iOS simulator? Especially with phone-sized display. This is where I worry a bit… well, not worry… but I’d love to excel in screens that size, rather that simply sort-of work there. Maybe start with HTML5 date picking; existing datepickers are miserable on tiny mobile.

Neat hack: use input type ‘tel’ whenever you want a number pad on mobile… even if the data will not be a telephone number at all.

Can’t forget HTML5 ‘placeholder’ attribute to replace the JS magick that is sometimes not so fun (text field prompting-type text).

Note: iOS supports SVG fonts but not True Type. Speaker recommendation for Font Squirrel, which offers free use fonts and actually package them up for you, complete with the code to load them.

Phone width: 480px. iPad: 1024. For min-device-width and max-device-width, more CSS3 goodness.

2:31pm: Now for a change of pace, “Awakening The Maker Ethic in K-12 Students”. As a parent, I’m also an educator, or at least would like to be. Speaker is pointing out the artificial tension in our educational system between ‘vocational’ and ‘academic’ instruction, which clearly undermines the hands-on, DIY ethic.

Now he’s pointing out the illusion that kids ‘know tech better than we do’, and that all we need to do is include technology in the course of their other studies and that will suffice. Technology needs to be taught directly as well.

A plug for scratch.mit.edu, which I’m tardy in checking out. My daughter may like this, as she loves to draw.

Hmmmm… this is interesting, visual IDEs for Arduino. Sounds tasty. I need to get playing with that thing. This would lower the bar for kids, having a visual IDE, for sure.

Wow, too many cool things to relate here. Another inspiring talk.

[notes devolve once again this afternoon due to fatigue]

7:00pm: I’d love to report that I spent my last evening in Portland painting the town my own shade of red, drinking and carousing and genrally terrorizing the Northwest. In fact, of all those things, I merely drank a bit, and proceeded to attend Larry Wall’s State of the Onion address along with a couple hundred other somewhat-lubricated geeks [blurry pic of Larry below]. Larry actually worked his annual address into the 5-minute Perl lightning talks also scheduled, breaking his speech into 5 minute bits interspersed with the various other ejaculations of Perl community members. This, in addition to Larry’s self-effacing delivery, had a remarkably humble effect. No wonder this community has thrived for 20 years under the gentle leadership of this man, and no wonder OSCON itself grew out of the Perl community.

Larry Wall @ OSCON 2011

He also made a classy move by thanking Tim O’Reilly for opening up the conference to families and children of attendees… something I hope does not change.

Friday morning at OSCON

11:04am: The final day of OSCON is a half day, allowing many of us to fly out of here in time to have something of a weekend back home. The last session I attended was called ‘The State of Open Source in [K-12] Education’ and was frankly depressing. Efforts made in the last decade to save schools on licensing fees and turn kids on to open source software have largely floundered despite the earnest good efforts of many, and it was frightening to hear that a number of educators have actually lost their jobs because of ignorant administrators and parents with their own agendas.

Discussion after the talk was lively, with many educators and parents in the crowd, and the consensus was that the education bureaucracy will only change slowly, and that the most effective evolutionary driver is homeschooling. In other words, just as the open source philosophy of Linux has competed successfully in parallel with Windows, home and independent schooling may have to compete with institutional learning in the same way, if we really want fundamental changes in the way computing is delivered and taught. While this kind of grassroots spirit has always appealed to me, I’m not a parent in a position to exercise this option, so I left scratching my head a bit… where do we go from here?

Well, with that, *I* am going home… on a plane… not in a car, not on a boat… not in a box, and not with a fox… back to good old New England. Portland, I hope to see you again soon.

Thanks to the University of New Hampshire for sponsoring this trip. If anyone has questions about OSCON and why it might interest them, please drop me a line anytime.

Report from OSCON 2010 – Sessions Day 3

11:52am: Perrin Harkins is going to build on Tim Bunce’s Devel::NYTProf talk by addressing how to actually speed up Perl bottlenecks after you identify them. Wait, no, now he’s blaming the database end of things for most performance problems, so that’s not strictly a Perl bottleneck at all… but in my experience, he’s right… it’s usually your SQL, database connection overhead, or something like that in modern apps. It’s always in the I/O.

Now he’s talking about the overhead incurred by ORMs… object relational mappers, frameworks like Rails or Grails or, in the Perl world, DBIx::Class. This is where I get to grin and feel like I am making a smart choice by writing all my SQL raw (and conveniently ignore any development time efficiency I might gain by switching to an ORM). Since I don’t have the luxury of DBAs to tune indexes and whatnot, I’m guessing I’m still better off staying intimate with MySQL.

Ah, some actual Perl optimizations now:

  • Slurp files when possible (unless too large), don’t read them line by line off the disk.
  • Use a ‘sliding window’ to read large files.
  • Text::CSV_XS is wicked fast… don’t parse those CSVs by hand. (if performance matters).
  • LWP: not so speedy, if it matters. LWP::Curl, much faster. Or if you’re hitting a lot of different URLs, HTTP::Async for concurrent connections.
  • eliminate startup costs with something like mod_perl or FastCGI. Check.
  • compiling Perl without threads can buy you 15%, if you don’t need threads… but now you need to maintain your own Perl…

Interestingly, I only seem to take detailed notes during optimization talks… a sign that this topic interests me too much. ;)

Well, time for the closing keynotes and then lunch/evening festivities. Time flies when you’re being a geek.

11:14am: Enjoying Patrick Michaud’s talk on Rakudo Star… the first ‘usable’ Perl 6… all of which I’ve already been privy too in lurking the Perl 6 blogs etc… so I’m spending most of this time trying to figure out how to get ‘git’ to use a different transport than SSH… so I can keep our local installation of Rakudo up to date in my latest ‘protect me from myself’ firewalled vantage point on our network. Grrrr.

10:11am: Louis Suarez-Potts, PhD of Oracle is telling the story of Open Office… another slice of open source pie that came to the company as a result of the Sun acquisition. He makes the point that the architecture of your code shapes community participation in its development; basically, it’s the argument for plugins/APIs/modularity in software design, which the only way to properly distribute programmer workloads in order to maximize efficiency… you can’t have too many cooks with their hands right in the core of your codebase.

After speaking broadly on several aspects of community forming, he concludes with a somewhat rousing critique of ‘commodity culture’, and encouraged the thirty some-odd attendees not to think of his project, Open Office, as a commodity. I think everybody understands this about all software on some level, but vary as to how we articulate and respond to that.

10:00am: Allison Randall just announced that OSCON would definitely be in Portland again next year, to wild acclaim. It seems that holding the event in San Jose last year was extremely unpopular: everyone loves Portland. Me too.

9:48am: Simon Wardley is taking about management philosophies… a somewhat rare digression from technical topics here at OSCON… but after all, this is one of the keynotes, and you’ve got to keep it lite. I’m hearing a handful of familiar words: Agile and Six Sigma, for example, and the relative strengths and weaknesses of each. Simon says that Agile excels at innovation, but sucks at managing predictable processes. Six Sigma, he says, excels and sucks inversely. And no I wouldn’t put ‘sucks’ in anyone’s mouth; Simon has an informal speaking style.

Report from OSCON 2010 – Sessions Day 2

Ed, as it turns out, was only the beginning.

After a Hunter S. Thompson-esque jaunt through the Lloyd Center district, culminating, thankfully, in not being robbed at the Motel 6, here I am once more at OSCON for a technically edifying day in the Northwest.
————————————–
10:39pm: Lunch next to the Expo Hall was better than expected. After, I decided to bring the MacBook Pro back to the room… finally tired of lugging it around and seeing the wisdom of netbooks and iPads. In the afternoon I attended the Perl Lightning Talks, which were a mix of really neat 5 minute demonstrations and silly entertainments… all in good fun.

11:28am: And now for a jQuery UI session, perfect for me. I’ve been wading into the jQuery world to improve my user interfaces for some time now, and am about to really get my hair wet. I subscribed to the official jQuery podcast and have been working through the episodes on my commute.

10:51am: I was hoping to attend License To Fail, but apparently so wasn’t everyone else; it filled up fast, and the ushers closed the doors. Instead I’m in Programming Websockets, an interesting enough talk that I *think* is about bringing statefulness to the web, but as the standard is still evolving, it’s far too bleeding edge to get excited about right now.

9:48am: now a guy’s picking on C++ and Java syntax. Hard to argue, but, waiting for his bright idea…

Ah, finally the rub: he’s selling the ‘Go’ language (not the game). Go is meant to be a perfect compromise between compiled (statically typed) and interpreted (dynamic) languages.

9:34am: The reception for the guy from Microsoft sounds like SNL’s Sarcastic Clapping Family. He’s from their interoperability department… which I assume sits adjacent to legal, where the patents get drawn up.

Ever repeat a word so many times, it loses all meaning? Ready, set, go: cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud, cloud…………

9:28am: A woman from SETI is calling us ‘earthlings’. Finally, I belong.

9:08am: a Facebook guy is talking about “HipHop for PHP”, which is PHP compiled down to C++ compiled down to a fast binary all in the service of… making Facebook pages load faster. And of course, they’ve open sourced it. UNH can consider using this once we earn several ga-jillion page views per day… that is, we don’t need it. Nice to know it’s there though. And I wasn’t aware that “Facebook has been developed from the ground up using open source software.

[continue to Day 3]

Report from OSCON 2010 – Sessions Day 1

The appetizers of the first 2 days have been eaten, and the meat of the conference is now being served. I’ll be liveblogging the sessions from here on out… most recent thoughts at the top:
————————————–

8:21pm (PST… naturally): I’ll fess up; the final two session slots today offered little of interest to me. Instead, I retired to the hotel bar, and ended up in extended conversion with Ed Rynerson, 87 year-old newspaper distributor. I learned more in two hours than I would have at 10 computer programming conferences. Thanks, Ed… I’ll never forget it.

2:30pm: Next up for me: a session on Devel::NYTProf by its author Tim Bunce. This is a module that profiles how much time each section of your Perl code takes to compile and run, to help you find speed bottlenecks. Measure twice, cut once. A couple of tips on optimization, once you’ve determined it’s needed:

  • exit subs as early as you can
  • profile known workloads, don’t worry about tuning for datasets far larger than you’ll ever actually deal with
  • add caching *if appropriate*… easy to introduce bugs here
  • don’t create objects (expensive) that don’t get used
  • rewrite hot-spots in C

I love this piece of advice that Tim has repeated at least thrice now: after you make an optimization, re-test, and if it runs fast enough now, put the profiler DOWN, and walk away. Compulsive performance tuning is a common affliction.

The talk is about the conclude however, and I wish there had been examples of how to profile code running on the web rather than at the command line. Admittedly, I haven’t messed with any of this yet, and it might be dead easy.

1:51pm: Patrick Michaud, Perl 6 implementation superhero, is now showing us some Perl 6 basics. This is becoming an annual treat/tease for me. The upcoming ‘Rakudo Star’ release is not considered production ready, but rather a ‘usable’ release of the new Perl 6 language. Getting closer… I swear it’s true. It’s nice to see these folks taking their sweet time with Perl 6, raising it like a child, rather than hormone-fed beef. It’ll be better for us this way… when we, uh, eat the child. Ok, no more mixing metaphors for me!

11:32am: Eric Day runs a session on Drizzle. The minimalist website echoes the minimalist “lightweight” design… for instance, if you’re not using stored procedures, there is no need to have this feature enabled and impacting performance in your RDBMS. Another interesting tidbit is that Drizzle (a fork, or derivative, of MySQL 6) has completely dumped the MySQL users table for authentication. I like that, I think.

11:01am: Now I’m in a FOSS and EDU session. Here’s an interesting program: the Professors’ Open Source Summer Experience. Think FITSI, but with a focus on open source.

And now something for students… Undergraduate Capstone Open Source Projects. Funny quote from the slide: “The culminating experience of one’s undergraduate experience is an NDA [non-disclosure agreement]“.

9:59am: Marten Mickos is up now, formerly CEO of MySQL AB, before the Sun (and ensuing Oracle) acquisition. Now he’s heading up the Eucalyptus cloud computing platform. His comment about combining his passions for open source and for making money got some laughs… but he’s right. There’s far less tension there than people think (especially, I’m imagining, in a cloud…)

But wait: Eucalyptus is available as both an on-premise or off-premise service. Is on-premise really the ‘cloud’ though? At a certain point we’re just buzzword compliant here… cloud is becoming a term for distributed, load-shared or virtualized systems whereas it used to just mean “that internet out there…”

9:00am: Well here I am at OSCON 2010, a gathering of the best, brightest and myself (heh) here in Portland, Oregon. The Open Source Conference.

Tim O’Reilly kicks off the keynotes and I am immediately reminded: these are the techno-hippies. Psychedelic visions previously confined to the brain are now pixels on the screen, and this is clearly a gathering of technologists who think in far broader terms than ROI and cost-benefit analysis. Open source is, at the core, a very self-conscious social and political movement, which I wish more people in IT understood, and would get behind.

This is becoming more explicit as the keynotes proceed. Jennifer Pahlka has now taken over to push an effort to bring open source software to municipal governments.

The CTO of the District of Columbia is up now. He leaves platform selection decisions to the technologists themselves… to the people who’ll actually implement his solutions, where the rubber meets the road. He hires experts and trusts them. Get this revolutionary off the stage, he obviously doesn’t know how to manage his subordinates properly.

On a side note: the wireless access here at the Oregon Convention Center, supporting some 3,000 geeks on laptops and handhelds, is fast and flawless. This makes me all the more angry at the hotel, whose wireless access shits the bed ritually, in support of only a couple hundred users. When will hotel wireless reach the same amenity status as running water? I woud have gladly traded one for the other at several points this week. Maybe that’s why us geeks sometime smell a little… suspect (back to the techno-hippie theme…)

[continue to Day 2]

Panorama theme by Themocracy