memcache-client version 1.3.0 has been released!

Eric Hodel | Wed, 07 Mar 2007 05:29:02 GMT

http://seattlerb.rubyforge.org/memcache-client

memcache-client is a pure-ruby client to Danga’s memcached.

Changes:

1.3.0

  • Apply patch #6507, add stats command. Submitted by Tyler Kovacs.
  • Apply patch #6509, parallel implementation of #get_multi. Submitted by Tyler Kovacs.
  • Validate keys. Disallow spaces in keys or keys that are too long.
  • Perform more validation of server responses. MemCache now reports errors if the socket was not in an expected state. (Please file bugs if you find some.)
  • Add #incr and #decr.
  • Add raw argument to #set and #get to retrieve #incr and #decr values.
  • Also put on MemCacheError when using Cache::get with block.
  • memcache.rb no longer sets $TESTING to a true value if it was previously defined. Bug #8213 by Matijs van Zuijlen.

Posted in , ,  | no comments

Controlling Rails Process Size: Update

Eric Hodel | Wed, 28 Feb 2007 20:56:24 GMT

A while back Simon Lundström wrote me because he was having problems limiting process sizes using the Process::setrlimit as described in my previous post, Controlling Rails Process Size.

After some back-and-forth we found that on Debian, to limit process sizes use the Process::RLIMIT_MEMLOCK and Process::RLIMIT_AS constants.

On OS X we couldn’t find any RLIMIT_* constants that would effect a limit, nor when setting limits using the ulimit shell builtin. (Probably because OS X doesn’t use the UNIXy brk(2) syscall when you malloc(3) memory.) If somebody knows the magic to limit process size on OS X, I’d like to hear it.

Posted in  | no comments

Test Profiling by Lines Logged

Eric Hodel | Mon, 22 Jan 2007 23:41:00 GMT

At work I've been cleaning up the tests and trying to make them run faster. One way of doing this is profiling the tests and fixing the slow spots. That only works so well, especially if there's lots of duplication or extra work in the tests. With Rails you can go about this a different way, since you have a second source of information on your tests' operation, the log file.

I added the following code to test/test_helper.rb: 

raise 'require\'d test/test_helper twice!, you broke it!' if
  ENV['RAILS_ENV'] == 'test'

At the very top, even above ENV["RALIS_ENV"] = "test" to make sure that the hack to Test::Unit::TestCase below happens only once, then the magic to figure out which test outputs which log lines: 

class Test::Unit::TestCase
  alias unlogged_run run
  def run(result, &block)
    RAILS_DEFAULT_LOGGER.debug "RUNNING #{self.class} #{@method_name}"
    unlogged_run result, &block
  end
end if ENV['PROFILE_LOG']

Each test run will be prefixed with text like RUNNING SomeTest test_blah which I can then run this script on: 

#!/usr/local/bin/ruby -w

test = nil
tests = Hash.new 0

File.open 'log/test.log' do |fp|
  fp.each_line do |line|
    if line.strip =~ /^RUNNING (.*)/ then
      test = $1
    else
      tests[test] += 1
    end
  end
end

tests.sort_by { |test, count| -count }.each do |test, count|
  puts "%5d %s" % [count, test]
end

To get the profile information, I run: 

rake log:clear; PROFILE_LOG=y rake && script/count_logs

When run on Firebrigade, I get the following output (top 10 only): 

  130 ProjectViewTest test_show
   74 DummyControllerTest test_error_500
   59 OwnerTest test_class_owner_count
   42 ProjectControllerTest test_index
   39 HomeControllerTest test_index_no_builds
   38 RestControllerTest test_add_build
   35 ProjectControllerTest test_show_no_versions
   35 ProjectControllerTest test_search_many_matches
   34 RestControllerTest test_add_project
   33 RestControllerTest test_add_version

Now I can quickly discover good candidates for refactoring. #test_error_500 above dumps an email into the logs, so it is a bogus result. That leaves ProjectViewTest#test_show as a candidate for simplification or refactoring.

Posted in , ,  | 2 comments

RubyGems 0.9.0 and earlier installation exploit

Eric Hodel | Sun, 21 Jan 2007 09:08:00 GMT

Problem Description:

RubyGems does not check installation paths for gems before writing files.

Impact:

Since RubyGems packages are typically installed using root permissions, arbitrary files may be overwritten on-disk. This may lead to denial of service, privilege escalation or remote compromise.

Workaround:

No known workarounds

Solution:

  1. Upgrade to RubyGems 0.9.1

  2. Apply one of the following patches:

Note:

Remote installations via Rubyforge will be disabled in the near future for versions of RubyGems earlier than 0.9.1, even for patched versions of RubyGems. Local installations will continue to work, however.

Thanks to Gavin Sinclair for finding and reporting this problem.

Testing your updated RubyGems:

Installing rspec-0.7.5 will give an InstallError on a patched version of RubyGems: 

$ gem install rspec --version 0.7.5
ERROR:  While executing gem ... (Gem::InstallError)
    attempt to install file into "../web_spec/web_test_html_formatter.rb"

An updated rspec (0.7.5.1) has already been released.

Posted in , ,  | no comments

RubyGems 0.9.1

Eric Hodel | Thu, 18 Jan 2007 19:00:00 GMT

Finally, the much anticipated RubyGems version 0.9.1 is now available. This release includes a number of new features and bug fixes.

The most important change in RubyGems 0.9.1 is that RubyGems no longer allows files to be installed outside of the installation directory. A separate security bulletin with full details will be posted shortly.

RubyGems 0.9.1 is a required update. The RubyForge gem repository will soon disallow installation by older versions of RubyGems. Manual installation will still be allowed.

Upgrade note

While require_gem was deprecated in 0.9.0, the bin stubs are still using it (oops!). To get rid of the warnings printed by rake or other bin stubs simply run 'gem pristine --all'.

Changes in RubyGems 0.9.1

Major changes include:

  • RubyGems no longer allows installation of files outside the gem directory
  • #require_gem will now print a warning, use #gem instead
  • RubyGems now requires ruby 1.8.2 or greater
  • RubyGems is -w clean

Minor changes include:

  • gem command changes
    • new gem pristine command
    • new gem outdated command
    • new gem sources command
    • gem uninstall can uninstall multiple gems
    • gem install uses the cache instead of downloading
    • gem install returns non-zero exit code on failure
    • gem install can now set shebang on bin stubs (env or ruby)
    • gem help output now fits in 80 columns
  • many proxy installation improvements
  • gem cert improvements
  • RubyGems is now easier to use as a library
    • Easier programatic installs
    • Easier inspection of local and remote gems
  • extension building enhancements
  • error reporting enhancements (less odd exceptions)
  • require now loads .jar files

Bug fixes:

  • installing from scratch fixed
  • gem install --force forces
  • installing from read-only location works
  • gem uninstall requires full name
  • gem install obeys GEM_HOME for bin scripts
  • RubyGems now installs on ruby 1.9
  • fixed issue with Gem::Specification#hash for JRuby
  • RubyGems now installs RDoc and ri for itself
  • RubyGems is now tab-free

What is RubyGems?

RubyGems is a package management system for Ruby applications and libraries. RubyGems' one command download makes installing Ruby software fun and enjoyable again.

Many gems are available for download from the RubyForge site. Browse the list of gems with a "gem list --remote" command and download what you need with a simple "gem install <name-of-gem>". RubyGems takes care of the details of installing, not only the gem you requested, but also any gems needed by the software you selected.

RubyGems Statistics

  • About 1250 different gems are available from RubyForge
  • Over 540 thousand downloads of the RubyGems software
  • Over 8 million gem downloads

If you are interested in finding out when new gems are released, I maintain an RSS feed at http://onestepback.org/gemwatch.rss.

How can I get RubyGems?

If you have a recent version of RubyGems (0.8.5 or later), then all you need to do is: 

$ gem update --system # you might need to be admin/root
$ gem pristine --all # ... here too

(Note: You may have to run the command twice if you have any previosly installed rubygems-update gems).

If you have an older version of RubyGems installed, then you can still do it in two steps: 

$ gem install rubygems-update # again, might need to be admin/root
$ update_rubygems # ... here too
$ gem pristine --all # and here

If you don't have any gems install, there is still the pre-gem approach to getting software, doing it manually:

  1. DOWNLOAD FROM: http://rubyforge.org/frs/?group_id=126
  2. UNPACK INTO A DIRECTORY AND CD THERE
  3. INSTALL WITH: ruby setup.rb all (you may need admin/root privilege)

What's Next

For RubyGems 0.9.2 the RubyGems team is looking to add:

  1. Integration of local and remote installation
  2. Automatic installation of platform-specific gems

Thanks

Contributors to this release include:

Anatol Pomozov, Gavin Sinclair, David Lee, Ryan Davis, Robert James, Chris Morris, Sylvain Joyeux, Sava Chankov, Tom Pollard, Kevin Clark, Andy Shen.

Keep those gems coming!

Posted in , ,  | 2 comments | no trackbacks

Tattle Host OS

Eric Hodel | Wed, 10 Jan 2007 16:03:00 GMT

After two days and 562 tattle reports a picture of rubyists' operating system choice is emerging: 

$ ruby filter_host_os.rb tattle-host_os-20070110-1053.yml 
  darwin8: 242
linux-gnu: 161
  mswin32: 116
 freebsd6: 16
 solaris2: 7
  darwin7: 5
   cygwin: 4
 openbsd4: 4
    linux: 2
 freebsd5: 2
  darwin9: 2
 openbsd3: 1

Generated from: 

$ cat filter_host_os.rb 
require 'yaml'

data = YAML.load ARGF.read

collapsed = Hash.new 0
data['host_os'].each do |os, count|
  os =~ /^(.*?)(\.|$)/
  collapsed[$1] += count
end

length = collapsed.keys.sort_by { |k| -k.length }.first.length

collapsed.sort_by { |o,c| -c }.each do |os,count|
  puts "%#{length}s: %d" % [os, count]
end

Posted in ,  | 2 comments | no trackbacks

Tattle: The Ruby Census

Eric Hodel | Mon, 08 Jan 2007 21:23:51 GMT

The most-requested feature for RubyGems is the addition of a platform preference for automating installs and ignoring gems for the platforms you aren’t on. In order to help get there, Jim, Chad and Bruce have put together tattle:

At the first Rails Edge conference, Jim Weirich, Bruce Williams, and I were chatting about how to improve the RubyGems platform-specific behavior, when we realized that it would be really helpful to have more info about the install footprint of the Ruby community at large.

So instead of going right into hacking RubyGems as was our plan, we created a little census tool and an accompanying web site to help us collect information. Most of the info we collect is from Config::CONFIG, with the addition of the RubyGems version.

We know this information will help the implementers of RubyGems, and we hope it will also help Ruby implementers and library developers as well.

To install:

$ sudo gem install tattle

To submit your info:

$ tattle

If you want to see what would be posted before posting, you can do:

$ tattle report

The information gets posted to http://tattle.rubygarden.org. You can view the posted data with your web browser at that URL.

Tattle: The Ruby Census via ChadFowler.com

Posted in ,  | 3 comments | no trackbacks

RubyGems Beta 0.9.0.9

Eric Hodel | Mon, 08 Jan 2007 01:28:33 GMT

Beta version 0.9.0.9 is now available with:

gem update --system --source http://onestepback.org/betagems

This will be the last beta with major changes before the release of 0.9.1.

Upgrade note

While require_gem was deprecated in 0.9.0, the bin stubs are still using it (oops!). To get rid of the warnings printed by rake or other bin stubs simply run gem pristine --all.

What’s new since 0.9.0?

Lots! Many changes both big and small! Here’s an incomplete summary:

  • require_gem is deprecated and will print a warning. Use gem instead.
  • RubyGems now requires ruby 1.8.2 or greater.
  • gem command changes
    • new gem pristine command
    • new gem outdated command
    • new gem sources command
    • gem uninstall can uninstall multiple gems
    • gem install uses the cache instead of downloading
    • gem install returns non-zero exit code on failure
    • gem install can now set shebang on bin stubs (env or ruby)
    • gem help output now fits in 80 columns
  • now -w clean
  • many proxy installation improvements
  • gem cert improvements
  • RubyGems is now easier to use as a library
    • Easier programatic installs
    • Easier inspection of local and remote gems
  • extension building enhancements
  • error reporting enhancements (less odd exceptions)
  • many bugs fixed or closed (0 bugs in tracker!)
  • require now loads .jar files
  • select bug fixes:
    • installing from scratch fixed
    • gem install --force forces
    • installing from read-only location works
    • gem uninstall requires full name
    • gem install obeys GEM_HOME for bin scripts
    • RubyGems now installs on ruby 1.9

New since beta 0.9.0.8

  • fixed issue with Gem::Specification#hash for JRuby
  • RubyGems now installs RDoc and ri for itself
  • RubyGems is now tab-free
  • require_gem warning prints file and line information

For full details, read the ChangeLog.

Posted in , ,  | no comments | no trackbacks

rbayes 1.0.0 Released

Eric Hodel | Sun, 07 Jan 2007 06:24:31 GMT

rbayes version 1.0.0 has been released!

rbayes-1.0.0 documentation.

An bayesian filter fed by a tokenizer that throws crap out you’d find in emails. Originally by Dan Peterson

Changes:

1.0.0 / 2007-01-06

  • Birthday!
  • Fully refactored from Dan Peterson’s original to be in a single class.

Posted in ,  | 2 comments | no trackbacks

Later that month: healing

Eric Hodel | Sun, 31 Dec 2006 09:09:47 GMT

Why the Lucky Stiff posts a year in review for 2006:

April – Canada on Rails. DHH says the F-word. And flips the crowd off or something. It’s a pretty serious deal. Later that month: healing.

A Fine Time, Oh Yes! via RedHanded

Posted in ,  | no comments | no trackbacks

Older posts: 1 2 3 4 5 ... 8