Posted by Daniel Butler
Thu, 17 Aug 2006 17:58:00 GMT
Josh Goebel and Rick Olsen are working on Beast, a "small, light-weight forum in Rails with a scary name and a goal of around 500 lines of code when we're done." Beast is not mature yet, but forums is one application domain that is sorely lacking in the RoR world, and it's good to see people working on innovative applications. phpBB is difficult to maintain, modify, and full of security holes, and I've been searching for a better alternative, perhaps even going so far as to start writing my own forum system.
So far, RForum (stuck at version 0.2 since December 2005) looks like the most mature forum application available for Rails, and it comes complete with email gateway functionality, but hopefully other forum applications will start populating the thriving ecosystem.
Beast Demo Site
Beast Subversion Repository
Posted in Ruby on Rails | no comments
Posted by Daniel Butler
Thu, 17 Aug 2006 14:41:00 GMT
Bruce Tate, a Java book author and Ruby on Rails advocate, discusses the advantages of Ruby on Rails database migration strategy, and concludes:
The migrations story in Java programming is not nearly as robust. Some products have spot solutions for some of the schema migrations problems, but without a systemic process for coordinating schema changes -- both up and down -- dealing with changes in the data and object model can be a difficult task. The Rails solution has some core advantages:
- Rails migrations are DRY (don't repeat yourself). With Rails, you specify each column definition exactly once: in the migration. Some other mappers force you to specify a column six times: in the schema, the getter, the setter, the model's instance variable, the "from" mapping, and the "to" mapping.
- Rails migrations allow data migration as well as schema migration.
- Rails migrations let you use model logic with your data migration where SQL scripts don't.
- Rails migrations are database independent, but SQL scripts aren't.
- Rails migrations allow direct SQL for unsupported extensions (such as stored procedures or constraints), while some ORM mappers don't.
With all of the benefits of migrations, you'd expect a complex piece of code, but they are incredibly simple. Migrations have meaningful names and version numbers. Each migration, has an up and down method. Finally, a rake task coordinates running them in the correct order. This simple strategy is also revolutionary. The idea of expressing each schema change not in the model but as a distinct migration is both elegant and effective. Coordinating both data and schema changes is another paradigm shift, and an effective one. Best of all, these ideas are completely language agnostic. If you're building a new Java wrapping framework, you'd do well to consider migrations.
I personally take full advantage of migrations during development and maintenance of Ruby on Rails, and they have forever solved the chicken-and-egg data, code, and schema synchronization problem which made moving from development to production a unweildy and error-prone process in the past. It's also important to have a histor of the schema changes over time so that if a problem arises, you can track back to the exact change and schema migration which caused it.
Crossing Borders: Rails Migrations Article
Understanding Migrations @ Rails Wiki
Posted in Ruby on Rails | 1 comment
Posted by Daniel Butler
Tue, 15 Aug 2006 10:54:12 GMT
It looks like Windows new Blog publishing tool works out of the box with Typo. This post is being published with the tool.
It features the following goodies:
- WYSIWYG Authoring
- Photo Publishing
- Map Publishing
- Writer SDK
- Compatibility with Blogger, LiveJournal, TypePad, WordPress, and others (including Typo)
If you're on Windows, go try it!
Window Live Writer Main Page
Posted in Web Development | 2 comments
Posted by Daniel Butler
Mon, 14 Aug 2006 14:51:00 GMT
Tanjun'ka, Japanese for "simplification", allows you to quickly post entries to your blog which include photos. The software is open source and is written in C# on the .NET 2.0 framework.
Looks promising!
Tanjun'ka Home Page
Tanjun'ka Download Page
Project Page @ SourceForge
Posted in Open Source | Tags .NET | no comments
Posted by Daniel Butler
Fri, 11 Aug 2006 01:01:00 GMT
If you're running any Rails installations in production, do yourself a favor and sign up to the Rails-Security mailing list. DHH says:
In light of the past days of fun and games, we’ve started a new mailing list focused entirely around security. This list will be much lower volume than the main list and be exclusively about security concerns. You can signup at the rails-security mailing list page.
You'll only receive announcements about Rails security, not discussion, so it won't be too painful when something like this happens again.
David's Blog Entry
Rails-Security Mailing List Signup Page
Posted in Ruby on Rails | Tags security | no comments
Posted by Daniel Butler
Thu, 10 Aug 2006 11:04:00 GMT
Scott Laird has released version 4.0.1 of Typo, the premiere blogging application written in Ruby on Rails. This release includes Rails 1.1.5, which fixes substantial security problems, and everyone is encouraged to upgrade.
The new installer script has several changes, according to Scott:
- It has been spun off into its own .gem and lives in its own source repository, so other projects can use it as well.
- It now supports Postgres as well as SQLite3. I’ll write about this soon.
- It performs database-agnostic backups to a .yml file.
- A number of bugs have been squashed.
Thanks for all the hard work!
Scott's Blog Annoucement
Typo 4.0.1 @ RubyForge
Download Page @ TypoSphere
Posted in Ruby on Rails | no comments
Posted by Daniel Butler
Wed, 09 Aug 2006 22:59:00 GMT
DHH has decreed:
This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn’t affected by this). If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched.
The issue is in fact of such a criticality that we’re not going to dig into the specifics. No need to arm would-be assailents.
So upgrade today, not tomorrow. We’ve made sure that Rails 1.1.5 is fully drop-in compatible with 1.1.4. It only includes a handful of bug fixes and no new features.
So, if this blog goes down in the next few minutes for a nick, that's bloody well why.
Posted in Ruby on Rails | 1 comment
Old Bridge, Magnolia Landing, Apalachiacola National Forest, Florida (October 2004)
