Django DoS vulnerability
Django's authentication framework is susceptible to DoS attacks by submitting very long passwords. This is fixed in the new versions (1.4.8, 1.5.4, 1.6b4) released yesterday.
Details here: https://www.djangoproject.com/weblog/2013/sep/15/security/
FCModel by Marco Arment
"An alternative to Core Data for people who like having direct SQL access."
Photoshop Generator: auto-updating layers -> assets, node.js scripting against PS
Generator allows you to create image assets in real time as you work. Simply add a file extension to the name of your layer or layer group, and Photoshop will automatically create a JPG, PNG or GIF from the contents of that layer. If you make a change to that layer, the file is immediately updated. This means that you now have a folder of images that are always up-to-date with your Photoshop design.
More at http://blogs.adobe.com/photoshopdotcom/2013/09/introducing-adobe-generator-for-photoshop-cc.html
inclusion of "new" arm64 architecture breaks linking phase when building for iOS simulator and linking 3rd party libs
3rd party static libraries & frameworks compiled prior to the release of Xcode 5 GM Seed won't build for iOS simulator if min deployment target is iOS 7 only, because iOS simulator is 32 bit only (i386 architecture).
Symptom is a failure to link with a message such as: libGoogleAnalyticsServices.a(TAGDataProvider.o), too many compact unwind infos in function anon for architecture i386
Lower your deployment target to 6.1 until Google and others get it together, or build & run only on a device.
gem install elrio
I just released version 0.0.1 of elrio, an analyzer and optimizer for resizable iOS assets. It's very rough around the edges, but gets the job done.
Run it with the
analyze command to get the resizable cap insets from an unoptimized asset, and with the
optimize command to create an optimized version of the asset.
Details and source on GitHub, pull requests welcome: https://github.com/cbguder/elrio
RailsAdmin & Rake are not good friends
RailsAdmin skips its initialization when your Rails environment is started from a Rake task. This seems like it might be good in theory, unless of course your production app is started through a Rake task.
This does not stop RailsAdmin from working, it just doesn't do all the initialization, including any custom Authorization logic you may have defined. It seems like this has the potential for being very bad.
3.5 billion years is the age of bacteria fossils found in Australia. This is longer than earth's atmosphere has had oxygen.
The distance from the Earth to the Sun is almost, but not quite, exactly 1 Au.
Tuesday: Tech Talk: Laura Klein – "Design Hacks"
Every year, 40 million tons of nutrient-rich dust is transported by the wind from the Sahara to the Amazon rain forest.
VT102 Escape sequences
Ever wanted to print several lines to the console, erase it, and print new lines over it? I did. And that's when I read about VT102 escape sequences. For example:
will move your output cursor up a line.
For a full reference, see: http://www.vt100.net/docs/vt102-ug/chapter5.html
useful css => height: calc(100% – 10px);
If you need to combine percentage and absolute sizes and you only need to target modern browsers, css calc is for you. Valid in IE9+
DYK: SidekiqPro has a Batch class?
Yes! You can create batches of jobs, and then, JOIN them together before completing the parent job. At $500, well worth the price of the Pro license. See https://github.com/mperham/sidekiq/wiki#sidekiq-pro for more details.
I'm just a fan.
gem install system_keychain
A gem to make it easy to store credentials in the system (OSX) keychain (particularly useful for writing command-line tools).
Contributions of additional (non-OSX) backends are welcome.
38,000 is the number of man-made objects that have orbited the earth since the launch of Sputnik in 1957
Sputnik is The world's first artificial satellite. It is the size of a beach ball (58 cm. or 22.8 inches in diameter), and took about 98 minutes to orbit the Earth on its elliptical path.
Google Analytics doesn't like floats
Using Google Analytics with the iOS API doesn't work with floats. Ryan says: that's also the case with the web API, not iOS specific.
Rails 4 GUID Primary Key
If you use this feature, it will break your rake db:test:prepare. Either manually migrate your test database, or wait for the 4.01 release to fix it.
Tuesday: eXtreme Tuesday Club
6:30-8pm. Talk about TDD and software design
Parse iOS SDK Depends on Facebook SDK if you use -ObjC linker flag when building your project, which you probably do.
The new Parse iOS SDK has a quiet dependency on the Facebook SDK.
If you link all categories implementations from libraries in an iOS app using the -ObjC
linker flag, the Parse library will whine that you don't have some Facebook SDK categories
2 ways around this:
bring in the Facebook SDK, yuck.
stop using the -ObjC linker flag and use the
-force_load linker flag once for each static library / framework that your project links
"Fun" facts that I learned while doing this:
-force_load goes on a single line in other linker flags the following line is it's target, your library
if you include third party libraries via a dependent project,
-force_load has to point at the correct build configuration, a typical one for me looked like this:
-force_load at the mach-o binary in a static framework … works
2:00 minutes is the amount of time a human being can survive in space unprotected
Debugger Gem Contains GPL code
It takes an especially vigilant legal department to find that a development dependeny claims to be BSD but contains GPL code. Luckily for us, we've got one.
I've opened an issue to see if we can get it removed: https://github.com/cldwalker/debugger/issues/96
Thursday: Games Night
Games Nights every other Thursday. Fourth Floor event space right after work. Pizza will be provided.
vendorer gem for dependencies