Ylan Segal

The REPL: Issue 21 - April 2016

The Optimist’s Guide to Pessimistic Library Versioning

Richard Schneeman, writes a well though out post on library versioning. He previously wrote about Semver and now continues on that vein with how it applies in practice for library authors and users. The key take-away is that adhering to Semver and the widespread use of optimistic locking can alleviate a great deal of the pain of maintaining and upgrading dependencies for projects.

Detecting the use of “curl | bash” server side

Internet security is fascinating. I have read advise that before using curl to download a file and piping directly to bash, you must ensure that you know what you are downloading. However, as this post proves, looking at the URL in your browser is not enough. By using a clever trick to detect how data is being pulled from a server, an attacker can present different content when URL is being downloaded and piped to bash. Security is hard. Really Hard.

Git history is underrated

Author’s thoughts on what a project’s log of commit messages are: A history of why the code in the repository is the way it is. For the reasons outlined, I prefer never to squash commits when merging.

The REPL: Issue 20 - March 2016

How To Deploy Software

Zach Holman writes and in-depth post about software deployment, based on his experience at Github - well known for their automated and frequent deployments to their production environment. Most of what is covered is applicable for web applications, but some of the concepts carry over to device applications.

Rebuilding Git in Ruby

In this post, Joël Quenneville distills the basics of how the core git internals work. In order to illustrate, he reimplements in Ruby the basics of git: Initializing a repository, staging files and committing. This is a case of where powerful abstractions can compose to create a software system with capabilities seemingly far greater than the building blocks it relies on.

The REPL: Issue 19 - February 2016

Is Your Postgres Query Starved for Memory?

In his usual thorough way, Pat Shoughnessy once again explores the internals of PostgreSQL. In this post, he explores how tweaking the configuration has dramatic effects on specific query performance, but doesn’t come for free.

I am a puts debuggerer

Aaron Patterson, aka tenderlove, knows ruby. He is both a ruby-core and a rails-core member and works on multiple other gems, like Nokogiri. In this post, he explores in depth several techniques he uses for debugging. Getting insight into a running program is a great skill to have. This article will surely teach you more than one trick.

The Zen Of Erlang

A great introduction to the Erlang (and by extension Elixir) philosophy on how to construct fault-tolerant, highly available systems. If you have never seen a line of Erlang, fear not: After reading this comprehensive article, you still won’t have.

This Blog Is Now Delivered Over TLS

For many months, I’ve been wanting to add TLS support for this blog, mainly because I believe that the web needs better security. As a content publisher and website owner it is in my best interest to make my content available over a secure connection.

I recently read a post from the Electronic Frontier Foundation, on how site-wide encryption helps fight censorship in other countries. The article is about Medium, a popular blogging platform, and how the use of TLS prevented the Malaysian government from completely blocking the site, in an attempt to suppress speech.

I decided that it was worth my time to finally use TLS.

The REPL: Issue 18 - January 2016

Getting to Zero Exceptions

The folks at Yeller, propose a simple but powerful idea: Don’t tolerate any exceptions in production applications. Having a constant stream of exceptions that don’t really expose something that needs to be fixed causes intolerable noise that erodes confidence in the applications and obscures actual problems. I’ve had projects in the past where this was the rule and loved it. Constant discipline is the key to success.

When to choose Elixir over Ruby for 2016 projects?

Elixir seems to be picking up speed and in this post Hubert Łępicki @ AmbertBit explains when he thinks Elixir is a better option than Rails. And no, the answer is not “always”.

The Rails Doctrine

David Heinemeier Hansson, Rails' BDFL, has written a post on what the philosophy behind Rails is. The content of the post is really interesting and elaborates on his vision of Rails and why it has been successful. It is a clear statement of the values that are important to him. For example, he clearly states that he doesn’t really care about being a purist of any paradigm, like object orientation or MVC, but instead is guided by pragmatism. I recommend Rails and Ruby developers read the post. It’s possible that you don’t agree with all the stated values, but I think it’s a good thing for them to be stated so plainly and clearly. Expectations on all sides are more likely to be met.

Regarding the delivery: DHH at times has been a polarizing person in the community. His manner can be very grating to some. This post also has some of that, starting with the title. Even though the dictionary definition of doctrine is used correctly, in common speech it is usually reserved for religious teachings or tenets of political movements. Used for the principles behind a web-framework (even one that I love and use every day) seems self-aggrandizing. It is easy for me to see past that and take it for a grain of salt, but I know that for some, it can be extremely off-putting.