Testing rubys initialize

October 6th, 2014 6 comments

In /ruby you have a lot of flexibility in writing code, this includes possibility to not initialize an object.
I use this for testing my initializers, here are some examples how to do it.

Lets start with ruby class:

class TestMe
  attr_reader :value
  def initialize(value = nil)
    @value = value
  end
end

It’s a simple example where only initialize can set a value, usually you use more advanced code, but this is just a minimal example.

Now lets test it:

describe TestMe do
  subject do
    TestMe.allocate
  end

  it "has default value" do
    subject.send :initialize
    subject.value.must_equal nil
  end

  it "sets value" do
    subject.send :initialize, 3
    subject.value.must_equal 3
  end

end

For more real live examples of allocate check

RVM 2.0 Fundraiser halfway

October 30th, 2013 Comments off

Hello Ruby Lovers,

First off, I want to thank everyone who has donated to the RVM 2.0 fundraiser so far. Every contribution counts and I appreciate them all, no matter how small! I would also like to thank EngineYard for their sponsorship of RVM over the last two years, which has allowed me to add:

  • tests,
  • stable releases,
  • ruby binaries, and
  • automatic dependency installation (autolibs)

…among many others.

Working solely on RVM 1.x for the last few years has given me a unique view into the Ruby community. I discovered some of the most common issues users run into and tried to address them in RVM by automating installation and configuration to improve everyone’s experience with Ruby (both newcomers and experienced developers).

It was also during this time that I realized that maintaining a huge project in shell (20,000 lines) isn’t possible — it’s hard to separate modules, it’s hard to test, and advanced algorithms either slow down or need to be simplified to shell coding limitations. All of these lead to the idea of rewriting RVM in Ruby.

Initially, I resisted the idea of rewriting RVM in Ruby since there were some ideas touching static ZSH. However, thanks to DRUG, I was convinced. It seemed all the elements were in place, most importantly, binary rubies which are required for easy bootstrapping. As such, I came up with the RVM 2.0 slogan: “with RVM 2.0, you get one Ruby for free”.

I believe in Ruby. I believe it can be used for more than just web applications. We have a vast ecosystem of gems and Ruby implementations and we are constantly discovering new ways to use Ruby, like Rubinius X, JRuby 9k and Shoes 4. I want RVM 2.0 to become one of those projects that shapes the future of Ruby, and with your help, it can.

If you use RVM personally, please show your support. If you use RVM at work, please encourage your employer to show their support. Everything counts!

https://www.bountysource.com/fundraisers/489-rvm-2-0

Cheers,
Michal

Categories: Development, News Tags: , ,

please hack my rails

October 17th, 2013 1 comment

Security is hard, it requires knowing your system is vulnerable, you should assume it is, but many Ruby on Rails developers seem to forget about it.

I’m writing this because a security vulnerability is promoted and it has to be stopped. The problem is adding bin, ./bin or $pwd/bin to $PATH. This is extended version of the problem with . in $PATH described here http://www.tldp.org/HOWTO/Path-12.html.

When bin or it’s variation is in $PATH, attacker can place there executable that will be executed instead of system files and gives attacker possibility to run code on your system easily. This is described better here (for the . case): http://www.dankalia.com/tutor/01005/0100501004.htm.

So why would anyone advice us to jeopardize our system? The answer is bundle exec, it is so long to write and is required to run proper versions of gems placed in Gemfile. To avoid calling it the bundler gem introduces binstubs, many developers advised adding the bin variation to $PATH to simplify calling bin/binary to just binary.

I guess you are thinking now “how is it relevant, I do review my code before running any commands”, the question is “are you?”. There is a lot of tools and extensions to shell that run commands for you, the simplest would be using PS1 to display git status, something like \u@\h:\w $(git branch) > it will execute a git command when displaying the prompt. So when someone writes bin/git into the repository – it will be executed before you can review code after git pull. The prompt and pre command hooks are very popular now and give a lot of options for attackers when bin is in $PATH.

“What should I do then?”

First, you can stop being lazy and type bin/rake or bundle exec rake this way Bundler will be loaded without the possibility to add extra code to your $PATH.

Another solution that helps to fix this problem – I wrote a gem rubygems-bundler which automates calling bundle exec, it does check if the executed binary is part of Gemfile and automatically calls Bundler.setup when needed, this eliminates the need to use binstubs wrappers.

Day from opensource project maintainer: git commit –author

October 2nd, 2013 1 comment

Working as opensource project maintainer is a big task. I have been doing it for some time for the RVM project thanks to Engine Yard.

Problem

A big part of the maintenance is accepting others code for the project; it is very important to handle it well so the code author wants to get back to us and help again. As much as Ruby community is opensource oriented there are few things that can be improved. It happened a few times to me and other developers that the code was merged into projects without preserving authorship. This is a basic error made by maintainers, so I want to share some thoughts on how I try to avoid that problem when maintaining RVM. This problem mostly happens when the we want to change the commits, but is not limited to it and happens also without changes.

Easy way

When you do not care about number of commits you can merge the commit from Github or using hub and then add new commit on top updating it to proper state mentioning the ticket number in commit:

git commit -m "Formatting ..., update #2195"

For example see https://github.com/wayneeseguin/rvm/pull/2195

Limit number of commits

The most basic method when you want to limit the number of commits is to apply changes from the committer and then commit it using the --author flag. I used this for https://github.com/wayneeseguin/rvm/pull/2238 – getting the proper result with involving author would require too much work as for small commit, so I did the required changes to the code (just changing order of paragraphs) and committed it using:

git commit -m "..., closes #2238" --author "Name <author@email.com>"

It is important that the author matches exactly the original author name and email (from their commits) so it does not confuse others or tools used (like git annotate). Also make sure to mention the pull request (close #2238) so it is automatically closed and your commit is linked with it.

Work with the author

The slowest way is to actually talk to the author and explain to him/her what changes are required to make his/her commit accepted. For example, this happened in https://github.com/wayneeseguin/rvm/pull/2187 where most of the discussions happened on IRC or Skype sometimes in comments. This way the person contributing gets best experience and getting back to coding on your project is much easier for him/her.

MINASWAN

Matz Is Nice And So We Are Nice

Most important for maintaining your project is treating other developers with respect, they are human beings, being impolite just builds a wall and ensures they will not get back to you or your project.

Other ways?

Obviously there have to be other ways to handle this, please comment below if you use another flow.

Categories: Development, Linux Tags: , ,

Review “Instant Sinatra Starter”

July 11th, 2013 Comments off

Two weeks ago I was asked to review book “Instant Sinatra Starter”, usually I get bored by technical books so I try to avoid them, this time I thought I can give it a try.

I need to point out on beginning that my review might be biased as I am maintainer of RVM, which got very low coverage in the book. It would cut few pages of unnecessary instructions that are system specific if RVM was used in the book.

Although I do not agree with few technical explanations and encouraged practices I found the book quite good and it guided me nice through Sinatra. The book goes into deep details about explaining every aspect of working with Sinatra, starting with very simple examples and extending progressively to the point where user can build full web app based on database. With more advanced topics the instructions get more tight missing some interesting details.

The book does not only focus on building the application but also on online hosting sources and application itself so it can be shared with others – the opensource model. Unfortunately the book in some categories goes into deep detail describing something like in case of templates, I think some diversity would help a bit, like beginning with basics of ERB templates and then going into detail of Slim templates, where now it starts and ends with Slim.

I would recommend this book for people wanting to start with ruby, it gives an easy start with great effects and multiple possibilities to play around and share results with friends. As good the book is for beginners I do not think more advanced users would consider it much useful, the book does end up to early not showing a bit more advanced topics like testing or modularization. Finally as tempting it is to use very small framework any app with few database tables, authentication and authorization will require reimplementing rails – so keep it small with Sinatra, for any bigger projects pick Rails.

Categories: Development, Review Tags: , ,