Snippets – JavaScript, Node, Git, HTTP2 and Regexps

snippets07In this Snippets, 6to5 becomes Babel, Node.js 0.12 on Pi, Git 2.3, HTTP2 explained and regular expressions from chained methods.

6to5 becomes Babel – As ES6, the next generation JavaScript, starts arriving in browsers the 6to5 transpiler, which converts ES6 code into current ES5 code so you can run your JavaScript apps on old and new browsers, has been looking to its future and changed its name to Babel to reflect its future plans. In a blog post the project explains that the transpiler’s codebase is not just useful for ES6 to ES5 conversion but to a whole range of IDEs and tools to come, so they’ve changed name and will begin opening up the API to let other projects plug into it. Smooth move.

Node.js 0.12 on a Pi – If you’re trying to build Node.js on your older Raspberry Pi, you may have problems. Not now – Thanks to Conor O’Neill who has built Node.js getting around a problem with identifying the version of ARM processor by… applying some patches from io.js. You can download the built version from his blog… which will save you many hours of build time. Comments suggest not rushing as it seems slower and you can already get a nightly release for ARM v6 for io.js.

Git 2.3 is out – The latest version of Git adds a push-to-deploy option so rather than log in to your server and git pull the latest version down, you can automatically have the server download new versions. Handy, but potential for huge blowback, use after considering the probable issues. There’s also a new trick where cloning can borrow assets from another local clone.

HTTP2 Explained – In HTTP2 Explained Daniel Stenberg is pulling together everything you need to know about HTTP2 in one living document. HTTP2 is going to be a big part of everyone’s web future, so it’s a good time to get reading.

Regexps from chains – The interesting idea from RegExpBuilder is why not use chained JavaScript functions to create regular expressions. Pro, wordier syntax explains more. Con, wordier syntax vs Regexp’s confusing compactness. Interesting idea though.

OS X’s Hypervisor, Snabbt JS animation and Nim

snippets03Did you know Mac OS X 10.10 had a hypervisor framework? No, me neither, but it does and that means you can do things with hypervisors without the need for kernel extensions and stuff. Pagetable.com shows you how to tap into it with an example of building a simple DOS emulator but goodness, this is backed with potential for some clever, easy to install, apps.

Want some smooth animation in your JavaScript driven pages? Snabbt.js might be for you. Works with or without jQuery too. You just start a snabbt call that points at an element on the page then chain the animation operations to that call. Boom, smoothly spinning buttons with multiple sequential behaviour and more.

Looking for a new language? The Nim folk are looking for you then. Formerly Nimrod, now Nim, is a language with some interesting elements and one of the language’s advocates has listed out some of them. If the idea of code that runs during-compilation, baked-in templates and macros, optimisation templates and compiling to C interest you, you might want to have a look at the currently unstable language – it’s heading for a 1.0 in a few months.

Developer Catchup: POODLE, Tails, Docker, Redis and more

developercatchupPOODLE yips: In what was a glorious nail in the coffin of SSLv3, the POODLE vulnerability(PDF) made sure no one would trust SSLv3 again. The simple fix is to turn off SSLv3 where its used. The bug itself is bad in terms of cryptography, in that it gives an attacker a route to completely decode a stream that has been encrypted, but in practice its not as bad because the attacker has to be a man in the middle to get started. So, using SSLv3 from the open Wi-Fi at the fast food cafe, a bad thing. More worthwhile reading includes Imperial Violet’s explanation and Zmap.io’s guide to disabling SSLv3 in servers.

Chasing Tails: The Tails Live Linux distro, which tries its level best to be an bootable anonymous secure distro, has had an update to Tails 1.2. In the wake of the POODLE hole, it’s switched over to Tor Browser, dropping the IceWeasel, and that change also happens to close its POODLE vulnerability. There’s also Tor and kernel updates and various other minor changes. If you use it, just upgrade.

Docker tightens security: Docker 1.3 has landed, or more accurately Docker Engine 1.3. Highlight is digital signature verification of repositories of images, albeit as a tech preview of the feature. A production option also lets you set SELinux and AppArmor profiles from the command line. Other goodies include the ability to inject a process into a running Docker app so you can wake up a shell when you need to debug something, create and start commands for containers (on top of existing the all in one run command) and most usefully to me at least, shared directories on Mac OS X. The more interesting (as in get the popcorn) move from Docker is its partnering with Microsoft with a long term goal of making Docker run on Windows containers, not just on an a VM with Linux inside. Big challenge there as Microsoft have to basically get cgroups and more onto Windows Server.

Redis Clustered: The Redis key/value cache and store has pushed a release candidate for Redis 3.0.0 out. This is a rather important release as @antirez explains in his blog, it’s the first version with Cluster support, a long in-development feature, which has reached “minimum viable product” level and is stable enough for testing.

Quickies: 6to5 – turns JavaScript ES6 code into plain ES5 code which could be well useful. Asciicinema – lets you record and playback terminal sessions (and could be even better with audio – hint). On the to read list – Building Web Apps with Go – MIT licensed book based around Heroku use but lots of interesting content. And Whiteout Mail has gone open source – it’s all about accessible secure mail and has been in the works since 2013.

Developer Catchup: Synchronous Node, Serviced Polyfills, Sparks Sparked, Tangrams Mapped and SHAaaaaaa!

developercatchupNode.js synchronously: Node.js is sweet if you can adapt to the asynchronous model of start thing, say what you want to do when its done, do everything else anyway. Good for web request handling but bleh for trying to emulate a shellscript. Turns out that in Node.js 0.12 (coming soon? anyone? Bueller?) we get synchronous child processes to now you can run that curl or find or whatever and just wait till its returned with its results. The folks at Strongloop have written about these synchronous child process methods and how they make writing command line utilities in Node easier. Check it out Noders.

Serviced Polyfills: Polyfills fill gaps in browser functionality and standards compliance. The older the browser, the more Polyfill you need to fill the gaps and the newer, the less. But it gets hard working out how much Polyfill you are going to need. Fear not, as Samuel Giles at FT Labs has an answer, “Polyfills as a Service“. Add a simple script tag pointing at a source from the polyfill.io content delivery network to your pages and whatever browser views your page, it gets the polyfill it needs. This is because the system sniffs the browser agent and works out the best set of polyfill based on that. Neat idea, potentially very handy – and you can run your own private version if you need to.

Spark sparks: Apache Spark just got a 1.1 release. Spark is Hadoop data processing engine which can run on YARN-based Hadoop clusters or in standalone mode. Spark 1.1 improves the performance (and they already say they are up to 100 times faster than Hadoop MapReduce) and has SQL layer enhancements. 1.1 also adds more statistical functions, can take steaming data fromAmazon Kinesis and pull data from Apache Flume and more. If your into clusters and data crunching and haven’t looked at Spark, you might want to look into it.

Tangram Mapping: Do you want to render cool 2D and 3D maps? Check out Tangram, a Mapping Library then as it is building out from a WebGL implementation to other OpenGL platforms to make oodly cool dynamic map renders. Very slick.

SHAaaaaaa!: We mention the Google sunsetting of SHA-1 the other week. If you were unsure why this was important, can we send you off to Why Google is Hurrying the Web to Kill SHA-1 which explains why it all and includes a brief history of collision attacks in the wild.

Codescaling Catchup

CodescalingCatchupRegular readers may have noticed a bit of a slow down in postings as I’ve been rearranging the scheduling of things here at Codescaling to allow for other commitments. Hopefully, I’ll be doing a regular Sunday catchup of what would have been snippets and during the week I should, all going well, be looking at a particular thing, be it software or hardware, thats in scope that week. As some may know, I’m curating HackWimbledon and may cover some of the hands on stuff there. But enough of plans… What’s on the catchup this week…

I’ve been doing some work with Eclipse Orion, a web-centric IDE with some interesting attributes, so I was interested to see news of forthcoming language support enhancements coming in Orion 6.0. Lots of interesting bits like syntax highlighting that brings in Arduino files, new documentation generators, the ability to use all the tooling while the JavaScript is embedded in HTML, better tunable JavaScript validation with new rules and so on… worth checking out.

Google landed Go 1.3 this week and it does seem to feel quicker and slicker (I’m getting on with Go code myself and noticed the difference). The experimental support for DragonFly BSD, Plan 9 and Solaris is intriguing… Go on Plan 9 feels like a giant philosophical loop being closed. Also interesting is discussion of Go for Android from one of the Go team… it seems to be on course to start emerging in Go 1.4.

Big news in Python land where the PyPy team landed the first stable release of PyPy3. PyPy is a very compliant Python interpreter with a tracing JIT compiler built in. It had been stable only on Python 2.x but now there’s PyPy3 (libraries are at Python 3.2.5 level, unicode support from Python 3.3). At some point the Python 2.x->3.x transition logjam will be broken and this will be a big help.

Coin cells didn’t immediately strike one as a space for useful research but I was proved wrong on reading How much energy can you really get from a coin cell?, where different makes and models of cell were compared using an ARM controller which systematically loaded each battery. I’m more curious about this now as I just took delivery of PunchThrough’s Light Blue Beans, Arduino style controllers with Bluetooth and powered by a coin cell, but more about those in a future Codescaling post – till then check out the Surf Report Notifier.

The OpenSSL/Heartbleed fallout continues with Google’s latest move, BoringSSL, a bidirectional fork (the codebase’s separate but patches continue to flow in both directions – it needs a term, so bidifork) of the OpenSSL code. Google seem to be using bididforks to allow them to stay plugged into communities but retain control of their destiny; Webkit and Blink seems to be the first bidifork. Whether they work, we don’t know, but I suspect that its an area ripe for research and even formally recognising as an middle course for open source projects between fighting and forking.

On the Todo list – have a look at the Maynard/Wayland desktop on the Raspberry Pi, check out the OEM BeagleBoard Blacks, browse through the undocumented Swift standard library and now it’s a 1.0, checkout the WordPress REST API.

Just released: Socket.IO 1.0, Git 2.0 and OrientDB 1.7 – Snippets

Snippets.png
Socket.IO 1.0: Socket.IO has hit version 1.0 – the Node.js and browser library which started life as an implementation of the WebSockets interface and has gone on to “become the EventEmitter of the web”. The 1.0 release and changes are broken down in a blog posting, the first on a newly redesigned, and much more useful, Socket.IO website. In brief, modularisation, tighter code, binary support (so you can emit blobs and buffers), automated testing, better scalability using redis, more integration (including PHP support), better debugging support (and silence by default), sleeker APIs and CDN delivery. And the future plans include handling Node.js streams, Socket.IO support in Web Inspector and Firefox Dev Tools and more language and framework support. A splendid tool to have in your arsenal.

Git 2.0: The distributed version control system which made distributed version control systems cool before even version control could be cool, Git, has reached version 2.0. In the announcement of the new release, there’s a long list of all the changes and notes on backward compatibility. The 2.0 release has been anticipated by the developers for a while so a lot of ground work had already been done in previous 1.x versions making the 2.0 release look more like a minor release than a major version bump but there’s still plenty of changes and a foundation prepared for future changes. On that subject, there’s a promise of a shorter release cycle for the next release as delays have meant a number of features ‘cooking’ for longer in the ‘next’ branch.

OrientDB 1.7: Version 1.7 of the Document/Graph/Sql/NoSQL database OrientDB is available. The announcement for 1.7 notes better perforamnce, new clustering options, support for SSL and sharding, simplified configuration, new SQL commands including parallel queries, plugins for Lucene-based full text searching and more. There’s an Apache 2 licensed community edition of the database and commercially sold and supported professional and enterprise editions.

Perl 5.20 released, Openduty open sourced and Numeral.js counted – Snippets

snippets03
Perl 5.20: After 12 months of development work, Perl 5.20 has arrived with around 470,000 lines of changes from 124 authors. Your first port of call is the perldelta for 5.20 which lists all the changes – Unicode 6.3 support, a new slice syntax, better 64 bit support, better locale handling, more consitent tainting, do subroutine made a syntax error, quotey escape changes, performance enhancements, lots of module upgreades and some new modules too… the list is huge and if you’re a Perl developer you’ll have plenty to dig into there.

Openduty: Do you have a need to be paged or page others when things go awry? Openduty is Ustream’s contribution to handle escalating incidents like that and its just been open sourced. Developed at a company hackathon, it’s API compatible with PagerDuty, one of the leaders in commercial escalation, works with nagios monitoring and can generate email, XMPP, SMS, Phone and Push notifications. Openduty is licensed under the DWTFYWPL, the licence that won’t make it past most profanity filters. Who you gonna call? Everyone who’s on call of course.

Numeral.js: Got some numbers to format in your JavaScript? Numeral.js is a minimal library to help out with that offering formatting (and unformatting) for numbers. There’s other ways of formatting, like the nearly full implementation of ECMAScript Internationalisation that is Intl, but if you want something quick to use light you might like Numeral.js. It was inspired by Moment.js, the time formatting library.