Snippets – JavaScript, Node, Git, HTTP2 and Regexps

snippets07In this Snippets, 6to5 becomes Babel, Node.js 0.12 on Pi, Git 2.3, HTTP2 explained and regular expressions from chained methods.

6to5 becomes Babel – As ES6, the next generation JavaScript, starts arriving in browsers the 6to5 transpiler, which converts ES6 code into current ES5 code so you can run your JavaScript apps on old and new browsers, has been looking to its future and changed its name to Babel to reflect its future plans. In a blog post the project explains that the transpiler’s codebase is not just useful for ES6 to ES5 conversion but to a whole range of IDEs and tools to come, so they’ve changed name and will begin opening up the API to let other projects plug into it. Smooth move.

Node.js 0.12 on a Pi – If you’re trying to build Node.js on your older Raspberry Pi, you may have problems. Not now – Thanks to Conor O’Neill who has built Node.js getting around a problem with identifying the version of ARM processor by… applying some patches from io.js. You can download the built version from his blog… which will save you many hours of build time. Comments suggest not rushing as it seems slower and you can already get a nightly release for ARM v6 for io.js.

Git 2.3 is out – The latest version of Git adds a push-to-deploy option so rather than log in to your server and git pull the latest version down, you can automatically have the server download new versions. Handy, but potential for huge blowback, use after considering the probable issues. There’s also a new trick where cloning can borrow assets from another local clone.

HTTP2 Explained – In HTTP2 Explained Daniel Stenberg is pulling together everything you need to know about HTTP2 in one living document. HTTP2 is going to be a big part of everyone’s web future, so it’s a good time to get reading.

Regexps from chains – The interesting idea from RegExpBuilder is why not use chained JavaScript functions to create regular expressions. Pro, wordier syntax explains more. Con, wordier syntax vs Regexp’s confusing compactness. Interesting idea though.

OS X’s Hypervisor, Snabbt JS animation and Nim

snippets03Did you know Mac OS X 10.10 had a hypervisor framework? No, me neither, but it does and that means you can do things with hypervisors without the need for kernel extensions and stuff. Pagetable.com shows you how to tap into it with an example of building a simple DOS emulator but goodness, this is backed with potential for some clever, easy to install, apps.

Want some smooth animation in your JavaScript driven pages? Snabbt.js might be for you. Works with or without jQuery too. You just start a snabbt call that points at an element on the page then chain the animation operations to that call. Boom, smoothly spinning buttons with multiple sequential behaviour and more.

Looking for a new language? The Nim folk are looking for you then. Formerly Nimrod, now Nim, is a language with some interesting elements and one of the language’s advocates has listed out some of them. If the idea of code that runs during-compilation, baked-in templates and macros, optimisation templates and compiling to C interest you, you might want to have a look at the currently unstable language – it’s heading for a 1.0 in a few months.

Developer Catchup: POODLE, Tails, Docker, Redis and more

developercatchupPOODLE yips: In what was a glorious nail in the coffin of SSLv3, the POODLE vulnerability(PDF) made sure no one would trust SSLv3 again. The simple fix is to turn off SSLv3 where its used. The bug itself is bad in terms of cryptography, in that it gives an attacker a route to completely decode a stream that has been encrypted, but in practice its not as bad because the attacker has to be a man in the middle to get started. So, using SSLv3 from the open Wi-Fi at the fast food cafe, a bad thing. More worthwhile reading includes Imperial Violet’s explanation and Zmap.io’s guide to disabling SSLv3 in servers.

Chasing Tails: The Tails Live Linux distro, which tries its level best to be an bootable anonymous secure distro, has had an update to Tails 1.2. In the wake of the POODLE hole, it’s switched over to Tor Browser, dropping the IceWeasel, and that change also happens to close its POODLE vulnerability. There’s also Tor and kernel updates and various other minor changes. If you use it, just upgrade.

Docker tightens security: Docker 1.3 has landed, or more accurately Docker Engine 1.3. Highlight is digital signature verification of repositories of images, albeit as a tech preview of the feature. A production option also lets you set SELinux and AppArmor profiles from the command line. Other goodies include the ability to inject a process into a running Docker app so you can wake up a shell when you need to debug something, create and start commands for containers (on top of existing the all in one run command) and most usefully to me at least, shared directories on Mac OS X. The more interesting (as in get the popcorn) move from Docker is its partnering with Microsoft with a long term goal of making Docker run on Windows containers, not just on an a VM with Linux inside. Big challenge there as Microsoft have to basically get cgroups and more onto Windows Server.

Redis Clustered: The Redis key/value cache and store has pushed a release candidate for Redis 3.0.0 out. This is a rather important release as @antirez explains in his blog, it’s the first version with Cluster support, a long in-development feature, which has reached “minimum viable product” level and is stable enough for testing.

Quickies: 6to5 – turns JavaScript ES6 code into plain ES5 code which could be well useful. Asciicinema – lets you record and playback terminal sessions (and could be even better with audio – hint). On the to read list – Building Web Apps with Go – MIT licensed book based around Heroku use but lots of interesting content. And Whiteout Mail has gone open source – it’s all about accessible secure mail and has been in the works since 2013.

Developer Catchup: Synchronous Node, Serviced Polyfills, Sparks Sparked, Tangrams Mapped and SHAaaaaaa!

developercatchupNode.js synchronously: Node.js is sweet if you can adapt to the asynchronous model of start thing, say what you want to do when its done, do everything else anyway. Good for web request handling but bleh for trying to emulate a shellscript. Turns out that in Node.js 0.12 (coming soon? anyone? Bueller?) we get synchronous child processes to now you can run that curl or find or whatever and just wait till its returned with its results. The folks at Strongloop have written about these synchronous child process methods and how they make writing command line utilities in Node easier. Check it out Noders.

Serviced Polyfills: Polyfills fill gaps in browser functionality and standards compliance. The older the browser, the more Polyfill you need to fill the gaps and the newer, the less. But it gets hard working out how much Polyfill you are going to need. Fear not, as Samuel Giles at FT Labs has an answer, “Polyfills as a Service“. Add a simple script tag pointing at a source from the polyfill.io content delivery network to your pages and whatever browser views your page, it gets the polyfill it needs. This is because the system sniffs the browser agent and works out the best set of polyfill based on that. Neat idea, potentially very handy – and you can run your own private version if you need to.

Spark sparks: Apache Spark just got a 1.1 release. Spark is Hadoop data processing engine which can run on YARN-based Hadoop clusters or in standalone mode. Spark 1.1 improves the performance (and they already say they are up to 100 times faster than Hadoop MapReduce) and has SQL layer enhancements. 1.1 also adds more statistical functions, can take steaming data fromAmazon Kinesis and pull data from Apache Flume and more. If your into clusters and data crunching and haven’t looked at Spark, you might want to look into it.

Tangram Mapping: Do you want to render cool 2D and 3D maps? Check out Tangram, a Mapping Library then as it is building out from a WebGL implementation to other OpenGL platforms to make oodly cool dynamic map renders. Very slick.

SHAaaaaaa!: We mention the Google sunsetting of SHA-1 the other week. If you were unsure why this was important, can we send you off to Why Google is Hurrying the Web to Kill SHA-1 which explains why it all and includes a brief history of collision attacks in the wild.

Codescaling Catchup

CodescalingCatchupRegular readers may have noticed a bit of a slow down in postings as I’ve been rearranging the scheduling of things here at Codescaling to allow for other commitments. Hopefully, I’ll be doing a regular Sunday catchup of what would have been snippets and during the week I should, all going well, be looking at a particular thing, be it software or hardware, thats in scope that week. As some may know, I’m curating HackWimbledon and may cover some of the hands on stuff there. But enough of plans… What’s on the catchup this week…

I’ve been doing some work with Eclipse Orion, a web-centric IDE with some interesting attributes, so I was interested to see news of forthcoming language support enhancements coming in Orion 6.0. Lots of interesting bits like syntax highlighting that brings in Arduino files, new documentation generators, the ability to use all the tooling while the JavaScript is embedded in HTML, better tunable JavaScript validation with new rules and so on… worth checking out.

Google landed Go 1.3 this week and it does seem to feel quicker and slicker (I’m getting on with Go code myself and noticed the difference). The experimental support for DragonFly BSD, Plan 9 and Solaris is intriguing… Go on Plan 9 feels like a giant philosophical loop being closed. Also interesting is discussion of Go for Android from one of the Go team… it seems to be on course to start emerging in Go 1.4.

Big news in Python land where the PyPy team landed the first stable release of PyPy3. PyPy is a very compliant Python interpreter with a tracing JIT compiler built in. It had been stable only on Python 2.x but now there’s PyPy3 (libraries are at Python 3.2.5 level, unicode support from Python 3.3). At some point the Python 2.x->3.x transition logjam will be broken and this will be a big help.

Coin cells didn’t immediately strike one as a space for useful research but I was proved wrong on reading How much energy can you really get from a coin cell?, where different makes and models of cell were compared using an ARM controller which systematically loaded each battery. I’m more curious about this now as I just took delivery of PunchThrough’s Light Blue Beans, Arduino style controllers with Bluetooth and powered by a coin cell, but more about those in a future Codescaling post – till then check out the Surf Report Notifier.

The OpenSSL/Heartbleed fallout continues with Google’s latest move, BoringSSL, a bidirectional fork (the codebase’s separate but patches continue to flow in both directions – it needs a term, so bidifork) of the OpenSSL code. Google seem to be using bididforks to allow them to stay plugged into communities but retain control of their destiny; Webkit and Blink seems to be the first bidifork. Whether they work, we don’t know, but I suspect that its an area ripe for research and even formally recognising as an middle course for open source projects between fighting and forking.

On the Todo list – have a look at the Maynard/Wayland desktop on the Raspberry Pi, check out the OEM BeagleBoard Blacks, browse through the undocumented Swift standard library and now it’s a 1.0, checkout the WordPress REST API.

Just released: Socket.IO 1.0, Git 2.0 and OrientDB 1.7 – Snippets

Snippets.png
Socket.IO 1.0: Socket.IO has hit version 1.0 – the Node.js and browser library which started life as an implementation of the WebSockets interface and has gone on to “become the EventEmitter of the web”. The 1.0 release and changes are broken down in a blog posting, the first on a newly redesigned, and much more useful, Socket.IO website. In brief, modularisation, tighter code, binary support (so you can emit blobs and buffers), automated testing, better scalability using redis, more integration (including PHP support), better debugging support (and silence by default), sleeker APIs and CDN delivery. And the future plans include handling Node.js streams, Socket.IO support in Web Inspector and Firefox Dev Tools and more language and framework support. A splendid tool to have in your arsenal.

Git 2.0: The distributed version control system which made distributed version control systems cool before even version control could be cool, Git, has reached version 2.0. In the announcement of the new release, there’s a long list of all the changes and notes on backward compatibility. The 2.0 release has been anticipated by the developers for a while so a lot of ground work had already been done in previous 1.x versions making the 2.0 release look more like a minor release than a major version bump but there’s still plenty of changes and a foundation prepared for future changes. On that subject, there’s a promise of a shorter release cycle for the next release as delays have meant a number of features ‘cooking’ for longer in the ‘next’ branch.

OrientDB 1.7: Version 1.7 of the Document/Graph/Sql/NoSQL database OrientDB is available. The announcement for 1.7 notes better perforamnce, new clustering options, support for SSL and sharding, simplified configuration, new SQL commands including parallel queries, plugins for Lucene-based full text searching and more. There’s an Apache 2 licensed community edition of the database and commercially sold and supported professional and enterprise editions.

Perl 5.20 released, Openduty open sourced and Numeral.js counted – Snippets

snippets03
Perl 5.20: After 12 months of development work, Perl 5.20 has arrived with around 470,000 lines of changes from 124 authors. Your first port of call is the perldelta for 5.20 which lists all the changes – Unicode 6.3 support, a new slice syntax, better 64 bit support, better locale handling, more consitent tainting, do subroutine made a syntax error, quotey escape changes, performance enhancements, lots of module upgreades and some new modules too… the list is huge and if you’re a Perl developer you’ll have plenty to dig into there.

Openduty: Do you have a need to be paged or page others when things go awry? Openduty is Ustream’s contribution to handle escalating incidents like that and its just been open sourced. Developed at a company hackathon, it’s API compatible with PagerDuty, one of the leaders in commercial escalation, works with nagios monitoring and can generate email, XMPP, SMS, Phone and Push notifications. Openduty is licensed under the DWTFYWPL, the licence that won’t make it past most profanity filters. Who you gonna call? Everyone who’s on call of course.

Numeral.js: Got some numbers to format in your JavaScript? Numeral.js is a minimal library to help out with that offering formatting (and unformatting) for numbers. There’s other ways of formatting, like the nearly full implementation of ECMAScript Internationalisation that is Intl, but if you want something quick to use light you might like Numeral.js. It was inspired by Moment.js, the time formatting library.

Qt 5.3 released, an OS in JS and Papilio’s FPGA power – Snippets

Snippets
Qt 5.3: The folks at Digia seem to be keeping the Qt development pace up, and not forgetting to take a breather and getting the stability story right. The latest release, Qt 5.3 appears to be one of those breather releases with lots of fixes for the desktop platforms and a supported beta for the Windows 8 Runtime. There’s some new additions too; a QtQuickWidget lets Qt Quick UIs be embedded into older Qt Widget based applications for a smoother transition between the old to new development style and there’s now WebSockets support for plugging into more web applications. You’ll find all the open source tools and downloads on the Qt Project website.

Os.js: Every generation is doomed to reinvent the previous generation and here we have OS.js which looks to implement an entire desktop environment, within the browser, in JavaScript. Thats not to say its not interesting as the idea of having a desktop to your cloud isn’t without merit, especially so if the desktop is portable. There’s already a lot in the alpha version of the platform and it seems way more developed than similar projects I’ve encountered in the past. Window and file management, a GUI library, multi-user support, theming and applications such as Draw, Preview, Textpad and Writer make this a project worth looking at. There’s a demo online too and its all under what appears to be a BSD 2-clause licence.

Papilio:Just turning up on my radar, and I’m late to the party, is Papilio, a single board controller which looks like a turboed up Arduino but at its heart is not an Atmel chip but an FPGA chip. That FPGA can be configured with a soft clone of the AtMega chips and driven with the Arduino IDE or it can run a “ZPUino” configuration which works like an “Arduino on steroids” at 100Mhz.

The compatibility with Arduino isn’t the driver for the project though, its more of a stepping stone into FPGA programming. Videos on the site show the Papilo programmed to emulate the Pacman and Frogger motherboards with FPGA emulations of Z80s and other classic CPUs or getting the Papilo to emulate the SID chip from the Commodore 64. The chip, on the Pro version at least, is a Xilinx Spartan 6 LX FPGA – There’s a couple of boards and the UK supplier, SK Pang, offers the newer Pro for £80 inc VAT (and a slightly older, cheaper Paplio One 500K for around £65). A list of other regional distributors is also availble.

There’s also an expansions, such as the LogicStart MegaWing for getting into FPGA/VHDL development, the Arcade MegaWing for game emulation, the Retrocade MegaWing for audio/midi work and [and numerous single purpose “wings. It looks like there’s already a whole ecosystem for the budding FPGA hacker to dive into.

Arduino’s Zero Hero, Postgresql’s beta and fun small projects

ArduinoZeroArduino Zero: It’s looking like the next Arduino will be the focussed refresh we’ve been waiting for. Makezine has all the details on the Arduino Zero, announced at Makercon. It’s a 48Mhz ARM cored Atmel chip with 256KB flash memory, 32K SRAM and no EEPROM. There’s 12-bit ADCs, PWM on all digital pins, support for an embedded debugger, a second USB port (who knows!) and it’s all 3.3V. Looks super interesting, but the real questions will come when we find out how pricing works out and how hard it’ll be to use recreate the Zero from raw components. See also Arduino’s official announcement.

Postgresql’s new beta: There’s a Postgresql 9.4 beta out there now which doesn’t block when refreshing its neat materialised views, lets background workers be dynaminally registered, started and stopped and more. There’s also more structured support for JSON storage, a logical decoding system for streaming changes out to other systems and an ALTER SYSTEM command which lets you edit postgresql.conf from the SQL command line. One to keep an eye on.

Small projects: First up, a fun little project with a Raspberry Pi, Paho MQTT, Mosquitto, Python and Node-RED is also an excellent example of how easy it is to wire things up with MQTT. Second up, do you want to create a realistic landscape in JavaScript? You could try looking at this landscape generator which makes lovely ground shapes, The article even wraps up with some challenges for coders.

XBMC 13, OpenElec 4.0, JavaScriptCore and Android stats

snippets03
XBMC and OpenElec updated: The XBMC Media Centre app has been updated to version 13.0 with hardware decoding support for Android, performance improvements on Raspberry Pi and Android, support for stereoscopic 3D rendering and better touchscreen, UPnP and Audio Engine handling including “real pulseaudio support”. And with the release of a new XBMC comes an update to OpenElec, the small Linux distro built to turn machines into XBMC boxes. With OpenElec 4.0 there’s an updated kernel and refreshed toolchain, UEFI boot support, general package updates and first support for TTS (text-to-speech).

JavaScriptCore heats up: The JavaScriptCore project takes care of building Safari and WebKit’s JavaScript component. Currently they are working on FTL, a JIT engine which plugs exisiting code into the LLVM optimisation pipeline. Hows that working out for them? Pretty well according to Are We Fast Yet where its winning out over Chrome on asm.js benchmarks. But there’s still a long way to go – if we step back to the wider benchmark view, it’s only holding a lead in the super-synthetic Sunspider benchmark. Its still one to watch and reminds us that JavaScript optimisation is far from a two horse race.

Android 4.1 the new GingerBread?: For a long time, Android 2.3.3-2.3.7 aka Gingerbread, dominated the Android devices out there. The Google statistics put it down at 16.2% now, well down from its peak with 82% of Android devices running version 4 or later. There’s only one fly in the ointment there though – nearly half of that – 33.5% – is devices running Android 4.1, the first “JellyBean” release from way back in July 2012. It seems to have become the new minimally acceptable Android version for vendors. It’ll be interesting to see if it becomes as sticky as Gingerbread became. On the upside, at least Android 4.4, Kitkat, is matching its 4.3 predecessor in share after jumping to 8.5% from 5.3%. That indicates a healthy uptake over time, at least until the next Android version announcement.