Simon Willison’s Weblog

jmoiron.net: Johnny Cache. The blog entry announcing Johnny Cache (“a drop-in caching library/framework for Django that will cache all of your querysets forever in a consistent and safe manner”) to the world.

# 11:48 am / johnnycache, django, python, caching, querysets

GeoPlanet Explorer. Chris Heilmann’s YQL powered explorer for the invaluable Yahoo! GeoPlanet / WhereOnEarth dataset. Every API deserves an explorer of some sort.

# 8:14 am / geoplanet, christian-heilmann, yql, yahoo, apis

Internet Explorer: Global Variables, and Stack Overflows. An extremely subtle IE bug—if your recursive JavaScript function is attached directly to the window (global) object, IE won’t let you call it recursively more than 12 times.

# 9:21 am / bugs, javascript, recursion, internet-explorer, ie

Running Processes. I’ve been searching for a good solution to this problem (“run this program, and restart it if it falls over”) for years. I’m currently using god which works pretty well, but according to this article I should be learning upstart instead. It never ceases to amaze me how difficult this is, and how obtuse the tools are.

# 9:55 am / god, unix, linux, ubuntu, upstart, processes

Some People Can’t Read URLs. Commentary on the recent “facebook login” incident from Jono at Mozilla Labs. I’d guess that most people can’t read URLs, and it worries me more than any other aspect of today’s web. If you want to stay safe from phishing and other forms of online fraud you need at least a basic understanding of a bewildering array of technologies—URLs, paths, domains, subdomains, ports, DNS, SSL as well as fundamental concepts like browsers, web sites and web servers. Misunderstand any of those concepts and you’ll be an easy target for even the most basic phishing attempts. It almost makes me uncomfortable encouraging regular people to use the web because I know they’ll be at massive risk to online fraud.

# 10:16 am / urls, security, phishing, facebook

Is johnny-cache for you? “Using Johnny is really adopting a particular caching strategy. This strategy isn’t always a win; it can impact performance negatively”—but for a high percentage of Django sites there’s a very good chance it will be a net bonus.

# 11:44 am / johnnycache, django, python, caching, performance

Geospatial Indexing in MongoDB (via) New in version 1.3.3. Handles “order by distance from” queries using a geohash approach under the hood, automatically searching nearby grid squares until the correct number of results have been gathered. Bounding box search is planned for a future release.

# 8:12 pm / geohash, geospatial, gis, mongodb

How To Be A Good Participant On A Panel: Disagree. When I’m on a panel, I always try to have lunch or dinner with the other panelists beforehand to figure out in advance what points we disagree on.

# 9 am / panels, speaking

Announcing django-cachebot. The ORM caching space around Django is heating up. django-cachebot is used in production at mingle.com and takes a more low level approach to cache invalidation than Johnny Cache, enabling you to specifically mark the querysets you wish to cache and providing some advanced options for cache invalidation. Unfortunately it currently relies on a patch to Django core to enable its own manager.

# 12:48 pm / orm, ormcaching, mingle, django, caching, cachebot

Scott and Scurvy. Did you know that Scott’s 1911 expedition to the south pole was plagued by scurvy, despite the British navy having discovered an effective cure way back in the 18th century? A fascinating tale of how scientific advances can lead to surprising regressions.

# 6:15 pm / scurvy, science, maciejceglowski

grammar.coffee (via) The annotated grammar for CoffeeScript, a new language that compiles to JavaScript developed by DocumentCloud’s Jeremy Ashkenas. The linked page is generated using Jeremy’s Docco tool for literate programming, also written in CoffeeScript. CoffeeScript itself is implemented in CoffeeScript, using a bootstrap compiler originally written in Ruby.

# 7:27 pm / compilers, javascript, coffeescript, documentcloud, jeremy-ashkenas, docco, literateprogramming, programming, selfhosting, ruby

Automate EC2 Instance Setup with user-data Scripts (via) I knew about EC2’s user-data feature—what I didn’t know is that the Alestic and Canonical images are configured so that if the user-data starts with #! the instance will automatically execute it as a shell script as soon as it boots up (after networking has been configured).

# 12:31 pm / sysadmin, deployment, ec2, userdata

Cache Machine: Automatic caching for your Django models. This is the third new ORM caching layer for Django I’ve seen in the past month! Cache Machine was developed for zamboni, the port of addons.mozilla.org to Django. Caching is enabled using a model mixin class (to hook up some post_delete hooks) and a custom caching manager. Invalidation works by maintaining a “flush list” of dependent cache entries for each object—this is currently stored in memcached and hence has potential race conditions, but a comment in the source code suggests that this could be solved by moving to redis.

# 7:35 pm / cachemachine, caching, django, orm, ormcaching, mozilla, redis, memcached, python

RE2: a principled approach to regular expression matching. Google have open sourced RE2, the C++ regular expression library they developed for Google Code Search, Sawzall, Bigtable and other internal projects. Unlike PCRE it avoids the potential for exponential run time and unbounded stack usage and guarantees that searches complete in linear time, mainly by dropping support for back references.

# 9:28 am / russcox, google, regex, re2, open-source, cplusplus, pcre

Introducing the PyPy 1.2 release. It’s been a long time coming, but 1.2 is the first PyPy release to ship with a Just-in-Time compiler! Performance looks pretty impressive.

# 11:54 pm / pypy, python, performance, jit

Redis weekly update #1—Hashes and... many more! Hashes were the big missing data type in Redis—support is only partial at the moment (no ability to list all keys in a hash or delete a specific key) but at the rate Redis is developed I expect that to be fixed within a week or two.

# 12:06 am / redis, hashes, keyvaluestores, nosql

Reddit is now running on Cassandra. Migrating their persistent cache over from memcacheDB to Cassandra took one developer just ten days.

# 12:14 am / cassandra, memcachedb, caching, reddit

Facebook Adds Code for Clickjacking Prevention. Clever technique: Facebook pages check to see if they are being framed (using window.top) and, if they are, add a div covering the whole page which causes a top level reload should anything be clicked on. They also log framing attempts using an image bug.

# 10:42 am / facebook, clickjacking, security, phishing, framing, joey-tyson

flashblockdetector. Mark Pilgrim’s JavaScript library for detecting if the user has a Flash blocker enabled, such as FlashBlock for Firefox and Chrome or ClickToFlash for Safari. One good use of this would be to inform users that they need to opt-in to Flash for unobtrusive Flash enhancements (such as invisible audio players) to work on that page.

# 10:44 am / mark-pilgrim, flash, javascript, flashblock, clicktoflash

Installing PIL on Mac OS X Snow Leopard for use in Google App Engine. PIL installation instructions that actually work... the ’export CC=“gcc -arch i386”’ incantation in particular. Make sure you run setup.py install using the Python version that the App Engine dev tools are using (I ran “sudo /usr/bin/python2.6 setup.py install”).

# 4:06 pm / pil, snowleopard, osx, python

“Tis Pity We Called Her A Whore” And Other Ineffectual Digital Apologies. A useful reminder that URLs can be libellous.

# 10:38 am / paul-carr, urls

Why Google MapMaker is not Open. Non-commercial use only, strict attribution requirements and you aren’t allowed to use the data for services that might compete with Google. This is why I’m disappointed every time I see Google encouraging people to contribute to Map Make, especially in the developing world—if those people contributed to OpenStreetMap instead they would be building something far more valuable for their community.

# 10:41 am / openstreetmap, google, mapmaker, mikel-maron

Automated deployments with Fabric—tips and tricks. “If it’s not in a Fabric fabfile, it’s not deployable”—I’m slowly applying this philosophy to my personal projects.

# 11:19 am / python, fabric, deployment, sysadmin

VMware: the new Redis home. Redis creator Salvatore Sanfilippo is joining VMWare to work on Redis full time. Sounds like a good match.

# 11:26 am / redis, vmware, nosql, keyvaluestores, salvatore-sanfilippo

An Early Look At IE9 for Developers (via) Surprisingly, no mention of SVG or canvas and only a note in passing about HTML 5.

# 6:11 pm / svg, canvas, html5, ie, ie9, microsoft

grant XXX on * ? (via) PostgreSQL doesn’t have a way to say “this user is allowed to select/update/etc on all tables in database X”. That kind of sucks. UPDATE: This is fixed in PostgreSQL 9, see the comments.

# 6:26 pm / grant, permissions, databases, postgresql, sql

Internet Explorer Platform Preview Guide for Developers (via) Lots of SVG and CSS3 stuff, no mention of canvas here either though.

# 6:36 pm / svg, css3, ie9, ie, microsoft, canvas, html5

The Web Server Benchmarking We Need. Ian Bicking asks for a WSGI benchmark which emphasises error handling over raw performance—can the server keep serving requests if some of them are CPU bound, I/O bound, wedged or cause a segfault?

# 10:05 am / benchmarking, ian-bicking, wsgi, python