Category Archives: Software Development

Subversion 1.2.1 released.

Posted on by

The Subversion team has released version 1.2.1 of their version control system.

The following changes are included in this release:

User-visible-changes:
– Client:
* fixed: ‘svn lock’ on switched file locks wrong thing (issue #2307)
* fixed: ‘svn (un)lock’ errors on multiple targets (r14736, 14775)
* fixed: ‘svn (un)lock’ problems with URI-unsafe names (issue #2314)
* fixed: ‘svn (un)lock’ not caching authentication (r15088)
* fixed: ‘svn unlock’ loses executable bit (r14859, r14923, r14939)
* fixed: ‘svn unlock URL’ segfault (r14893)
* fixed: ‘svn commit’ failure on XML-unsafe locked paths (issue #2335)
* fixed: recursive directory copy bug (issue #2343)
* fixed: don’t initialize RA library in ‘svnversion’ (r14755)
* fixed: svn-push segfault (r14732)
* various translation updates for localized client messages

– Server:
* fixed: ‘svn log’ performance regression, general (r14116, 14772, 14759)
* fixed: ‘svn log -v’ performance regression, FSFS-specific (r15016)
* fixed: mod_dav_svn bug sets content-type incorrectly (r15046)

Developer-visible-changes:
* fixed: win32 innosetup’s add/repair/remove features (r14830)
* fixed: OBOE with ‘limit’ parameter of svn_repos_get_logs3(). (r15119)
* redhat RPM fixes (r15050)
* perl bindings:
– accessors for svn_lock_t (r15082)
– call utf_initialize, adjust global pool usage (r15076, r15080,
r15081, r15117)

You can download the software at one of the following links:

http://subversion.tigris.org/downloads/subversion-1.2.1.tar.gz
http://subversion.tigris.org/downloads/subversion-1.2.1.tar.bz2
http://subversion.tigris.org/downloads/subversion-1.2.1.zip

Application Level Reuse and Google Maps

Posted on by

I found this, once again, on kottke.org. Someone has used Google Maps to map out the casualties of the Iraq War. Each click on the (+) on the left of the screen shows 30 more casualties.

I think the reason I find this so cool is not because of what this application is mapping out (which is cool — don’t get me wrong), but the fact that it was able to be written at all. Software written this way leverages the Wisdom of Crowds concept, allowing software to be written that the original authors had no idea would be an application of the technology they were creating at the time.

More than even that though, we are seeing a lot of what I call “application level reuse”. The distributed nature of Internet applications such as Google Maps allows the application to be used as a subset of a completely different application that serves a specific, specialized purpose. Applications can be written stringing together multiple applications like this, creating something brand new and extremely useful.

I think corporate IT shops, in most instances, aren’t getting the concept. They continue to write software in a very closed, monolithic fashion, that force their view of the world on their customers and do not allow that view to change — unless they agree and make the change themselves, increasing their development costs.

Amazon.com is another company that gets the concept. All patent issues aside, they were the first company that I remember that created a service oriented API to their application that allowed their customers to actually build their own store fronts if they wanted to. These APIs were used in ways Amazon wouldn’t even have thought of. The Amazon plugin for WordPress I use on the site is a really good example of this.

I think the world has already turned to this model of development and big corporations are missing it. Hell, even SAP, one of the most monolithic software applications in the world right now is getting it. The time has come where your customers want to use your software to make their own models of the world, that are specific to them. They want you to be transparent. They do not want your branding, they want the services you provide. Your branding has a place, but not everywhere.

I believe that customers are moving to the point where they just don’t want you to intrude on them. They want you to be invisible. Being able to integrate your software into theirs in a service-oriented fashion allows you to be invisible and to be integrated into the world they actually work in, rather than the world you think they live in (or worse, making them change worlds to work with you). The more you increase your transparency, the more you can be integrated. The more you are integrated, the more invisible you become. Pretty soon, you are used by default because you are part of your customers world , rather than a vendor that must be dealt with in an additional context shift.

Now, the problem with a paradigm shift like this is that it doesn’t come for free. Employees and business users have to be taught to think this way. Software has to be redesigned with this paradigm in mind. It’s not cheap — but I’m willing to bet its a lot more rewarding, from both a financial perspective, and a customer satisfaction perspective. Once the shift happens, you can stop worrying about “features and functionality” for the customer and start thinking about services the customers can use to make their own “features and functionality”. You can start focusing on the core services you provide.

The additional advantage is if you develop these services with customer use in mind, you can use them too. You can leverage the same services your customers use to constitute new functionality in your software. This also, can decrease your development costs.

This is how I see the world. But then again, who am I? I could be wrong. I doubt it, but I guess it’s possible.

WordPress 1.5.1.3 released.

Posted on by

According to the WordPress Development Blog, the 1.5.1.3 release is now available.

From the announcement:

Development has moved on to some exciting new features for the next major release, but an important security issue was brought to our attention which required an update for our users. The problem is not yet public but you should update your blog as soon as possible to 1.5.1.3. If you are unable to do upgrade in the short-term you may protect yourself by deleting the xmlrpc.php file from your WordPress directory.

This is a security release. I suggest you apply it or you might be the next to suffer the consequences. Don’t be a lazy ass like I was.

The Cost of Laziness

Posted on by

The site was hacked defaced last night at around 4:45pm due to my laziness in not installing a simple one line fix to the WordPress software outlined on the WordPress Development Blog. After exploiting the SQL injection vulnerability that the fix closed, the person was able to log in to WordPress, create a new user, promote themselves to admin level and replace the index page. I found out about it this morning when I hit the site when I woke up.

This should be a lesson to you. Keep an eye on security updates for your software, and apply them as soon as they become available. The WordPress team posted this update 26 days ago (according to the blog entry, 40 minutes after hearing about the exploit) and I blew it off, thinking that this site was too insignificant to actually hit.

I was wrong. It’s insignificant, but apparently not so much so that someone won’t take the small amount of time it takes to use a Perl script to compromise a known hole when they found it by doing a Google search on the term “powered by WordPress 1.5”.

I’m usually pretty good about installing security updates … not sure what I was thinking when I blew this off.

For the record, the WordPress Team has performed a security audit of the code for similar vulnerabilities and found none. Thanks guys. I’ll pay more attention next time around.

Googles Summer of Code

Posted on by

It’s June and school is out. Every morning I’m watching the boys not get ready for school and have to admit I’m a little jealous. I think when we were younger we really took for granted the idea of summer vacation and I really miss it a lot.

Now, watching the boys sleep late and watch cartoons in the morning instead of rushing around to get to school apparently isn’t enough. Google also launched their Summer Of Code program at the end of May, an effort in which students on summer vacation can earn money by contributing to Open Source projects.

I think this is a really great thing for Google to do, and boy do I wish there was a Google around when I was a kid and had the whole summer to spend familiarizing myself and contributing to an Open Source project and being able to feel like I made a difference. What a great opportunity to do something great for the summer.

This is yet another example, in my opinion, of what a great company and contributor Google is. They could just be sitting back and doing what they do, but they choose to give back to the community by contributing money and time to help build the next generation of Open Source developers.

Back in the ‘old’ days, I had my pet projects that I did. Shareware programs that I created that I didn’t make money on (and never cared if I did), projects to add functionality to friends bulletin board systems, and things like that. All done for free and with no expectation of being paid. I did it for the sheer satisfaction of being done and knowing that I contributed something if someone happened to send me an email or the program was included in a freeware/shareware catalog or even reviewed by an independent shareware reviewer. Man, that was great.

Sometimes I really miss that. There’s nothing like coding for the sheer pleasure of it and working on something you are passionate about just because you are passionate about it — and being able to release it for others to use.

I hope a lot of kids take advantage of this opportunity. Once programming becomes a job, sometimes you have to work on things you just don’t care about, or you put extra hours in just to get something done that you don’t see the importance in doing. Sometimes you have to put everything you have into something you absolutely don’t believe in.

This is a great time in your life when you actually have the time and the opportunity to make a difference, no matter how small — and its a time you’ll never get back.

And this time you can get paid for it.

As for me, I will just continue to spend my free time trying to plug through Negotiating Skills for Managers and wishing I could join you.