Plnt Planet

This is the Plnt Planet Werkzeug Example Application

16 May 2008

pdb in the browser

by Ian Bicking at 07:05

People have asked me a few times about evalexception and pdb — they’d like to be able to use something like pdb through the browser, stepping through code.

The technique I used for tracebacks wouldn’t really work for pdb. For a traceback I saved all the information from the frames — mostly just the local variables — and then let the user interact with that through the browser. But with pdb you pause the application part way through waiting for user input, and the routine only completes much later.

While writing WaitForIt I played around with techniques to deal with very slow WSGI applications. Not that hard, really — you launch every request in a new thread, and you manage those requests in an application of its own. So I started thinking about pdb again, and it started seeming feasible. Whenever the app reads from stdin it goes into an interactive mode, showing you what comes out on stdout and letting you add input to stdin. It’s nothing specific to pdb really.

So, with a bit of hacking, I added it into WebError (which is an extraction of the exception handling in Paste). To give the demo a try, do:

hg clone http://knowledgetap.com/hg/weberror/
cd weberror
python setup.py develop
# You need Paste trunk:
easy_install Paste==dev
python weberror/pdbcapture.py

What you’ll see is not polished, it’s just working, but since I mostly did it to see if I could do it, that’s good enough for me.

15 May 2008

Mail Subjects

by Armin Ronacher at 19:05

I found two mails in my Junk folder today that where ham. I spotted them by accident as the subjects where very stupid. The first mail arrived with “Re:” as subject, the second with “Hi”. Please make my life easier and use subjects that don’t look like spam. Thanks in advance

And no, I haven’t written a mail without subject in the first place.

14 May 2008

Productivity tip: Begin on something easy

by Amir Salihefendic at 07:05

Try to leave off some simple tasks for the next day / work session. There's no better motivator than starting off by completing small tasks. I have tried to follow this principle for some time and it works really well.

I have noted that I usually procrastinate when I start off with a "big" task.

Also, always remember to split a "big" task into more simple tasks (but you probably already know this :)).

13 May 2008

Command of the Day

by Armin Ronacher at 15:05

# ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N '' &&
  ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N '' &&
  /etc/init.d/ssh restart

I really don’t think distributors should try to patch cryptographic stuff, especially not to silence debuggers.

12 May 2008

Mail Problems

by Armin Ronacher at 19:05

Small notice for persons trying to mail me the last ~three days: While I was off to Vienna I noticed that HE disable the E-Mail routing for the domains I moved to domainfactory. Mails send to me between Friday and today are probably lost.

Plurk.com opens up

by Amir Salihefendic at 05:05

A voyage into the realm of "real" start-ups, a voyage into getting better.

It's been fun, it's been hard and finally me and the team can crash the party and present Plurk!

Plurk is a social journal aimed for the general public. It's Twitter for everyone.

Try it out by checking my Plurk timeline out:

A little screenshot:

Plurk screenshot

07 May 2008

Jinja2 Documentation Online

by Armin Ronacher at 12:05

I now uploaded the documentation for Jinja2 to the website for those of you who are eager and want to play with it :-) On jinja.pocoo.org you have now the choice to chose between Jinja1 and Jinja2.

The new docs are powered by Sphinx and Jinja2 with a custom templating bridge.

Read the documenation.

Simple batch function for Python

by Armin Ronacher at 10:05

Often I have an iterable i want to group. For example a list of integers and i want to process two at once. That’s a pretty nice idom I found in the documentation (I just changed it to use a tuple and izip which performs a lot better):

from itertools import izip

def batch(iterable, n):
    return izip(*(iter(iterable),) * n)

Use it like that:

>>> for key, value in batch([1, 2, 3, 4], 2):
...  print key, value
... 
1 2
3 4

06 May 2008

The GPL and Principles

by Ian Bicking at 18:05

For the most part by the time I finished writing my last article on licensing I had mostly convinced myself that the GPL isn’t a practical license for most projects. That is, outcomes when using the GPL aren’t likely to be any better than outcomes using a permissive license, except for certain kinds of projects, mostly projects involving big faceless companies, and I’d just as soon avoid such projects anyway.

My own thinking on this has changed over the years in part because of a greater sense of humility about what I produce. I’m really not that worried about people stealing my work because I don’t think that theft would be of much value. But also because I realize that the value in software is not so much in the code as in the process. The process is what is valuable, particularly for open source, and licensing doesn’t really address issues of process.

As an example, if I’m uncomfortable with how some member of an open source community is using the code, or the community, I will be much more effective by dealing with that head-on, talking with that member, or even confronting them if it’s really necessary. If you give someone an unwelcoming attitude, they’ll probably go away. The license doesn’t need to be your gatekeeper. It’s not a particularly effective gatekeeper anyway.

Another change is perhaps a more reasonable valuation of code. There was a time when people wanted to protect their intellectual property. Even some non-software company might have gotten the idea that it should own the code it contracts someone else to write, under a proprietary license, so they could sell that software later. That anyone would care to buy it was always an illusion, but the illusion is a little more obvious these days.

One value of the GPL that I do want to acknowledge is its expression of values. It makes this explicit:

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.

To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.

But the GPL does more than just its text: adopting the GPL is a statement of principle on the part of the original authors, of the people who adopt the project, and of the people who later help maintain the project. It is a statement that freedom is valued and that it is valued in a universal sense, not just in a personal or isolated sense.

This is implicit, not explicit, in the choice of license, but despite that I see this pattern in projects. Projects that choose the GPL are more likely to engender a spirit of openness and sharing. Not of the core project itself — both GPL and permissively licensed projects accomplish this just fine so long as they are properly maintained, and their success is far more related to how the project is managed than the licensing. But I see the difference in the sofware that grows up around the project: extensions, complementary projects, documentation.

Maybe this is because of licensing. The license filters the community, and the people who are left in a GPL project are all at least open to sharing. But more than that, I think it puts people in the right state of mind to share. The project feels more principled, the participation is based less on pragmatism and more on optimism. And there’s always people coming into open source who haven’t really figured out why or what they want to get out of it. Presenting them with the principles of Free Software influences their decision. (This issue has caused some debate about terminology.)

With all that said, you don’t need the GPL to present the principles of a project. It’s certainly the easiest way to do so. The GPL is shorthand for a rich set of principles and ideals. But it’s shorthand for people who are already in the know. The ideas need to be reiterated and explained and reconsidered to stay relevant. I think a project might do more good with an explicit statement of principles. With that in place the licensing might not matter so much.

Governance

by Ian Bicking at 04:05

It occurred to me… Django is something like a dictatorship… or maybe an oligarchy. At first it seems like Pylons is the same… but no. Pylons is clearly feudal. I lord over Paste, WebOb, FormEncode. Mike Bayer lords over Mako and SQLAlchemy. Ben lords over Routes, Beaker, and Pylons.

I suppose in all cases there is a certain amount of democracy, because there are no serfs, and any individual is free to travel to any kingdom they like. Well, at least among the open source kingdoms. Without citizenship, and with no exclusiveness of ownership, with even property having largely disappeared, I suppose it’s inevitable that traditional metaphors of control and governance don’t really make sense.

05 May 2008

Choosing a License

by Ian Bicking at 23:05

I thought I’d take some time to talk about licensing.

Licensing is something that F/OSS programmers talk about a lot. There’s two major categories of licenses:

  • The GPL, aka Copyleft. You must distribute source with your application, and users get full rights to the source code, including any additions you may make.
  • Permissive licenses, X/MIT, BSD, etc. These let you do pretty much everything.

There’s also the LGPL, which vaguely applies GPL-like terms to the original code, but is not "viral". LGPL originally meant "Library GPL" but was renamed to "Lesser GPL" because people automatically used it for libraries without considering what the license actually enforced.

How much do these licenses matter? How should a person choose between these options?

First, the LGPL. It has specific phrasing that makes some sense for C code, to distinguish between extending the library itself and using the library. It doesn’t make much sense for other runtime environments. Some people have tried to clarify its meaning in other environments, but I’m not sure if a clarification like that means much. The ambiguity seems like the worst of all worlds. People who are afraid of the GPL won’t use the software anyway. People who act in bad faith can satisfy the terms of the license through trickery. You don’t get any practical protection over a permissive license, and you get most of the stigma of the GPL. The GPL has some success stories, places where source was actually released due to the terms of the license. I don’t know of any similar success stories for the LGPL. If you don’t want to use the GPL, just use a permissive license.

Then the question: GPL or permissive licensing?

For some time I’ve chosen a permissive license for my code. But I’m not really advocating that, and every so often I throw out a little GPL code. Underneath this is something of a disinterest in licensing. I don’t think it means much. If specifics of your license matters then something has gone wrong. People are leeching code, and/or the community isn’t providing enough benefit to encourage participation. I don’t believe that software has much intrinsic worth, and treating it like property doesn’t make that much sense to me. Licensing treats software as property, which is why I see the relevance of licensing as a kind of disfunction. But there is the outside chance that it’s really just a big project, or that the project is being participated in by rivals. But nothing I work with is like this, and it’s pretty uncommon generally, and anyway those projects all have their licensing pretty much figured out.

The GPL does seem to serve a constructive purpose when rivals have to cooperate in some fashion. It makes a kind of demilitarized zone where everyone has to work for the collective good. But even this is a sign that you can’t trust the participants. This is somewhat reasonable, because you can’t actually trust large corporations with faceless programmers working on the code. But even that’s a kind of disfunction, because you can at least kind of trust large corporations with programmer employees who have a public face. The individual programmers are going to be very uncomfortable participating in any kind of Machiavellian conspiracy. Good open source projects are a coming together of individuals. Institutions are not effective participants. There are however scaling issues with individual participation: particularly that only a minority of developers are actually inclined to participate in this way. An institution can pay someone to work on something they don’t care very deeply about, and that person can still do useful work. But they won’t be part of the community.

Outside of this mediation of rivalries I’m not really sure what the GPL provides. It protects users, because the terms of the GPL ensure that users get code. It doesn’t actually ensure that code is made public, though it does give developer employees leverage to make their work public. There’s some urban legends about the viral aspect of the GPL, but that’s really just bullshit. Code doesn’t magically get relicensed just because there’s a little GPL in the mix. The GPL police won’t show up at your door and confiscate your computers. The only people who make those claims are GPL-haters like Microsoft. Who should you trust: the FSF or Microsoft? If you answered "Microsoft" then you need to get your head screwed on straight.

Unfortunately there is a stigma about the GPL, and there are competent developers that avoid all GPL software. I find this frustrating, especially since I don’t actually care about licensing, and so this adds a point of contention that I don’t really care to pay attention to. Some people in this situation then become GPL haters, because they feel like it’s all GPL’s fault. But the GPL didn’t create the licensing situation — proprietary software started this. Direct your hate where it belongs. The GPL ain’t it.

If my libraries were GPL I doubt I could leverage that to make other people open source their code. But I know I would alienate some people, and as a result I choose a permissive license because it’s just strategically advantageous.

Applications I think are different strategically. You don’t just swap an application in and out like you might a library. If you choose to use an application, then often the licensing is a secondary choice. The licensing ultimately only really applies to extensions. Libraries also have a different pattern of acceptance. Stubborn GPL haters can in effect veto a library in many projects (this is because stubborn GPL haters are viral). But in an application their influence is much smaller. Developers concerns like architecture and choice of libraries are not what drives an application. An application is driven by its functionality. If you have a useful application then licensing tends to be a secondary concern. The licensing tends to define the community in some sense as well, and as a result there’s a kind of opt-in consensus. And I think the GPL in these cases really does create an environment of collaboration around extensions. It has a real benefit.

This seems to be true empirically as well. GPL’d libraries don’t tend to get very popular. People will do crazy-big projects just because of licensing issues. GPL’d Applications seem to do quite well, with examples like WordPress, Plone, The Gimp, and even the Linux kernel, which is closer in structure to an application than a library.

I haven’t studied the GPL v3 very closely, but it seems useful to me. Software-as-a-service has the potential to make the GPL irrelevant (especially for the kind of code I write), and could put the GPL in the same category as the LGPL where it retains its stigma without offering any practical advantages. Version 3 makes the permission/GPL choice seem useful, but so far I’ve never made any truly conscious choice between version 2 and 3.

If you are thinking about choosing a license, or thinking about choosing software based on the licensing, maybe these thoughts will be helpful in your own thinking. And please don’t GPL-hate in the comments, I’m not interested and if you feel the need then go write your own post.

“Something Must Be Done”

by Ian Bicking at 05:05

Listening to Tavis Smiley’s show tonight, and the segment My America where they talked about gun violence. At one point they quote a man who lost his brother to gun violence:

You can be in a club and bump into somebody on accident, a little of your liquor, a little of your water spill on their coat, now, you go outside, he got five or six people out their because you spilled your damn drink. Which, a person should be able to say, "man, my fault dog, I apologize, you know how it is." You got people that just ain’t gonna be right, man.

Tavis Smiley: So you take that, you put guns into the equation, that changes mediation efforts dramatically.

Several times they talk about how small matters of respect lead to violence. The conclusion is that guns are the problem.

I don’t really know what to do with this. In my life (and I suspect all of your lives) issues of respect do not lead to violence. As a result I have a hard time thinking of this as a gun problem.

OK, so it’s a violence problem. The other thing that gets me is there’s this strong undertone to this conversation that "we aren’t doing enough." This attitude is of course the norm for an NPR show. But it’s not we — I, and everyone I know is not part of this we. My "we" does not resort to violence. My "we" does not project respect into minor social interactions. When I say it’s not "we", I don’t think it’s just that I tuned into the wrong radio show — am I being recruited into this "we"? Do they really think listeners are part of this "we"?

There is no reflection in these shows about why this (whatever the issue of the show) is a general problem. Of course most talk shows tend to generalize wildly, to turn every anecdote into a sign of some change in culture, some disease of our society, something more than just an anecdote. (Though some good NPR shows do not attempt to generalize anecdotes at all.)

There’s a strong attitude, in this show and others, that this is a problem for us all to solve. Why exactly is this a problem for me to solve? Why is this a problem for government to solve? (I’m not a conservative, but I feel it’s unfair that only conservatives seem to be able to ask that question: why should government solve this?)

I don’t ask these questions rhetorically (and maybe that makes me different from the conservatives, who tend to only ask questions rhetorically). There may be a good answer to these questions. But it’s far too easy to say "we must do something about this" without saying who and why. We (especially those of us who listen to NPR) are all far too fatigued with the constant admonitions that not enough is being done, and something has to change. This kind of approach is not an effective call to action.

And it’s yet another thing trying to make me feel bad for something that’s not my fault. And dammit, it really isn’t my fault!

02 May 2008

rst2html + git == personal wiki

by Armin Ronacher at 19:05

This Makefile:

RSTOPTS=–time –link-stylesheet –stylesheet=style.css

SOURCES=$(wildcard *.rst)
HTML=$(foreach file,$(SOURCES),_build/$(basename $(file)).html)

all: html

_build/%.html: %.rst
        rst2html.py $(RSTOPTS) $^ > $@

html: $(HTML)

clean:
        rm -f $(HTML)

plus make html in .git/post-{commit.update} + python and docutils + a stylesheet in _build (all paths relative to your repository) is the perfect cross platform wiki :-)

30 April 2008

How super() in Python3 works and why it’s retarded

by Armin Ronacher at 10:04

I’m deeply sorry for the title of that post, but I hope that gives the topic the awareness I think it should get. In the last weeks something remarkable happened in the Python3 sources: self kinda became implicit. Not in function definitions, but in super calls. But not only self: also the class passed to super. That’s remarkable because it means that the language shifts into a completely different direction.

super was rarely used in the past, mainly because it was weird to use. In the most common use case the current class and the current instance where passed to it, and the super typed returned looked up the parent methods on the MRO for you. It was useful for multiple inheritance and mixin classes that don’t know their parent but confusing for many.

The main problem with replacing super(Foo, self).bar() with something like super.bar() is that self is explicit and the class (in that case Foo) can’t be determined by the caller. Furthermore the Python principle was always against functions doing stack introspection to find the caller. There are few examples in the stdlib or builtins that do some sort of caller introspection. Those are the special functions vars(), locals(), globals(), and __import__ and some functions in the inspect module. Four functions, and all of them do nothing more than getting the current frame and accessing the dict of locals or globals. What super in current Python 3 builds does goes way beyond that.

Currently if super is called without arguments Python performs these steps:

  • getting the current frame of the caller as well as the code object.
  • looking at “co_argcount” to make sure there is a first argument, if there is one it gets the object from the “f_localsplus” array on the frame object. This is btw an attribute not accessible from the Python code.
  • then it checks the “co_freevars” of the code object and iterates over all of them to check if one of them is “__class__” (because accessing __class__ in Python 3 creates a special bytecode that returns the class the function was defined in).
  • It it can’t find the __class__ in there it dies. How does __class__ end up there? Apparently the compiler checks if “super” or “__class__” is accessed. That’s right. It breaks if you alias super to another name and try to call that name.
  • Once it has that information it uses that as two first arguments. The class and the reference to self

I’m sorry, but that’s a very, very bad idea. It’s way more magical than anything we’ve had in Python in the past and just doesn’t fit into the language. We do have an explicit self in methods and we do not have methods. Our methods are functions, just that a descriptor puts a method object around it to pass the self as first arguments. That’s an incredible cool thing and makes things very simple and non-magical. Breaking that principle by coming up with an automatic super harms the whole thing a lot. Defs in classes are not completely differently from defs in the global scope or within another def.

Another odd thing is that Python 3 starts keeping information on the C Layer we can’t access from within Python which is a shame. Super is one example — it’s currently impossible to implement that from within Python. The other good example in Python 3 are methods. They don’t have a descriptor that wraps them if they are accessed via their classes. This as such is not a problem as you can call them the same (just that you can call them with completely different receivers now) but it becomes a problem if some of the functions are marked as staticmethods. Then they look completely the same when looking at them from a classes perspective:

>>> class C:
...  normal = lambda x: None
...  static = staticmethod(lambda x: None)
... 
>>> type(C.normal) is type(C.static)
True
>>> C.normal
<function <lambda> at 0×4da150>

As far as I can see a documentation tool has no change to keep them apart even though they are completely different on an instance:

>>> type(C().normal) is type(C().static)
False
>>> C().normal
<bound method C.<lambda> of <__main__.C object at 0×4dbcf0>>
>>> C().static
<function <lambda> at 0×4da198>

While I was quite happy with the Python 3 progress so far, these two things are a major, major step into the wrong direction. I really hope that will be rolled back. If there is need for an automatic super self has to go away and __class__ become a free variable all the time or super a keyword. Everything else is too magical and more magical.

29 April 2008

The Pythonistas are Wrong

by Armin Ronacher at 21:04

There’s something that’s been bugging me for a long time that I need to get off my chest. Some of you may hate me for it, but perhaps there are others out there with the same complaint, silently in agony, wishing for death to take the pain away. It’s time to set the record straight, and prove once and for all that the Pythonistas are wrong.

Pythons almost NEVER look like this:
python logo

The frog shown here is what the Python Foundation refers to as a “snake” (though it looks more like a frog), more specifically a blue/yellow one. The name “Python” however refers to a group of six British persons and something like 86.43% people know that. The name was chosen because snakes just suck. Get it? It’s not a snake, they are British.

Pythons however are better represented by a 16-ton weight or a dead parrot. But they are NOT represented by snakes.

scipy logo
See that one in the scipy logo? That’s a public domain circle someone added a white snake to. A SNAKE. Look at the wikipedia article and search for “snake”. Yeah, no match.

pycon08 logo
Even the Pycon (where Guido van Rossum himself spoke) has made the mistake of choosing this stupid snake.

xml tag python
lxml is doing it wrong too.

And probably your favourite Python module too. So keep in mind: Python is not a Snake!. And I think that proves once and for all that there are tons of projects with the wrong logo out there.

Sorry headius for taking advantage of your blog post but I wanted to blog about that for quite some time anyways ;-)

27 April 2008

Sphinx 0.2 released

by Georg Brandl at 23:04

After a few weeks' bug-fixing releases, I've now released Sphinx 0.2. The list of changes is here – most are designed to make Sphinx more flexible to meet your documentation needs too.

Download it from Cheese ShopPyPI as usual.

24 April 2008

JavaScript WTF

by Armin Ronacher at 15:04

Today in the daily wtf is the well known JavaScript parseInt behavior regarding octal numbers. I know that one, it’s old and not really a WTF. The only stupid thing in that is, that the error return value of parseInt is 0 rather than undefined or an exception. But what I found today by accident is this (tested with Firefox):

>>> eval("09")
9
>>> eval("0100")
64
>>> parseInt("09")
0
>>> parseInt("0100")
64

Now that’s a WTF ;-)

20 April 2008

German Python 3000 talk

by Georg Brandl at 23:04

If someone is interested, here are some slides of a (German) talk about Python 3000 I gave at the Munich User Group.

Werkzeug Talk at GLT 08

by Armin Ronacher at 18:04

Yesterday I held my talk about Werkzeug at the Grazer Linuxtage. Unfortunately it went not as well as I hoped it would so I’m not unhappy that there is no audio/video record of it ;-)

The slides however are useful I think so I uploaded them in German and English:

Hope someone finds them useful.

17 April 2008

WebOb Do-It-Yourself Framework

by Ian Bicking at 06:04

My old do-it-yourself framework tutorial was getting a bit long in the tooth, so I rewrote it to use WebOb. Now: the new do-it-yourself framework.

15 April 2008

Offline

by Christopher Lenz at 17:04

I'm going on vacation for three weeks starting in a couple hours, and I'll have little to no access to the net. So I'll be even less responsive to email and all that than I am anyway.

I would've really liked to make a Genshi 0.5 release before leaving, but unfortunately that didn't work out. Just as we were closing in on the last couple of tickets, Google came out with App Engine, which Genshi currently does not work with due to various restrictions in the hosting environment. And I'd really like the 0.5 release to be usable with App Engine (some progress has been made on a branch), so the release will have to wait until I'm back.

13 April 2008

Jinja2 — Making Things Awesome

by Armin Ronacher at 18:04

Some of you might have noticed that pocoo.org redirects to the development center now. No direct reference to the old pocoo project any more. The reason for this is that a part of the pocoo team and the ubuntuusers webteam is working on a new software that combines wiki, forum, planet, pastebin and blog into one big portal software. It’s not yet open sourced but it will become a pocoo project, most likely licensed under the GPL around June, with a semi stable release at the end of 2008. I’ll post some details the next week I think.

But what am I writing about this? Mainly because the work on inyoka (the name of the pocoo successor) showed some weaknesses in Jinja and we did some brainstorming to come up with really cool improvements for Jinja that resulted in a complete rewrite. Because we love backwards compatibility these changes will go into a package called “jinja2″ and both Jinja 1.x and the Jinja 2.x will get updates in the future. Also Jinja 2 is not yet released and you shouldn’t expect a release anytime soon, if you want to play with it you will need the current hg version.

But what are the changes to Jinja 1 and why is 2 better? What we noticed when working on inyoka is that quite a lot of display logic code goes into the templates. Quite a lot of logic is in those templates (not application logic though). This isn’t a bad thing actually but it showed that especially for large templates with many dynamic parts such as loops or even variable tags Jinja doesn’t have the performance we wished it would have. Especially if templates become more complex quite a lot of CPU time is spent there are there was room of improvement in Jinja. Unfortunately a design mistake made it impossible to do any optimization there and I was forced to change the scoping rules to something saner. I would say for 98% of the templates the changed scoping won’t make any difference as many have avoided the side effects of the sold scoping side effects but it’s still a change that will break things, so Jinja 2.

But right after I decided to break backwards compatibility there was more room for improvement which resulted in some real kickass features. Finally filters are simple python functions again and not factories any longer. They now also support keyword arguments, a feature on the wishlist for nearly as long as Jinja exists. Dynamic inheritance is now something that works without pain too and the template inclusions where simplified. And that also means that templates can be included into namespaces now. So {% include macros = "helpers/macros.html" %} gives you an object with you can print or where you can access all the macros or defined variables etc.

What really makes me happy is that on the surface few things have changed. Most of the implementation details are hidden in the compiler and are not visible on the templates. For example that Jinja 2 knows five different ways to iterate over sequences and that stuff is not visible in templates at all. By changing the scoping rules everything of the user friendliness is still in place.

Other nice changes are that you can now filter for loops while iterating over them like list comprehensions in python and that the lexer knows line statements now. Line statements are lines prefixed with some optional whitespace and one or more marker characters. Everything after that until the end of the line is a single statement. That was shamelessly stolen from Mako and Cheetah and is something you have to enable explicitly, but I kinda like it for some template scenarios:

# for item in seq
  * {{ item }}
# endfor

Another very neat idea we implemented in Jinja 2 (wasn’t my idea unfortunately ^^) is that we broke the template scoping into globals and locals. Globals are known at compile time and render time, locals are known at render time only. That way Jinja can automatically evaluate parts of the template at compile time. The idea is that in many templates you have data that doesn’t change that often. A good example is a forum software. The list of forums changes seldom, at ubuntuusers about twice a year but every information that lives longer than fifteen minutes or so can be treated the same way. Anyways. The list of forums is information that doesn’t change, if we can give it Jinja as global variable for the template, Jinja can do quite a lot of compile time optimizations. In the best case the whole list of forums is one giant static block not processed at render time at all.

That keeps the templates designer friendly as the person who designs the template doesn’t have to know anything about that but gives the application developer a simple way to optimize performance. This approach however still has some rough edges was have to polish.

And the last important change is that the sandbox is optional now and even disabled by default. Most users where not using it and there is no need to put that into the system by default. It’s however a built in functionality and will get some improvements as well. The new sandbox will give a better control over what’s secure and what not.

How fast is it currently? I really don’t want to throw pointless numbers around but for the test table we’re using currently the speed without sandbox is more than comparable with mako and a lot, lot faster than django’s templates. But please take those numbers with a shovel of salt as we’re talking about an unreleased project here and a more than biased benchmark for one particular use case. Jinja tries to make templating as simple as possible and not as fast as possible.

Making a template engine that’s fast is incredible simple. But making a template engine that doesn’t suck and performs well is a lot harder.

App Engine and Pylons

by Ian Bicking at 17:04

So I promised some more technical discussion of App Engine than my last two posts. Here it is:

Google App Engine uses a somewhat CGI-like model. That is, a script is run, and it uses stdin/stdout/environ to handle the requests. To avoid the overhead of CGI a process can be reused by defining __main__.main(). But while a process can be reused, it might not be, and of course it might get run on an entirely separate server. So in many ways it’s like the CGI model, with a small optimization so that, particularly under load, your requests can run with less latency.

This part is all well and good. I’ve already come to terms with servers going up and down without warning. But the environment itself has a number of other restrictions. It seems that App Engine is providing security in the language itself. The interpreter has been modified so that code is sandboxed, with no ability to write to the disk, open sockets, import C extensions, and see quite a few things in its environment. It’s these things that are a bit harder to come to terms with.

While they claim it supports any Python framework, these restrictions don’t actually make it easy. So for the last few days quite a few of us have been hacking various things to get stuff working.

The first thing people noticed is that Mako and Genshi didn’t work, because they use the ast (via the parser module) to handle the templating, and that module has been restricted. Apparently arbitrary bytecode is not safe in this environment, and so anything that can product bytecode is considered dangerous. From what I understand Philip Jenvy has been working on Mako and the trunk is currently working. He’d already been doing work to get Mako working on Jython, which had similar issues. Genshi is also in progress and fairly close to working, though with some missing features. Genshi has the harder task as Mako was primarily reading the ast, while Genshi was writing it.

The first thing I noticed is that Setuptools doesn’t work. I’m flattered that one of the only 3 libraries included with App Engine is WebOb, but of course I am more enamored of a rich set of reusable libraries. Setuptools didn’t work because several modules and functions have been removed — this like os.open, os.uname, imp.acquire_lock, etc. Some of these are kind of reasonable, while others are not. The removal of many functions from imp doesn’t really make sense, for instance (I think the motivation was the difficulty of auditing the implementation of those functions, not that the functionality itself is dangerous). And while some functions can’t be used in the environment, the fact you can’t import those functions is more problematic. For instance, The Setuptools’ pkg_resources module has support to unzip eggs when they are imported. App Engine doesn’t support importing from zip files at all, and you certainly can’t unzip to a temporary location. But withoutthe necessary modules and objects pkg_resources won’t even import.

To work around this I started a new project: appengine-monkey, which adds several monkeypatches and replacement dummy modules to the environment to simulate a more typical environment. It’s just a small list so far (mostly in this module), but I expect as people experiment with other libraries the list will increase. For example, I would welcome implementations of things like httplib on top of urlfetch in this library. (Implementing httplib and stubbing out parts of socket would probably make urllib run.)

But the good news is that Pylons is pretty much working on App Engine, as is Setuptools and you can manage your libraries using virtualenv.

The instructions are all located in the appengine-monkey Pylons wiki page. Please leave comments if you have improvements or problems with that process. I also welcome contributors and developers to the project itself — this is a project for expediting App Engine development, it is not a project I care to champion or control. Or support to any large degree.

One ticket which is rather important is the apparent maximum number of files and blobs: 1000. Libraries involve lots of files, and the base Pylons install is only barely under this limit. Now I just wish I could use lxml, but that’s probably going to be a long time coming.

11 April 2008

The Mundane Nature Of Programming

by Ian Bicking at 06:04

So, I was at a university the other day, talking with some people about a sprint project, and there was a student there. He was somewhat eager to write "algorithms". I’m not sure what that means exactly, but I was reminded of him because I was just about to write a function to make an absolute path relative and this somehow felt like an "algorithm". That’s not how I’d describe most of the coding I do.

But I digress… this student seemed to be excited about his ability. Well, okay, young programmers tend to be very eager, and often overestimate their ability (or the difficulty of the task). For students in this position I think it’s good to let them take on large projects, so they can get a better concept of their ability. This student seemed to take to heart the idea that a typical programmer produces 10 lines of working code a day. People who hear this are inclined to think "damn, I can write way more than 10 lines of code a day!"

I suspect a more fair way of thinking about this is that on average a programmer gets 50 lines of code into production a week, or 200 lines a month. Sure, lots of people are more productive than this, but the actual lines of code that go into production are usually way smaller than it feels like during the process that goes into getting that code there. That student had probably never gotten a single line of code into production. I’m pretty sure he wouldn’t have appreciated what that getting code into production is different than just hacking out some code.

The kid didn’t end up hanging around. I don’t think we had any algorithms for him. That’s too bad, maybe he could have seen what programming really looks like.

Another what-is-programming-really-like story… Emily was working on her blog and editing some templates to change the feed URL. It didn’t work, and I took a look at it and showed her that somehow a space had gotten into the URL, so she had to go back and correct them all. She found this frustrating. I pointed out to her that this is exactly what I spend my days doing.

Some people seem angered when people call writing HTML "programming". Personally I do not. Most programming is a lot more like writing HTML than it’s like writing a compiler. I bet writing a compiler is a lot more like writing HTML than what most programmers think it’s like to write a compiler.

10 April 2008

Shell History

by Armin Ronacher at 22:04

$ history|awk '{a[$2]++ } END{for(i in a){print a[i] " " i}}' |sort -rn|head
180 python
63 make
44 hg
42 vim
38 cd
31 ls
24 ssh
17 git
11 grep
9 less

Why don’t you use YAML?

by Armin Ronacher at 15:04

Zed Shaw noticed that he gets flamed when he uses YAML for a python project. I actually don’t understand the hatred the python community has against YAML. Is it because the Ruby guys came up with it?

09 April 2008

App Engine: Commodity vs. Proprietary

by Ian Bicking at 23:04

I like this phrasing of the debate about App Engine’s role, from Doug Cutting: Cloud: commodity or proprietary? (via). (Well, I like it more than the sharecropping phrasing referenced in my last post <http://blog.ianbicking.org/2008/04/09/app-engine-and-open-source/>.) I guess I’m excited about this because like Doug I do want a "cloud" of sorts, and this is a move towards that in a way that makes sense to me. Maybe to state my motivations more clearly: I hate computers. I really hate them a lot. I dream of some world of Platonic ideals where software just exists, and existence that state it works. App Engine feels like a strong move in the direction of computers-not-mattering. What does App Engine run on? I don’t care! Where is the server located? I don’t care! What is BigTable? I am comfortable thinking of it only in its abstract sense, an API that works, and I don’t know how, nor do I need to know how. I don’t need to know these things if they just work. Always. Totally reliably. I’m not shy about digging into code. I tend to be light on my reading of documentation, because I’d much rather open up source code and poke around. But when something can work so reliably that I can treat it as completely opaque then it’s a blessing, because I can start to forget about it and think about bigger goals.

There was a time when people were concerned about Big Endian vs. Little Endian in computers. You had to think about this sort of little detail when programming. People formed actual opinions on which way was best. To think! Similarly XML has removed a large number of fairly pointless format decisions people might make. There is progress. Commodity hosting (reliable, consistent hosting, better than what we have now) feels like similar progress.

Unlike Doug I’m optimistic that App Engine is a move in the direction of a commodity cloud. The APIs seem to lack the stench of proprietary APIs. They are based on Google services, but they reasonably abstract and reasonably minimal. This does not seem like some kind of "play" (and the developers’ seem to be reassuring about their intentions). There’s a tendency to be cynical about any company’s work, that it has underlying intentions that are at odds with any competitor (present or future), that anything good is just a loss leader meant to hook you in so they can squeeze you later. Some companies deserve such cynicism. I don’t know that this company, or this team, deserves that.

Mind you, I don’t say this from a Best-Tool-For-The-Job perspective. I believe in the moral foundations of Free Software, not just the technical advantages of its development process. But I’m a Utilitarian, and it doesn’t make me uncomfortable that not everything is Free if I think it’s a step forward for overall freedom. I think App Engine has the potential to be a very powerful tool for enabling people to create and use web applications. If it was great, but still a dead end, then maybe that wouldn’t be good enough. But I don’t think this is a dead end.

App Engine and Open Source

by Ian Bicking at 19:04

This is about Google App Engine which probably everyone has read about already.

I’m quite excited about it. Hosting has been the bane of the Python web world for a long time. This provides a very compelling hosting situation for Python applications.

I’m not as interested in this from a competitive perspective as I am from a simple this-is-awesome perspective. Regardless of how this positions Python relative to other languages, this is something Python needs. But even looking beyond that, I think this is something the open source world needs.

Open source web development is in a funny place. There’s a lot of reasons why web programming is a good domain for open source. The barrier to entry for web development is extremely low. Developers have choice in their tools, as browsers don’t really care what software you use so long as you serve up HTML. This leads to experimentation and excitement and the kind of self-direction that is very motivating to developers. It leads to the kind of personal excitement that underlies most open source development.

Despite this, open source web application development doesn’t seem sustainable. There’s some applications, sure. WordPress, Trac, MediaWiki, MoinMoin. But most wiki software doesn’t have a vibrant community. Many a bug tracker has fallen by the wayside. Blog software projects have a horrible time building a viable community. Other website software hardly gets anywhere at all. A lot of the development that might appear to be application development really is more like a framework when you look closely (e.g., Plone, Drupal).

I think deployment concerns are a huge part of this. And, given its better deployment story, it’s no surprise PHP is the basis of most viable open source web applications. Being interested in a project requires that you be able to use the product (and usually use it casually, as that’s the point of entry for many developers). Right now most people can’t use open source web applications.

But people can use hosted applications, and that’s where all the effort has gone in the past few years. I am comfortable saying that Trac is a better issue tracker than Google Code’s issue tracker. But I’d probably recommend Google Code to someone starting a new project, because it’s so much less work. Similarly I’d try to dissuade most people from installing their own blog software. I still don’t know what to tell people about a CMS.

Many people are excited about how far up you might be able to scale something based on App Engine, but (like Dave) I’m excited about how far it could be scaled down. For the majority of sites the free quota will be more than enough. But that alone isn’t the point: there’s lots of free services people can use. The difference here is that the free services can be modified and controlled by the anyone who signs up and installs an application.

From the perspective of open source it’s a bit awkward that the platform itself is proprietary. Questions about sharecropping are a valid concern, but I’m optimistic about the ultimate outcome. The SDK is under a permissive open source license, and the APIs are all reasonable enough that they could be reimplemented with open source backends (maybe without the same scalability, but that’s not the aspect I care about anyway). Perhaps the BigTable APIs will serve as the basis for future storage APIs.

But even if other people make compatible implementations of these APIs, would it matter? If Google offers free hosting, is someone else really going to be able to provide a better hosting option? Or would these other implementations just be strawmen, a way to show that It Could Be Done? If the libraries are just written to prove a point, I can’t see them gaining much traction. But I think these could be viable as there are other constraints to the App Engine environment that people may want to escape at some point in their application development.

As to the details of App Engine? Can you run Pylons or Paste on it? Well, that’s a topic for another post.

03 April 2008

Use OS X you Git!

by Armin Ronacher at 17:04

So rails is ditching trac and subversion in favour of git and lighthouse. Additionally they won’t host git themselves but relay on github. Keeping in mind that the preferred development environment called OS X + TextMate, rails is now kneedeep in closed source land. Something I could care less about as I’m thankfully not using rails or any rails powered application. But what hit me was the discussion attached to that blog post. Apparently there are quite a few pissed of Windows users left. Gosh, they still exist!

David “Fuck You” Hansson could really care less as he stated in the past “that he would have a hard time hiring a programmer who was still on Windows”. Skimming through the blog you can see enough mac users telling the windows crowd to switch and I think you can nowhere find as many mac users as in the rails community. He really did a great job converting proprietary windows developers into even more proprietary Mac users. There are some really great quotes in that blog:

The proper move is to stop using Windows for development of RoR apps.

or

Windows users, please stop complaining about others using the right tool for their jobs and just start doing the same.

You can get rid of this shit and use something serious. Really. Others are doing it and nobody ever looks back. So you can do it, too.

Yeah stupid folks. Why in god’s name are you still using windows, that proprietary crap from redmond. DDH your Führer already told you to use OS X, do so and don’t ask questions. Interestingly though is that Linus himself is not that happy of OS X as their filesystem handling is beyond broken, at least for git’s requirements.

So I’m asking. What exactly makes OS X better than Windows? Nicer hardware? I would count that as a major disadvantage of OS X as you’re bound to vendor. The Apple support here is very weak (where weak is Austria) as far as I’ve noticed. Sending a notebook in for two weeks for a single broken key on the keyboard is ridiculous. Additionally you’re paying a lot of money for it. I know that the design is the selling point of Apple computers but that doesn’t mean all PCs are looking bad. A Thinkpad or one of the more expensive Sony Notebook next to an Macbook Pro and it’s pretty hard to decide what looks better. Especially in terms of quality. My Macbook Pro is a bit more than half a year old and on the silver plastic you can spot where the palms of my hands are as the color is chipping off there. But even if the hardware was the selling point you could use other operating systems on it.

There is TextMate (which was the main reason why I personally bought one) but as it turns out, it looks better in the screencasts than in real world. If you’re used to a different editor it’s hard to switch. I tried multiple times and every once in a while i was cursing why :vs didn’t work out. Together with the braindead keyboard layout on the apple computers (probably an issue you only have on German macs) gives you a ridiculous feeling. When I switch between Windows and OS X (which happens quite a lot recently) I permanently mix things up. Windows after OS X locks me out every once in a while while writing mails (as alt+l is windows+l on a windows pc, which apparently is equivalent to “lock workstation”). The other way round I close my mailer as alt gr + q (which on a German layout gives you the at symbol) is command + q on a mac, which means “close application”. Can’t count the times I killed my vim/thunderbird that way.

One point where OS X shines is font rendering. I think for artists OS X is a reasonable good choice as operating system. The system itself has a good understanding of fonts and all that but for me as developer the rendering freaks me out. In a regular gvim with bright fonts on dark backgrounds it’s especially anonying as everything looks bold and there is no visible difference between bold and nobold. I know that Windows was flamed in the past dozens of times for aligning the fonts on the pixel raster but quite frankly, I prefer that over the OS X way. It might be true that Windows will block the 300dpi screen era for another ten years or so, but so will Linux and OS X. Most of the websites or applications still depend on pixel values, and even if web designers will switch to the SVG or better vector formats, you can’t ignore the old websites. So the problems with high resolution screens are clearly not the windows font rendering.
Beside that I want to point out recent ubuntu releases have got real good font rendering thanks to the turner patches for subpixel rendering and with some additional configuration and better fonts you get everything from the OS X to Windows ClearType like rendering.

But the real problem with OS X is that it tries to be Windows and Linux at the same time and fails miserably. For me as linux user the most important detail of linux is missing: the package manager. But at the same time the beloved setup.exes are missing. Dmgs with application bundles are a nice thing in theory but they don’t work out that well. There are neither uninstallation tools norr do they provide a user experience that makes sense. The OS X mouse behavior is ridiculous and installing applications via drag/drop is just crazy. The first thing I did when I got my Mac was dragging the Firefox out of the DMG into the Dock. Then I noticed that I want to have it in the applications too and draged it there. What happened? I deleted it. The same way I managed to delete a file when moving from my harddrive to a network share. I lost the wireless connection and the file was lost. That’s ridiculous and must never ever happen on an operating system. Application management on OS X is stupid anyways. To fully remove an application from your computer you better buy a shareware that is better as that. Seems like most functionallity you want to have on a computer comes as third party application on OS X.

And why in god’s name is there no cut/paste of files in the finder? I don’t want to start ranting about the finder as I think it’s OS X weakest point anyways but that’s a stupid limitation. Drag/Drop works but Cut/Paste not? Some 1337 terminal hackery later I got Cut/Paste support in Finder but then I had to notice why it’s not enabled by default. Because the Apple implementation of this simple but useful feature is broken. If you cut a file, and cut another, not only the latter is cut. No! The first one is moved to the trash. WTF? Not even Nautilus does that wrong, and Nautilus does tons of things wrong right now.

Then OS X is inconsistent. “:” in the Finder is “/” in the terminal and the other way round. Fortunately you don’t see location bars anywhere otherwise you would notice that. Unfortunately there are no location bars so you end up using the mouse all the time. Speaking of the broken mouse: mousing on OS X files like mousing through meter deep mud. Just google for “OS X mouse” and the first hit is “mouse acceleration problem” :-/. Oh and yes, you can fix that. Either buy a shareware or hack together an application that uses a deprecated interface in the IOkit. After one week of OS X mousing my hand hurt, something I don’t have on any other operating system, no matter how hard I try. I ended up using the touchpad of my Macbook as the mouse acceleration is better there.

But back to application management for a second as that goes back to the original topic: development environment. On ubuntu you have that cool GNU userland I’m used to. Not only that, you also have a kick-ass package manager that keeps my whole system up to date. On OS X you have a BSD userland which is irritating if you’re used to GNU tools. Many applications that seems to work out of the box on ubuntu and with a cygwin installation on windows too, work completely different on OS X. Like python. Why? Because of OS X bundles, frameworks and all that fancy stuff that you have to face when developing on OS X. For example on Tiger the python executable is in “/System/Library/Frameworks/Python.framework/Versions/2.3/bin/python2.3″ and the standard library in “/System/Library/Frameworks/Python.framework/Versions/2.3/lib/python2.3/site-packages”. A non-framework Python comes via port which is installed to “/opt/local/bin/python2.3″. The cool thing: it’s a regular python executable like you know it from Linux or Windows. The problem? It’s not in a framework, so no wxPython for you. What frameworks do? No clue man. It’s a bundle, that’s what I know. Quite frankly I don’t want to know what’s the fucking difference, it’s just annoying. Teeworlds for example has a broken mouse behavior when started from a bundle. Why? No clue. But outside of a bundle it works. I won’t argue that it’s broken, it probably comes from the old Next times. But as windows or Linux user it’s irritating. Windows is easy to understand, linux is not much more complicated once you groked where the stuff is located, OS X is just irritating.

And the biggest problem of all for me: It’s slow. Freaking slow. Slower than ubuntu on my old notebook which was a 2GHz dothan with only 512 GB RAM. And GTK is slow, very slow. All kinds of gvims I tried on OS X are so slow that you can see the refreshing while scrolling, especially if more complex highlighting is activated. My python interpreter does something 0.3 seconds every startup, so does ruby. The network is slower here too. I don’t know if it’s the Wireless LAN chip or OS X in general, but if I start up my old notebook and the OS X one, transfering files is a lot faster. And by lot I mean I haven’t benchmarked it, but I can see the difference.

Then let’s come to security. Quite frankly I have no idea how secure the system really is, but the number of security updates is annoying. While I think it’s cool that they are patched, you’re downloading something like 300MB security updates per month I think and most of them require a reboot. Feels a lot like windows, just that I don’t have to reboot windows when a Windows Media Player update is installed.

But what’s the conclusion? It’s certainly not that OS X sucks. If you like it, feel free to use it. But telling other people that they are stupid because they can’t see the ingeniousness of all Apple products is just ignorant. OS X is just another proprietary operating system, and not the solution for all of your problems. It has it’s problems too and it doesn’t have any real advantages over Windows beside a nicer design and nicer application design and the fact that it has such a low userbase that you’re not the target of malware authors. At least not currently, let’s see if that changes the next four years. With such a homogeneous environment it will become a nice target for attacks at least.

Oh. And I don’t think that linux on the desktop will be the solution either. As long as patents exist or the kernel doesn’t allow binary drivers and KDE and GNOME people can’t settle on one architecture and HIG linux on the desktop is on the best way to become the most sucking operating system on the desktop for the regular user. But for developers? A good choice!

So let’s conclude: every OS sucks. And OS X is no exception. So don’t judge users by their prefered operating system / desktop environment. And don’t tell them to use something else just because you’re too lazy to adapt.

JSON-RPC WebOb Example

by Ian Bicking at 04:04

I just saw this json-rpc recipe go by as a popular link on del.icio.us. It’s yet-another-*Server based recipe (BaseHTTPServer, XMLRPCServer, etc). I don’t know why people keep writing these. WSGI is in all ways easier, clearer, and more useful.

So I figured I’d give it a go myself, using WebOb. Then I figured it might make a good document, and I annotated it and turned it into a tutorial. It’s also an example of using WebOb as a client library.

I’ve added several tutorials in the past months, which I thought I should also point out. The wiki example is fairly pedestrian, but shows how to do typical application-style development with WebOb. A more interesting exampe is the comment middleware example, which shows how much easier it can be to write middleware using WebOb than traditional WSGI middleware.

I think WebOb’s particular strong points are with middleware (where it makes middleware vastly easier to write) and web services of various kinds (RESTful or not).

This is a Plnt Planet, an example planet application written using Werkzeug.