Using Drush Make while is down

The Drush Make utility downloads modules from during the build – but the site is currently down, which means Drush Make won’t work (and so our continuous integration has ground to a halt).

There’s a fix for general Drush usage here:

That fix changes the download url to use (which is working) instead of (which isn’t).

Unfortunately Drush Make uses it’s own download functions, so this doesn’t help.. Here’s my (very similar) hack to get the Drush Make downloads working..

Change line 367 in to the following:

'url'  => str_replace('ftp.', '', $release['file']),

(The file should be somewhere like /usr/share/drush/commands/drush_make)

And don’t forget to remove the hack when comes back..

Enable trackpad coasting in Ubuntu 10.04

I like the way trackpad edge-scrolling allows you to “coast” (start scrolling with the edge of the trackpad, then release it, and the scrolling continues until you tap the trackpad again).

It’s not enabled by default on Ubuntu 10.04, but here’s how to turn it on (put it in a startup script):

xinput set-prop –type=float “AlpsPS/2 ALPS DualPoint TouchPad” “Synaptics Coasting Speed” 1

PHP 5.3.0 and the “global” keyword

This had me stumped for a while – using some 3rd party code with PHP 5.3.0, the “global” keyword didn’t seem to work any more (references to the supposedly “global” variable from within functions always gave NULL)..

You have to declare the variable as “global” before setting it in the outer scope – then it works again.

So, this used to work (but doesn’t under PHP 5.3.0) :

$util = new Utility();
global $util;
function show() {
    global $util;
    echo "$util->version";
but if you swap the lines of the declaration of $utils, then it does work under PHP 5.3.0 :
global $util;
$util = new Utility();
function show() {
    global $util;
    echo "$util->version";

Installing Ruby Active Record on Ubuntu 10.04

I had to jump through a few hoops..

I tried the obvious “sudo gem install activerecord”, but it gave an error – it needs to install the i18n gem, but that needs rubygems version >= 1.3.6, and I had rubygems 1.3.5.

So I had to upgrade  rubygems first, which would normally be :

sudo gem update --system

but that reports that it’s been disabled on Debian, and directs you to use apt-get instead (which doesn’t have a better version). So I had to use the gem-updater gem:

sudo gem install rubygems-update
sudo update_rubygems
after which I had rubygems 1.3.7. Then I could get active record:
sudo gem install activerecord

I still needed to get the mysql gem installed, which in turn needed the libmysql-dev stuff installed

sudo apt-get install libmysqlclient15-dev
sudo gem install mysql

Ubuntu and CloudInit on Amazon EC2

Alestic and Canonical have released new Ubuntu AMIs for EC2 – the EBS version in the eu-west-1 region has AMI ID “ami-38bf954c”, and the source is “099720109477/ebs/ubuntu-images/ubuntu-lucid-10.04-i386-server-20100827″.

Ubuntu images support CloudInit, which runs scripts on startup to allow you to configure the server (set up ssh keys, update the repos etc). There’s a load of different ways to specify what should get run (see for full details).

One of the simplest is just to give it a script in the User Data, like this:

echo "Hello World.  The time is now $(date -R)!" | tee /root/output.txt

It runs as the root user, so you can do pretty much anything you want to configure the box.

Google Maps on Android downloads 60MB in 10 minutes

I was just having a look at my Vodafone account to see how I’ve managed to use 2GB of data this month (oops), and noticed these series of entries:

Tue Jun 08 17:39 INTERNET 2931.108 KB
Tue Jun 08 17:38 INTERNET 2930.525 KB
Tue Jun 08 17:38 INTERNET 2930.143 KB
Tue Jun 08 17:37 INTERNET 2930.299 KB
Tue Jun 08 17:36 INTERNET 2930.785 KB
Tue Jun 08 17:36 INTERNET 2930.895 KB
Tue Jun 08 17:35 INTERNET 2929.817 KB
Tue Jun 08 17:35 INTERNET 2930.283 KB
Tue Jun 08 17:35 INTERNET 2931.05 KB
Tue Jun 08 17:34 INTERNET 2930.991 KB
Tue Jun 08 17:34 INTERNET 2930.765 KB
Tue Jun 08 17:33 INTERNET 2930.441 KB
Tue Jun 08 17:33 INTERNET 2929.775 KB
Tue Jun 08 17:33 INTERNET 2929.608 KB
Tue Jun 08 17:32 INTERNET 5637.054 KB
Tue Jun 08 17:31 INTERNET 2930.137 KB
Tue Jun 08 17:31 INTERNET 2931.101 KB
Tue Jun 08 17:30 INTERNET 2930.31 KB
Tue Jun 08 17:30 INTERNET 2930.408 KB
Tue Jun 08 17:29 INTERNET 2930.107 KB

That’s about 60M in the space of 10 minutes. Which seems like a lot. Similar patterns appear at regular intervals..

Looking at the times of the entries, the data usage is due to Google Maps running on my HTC Hero, which I’m using for sat nav.

If that happens on, say, 10 days in the month, then that’s already 600M of data used. Hm.  (Add to that the Spotify usage, and 2GB starts to make sense..)

Anyone know if Google Maps can cache its data on Android?

Agile Coaching – new book from Rachel Davies

I’ve just been reading the excellent new book called Agile Coaching by Rachel Davies and Liz Sedley.

It’s the result of many years spent coaching teams to be agile, and the cumulative experience really shows.

Writing about agile processes often seems to get lost in an abstract discussion of the nature of processes – analysing the team as a Complex Adaptive System and so on. Rachel and Liz comprehensively avoid such mistakes, and keep their advice firmly rooted in practical examples from their own real-world knowledge.

So, at the start of the book, they describe a generic agile process (usually a blend of XP, Scrum, Lean etc), and then use that as the basis for examining in detail how the process really works and how to coach people in using it.

The emphasis is always on the pragmatic application of the process, illustrated with plenty of examples and stories, which makes it very easy to relate to the daily experience  of working with agile teams.  Each chapter ends with a checklist of bullet points to summarise and reinforce the key messages.

The first section of the book describes the basics of the coach’s role – how to get started, how to work with people and lead change, how to build a team, and when to move on.  Some of this would probably be just as relevant  to coaching any activity, but much of it is specifically about the issues in applying agile principles to software development.  In the chapters about working with other people there’s plenty of good advice – how to give feedback, resolve conflict and so on – that would make great reading for anyone who has to work with other people in ANY environment. I particularly like the bit about “Emotional Outbursts in Meetings”..!

The next section walks the reader through the iteration processes in more detail. There are chapters covering all the main elements of an iteration, including standups, stories and story cards, acceptance tests, estimating and planning,  and keeping progress visible. As usual, there are plenty of hints and tips for coping with problems – ideas for what to do when the team is dispersed, or work at different hours, or just hate planning.

The third section focuses on issues of quality. There’s lots of techie detail here that’ll be familiar to anyone who’s worked in an agile development team – discussion of unit testing, continuous integration, pair programming and other practices. But the key focus is on how all these practices work to the end goal of running, tested, maintainable software. And again, some pointers for techniques to try when things are difficult.

Finally, there are some chapters on listening to feedback – in terms of process, that includes demos for external feedback, and retrospectives for internal feedback. Retrospectives in particular can be quite difficult to get right, and there’s a range of techniques to try as well as a checklist of “Retrospective Smells” (like “History Lesson” and “Hot Air”) that can indicate that the retrospective isn’t working as well as it should.   The “Growing You” chapter gives some ideas for planning your own personal development.

Throughout the book, the tone that comes across is one of calm, intelligent guidance, and a very humane approach to dealing with everyone involved in an agile project (including yourself).

It’s also a great grab-bag of hints and tips, and reminders of key principles.

There are plenty of pointers scattered throughout the book to further reading, from personality types to Kanban to pair programming. And as for the stories and examples that illustrate the chapters, having worked with Rachel at Connextra, I recognise some of them, and can vouch for the fact that they’re genuine..

This is not just a book for coaches though – anyone who works in an agile
team will find lots here to help with understanding the process more deeply. For those just starting out with agile, it’s a great way to learn what it feels like to be in a properly functioning agile team. And for those who have been doing it for years, there are fresh ways to look at the process, and some inspirational advice for when times are rough.

Stefan Tilkov talks about REST

Old but good, this podcast  on with Stefan Tilkov talks around the ideas of RESTful applications – why building applications this way makes them part of the web, rather than just “on” the web, and why the REST style exploits the existing architecture of the web.

There’s also a great introduction to REST ideas at

I like the way Stefan characterises RESTful applications as being a specialisation of the REST principles – meaning that an application can provide the basic operations (allowing data to be read, caching observed, mime types honoured etc) but still having a level of functionality that can only be used by a client which understands the api more fully (so, POST operations that will create new domain objects, that require specific inputs, for example).

And there’s a nice write up of some of the frequently-heard objections to REST at, describing how you can achieve things like asynchronous operations. Many of these techniques are things that we’re currently using on projects at Talis.

Cultural Agoraphobia

Interesting to see that John Naugton was talking about open data and “cultural agoraphobia” in The Observer this weekend..

Talis, where I work, has just announced its Talis Connected Commons, which offers free storage of semantic data sets to anyone – as long as the data is open. Peter Murray-Rust, who is quoted in the Observer article,  is one of the people who will hopefully be making use of the Talis triple store.

And I’ve just been listening to Paul Miller’s recent podcast with Reuven Cohen about the Open Cloud Manifesto, which tries to create a coherent idea of what an “open cloud” might be (although that seems to be more concerned with interoperability and portability, rather than openness of data). That seems to have caused some controversy along the way, even making it into The Economist.  

It certainly feels like there’s a tipping point approaching for the next version of data on the web, but (as usual) the barriers are more cultural than technical.

Validate your inputs

Todays podcast listening for the commute was Bruce Sams talking about web app security from Software Engineering Radio.

Starting with a live demo of some hacking techniques (surprisingly effective even with just the audio), it covers some of the popular attacks – SQL injection, javascript in input fields, cookie stealing, guessing adjacent ID numbers and so on.

Apparently about 70% of web app vulnerabilities come from the inputs to the system – we spend a lot of time worrying about things like SSL and encrypted logins, but actually the vast majority of attacks use the applications themselves.

Sams says that when he’s asked for his top 10 tips for making your web app secure, he says:

  1. Validate your inputs properly
  2. See (1).

An interesting aspect of validation, though, is that it applies not just the obvious things like form fields and text strings, but to all the HTTP header elements as well.

For example, WordPress MU (in versions prior to 2.7) had a function that would echo the HTTP Host header without having sanitised it. The attacker can craft a request that contains some Javascript in the Host header which, when echoed, can grab cookies (or other evil cross-site scripting stuff)..