bgror

Ruby Gets An Official Spec: Heading To Become An ISO International Standard »

Created at: 07.12.2009 15:55, source: Ruby Inside, tagged: News

It's long been a bone of contention in the Ruby world that Ruby, as a programming language, doesn't have an official spec (though RubySpec has been a noble, community effort to build an executable specification for Ruby). Now, though, there's a draft, official Ruby specification available for you to check out- based on Ruby 1.8.7 (which some aren't happy about).

From the announcement:

For wider and more application of Ruby language, "Ruby Standardization Working Group" has been established under Information-technology Promotion Agency, Japan (IPA) to define the specification of Ruby language on Oct. 2008. Since then the WG has been drafting the specification of Ruby language.

As the first draft of Ruby language specification has just recently completed, we'd like to request users and developers of Ruby communities to review it.

By gathering review comments widely from you, we are going to improve the draft of Ruby language specification further. Then we will propose the improved draft to Japanese Industrial Standards Committee (JISC) to be JIS. After JIS for Ruby has been published, we will propose it to International Standardization Organization (ISO/IEC JTC1) to be International Standard.

Why now? In a ruby-core thread about the forthcoming standard, Shugo Maeda spills the beans:

In addition, one of reasons why we need open standard for Ruby is that the basic guideline for the government procurement in Japan require it. In that policy, we should refer to open standards instead of specific products for fair competition.

While the prospect of getting cushy government contracts is appealing to Japanese Rubyists, it could also start to play a role elsewhere as governments start to ride their own open standards/open source bandwagons.

Ultimately, this news isn't going to matter to the majority of Rubyists yet, but becoming an international standard will ultimately lend more legitimacy to a language that has been flagging in popularity lately. If you want to jump right to checking out the standard (available only as a PDF at the moment), click here.

Ruby 1.9.1-p376 Released: Fixes A Heap Overflow Vulnerability And More »

Created at: 07.12.2009 14:28, source: Ruby Inside, tagged: News

Uh oh, it's upgrade time again. Today, the official Ruby 1.9 maintainer (Yuki Sonoda, a.k.a. Yugui) announced a heap overflow vulnerability in Ruby 1.9.1 and, subsequently, the release of Ruby 1.9.1-p376 (patch level 376). As the current production level release of Ruby, this is a crucial upgrade - unless you're still using Ruby 1.8.x, which isn't affected at all.

As well as fixing the vulnerability, Ruby 1.9.1-p376 also includes over 100 bug fixes on the previous release, none of which are particularly interesting. You can check this release's change log to see if anything affects you.

If you want to download Ruby 1.9.1-p376 now, the following URLs will work direct:

• http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.bz2
• http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.gz
• http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.zip

Further, Danny Tatom has put together a PKGBUILD file for Ruby 1.9.1-p376 for Arch Linux users. As an aside, Arch Linux is worth a look if you haven't heard of it yet. It's basically a lightweight, heavily customizable, developer focused Linux distribution that's less annoying than Gentoo, and a little more BSD-like than the average Linux distro.

[ad] Find duplication, code smells, complex code and more in your Ruby code with Caliper! The metrics are free and setup takes just one click. Get started!

MagLev Alpha Released: A New, Scalable Ruby Implementation »

Created at: 21.11.2009 04:20, source: Ruby Inside, tagged: Cool Linux Specific News OS X Specific Tools

MagLev is a new(ish) Ruby implementation built by Gemstone Systems that focuses on providing an integrated object persistence layer and a distributed shared cache - a truly scalable Ruby implementation. Maglev has, however, had an air of vaporware about it, having been hyped up in early 2008 and only available to a small group of alpha testers till now. That changes today with the first public, alpha release!

Back in early 2008, MagLev program manager Bob Walker did an interview with InfoQ about the project where he said that 8 people were working on MagLev, so this is a pretty big deal for them. Developer Avi Bryant then did a short presentation at RailsConf 2008 where he gave a comprehensive overview of what MagLev is along with some live demonstrations.

Why Should You Care?

In short, MagLev is cool for a few reasons. Two key ones being that 1) MagLev runs on the SmallTalk virtual machine which, it is claimed, should yield significant performance increases for a language like Ruby, and 2) a MagLev environment allows multiple Ruby processes over multiple machines (if you wish) to use the same objects simultaneously for easy scalability. Avi's video is great if you want to get a grasp on it:

MagLev presentation at RailsConf 2008 from Monty Williams on Vimeo.

Developer Monty Williams is keen to stress that this is an alpha, not a beta, so you can't expect it to run Rails or any gems that require C extensions. That said, it does run Sinatra, Rack, and RubyGems, plus a significant effort has been put into passing the RubySpec, so it's not as if it's a crippled implementation as such.

If you want to learn more, consider following the MagLev team on Twitter @MagLev and checking out the official mailing list "maglev-discussion."

Installation (i.e. getting to an irb prompt that works)

Bear in mind that MagLev will only work on 64 bit versions of OS X, Linux, and Solaris, so if you're in the 32 bit club, there's no point in going any further (yet).

If you download the MagLev Installer script (small ZIP file), you can run the installMaglev.sh script and install the latest version like so:

./installMaglev.sh 22578

The announcement post doesn't make it clear you need to provide a version number of what version number to provide. 22578 was mentioned earlier in the day though, and it seems to work.

Once installed, MagLev provides some info about environment variables you need to add to your .bashrc or .bash_profile. Follow these, then open a new terminal and here's how you get to an irb session:

$ maglev start
startnetldi[Info]: Starting GemStone network server "gs64ldi".
startnetldi[Error]:  could not start server
startstone[Info]: Starting Stone repository monitor "maglev".
startstone[Info]: GemStone server 'maglev' has been started.

$ maglev-irb
irb(main):001:0> 20 + 20
=> 40
irb(main):002:0> exit
error , SystemExit Error,  nil,
          during /Users/peter/Downloads/MagLev-installer/MagLev-22578.MacOSX/bin/maglev-irb
SystemExit Error,  nil

Alternatively: GitHub installation

MagLev is also available from GitHub to clone. To install MagLev from GitHub:

git clone git://github.com/MagLev/maglev.git
cd maglev
./install.sh

.. then follow the note about adding the path to your .bashrc or .bash_profile and running Rake in a new prompt (though still under the maglev project directory).

If you get any further with doing something interesting like, say, getting an IRB prompt up successfully on this, do post a comment ;-)

[ad] Find duplication, code smells, complex code and more in your Ruby code with Caliper! The metrics are free and setup takes just one click. Get started!

MacRuby 0.5 Beta 2: AOT Compilation, Rack & Sinatra Support, And More »

Created at: 18.11.2009 17:00, source: Ruby Inside, tagged: Cool News OS X Specific

MacRuby, a port of Ruby 1.9 to the Mac OS X Objective C common runtime, is today one step closer to a production-ready Ruby implementation with the release of beta 2 of MacRuby 0.5. MacRuby 0.5 has been highly anticipated since it was first mentioned back in March because it promises significant performance improvements, a new LLVM based virtual machine (replacing YARV), and significant compatibility improvements and bug fixes. Even still at this beta stage, 0.5 delivers on these promises.

New in MacRuby 0.5 so far:

• rdoc and ri now work - thanks to compatibility bug fixes
• Rack and Sinatra support
• Experimental support for BigDecimal, OpenSSL, and JSON extensions
• Compiler with support for building fat binaries (i.e. universal binaries)
• An all new LLVM based VM
• A gazillion bug fixes and performance improvements - as always!

At this stage, the MacRuby team want people to download MacRuby, give it a test, and report any bugs or issues encountered. If you're on OS X, don't be worried about installing it. It comes in a simple installer package and presents itself through the macruby and macirb binaries, so it doesn't clash with any existing Ruby implementations installed on your machine.

For me, perhaps the most exciting developments are the macrubyc compiler and macruby_deploy utility. In a basic benchmark I performed, compiling a Ruby script that does a Fannkuch benchmark yielded a 20% speed increase with MacRuby 0.5b2. Impressive, as the baseline interpreted version was on par with MRI 1.9.1 already! The macruby_deploy utility is a new addition to help you deploy your MacRuby applications as regular OS X apps. It puts the MacRuby framework along with your script's executable into an application bundle ready to be deployed to any other Mac - even those without MacRuby.

[ad] Find duplication, code smells, complex code and more in your Ruby code with Caliper! The metrics are free and setup takes just one click. Get started!

Nginx Security Vulnerability: SSL Man in the Middle Attack »

Created at: 10.11.2009 19:30, source: Engine Yard Blog, tagged: News nginx security vulnerability

A security vulnerability in all versions of nginx (as well as several other web servers) has been reported. Attackers can exploit this vulnerability by intercepting SSL sessions and compromising encryption key renegotiation via a plaintext injection, allowing the attacker to read the plaintext of the SSL session. A patch has been released for this vulnerability.

Engine Yard customers have already been contacted via email about this issue. For Engine Yard Cloud customers, this patch will be automatically applied the next time you perform a deploy. All other customers should open a support ticket so that you can arrange an appropriate maintenance window with support.