Javascript in 2015 video

This demo introduces lots of ES6 features while actually building something. I like it!

Thoughts

ES6 Modules, jspm, and System.js will take deeper dives to understand, but I liked the fat arrow functions and string templating.

In ES6, fat arrow functions and string templating let us write this:

elem.innerHTML = urls.map(url => `<img src="${url}" alt="" />`).join("\n")

Babel says the ES5 version looks like this:

elem.innerHTML = urls.map(function (url) {
  return "<img src=\"" + url + "\" alt=\"\" />";
}).join("\n");

less code = syntax errors. I like this!

Fat arrow functions have some funny little bits.
* ( and ) around arguments are only needed if there is more than 1 argument
* { and } around the function are only needed around the function body if is more than a line long

But these rules feel funny to me. JS linters have long suggested always including the {, }, and ; even in places where aren’t needed to prevent stupid errors and keep things consistent.

export default posts => {
return posts
.filter(post => !post.data.over_18)
.slice(0, 5)
.map(post => post.data.url)
.filter(url => /gifv?$/.exec(url))
.map(url => url.replace(/v$/, ''))
}

return new Promise((resolve, reject) => {
    jsonp(this.url, {
        param: 'jsonp'
    }, (err, data) => {
        err ? reject(err) : resolve(data.data.children);
    })
})

Fat Arrow Functions are also automatically bound to the scope of the object they are enclosed in which makes life simpler when mixing up functional and object oriented programming. Fat Arrow Functions) on MDN has more details.

NodeJS Toronto January 2015

StrongLoop presented their tools for working with REST APIs. Slides are here, and my notes will soon be outdated because the platform is changing quickly. Also, nodejs 0.12 came out this week.

Things with APIs that I forget about

  • watches
  • NEST theromostats
  • cars

Companies using nodejs

There was a good demo of using all your CPU cores with nodejs by managing a cluster of processes with strong-cluster-control.

StrongLoop presents: Develop, Deploy, Monitor and Scale REST APIs

Tuesday, Jan 27, 2015, 6:00 PM

One Eleven
111 Richmond St West, 5th Floor Toronto, ON

99 Members Went

We’ve got a special event for you on Tuesday Jan 27 – StrongLoop is coming all the way from SF to deliver a 3 hour training session on REST based APIs with Node. This event is geared towards beginner and intermediate developers with basic understanding of Node.js.Shubhra Kar, Director Products & Education at StrongLoop will be leading the session….

Check out this Meetup →

Standing desk in a bookcase

Got a bookcase with adjustable shelves? Want to see what using a standing desk feels like? Here’s an inexpensive way to try it out. You’ll need a separate keyboard and pointing device (mouse, tablet, trackball, whatever).

The middle shelf of an Ikea Billy Bookcase is perfect height (About 42″ or 106cm) for a keyboard and mouse for me (I’m 5’6″), so I put those there. I emptied out the next shelf and placed it about 8 inches above that one. My 15″ laptop, 19″ external monitor, and a power bar fit up there. I could run wires behind the shelves (taking advantage of the bendy rear surface of the Billy) to connect the 2 areas.

It took about 10 minutes to set up, another 10 minutes to tear down, and proved that getting a standing desk at home was worthwhile to me.

Be wary of using this long-term because you might be too close to your monitor. My face was 13″ away from the screen instead of the usual 19″ I find comfortable.

More examples

Similar idea, using up 1 shelf instead of 2 for laptop
http://offbeathome.com/2011/06/ikea-bookshelf-standing-desk

A fancier version of my Ikea hack with stow-away monitor
http://www.ikeahackers.net/2013/05/stand-up-billy-bureau-or-mini-bar.html

Similar idea with shorter bookcase
http://huntergatherer.com/upstanding-citizen-235-how-to-be-more-confident-on-the-phone/

Cat image is from Neko

History of timesheets & hourly billing

In the 1800s, Engineer & Manager Frederick Taylor started making detailed records of how long it took employees to manufacture steel in his factory as part of an effort to improve efficiency. The amount of time it took to make steel was irrelevant to the cost of the steel – that was set by the market.

In the 1900s, more companies and industries (including legal and marketing) adopted time tracking because measuring things was cool, but also started billing with the hours logged instead of fixed fees or commissions.

And here we are doing the same thing in the 2010s without stopping and asking why often enough. What are some alternatives? Wikipedia says:

Adobe AIR desktop apps, expiring signing certificates, and the developer

Is the app timestamped?

Here is the important bit about timestamping from Adobe’s ‘Digitally signing an AIR file’ documentation

When you sign an AIR file, the packaging tool queries the server of a timestamp authority to obtain an independently verifiable date and time of signing. The time stamp obtained is embedded in the AIR file. As long as the signing certificate is valid at the time of signing, the AIR file can be installed, even after the certificate has expired. On the other hand, if no time stamp is obtained, the AIR file ceases to be installable when the certificate expires or is revoked.

  1. Download the .air file
  2. Change extension to .zip
  3. Extract or browse the contents of the .zip file
  4. Open META-INF/signatures.xml
  5. Look for a SignatureTimeStamp element. If it is there, the AIR app is timestamped

The app I’m working with is timestamped, so it can be installed indefinitely. But what about updates?

Expired certificates and app updates

Here’s another important bit from Adobe’s documentation

As of AIR 1.5.3, a certificate that has expired within the last 180 days can still be used to apply a migration signature to an application update. To take advantage of this grace period, and the update application descriptor must specify 1.5.3 in the namespace attribute. After the grace period, the certificate can no longer be used. Users updating to a new version of your application will have to uninstall their existing version. Note that there is no grace period in AIR versions before 1.5.3.

If an app uses AIR 1.5.3 or newer, the developer has 180 days past certificate expiry date to migrate to a new certificate. Time to find expiry the date!

Checking when a signing certificate expires

Assuming you have access to the .p12 version of the certificate and the password, you can follow these instructions (based on these from BSD Support). You can use the CLI application openssl (comes with Linux and OS X, msysgit for Windows includes it) to complete these steps.

  1. Convert the .p12 to a .pem file
    openssl pkcs12 -in certificate.p12 -out tempcrt.pem

    You will also be asked to provide the .p12’s password, and a new password to secure the resulting .pem file.

  2. Check the expiry date of the .pem file

    openssl x509 -in tempcrt.pem -text

    This will output a few screens of information in your terminal, including valid dates for the certificate. Here’s what you are looking for:

    Validity
            Not Before: Jan  5 05:21:03 2009 GMT
            Not After : Jan  5 05:21:03 2029 GMT

How to react as the AIR app’s developer

Put the dates in your calendar

If the Not After date is waaay in the future, then relax.

If the Not After date is coming soon, start thinking about how to handle migrating your app to a new certificate.

If the Not After date has passed less than 180 days ago and your app uses AIR 1.5.3 or newer, it is time to migrate to a new certificate. If the app uses an older version of AIR, it is too late to migrate to a new certificate to allow for smooth updates.

If the Not After date is more than 180 days ago, migrating the application to a new certificate is not an option. Users will have to uninstall and re-install your application instead of updating it.