The document discusses the benefits of conventions in Rails and the need for conventions in building APIs and client-side frameworks. It argues that conventions save developers from having to make trivial decisions and push problems into shared solutions. While Rails has benefited from conventions like REST, there is still room to improve APIs and make them as transparent as ActiveRecord. ActiveModel::Serializers is presented as one approach to provide conventions for serialization. The document also discusses how conventions could improve browser frameworks and application structure beyond just code organization.
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Matt Raible
During this presentation, you'll learn how to implement authentication in your Java web applications using Java EE 7 Security, Spring Security and Apache Shiro. This session will also touch on best practices for securing a REST API and using SSL.
Comparing Hot JavaScript Frameworks: AngularJS, Ember.js and React.js - Sprin...Matt Raible
JavaScript MVC Frameworks are all the rage these days. They’ve taken the web development world by storm. This session explores the various features of the three hottest JavaScript MVC frameworks: AngularJS, Ember.js and React.js. It also compares client-side templating vs. server-side templating and how well each framework supports Isomorphic JavaScript (code that can run both client-side and server-side). Finally, it ranks each framework on 10 different criteria using Yevgeniy Brikman’s framework scorecard.
Video on InfoQ: https://www.infoq.com/presentations/comparing-angular-ember-react
Getting Started with Angular - Stormpath Webinar, January 2017Matt Raible
YouTube video of webinar: https://www.youtube.com/watch?v=Jq3szz2KOOs
This presentation is from a Stormpath Webinar I did on January 12, 2017. It was designed to teach developers how to build apps using Angular. Topics covered: tools needed, how to setup a project, how to run/deploy and how to deploy it to the cloud. I also talked about TypeScript, components, RxJS, routing, CSS frameworks and security.
Javaland 2017: "You´ll do microservices now". Now what?André Goliath
The slides for my talk at JavaLand 2017. Note: The slides are in english, only the title is german. The talk is all about do's and dont's in microservice landscapes.
The Complementarity of React and Web ComponentsAndrew Rota
On Github: http://andrewrota.github.io/complementarity-of-react-and-web-components-presentation/index.html
The component driven, performance focused approach of React is a perfect complement to the modularity and portability of native HTML Web Components. At first glance, React and Web Components might seem like two radically different solutions to the same problem. But when combined properly they complement each other to create an extremely powerful, expressive framework for developing complex web applications.
Java Web Application Security with Java EE, Spring Security and Apache Shiro ...Matt Raible
During this presentation, you'll learn how to implement authentication in your Java web applications using Java EE 7 Security, Spring Security and Apache Shiro. This session will also touch on best practices for securing a REST API and using SSL.
Comparing Hot JavaScript Frameworks: AngularJS, Ember.js and React.js - Sprin...Matt Raible
JavaScript MVC Frameworks are all the rage these days. They’ve taken the web development world by storm. This session explores the various features of the three hottest JavaScript MVC frameworks: AngularJS, Ember.js and React.js. It also compares client-side templating vs. server-side templating and how well each framework supports Isomorphic JavaScript (code that can run both client-side and server-side). Finally, it ranks each framework on 10 different criteria using Yevgeniy Brikman’s framework scorecard.
Video on InfoQ: https://www.infoq.com/presentations/comparing-angular-ember-react
Getting Started with Angular - Stormpath Webinar, January 2017Matt Raible
YouTube video of webinar: https://www.youtube.com/watch?v=Jq3szz2KOOs
This presentation is from a Stormpath Webinar I did on January 12, 2017. It was designed to teach developers how to build apps using Angular. Topics covered: tools needed, how to setup a project, how to run/deploy and how to deploy it to the cloud. I also talked about TypeScript, components, RxJS, routing, CSS frameworks and security.
Javaland 2017: "You´ll do microservices now". Now what?André Goliath
The slides for my talk at JavaLand 2017. Note: The slides are in english, only the title is german. The talk is all about do's and dont's in microservice landscapes.
The Complementarity of React and Web ComponentsAndrew Rota
On Github: http://andrewrota.github.io/complementarity-of-react-and-web-components-presentation/index.html
The component driven, performance focused approach of React is a perfect complement to the modularity and portability of native HTML Web Components. At first glance, React and Web Components might seem like two radically different solutions to the same problem. But when combined properly they complement each other to create an extremely powerful, expressive framework for developing complex web applications.
me ranting about the downsides of Spring Boot / Netflix OSS. Sorry that the slides are a little rare on text, so most likely hard to understand without the actual talk. feel free to send me any questions, though!
There are lots of libraries and frameworks you can use when building browser based JavaScript applications. Probably the most popular library is jQuery. But while jQuery makes it easy to write cross browser user interface code that manipulates the DOM it’s UI focus makes it less then perfect for large business applications. One of the JavaScript based MVC frameworks that has been gaining a lot of popularity for creating business applications is AngularJS. Wen using AngularJS you get the benefit of a powerful data-binding framework that guides you towards a proper application model with a proper separation between the UI layer and the business layer. It also contains a powerful dependency injection framework making code much more testable than before.
In this session Maurice de Beijer will show you how to get started with AngularJS and how productive you can be when creating line of business applications.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016Matt Raible
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry and Heroku.
SenchaCon 2016: Expect the Unexpected - Dealing with Errors in Web AppsSencha
Dealing with unexpected exceptions on the server side is something we've all done for ages. Now it's time to apply the same quality goals and monitoring to our JS codebase. This is especially important for Sencha applications where the front-end usually contains 100k+ lines of code. I'll demonstrate various powerful monitoring techniques and tricks that we are using ourselves at Bryntum.
Rich, interactive web applications AKA fat clients are now commonplace. There are so many frameworks for building these rich client applications, and the debate among developers is which of these frameworks to use. As designers and developers we need to step back, and ask ourselves when and how we should enrich our client applications and when or why not. Let’s dig in to the question: Why do we even want fat clients, and when should we use them? Let’s examine the complications such clients introduce so we can weigh them against all the benefits.
How did a small, completely self-funded team build a web framework that became more popular than comparable tools with million-dollar budgets? By welcoming the outsiders. Mike will recount how Sails.js grew from an internal tool to one of the most popular frameworks for Node.js, without forgetting its roots.
In this talk, Mike will reflect on the experiences he and his team have had building and managing an open-source Node.js framework, Sails.js. He'll discuss the success they've had attracting interlingual developers to Sails, and share some lessons and difficulties they've encountered migrating a new generation of developers from PHP, Java, .NET and Rails to Node.js.
There will be discussion of examples from both sides of the spectrum addressing community-related and technical issues with a highlight about overcoming the "maintaining interest" challenge.
Web App Security for Java Developers - UberConf 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Okta.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx UK 2016Matt Raible
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry and Heroku.
Presentation from Denver Open Source Users Group in February 2015. http://www.meetup.com/DOSUG1/events/219099019/
AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we'll explore many concepts it brings to the world of client-side development: dependency injection, directives, filters, routing and two-way data binding. We'll also look at its recommended testing tools and build systems. Finally, you'll learn about my experience developing several real-world applications using AngularJS, HTML5 and Bootstrap.
me ranting about the downsides of Spring Boot / Netflix OSS. Sorry that the slides are a little rare on text, so most likely hard to understand without the actual talk. feel free to send me any questions, though!
There are lots of libraries and frameworks you can use when building browser based JavaScript applications. Probably the most popular library is jQuery. But while jQuery makes it easy to write cross browser user interface code that manipulates the DOM it’s UI focus makes it less then perfect for large business applications. One of the JavaScript based MVC frameworks that has been gaining a lot of popularity for creating business applications is AngularJS. Wen using AngularJS you get the benefit of a powerful data-binding framework that guides you towards a proper application model with a proper separation between the UI layer and the business layer. It also contains a powerful dependency injection framework making code much more testable than before.
In this session Maurice de Beijer will show you how to get started with AngularJS and how productive you can be when creating line of business applications.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016Matt Raible
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry and Heroku.
SenchaCon 2016: Expect the Unexpected - Dealing with Errors in Web AppsSencha
Dealing with unexpected exceptions on the server side is something we've all done for ages. Now it's time to apply the same quality goals and monitoring to our JS codebase. This is especially important for Sencha applications where the front-end usually contains 100k+ lines of code. I'll demonstrate various powerful monitoring techniques and tricks that we are using ourselves at Bryntum.
Rich, interactive web applications AKA fat clients are now commonplace. There are so many frameworks for building these rich client applications, and the debate among developers is which of these frameworks to use. As designers and developers we need to step back, and ask ourselves when and how we should enrich our client applications and when or why not. Let’s dig in to the question: Why do we even want fat clients, and when should we use them? Let’s examine the complications such clients introduce so we can weigh them against all the benefits.
How did a small, completely self-funded team build a web framework that became more popular than comparable tools with million-dollar budgets? By welcoming the outsiders. Mike will recount how Sails.js grew from an internal tool to one of the most popular frameworks for Node.js, without forgetting its roots.
In this talk, Mike will reflect on the experiences he and his team have had building and managing an open-source Node.js framework, Sails.js. He'll discuss the success they've had attracting interlingual developers to Sails, and share some lessons and difficulties they've encountered migrating a new generation of developers from PHP, Java, .NET and Rails to Node.js.
There will be discussion of examples from both sides of the spectrum addressing community-related and technical issues with a highlight about overcoming the "maintaining interest" challenge.
Web App Security for Java Developers - UberConf 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Okta.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx UK 2016Matt Raible
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry and Heroku.
Presentation from Denver Open Source Users Group in February 2015. http://www.meetup.com/DOSUG1/events/219099019/
AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we'll explore many concepts it brings to the world of client-side development: dependency injection, directives, filters, routing and two-way data binding. We'll also look at its recommended testing tools and build systems. Finally, you'll learn about my experience developing several real-world applications using AngularJS, HTML5 and Bootstrap.
Efficient Rails Test-Driven Development Week #1. A class by Wolfram Arnold of rubyfocus.biz, in collaboration with Sarah Allen of blazingcloud.net and marakana.com
This is an adaptation of the presentation given at the SpringOne 2008 conference in Hollywood, FL. It contains some updates on project status, and also information about the recently published book "Spring Python 1.1"
This slideshow is licensed under a Creative Commons Attribution 3.0 United States License.
Using Rails to Create an Enterprise App: A Real-Life Case StudyDavid Keener
Rails is a great framework for quickly creating "green field" web applications. Find out how well it works when creating internal, corporate web applications that have to access multiple legacy databases.
As presented to the Milwaukee Alt.Net group on November 21st, 2011.
UPDATE April 19, 2012: added some domain logic organization slides using Fowler's 4 basic patterns.
2009 10-08 soa-og_itil_does service in it service rhyme with service as in so...Peter Rosenberg
The hyped Service Oriented Architecture (SOA) around 2005-2010, did pose some new challenges to IT.
Is SOA matured in terms of easily getting over the Transition from Project to Operations ?
What is happening 'behind the scenes' of a SOA solution, during Design and Engineering ?
- Challenges and Problem areas you should watch for
- And perhaps a few hints to avoid pitfalls
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
8. Rails takes a very hard line on
conventions, which forces us to solve
problems very completely. There's little
room for us to punt problems onto Rails
users.
12. AUTOMATIC.
<%= form_for @cash_transfer do |f| %>
<%= f.text_field :from %>
<%= f.text_field :to %>
<%= f.text_field :amount %>
<%= button "Transfer!" %>
<% end %> Enter Text here
13. Conventions Tools Hand-Rolled
Conventions allow you to avoid
thinking about the problem at all while
working on features.
Tools make the problem easier to solve,
but still make you think about it.
When we don't have a convention for
something, we end up forcing the
developer to learn about the problem
and choose a solution, which is most of
the cognitive overhead of solving it
yourself.
Cognitive Overhead
14. The common conventions of Rails
applications provide a foundation for
additional abstractions.
15. COURSE
CORRECTIONS
No interest in cosmetic, no time for
refactoring.
Interested in figuring out why my
clients don't want me to use Rails.
16. MANY PEOPLE
HAVE A PROBLEM.
Criteria for course corrections
17. MANY PARTS OF THE
SOLUTION ARE
TRIVIAL.REST:
What HTTP structure should I use?
What names should I give my methods?
How should I generate URLs?
18. THERE IS BENEFIT IN A
SHARED SOLUTION.
Asset pipeline:
* Works out of the box
* Reduces cost of entering a project
* Concept of "Rails asset processor"
20. FAILURE TO SOLVE
IN RAILS CORE.
What are the problems for failing to
provide solutions in Rails core.
Flip side of what I just said.
21. CRITICAL MASS.
Having multiple competing solutions
robs any one solution of the critical
mass it needs to rapidly improve.
No initial implementation is perfect,
and Rails provides eyeballs and hands.
22. It's tempting to say "let this feature be
a plugin, and we'll let our users flesh it
out before we include it"
USAGE. This often results in several competing
solutions, each languishing with few
users, all of which have major issues.
The lack of usage can also hide
conceptual problems with an approach
(heroku deployment?)
23. INTEGRATION.
When users pick a solution on their
own, they are willing to put up with a
lot of manual work. The process of
integrating a feature into Rails to
automate it often brings fundamental
problems to light.
24. ECHO CHAMBER.
The people most likely to choose a plugin solution to a
problem also understand it the most. This means that
there is little impetus to provide completely transparent
solutions that work without complete (or any) knowledge
of the underlying problems. By making something a Rails
concern, it immediately busts the echo chamber of those
who already understand the problem.
25. TECHNICAL DEBT.
As Aaron said yesterday, when solving
these larger issues, we have a larger
tolerance for technical debt.
That said, we shouldn't throw caution
to the wind and take on unlimited
debt. At this point, we're still paying
back our last emergency loan, so let's
be more prudent now.
26. GOOD ARCHITECTURE
ENABLES FUTURE
FEATURES.
Architecting well means that we can
easily improve the feature in the
future. Many of the good things in
the Rails 3 architecture
(notifications) have only come to
fruition now.
28. FEATURES NOW + FEATURES LATER
÷
COST NOW + MAINTENANCE
Building a feature right lets us extend
it easily in the future with lower
maintenance costs. This allows us to
make necessary investments more
easily in the future.
29. BETS
When we correct course, we are
placing a bet about the future of our
industry.
36. BEFORE RAILS.
■ Primary key: chosen per table
■ Table name: chosen per table
■ Timestamps: chosen per timestamp
■ Polymorphic tables: ad hoc setup
■ Foreign keys: chosen per relationship
■ Camel/Underscore: chosen per field
37. Because of all of these discrepancies,
you end up needing to build a map of
your database for your application.
38. "DATABASES ARE
TOO DIFFERENT"
In the early days of Rails, we heard a
lot of arguments that databases were
simply too different for AR to be more
than just a toy. We hear similar
arguments today with APIs.
40. JSON APIS.
■ Should responses include a root?
■ How to embed associations?
■ Include the identifier? In what form?
■ id or href?
■ Include additional/associated resources?
■ How to update in bulk?
■ Primary key defined on server or client?
■ Moving a belongs_to record?
Just like there were questions in SQL,
there are questions in JSON APIs.
41. STANDARDIZED
CLIENT CODE.
Without standardization, we cannot
easily build standardized code on the
client.
42. We're also back to making the same
trivial decisions over and over again,
if we even realize that we are
making decisions.
43. And because we're not taking on the
problem, we're pushing the concerns
onto every client.
44. Since Rails doesn't provide these conventions,
people are asking "Is Rails the right tool for the job"
Even though other tools don't provide conventions,
Rails is all about CoC, so the lack of conventions
makes *Rails* feel like the wrong tool for the job,
even though much of Rails is still useful.
IS RAILS WORTH IT?
Rails starts feeling more like a very polished
library and less like a framework.
55. The advantage of serializers is that
it avoids mixing the common
(representation) with the unique
(attributes, associations)
AVOID MIXING
COMMON AND
UNCOMMON.
This is in contrast with builders,
which put the common and unique
things in one place, so we have no
place for conventions.
56. CONFIGURABLE.
Especially for authorization, there is
a need to be able to poke under the
declarative hood. It's not all
documented, but it works.
57. AUTHORIZATION.
class PostSerializer < ApplicationSerializer
attributes :title, :body
has_many :comments
has_many :troll_ratings
# override just default association inclusion
def include_associations!
comments = post.comments
unless scope.can(:see_hidden, post)
comments = comments.where(visible: true)
end
# override default value, but not embedding rules, etc.
include! :comments, value: comments
# conditionally include an association
include! :troll_ratings if scope.can(:troll_rate, post)
end
end
65. TRANSPARENT.
var people = App.Person.all();
/* GET /people */
// later...
var first = people.objectAt(0);
first.set('firstName', "Brohuda");
App.store.commit();
/* POST /person/1 { ... } */
66. Transport Serialization
AMo::Serializers solve serialization, but I
think we need a general solution for all
three.
Client Side
67. BULK.
Serializers doesn't solve this, but there is a
need to define conventions around bulk
updates.
ember-data defines conventions that, if
implemented in Rails, "just work"
68. OTHER DATA
FEATURES.
Identity map; data binding to the
view; associations (including create
parent=>child=>persist)
72. “
Back in 1995, we knew something that I don't think
our competitors understood, and few understand
even now: when you're writing software that only
has to run on your own servers, you can use any
language you want. When you're writing desktop
software, there's a strong bias toward writing
applications in the same language as the operating
system. But with Web-based software, you can use
whatever language you want.
PAUL GRAHAM
73. “
This new freedom is a double-edged sword,
however. Now that you can use any language, you
have to think about which one to use. Companies
that try to pretend nothing has changed risk finding
that their competitors do not.
PAUL GRAHAM
74. TRANSPORT.
Standards and Same Language
Conventions Everywhere
• HTML • JMS
• ActiveRecord • DRb
Thinking "I need to talk with JS,
therefore I need to write JS on the
ser ver" is pretty lazy thinking. We can
get seamlessness without insisting on
the same language everywhere.
75. TRANSPORT.
Standards and Same Language
>
Conventions Everywhere
• HTML • JMS
• ActiveRecord • DRb
Thinking "I need to talk with JS,
therefore I need to write JS on the
ser ver" is pretty lazy thinking. We can
get seamlessness without insisting on
the same language everywhere.
77. RECAP.
■ Good conventions save developers from
having to agonize over common problems.
■ Rails' bet on REST gave it a leg up in many
areas that are relevant to rich client apps.
■ There is still room for improvement: we can
make APIs as transparent as ActiveRecord.
■ ActiveModel::Serializers is one approach we
are looking at to get us there.
■ We can also make browser frameworks better
through the same conventions.