Steve Jansen

badass rock star tech!

Agree with @matthewwithanm

Keep the unoptimized source in source control, use Grunt (or gulp or whatever) to optimize your build artifacts. The svgmin task can automate SVG optimization.

Nice!

Nice!

Ben Vinegar's You are probably misusing DOM text methods convinced me not to use DOM fragments to escape HTML. Below mixin was inspired by Ben's post and the Mustache.js implementation for sanitizing HTML from user input

/** Mixin to extend the String type with a method to escape unsafe characters
 *  for use in HTML.  Uses OWASP guidelines for safe strings in HTML.
 * 
 *  Credit: http://benv.ca/2012/10/4/you-are-probably-misusing-DOM-text-methods/
 *          https://github.com/janl/mustache.js/blob/16ffa430a111dc293cd9ed899ecf9da3729f58bd/mustache.js#L62
 *
 *  Maintained by stevejansen_github@icloud.com
 *
 *  @license http://opensource.org/licenses/MIT
 *
 *  @version 1.0
 *
 *  @mixin
 */
(function(){
  "use strict";

  function escapeHtml() {
    return this.replace(/[&<>"'\/]/g, function (s) {
      var entityMap = {
          "&": "&amp;",
          "<": "&lt;",
          ">": "&gt;",
          '"': '&quot;',
          "'": '&#39;',
          "/": '&#x2F;'
        };

      return entityMap[s];
    });
  }

  if (typeof(String.prototype.escapeHtml) !== 'function') {
    String.prototype.escapeHtml = escapeHtml;
  }
})();

SPAM

Read more about JSON5 at http://json5.org/

Great point. How about warning and redirecting to new Foo() instead of throwing an exception?

function Foo() {
  // verify the new operator was used to
  // ensure 'this' works as expected
  if (false === (this instanceof Foo)) {
      console.warn('Foo() invoked as a function;',
                   'use `new Foo()` instead');
      return new Foo(arguments);
  }
    // ...
}

Hi @robsonsobral, thanks! It looks like this IE6 edge case effects Google's data center. However, it looks like it could work in IE6 if your hostname matches the subject of the SSL certs. Definitely good to know for anything hosted by Google, at the least.

Hi @robsonsobral, good to know however that link doesn't seem to talk about protocol relative URLs in IE6. It talks about host name mismatches when using IE6 on XP, which uses SSLv2 instead of SSLv3 or TLSv1.0. Did I misread the article?

FYI - the npm colors package is amazing for this.

Hi @dawicorti, I created something very similar called json-proxy. We should sync up efforts. Your post inspired me to think about an option to capture API responses to disk and allow you to replay them without needing the API server.

FYI you can simplify this to a one liner

DIR nofile || (PAUSE && EXIT /B 1)

You can even create a pseudo "macro" for this in a batch script:

SET errorhandler=^|^| ^(PAUSE ^&^& EXIT /B 1^)

DIR .  %errorhandler%
DIR nofile %errorhandler%

Hi @christianbundy,

I recommend any of the great blog posts out there explaining pros and cons of the NodeJS event loop, like Node's own about page.

In a nutshell, Node uses an event loop for concurrency instead of the more common approach with multiple operating system threads. In Node, a thread should never sit idle waiting for I/O to complete. This enables a server to handle concurrent tasks using a single operating system thread. Node's position is threads are hard to code well and are expensive runtime resources, so avoiding multiple threads makes coding much simpler and more scalable at runtime.

The practical implementation of this approach is the callback pattern you described. An I/O function call initiates the work, and Node moves on to the next task in the event queue. When the I/O completes, your callback is queued on the Node event loop, and subquently invoked by Node to let you know the I/O is done and optionally tell you about any errors or results.

There are many criticisms of Node (like this famous one), however, I am amazed at what Node can accomplish in a few hundred lines of code compared to what was possible a decade ago.

Enjoy learning Node!

For me, this technique is harder to read over putting the logic to inpsect the arguments array inside your object's function, and then make decisions on the logic to apply. I might use a closure like this:

(function(){
 function findAll() {
   // Find all users...
  }

 function findByFullName(name) {
  // Find a user by name
  }

  function findBySurname(first, last) {
     // Find a user by first and last name
  }

  Users.prototype.find = function find() {
    if (arguments.length === 0)
       return findAll.apply(this);

    if (arguments.length === 1 and typeof(arguments[1]) === 'string')
      return findByFullName.apply(this, arguments);

   // by default, search using first and last name
   return findBySurname.apply(this, arguments);
  }
})();

NodeJS is all about async methods that invoke callbacks upon completion. The typical pattern for NodeJS APIs is exactly what you describe: the last arg is a callback function, the callback will be invoked with the first param being either null or some error value, and optionally more callback arguments to provide the result of the async operation. Use of callbacks instead of synchronous return values is one of the biggest learning curves for newcomers to Node, especially if you are a UI dev specializing in browser hosted Javascript.

Don't worry, the async callback thing will eventually seem natural. There are also good libs like async and q to help avoid Node "callback hell". Node's use of callbacks is what makes Node scale pretty darn well with I/O bound operations.

Why not just use !!, which works in either bash or zsh?

@kjellski - learned something new today. I'm going to start including unalias -a in my scripts. Thanks!

Great point. Even better, use any of the great JS unit test frameworks out there. I find QUnit to be extremely quick and simple for testing functions like these.

test("somethingthatshouldmatch", function () {
    var input = "somethingthatshouldmatch";
    ok(myRegex.test(input) === true);
});

test("somethingthatshouldNOTmatch", function () {
    var input = "somethingthatshouldNOTmatch";
    ok(myRegex.test(input) === false);
});

Demo of a similar situation @ http://jsfiddle.net/stevejansen/nfUb6/

Cool tip!

FYI - the book From Bash to Z Shell: Conquering the Command Line (which I enjoyed) recommends alias names that do not clobber existing names, like alias ll='ls -l' instead of alias ls='ls -l'. This avoids unexpected behavior in scripts that call the command and for anyone else using your terminal (which is kind of the point for tmux, right?). Just some food for thought.

Yeah, UTF-16 .sql files were annoying for me with GitHub diffs.

There is an easier way to make this problem go away:

1. Find the template is a file named SQLFile.sql, by default in the location %ProgramFiles%\Microsoft SQL Server\[Sql Version]\Tools\Binn\VSShell\Common7\IDE\SqlWorkbenchProjectItems\Sql\.
2. Resave (using your tip) as UTF-8.
3. All new query windows will default to UTF-8 files

Source: Microsoft Connect post Unicode Defaults on SSMS Save.

There is a great read at UTF-8 Everywhere explaining why Microsoft is so wedded to UTF-16 (aka "Unicode" in the Microsoft developer world).

Love this nuance about dd! Been awhile since I used it. Thanks for reminding me.

FYI - use the USR1 signal on Linux and SIGINFO on OS X/BSD

Here's some a fun example backgrounding dd as well as the SIGINFO call:

dd if=/dev/zero of=/dev/null bs=512 &
pid=$!
while ps -a $pid > /dev/null 2>&1
do
  # throw away stderr if we kill dd between ps and kill -SIGINF
  kill -SIGINFO $pid 2>/dev/null 
  sleep 1
done &
sleep 5
kill $pid

Wow, great research. Thank you for sharing with the community. I am debating server-side vs SPA MVC for my next project now.

An untested hack in my mind is to create a JSON data structure describes the routes, consumed by both ngRoute and a server-side (node?) micro app to generate the sitemap. This would avoid the need to manually craft the sitemap file. Does this sound remotely reasonable?

@lukasz-madon, great tip!

Ah, now I see! Totally right.

I forgot about this since I use yeoman/grunt/bower now for local JS dev, which gives me 'grunt serve' for a lightweight server. Some people use a short rack config file for this too.

@koen, nice point. FYI there is a fix for this. To enable XHR/AJAX requests (like jQuery dynamic loading of scripts) with file:/// schemes:

Chrome

Pass the --allow-file-access-from-files command line arg, which you can check with chrome://flags.

Safari

Click the Develop menu > Disable Local File Restrictions.

Shameless plug for golang... go natively supports multiple return values from a function.

Clever... I'm a fan of parameter expansion with bash shell Never thought of using it this way before.

I'm still learning golang myself. Thanks for sharing - I learned something new today!

You can also limit this URL rewriting to an explicit list of Git repos that are outside your firewall. This way you can still use the git:// scheme inside your LAN with your internal repos.

git config --global url."https://github.com".insteadOf git://github.com

Totally agree, WebAPI is good stuff.

Self-hosting WebAPI is fantastic. You can host an API right inside your unit test process for truly meaningful tests.

All of the above are pseudo-random values, which is likely fine for most scenarios.

System.Security.Cryptography.RandomNumberGenerator is the base class for cryptographically secure random values that are not deterministic/predictable.

See the example @ http://msdn.microsoft.com/en-us/library/system.security.cryptography.rngcryptoserviceprovider.aspx