codefork.com

During a meeting at work today, someone remarked, “No one I know seems happy with their content management system.”

Somehow, that’s unsurprising. The problem, I think, is that there’s really no such thing as a content management system. Think about how absurd that term is. It’s a system (it’s organized and has structure) that manages (performs operations) on content (er, stuff). Well then… what piece of software isn’t a CMS?!

When people talk about a CMS, they really mean publishing software. The website I maintain was written specifically for managing news articles. It does its job reasonably well, despite needing some cleanup and refactoring. What’s devious about the term “CMS” is that people start to expect all sorts of things from it. After all, it manages content right? So why can’t it easily integrate with other sites, offer social networking features, do fancy AJAX tricks, and make dinner, with cpu cycles to spare?

The fact is, no software can do it all. There’s sometimes the wishful thinking that if we were using a pre-packaged CMS instead of a custom solution, we’d be better off. That’s just not true. A pre-packaged CMS can be a good option for simple needs, but customization is often a huge headache. The end result is that you’d have been better off writing something custom tailored to begin with. The most flexible (and therefore “best”) pre-packaged CMSes are often not ready-to-run software, but actually well-designed frameworks (like Zope) that require coding for the specific content you want to handle.

So why is no one happy with what they have? I suspect it’s because they didn’t give enough thought to what they wanted, or their expectations were too high, or both.

There’s nothing magical about a CMS. It follows the same rules as any other kind of software: the requirements for what it does should be clear, and the proper code abstractions should be in place. It’s like any other project: it should support a set of features, but also be able to change and grow easily. And you can only achieve those goals with proper planning and good code design. Not confusing lingo like “content management system.”

Rumors of Chandler’s Death Are Greatly Exaggerated. So says the renowned Phillip J. Eby.

In light of all the damning media scrutiny paid to Chandler in recent years, Phillip makes an excellent point: the project funded work on a bunch of important open source python libraries. I didn’t realize this—it drastically changed my regard for the OSAF‘s work. If this aspect of the project got mentioned more, I think Chandler would get a lot more respect. Even if Chandler 1.0 never sees the light of day, it’s already made major contributions to the python community.

Proprietary software has a definite lifespan: once a company has stopped developing and supporting it, that’s the end. For the company, value is localized and non-transferable in the closed source code base. The business model of selling software depends on this. Once the company kills off the product, the value more or less disappears. You can still use it, of course, but it will decrease in value as similar, hopefully better products appear on the market.

The value of open source software, on the other hand, isn’t limited to its immediate use. Even if an application is no longer actively used and maintained, the code can spark ideas, be used to fork a new project, serve as a lesson in design, etc. Its value can be perpetually renewed by virtue of the fact that it circulates in different ways. If it’s large enough, like Chandler or Zope, it can spawn mini-projects, components, and libraries for reuse.

Years ago, I wrote a Java version of a napster server. Just for fun. It was called jnerve, and I released the code as open source. I tried to get people to host it and use it, but opennap, the C implementation, was naturally faster, more efficient, and more mature. jnerve seemed like a dead end, so I stopped working on it. There were some cool architectural bits to it that were interesting to write, but I regarded the project as a failure.

Months later at a conference, I got a demo CD of some new peer-to-peer file sharing software. (“P2P” was all the rage then.) When I ran it, I was astounded to see a copyright message with my name on it. They had used my code as the basis for their commercial product! The code was able to live on in a different form. I’m not sure it was actually legal, given that jnerve was GPL, but I didn’t care enough to pursue the matter.

Like every website that deals with traffic spikes, the one I’m working on these days does a lot of caching. This past week I’ve spent a lot of time reviewing the caching code as well as tuning the database, to get the site working efficiently on a newly upgraded virtual private server.

The following occurred to me: as wonderful and necessary as caching is, it’s fundamentally a workaround. The core problem is having insufficient resources. Given enough CPU and memory, you wouldn’t ever need to cache. It’s when those resources are insufficient for a particular traffic load that caching becomes immensely helpful. That’s why it’s a workaround: it practically addresses the problem, but it doesn’t really solve it. And it’s not a perfect solution: simple caching mechanisms usually introduce a lag time in the currency of content.

Why does this matter? Because caching shouldn’t substitute for efficient code. That is, uncached operations should still try to make the best use of resources as possible. Otherwise, caching turns into a panacea, luring you into a false sense of security about how well the guts of the application really perform. Ideally, caching should always be added as an afterthought on top of already well abstracted code.

Tim Bray makes this prediction about PHP for 2008:

PHP will remain popular but its growth will slow, as people get nervous about its maintainability and security stories.

I share Tim’s love/hate relationship with PHP. It’s definitely a powerful and easy language. But,

… speaking as an actual computer programmer, I really dislike PHP. I find it ugly and un-modular and there’s something about it that encourages people to write horrible code. We’re talking serious maintainability pain.

I’m seeing this right now in some code I’ve recently taken over. The previous programmer was quite skilled and did a great job, but it’s clear there are some areas he had to write quickly and hack together. The flip side of PHP’s ease of use is that sloppiness accumulates very quickly when you’re doing things in a hurry. To some extent, that’s an unavoidable aspect of a growing codebase. But there’s also specific things about PHP itself that foster disorganization and unmaintainability:

* The lack of namespaces. This makes it hard to quickly locate a function or class definition. Classes can be used as namespaces, but that’s a hack, and leads to ugly un-OOPish uses of classes. PHP could really benefit from packages or modules.

* While PHP5 has vastly improved its object functionality, it often feels like the developer culture remains mired in a function-oriented paradigm. PHP’s relative ease of use and wide availability on commodity webhosting has produced a huge pool of developers whose skills are pretty wide-ranging. The low end of that tends towards hacky, function-oriented code that simply “gets the job done.” I’d like to see more thoughtful discussion on PHP sites and forums about object design and philosophy, about when to use functions and classes, and about how to mix them up harmoniously.

* Having a library of thousands of built-in functions in a global namespace with little rhyme or reason to their naming doesn’t exactly provide a great model of maintainability.

* extract() should die. Die, die, die.

* There’s not much agreement about OOP performance: some insist that heavy usage of some OOP features slows PHP down a lot, so you should avoid them whenever possible. Which not only is plain dumb but leads to deliberately confusing and half-assed uses of OOP in the name of better performance.

Maintainability is a matter of discipline, since you can write sloppy code in any language. That aside, PHP does make it extra hard to keep things orderly. I think CakePHP is a step in the right direction, though if you’re going to use a strict MVC architecture, you might as well dump PHP and just go with Ruby on Rails or Python.

One of the better things I’ve stumbled across this past year is Larry Lessig’s talk, How creativity is being strangled by the law.

The piece makes his usual argument that copyright law stifles innovation in the age of new media. Most striking to me, though, was the part where he uses the phrase “amateur culture.” He explains, “…I don’t mean amateurish culture, I mean culture where people produce for the love of what they’re doing and not for the money.” He uses the term to describe the activity of “kids” (?) creating their own remixes from existing media.

I can remember another amateur culture that’s now largely disappeared. Back in my teens, modem-based bulletin board systems (BBSes) fostered a rich “read-write” culture for amateur programmers. Most of us did not work in technology; after all, the commercial Internet hadn’t been born yet, so the computing industry was much smaller and more obscure. A career as a programmer seemed like a mysterious and rarefied thing to me back then. The coders you met on BBSes were often people who simply liked to do programming in their spare time.

These systems allowed us to circulate public domain source code for fun games and useful applications written in BASIC, Pascal, C, even assembler. We hacked on existing code to get it to do what we wanted, trying to figure out ways to push the limits of our little 8086 processors and 640K of RAM. We mingled regardless of our level of knowledge, beginners and experts alike. We had friendly user meetings in diners in Brooklyn and Manhattan (I lived in NY at the time), where we chatted about home-grown upgrades and discussed how to link up to the nation-wide discussion networks that existed then.

It was amateur culture at its best: lots of exchange, circulation, and cooperation happened all the time. But it was definitely not amateurish. Many were extremely capable and knowledgeable coders.

Today, there are still people who code just because they enjoy it, but the amateur culture and its community hardly exist anymore. Beginners on web forums are more interested in what they need to know in order to land a job, rather than in coding itself. Even open source projects tend to be dominated by career professionals; read any public mailing list and you’ll see how unhelpful they often are to amateurs who want to get involved. One reason I like python is that the project makes a genuine effort to connect to the sensibilities of amateurs. But even its forums are littered with snarky individuals.

All of this is largely due, I think, to the ideology of professionalism, which convinces us that having a stable career is the pinnacle of achievement. It damagingly equates amateurs with dilettantes. That’s why one of the first things we ask in this country when meeting a stranger is, “So what do you do?” By which we really mean, “Tell me what you do for a living so I can know who you are and whether you’re worth talking to.”

In 2008, I resolve to be more wary of this ideology and its negative effects. I want to embrace being an amateur in the various things that I do. I want to think less about careers and focus more on how to best spend my time doing what’s important to me. And I want to find more amateurs to hang out with as well.

Today a blogger named Damon Poole wrote a short post titled, “Designing Software is the same as Predicting the Future.” It resonates with my post from a while back on whether “software engineering” is the right metaphor for writing code.

The essential problem of coding is to deal with the unknown as best you can. Software is made to solve a problem, but the more unique the problem, the more difficult it is to draw upon existing knowledge to create good solutions. Unknowns force you to make guesses. Educated guesses, hopefully, but guesses nonetheless.

This is why I’m in the camp of those who believe that creating software is an art. It’s an endeavor that wrestles with the unknown. This artistry is highest when you find yourself asking, “How do I do X?” and there don’t seem to be any pre-packaged answers you can look up in a textbook or simply google.

Paradoxically, once the software is written and refined, the unknowns are removed from the picture. Art largely disappears once the pure functionalism of operational software emerges. I think this is why many good programmers have short attention spans, get bored, and tend to jump from project to project. They crave the excitement and gratification of facing the unknown. But this is always ultimately ephemeral.

I’ve been stumbling across criticisms of the un-RESTful design of Amazon’s new SimpleDB service. Worth reading in particular is a piece by someone named Subbu Allamaraju, who seems both smart and accomplished. He did a quick rewrite of the API in his post, A RESTful version of Amazon’s SimpleDB. It’s a great example of how clean URLs can be when a bit of thought is put into them.

And people should also read it to clear up a popular misunderstanding about REST. I’ve already given it away in my title: HTTP + XML do not a RESTful interface make.

As Roy Fielding’s dissertation chapter lays it out, a REST architecture should follow the abstraction of “resources” from the “connectors” that perform operations on them. The HTTP protocol happens to be able to do this nicely: URLs refer to resources and the GET/POST/PUT/DELETE methods manipulate them. However, this isn’t inherent or automatic: you have to use its vocabulary properly. SimpleDB is a perfect example: it violates the principle that resource identification and operations should be separate. The API embeds operations in URLs.

So yes, it uses HTTP and XML. But no, those things alone don’t make it truly RESTful.

REST is certainly a huge step forward in enforcing cleaner abstractions, though in Amazon’s defense, it’s obvious why they choose to design their API the way they did. The URLs for SimpleDB have the same structure as those in ECS; consistency was probably the goal. So yes, it’s a conservative move that forward-thinking coders are turning their noses up at, but it’s also one for which existing developers will probably be grateful. Rant all you want about the evils of non-idempotent GET requests… for Amazon’s customers, the old API style feels familiar, and means one less new thing to get used to, or to learn.

I’m convinced that cellular phone companies keep dark basement cubicles full of evil marketing gnomes whose sole job is dreaming up ways to confuse and frustrate customers.

I thought it’d be cool to use my phone for browsing those new fangled web pages designed for mobile, and to be able to check my email. Having no idea how to go about this, I dug into the incredibly twisted world of marketing lingo, misdirection, and bad technological practices of T-Mobile.

Part 1: T-Zones(tm) Means Fun!

First, I went to the T-Mobile website and looked at their Services & Accessories page. Something called T-Zones(tm) is featured in a large box. What is it?

“The place to buy services—on your phone or on the Web. Check out all the fun and useful things available at t-zones.”

Okay. It has an icon that says “Web & Apps,” which sounds promising. Except… in a smaller box separate from T-Zones(tm), there’s also a list of “Other Services” that includes “Internet & E-mail Services.” What’s the difference? Well, obviously, T-Zones(tm) is “fun and useful” (trademarks will do that sometimes) whereas the other service isn’t.

Fine, I’ll bite. What does T-Zones(tm) Web & Apps give me?

E-mail on the go
Keep in touch while you’re out of the house. E-mail service lets you use your phone or other T-Mobile device to access personal e-mail from a variety of common providers so you’re never out of the loop.
[...]
Choose when and where you Web
Just $5.99 per month gives you unlimited access to mobile Web destinations and great capabilities—like reading, editing, and sending e-mail directly from your phone.

Sounds good, aside from the minor fact that web is not a verb. But how is it different from Internet & E-Mail Services? Well, the latter seems to be only for BlackBerry, Sidekick, and Smartphones. I consider my phone to be pretty snazzy, but I don’t know if it’s a Smartphone. How can I tell?

Luckily, there’s an FAQ on the side that tries to help out with this. Sort of.

Do I need a special phone to get Internet access?
Most phones can display text-only Internet by using T-MobileWeb service. To find a phone with a full Web browser, go to the Phones page and check the T-Mobile Internet check box.

Holy crap, that’s confusing. Checking off the T-Mobile Internet box doesn’t really show me Internet-capable phones, it shows phones with a FULL Web browser. “Most” phones are already capable of text-only Internet. Thanks for making that crystal clear!

Part 2: Wrestling with the phone

It would appear, then, that T-Zones(tm) is the right choice for my Nokia 6086. Which, incidentally, is NOT a Smartphone, after all. I do want “unlimited access to mobile Web destinations.” And if T-Zones(tm) makes it fun and useful, so much the better.

Frankly, the T-Zones(tm) menu item has always scared me. I didn’t know what it did, and it terrified me to think that I might click something by accident and discover a $1000 charge on my next bill. But this time, I clicked it. It brought up a little screen that sort of resembled a web page. I could navigate, just like using a regular web browser on a PC, to a screen that let me turn on T-Zones(tm) service for $5.99/month.

I suddenly understood. The T-Zones(tm) item is a simple mostly-text web browser. That’s all.

Which suits me fine. I can get the basic information I want, and I don’t really need the bells and whistles of a fancier phone with better browsing capabilities. On the other hand, I want to make the most of what the device can do. Googling around, I found that there’s a better browser, Opera Mini, that’s available for this phone. Why not try it out?

I transferred it successfully, but when I ran it, it showed the message: “Application access set to not allowed.”

It reminds me of that old passive voice trick, “War has been declared.” By whom, damnit?! Just who is it exactly who won’t allow this application to run? I want some answers.

Part 3: The mystery of T-Zones(tm) solved

Under the Option menu for the Opera Mini application, there’s an item called “App. access.” It’s what you’d use to grant permission to use the network. That’s a pretty good idea, since you don’t want applications secretly doing undesirable things on your phone. They’re written in Java, using a mobile API that has a strong security model built-in.

But on my phone, “App. access” is greyed out, disabled.

More Googling revealed that so-called unbranded Nokia 6086 phones let you adjust this setting, and Opera Mini works on them. But T-Mobile’s phones have that option deliberately disabled. Other users have reported this same problem with other applications that use the network as well.

So I can’t give Opera Mini permission to use the network, because the phone’s software has been crippled (a sadly un-P.C. word choice that’s stuck). By who? T-Mobile, that’s who.

What does this tell us about T-Zones(tm)? From what I can tell, and I might be wrong, both T-Zones(tm) and the more expensive Total Internet plan give you unlimited web access. The phones make the difference: lower-end consumers are forced to use the stock browser on crippled phones, while the more expensive service and application options are offered to users with high-end phones. This, in spite of the fact that your humble little phone might very well be capable of running applications that access the web. Definitely not very fun or useful.

It’d be like selling 2 models of Ferrari with the exact same engine, but one is capped at 50mph in the systems software. It’s capable of going faster, but it’s limited for no reason other than to encourage you to buy the faster, more expensive one. Which also happens to have a sunroof.

It’s fair to pay for a service, like network usage. It’s fair to pay for a device. But it’s bad business and bad technology to artificially disable goods simply to differentiate a product line. I don’t know how other T-Mobile customers feel, or if most of them even know about this aspect of their business, but to me, it’s downright insulting.

It always feels very rewarding when my coding-related problems have happy outcomes. A few small but cool things that have happened recently:

A while ago, I discovered an issue with the way the cherrypy web server resolves “localhost” to an IP6 address on some operating systems. The cherrypy folks actually listened to my suggestion and made a helpful change.

It looks like one person has already benefited from the tiny patch I created for a feedparser issue last week.

When I couldn’t get SQLAlchemy’s “pool_recycle” option to properly close and re-open inactive connections, the estimable Michael Bayer took a minute out of his busy life to explain what I had missed, for which I was extremely grateful. (One of these days, I need to write about a post about how truly amazing SQLAlchemy is.)

Open source projects create the opportunities for good things to happen. Most of the time. (Or maybe it’s just the python projects.)

I discovered an issue this morning in the excellent feedparser module.

feedparser (aka Universal Feed Parser) has a reputation in the python community for being an incredible piece of code. With good reason: it understands a mind-boggling array of feed formats and versions, and it’s been put through the paces with a suite of 3262 unit tests. Mark Pilgrim’s terrific work has saved me (and many others, no doubt) months of toil and sweat.

The issue has to do with encountering multiple “title” tags defined in different XML namespaces. A dc:title or media:title tag, if it is encountered anywhere after a regular RSS title tag, will overwrite it. Several other people have actually already documented this in the bug tracking system.

It’s unclear how much work is actively being done with feedparser these days, so I reluctantly dived into the module to try to see what was going on. A little over an hour later, with almost no pain, I found myself with a patch that passed the test suite. I’d love to say it was due to my incredible coding prowess, but really, the code is just amazingly clean and easy to understand. That’s how fixing bugs should be.

The patch is here if anyone wants it.