I use lately Sublime Text a lot, both at work and at home, where it's curious that even for languages that I have better tools available and installed (C#/ASP.NET, Powershell...) I usually use Sublime too instead (because is faster and I don't need to compile nor debug). Also, at work my colleages have activated Hound to get GitHub comment
floodings coding style violations and, as you get one comment per broken rule, some pull requests become really hard to code review.
So, in order to prevent hound bites (and learn in a more confortable way what rules I should follow), I checked and fought a bit with Sublime plugins to setup the same rules that Hound uses for Ruby code (Rubocop gem) and have them inside my IDE. If you want to have realtime coding style checks inside Sublime 3, you need this:
Just take into account to leave the Rubocop rules file named as .rubocop.yml at the project's base folder, because SublimeLinter-Rubocop doesn't allows to specify another name/path. Also restart the IDE after installing everything.
It is fun that at 2005 we had nice aggregated CI reports that you could also concatenate and send via a single email (or check online at your CI server) but at 2015 receiving literally 50 emails after creating a pull request seems good by a continuous integration tool maker... ¯_(ツ)_/¯
Note: All of this engines require the original game data files as they are work based on reverse engineering of the game binaries but all content must be installed by you. You can find most games quite cheap at either Steam or Good Old Games.
I love videogames, but lately I'm noticing that out of the dozens of monthly releases, as much as one title per month is appealing to me. While this is good for my lack of time, it also means that with some exceptions, I'd sometimes rather play an old videogame instead of the latest triple-A. But, as Windows evolves compatibility breaks, and regarding old videogames many times the only available trick is to fallback to DosBox. You setup everything, launch it... and notice that playing Dungeon Keeper at 320x240 was acceptable back then but now feels way too low for a strategy game.
Ohh, nostalgia, always tricking our mind into feeling that old games were superb and awesome, but also forgetting that UIs were more ankward, resolution was pretty low, and games had also bugs (although not so many as today constantly-patching madness) and severe limitations. Thankfully, there is an answer for this wish of "playing old videogames fixing old times annoyances": Fan-made game engine recreations. Crazy developers that rebuild the game internals either as a multiplatform game (Windows/Linux/Mac) or at least compatible with the latest Windows versions (still a great achievement considering that many were made for MS-DOS), but usually also offering higher resolutions, working online multiplayer, tons of bugfixes and usually also some tweaks or improvements over the original.
Here is a small alphabetical list of 12 classic games that I love playing with custom engines because they recreate quite well the experience or when they enhance it, it really is for good.
I probably have missed some others, but I think with all excepting FreeSynd I have finished the full campaign/history at least once so they indeed work.
There's been quite some talk about how Windows 10 upon install by default sends lots of mostly private stuff to Microsoft. Sure, it can turned on "just not using express settings", but we all now many people are lazy and install without reading, so this was done on purpose (else everything would be opt-in).
After the initial install, people realized the operating system kept bleeding data to the outside, so I did a quick test. I opened Task Manager, the Performance tab and there it was having a high activity peak when I wasn't doing anything. To avoid a false positive I ordered processes by network %... and I had the Search "app" sending 2.3MB of data... when I had disabled everything I could at setup (plus later on the Privacy settings).
Checking the App History tab I got this nice two "rogue leakers", two applications I hadn't even launched once in my few weeks using the new OS:
Somebody please tell me why the Store has to grab so much data when I haven't even setup a Microsoft account (I use a local one), or why if I have never searched anything it was sending/receiving MBs. Searching for a more complete list of Windows 10 privacy fixes I found this nice guide, but as I never use Bing and similar MS-only services, I did some network sniffing to see what other places my PC is still "calling".
This are the domains I've ended up blocking (redirecting to 127.0.0.1 from the hosts file is the best stopper) based on articles read and my own Wiresharking experience:
I also disabled ssw.live.com but then I had issues updating Windows Defender so I guess it either controls WD definition files or the whole Windows Update and I unblocked it.
I really like Windows 10 after suffering Windows 8 and using Windows 8.1 (although I'm sticking to Windows 7 for the gaming PC), but sadly it seems the privacy invasion era has jumped from mobile phone operating systems to desktop ones. It's still a better battleground to fight from (Firewalls, hosts file, 3rd party apps/tweaks...) but still another war to fight at.
PS: I've read as much as possible to take away FUD from reality, and while some options have been explained, not all questions have been answered.
PS 2: If I come with additional things to disable or domains to block I'll update the post to reflect it.
Reading a Dilbert's book I found this really funny comic strip about remote work and personal well-being:
Until half a year ago I didn't do much remote working, mostly because previous jobs didn't allowed me to and I wasn't so eager to try it. But past months things have changed and now I really appreciate it as a way to improve concentration and squeeze more from time the day for other tasks (mostly as I save on commuting). But, there is one thing where at meast I have to be careful now: ergonomic and proper sitting position.
I sometimes tend to cross my legs, other times to curve my back, and sometimes I get wrist pain (not strong, but enough to annoy)... so I've been improving my home working area as now I work an average of two days per week from home. This is the setup I currently have:
An old, grey and white IKEA Fredrik work table with up to two optional shelves above it, plus cable cord "rail" and a keyboard handle. It is wide and big enough for my laptop, monitor, a study area (for books, writing...) and even a PS3. The cable holder rail is so nice to avoid having tons of cables laying under the desk. It is also high, so with a small box below (with drawers to store things inside) I have the monitor at the correct height to always look upfront and not lower the head.
A decent (but not expensive) chair, with a net-like back so that my body can "breathe", and of course armrests, to keep the arms in proper angle. I modified the keyboard handle of the table to be at the proper height so my arms form a proper 90º angle. A SteelCase or similar brand might be awesome, but they are so expensive that while I can find cheaper alternatives I'll stick to them.
A 24" 1920x1200 monitor. People go a bit crazy IMO and maybe for a designer 27" or 30" are nice, but at least I don't need so many inches. I have a 30" monitor but after some daily use I moved it permanently to being my gaming PC screen and instead use something smaller but good enough display for my daily tasks. I'd love to have one that rotates to portait mode (so nice for coding, I had one like that at a previous job) but while this one works I won't change it. 2 Monitors might also be interesting but I'd need a dell docking base and my table is not huge, plus I'm so used to alt-tabbing that I don't need them.
I use an ergonomic keyboard for everything except gaming. I have two Microsoft Natural Keyboard 4000, one at home and one at work, but recently I switched (at home) to the newer and smaller Microsoft Sculpt Ergonomic, because I get more free space from the (separate) numeric keyboard segment and it is great, with soft keypresses and definetly a good improvement. Ah, it is in english, I'd rather learn where are the ñ and accents when I need to write in Spanish but enjoy the quicker code writing of a UK layout (I've never used a US layout but as anyway would be harder to get from Spain, I directly don't care).
I recently tried and now use a footrest platform. I bought a Kensington Solemate Plus because is cheap but allows to adjust the inclination and height, plus the feet don't slip.
As I play videogames, ages ago when I bought my gaming PC I did it with a good laser gaming mouse, a Razer Diamondback. After serving me for around 4 years, I decided to buy another one for the gaming rig and I've been using this one for coding for around anoher 4 years. It is very precise and my hand doesn't gets tired of using it, so I'll probably keep it until breaks. Probably any ergonomic mouse will do, but I'd go for a mid-high gaming one as usually are the best ones.
For a distant future, I'd have to test a standing desk, but I don't see where I could setup one at home so for the time being is on hold.
Add to the list a good illumination, quiet environment and now that I have air conditioning nice temperature even in the summer, and the truth is I feel really comfortable working from home. Any additional suggestions, ideas or elements you'd add?
As lately is happening to me a lot, Ruby ecosystem has lots of tutorials and guides that range from beginner to intermediate, but lacks more advanced topics. Recently I had to implement a security feature that surprisingly wasn't present at Rails: Session invalidation when you change your password.
Many sites, CartoDB included, use Rails CookieStore, which is just cookie based session handling: You securely serialize and deserialize session data (usually the user identifier) and avoid storing sessions serverside. Really cool in theory but has a flaw: If there is no serverside session management, how do I signal a password change so the other cookies with my session for example at other browsers become invalid?
Reading the official Ruby on Rails Security Guide I hoped to find the answer, but no, instead it lists lots of security hardening points, but just recommends to make your session expire, use a general secret_key (but changing it would invalidate all sessions, not just a given user ones) and in the end to go for database-based session handling for proper security. Well, I agree it is better, but sometimes you cannot adopt some changes as easy as they seem, so... what about improving CookieStore?
First I went deep, checking CookieStore and its "mixin parent" AbstractStore source codes. They just wrap actual session handling on storing at a cookie, but the parent had an interesting method, generate_sid (session Id). Maybe if I could change the generation of the session would be enough... so I also checked Rack::Session::Abstract::ID, the parent of all stores. I did some tests inheriting from CookieStore (as I don't fancy monkey patching even if Rack's code suggests it) but quickly I found that when you are generating a sid, really you don't have context of "users".. and you shouldn't, because this is really inside. This is for people desiring to modify the session id generation algorithm, or the actual storage of session data.
So, I went up, because over Rails we use Warden to ease all authentication (we have user/pass, API key, OAuth...). Digging into its wiki I found that you can have more session data than just the user id that you deserialize into a full User object upon retrieving an existing session. But that example wasn't enough, as it only worked playing with default session scopes. We use scope-based sessions because our usernames are unique and cannot be repeated, so for example I can have a session cookie with the scope "kartones" and another with the scope "test" (or different roles, or other ideas you might have).
Cheking more about Warden, I found some interesting callbacks, but again the examples were silly and not too useful, so as usually happens with Ruby, it is better to again check the source code to see the internals. And inside hooks.rb I found the answer, in the documentation block of after_set_user. There, I could filter to handling authentications and store additional session data at Warden initializer file... something that if your password changes changes too, e.g.:
Warden::Manager.after_set_user except: :fetch do |user, auth, opts|
auth.session(opts[:scope])[:sec_token] = Digest::SHA1.hexdigest(user.crypted_password)
Now, editing the traditional Rails base ApplicationController I can add some methods to handle this additiona data:
warden.session(user.username)[:sec_token] = Digest::SHA1.hexdigest(user.crypted_password)
warden.session(user.username)[:sec_token] == Digest::SHA1.hexdigest(user.crypted_password)
def validate_session(user = current_user, reset_session_on_error = true)
reset_session if reset_session_on_error
And then just add the new logic to the authentication endpoints, for example:
is_auth = authenticated?(CartoDB.extract_subdomain(request))
is_auth ? validate_session(current_user) : not_authorized
Now it would only remain to call update_session_security_token upon a password change, and all other cookie sessions will become invalid.
Why this is not an option either at Rails or Warden, I don't know, but I couldn't find a single tutorial, post or message detailing all this info, so let's hope this post helps fix that.