Tag Archives: ruby

AWS Lambda 支援 Ruby 2.5 以及其他語言

AWS 宣佈 Lambda 支援 Ruby 2.5:「AWS Lambda Supports Ruby」。

另外宣佈可以透過 Layer 的方式讓任何程式語言在上面跑 (前面提到的 Ruby 看起來就是用這個方式支援的):「New for AWS Lambda – Use Any Programming Language and Share Common Components」。

The Runtime API is the future of how we’ll support new languages in Lambda. For example, this is how we built support for the Ruby language.

CodeDeploy 的 codedeploy-agent 總算支援 Ubuntu 18.04 的環境了...

先前在『在 AWSUG Taiwan 上講的「用 AWS CodeDeploy 解決程式佈署」』這邊有分享過 CodeDeployUbuntu 18.04codedeploy-agent 會認為系統內建的 rubycodedeploy-agent 不支援的版本:「Support for ruby 2.5 (Ubuntu 18.04) · Issue #158 · aws/aws-codedeploy-agent」。

剛剛總算看到修正後的版本被推出去了:

這樣就不需要自己修正惡搞了...

ORM 常見的效能問題

在「How not to structure your database-backed web applications: a study of performance bugs in the wild」這邊看到的,裡面提到的論文是以 Rails 的 ActiveRecord 分析,不過概念上還算通用...

重點在最後一張 (Table 7 那張):

看一下在腦裡留個印象,之後遇到的時候至少大概知道怎麼查...

Ruby 2.4 中 Hash Table 的效能改善

前幾天 Ruby 推出了 2.4.0 (Ruby 2.4.0 Released),其中特別被拿出來提的:「Introduce hash table improvement (by Vladimir Makarov)」。

討論串很長而且歷時很久,但可以看出來方向是提高 CPU cache 效率:

Modern processors have several levels of cache. Usually,the CPU reads one or a few lines of the cache from memory (or another level of cache). So CPU is much faster at reading data stored close to each other. The current implementation of Ruby hash tables does not fit well to modern processor cache organization, which requires better data locality for faster program speed.

中間還有拿 Redmine 當作測試項目... XD

Ruby 上使用 DynamoDB 的函式庫:aws-record

AWS 正式發表了在 Ruby 上使用 DynamoDB 的 library:「Announcing General Availability of aws-record」。

GitHub 連結在「aws/aws-sdk-ruby-record」,而 Ruby Gems 的連結在「aws-record」。

這樣用起來更簡單了...

在 Python 的 pip、Nodejs 的 npm、Ruby 的 RubyGems 上面放木馬研究?

在 Python 領域裡常用 pip 安裝軟體:

$ pip install reqeusts

或是:

$ sudo pip install reqeusts

其他的平台也大致類似於這樣的動作。而在「Typosquatting programming language package managers」這篇文章裡,作者用 typo 之類的方式列出可能的名稱,像是這樣的名稱:

$ sudo pip install reqeusts

然後在這三個平台上發動攻擊,上傳了數百個套件並且觀察:

All in all, I created over 200 such packages and equipped them with a small program and uploaded them over the course of several months. The idea is to add some code to the packages that is executed whenever the package is downloaded with the installing user rights.

而這是「成果」:

MIT 開發出靜態分析工具,找出 23 個 RoR 軟體未被發現的漏洞

MIT 弄出來的新玩意,靜態分析工具叫做 Space:「New MIT Scanner Finds Web App Flaws in a Minute」,MIT 官方的報導在「Patching up Web applications」這邊:

In tests on 50 popular Web applications written using Ruby on Rails, the system found 23 previously undiagnosed security flaws, and it took no more than 64 seconds to analyze any given program.

接下來就是什麼時候會放出來了...

Terminal 下操作 VMware 的 vSphere

Twitter 上看到 zmx 提到:

其中 Ruby vSphere Console (rvc) 被標成 deprecated:

Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.

Python vSphere Client with a dialog(1) interface (pvc) 看起來比較新:

不過我自己測試後發現死在 SSL certificate 上,之後再來研究要怎麼閃開吧...

Square 放出的 git-fastclone

Square 放出 git-fastclone:「Introducing git fastclone」,會生出這個軟體的原因是 git clone 的速度太慢,對於 CI 的速度影響頗大:

Square uses git-fastclone as part of our iOS and hardware CI systems. Being able to quickly clone into an empty directory, saves us time and ensures we always know the starting state for our builds — no matter what has happened in previous builds. This in turn increases the reliability of the system overall and benefits our engineers.

Ruby 寫的,可以用 gem install git-fastclone 直接安裝起來。

Ruby 2.2.0:放假前的新版本

Ruby 2.2.0 在假期前釋出:「Ruby 2.2.0 Released」。

在「Notable Changes since 2.1」的部份有提到新的 GC algorithm (Incremental GC) 以及讓 Symbol 可以被 GC (Symbol GC),而且提到了 Rails 5.0 會受益於此:

Recent developments mentioned on the Rails blog suggest that Rails 5.0 will take advantage of Incremental GC as well as Symbol GC.

在 Rails 這邊的說明:

Rails 5.0 will target Ruby 2.2+ exclusively. There are a bunch of optimizations coming in Ruby 2.2 that are going to be very nice, but most importantly for Rails, symbols are going to be garbage collected.