If you need to have an tag be dynamic (in this case, I wanted to reference my weather station graphs from Weather Underground and ensure I had "today's" graph without updating the HTML by hand), then this is the way to do it. I made it more verbose just for illustration, but you can reduce the code-size dramatically if that's important to you.

The "trick" is to just use an <img> tag with a unique id and then add some javascript right after it (or via one of your favorite libraries such as jQuery) that used the DOM-maniuplation javascript functionality to change the src attribute to the text of where you want it to come from. In this case, I have it dynamically updating the year, month and day in the URL for the Weather Underground images.

While it is easy to use Activity Monitor to see whether a running app is 32-bit or 64-bit (sample), it would be even more useful to see this information from the command-line. This post shows you how to combine a bit of rudimentary Python code and correct ps command-line options to see the "bitness" of your running apps.

Executing ps in Terminal.app will show you processes that you own and adding some command-line options: ps -Al, you can get tons of information about each process. In this case, I've asked the ps command to show me all processes and include a decent number of output fields, including one we now really care about, the "flags" field (sample output). "Flags" will end in a "4" (sample Terminal output) if the app is 64-bit, otherwise it ends with a zero.

By saving this script:

as something like "psbit.py" and executing it from the command line with either "32" or "64" as a parameter (it defaults to 64), you will see a list of apps with path names that meet the opted criteria.

When I run it, my system shows 24 active 32-bit processes out of 81 total processes. Good progress, but I shall not rest until I see it be all 64-bit!

When passing data to a web site, especially via "GET" requests (e.g. calling + stringWithContentsOfURL:encoding:error:) it's important to ensure content is properly escaped. This is also true on the iPhone when you are attempting to use a "mailto:" URL to invoke the native e-mail client from your app.

One obvious way to do this is by calling NSString's "- (NSString *)stringByAddingPercentEscapesUsingEncoding:(NSStringEncoding)encoding" method. While this does a good job, it is not perfect and will miss things like "/", which may make some web services cry. The best way to do this encoding is to use:

CFStringRef CFURLCreateStringByAddingPercentEscapes (
   CFAllocatorRef allocator,
   CFStringRef originalString,
   CFStringRef charactersToLeaveUnescaped,
   CFStringRef legalURLCharactersToBeEscaped,
   CFStringEncoding encoding
);

This method lets you specify what you want encoded and what you want left raw. I threw together a really quick sample command line tool to show you the difference. Here are the salient lies:

NSString *url = @"<b>some HTML content</b> <a href=\"http://theresurgence.com/search/node/bible\">study materials</a>" ;

NSLog(@"Original text: [%@]", url) ;

NSLog(@"NSString percent escapes: [%@]",
      [ url stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]) ;

NSLog(@"CFURL percent escapes: [%@]",
      CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault,
          (CFStringRef)url, NULL, CFSTR("!*'();:@&=+$,/?%#[]"), kCFStringEncodingUTF8));

And, here is the output:

Original text: [<b>some HTML content</b> <a href="http://theresurgence.com/search/node/bible">study materials</a>]
NSString percent escapes: [%3Cb%3Esome%20HTML%20content%3C/b%3E%20%3Ca%20href=%22http://theresurgence.com/search/node/bible%22%3Estudy%20materials%3C/a%3E]
CFURL percent escapes: [%3Cb%3Esome%20HTML%20content%3C%2Fb%3E%20%3Ca%20href%3D%22http%3A%2F%2Ftheresurgence.com%2Fsearch%2Fnode%2Fbible%22%3Estudy%20materials%3C%2Fa%3E]

Big difference without tons of additional code. Plus, you can use CFURLCreateStringByReplacingPercentEscapesUsingEncoding just as easily to unescape any string.

Cocoa is cool and Objective-C is a great language, but I like/prefer Python and the PyObjC bridge makes my life easier and programming actually interesting/fun for me.

This Xcode project is an example of how easy it is to create useful custom views in PyObjC with an example of a graph view that displays a circular queue/buffer. Everything is done starting with an Xcode project which is available for download (76KB compressed archive) and modification. Here is a preview of what you can use out of the box:

The easiest and smallest part of the project is the RingBuffer class that implements a very simple circular queue/buffer and provides direct access to the list that stores the information:

#
# RingBuffer.py

class RingBuffer:

    def __init__(self, size):
        """ init with # of elements in the queue """
        self.data = [ None for i in xrange(size)  ]

    def append(self, x):
        """ take away one and put one in """
        self.data.pop(0)
        self.data.append(x)

    def get(self):
        """ return the list so we can manipulate it """
        return self.data

There's not a lot of rocket science there, but it's amazing how much code you can eliminate by taking advantage of Python's inherent capabilities. In this case, list initialization is a breeze and removal/insertion of new elements could not be easier.

Next up is the CBGraphView class itself:

If you are interested in purchasing Base to aid your development projects (it is a front-end for SQLite3 database design), you must remove the ".xml" extension on the license file (Base_License.baselicense.xml) Menial sends to you in order for the app to recognize it.

I realize this applies to a very small subset of folks out there (most of whom probably figured this out as quickly as I did), but if this post helps out even one person, it was worth the entry time.

Dropbox is a great way to share items between team or project members and can also help you keep your data synchronized across multiple systems (and web-accessible). It is very fast, especially if files are deleted inadvertently and restored due the use of a cache.

Hidden in your home directory (/Users/username/) is a directory named .dropbox where the application keeps a database of your account configuration (encrypted) and what should be synchronized to your local Dropbox folder. There is also a ~/.dropbox/cache directory which can get huge. Since Dropbox has yet to add cache management to the agent application, you will need to manually clear this out if you want to free up space on your hard drive.

Enter: Dropbox Cache Cleaner. This simple Dashboard Widget lets you see how big your Dropbox cache is and then gives you the option to clear it all away.

While this has worked very well for me, your mileage may vary. If it fries your local Dropbox or interferes with future Dropbox functionality, I take no responsibility.

Drop a note in the comments if you found it useful or if you have suggestions for how to improve the widget. Once Dropbox adds proper cache management tools to their app, I will cease updates.

from objc import YES, NO, IBOutlet, IBAction
from Foundation import *
from AppKit import *

'''
a great deal of work is done in the nib/xib file.
it has the window and button and the menu that is set as 
the status item. each menu item is wired either to a method
below or one in the first responder.
'''

class xAppDelegate(NSObject):

    statusBar = None   # holds our NSStatusBar
    mStatusMenu = None # we store our status bar menu item here
    mbImage = None     # the image that will be our initial status item
    redImage = None    # an alternate status item
    
    statusSub = objc.IBOutlet()    # the menu that will be attached to the status bar item
    prefsWindow = objc.IBOutlet()  # the mock "prefs" window
    button = objc.IBOutlet()       # button in the mock "prefs" window that will turn status item red
    
    
    # show "preferences" - called from menu item
    
    @IBAction
    def editPreferences_(self, sender):
        self.prefsWindow.makeKeyAndOrderFront_(sender)
        NSLog("Editing Preferences")

    # returns our status bar icon to the starting image
    
    @IBAction
    def makeItNormal_(self, sender):
        self.mStatusMenu.setImage_(self.mbImage)
        NSLog("making it normal")

    # turns our status bar icon to all red - called from button press
    
    @IBAction
    def makeItRed_(self, sender):
        self.mStatusMenu.setImage_(self.redImage)
        NSLog("making it normal")
        
    # when we load the nib, get the images as well

    def awakeFromNib(self):
        self.mbImage = NSImage.imageNamed_("image.jpg")
        self.redImage = NSImage.imageNamed_("red.jpg")

    # we wired up the "Quit" item in our status bar menu to "terminate:" in the first responder
    # this gets called when we really are going down
        
    def applicationWillTerminate_(self, notification):
        NSLog("We're going down")

    # when the app instantiates our class, set the menu bar
    
    def applicationDidFinishLaunching_(self, sender):

        statusBar = NSStatusBar.systemStatusBar() # grabs the system status bar

        # we may change the status bar item to a larger image, so variable length
        
        self.mStatusMenu = statusBar.statusItemWithLength_(NSVariableStatusItemLength)
        self.mStatusMenu.setImage_(self.mbImage) # set the initial image
        self.mStatusMenu.setHighlightMode_(True) # we want visual feedback when clicked
        #self.mStatusMenu.setTitle_("Status Menu") # if you uncomment this, you get a "word" menu vs image menu

        self.mStatusMenu.setMenu_(self.statusSub) # sets the menu from the NIB

Not to be counted among the slackers, ActiveState busts out the Christmas presents early with a discount on their pro bundles and a 5.10 Perl release for all the major platforms.

Well done and good news for those that need a supported version of the best scripting language out there (sorry Python, PHP & Lua, Perl still rocks).

Microsoft updated their sold, free guide to developing secure software. They discuss generic topics that apply to all development:

• Integrating security into the SDLC
• Security engineering objectives
• Web app security design guidelines
• Threat modeling (tho i'm not crazy about that term)
• Security architecture & deisgn reviews
• Security code reviews
• Security devlelopment reviews

and also provide some specific guidance, checklists and information on Microsoft technologies.

A must-read for all developers.

Saw this O'Reilly Perl 5.10 post via slashdot (see, they're still relevant!) and made my way to Strawberry Perl which ultimately got me to here and here.

From the wiki:

The purpose of Vanilla Perl is to provide a series of releases that are as close as possible to the core Perl distribution, and containing *only* the minimum changes and additions required to get installation of XS modules from CPAN.

In addition to the modules in Vanilla Perl, Strawberry will also include the entire dependency tree for Bundle::CPAN, as well as a targeted set of upgraded versions of dual CPAN/core modules that have win32-specific fixes.

Thankfully OS X users already have the chocolate flavored version (mmmm...Cocoa).

Everyone join me in wishisg Perl a happy 10th birthday! You can read more about the new features here.

I'm liking the given-when statement, function state variables and the fact that kill -9 works correctly in Windows.

(Maybe we'll see Perl 6 in 2008)

Apple updated Java on OS X today (they updated Quicktime and GarageBand as well). Unfortunately, we're not getting Java 6 yet, just performance and bug fixes.

From Software Update:

Java for Mac OS X 10.4, Release 6 delivers improved reliability and compatibility for Java 2 Platform Standard Edition 5.0 and Java 1.4 on Mac OS X 10.4.10 and later. This release updates J2SE 5.0 to version 1.5.0_13 and Java 1.4 to version 1.4.2_16.

For more details on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=307051

As of the time this was posted, the details link did not work, but the update installs without a hitch.

UPDATE: A different link http://docs.info.apple.com/article.html?artnum=307177 now provides information on the security content and it's significant! Test & update as soon as possible (though Leopard is fairly patched already w/r/t these vulns)!

• CVE-ID: CVE-2007-5862

  Available for: Mac OS X v10.4.10 and later, Mac OS X Server v10.4.10 and later

  Impact: A malicious webpage can remove or insert items in the keychain

  Description: An access check may be bypassed for Keychain updates. A specially crafted Java applet may be able to add or remove items from a user's Keychain, without prompting the user. This update addresses the issue through an improved access check. This issue does not affect systems running Mac OS X v10.5 and later. Credit to Bruno Harbulot of the University of Manchester for reporting this issue.

• CVE-ID: CVE-2006-4339, CVE-2006-6731, CVE-2006-6736, CVE-2006-6745, CVE-2007-0243, CVE-2007-2435, CVE-2007-3004, CVE-2007-3005, CVE-2007-3504, CVE-2007-3698, CVE-2007-3922, CVE-2007-4381, CVE-2007-5232

  Available for: Mac OS X v10.4.10 and later, Mac OS X Server v10.4.10 and later

  Impact: Multiple vulnerabilities exist in Java 1.4

  Description: Multiple vulnerabilities exist in Java 1.4, the most serious of which may lead to arbitrary code execution and privilege escalation. These are addressed by updating Java 1.4 to version 1.4.2_16. These issues are already addressed in systems running Mac OS X v10.5 and later.

• CVE-ID: CVE-2006-4339, CVE-2006-6731, CVE-2006-6745, CVE-2007-0243, CVE-2007-2435, CVE-2007-2788, CVE-2007-2789, CVE-2007-3004, CVE-2007-3005, CVE-2007-3503, CVE-2007-3504, CVE-2007-3655, CVE-2007-3698, CVE-2007-3922, CVE-2007-4381, CVE-2007-5232

  Available for: Mac OS X v10.4.10 and later, Mac OS X Server v10.4.10 and later

  Impact: Multiple vulnerabilities exist in J2SE 5.0

  Description: Multiple vulnerabilities exist in J2SE 5.0, the most serious of which may lead to arbitrary code execution and privilege escalation. These are addressed by updating J2SE 5.0 to version 1.5.0_13. These issues are already addressed in systems running Mac OS X v10.5 and later.

In just one article (his annual State of the Onion), Larry Wall gives the reader a full introduction to programming languages, compiler design and explains the current state of programming and scripting with elegance and style. It's the data equivalent of at least two college courses.

I'm now, dare I say, almost excited about Perl 6, despite having been osmosing Python over the past couple of years and Lua more recently. If sufficient work is done to provide the hooks into Apple's new Scripting Bridge feature of Leopard, it would make Perl the killer development tool for OS X as well.

Great little script here for using the MetaMark URL shortening service in conjunction with Quicksilver.

Some enhancements...

For FireFox users, replace the Safari-laden AppleScript lines with:

applescript = '''tell application "Firefox"
	set ff to properties of front window as list
	get item 3 of ff
end tell'''

For those who also cannot partake of system beeps for notification upon shortening completion here's a Growl replacement for the end beeping:

popen('growlnotify -n "surl" -m "URL Shortened\n' + url + ' :: ' + shortURL + '"') ;

(that requires installing the growlnotify support - which you probably did if you're a Growl user - and having "/usr/local/bin in the appropriate path (you can just pre-pend that onto the growlnotify command just to be sure.

PowerShell was a huge improvement over CMD.EXE and the features in 2.0 seem to provide even more functionality. Not enough hours in the day to look at all of these shiny new toys...

Windows PowerShell : The Community Technology Preview (CTP) of Windows PowerShell 2.0: "This CTP release helps developers to more easily layer their runtime or GUI on top of PowerShell, leveraging its cmdlets and remoting infrastructure.  It includes APIs to create and use a pool of Runspaces (engines) to run cmdlets.  This release also presents very early looks at Restricted Runspaces (the ability to declare a script, cmdlet or variable public or private) and the Graphical PowerShell (a script editor and a Unicode-enabled console).  These are just a few of the new features I think are interesting in Windows PowerShell 2.0 CTP.  Additionally this CTP includes some simple updates... like new parameters to select-string (Context, AllMatches, NotMatch and Encoding) and new operators like –split and -join!"

No doubt some moron will require license codes to have an ESRB rating now...

Rogue Amoeba - Under The Microscope: "One of the professional hazards of being a programmer is the cold sweat which comes when you suddenly realize that some code you've written has a terrible bug. It's worse when you realize that the bug has already been there for months.

The cold-sweat moment came the other day as I was entering a license key into a copy of Fission. The way some of the letters lined up almost looked like a word, how funny. Hey, you could even get a whole license code made up of four-letter words. Four. letter. words"

(Via Daring Fireball.)