comments suggest edit

A year ago on this day, I wrote a blog post about the demise of NDoc and issued a challenge for users of Open Source Software to contribute to their favorite projects.

So I offer the following challenge. First, ask yourself these two questions:
  1. How much money do I save because of Open Source Software?
  2. Considering how many people spend three bucks for a useless ring tone, is a single dollar too much to contribute to a useful Open Source project?

So let’s ban together and declare today, July 26, 2006, Contribute To Open Source Day.

In looking back at my original challenge, I now believe the emphasis I placed on monetary contribution to be slightly misguided. While I agree to that monetary contributions are helpful for infrastructure support costs (hosting websites, build servers etc…), there are many other means of contributing that are even more valuable, if you have the time. Money is just the easiest way to contribute.

Consider the following options…

  1. Contribute a bug fix
  2. Help verify bug reports
  3. Submit a unit test to help provide code coverage
  4. Test
  5. Write documentation
  6. Submit feature requests
  7. Help answer questions in the forums
  8. Tell the developers how much you appreciate the product

I think #8 is often lost in the shuffle. I’m quick to submit a bug report, but I forget to tell the developers of a fine product such as WinMerge how much I appreciate the product.

There are many projects that could use your help. For example, Andrew Stopford just announced a request for developers willing to help MbUnit out. What a great opportunity to work on some really cool code.

Subtext is always looking for contributors, especially now that my commit frequency is down due to my wonderful newborn son. We could use new blood to help pick up the slack until my son cuts his teeth (once he has them) on C# and ASP.NET (or perhaps IronRuby by then).

So again, please consider contributing to Open Source today in whatever way, shape, or form you see fit. This is not a plea to guilt you into it. Rather, consider this a friendly reminder for those of you who would do so anyways, but forget to due to busyness, like myself.

comments suggest edit

Microsoft just unveiled a new web property intended to clarify its position on Open Source as well as provide a one-stop location to find out what Microsoft is doing in the Open Source space.

Despite all the (perhaps well deserved) criticism of how Microsoft has not supported Open Source in the past, I think the behemoth is slowly starting to get it. Or at least groups within Microsoft are starting to see that if they don’t embrace Open Source, Microsoft will get left behind, much like they did for a while with the web revolution. Embracing Open Source makes good long term business sense for Microsoft.

As a big company, Microsoft moves slowly, but there are concrete signs of progress.

  • The Ms-PL License (Microsoft Permissive License)
  • The introduction of CodePlex
  • Port25, the Open Source Software Lab (ugly site, but chock full of info)
  • Sam Ramji, whose official title is Director of Platform Technology Strategy but is for all intents and purposes, the Director of Open Source at Microsoft and heads the Open Source Lab there.
  • Garret Serack who holds the title Open Source Community Lead at Microsoft.
  • And various informal shows of support.

Sure, there is much more to do and I’m sure many will remain skeptical and wary of Microsoft’s slow movement into this area. However, I see the signs of progress and believe there will be bigger things to come.

asp.net comments suggest edit

ELMAH, which stands for Error Logging Modules and Handlers for ASP.NET, is an open source project which makes it easy to log and view unhandled exceptions via its pluggable architecture.

elmah

Having been around a while, a lot has already been written on it so I won’t rehash all that information. For more details, you can read the following:

All you need to know for the purposes of this post is that ELMAH is implemented as two key components:

  • An HTTP Module Used To Log Exceptions
  • An HTTP Handler for viewing Exceptions

In the sample web.config file that is included with the ELMAH download, the HTTP handler is configured like so:

<httpHandlers>
  <add verb="POST,GET,HEAD" path="elmah.axd" 
    type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>

This allows you to view the error log from the URL http://your-site/elmah.axd. There’s one big problem with this…you do not want to deploy this to your production site.

This would allow any joker with a browser to view your exceptions and potentially gain information that would allow someone to hack your site.

Personally, I think that the sample web.config should have elmah.axd be secured by default. It’s quite easy to do. Here’s what I did:

First, I changed the HttpHandler section to look like this:

<httpHandlers>
  <add verb="POST,GET,HEAD" path="/admin/elmah.axd" 
    type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>

Notice that all I did was add admin to the path attribute.

I then added the following location element to my web.config.

<!-- Deny unauthenticated users to see the elmah.axd -->
<location path="admin">
  <system.web>
    <authorization>
      <deny users="?"/>
    </authorization>
  </system.web>
</location>

IMPORTANT: It’s important to note that I’m securing everything in the admin directory and that I’m making sure that elmah.axd is served from the root /admin URL. If the httpHandler “path” element was just “admin/elmah.axd” or “elmah.axd” I could inadverdently expose Elmah information.

Troy Hunt has a great write-up of the perils of getting ELMAH configuration wrong. In his post he shows a more robust way to secure elmah.axd. Put the httpHandlers section within the location section.

<location path="elmah.axd">
  <system.web>
    <httpHandlers>
      <add verb="POST,GET,HEAD" path="elmah.axd" 
        type="Elmah.ErrorLogPageFactory, Elmah" />
    </httpHandlers>
    <authorization>
      <allow roles="Admin" />
      <deny users="*" />
    </authorization>
  </system.web>
  <system.webServer>
    <handlers>
      <add name="Elmah" path="elmah.axd" verb="POST,GET,HEAD"
        type="Elmah.ErrorLogPageFactory, Elmah"
        preCondition="integratedMode" />
    </handlers>
  </system.webServer>
</location>

To demonstrate this in action, I’ve created a solution containing a Web Application project with ELMAH and authentication fully implemented.

The point of this sample app is to demonstrate how to set this all up. So for example, the login page has a button to auto-log you in. In the real world, you’d probably use a real login form. You can also change the authentication from Forms authentication to Windows authentication depending on your needs. That might make sense in many scenarios.

The app demonstrates in principle how to setup and secure the elmah.axd page. If you have SQL Express installed, you should be able to compile and run the demo without any extra steps to see ELMAH in action.

[Download the demo]

comments suggest edit

A little while back Scott Watermasysk, preparing for the arrival of his first child, asked for advice on finding a really good compact digital camera.

Funny how having a kid turns a geek’s thought to getting that perfect camera to capture the moment. It was exactly what I did (but after Cody was born) when my wife and I purchased a Canon PowerShot SD850 IS Digital ELPH for Father’s day.

The image
“http://ec1.images-amazon.com/images/I/41HO%2Bdjnm8L._AA280_.jpg”
cannot be displayed, because it contains
errors.Yeah, that’s a bit of a mouthful for a camera name, but the two letters that were important to me were I and Swhich stands for Image Stabilization.

The SD850 combines that with a sensitivity range up to ISO 1600 for better photos in low light, a real problem area with my previous camera due to its suckiness and my incredibly shaky hands. Seriously, you don’t want me doing surgery on you.

833729001_7c7808a0c5The other key features I was looking for was small in size (3.6 x 1 x 2.2 inches) so I can get all secret agent with it and face detection, for better portraiture.

So far, I’m very happy with it. The pictures have been very sharp with good color. I should have known to stick with the ELPH series as my first ELPH took great photos despite only being 2.2 megapixel.

This one boasts 8 megapixels (really more than I need) and 4x optical zoom. That there on the right is a picture of my son in a Brasil jersey given to him by my wife’s Brazillian coworker. Doesn’t he look sharp?

Now you know why Brazil just beat the heavily favored Argentina in the Copa America. Cody Power!

comments suggest edit

One surefire way to sound really really smart is to invoke a law or principle named after some long dead guy (an alive guy is acceptable too, but lacks slightly in smart points).

hammurapisThis realization struck me the other day while I was reading a blog post that made a reference to Postel’s law. Immediately I knew the author of this post must be a highly intelligent card carrying member of MENSA. He was probably sporting some geeky XKCD t-shirt with a lame unix joke while writing the post.

Well friends, I admit I had to look that law up, and in the process realized I could sound just as scary smart as that guy if I just made reference to every eponymous (I’ll wait while you look that one up) “law” I could find.

And as a public service, I am going to help all of you appear smart by posting my findings here! Don’t let anyone ever say I don’t try to make my readers look good. If you look good, I look good.

Make sure to invoke one of these in your next blog post and sound scary smart just like me.

Postel’s Law

The law that inspired this post…

Be conservative in what you send, liberal in what you accept.

Jon Postel originally articulated this as a principle for making TCP implementations robust. This principle is also embodied by HTML which many attribute as a cause of its success and failure, depending on who you ask.

In today’s highly charged political environment, Postel’s law is a uniter.

Parkinson’s Law

Otherwise known as the law of bureaucracy, this law states that…

Work expands so as to fill the time available for its completion.

As contrasted to Haack’s Law which states that

Work expands so as to overflow the time available and spill on the floor leaving a very sticky mess.

Pareto Principle

Also known as the 80-20 rule, the Pareto Principle states…

For many phenomena, 80% of consequences stem from 20% of the causes.

This is the principle behind the painful truth that 80% of the bugs in the code arise from 20% of the code. Likewise, 80% of the work done in a company is performed by 20% of the staff. The problem is you don’t always have a clear idea of which 20%.

Sturgeon’s Revelation

The revelation has nothing to do with seafood, as one might be mistaken to believe. Rather, it states that…

Ninety percent of everything is crud.

Sounds like Sturgeon is a conversation killer at parties. Is this a revelation because that number is so small?

The Peter Principle

One of the most depressing laws in this list, if you happen to have first-hand experience with this via working with incompetent managers.

In a hierarchy, every employee tends to rise to his level of incompetence.

Just read Dilbert (or watch The Office) to get some examples of this in action.

Hofstadter’s Law

This one is great because it is so true. I knew this law and still this post still took longer than I expected.

A task always takes longer than you expect, even when you take into account Hofstadter’s Law.

By the way, you get extra bonus points among your Mensa friends for invoking a self-referential law like this one.

Murphy’s Law

The one we all know and love.

If anything can go wrong, it will.

Speaking of which, wait one second while I backup my computer.

The developer’s response to this law should be defensive programming and the age old boy scout motto, Be Prepared.

Brook’s Law

Adding manpower to a late software project makes it later.

Named after Fred Brooks, aka, Mr. Mythical Man Month. My favorite corollary to this law is the following…

The bearing of a child takes nine months, no matter how many women are assigned.

Obviously, Brook was not a statistician.

Conway’s Law

Having nothing to do with country music, this law states…

Any piece of software reflects the organizational structure that produced it

Put another way…

If you have four groups working on a compiler, you’ll get a 4-pass compiler.

How many groups are involved in the software you are building?

Kerchkhoff’s Principle

This principle is named after a man who must be the only cryptographer ever to have five consecutive consonants in his last name.

In cryptography, a system should be secure even if everything about the system, except for a small piece of information — the key — is public knowledge.

And thus Kerchkhoff raises the banner in the fight against Security through Obscurity. This is the main principle underlying public key cryptography.

Linus’s Law

Named after Linus Torvalds, the creator of Linux, this law states…

Given enough eyeballs, allbugsare shallow.

Where you store the eyeballs is up to you.

Reed’s Law

The utility of large networks, particularly social networks, scales exponentially with the size of the network.

Keep repeating that to yourself as you continue to invite anyone and everyone to be your friend in FaceBook.

Metcalfe’s Law

In network theory, the value of a system grows as approximately the square of the number of users of the system.

I wonder if Reed and Metcalfe hung out at the same pubs.

Moore’s Law

Probably the most famous law in computing, this law states…

The power of computers per unit cost doubles every 24 month.

The more popular and well known version of Moore’s law states…

The number of transistors on an integrated circuit will double in about 18 months.

And we’ve been racing to keep up ever since.

Rock’s Law

I was unable to find Paper’s Corollary, nor Scissor’s Lemma, so we’re left with only Rock’s law which states…

The cost of a semiconductor chip fabrication plant doubles every four years.

Buy yours now while prices are still low.

Wirth’s law

Software gets slower faster than hardware gets faster.

Ha! Take that Moore’s Law!

Zawinski’s Law

This law addresses software bloat and states…

Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can.

I hear that the next version of calc.exe is going to include the ability to read email. A more modern formulation of this law should replace email with RSS.

Fitt’s Law

This is a law related to usability which states…

Time = a + b log~2~ ( D / S + 1 )

Or in plain English,

The time to acquire a target is a function of the distance to and the size of the target.

A well known application of this law is placing the Start menu in the bottom left corner, thus making the target very large since the corner is constrained by the left and bottom edges of the screen.

Hick’s Law

Has nothing to do with people with bad mullets. I swear. Related to Fitt’s law, it states that…

The time to make a decision is a function of the possible choices he or she has.

Or in plain math,

Time = b log~2~(n + 1)

Seems to me this is also a function of the number of people making the decision, like when you and your coworkers are trying to figure out where to have lunch.

comments suggest edit

Have you ever wanted to take a look at the internals of the .NET Framework? Sure you can (and should) fire up Reflector and see the Base Class Libraries, but what about the fully commented source code? What about the parts implemented in C++?

A while back, Microsoft released the Shared Source Common Language Infrastructure (aka the SSCLI aka Rotor). This is a fully working implementation of the ECMA CLI standard and ECMA C# language specification. So it’s not quite the entire framework, but it is still quite a bit of code.

Traditionally, to look at this code you would download the compressed archive and play around with it locally.

Development-CostBut if you want to just quickly browse the code, you can view all of its nearly three million lines of code on its project page on Koders.com.

Wouldn’t it be fun to compare that development cost estimate with the real number? I doubt Microsoft is interested in disclosing that information.

To search within this project, you just need to set the search scope.

For example, here are the search results for DateTime and here is the page with the DateTime implementation complete with comments.

Koders - datetime.cs - Windows Internet
Explorer

Other Great Projects to Look At

I mentioned a couple of great projects to look at over on the Koders blog, but here are some other great projects of interest to me now included in the Source Code Index.

  • DotNetNuke
    • One of the largest open source projects on the .NET Framework.
  • Subsonic
    • Some think this project should be called Sublime for how it brings fun back to ASP.NET development.
  • Subtext
    • Of course I’m going to mention this!
  • PSP Development Tools
    • Because we all want to write the next great game for the Play Station Portable.

subtext, blogging comments suggest edit

When summer arrives, many like to create a new look via a haircut or new threads. I prefer to change the look of my blog with a new design.

This here design took all of four hours to complete.

haacked-3.0-design

Well that’s not exactly true.

It took all of four hours of my time to complete (give or take a few).

You can probably see where I’m going with this if you’re one of the many to have read The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich recently. Wondering what all the buzz was about I decided to go ahead and purchase the book to see for myself.

What I expected was yet another time management book dispensing tired advice on how to get more done in less time. Instead, the focus of this book, written by Tim Ferriss is all about being more effective with your time by cutting out the cruft. Don’t do more in less time, do less (more effectively) in less time.

In many respects, Tim is savage about cutting out time wasters in your life such as email and reading the newspaper. He’s also a big fan of mini-retirements and outsourcing your personal life. This book is not about time management, it’s really about lifestyle management.

The outsourcing theme is one that particularly resonates with me. When I first graduated from college, I used to always take my clothes to a fluff and fold. Some friends told me I should do it myself since it would “build character”. So would milking cows to gather my own milk, but nobody faults me for picking up milk from Trader Joes. I figured I’d rather spend that time playing soccer, so I would drop off the dirty clothes before soccer and pick up the clean, dry, and folded clothes right after. It felt like a perfect trade.

Fast forward and upon reading this book it occurred to me that I spend a lot of time doing things I either don’t like to do, or things I like to do but suck at. For example, I spent a lot of time trying to redesign my blog to create a unique and polished look, only to come up short. I realized I should look around for a designer interested in getting his own name out there that might give me a discount for a design in exchange for the promotion. This would allow me to spend that time building a strength of mine rather than banging my head against a weakness.

So after browsing various blog design sites I happened to stumble upon Scott Carnett over in Abilene, TX. After pitching him the idea, he was on board and excited to work on the design. I only found out after we started that he’s a Java developer by day and design is a little side thing he’s into. I had it in my head that he was full-time freelancer.

Not that any of that matters. I am very pleased with the design he has created and recommend him highly if you’re looking for a bit of design work. He was extremely pleasant to work with and provided a quick turnaround. I have a few other ideas for the future that I may collaborate with him on.

comments suggest edit

sf-cca-vote A little while ago I pleaded with my readers to nominate Subtext for a SourceForge Community Choice Award.

The good news is that it worked! Subtext is one of the finalists for a Community Choice Award in two categories:

  • Best Project for Communications: The best project for talking to your friends or sharing information. Other nominees include - Miranda, Pidgin, and FileZilla.\
  • Most Collaborative Project: The project most likely to accept your patches and value your input. Other nominees include - Azureus, XOOPS, and Zimbra.

That’s some heady competition we’re up against.

As far as I know, Subtext is one of only two .NET projects to be nominated overall, the other being a corporate sponsored application (not that there’s anything wrong with that).

Why Am I Politicking This?

So here’s the deal. Competitions like this are not about choosing the actual best project. There’s just no way that there are developers out there who have worked on every project in these categories and knows for a fact that Subtext communicates with its users better than FileZilla (we do).

I am fully aware that this is purely a popularity contest. Heck, I voted for 7-Zip in almost every category because of how useful I find it, not because I know for a fact that it has the Best Technical Design (it probably does).

As I just wrote, I think that despite the short rift that .NET gets in the broader Open Source Community, it is a great platform for Open Source development.

If you agree, please vote for Subtext and spread the word. I think it’d be neat to have a .NET project (especially one that starts with an “S”) as a community choice winner. Voting ends on July 20^th^. Thanks!

comments suggest edit

I have a confession.

I am an Open Source developer and my platform of choice is the .NET framework by Microsoft. Not only that, I actually believe it is a good thing to support Open Source projects in the Microsoft ecosystem.

Yeah, really. In response to this tidbit, I have heard and am bracing to hear replies such as…

Why would you do that (support Open Source on Microsoft)?

Or

It can’t be Open Source if it’s on the Microsoft platform.

One rationale given is that it ain’t really Open Source unless the entire stack is Open Source. I call this the all or nothing view of Open Source.

the-stack

For example, one popular stack is the LAMP stack. That typically stands for Linux, Apache, MySql, and PHP, each of which are Open Source systems.

Interestingly enough though, the stack appears to end with the software layer. For example, proprietary hardware running the LAMP stack does not invalidate the Open Sourceness of the stack.

In contrast, I have the vacation view of Open Source. While I would love to be on vacation all the time, I’m pragmatic and I’ll take as much as I can get. Some vacation is better than no vacation.

Think About The Developers

Besides, why should PHP scripters have all the fun? There are legions of developers gainfully and productively employed writing software using .NET. Why shouldn’t they get to experience some of the benefits of using Open Source software?

So what if their stack is proprietary. Is it so wrong that these developers are more productive because of tools like Log4Net? Don’t they deserve a bit of Open Source spice in their lives?

But You Lose Out On Freedom!

There are as many flavors of Open Source as there are “developers!” in a Ballmer speech. But what they all share in common is some level of Freedom. In general, the freedom to view and change the code.

The only difference is really in the level of freedom and how that freedom should apply. I wrote before in my guide to Open Source Licensing that with some licenses such as the GPL, the freedom of access to the code is paramount. Any code that makes use of the GPL must itself be Open Source and licensed in a compatible fashion as the GPL.

Whereas with licenses such as the new BSD or MIT license, the freedom of the user of the code is paramount. There are pretty much no restrictions to using the code, even within proprietary systems.

Despite these philosophical differences, most reasonable people agree that they both constitute subsets of Open Source software.

I Have Freedom Where I Most Need It

The stack that I use with Subtext might be called WISC which consists of Windows, IIS, SQL Server, and C#. It sounds like a board game that Elmer Fudd might play on the weekends. Pretty much every layer of that stack is proprietary software. This is where the vacation view comes into play.

On this stack, I’ll never be able to view the Windows source and recompile it with a bug fix. But in truth, I’ll probably never have the need (nor capability) to do so. Often, the part I do need to change on a day to day basis is much higher up the stack. It’s the stuff that more directly applies to my business needs. It’s software like Lucene.NET that I’m more likely going to tweak and build a business on top of it.

This isn’t to say I wouldn’t mind being able to view the source for Windows, but it’s a balancing act. On the one hand, I like Open Source software. On the other hand, I like to feed my family by being productively employed and the Microsoft platform is great for being employed. Sure there are plenty of PHP and Ruby jobs, but I honestly really like writing C# code and the tools available to do so.

Only A Moron Thinks It’s An OxyMoron

In the end, I hold firmly to the belief that .NET is a viable platform for Open Source software. It might not meet everyone’s expectations for what Open Source is supposed to be, but it’s a good thing to many people and it is here to stay.

If you don’t believe me, just look at the list of projects mentioned in the comments to this CodingHorror post. You’ll see that Open Source in the Microsoft Ecosystem is more than just viable, it’s thriving and deserves to be recognized.

comments suggest edit

microsoft-mvpI received an email today informing me that I’ve been awarded the status of Microsoft MVP in the Visual Developer - ASP/ASP.NET category. I was aiming for an MVP for non-visual developers, but my 57 Lynx readers didn’t have enough clout to make that happen.

What does it mean to be a Microsoft MVP? I’m not really fully sure yet. You can read the official blurb about the program here.

In general I think it means I get to use the above logo on my blog and may start blogging about the problems with the MVP program and how the standards aren’t what they used to be now that they let the riff-raff in.

Remember kids. Riff-raff are the people they let into an organization after you’ve been admitted.

In all seriousness though, I appreciate the honor and want to thank Rob Conery for initially nominating me and K. Scott Allen for also nominating me later.

comments suggest edit

Last year when all the hubbub surrounding NDoc was happening, I tried to rally people around the idea of a Contribute to Open Source day on July 26^th^.

Why July 26?

Because I happened to write that post on that day.

coding-horror-official-logo-smallIn any case, it looks like Christmas will come early for some lucky open source projects. Jeff Atwood of CodingHorror fame is teaming up with Microsoft to donate $10,000 in support of open source .NET projects.

Go and nominate the open source project you find most useful in his comments.

What has spurred this recent largesse? Jeff is finally accepting a modest advertisement on his blog which will bring in enough revenue to help give back to the open source community. The hope is to help remedy the fact that…

open source projects are treated as second-class citizens in the Microsoft ecosystem

In the same manner that open source projects themselves are community led initiatives, it’s great to see other initiatives like this sprout from the community. While we may clamor for Microsoft to take a more active role in fostering OSS in the Microsoft ecosystem, we don’t have to wait around and do nothing in the meantime. We can take the lead like these other initiatives.

The good news is that Microsoft is showing itself to be supportive of such initiatives not only in spirit, but also financially.

code comments suggest edit

Update: For an interesting counterpoint to the myth of the 10x engineer, check out this blog post by Shanley. My post is more focused on what makes a good developer than the 10x myth.

In the The Mythical Man-Month, Fred Brooks highlights an eye opening disparity in productivity between good and poor programmers (emphasis mine).

Programming managers have long recognized wide productivity variations between good programmers and poor ones. But the actual measured magnitudes have astounded all of us. In one of their studies, Sackman, Erickson, and Grant were measuring performance of a group of experienced programmers. Within just this group the ratios between the best and worst performances averaged about 10:1 on productivity measurements and an amazing 5:1 on program speed and space measurements!

Tortoise and Hare:
http://users.cwnet.com/xephyr/rich/dzone/hoozoo/toby.html

Robert Glass cites research that puts this disparity even higher in his book Facts and Fallacies of Software Engineering.

The best programmers are up to 28 times better than the worst programmers, according to “individual differences” research. Given that their pay is never commensurate, they are the biggest bargains in the software field.

In other words, the best developers are generally underpaid and the worst developers overpaid.

But don’t leave your job just yet. This is not to say that there should be a 1 to 1 correlation between productivity and pay. People should be paid by the value they bring and productivity is only part of the value proposition, albeit a big part of it. Even so, we’d expect to see some amount of correlation in pay with such a drastic productivity difference. But in general, we don’t. Why is that?

It’s because most managers don’t believe this productivity disparity despite repeated verification by multiple studies. Why should they let facts get in the way of their beliefs? That would only mean the factonistas have won.

Kidding aside, why is this productivity difference so hard to believe? Allow me to put words in the mouth of a straw-man manager.

Well how in the world can one developer write code 28 times faster than another developer?

This sort of thinking represents a common fallacy when it comes to measuring developer productivity. Productivity is not about the lines of code. A huge steaming pile of code that doesn’t get the job done is not productive. There are many aspects to developer productivity, but they all fall under one main principle (borrowing a term from the finance industry), TCO.

TCO - Total Cost Of Ownership.

In general, I’ve tried to always hire the best developers I can find. But I’ve made mistakes before. Yes, even me.

One situation that comes to mind was with a developer I had hired (under a lot of pressure to staff up I might add) at a former company. I handed off a project to this erstwhile coworker to take over. A few days go by and I don’t hear anything from the guy, so I assume things are humming along nicely.

Fast forward another few days and I swing by to see how it’s going and the developer tells me he doesn’t understand a few requirements and has been spinning his wheels trying to figure it out this whole time.

Good Developers take Ownership so You Don’t Have To

This is one of the first ways that good developers are more productive than average developers. They take ownership of a project. Rather than spend a week spinning wheels because they don’t understand a requirement, a good developer will go and grab the decision maker and squeeze out some clarity.

Likewise, a good developer doesn’t require you to prod them every few moments to make sure they are progressing. If they get overly stuck on a problem, they’ll come to you or their coworkers and resolve the problem.

A developer who can write code fast, but doesn’t take ownership of their projects is not very productive because they end up wasting yourtime.

Good Developers Write Code With Less Bugs

I once worked with a developer who was praised by my boss for being extremely fast at writing code. He sure was fast! He was also fast at introducing bugs into code. His code was sloppy and hard to understand.

The key measure that wasn’t figured into his productivity measurement was the amount of productivity lost by the QA team attempting to reproduce bugs introduced by his code, along with the time spent fixing those bugs by this developer or other developers.

Everyone focused on his time to “completion”, but not on the total cost of ownership of that code. Code is not complete when a developer says it is complete. That is not the time to stop the stopwatch. It’s when QA has had its say that you can put the stopwatch away for the moment.

As I like to say, productivity is not about speed. It’s about velocity. You can be fast, but if you’re going in the wrong direction, you’re not helping anyone.

Good Developers Write Maintainable Code

Hand in hand with writing less bugs is writing understandable maintainable code. As soon as a line of code is laid on the screen, you’re in maintenance mode on that piece of code.

Code that is brittle and difficult to change wastes hours and hours of developer cycles when trying to amend a system with updates and new features. By writing maintainable code, a good developer can make these changes more quickly and also improves the productivity of his or her team members who later have to work on such code.

Good Developers Do More With Less Code

Another hallmark of a good developer is that they know when not to write code. As a friend always tells me

Why build what you can buy? Why buy what you can borrow? Why borrow what you can steal?

With a few exceptions, the NIH (Not Invented Here) syndrome is a pathological productivity killer. I’ve seen developers start out to write their own form validation framework until I point out that there is already one built in to ASP.NET that does the job (It’s not perfect, but it’s better than the one I saw being written).

All of that time spent reinventing the wheel is wasted because someone else has already written that code for you. And in many cases, did a better job as it was their only focus. In such a situation, finding an existing library that gets the job done can provide a huge productivity boost.

The caveat in this case is to be careful to avoid non-extensible and rigid 3rd party libraries, especially for very specialized requirements. You might a lot of time trying to fit a round peg in a square box.

Even when you must invent here, good developers tend to write less (but still readable) code that does more. For example, rather than build a state machine to parse out text from a big string, a good developer might use a regular expression (ok, some will say that a regex is not readable. Still more readable than hundreds of lines of text parsing code).

Back to TCO

Each of these characteristics I’ve listed keeps the total cost of ownership of a good developer low. Please don’t let the term ownership distract you. What I mean here is the cost to the company for having such a developer on the payroll.

By writing less code that does more, and by writing maintainable code that has fewer bugs, a good developer takes pressure off of the QA staff, coworkers, and management, increasing productivity for everyone around. This is why numbers such as 28 times productivity are possible and might even seem low when you look at the big picture.

Hopefully seeing this perspective will convince managers that good developers really are as productive as the studies show. Negotiating a 28x pay increase on the other hand, is an exercise left to the reader.

comments suggest edit

Subtext Submarine
LogoSubtext 2.0 is progressing nicely. The plug-in architecture is pretty much feature complete. The code is still undergoing code review, testing, and tweaking, but it is possible to start building plug-ins for it right away with the understanding that some details might change.

In order to provide a repository of plug-ins as well as documentation, we’ve setup a site, http://subtextplugins.com/ with all that information.

Simone has been busy documenting plug-ins:

Let us know if you have any improvements to the documentation.

Skins!

Simon Philp has taken it upon himself to help provide more extensive documentation (thanks Simon!) on how to create a skin for Subtext with his article, Create your first Subtext skin Part 1.

While we have plans to improve the skin engine in the future, this documentation will be relevant for a good while. Simon plans to add a few more parts to cover all the nuances of building a nice skin.

The Next Release

I had hoped that 2.0 would be our next release, but several Subtext devs (not just myself) are experiencing interesting events in our personal lives that have slowed things down slightly.

Our plan now is to merge a few bug fixes into the 1.9 branch and release 1.9.6 in the near future. It will contain a couple of new features that have been in high demand, but mostly just bug fixes. I’ll talk more about that later. Steve Harman is in charge of putting this release together.

comments suggest edit

Steve Harman posts a request to nominate Subtext for a SourceForge 2007 Community Choice Award.

The SourceForge.net team is proud to present our second annual Community Choice Awards. Winners are selected by community members like you, and it’s that time again! Cast a ballot for your favorite projects now and make your voice heard.

To nominate Subtext, just click on the badge below:

nomProj

Nominations are accepted until June 29th, at which point the projects with the most nominations become finalists. You can nominate a project once per category. The ones that I think best fits Subtext are:

  • Most Collaborative Project: The project most likely to accept your patches and value your input
  • Best Project for Communications: The best project for talking to your friends or sharing information
  • Best Project: This is the one! The all-over best project. (hey, this is a bit reaching, but it doesn’t hurt to try, no?)

If Subtext makes the finalists, then vote for us from July 9th to July 26th at the following URL:

http://sourceforge.net/community/index.php/landing-pages/cca07/

Don’t worry, if that happens, I’ll remind you. :)

We appreciate your nomination. Heck, I’ll appreciate it if you just thought about it for a moment and moved on.

comments suggest edit

A few people mentioned that they had the following compiler error when trying to compile HttpSimulator:

HttpSimulator.cs(722,38): error CS0122: ’System.Web.Configuration.IConfigMapPath’ is inaccessible due to its protection level

Well you’re not alone. Our build server is also having this same problem. Now before you curse me for releasing something that doesn’t even compile, I’d like to point out that it works on my machine.

works-on-my-machine-starburstFortunately, we have our expert build problem solver, Simone Chiaretta, to look into it.

After a bit of snooping, he discovered that the reason that it builds on my machine is that I’m running Windows Vista with IIS 7.

The System.Web assembly on Vista is slightly newer than the one on Windows 2003/XP.

  • VISTA: v2.0.50727.312
  • Windows 2003/XP: v2.0.50727.210

So there you have it. Now you finally have a good reason to upgrade to Vista. HttpSimulator to the rescue! (Sorry, I know that punchline is getting old).

I’ll see if I can create a workaround for those of you (such as our build server) not running on Vista.

asp.net, tdd comments suggest edit

Testing code written for the web is challenging. Especially code that makes use of the ASP.NET intrinsic objects such as the HttpRequest object. My goal is to make testing such code easier.

Spider Web (c) FreeFoto.com

A while ago, I wrote some code to simulate the HttpContext in order to make writing such unit tests easier. My goal wasn’t to replace web testing frameworks such as Selenium, Watin, or AspUnit. Instead, I’m a fan of the Pareto principle and I hoped to help people easily reach the 80 of the 80/20 rule before reaching out to one of these tools to cover the last mile.

I’ve spent some time since then refactoring the code and improving the API. I also implemented some features that were lacking such as being able to call MapPath and setting and getting Session and Application variables.

To that end, I introduce the HttpSimulator class. To best demonstrate how to use it, I will present some unit test code.

The following code simulates a simple GET request for the web root with the physical location c:\inetpub. The actual path passed into the simulator doesn’t matter. It’s all simulated. This tests that you can set a session variable and then retrieve it.

[Test]
public void CanGetSetSession()
{
  using (new HttpSimulator("/", @"c:\inetpub\").SimulateRequest())
  {
    HttpContext.Current.Session["Test"] = "Success";
    Assert.AreEqual("Success", HttpContext.Current.Session["Test"]);
  }
}

The following test method demonstrates two different methods for simulating a form post. The second using block shows off the fluent interface.

[Test]
public void CanSimulateFormPost()
{
  using (HttpSimulator simulator = new HttpSimulator())
  {
    NameValueCollection form = new NameValueCollection();
    form.Add("Test1", "Value1");
    form.Add("Test2", "Value2");
    simulator.SimulateRequest(new Uri("http://localhost/Test.aspx"), form);

    Assert.AreEqual("Value1", HttpContext.Current.Request.Form["Test1"]);
    Assert.AreEqual("Value2", HttpContext.Current.Request.Form["Test2"]);
  }

  using (HttpSimulator simulator = new HttpSimulator())
  {
    simulator.SetFormVariable("Test1", "Value1")
      .SetFormVariable("Test2", "Value2")
      .SimulateRequest(new Uri("http://localhost/Test.aspx"));

    Assert.AreEqual("Value1", HttpContext.Current.Request.Form["Test1"]);
    Assert.AreEqual("Value2", HttpContext.Current.Request.Form["Test2"]);
  }
}

The SimulateRequest method is always called last once you’ve set your form or query string variables and whatnot. For read and write values such as session, you can set them after the call. If you download the code, you can see other usage examples in the unit tests.

One area I’ve had a lot of success with this class is in unit testing custom HttpHandlers. I’ve also use it to test custom control rendering code and helper methods for ASP.NET.

This code can be found in the Subtext.TestLibrary project in our Subversion repository. This project contains code I’ve found useful within my unit tests such as a test SMTP server and a test Web Server using WebServer.WebDev.

To make it easy for you to start using the HttpSimulator, I’ve packaged the relevant files in a zip file including the unit tests.

I must make one confession. I originally tried to do all this by using the public APIs. Unfortunately, so many classes are internal or sealed that I had to get my hands dirty and resort to using reflection. Doing so freed me up to finally get certain features working that I could not before.

And now, for some preemptive answers to expected criticism.

​1. You shouldn’t access the HttpContext anyways. You should abstract away the HttpContext by creating your own IContext and using IoC and Dependency Injection.

You’re absolutely right. Next criticism.

​2. This isn’t “unit testing”, this is “integration testing”.

Very astute observation. Well said. Next?

​3. You’re not taking our criticisms seriously!

Au contraire! I take such criticisms very seriously. Even if you write a bunch of code to abstract away the web from your code throwing all sorts of injections and inversions at it, you still have to test your abstraction. HttpSimulator to the rescue!

Likewise, whether this is unit testing or integration testing is splitting semantic hairs. Before TDD came along, unit testing meant testing a unit of code. It usually meant walking through the code line by line and executing a single function. If you want to call these integration tests, fine. HttpSimulator to the rescue!

Not to mention that in the real world, you sometimes don’t get to write code from scratch using sound TDD principles. A lot of time you inherit legacy code and the best you can do is try to write tests after-the-fact as you go before you refactor the code. Again, HttpSimulator to the rescue!

Here is the link todownload the source files in case you missed it the first time.

comments suggest edit

What would you do if you found out that a project you were working on was going to be used in an unethical or illegal manner?

This is the sort of question that K. Scott Allen asks via a hypothetical scenario he proposes. At least I hope it’s hypothetical. Scott, is there something you want to confess? ;)

While his situation is hypothetical, I think enough time has passed for me to tell you about a real situation I had the pleasure of dealing with atVelocIT. Some of the minor details have been changed to protect the guilty.

This story starts a couple of years ago in the primordial days of VelocIT. Like many bright-eyed start-ups, spirits were high, but cash flow was low. We were hurting for more clients.

So it seemed providence smiled on us when I received an email from a former coworker who was employed by a gaming company in Las Vegas.

vegas

Because of my background in online and mobile gaming, he was interested in hiring me, via VelocIT, to help build out the back-end server infrastructure for their upcoming multi-player mobile gaming platform.

His company flies Micah Dylan (our CEO) and me out to Las Vegas where we have some meetings to go over requirements during the day. In the evening, we head out for a few (ok many) drinks and dancing at a club. He eyes a woman he goes gaga for, but won’t approach because she’s “out of my league”.

I tell him that “league” is a frame of mind and nobody is out of his league unless he believes they are. I proceed to play wingman and approach her, strike up a conversation, then conveniently introduce her to “my friend” who happened to have conveniently just returned with our drinks.

It’s client engagement management in true Vegas fashion.

At this point, I’m feeling pretty good about my sales skills and feel I did a pretty bang up job in sealing the deal. We talk a week later and this guy is dating the girl from the bar! Sure enough, he wants to work with us, but there’s this small eensy weensy tiny little problem. His budget is a fraction of our estimate.

But he has a solution!

He wants to pay us $20,000 US to have a group of Eastern Europeans do the work. To clarify I call him back and ask,

So you want to pay us to manage the offshore team? We can do that.

He clarifies. He’ll pay us $40K and we’ll turn around and hire some Eastern Europeans through him for $20K.

Uh. What happens to the other $20K?

Oh, I pocket it for being an intermediary.

Hmm….

Micah and I start brainstorming scenarios in which this could possibly be legal. We debate and debate looking for ways that this situation might be kosher. Surely there must be some way to arrange this so it is legal. Perhaps we are misunderstanding him. Nothing legitimate comes to mind. We’re in real need of a client so we have a lot of motivation to see this in some sort of positive light.

Being too close to the situation, I call my friend (and our company lawyer) Walter to provide an objective outside opinion. After I explain the situation, he points out this is a classic example of a kickback and is in no way legal nor ethical. Not even close. No amount of convoluted reasoning will take the stink of this crap. We would be helping him to steal from his own company.

While we could really use the business, Micah and I conclude that we don’t want to start our company off on the wrong foot with an illegal or unethical dealing. In fact, even if it was legal, we wanted to run our company with a higher standard than just legal. Our business is a reflection of our values and we want it to be held to the highest of ethical standards. Sure, we struggled this time. But we’d never need to struggle again by following one simple ethical rule:

If it doesn’t pass the smell test, we pass.

VelocIT has stayed true to that direction ever since. I think it is a great way to run a business.

comments suggest edit

One praiseworthy aspect of ASP.NET 2.0 is its much improved XHTML compliance. However, there is one particular implementation detail related to this that causes some web designs to break and could have been implemented in a better manner.

The detail is how ASP.NET 2.0 will wrap a DIV tag around hidden input fields. My complaint isn’t that Microsoft added this DIV wrapper, because it is needed for strict compliance. My complaint is that there is no CSS class or id on the DIV to make it easy to exclude CSS styling on it.

For example, here is a snippet from the output of a simple page.

<form name="form1" method="post" action="Default.aspx" id="form1">
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="Omitted" />
</div>

<div>
Hello World
</div>
</form>

It would have been nice if the author of this code could have simply added something like:

<div class="aspnet-generated">
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="Omitted" />
</div>

It is quite common for web designers to apply a specific style to all DIVs on a page, for example, adding a padding of 5px.

<style type="text/css">
  div {padding: 5px;}
</style>

Unfortunately, this leaves a gap where the ASP.NET generated DIV is located.

In a comment made on his blog, Scott Guthrie makes this remark on this topic:

You could modify your CSS to exclude the <div> we create by default immediately underneath the form tag.

In general I’d probably recommend having as broad a CSS rule as the one you have above - since it will effect lots of content on the page. Can you instead have it apply to a CSS class only?

Yes, you could modify the CSS to exclude the first child DIV of the FORM tag by using a child selector and a first-child pseudo class like so:

<style type="text/css">
  div {padding: 5px;}
  form>div:first-child {padding: 0; margin: 0;}        
</style>

Unfortunately, IE 6 doesn’t support child selectors nor first-child pseudo classes. Since IE 6 is still quite widely used, this is not a viable solution.

Regarding Scott’s second question, this isn’t always reasonable because many web designs apply certain styles most DIVs on a page and then exclude a few that shouldn’t have that style. In that situation, it takes more work to give every DIV a CSS class so you can apply the style to just that class. It is simpler to use an exclusionary approach in these cases. Simply apply the style to all DIVs and exclude the ones that need to be excluded.

Unfortunately, because of the way this DIV wrapper was implemented and, because of CSS non-compliance in IE 6, it’s not possible to exclude this DIV using CSS alone. It requires changing the markup.

Fortunately, there’s an easy solution with a slight change to your markup, but it requires changing your markup just a bit. Just wrap your content in a DIV with a specific ID.

<form id="form1" runat="server">
  <div id="main">
    <div>
      Hello World
    </div>
  </div>
</form>

And then style it like so.

<style type="text/css">
  div {padding: 0; margin: 0;} /* generated div */
  #main div {padding: 5px;} /* all other divs */
</style>

This is a lot easier (and higher performing) than trying to muck around with the output via the HttpResponse.Filter.

So while the solution is easy, it still bothers me that it is necessary. One main reason why is that I often get CSS designs handed to me and I have to go through and make sure to make this change appropriately. I’d rather just be able to plop a one line CSS change into every stylesheet like so:

div.aspnet-generated {padding: 0; margin: 0;}

On another note, one other interesting side-effect of this change in ASP.NET 2.0 is that many implementations for moving viewstate to the bottom of the page end up breaking XHTML compliance because they only move the input tags and not the entire DIV to the bottom.

comments suggest edit

With Father’s Day fast approaching (June 17 this year), and now that I have joined the hallowed ranks of fathers, I thought I’d have a little fun writing about something I posted on my blog two years ago, but has recently popped up on my radar.

As a fan of dark humor, I thought this was rather clever and funny at the time.

If you take a closer look at the comments, you’ll notice that there are no comments from 2005. They all start in 2007. It turns out that at that time, I didn’t have much traffic.

But recently, this post somehow found its way on StumbleUpon as well as a couple of other humor sites which drove a huge amount of traffic to my blog. The following graph shows you the number of visits per day.

Google Analytics
Bump

As you can see, I enjoyed a brief spike in traffic, but things returned pretty much to normal soon afterwards.

What’s interesting about this spike in traffic is that it follows the traffic pattern that you hear about when a site is featured prominently on Digg. In other words, what would you guess happened to the average time on my site?

google analytics average time on
site

You got it. There was a corresponding dip. Well that makes sense, there isn’t much to read so most users looked at it and moved on. Was there a corresponding drop in the number of pages per visit?

![pages] per visit](https://haacked.com/images/haacked_com/WindowsLiveWriter/MusingsonFathersDayHumor_D88B/pages-per-visit.png)

A slight dip, but not by much. Most visitors to my site view only one to two pages at most per visit.

So there you go, if you want to drive traffic to your blog two years from now, post something really really funny. But keep in mind that this traffic is not qualified traffic in that it won’t likely convert to new readers who actually enjoy the whole of your blog.

In general, I think it’s best to focus on building the type of traffic you want. But if you have something truly funny to post, do share.

Technorati tags: Humor, Fathers Day, Google Analytics

code, tdd comments suggest edit

Globe from the
stock.xchng Most of the time when I’m testing my code, I only test it using the en-US culture since, …well…, I speak English and I live in the U.S. Isn’t the U.S. the only country that matters anyway? ;)

Fortunately, there are Subtext team members living in other countries ready to smack such nonsensical thoughts from my head and keep me honest about Localization and Internationalization issues.

Simone, who is an Italian living in New Zealand, pointed out that a particular unit test that works on my machine always fails on his machine. Here’s the test.

[RowTest]
[Row("4/12/2006", "04/12/2006 00:00:00 AM")]
[Row("20070123T120102", "01/23/2007 12:01:02 PM")]
[Row("12 Apr 2006 06:59:33 GMT", "04/12/2006 06:59:33 AM")]
[Row("Wed, 12 Apr 2006 06:59:33 GMT", "04/12/2006 06:59:33 AM")]
public void CanParseUnknownFormatUTC(string received, string expected)
{
  DateTime expectedDate = DateTimeHelper.ParseUnknownFormatUTC(received);
  Assert.AreEqual(expected, expectedDate.ToString("MM/dd/yyyy HH:mm:ss tt"));
}

The method being tested simply takes in a date string in an unknown format and performs a few heuristics in order to parse the date.

The way I test this method is very U.S. centric. I call ToString() and then match it to the expected string defined in the Row attributes (I can’t use actual DateTime values in the attributes).

So for the very first row, I expect that date to match 04/12/2006 00:00:00 AM. But when Simo runs the test over there in New Zealand, he gets12/04/2006 00:00:00 a.m.

Makes you wonder how anyone over there can keep an appointment with the month and date all backwards like that. ;)

Testing In Another Culture

At this point, I start thinking of convincing my wife to take a vacation in New Zealand so I can test this method properly. Hmmm… that’s probably not going to fly, with the newborn and all.

Another option is to go into my regional settings and change my locale to test temporarily, but that sort of defeats the purpose of automated tests once I change it back. What to do?

MbUnit to the rescue!

Once again, I discover a feature I hadn’t known about in MbUnit that solves this problem (Jeff and Jon, feel free to snicker).

Looking at the MbUnit TestDecorators page, I noticed there is a [MultipleCultureAttribute] decorator! Hmmm, I bet that could end up being useful.

Unfortunately, at the time, this decorator was not documented (I’ve since documented it), so I looked up the code on Koders real quick to see the documentation and saw that I simply need to pass in a comma delimited string of cultures. This allows me to run a single test multiple times, once for each culture listed.

Here is the updated test with my code correction.

[RowTest]
[Row("4/12/2006", "04/12/2006 00:00:00 AM")]
[Row("20070123T120102", "01/23/2007 12:01:02 PM")]
[Row("12 Apr 2006 06:59:33 GMT", "04/12/2006 06:59:33 AM")]
[Row("Wed, 12 Apr 2006 06:59:33 GMT", "04/12/2006 06:59:33 AM")]
[MultipleCulture("en-US,en-NZ,it-IT")]
public void CanParseUnknownFormatUTC(string received, string expected)
{
  DateTime expectedDate = DateTimeHelper.ParseUnknownFormatUTC(received);
  Assert.AreEqual(DateTime.ParseExact(expected
    , "MM/dd/yyyy HH:mm:ss tt"
    , new CultureInfo("en-US")), expectedDate);
}

One cool note about how decorators like this work in MbUnit is the way it composes with the RowTest’s Row attributes. For example, in the above test, the test method will get called once per culture per Row for a grand total of 12 times.

So now my friends in faraway places will have the pleasure of unit tests that pass in their respective locales and I can feel like a better citizen of the world.