Miniconfs/Open Programming

From LCA2014 Delegate Wiki
Revision as of 22:12, 30 December 2013 by Christopher Neugebauer (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The Open Programming Miniconf -- a fixture for application developers attending since 2010 -- has been invited to return as part of 2014, this year, in Perth, Western Australia, on Tuesday 7 January.

We're a miniconf for people who develop applications with free & open source programming languages and tools. Our talks have a focus on sharing knowledge that makes better developers out of people who use all programming languages.

This miniconf is organised by Christopher Neugebauer.


Call for Proposals

Update: The CFP has now closed, the schedule filled. Consider presenting a lightning talk -- signups will be done on the day.

Due to the shortened timeframe for putting the programme together, we'll be holding an open-ended call for proposals. Submissions are now open, and will remain open until we've filled the programme.

We're looking for proposals for 25-minute talks, on topics that are of interest to developers who use open source tools and languages. We're welcoming to new presenters, and seasoned performers alike.

For ideas of what we've accepted in the past, see our programmes from LCA2013 and LCA2012. We'll still accept talks along any developer-related topic, even if it's not along the lines of our past talks.

Our CFP has now closed.

Useful info

Note that presenters at the miniconf will need to be registered delegates to 2014. We have access to a limited number of Monday & Tuesday tickets for accepted speakers if they can't attend the whole conference.


  • (Lunch Break at 12:30)
  • (Afternoon Tea Break at 15:10)
  • 16:40 Lightning Talks

Keeping Current: Maintaining an internal fork

EMC's Isilon division develops a product based on the FreeBSD codebase. Unfortunately our underlying version of FreeBSD got out of date. This is a brief presentation on how we set about making ourselves current again, the tools we developed to achieve it and how we're going to keep current in the future.

Benno Rice

Benno Rice is a multi-disciplinary developer with a long history in the Python and FreeBSD communities. He is the developer of the site and is currently a FreeBSD developer for EMC's Isilon Storage Division.

USB and Android

Android devices since the very first HTC Dream have contained the silicon for behaving as a USB host, enabling a phone or tablet to communicate with USB devices. It wasn't until Android 4 that the host mode APIs and hardware formed a suitable, stable pairing that enabled host apps to be written without requiring a soldering iron and rooting your phone.

This talk takes you through the process of using an Android handset as a data acquisition device, from gaining permission from the system down to building and running your own libusb based application for interfacing with a USB device not supported by the Java API.

Joel Stanley

Joel is an embedded software engineer. He spends a lot of his time writing C on systems that count their memory in killobytes and operating system is spelled while(1). He enjoys using Python to solve his problems, and wrangles Java when messing about on Android.

Developing OQGRAPH, a tool for graph based traversal of SQL data in MariaDB

The 'Social Graph' may have been popularised by Facebook, however graphs are a powerful tool for analysing many relationships. The use of computers to analyze and manipulate complex relationships extends into many fields: a family tree is a graph; a GPS map is a graph.

The most interesting information is data often stored in a relational database, such as MariaDB/MySQL. Customer records, bug reports, sports results. And SQL is generally not very good at analysing data and extracting graph data.

The OQGRAPH engine is a computation engine allowing hierarchies and more complex graph structures to be handled in a relational fashion. In a nutshell, tree structures and friend-of-a-friend style searches can now be done using standard SQL syntax, and results joined onto other tables. No SQL syntax extensions are necessary; OQGRAPH is implemented as a clean engine plugin for MariaDB 5.2 and above, loadable at runtime, and access data stored in a standard table.

After introducing some simple examples, in this talk I will show how OQGRAPH is implemented utilising the Mysql/MariaDB storage engine interface (usually used for providing difference persistence methods) and how graph traversal is implemented with the open source C++ Boost Graph Library. I will take a quick look at MTR, the automated test/regression suite accompanying MariaDB, and how this is used to verify the results of OQGRAPH; and briefly provide a few pointers on how to effectively debug storage engine code using gdb when you can't simply do a 'bre main'

Andrew McDonnell

Andrew McDonnell is a successful software engineer, having grown up hacking code since receiving his first Commodore 64 at age 12. He has significant experience programming in C++, Java and Python and a multitude of scripting languages, applying both traditional and agile methods. Outside of family and work he sometimes has time to play with his collection of 8-bit and PC/XT-vintage computers; computing and electronics has always been his passion. He intermittently maintains a blog at sometimes posting how he solved a problem in the hope it may be useful to someone else.

Transparently Programming a graph database with an Object-Graph-Mapping API

The Py2neo package provides Python bindings for the Neo4j graph database. The most innovative and transparent way of accessing the graph using py2neo is using the Object-Graph-Mapping API. By using this model, your object model and graph model are the same thing.

The speaker implemented a version of this API incorporating transactions and other extensions and will present the advantages of this API and how to use it to provide easy and transparent access to Neo4j graphs.

For example, when a program issues a query, what comes back are not Neo4j graph nodes but real Python objects - constructed according by your constructor.

This minimizes worrying about the database and lets the programmer concentrate on his object model.

This API is implemented as part of the Assimilation Project - providing innovative integrated IT discovery and monitoring.

Alan Robertson

Alan is a long time Open Source developer - having founded and led the Linux-HA project (now called Pacemaker) for 10 years. More recently he founded the groundbreaking Assimilation Project - providing zero-network-footprint IT discovery integrated with extreme scale monitoring.

Alan is a frequently requested speaker, speaking on graph databases, discovery, monitoring, high-availability and Linux at conferences all over the world.

Coming home: a return to PHP's roots

In the beginning, creating dynamic Web sites involved performing terrible tasks, such as building Web server modules, and grappling with cgi-bin, and performing sacrifices in Larry Wall’s honour.

Then there was PHP.

PHP provided a simple, not quite secure way to shuttle data between a Web site and a database. And the world was good, and many sites were created — both in PHP and other languages — to perform useful tasks such as facilitating online shopping, and connecting with high school friends, and flinging every thought into the world in 140 characters or less.

As the sites built on top of PHP and other languages evolved and grew, though, a dark cloud appeared once more on the horizon. In order to build these sites, greater scaffolding had to be used in the form of frameworks. And whilst many of these frameworks were full featured, and Web scale, and scratched itches that had never itched, an itch lingered.

That itch was the site that had been left behind by Symfony, and by Drupal, and by Zend. The small blog. The small shopfront. The one off registration form.

Frameworks help, but PHP itself provides so many of the features a framework provides. Do you need a microframework? Can you simply use PHP? Are microframeworks themselves actually all that micro? Can one slightly misguided man write his own microframework in 20* minutes on stage while touching on these issues, security, performance, and writing code that is actually maintainable?

Join me, and we shall discover the answers to these questions together.

(* I assume there will be questions. Or heckling. Either way, those spare five minutes will be required.)

Adam Harvey

Adam is a software developer who has spent most of his professional life rejecting fitting too neatly into a more specialised category in a mostly successful attempt to stave off boredom. This has taken him from developing Web sites for millions of people to developing Web sites for one person, to writing software that sits deep in embedded devices, to arguing late at night about why ++$a + $a++ is actually undefined behaviour in PHP. Nevertheless, please don't mention PL/pgSQL around him. His eye only just stopped twitching from the last time he had to work on stored procedures.

Adam is looking forward to being back in his native Western Australia mostly so that he can stave off losing his accent for another year, since it seems to make people friendlier in his adopted Vancouver.

Get your PaaS into gear

If you're a developer who would rather spend your time coding than configuring servers it's worth getting up to speed with Platform as a Service (PaaS) technology. This presentation will give an introduction to PaaS, where it fits into the cloud ecosystem and how it can make you a happier and more productive programmer. It will include a demonstration of how to get an app up and running in the cloud in a couple of minutes with Red Hat's open source PaaS, OpenShift.

Katie Miller

Katie Miller is an OpenShift Developer Advocate at Red Hat, where she tries to squeeze as many different programming languages into her workdays as possible. The former journalist loves language, whether code or copy, and will pedantically edit any text you let her touch. Katie is a Co-Founder of the Lambda Ladies group for women in functional programming and one of the organisers of the Brisbane Functional Programming Group.

The Cobblers Children Have No Shoes: Development Tools and the Unix Philosophy

The Unix philosophy teaches us that a tool should do one thing, and do it well. However, many vendors of Unix tools have convolved this single-purpose ideology to constrain tools to the command line - regardless of whether this is appropriate.

Nowhere is this more evident than in the software development tools we use on a daily basis. 22 years after the first release of Linux, and 30 years after the initiation of the GNU project -- a period that has seen massive advances in UI technology -- the state of the art development tools in Unix operate on the command line.

For some tools, this makes perfect sense. Compilers, for example, convert files from one format to another, so no user interface is really called for. However, other tools, such as debuggers, can benefit greatly from rich user interfaces. In the proprietary world, debuggers are rich, visually engaging tools; under GDB, you get a single line of code context, arcane syntax for setting breakpoints.

In this presentation, Django core developer Russell Keith-Magee will argue that Unix can support rich tools without abandoning it's core philosophy. He will demonstrate the point using examples from the Python development community.

Russell Keith-Magee

Dr Russell Keith-Magee is a 7 year veteran of the Django core team, and President of the Django Software Foundation. When he's not contributing to Django, he's the maintainer of BeeWare, a collection of GUI tools for Python developers. He's also the CTO of TradesCloud, a company providing a back office and mobile solution for tradespeople.

A Pseudo-Random Talk on Entropy

Random numbers are used to drive security; used badly they lead to highly public failures. This presentation covers some of the high points of generating random numbers, as well as some of the low points of misusing them.

Jim Cheetham

With a long background in Unix and networking, Jim works in the information security industry and has just started the OneRNG project, to build a verifiably trustworthy hardware random number generator

Serialisation Formats Aren't Toys

Dear Web App Developers,

Do you have an API? Do you accept input from users? Do you accept it in XML? What about YAML? Or maybe JSON? How safe are you? Are you *sure*?

It's not in the OWASP Top 10, but you don't have to look far to hear stories of security vulnerabilities involving deserialisation of user input. Why do they keep happening? In this talk I'll go over what the threat is, how you might be making yourself vulnerable and how to mitigate the problem. I'll cover the features (not bugs, features) of formats like XML, YAML, and JSON that make them surprisingly dangerous, and how to protect your code from them.

Because here's the thing: If you are using a compliant, properly implemented parser to parse your stuff, you are NOT safe. Possibly quite the opposite.

Tom Eastman

Tom is a senior Python developer and technical lead for Catalyst IT, New Zealand's largest company specialising in open source. Prior to that he worked as a developer and system administrator for the University of Otago Faculty of Medicine and as a Computer Science tutor for same.

Tom has developed a healthy paranoia as a direct result of drinking with penetration testers.

Tied to the Rails

Bundler may well be “the best way to manage a Ruby application’s gems”, but it is an absolute menace if you’re trying to create a cross-distribution packaged Rails application, as opposed to a standalone web site.

If you have only one deployment environment, it’s fine to force specific package version dependencies. If you have a dozen different deployment environments and build systems, this just won’t fly.

In fact, the whole Ruby gem system privileges developers and Ruby hackers over end users, who just want to be able to easily install and maintain a stable set of software packages.

Tensions arise between gems, RPMs and DEBs. System security updates become difficult to manage. Applications break in unexpected ways. A lone software engineer cries in the wilderness!

I’d love to resolve this, one way or another. At SUSE we have isolated at least four approaches, each with their own strengths and weaknesses. None are perfect, but ultimately we may yet be able to steer a sensible path through the maze.

Tim Serong

Among other things, Tim has spent the last three and a half years fighting bizarre Ruby on Rails packaging madness, while building a web GUI to manage Linux high-availability clusters. He hopes that humanity may yet achieve some sane sense of balance with the larger universe.