On Sustainable Open Source Management

Tom Christie has some very good things to say on how to successfully maintain an open source project without losing sanity. Truth one: There are, and will always be, a non-finite number of possible valid issues to address. Your code can always be better polished, your APIs better defined, and your project more fully featured. Your documentation can always be better. The ecosystem within which your project lives is constantly evolving....

February 6, 2015 · Nicola Iarocci

How about a Sentinel for your Flask Application?

Flask-Sentinel is a OAuth2 Server implementation of the Resource Owner Password Credentials Grant pattern described in Section 1.3.3 of RFC 6749. It is powered by Flask-Oauthlib, Redis and MongoDB and is bundled as a Flask extension so it can be used to add OAuth2 capabilities to an existing application. So what is the Resource Owner Password Credentials Grant pattern? According to the official RFC: The resource owner password credentials (i.e., username and password) can be used directly as an authorization grant to obtain an access token....

February 4, 2015 · Nicola Iarocci

Eve 0.5.1 Released

Eve 0.5.1 was just released with a couple fixes to 0.5 (which was released earlier this week.) Don’t be surprised. Going forward I’m striving for a much faster release cycle, especially so when it comes to fixes.

January 16, 2015 · Nicola Iarocci

Announcing Eve-SQLAlchemy the official SQL extension for the Eve REST Framework

Powered by SQLAlchemy and good intentions, Eve-SQLAlchemy is an official Eve extension which allows to effortlessly build and deploy highly customizable, fully featured RESTful Web Services with SQL backends. As with all Eve extensions, once installed with $ pip install eve-sqlalchemy using Eve-SQLAlchemy is very simple: from eve import Eve from eve_sqlalchemy import SQL app = Eve(data=SQL) app.run() On a fresh virtualenv (of course you are using virtualenvs, right?) the install will also setup Eve and all its dependencies for you....

January 13, 2015 · Nicola Iarocci

Eve 0.5 released today

Eve v0.5 was released today. Cerberus v0.8 only a few days ago. A whole lot of new features, changes and fixes are coming with these releases so make sure to check the official release post to gather all the news.

January 12, 2015 · Nicola Iarocci

How to: Add custom JeSuisCharlie header to API responses

A lot of servers have been including a JeSuisCharlie header with their responses. If you haven’t already, try with Charlie Hebdo site itself: $ curl -I charliehebdo.fr Date: Mon, 12 Jan 2015 15:56:13 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 221 Connection: keep-alive Location: http://www.charliehebdo.fr/index.html Vary: Accept-Encoding X-Charlie-fr: Je suis toujours Charlie. X-Charlie-en: I am still Charlie. X-Charlie-es: Todavia soy Charlie. X-Charlie-de: Ich bin immer Charlie. X-Charlie-ro: Inca sunt Charlie. X-Charlie-cz: Jsem stale Charlie....

January 12, 2015 · Nicola Iarocci

Validating user objects with Cerberus

People keep telling me that they want to validate class and instance attributes (object properties) with Cerberus. While it certainly wasn’t conceived with that goal in mind, it is actually very possible to leverage both the Python data model and Cerberus extensibility to achieve object validation. Nuts & Bolts Let’s say that we have a simple class: >>> class Person(object): ... pass We create a Person instance and add a few properties and values:...

January 5, 2015 · Nicola Iarocci

Introducing Eve.NET the HTTP/REST Client for Humans™

Eve.NET is a simple HTTP and REST client for Web Services powered by the Eve Framework. It leverages both System.Net.HttpClient and Json.NET to provide the best possible Eve experience on the .NET platform. Written and maintained by the same author of the Eve Framework itself, Eve.NET is delivered as a portable library (PCL) and runs seamlessly on .NET4, Mono, Xamarin.iOS, Xamarin.Android, Windows Phone 8 and Windows 8. We use Eve.NET internally to power our iOS, Web and Windows applications. ...

November 27, 2014 · Nicola Iarocci

Open Source and Code Responsibility

Last week I was speaking at an Open Source panel at Better Software 2014, and one of the topics that we touched was code responsibility. This is an important topic for anyone who is maintaining an open source project, especially when it comes to the process of reviewing and accepting code contributions. At some point during the debate, I argued that when a maintainer merges a pull request, he (or she) implicitly agrees on being responsible for that code. That seemed to strike some surprise into most attendees. Yes, in theory any contributor is just a ping away so in case trouble arises one can always reach him, or her. Unfortunately this is not always the case. While some contributors will fully embrace your project and keep helping after their initial contribution, truth is that a good number of them will just move on, never to be seen again. There’s nothing wrong with that. Not everyone has spare time to devote to your project, which is perfectly fine. It is natural for most people to contribute what they need to a project and then go on their way. Actually, one could argue that most projects grow and prosper precisely thanks to this kind of contributions. However this attitude can become an incumbent when big chunks of code get merged, usually as new (big) features. Good practices advice against merging huge pull requests. In fact they are rare and when they do come, it is a good idea to ask for them to be split into smaller ones. But no matter the format, a huge contribution is likely to hit a project one day or another. It might even come from more than one person: a disconnected and distributed team of contributors who have been patiently tinkering on a side branch or a fork for example. When this happens, and provided that the contribution is worth merging, the maintainer should then ask him/herself the obvious question: am I willing to deal with the consequences of this merge? ...

October 21, 2014 · Nicola Iarocci

Feature Overview: The Eve OpLog

The operations log or OpLog is a new Eve feature that I’m currently developing on the oplog experimental branch. It’s supposed to help in addressing a subtle issue that we’ve been dealing with, but I believe it can also emerge as a very useful all-around tool. I am posting about it in the hope of gathering some feedback from Eve contributors and users, so that I can better pinpoint design and implementation before I merge it to the main development branch. What is the OpLog? The OpLog is a special resource that keeps a record of operations that modify the data stored by the API. Every POST, PATCH, PUT and DELETE operation can eventually be recorded by the oplog. At its core the oplog is simply a server log, something that’s always been on the Eve roadmap. What makes it a little bit different is its ability to be exposed as a read-only API endpoint. This would in turn allow clients to query it as they would with any other standard endpoint. ...

October 6, 2014 · Nicola Iarocci