There are no current HAppS developers. The project has been orphaned
(this happened about a year ago).
--
Cheers,
Lemmih
On 22 jan 2009, at 00:45, Matthew Elder wrote:
> I am forking the HAppS project under the banner of Happstack in the
> hope that all who are able and willing will join me!
Great initiative, very brave! ;) I hope we figure out a nice way of
HAppS and Happstack to coincide without wasting energy on competing.
I'm certainly interested in how this will work out, but either way,
it's very nice that more time is donated to making HAppS/Happstack a
success.
--
Regards,
Eelco Lempsink
Glad we got that clear. :) Is there any chance we can keep calling it
happs then, and take over or shut down the old site ?
Luckily, there are still developers actively developing _with_
HAppS ;) The boost of interest gitit has generated certainly helped.
Too bad nobody seems to have known about the orphaning, but I'm sure
we can gather a nice group of developers to re-energize HAppS!
--
Regards,
Eelco Lempsink
Why _is_ the Facebook module in HAppS-Server to begin with?
2009/1/22 Matthew Elder <ma...@mattelder.org>:
>
> 1. Only a few people can commit to the HAppS codebase
> 2. Documentation is lacking
> 3. Test coverage is lacking
> 4. The code needs a lot of cleanup!
>
I would like to contribute the code and documentation.
I don't know HAppS very well ATM, but I think it's fixable. :)
Cheers,
Artyom Shalkhakov.
Here's a small list of suggestions:
* HAppS-Server currently depends on HAppS-State, but only because of
a couple of trivial functions. I think it would be good to make
HAppS-Server independent of HAppS-State. Future versions of gitit,
for example, will use HAppS-Server but not HAppS-State.
* It would be good if non-essential stuff (like Facebook) could be
moved out of HAppS-Server, perhaps into a HAppS-Extras module.
It's currently impossible to compile HAppS-Server on my VPS without
manually removing the Facebook module, because it takes so much
memory to compile it.
* Currently HAppS-Server doesn't provide support for character
encodings.
Gitit uses some ugly workarounds here. There are some useful
suggestions at http://article.gmane.org/gmane.comp.lang.haskell.cafe/49700.
Best,
John
I might be interested in helping out with this project, but only if
it's well-organized. I have limited time to contribute, and I want it
to be coding, not dealing with organizational matters :)
I think Google's stuff is relatively good. As a matter of fact, there
already is a bug tracker for HAppS set up at http://code.google.com/p/happs/issues/list
Some of the issues on the list are still relevant, but it needs a
bit of cleanup.
--
Regards,
Eelco Lempsink
Attention HAppS Enthusiasts!
I am reaching out to find other like-minded individuals who want to develop, test, and use HAppS but feel a bit weary that the project is losing momentum. Alex Jacobsen has done a lot of work to build the coherent platform that exists today -- but it still is wanting of some love.
In particular:
1. Only a few people can commit to the HAppS codebase
2. Documentation is lacking
3. Test coverage is lacking
4. The code needs a lot of cleanup!
I would vote for http://community.haskell.org/
It provides code and website hosting, issue tracking with trac,
mailing lists using mailmain and ssh access.
Many Haskell projects use it so most Haskell hackers (potential
Happstack developers) should be used to it.
regards,
Bas
But, I think what we'll need is some community organization. Perhaps
nothing formal, but a good number of people who have talked enough
between each other to hold the whole thing together.
Maybe an IRC party?
--
H. Lally Singh
Ph.D. Candidate, Computer Science
Virginia Tech
On Thu, Jan 22, 2009 at 5:11 AM, Hugo Gomes wrote:
> Nice,
>
> here goes some strange ideas that i've been hatching up:
>
> - patching happs so it uses the new 4000.x http package
>
> - ffi for sendfile (while maintaining windows usability)
>
> - http 1.1 gzip support (through some sort of file caching, readerT perhaps
> ?)
>
> it would be great if it could be faster than apache :)
Out of curiosity, by http gzip support - do you mean simply gzipping
the HTML text and plopping on a gzip header?
As it happens, I believe I just yesterday was working out how to do
that with Gitit. The ultimate solution turned out to be fairly simple,
and looked like this:
gzip :: String -> Response
gzip = setHeader "Content-Encoding" "gzip" . toResponse . compress .
B.fromChunks . return . fromString
instance ToMessage B.ByteString where
toContentType _ = Data.ByteString.Char8.pack "text/plain"
toMessage a = a
(fromString is utf8-string's String->ByteString utf8-preserving
conversion, and compress is from zlib; the stuff in between is to
change fromString's strict ByteString to compress's lazy ByteString.)
- --
gwern
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREKAAYFAkl4keMACgkQvpDo5Pfl1oIiQACdF2aoW7Th+gUwzprH+Yz0a4yD
3rcAn0tcl5JJmcDt2SR/uhrMYpygQSzA
=d631
-----END PGP SIGNATURE-----
diff --git a/Gitit.hs b/Gitit.hs
index dc96add..7da85f5 100644
--- a/Gitit.hs
+++ b/Gitit.hs
@@ -48,6 +48,7 @@ import Text.Pandoc.Shared (HTMLMathMethod(..), substitute)
import Data.Char (isAlphaNum, isAlpha, toLower)
import Control.Monad.Reader
import qualified Data.ByteString.Lazy as B
+import Data.ByteString.Char8 (pack)
import Network.HTTP (urlEncodeVars, urlEncode)
import System.Console.GetOpt
import System.Exit
@@ -59,6 +60,7 @@ import System.IO.Unsafe (unsafePerformIO)
import Network.Socket
import Network.Captcha.ReCaptcha (captchaFields, validateCaptcha)
import Data.FileStore
+import Codec.Compression.GZip (compress)
gititVersion :: String
gititVersion = "0.4.1.3"
@@ -1008,7 +1010,16 @@ formattedPage layout page params htmlContents = do
T.setAttribute "messages" (renderHtmlFragment htmlMessages) $
T.setAttribute "content" (renderHtmlFragment htmlContents) $
templ
- ok $ setContentType "text/html" $ toResponse $ encodeString filledTemp
+ let dogzip = True
+ if dogzip then ok $ setContentType "text/html" $ gzip filledTemp
+ else ok $ setContentType "text/html" $ toResponse $ encodeString filledTemp
+
+gzip :: String -> Response
+gzip = setHeader "Content-Encoding" "gzip" . toResponse . compress . B.fromChunks . return . fromString
+
+instance ToMessage B.ByteString where
+ toContentType _ = Data.ByteString.Char8.pack "text/plain"
+ toMessage a = a
-- user authentication
loginForm :: Html
diff --git a/gitit.cabal b/gitit.cabal
index e106eaa..8c5dc55 100644
--- a/gitit.cabal
+++ b/gitit.cabal
@@ -49,7 +49,7 @@ Executable gitit
network, old-time, highlighting-kate, bytestring,
utf8-string, HAppS-Server >= 0.9.3 && < 0.9.4,
SHA > 1, HTTP, HStringTemplate, random, network >= 2.1.0.0,
- recaptcha >= 0.1, filestore, datetime
+ recaptcha >= 0.1, filestore, datetime, zlib
if impl(ghc >= 6.10)
build-depends: base >= 4, syb
ghc-options: -Wall -threaded
The attached should be a patch to move the facebook module & the two
modules that depend on it into a new directory called HAppS-Extras.
Unless I messed up the darcs recording, this should work. The cabal
file for HAppS-Extras isn't optimal yet & could probably be pruned.
Ah, so you meant with all the flourishes, like supporting compress and
the compression-level indicators and alternative spellings like
x-gzip.
And I'd note that zlib's compress function does produce a lazy
bytestring, so that's covered I think. (It works pretty well in my
Gitit tests. Noticeably reduces the size of the page and thus the time
it takes to transfer, even on a localhost - so presumably over the
Internet would be even better.)
- --
gwern
- ---------- Forwarded message ----------
From: Hugo Gomes
Date: Thu, Jan 22, 2009 at 10:58 AM
Subject: Re: Announcing Happstack: A fork of HAppS
To: HA...@googlegroups.com
Nice,
what i meant by was something like implementing the full http rfc as
described in:
http://www.faqs.org/rfcs/rfc2616.html
the gzip is specified in section 14.11 Content-Encoding.
I think it would be a great nice feature, to exploit lazyness and some
sort of caching mechanism to do it without much cpu effort, since the
bottleneck in web pages is still on the network side.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREKAAYFAkl4rnsACgkQvpDo5Pfl1oIKSACgi0I2pw+BGmII4shcs1ao7+EJ
aroAoIvTE/LKQ4zGBLQWcGkGjlzo1jWY
=J1ND
-----END PGP SIGNATURE-----
I like this idea, let me see the patches :)
I think the semantics are relatively simple: if the client says it can
handle it, always gzip it. My implementation is UTF8-friendly, so it
doesn't cost us anything there, and browsing even small pages on my
local wiki shows speedups - and small pages on the hard disk are the
pages on which gzip should be a pessimization if it's ever going to be
one.
If the client sends a strange header that my code doesn't see as a
valid gzip-supporting-claim, then happs will do as it always does and
send text, so false negatives, if you will, are not an issue. (False
positives are a bigger deal, since a client which can't handle gzip
would display a gzip'd page as garbage, but I don't see how false
positives could arise except if the client lies. In which case the
client deserves garbage.)
I suppose depending on the zlib library may be an issue, but
cabal-install depends on zlib, and I can't imagine anyone installing
happs or gitit manually... so it's nearly a free dependency.
--
gwern
I think I'll wait a little bit to see how this server stuff shakes
down. I hate creating inapplicable patches. :)
--
gwern
> It would be very helpful if the components were split into separate
> darcs repositories the way the ones at happs.org were.I agree this is helpful for the end user, but most end users will not use darcs -- they will use the cabal packages.
> This makes it
> easier to use one component without all the others, or more
> importantly to pull patches into one component without pulling them
> into all the others.I don't fully see the use case for this. The repository is mainly for developers, and as a developer I find putting all the packages in one repository more convenient.
sm tells me that one of the issues with the current monolithic repo is
that it discarded all the previous development history (which
certainly seems to be true). This wasn't necessary, of course, thanks
to Darcs's patch stuff. Nothing says one couldn't create a single
consolidated repository containing the history of all the previous
HAppS repositories, I don't think.
Suppose one has the repos:
begin/ data/ dns/ ixset/ server/ state/ util/
Designate an arbitrary one to be the master - begin, say.
cd inside begin, do a mkdir begin, darcs add && record begin, then
darcs mv * begin/ && record --all. At this point, now 'ls begin'
shows nothing except another begin/ with all the actual stuff in it.
(Obviously _darcs remains where it was.)
Now you pull all the patches from, say, server/. This will leave ./
full of happs-server stuff. Do a mkdir happs-server...
It's tedious and a bit tricky to make sure you move all the files into
the right subdirectory, but it's definitely doable and superior to
erasing the history.
--
gwern
I think it's more the goal than empiricism. Personally I hate it when
a project requires you to use the current dev version rather than the
released package.
Also, I think there's a distinct advantage to having it all in one
darcs repo while we're currently doing Mad Re-Org and moving code
between various cabal packages.
It's convenient when everything works and when you want all the new features. It's very inconvenient when just one or two things break for a while and you need to hold them back.
FYI, bottom of page at happs.org:
"Copyright (c) 2007. HAppS LLC. HAppS (tm) is a trademark of HAppS
LLC. All Rights Reserved. "
Hi Matthew (and all the fellow HAppS enthusiasts),
You certainly do write in quite a persuasive way. But, I'd like to
have some comments from Alex regarding the orphaning of HAppS. I hear
about it for the first time. And, what would be the license and the
copyright for Happstack? The "Copyright HAppS, LLC." requirement kinda
bugged me a lot, especially not knowing what this "HAppS, LLC." was.
I followed HAppS loosely for about 2 years now and even considered
contributing, but the licensing-related questions plus the lack of
developer documentation for both the current and the future code (aka
roadmaps) were on my way.
I think HAppS had some great ideas:
* Haskell can help produce more reliable and secure web apps, which is
definitely a virtue nowadays :)
* Promised an easy-to-use distributed backend which would give anyone
a possibility to compete with guys like Google or Amazon.
But, I don't see it on the way to implement these ideas. One of the
biggest disappointment that the backend (HAppS-State) wasn't designed
to be reliable, e.g. Lemmih once mentioned that if the state on one of
the shards is lost, for example, due to a power failure than it is
just gone, because all info is in volatile memory. And I haven't seen
any evidence of that being fixed. This is just crazy, no one serious
about their data would use a system with such "guarantees".
As for suggestions...
Here's the list of things that I'd like to see in Happstack, because
they are important and because it _is_ possible to have them:
* easy to use, reliable distributed back-end with support for
sharding, replication and transactions (even cross-shard ones).
* modular structure that would enable to use other back-ends, like an
RDBMS. It would be nice if would be an easy path to migrate from
RDBMS to HAppS-State. One should be able to use different front ends
too (equal support for HSP and Data.HTML and whatever other solutions
for describing the resulting web page are there).
* build with security by default: built-in protection against
injection attacks, CSRF etc. Authentication and SSL are also a must
(if you want Fortune 500 to hire you at the end :)).
* nice embedded languages for defining routes and action handlers,
form building and processing and working with the back-end (ideally,
abstracted away the specific back-end in use). Would be nice to have
an ajax library as well (or some nice interoperability with an
existing one).
* some nice libraries for doing common tasks (scaffolding, for
example).
* an easy way to remotely administer (launch, stop, configure) the
instances. Some kind of protocol, I guess.
* restrict the usage of GHC extensions. Personally, I'd try to keep it
as close to Haskell'98 as possible.
Regarding the development process:
* Liberalization is good, but there should be a team of super-
developers that would define the architecture and the roadmap clearly,
so that the project doesn't drift.
* Documentation, bug tracking and a precise list of project
participants (including who is doing what) is a must.
* Justifications for high-level architectural decisions, the usage of
non-haskell libraries (like Spread) and the restrictions on the usage
of GHC extensions should be clearly outlined and available to all
current and potential contributors.
As for me, I might be able to join as a developer. I'm familiar with
Haskell and not scared of monads, although haven't written anything in
it for a year. The best thing I can do is, probably, the security part
I outlined above. Although, I'm also very much interested in the HAppS-
State (or whatever it would be called in the fork).
I did :) The argument about HAppS being orphaned points to a fresh
posting by Lemmih. I think, it would be nice to have Alex post his
endorsement of what's going on.
I don't know. If you want to ask him yourself contact me in private and I will give you his phone number.
> The way the system functions currently, is that data is also written to> disk. You have the same durability as an SQL database. Obviously the systemJust to make sure I get things right. Last time I looked at how the
> needs to have some more testing (automated and field) before it can be
> considered "production ready" on par with something like mysql.
data saved on the disk, it was done by checkpointing, which, due to
the fact it takes considerable time, is recommended to be done at the
server start or shutdown (correct me if that has been changed). Now,
if something happens to the server in between the checkpoints -- the
data is lost. The way it is done in most systems (I think) is that the
change is saved to a log on disk _before_ it is committed, i.e. the
change is visible to other processes/users. Let me know if that is the
current behavior. Otherwise, HAppS-State may be in a trouble.
If you're talking about SQL injection - I totally agree with you.
> Injection attacks don't exist with MACID,
Cross-site scripting is an injection attack as well and MACID won't
help you with that. That way it could be solved is by forcing any user-
generated content to be html-escaped before output. This could be
nicely forced by a type system. Cross-site request forgery attacks are
also important and have a couple of ways of protecting against, but
MACID is not in that list. :)
> Precise List - On the todo list.Where is the todo list?
- I'm new to Haskell, and HAppS, but I've been programming for a long
time. I think there are a few of us in the same situation. Could we
take active bugs and then beg & claw our way into getting enough
information about HAppS(tack) to fix them?
- As for documenting design decisions, etc. The best format would be
articles on the various topics. Edit them to answer questions as they
come, and the articles will serve as great documentation, and serve to
make HAppS that more interesting & approachable by others. It also
gives happstack.org content and makes it a stronger hub for the
community
- Wonderful job on happstack.org, btw. It's nice to see the reference
links there without having to scour google and filter the good vs the
bad vs the obsolete.