Introducing iconerator – automatically generate all app market icons from a single image file

The icon requirements from the iOS App Store (9 unique) and Google Play Market (6 unique) are annoying to say the least.  Updating one pepperoni on the SliceIsRight means generating 15 new icons following the specific guidelines set forth by the Apple & Google gatekeepers.  The bain of every developer’s existence is boring, repetitive tasks (ex/ re-sizing and compressing a slew of PNGs) and it boggles me why this process has not already been automated by the open source community.  To save us all the headache (and the $3 – $5 for some lame Mac app GUI), I give you Iconerator – a customizable command line tool to automate the generation of app market icons. Continue reading

Dynamic ActiveRecord querying in Rails 4 by example

One of my biggest frustrations with ActiveRecord and many other ORMs (looking at you, node-orm2) is the lack of a solid query builder to join various, dynamic query filters into a single  SQL statement.  It seems obvious that this should be the meat-and-potatoes of the entire query language abstraction framework, and yet there is still no clean way to build a SQL statement containing a variable combination of attribute filters.  Below we’ll examine some different functional (yet still ugly) techniques for doing so.

Continue reading

Client-side authentication & session management via Backbone.js and Node.js

The rise in client-side apps has created the need for a secure auth workflow via AJAX.  While the authentication handshake isn’t one-size-fits all given the variety in client-side frameworks and server-side APIs, there are certain best practices which can harden the communication and protect your fancy, single-page apps from potential snoopers.  In this post I will review the following practices and implement them in a demo app built using Backbone.JS and Node.JS:

  • CSRF headers in authentication requests to prevent forgery

  • Auth state persistence through signed cookies

  • Global (singleton) session model in the client whose state changes can be listened to

  • Client-side + Server-side model validations

  • Salt/hashing of passwords for back-end storage

Continue reading

Developer requirements for effective bug management software

A little while back, the team at TastemakerX decided Trello was not cutting it for tracking and managing bugs. It should come as no surprise that any company requires more sophisticated project management tools as it grows and evolves. Instead of blindly rolling out github, the startup norm, we took a systems analysis approach to the problem. Below is our approach and findings.

Continue reading

Tips for writing effective JavaScript libraries

  1. Wrap in a self-calling anonymous function
  2. Use strict mode
  3. Leverage deferreds for chaining promises
  4. Limit external dependencies and use native JavaScript where possible
  5. Prototype classes instead of _.extend where it makes sense
  6. Add AMD compliance by defining and returning a module
  7. Abstract-out configuration & constants, defining them upfront or in a config file
  8. Comment clearly and publish with Docco

Continue reading

JavaScript code standards (ramblings?) from yours truly

Below are some general guidelines and best practices for JS, HTML, and CSS. Many were gathered from experience and lessons learned (often the hard way). The rest will help ensure consistency throughout your web app.

Continue reading

Protect your privacy: proxy traffic through SSH

Found yourself in a foreign country which restricts access to social media or streaming sites? Frustrated by an error page when trying to watch the latest Walking Dead episode on the AMC website? Feel wrong to connect through VPN just to check your crush’s Facebook wall? Foreign censorship sucks.  Here’s how to regain access to those sites we have all grown so fond of. Continue reading