Manbolo Blog

Manbolo Team Blog, creators of MeonArchives

Automated Static Code Analysis with Xcode 5.1 and Jenkins

tweet

Static code analysis is a tool to check your code against coding errors at build/edit time: in these Dark Ages of apocalyptic error, it’s certainly a good weapon to add to your developer arsenal.

  1. Analyze from the IDE
  2. Analyze from the command line
  3. Analyze from Jenkins

1. Analyze from the IDE

Xcode has a powerful static code analyzer, really simple to use: just open your project, ’Product’ > ’Analyze’ or simply hit ⇧⌘B:

The static analyzer can detect potential memory leaks, unused ivars, variables used but never read, dead code path etc… It can prevents a whole class of errors while sanitising your code.

2. Analyze from the command line

Launching the static analyze in command-line with Xcode 5.1 is really simple:

xcodebuild -project PATH_TO_YOUR_XCODEPROJ -scheme YOU_APP_SCHEME -sdk iphonesimulator7.1 analyze

Example:

xcodebuild -project Meon.xcodeproj -scheme iOS-Meon -sdk iphonesimulator7.1 analyze

If you’re using a target / configuration approach over a scheme approach, you can simply use:

xcodebuild -project PATH_TO_YOUR_XCODEPROJ -target YOUR_APP_TARGET -configuration Debug -sdk iphonesimulator7.1 analyse

Then, you will have the analysis result in your terminal window:

Command line analysis

Just a detail: if you’re using a scheme based approach (contrary to the traditional pre-Xcode 4 target / configuration), you don’t need to set in the command line options which configuration you want to use. Well used, the scheme approach dispenses you to think in term of Release / Debug configurations: the archive scheme will used the Release configuration, because obviously you want to deliver your app compiled in Release; the Debug scheme will use the Debug configuration, and the analyze scheme is based on the Debug configuration because Release optimisation could alter the static code analyse. If you want to check on what configurations your schemes are based, just click on the current scheme name in Xcode status bar

Manage schemes

Then ’Manage Schemes…’

Viewing analysis results from the terminal is not very practical. To have a better rendering of the issues, we are going to use the last version of Clang Static Analyzer. The advantage of using this analyzer is that it’s often newer than the analyzer provided with Xcode, and thus can contain bug fixes, new checks, or simply better analysis.

For instance, the last version of Clang Static Analyzer released in February 2014 includes the following improvements:

To install it, just download the last version checker-276.tar.bz2 and unzip it. In the checker-276 folder, you will find two important scripts: scan-build and scan-view.

To launch an analyse, just write the same command line as previously, prefixed with scan-build:

scan-build xcodebuild -project PATH_TO_YOUR_XCODEPROJ -scheme YOU_APP_SCHEME -sdk iphonesimulator7.1 analyze 

Example:

scan-build xcodebuild -project Meon.xcodeproj -scheme iOS-Meon -sdk iphonesimulator7.1 analyze

This should produce:

…
** ANALYZE SUCCEEDED **


The following commands produced analyzer issues:
    Analyze iOS-Meon/Classes/MainMenuViewController.m
    Analyze iOS-Meon/Classes/RootViewController.m
    Analyze iOS-Meon/Classes/PlayViewController.m
    Analyze iOS-Meon/Classes/LevelManager.m
    Analyze iOS-Meon/Classes/NSData+Base64.m
    Analyze iOS-Meon/Classes/Reachability.m
    Analyze iOS-Meon/Classes/SolverAnimator.m
    Analyze iOS-Meon/Classes/SpriteSheetManager.m
(8 commands with analyzer issues)
scan-build: 15 bugs found.
scan-build: Run ’scan-view /var/folders/kg/p23fnf1s2rl6zz79c762mp900000gn/T/scan-   build-2014-04-14-214518-2184-1’ to examine bug reports.

scan-build produces a temporary report, and the last output ot the logs indicates of to launch the viewer:

scan-view /var/folders/kg/p23fnf1s2rl6zz79c762mp900000gn/T/scan-    build-2014-04-14-214518-2184-1’

The report is HTML-based and offers a detailed view on each potential bug:

3. Analyze from the Jenkins

Launching analysis from the command line is cool, but what’s cooler is to have your Jenkins do it automatically for you while you drink a coffe (or play ping-pong). There is a Clang Scan-Build Plugin that can be used, but unfortunately, as of 14 April 2014, the plugin only supports Xcode 4.

To support Xcode 5, we’ll have to make small modifications to the plugin and recompile it. Fortunately, it’s not as complicated as it sounds.

First thing is to install Maven on your OSX (if you don’t already have it - OSX prior to Mavericks/10.9 actually comes with Maven 3 built in). To install it, simply use Homebrew:

brew install maven

Once done, get the last version of the Clang Scan-Build Plugin’s sources on GitHub.

git clone git@github.com:jenkinsci/clang-scanbuild-plugin.git

The only mandatory change is in clang-scanbuild-plugin/src/main/java/jenkins/plugins/clangscanbuild/commands/ScanBuildCommand.java:

Replace these lines:

    args.add( "clean" ); // clang scan requires a clean
    args.add( "build" );

By these lines:

    args.add( "clean" ); // clang scan requires a clean
    args.add( "analyze" );

If you have only one xcodeproj with schemes and no workspace, you should also replace these lines:

        // Xcode 3,4 standalone project
        if( isNotBlank( getTarget() ) ){
            args.add( "-target", getTarget() );
        }else{
            args.add( "-activetarget" );
        }

With these lines:

        // Xcode 3,4 standalone project
        if( isNotBlank( getTarget() ) ){
            args.add( "-target", getTarget() );
        }else{
            args.add( "-scheme", getScheme() );
        }

This way, you’ll be able to specify your xcodeproj and a scheme in the Jenkins plugin configuration.

Next, recompile the plugin: open a terminal, go in your working copy of the plugin and type

mvn install

Or, if you want to skip tests

mvn -Dmaven.test.skip=true install

Then after the compilation success, a target folder has been created; you will find inside the plugin installer file, clang-scanbuild-plugin.hpi, (which is simply a jar file). To install this modified plugin, copy it directly in the Jenkins plugins folder (on your Jenkins server), usually under ~/.jenkins/plugins. Restart Jenkins, go to the plugins configuration page to check that your new plugin is installed (goto your Jenkins server homepage, then select ’Manage Jenkins’, then ’Manage Plugins’ and click on the ’Installed’ tabs):

Clang Plugin

Now that the plugin is ready, we’re going to install the Clang Static Analyzer on our Jenkins machine. Just unzip checker-276.tar.bz2 on your custom binaries location: for instance, I unzip mine under /usr/local/Cellar/scan-build/ to not mess with the system binaries.

Then we need to tell Jenkins where to find the static analyzer:

Finally, it’s time to create a job for the analysis. If your iOS job is already using the Warnings Plugin, I advise to create create a dedicated job for the static analyze, because the warnings raised by the static analysis will be also counted by the warning plugin as "standard" warninngs.

So, create a new job for this build, and add a build step ’Clang Scan-build’:

Jenkins step 4

Then add a post build action, ’Publish Clang scan-build reports’:

Jenkins Step 6

You can customize the stable / unstable build threshold, for instance 5 means that over 5 issues, your build will be considered as instable. Go crazy and set it to 0!

Finally, launch your first build. Open the job logs, and check the command line used at the beginning of the job:

EXECUTING COMMAND:[/usr/local/Cellar/scan-build/scan-build, -k, -v, -v, -o, /Users/jenkins/.jenkins/jobs/Meon/workspace/clangScanBuildReports, xcodebuild, -scheme, Meon, -configuration, Debug, -sdk, iphonesimulator7.1, clean, analyze]
[iOS] $ /usr/local/Cellar/scan-build/scan-build -k -v -v -o /Users/jenkins/.jenkins/jobs/Meon/workspace/clangScanBuildReports xcodebuild -scheme Meon -configuration Debug -sdk iphonesimulator7.1 clean analyze
scan-build: Using ’/usr/local/Cellar/scan-build/bin/clang’ for static analysis
scan-build: Emitting reports for this run to ’/Users/jenkins/.jenkins/jobs/Meon/workspace/clangScanBuildReports/2014-04-15-184221-65970-1’.
User defaults from command line:
PBXBuildsContinueAfterErrors = YES

Build settings from command line:
    CLANG_ANALYZER_EXEC = /usr/local/Cellar/scan-build/bin/clang
    CLANG_ANALYZER_OTHER_FLAGS = 
    CLANG_ANALYZER_OUTPUT = plist-html
    CLANG_ANALYZER_OUTPUT_DIR = /Users/jenkins/.jenkins/jobs/Meon/workspace/clangScanBuildReports/2014-04-15-184221-65970-1
    RUN_CLANG_STATIC_ANALYZER = YES
    SDKROOT = iphonesimulator7.1

=== CLEAN TARGET Meon OF PROJECT Meon WITH CONFIGURATION Debug ===

Check dependencies
…

Extracted from the logs, you can see the command line call:

/usr/local/Cellar/scan-build/scan-build -k -v -v -o /Users/jenkins/.jenkins/jobs/Meon/workspace/clangScanBuildReports xcodebuild -scheme Meon -configuration Debug -sdk iphonesimulator7.1 clean analyze

Which is exactly what we want. After a few builds, you will have this nice graph on your jobs homepage:

Jenkins step 5

If you select a particular job, you will see the list of each issues reported by the analyzer. At the end of each line, you have a link to the detail analysis for this particular issue: it is simply the same HTML report that you would have with scan-view but this time, it’s integrated in the Jenkins jobs page.

Unfortunately, if you click on a bug detail, you will see a 404 page instead of the bug report. To fix it, copy the scan build output to a folder named ‘clangScanBuildReports’ inside the build directory (you can copy only the html files). For instance, in my case, I’ve added another build step after the static anlysis that will do:

mkdir -p ${WORKSPACE}/../builds/${BUILD_NUMBER}/clangScanBuildReports/
cp ${WORKSPACE}/clangScanBuildReports/*/StaticAnalyzer/Meon/Meon/normal/i386/*.html ${WORKSPACE}/../builds/${BUILD_NUMBER}/clangScanBuildReports/

And that should be sufficient to fix this issue (source: Clang Scan-Build Jenkins Plugin).

From jc.

Best Heartbleed Explanation Ever

tweet

Best Heartbleed explanation ever by xckcd:

HeartBleed explanation

Links:

The Heartbleed Bug:

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed?: TL;DR Yes.

The Heartbleed Challenge:

We confirmed that both of these individuals have the private key and that it was obtained through Heartbleed exploits.

Test your server for Heartbleed (CVE-2014-0160)

Heartbleed by Bruce Schneier:

"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.

What Heartbleed Can Teach The OSS Community About Marketing:

I want to take a moment to point at the marketing aspects of it: how the knowledge about Heartbleed managed to spread within a day and move, literally, hundreds of thousands of people to remediate the problem.

Heartbleed is much better marketed than typical for the OSS community, principally because it has a name, a logo, and a dedicated web presence.

Critical crypto bug exposes Yahoo Mail, other passwords Russian roulette-style:

All of this means that applying the OpenSSL patch is only the starting point on the multi-step path of Heartbleed recovery. Website operators should strongly consider replacing their X.509 certificates after applying the update and getting all users and administrators to change passwords as well. While it’s possible that none of this data has been compromised, there’s no way to rule it out, either.

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013?:

A lot of the narratives around Heartbleed have viewed this bug through a worst-case lens, supposing that it might have been used for some time, and that there might be tricks to obtain private keys somewhat reliably with it. At least the first half of that scenario is starting to look likely.

Using Heartbleed PoC for Hijacking User Sessions En Masse:

Matthew Sullivan posted a blog post earlier today about using CVE-2014-0160 to hijack user sessions from vulnerable servers. I altered the proof of concept code written by Jared Stafford to continuously query a given server for memory chunks and parse those chunks for session ids.

Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping:

The researchers who discovered the vulnerability, however, were less optimistic about the risks, saying the bug makes it possible for attackers to surreptitiously bypass virtually all TLS protections and to retrieve sensitive data residing in the memory of computers or servers running OpenSSL-powered software.

"We attacked ourselves from outside, without leaving a trace," they wrote. "Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication."

Heartbleed Bug: What Can You Do?:

Finally, given the growing public awareness of this bug, it’s probable that phishers and other scam artists will take full advantage of the situation. Avoid responding to emailed invitations to reset your password; rather, visit the site manually, either using a trusted bookmark or searching for the site in question.

How to protect yourself from Heartbleed:

The Heartbleed vulnerability is one of the worst Internet security problems we have seen. I’ll be writing more about what we can learn from Heartbleed and the response to it.

For now, here is a quick checklist of what you can do to protect yourself.

From jc.

WWDC 2014 Predictions Game

tweet

Well, it’s more a wish list than real predictions about what will be announced in June, at the WWDC 2014. Let’s go!

iPhone 6 with a 5 inches screen

Having a new iPhone with a bigger screen is an evidence. What the physical screen size could be? And maybe more important (for a developer), what would be the screen size in pixel? Let’s imagine that the number of pixels will be the same as the current iPhone 5x line: 640 pixels by 1136 pixels: no need to redesign apps, the whole UI will be simply bigger. Given this, a safe bet would be also that this new iPhone will use the same PPI (pixel-per-inch) as the current iPad Air: 264 ppi.

A pixel-width of 640 with a 264 ppi give us a 640 / 264 = 2.424 inches width; and we get 1136 / 264 = 4.303 inches for the height.

Our new screen will measure 2.424 inches by 4.303 inches, by consequence a 4.94 inches diagonal… Let’s simply say: a 5 inches screen.

Get a paper, a rule and draw a 2.424 inches by 4.303 inches (6.2 cm by 10.9 cm): it’s big, but not insanely big… Of course, you have to add extra space for the home button and the phone bevels: I can really see the iPhone 6, top of the iPhone line, with a screen this big.

5 inches iPhone 6

But a 640 x 1136 pixels screen is a very very conservative number of pixels, especially regarding the current Android phones: the Nexus 5 has a 1080 x 1920 pixels screen, with a 445 ppi density. If you look at high-definition smartphone displays, you will get 3 different sizes: 720px by 1280px, 800px by 1280px and 1080px by 1920px, with a maximum ppi of 468 for the HTC One: all these sizes will introduces a kind of fragmentation if chosen for the iPhone 6 (even with AutoLayout), and some additional effort for developers.

In my dream: the iPhone 6 has a 1280 px by 2272 px screen, double the pixel size in width and height of the current iPhone 5s. No need to redesign apps, just get @4x resources and done. But certainly not this year.

New Apple TV

This WWDC will introduce the App Store for Apple TV, with a dedicated gamepad. Based on the iOS 8 beta SDK, developers will be able to develop apps for the Apple TV, and the Apple TV will receive a Back to the Mac treatment: Game Center, Push Notifications etc… The Apple TV will become a true home media center: video game console, VOD, apps, a Siri driven UI, etc… it’s the Apple Bandai Pippin on steroids!

Why do I think this year will be the Apple TV’s year ? Basically, four things:

1. iOS 7 Game Controller: iOS 7 has seen the introduction of a Game Controller framework, making it easy to discover game controllers connected to a Mac or iOS device. Apple has even created specifications for distinct kinds of MFi game controllers with many common characteristics that must be implemented strictly according to the specification.

Allowing gamepad accessories just for iPhone and iPad seems to me too limited and I dream for an Apple console, with a dedicated gamepad and an unlimited App Store.

2. Amazon Fire TV:

Few days ago, Amazon announces the Amazon Fire TV, available in the US for $99:

Amazon Fire TV screenshot

In my mind, the Amazon Fire TV is a direct Apple TV concurrent, and Apple has to respond to this threat with a better Apple TV.

3. A7 aka Cyclone:

Apple has undoubtedly great plans for the A7, the CPU used in the iPhone 5s. This analyse by AnandTech shows that the A7 has a bright future and this future could be the Apple TV.

Cyclone is a bold move by Apple, but not one that is without its challenges. I still find that there are almost no applications on iOS that really take advantage of the CPU power underneath the hood. More than anything Apple needs first party software that really demonstrates what’s possible.

Looking at Cyclone makes one thing very clear: the rest of the players in the ultra mobile CPU space didn’t aim high enough. I wonder what happens next round.

4. PrimeSense bought by Apple:

Apple has recently bought PrimeSense, an Israeli company which provided 3D sensors for the first generation Microsoft Kinect. Seems like a really good fit for the Apple TV team…

iOS APIs

WWDC 2014 will usually introduce new APIs for iOS 8. If you look at the current iOS 7 private frameworks headers, you will find some interesting ones:

Another interesting indicator is to look a Github Objective-C popular projects on last month:

UI is the crown jewels of iOS, and developers want more and more built-in UI components. Regarding AFNetworking and SDWebImage, I find it sad that we still need a third party framework to deal easily with HTTP request, and web-based images. Come on Apple, bring-us something like Requests for iOS 8!

Developers tools: Xcode 6

Better developer tools for better apps!

For WWDC 2014, I see: an enhanced version of XCTest with code coverage for instance; some new tools à la RevealApp, and finally a better Xcode editor / refactor, à la AppCode.

1. XCTest:

Since Xcode 4, Apple has really improved the Xcode tests tools; and even introduced last year the XCTest framework, a new test framework for Xcode. Currently, XCTest is not really more useful than the venerable SenTestingKit; but I bet Apple has great ambitions for XCTest. Why no add code coverage this year for instance?

2. RevealApp:

Apple has to integrate RevealApp in Xcode. RevealApp has save me many times on really difficult UI bugs: it’s an indispensable addition to the iOS developer arsenal. RevealApp gives you a visual representation of the views hierarchies of your app, and you can event interact with:

It’s like FireFox 3D View, for iOS!

In any case, just buy it, you will not regret it.

3. Xcode enhanced editor:

XCode 6, the same Xcode with some good stuff from AppCode.

Objective-C

I do not expect big news in the Objective-C land, apart new features to deal with dependencies. Embrace CocoaPods (the current de-facto standard dependency manager), and include it in OSX / iOS developers tools.

No iWatch

WWDC 2014: no iWatch.

From jc.

Using Emojis in Django Model Fields

tweet

Using emojis in Django model fields is really easy. If you’re using SQLite as a database, you’ve nothing additional to do. You can save emojis in TextField or CharField without any problem. If you’re using a MySQL database, this article is for you, you’ll need some work to insure that every text field can use emojis. Finally, if you’re using a PostgreSQL database, I won’t be able to help you! I still haven’t switch to PostgreSQL (even if it is Two Scoops of Django’s recommendation)… So this article is really about saving emojis in a Django app backed by MySQL.

A Basic sample app

Let’s say we have a very simple Django app to manage comments.

Our model will be a Comment class, with two fields: a text field and an author field. In Django world, this translates in a models.py file like this:

from django.db import models

class Comment(models.Model):
    text = models.TextField(max_length=2048, blank=True)
    author = models.CharField(max_length=128, blank=True)

We have also a view that will display a list of comments, in views.py:

from django.views.generic import ListView
from .models import Comment

class CommentsView(ListView):
    model = Comment
    context_object_name = ’comments’

With the associated template in templates/comments/comment_list.html:

<h1>Comments</h1>
<ul>
{% for comment in comments %}
    <li>
        <p>{{ comment.author }}</p>
        <p>{{ comment.text }}</p>
    </li>
{% empty %}
    <li>No comments yet.</li>
{% endfor %}
</ul>

The admin.py to create/edit our comments:

from django.contrib import admin
from .models import Comment

admin.site.register(Comment)

And finally, our database configuration in settings.py:

DATABASES = {
    ’default’: {
        ’ENGINE’: ’django.db.backends.mysql’,
        ’NAME’: ’example’,
        ’USER’: ’example’,
        ’PASSWORD’: ’example’,
        ’HOST’: ’’,
        ’PORT’: ’’,
    }
}

If you open the admin page, and create a new comment containing an emoji:

Django will throw an exception:

Incorrect string value: ’\xF0\x9F\x90\xAF’ for column ’text’ at row 1

That’s not good!

Solution

One of the most useful pointer to solve this issue is this very detailed post blog by Mathias Bynens. Adapted to our Django app, here are the simple steps to support emojis.

1. Switching from MySQL’s utf8 to utf8mb4

If you log to MySQL, and type this:

SHOW VARIABLES WHERE Variable_name LIKE 'character\_set\_%' OR Variable_name LIKE 'collation%';

You should see:

+--------------------------+-------------------+
| Variable_name            | Value             |
+--------------------------+-------------------+
| character_set_client     | utf8              |
| character_set_connection | utf8              |
| character_set_database   | latin1            |
| character_set_filesystem | binary            |
| character_set_results    | utf8              |
| character_set_server     | latin1            |
| character_set_system     | utf8              |
| collation_connection     | utf8_general_ci   |
| collation_database       | latin1_swedish_ci |
| collation_server         | latin1_swedish_ci |
+--------------------------+-------------------+

So, first, we’re going to change the character set and collation properties of the database, tables, and columns, to use utf8mb4 instead of utf8.

# For each database:
ALTER DATABASE database_name CHARACTER SET = utf8mb4 COLLATE utf8mb4_unicode_ci;
# For each table:
ALTER TABLE table_name CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
# For each column:
ALTER TABLE table_name CHANGE column_name column_name VARCHAR(191) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL;
# (Don’t blindly copy-paste this! The exact statement depends on the column     type, maximum length, and other properties. The above line is just an example for a `VARCHAR` column.)

You will need to adjust this snippet, in particular adapt the database name and table name to your needs. In our case, this becomes:

ALTER DATABASE example CHARACTER SET = utf8mb4 COLLATE utf8mb4_unicode_ci;

ALTER TABLE comments_comment CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

ALTER TABLE comments_comment CHANGE text text LONGTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL;

Notice the NOT NULL added to the end of the statement: the Django convention is to use the empty string, not NULL for "no data".

2. Modify the server application code to use the right character sets

Hyper simple, just add 'OPTIONS': {'charset': 'utf8mb4'} to your DATABASES configuration:

DATABASES = {
    ’default’: {
        ’ENGINE’: ’django.db.backends.mysql’,
        ’NAME’: ’example’,
        ’USER’: ’example’,
        ’PASSWORD’: ’example’,
        ’HOST’: ’’,
        ’PORT’: ’’,
        ’OPTIONS’: {’charset’: ’utf8mb4’},
    }
}

This should be sufficient. If you restart your server, you should be able to insert emojis in any comment:

3. Check client and character sets

Finally, this third step is optional but highly recommended. In the /etc/mysql/my.cnf config file, you can set the following instructions:

[client]
default-character-set = utf8mb4

[mysql]
default-character-set = utf8mb4

[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci

Restart MySQL, and check that MySQL’s configuration is correct now:

+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| character_set_client     | utf8mb4                    |
| character_set_connection | utf8mb4                    |
| character_set_database   | utf8mb4                    |
| character_set_filesystem | binary                     |
| character_set_results    | utf8mb4                    |
| character_set_server     | utf8mb4                    |
| character_set_system     | utf8                       |
| character_sets_dir       | /usr/share/mysql/charsets/ |
| collation_connection     | utf8mb4_unicode_ci         |
| collation_database       | utf8mb4_unicode_ci         |
| collation_server         | utf8mb4_unicode_ci         |
+--------------------------+----------------------------+

If you want more on emojis, some highly recommended links:

From jc.

Xcode 5.1 Breaks Python Native Extensions and Ruby Gems

tweet

If you’ve installed Xcode 5.1 and want to install some of your favorite Python or Ruby toys on your OSX, you could have a bad surprise. For instance, if you try to install Fabric after upgrading to Xcode 5.1, you will fail!

Installation:

pip install Fabric

Results:

…
creating build/temp.macosx-10.9-intel-2.7/src

cc -fno-strict-aliasing -fno-common -dynamic -arch x86_64 -arch i386 -pipe -fno-common -fno-strict-aliasing -fwrapv -mno-fused-madd -DENABLE_DTRACE -DMACOSX -Wall -Wstrict-prototypes -Wshorten-64-to-32 -fwrapv -Wall -Wstrict-prototypes -DENABLE_DTRACE -arch x86_64 -arch i386 -pipe -std=c99 -O3 -fomit-frame-pointer -Isrc/ -I/usr/include/ -I/System/Library/Frameworks/Python.framework/Versions/2.7/include/python2.7 -c src/_fastmath.c -o build/temp.macosx-10.9-intel-2.7/src/_fastmath.o

clang: error: unknown argument: ’-mno-fused-madd’ [-Wunused-command-line-argument-hard-error-in-future]

clang: note: this will be a hard error (cannot be downgraded to a warning) in the future

error: command ’cc’ failed with exit status 1

The installation of Fabric failed because Fabric (probably PyCrypto) is using an unused command line (-mno-fused-madd), and, as of Xcode 5.1, clang treats unrecognized command-line options as errors.

Buried in the Xcode 5.1 release notes:

Compiler

  • As of Apple LLVM compiler version 5.1 (clang-502) and later, the optimization level -O4 no longer implies link time optimization (LTO). In order to build with LTO explicitly use the -flto option in addition to the optimization level flag(15633276)

  • The Apple LLVM compiler in Xcode 5.1 treats unrecognized command-line options as errors. This issue has been seen when building both Python native extensions and Ruby Gems, where some invalid compiler options are currently specified.

Projects using invalid compiler options will need to be changed to remove those options. To help ease that transition, the compiler will temporarily accept an option to downgrade the error to a warning:

-Wno-error=unused-command-line-argument-hard-error-in-future

Note: This option will not be supported in the future.

To workaround this issue, set the ARCHFLAGS environment variable to downgrade the error to a warning. For example, you can install a Python native extension with:

$ ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future easy_install ExtensionName

Similarly, you can install a Ruby Gem with:

$ ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future gem install GemName

So if you want to install Fabric, you should type in a terminal:

export ARCHFLAGS=-Wno-error=unused-command-line-argument-hard-error-in-future
pip install Fabric

And everything will be fine…

Xcode, always a good surprise with every update….

From jc.

Meon Soundtrack by Benjamin Devos

tweet

Speaking of awesome video game soundtracks, I love musics in Meon. When working on Meon, we did the graphics ourselves, it was a lot of work, especially when Retina devices appeared. When we begun to work on the soundtracks, we decided to hire a real professional composer.

If you want to make a game, here is my best advice: hire professional graphics and music composers, don’t waste time and energy on graphics and musics, just work with people that know much about it than you. You will spend more money for sure, but the result will be greater.

I’m so glad we have found the right person for Meon soundtracks: Benjamin Devos. Benjamin has done a wonderful work, and the result is simply excellent.

Blue of Brave, levels 1 - 9

Green Peace, levels 10 - 19

Purple Choice, levels 20 - 29

Orange Juice, levels 30 - 39

Ochre Majesty, levels 40 - 49

Meon Swing, Intro

More info on Benjamin’s website and his SoundCloud page.

Some reviews on the App Store:

Music, by derrickkendall - Aug 13, 2011:
The music is very catchy and unique, especially after level 10. I enjoyed that. A nice puzzle game

I love that game, by Opuspop:
The music in this game is awesome, the graphics are really nice and the puzzles addictive. Thumbs up

Musique et gameplay magnifiques, by ogechter - Mar 21, 2013:
Tout est dans le titre.
Si je trouve la musique en MP3, je me la passe en boucle.

Fantabulous, Paisa-vasool…killer :), by connect2ajay - May 05, 2013:
Meon commends Respect for Awesome music, game play & cutie Meons ;)
To whosoever I’ve shown the game, becomes addicted, hence proved :)
Thank you Meon Team for this Gem of a Puzzle Game. Looking forward to Meon 2….Waaaaaooooo ;D

From jc.

Zelda: A Link Between Worlds Music

tweet

By way of RickDeckarD (thanks!): After Bit - The Legend of Zelda : A Link Between Worlds shows how Ryo Nagamatsu has transformed and renewed A link To The Past’s musics in this new Zelda opus. Wonderful graphics (undoubtedly the best 3D effects on the 3DS, you have to see it in real), and the soundtrack is simply superb, generous, marvelous, ingenious. Great reviews of this music by jeuxvideo.com (unfortunately only in french!)

Part 1:

Part 2:

If you want to listen to all the ’A Link Between Worlds’ soundtracks, here is a YouTube playlist:

Nintendo may have a little bit of trouble, under the attack of the iDevices, but boys, I will give 1000 iPhone games for only one 3DS game of the quality of A Link Between Worlds. If you think Nintendo is over, just borrow a 3DS and play a few minutes with this Zelda game.

Some interesting links abouth the making of this new masterpiece:

The Making of The Legend of Zelda: A Link Between Worlds

The Making of The Legend of Zelda: A Link Between Worlds, Musics

Zelda trick

Iwata Asks: The Legend of Zelda: A Link Between Worlds

iTunes, App Store, iBooks and Mac App Store Affiliation

tweet

Affiliation is a simple way to make extra revenues with your app or with your web site in the iOS/OSX world: it provides a way to link to songs, apps, movies, ebooks, earning you commissions on sales. The good news is that affiliation on iTunes (including App Store, iBooks, and Mac App Store), is really easy to set-up. The bad news is that you will need a lot of audience before making real money. Here’s a quick presentation, since there have been some changes recently.

  1. What’s affiliation
  2. How to become an iTunes affiliate
  3. Linking
  4. API and tools
  5. Useful links

1. What’s affiliation

Affiliation on iTunes

  1. Assume you’ve released an iOS app. Somewhere in your app, you’re promoting another iOS app; it can be one of your app, or any app available on the App Store. The promoted app can be paid or completely free. The only requirement is that the promoted app is available on the App Store.
  2. Your user has tapped a button in your app to download this app, he is redirected to the corresponding page in the App Store. At this point, you’re done: you sole job is to send customers to the App Store, by any means… Whether the user will buy the app that you’ve promoted or not is not relevant. At this moment, you’re the current affiliate on the App Store.
  3. Starting from now, and during the next 24 hours, you will earn a 7% commission on each sale done by the user. The user can quit your app, quit the App Store etc, every time he buys something on the store, you will be given a tiny 7% commission for the next 24 hours.

See, seems interesting! I’m using an iOS app in this example but really you can use affiliation with video, book, ringtones, tones, Mac app, podcasts, audiobooks, everything that is sold through iTunes, the App Store, iBooks and Mac App Store. In fact, everything that you can link to is eligible to affiliation.

You will see, it’s all about links. Given a link to the App Store, just add a parameter to this link identifying you (the affiliate token) will suffice to give you revenues.

Things to know:

2. How to become an iTunes affiliate

One to rule them all

Until very recently, iTunes Affiliate Program was operated by two or three platforms (Linkshare, Tradedoubler) and you had to register to each program to get affiliation revenues from all over the world.

Starting from 31 March 2014, there is now one and only one affiliation program provider: Performance Horizon Group (aka PHG). To become affiliate, you will have to register to the iTunes Affiliate program with PHG.

Before diving into the account creation, just a word about worldwide support. You will get revenues from customers residing in this 127 countries, but affiliates can be located in any countries:

PHG
ArgentinaArmeniaAustralia
AustriaBahamasBahrain
BarbadosBelarusBelgium
BermudaBoliviaBotswana
BrazilBulgariaCanada
Cayman IslandsChileColombia
Costa RicaCroatiaCyprus
Czech RepublicDenmarkDominica
EcuadorEgyptEl Salvador
EstoniaFinlandFrance
GermanyGreeceGuatemala
HondurasHong KongHungary
IndiaIndonesiaIreland
IsraelItalyJapan
JordanKazakhstanKenya
KuwaitLatviaLebanon
LithuaniaLuxembourgMacau
MalaysiaMaltaMauritius
MexicoMoldovaNetherlands
New ZealandNicaraguaNigeria
NorwayOmanPanama
ParaguayPeruPhilippines
PolandPortugalQatar
RomaniaRussiaSaudi Arabia
SingaporeSlovakiaSlovenia
South AfricaSpainSweden
SwitzerlandTaiwanTanzania
ThailandTrinidad and TobagoTurkey
UgandaUkraineUnited Arab Emirates
United KingdomUnited StatesUruguay
UzbekistanVenezuelaVietnam
Yemen

Sign-in to the iTunes Affiliate Program

Warning : before creating your account, you should insure that you have a live app in the store, or a live web site. Your web site can’t be in beta, or in ’work in progress’ mode. It must be live, with real datas and content, otherwise your affiliation account creation will be rejected.

Now, go to https://phgconsole.performancehorizon.com/login/itunes/, click on Sign-In:

Apply PHG

Fill the information:

Apply PHG

Some info:

Apply PHG

Apply PHG

Now, you just have to wait a few days (usually 3 to 5 days) and wait for your account creation confirmation. If your web site / app is live, your account should be validated without problem.

Once you have been notified that your affiliate account have been accepted, you can go sign-in http://affiliate.itunes.apple.com/signin. In the email that you’ve received, you have been given an Affiliated ID (or Affiliate Token): you really just need this token to make money! Affiliated token looks something like 11lqRB (which’s Manbolo’s one).

In case you miss it, you will find yours in your PHG console on the top-right corner:

PHG console

3. Linking

Now that you’ve your affiliate token, you can start making money. All that you’ve to do is simply adding this token to the end of any iTunes, App Store or iBooks Store links to be eligible for commissions.

On a web site

Inserting an affiliate link in a web page:

<a href="https://itunes.apple.com/us/app/numbers/id361304891?mt=8&uo=4&at=AffiliateTokenHere">Numbers - Apple</a>

Notice the at=AffiliateTokenHere added parameter at the end of the URL. Juste replace AffiliateTokenHere with your PHG affiliate token and that’s it.

In a native app

If we want to promote Meon in one of our app, we could write this:

- (IBAction)buyApp:(id)sender
{
        NSString *urlString = @"https://itunes.apple.com/app/meon/id400274934?mt=8&uo=4&at=11lqRB";
        NSURL *url = [NSURL URLWithString:urlString];
        [[UIApplication sharedApplication] openURL:url];    
}

https://itunes.apple.com/app/meon/id400274934?mt=8&uo=4 is the unaffiliated link, while https://itunes.apple.com/app/meon/id400274934?mt=8&uo=4&at=11lqRB is the affiliated ones, using our affiliate token 11lqRB.

Starting from iOS 6, you have the possibility to show, inside your app, an "iTunes controller": SKStoreProductViewController. The big advantage over the previous approach is that you user is not redirected to the App Store, he can buy apps (and other iTunes content) directly inside you app, and never quit it. Note that you can also write reviews without quitting the app.

SKStoreProductViewController inside an app

Unfortunately, as of iOS 7.0.6, there is no way to pass an affiliate token to a SKStoreProductViewController. It’s rather surprising because the APIs use to initialise this view controller (just a dictionary) will be well fitted to add an affiliate token. That’s said, if you still want to use SKStoreProductViewController, here is how you would do it:

- (IBAction)buyApp:(id)sender
{
    // The store id of the product that you want to promote.
    NSString *storeId = @"417817520";
    NSDictionary *parameters = @{SKStoreProductParameterITunesItemIdentifier: storeId};

    SKStoreProductViewController *controller = [[SKStoreProductViewController alloc] init];
    [controller loadProductWithParameters:parameters completionBlock:nil];
    [self presentViewController:controller animated:YES completion:nil];
}

With a Smart App Banner

Smart App Banner

If you plan to use Smart App Banners, be sure to read http://blog.manbolo.com/2012/10/19/invasion-of-the-smart-app-banners. You can use your affiliate token in a Smart App Banner:

<meta name="apple-itunes-app"
        content="app-id=400274934, 
        affiliate-data=at=11lqRB">

Campaigns

You can also use another parameter ct, the campaign text, that you can optionally add to any link in order to track sales from a specific marketing campaign. For example, the link below has added a campaign tracking parameter for a blog link. You can name the campaigns anything you choose, but the ct value may not be longer than 40 characters:

https://itunes.apple.com/app/meon/id400274934?mt=8&uo=4&at=11lqRB&ct=blog

Then, you will see the performance of this campaign in your PHG console dashboard.

You can get more informations on linking here: Basic Affiliate Link Guidelines for the PHG Network.

4. API and tools

If you want to build a service base on affiliation, you will need to find links to useful content on iTunes. There are some tools and APIs to help you:

Search API

http://www.apple.com/itunes/affiliates/resources/blog/introduction---search-api.html

The lookup API is really useful: given an app id, you will get the description, URL of app icons, screenshots, price, average rating, user rating count etc… More information on the lookup API in Useful iTunes Web Services.

Enterprise Partner Feed

Apple gives you also a much more powerful tool: a direct access to the entire App Store metadata database, called Enterprise Partner Feed, or simply EPF. EPF provides a daily access to the iTunes content entire database (apps, movies song) and you can use this tool to build your killer app: it’s much more powerful than iTunes Search API but need more work.

EPF is daily updated, so you can use it to extract useful content and add affiliation. Note that any links extracted from the database must be used with an affiliate token.

Access on the database requires login credentials and an active partnership with the affiliate program. You can apply to get access by filling a request at http://itunesaffiliate.phgsupport.com/anonymous_requests/new (don’t send request to EPFrequest@apple.com, the mail is no longer in use). You will receive an answer in a few days.

5. Useful links

WWDC 2012 - Session 603: Tools, Services, and APIs for iTunes Affiliate Program Marketing

WWDC 2010 - Session 133: Using iTunes and App Store Affiliate Tools and Technologies

http://david-smith.org/blog/2013/08/19/itunes-affiliate-linking/

http://www.apple.com/itunes/affiliates/resources/

http://www.apple.com/itunes/affiliates/resources/documentation/itunes-enterprise-partner-feed.html

From jc.

Two Scoops of Django 1.6

tweet

Two Scoops of Django

Daniel Greenfeld and Audrey Roy have just released a revised edition of Two Scoops of Django, Best Pratices for Django 1.6.

I’ve been a huge fan of the first edition (targeted to Django 1.5), it has been (and still is) an invaluable companion in learning how to develop with Django. The first edition contains a lot of tips, tricks, patterns, code snippets, techniques and more important best practices: how to organize your settings, how to design your models, how to test your Django app etc…

In my opinion, this is not a book for starting to learn Django: it’s value is really in the knowlegde and experiences that Daniel and Audrey have learned over the years, it’s about best practices. If you’re new to Django, this book will be challenging, you should at least have gone through the Django tutorial.

But if you plan to use Django in your projects, Two Scoops of Django, Best Pratices for Django 1.6 is simply a must-to-read.

You can buy it on Amazon or on Daniel and Audrey’s online shop.

Did I say I love Django?

I love Django.

I love Python.

From jc.

How to Use the iOS Simulator and Others OSX Apps Behind Your Corporate Proxy

tweet

In a word: cntlm!

If you work in a big company, chances are good that you’be been fighting your proxies IT guys, in particular if your proxy is a NTLM one.

You should configure your login/password proxy in the System configuration of OSX. That way, every OSX application can read your proxy settings and use it.

While this method is really simple, I’ve found a lot of applications that doesn’t work well with my company’s NTLM proxy, even if I’ve configured it in the System Preferences:

cntlm is a simple command line that stands between your applications and the corporate proxy, adding NTLM authentication on-the-fly. Your OSX system uses a local proxy (by default localhost:3128) provided by cntlm and cntlm does the hard work of always adding the NTLM authentification. You can use cntlm in interactive mode i.e. in a shell that you launch and stop on demand, or install it to be started at launch with your session.

Installing and configuring cntlm is a matter of minute and, after, you will say goodbye to your proxy issues.

The best tutorial I’ve found on cntlm is from _oho: Howto Set Cntlm on Mac OS X. Installation and overview are simply described and there are some really good tip and tricks. If you work behind a corporate proxy, be sure to read it, your life will change!

From jc.

Reachability Sample Broken on 64-bit Architecture

tweet

Here is what I’m waiting for iOS 8:

Snow Leopard 0 new feature

Courtesy of John Siracusa

There are a lot of little annoyances in iOS 7 that should be fixed. I dream of a Snow Leopard 0 new features release for iOS 8 with a lot of bug fixes. This time, @_wolfover_ has found a rather serious bug in the Apple Reachability Sample.

If you download the reachability sample, and launch it on an iPhone 5s, with an active cellular connection, you will see this result:

Reachability sample

Everything looks OK, the cellular connection is well recognized.

Now, if you modify the sample build settings to take advantage of 64-bit architectures (Target > Build Settings > Architectures) from "Standard Architectures (armv7, armv7s)" to "Standard Architectures (including 64-bit) (armv7, armv7s, armv64)"

Build settings

and run the sample, you should see this:

Reachability sample 64-bit

Reachability thinks that there is no active cellular connection! I think it’s a serious bug, I’ve certainly missed something but just recompiling Reachability for 64-bit shouldn’t produce a different result. I hope I’m wrong, but in the meantime I’ve filled a bug report (rdar://15880397) and you should too!

From jc.

All Posts