I keep seeing this posts by some of the manager types on planet MySQL about how they or some other guy is worrying about open source vendors not raking in billions or are not stealing billions of money out of peoples pockets that should not be playing on the stock market and things along those lines. While I do agree that its great to see open source software flourish .. actually let me clear that up, why do I even care if open source software flourishes? I care because I think open source software enables a different kind of growth for society, one that is shared, one that lowers barriers, one that I feel is more in tune with a world at peace.

Of course I want people that take part in this to be able to provide themselves and their families a decent life. But the fact of the matter is, these people do not need …

The blog is now powered by a custom Django application instead of Wordpress.

Most of the URI's stay the same, only the feed address has changed. Be sure to update your feed reader if you want to read more about, well... stuff I do.

Comments now use django-threadedcomments, which enables the possibility of replying to specific comments and displaying them in a tree-like manner.

While migrating the entries and comments from Wordpress (Jannis wrote a little script for that, which works great with a few adjustments), I also took the chance to switch the database system from MySQL to PostgreSQL. There's no particular reason why I switched to Postgres, MySQL is still a good …

There are quite a few "tuning primers" and "my.cnf generators" and "sample my.cnf files" online. The ultimate tool for generating an optimal my.cnf is not a tool. It's a human with many years of experience, deep knowledge of MySQL and the full application stack, and familiarity with your application and your data.

I don't know exactly the percentage, but quite a few of the servers I take a look at have been "optimized" with some tuning primer or question-and-answer script that spits out "optimal" parameters for my.cnf.

Most of the time these servers are far from optimal. Sometimes the my.cnf parameters are extremely wrong, to the point of causing a severe performance penalty.

If it were as easy as writing a tool to do this, don't you think Maatkit would have mk-optimal-mycnf already? In my opinion -- as someone who knows very well the complexity of creating a good my.cnf -- it's practically impossible. Much harder than …

Here are the results for this poll, as described in my post some weeks back.

So in a nutshell (see the original post for more info), the question was what MySQL version people currently use in development. Turns out that 64% uses 5.0, 19% uses 5.1, and the rest is small fry. It's a fairly small sample anyway (like most polls), but still I find the 3:1 ratio fairly significant.

Traditionally, it's been the going thing to just use the latest MySQL development version for development, even in its very first alpha versions. MySQL 4.0.x was a fab example of that, as Jeremy Zawodny (then Yahoo), Peter Zaitsev, and quite a few others will remember. Where has that "we'll try it and report the bugs" gone? Is it just a matter of the market growing up and taking fewer risks, or is there something else going on, driving those choices?

…

Artistic license terms enforced by US Court of Appeal READ MORE

Over in Maatkit-land, Daniel Nichter and I practice test-first programming, AKA test-driven development. That is, we write tests for each new feature or to catch regressions on each bug we fix. And — this is crucial — we write the tests before we write the code.* The tests should initially fail, which is a validation that the new code actually works and the tests actually verify this. If we don’t first write a failing testcase, then our code lacks a very important guarantee: “if you break this code, then the test case will tell you so.” (A test that doesn’t fail when the code fails isn’t worth writing.)

Most of the time when I do this, I write a test, it fails because I haven’t written any code yet, and I then go do some kind of …

A classic Morecambe and Wise comedy sketch from the 1970s sees Andre Previn criticizing Eric for playing all the wrong notes while attempting the Greig Piano Concerto. Morecambe responds that he is in fact “playing all the right notes. But not necessarily in the right order.”

I was reminded of the sketch this morning while reading BusinessWeek’s article on the potential perils facing open source vendors today. It seems to ask all the right questions, but not necessarily in the right way.

The report suggests that while industry giants such as IBM, HP, Oracle and Intel stand to benefit from open source software, investor impatience could spell trouble for open source …

Just to remind you that Packt Publishing is running their Open Source CMS Award again:

The Packt Open Source Content Management System Award is designed to encourage, support, recognize and reward Open Source Content Management Systems (CMS) that have been selected by a panel of judges and visitors to www.PacktPub.com. Now entering its third year, the Award has established itself as an important measure for quality and the popularity of Open Source Content Management Systems.

You have two more weeks to submit your favourite CMS in the following categories:

• Overall Winner
• …

While SQL-Injection is one of the most discussed security problems in web applications other possible problems for SQL queries like overlong input are usually ignored although they can lead to all kinds of security problems.

This might be caused by the fact that security problems that are the result of overlong input are often buffer overflows and buffer overflows are something many web application security experts know nothing about and choose to ignore.

There are however several security problems for SQL queries that are caused by overlong input and no one talks about.

max_packet_size

In MySQL there exists a configuration option called max_packet_size which is set to one megabyte by default and controls the maximum size of a packet sent between the SQL client and server. When queries or result rows do not fit into a single packet a error is raised. This means an overlong SQL query is never sent to the server …

Over in Maatkit-land, Daniel Nichter and I practice test-first programming, AKA test-driven development. That is, we write tests for each new feature or to catch regressions on each bug we fix. And – this is crucial – we write the tests before we write the code.* The tests should initially fail, which is a validation that the new code actually works and the tests actually verify this. If we don’t first write a failing testcase, then our code lacks a very important guarantee: “if you break this code, then the test case will tell you so.” (A test that doesn’t fail when the code fails isn’t worth writing.)