Review of PyConAr 2015

PyConAr, the Python Conference of Argentina, took place the other week. It was hosted in Mendoza city (known as the land of sun and good wine) and I had the pleasure of being one of the speakers. In this post I’d like to share some of my experience there. First of all, I’d like to say that I’ve not been using Python as a …

1

Using Brakeman

One of the tools I learned about at Ekoparty was Brakeman, an open-source vulnerability scanner which does static analysis of Ruby on Rails applications’ code to find security issues. It’s a gem, so installing it is straightforward:

Highlights of the Ekoparty training Security for web developers

At Ekoparty, during the pre-conference days I took the training Security for web developers by Andrés Riancho. The course was structured following the OWASP Top 10 vulnerabilities. For each one, the vulnerability was presented, attack vectors shown and a real running example was presented. We attacked it with a tool or by hand and then saw countermeasures. I summarize here the highlights …

Ekoparty 2015 summary

This October the Ekoparty 2015 security conference took place in Buenos Aires. I’ve been hearing about this event for years, and this time, thanks to the support of Carousel Apps, I decided to participate. The event had two main parts: training (2 days) and conference/talks (the next 3 days). I registered for one of the training courses (Security for web developers by Andrés …

Polishing a gem

Since Watu is an application written using Ruby on Rails, we use a lot of gems. A couple of weeks ago I found a bug in one of these gems. In this situation, the common action is to fix the bug and provide a patch upstream. The problem was that the gem was really out of shape: tests were red, there …

Fixing conflicts

Screenshot of gitk

The more programmers working in the same piece of code, the more conflicts will occur. So fixing conflicts is a common task when programming. Like many other organizations, here at Watu we use git as our version control system. Today I’d like to share a not-so-known tool very useful for properly solving conflicts:

It will show you the commits in …