Hi all,
Rails 2 makes the Atom RSS Feed much more sophisticated and elegant. If you are using the Ruby on Rails by RubyGems installer, maybe you have an old version of the Atom Feed Helper. To fix it you can check out the atom_feed_helper version inside the Ruby on Rails repository and after that, copy and paste it to /vendor/plugins/ directory.
The repository is: http://svn.rubyonrails.org/rails/plugins/atom_feed_helper.
In there you will find plugins that are more up to date.
In the README you will find a simple example to build your feed. Like when you click in our Cnxs feed at the navigation bar, if you are browsing with Firefox.
Here comes our example:

# rss.builder
atom_feed(:schema_date => @posts.last.created_at.year) do |feed|
  feed.title("CNXS")
  feed.updated(@posts.first ? @posts.first.created_at : Time.now.utc)
  @posts.each do |post|
    feed.entry(post) do |entry|
      entry.title(post.title)
      entry.content(post.body, :type => 'html')
      entry.author do |author|
        author.name(post.user.name)
        author.email(post.user.email)
      end
    end
  end
end

You can note the the atom_feed method has 4 arguments, but just one of them is required, that is the :schema_date. You can read at http://feedvalidator.org/docs/error/InvalidTAG.html, you see that the URI tag needs a year to be fix in the validators, month and day parts are optional. The others arguments are :language, that defaults to "en-US", :root_url, that defaults to the root path on the current host and :url that defaults to the current URL.
Another thing that you can look is that the ".builder" extension has higher precedence. So, if you code it in your rss action in the PostsController:

respond_to do |format|
  format.atom { render :layout => false }
end

the atom format respond int the same way to rss.builder and rss.atom.builder.
See you.

I've been reading a great paper by Daniel J. Bernstein, the creator of a qmail, and wow, what a pearl of wisdom. One of the most clarifying and straight to the point works on code security I have ever read. He (quite correctly) makes a parallel between the code security and the amount on exploitable bugs (EB), stating that it is the major problem on the code, regarding security. And then gives some answers to that problem, along with a couple of common distractions of the programmer while coding that helps those EB creep on our code base (CB). Let's review then, starting with the distractions, and I'll try to make some links with my favorite unambiguous tool of choice, Ruby.

1. Chasing attackers. The point here is give some thought to respond to tomorrow's attacks, and not being trapped by the anti-virus mentality of being only responsive to aggressors. Perhaps the dynamic nature of Ruby would help with that, but I think it is more a personal posture problem than anything else.
2. Minimizing privilege. Here, what is being said is that the old principle of least privilege is fundamentally wrong. How so? Well, it might (!) reduce the damage done by security holes, but never fixes these. Plus, IMO, it might even give users a false sense of security. Again, it is more of a way of a personal way of thinking (but what isn't? :P ).
3. Speed, speed, speed. Here I think rubists have some advantage. Since we work on a language that is 'slow', usually we tend to not place emphasis on premature optimization. I think this quote summarizes the thinking here:

   Programmers waste enormous amounts of time thinking about, or worrying about, the speed of noncritical parts of their programs, and these attempts at efficiency actually have a strong negative impact when debugging and maintenance are considered. We should forget about small efficiencies, say about 97% of the time; premature optimization is the root of all evil. —Knuth in [13, page 268]

Now, to the answers. These are also 3, and they are codependent connected to each other:

1. Eliminating bugs. I think everyone saw that one coming. But even so, Daniel's down to earth advices on it are a very worthwhile reading. I think I can summarize him on this section by saying (and that is a plus to rubists too), simplify stuff. Simplify interfaces, UI, parsing. Elegance is not a luxury, it is a way to obtain security. Following that logic we come to.
2. Eliminating code. Heck, here I'll quote his quote, and be done with it.

   To this very day, idiot software managers measure 'programmer productivity' in terms of 'lines of code produced,' whereas the notion of 'lines of code spent' is much more appropriate. —Dijkstra in [9, page EWD962–4]

   But as our systems grow, and our time and budgets remain the same or are diminished, and as programmers get more dumb, something has to give right? Wrong (don't know about the last part though).
3. Eliminating trusted code. That is somewhat more difficult I think, but it says that a program should do what it is meant to do, nothing more, and trust as few sources of data as possible. KISS and all that stuff.

I would love to hear any input on that. Until next time people.

What a day huh? Oracle bought BEA for around U$ 8.5 billions. I don't like this kind of acquisition, cause means less competitors in some market that they used to compete.

Huh? Sun acquired MySQL as announced today. I was very surprised by this notice, I guess soon we gonna have a much better DBMS. How does it sound for you?

What's your work environment? Which IDE or whatever you use for code? I will describe mine:
I use Eclipse as my IDE for Rails Java or ColdFusion (I use a separate version/dist of Eclipse for each). I don't have too much to complain about memory usage, cause everytime I prefer spend a hundred bucks more on my pc's to get much more memory that I would use. By the way here's a tip for those who want to reduce the memory usage of Eclipse, or just want to not have some tools that they will not use (that's me!). Download only the Eclipse Plataform Binary (around 40MB) that comes without the JDT and without other unnecessary plugins.
Ok that will save some MB on your memory. Now build your own environment, with only plugins that you want!
Here is mine for Ruby on Rails: Aptana, RadRails, Subclipse.
ColdFusion: CFEclipse, Aptana, Subclipse
Java: WTP, Subclipse.

Hey people, here is my first post and I expect you enjoy it.
Have you ever heard about the javascript library Ext JS? If your answer is no, you should visit their website. It's an amazing javascript library, build in the top of Yahoo UI library (another amazing), with a impressive variety of pretty beautiful and fully featured components. It's also extensible, customizable and very well documented. This last point I want to give a special focus, cause the documentation of the api is very good (part are inherit of YUI).
So if you want to deliver web 2.0 applications, don't forget to take a look closely on this library.

Hi sirs,
another important feature that we need to use is the 'sanitize' helper. This Ruby on Rails helper filters HTML nodes and attributes and strips invalid protocols. Here in our case the use it on the simpler way:
<%= sanitize(post.body) %>
Other time you can choose the options ':tags' and ':attributes' to do a custom use where just the HTML tags and attributes pointed here are allowed to be interpreted.
It is another little tip that helps in malicious posts or comments containing javascripts codes or comments with different enconding. Here comes the Rails API link to more information about this: SanitizeHelper.
See you.