Finally got a solid component demo pattern for my very-in-progress UI library. So, naturally, I wrote a component demo for the component demo component using the component demo component.

Svelte-ception 😎

Got a burst of inspiration for a point-and-click adventure, figured out ways I could build it in Svelte, and now I’ve got an HTML version of a old phone…

A webpage mocked up to have the interface of a circa-2002 Nokia mobile phone with a back, action, and scroll buttons. The current screen is home, the action button is for alerts, the scroll buttons are for numbers. There are 3 bars of signal.

Teleprompter procured.

Slowly but surely I’m eliminating all the “reasons” I don’t do more videos. Soon I’ll be left with just “it’s too much work.”

A picture of a teleprompter in a basement. The text is a fragment of the Brennan Lee Mulligan rant from the Game Changer episode Yes or No

Unexpected Unpermitted Parameters In Rails

Based on a true story; I’ve reframed this to be about a personal project to protect identities involved.

Some surprises are good; this one is just annoying. I recently had some unexpected “unauthorized parameters” show up in my Rails app logs during development. Nothing was breaking, it was just noise. Annoying noise. Turns out, there were two issues at play:

First: Unexpected Parameter

Let’s say I had a POST endpoint at /some_things/:session_id that expected a JSON payload like this:

{
	"some_param": "one",
	"some_other_param": "two"
}

Then in my controller, I permitted the parameters like so:

permitted_params = params.permit(:session_id, :some_param, :some_other_param)

And yet, without fail, my logs would show “Unpermitted parameter: :some_thing”. What gives?

Turns out, by default Rails will wrap a JSON or XML payload in its own singular parameter which turned my payload into this:

{
	"some_param" => "one",
	"some_other_param" => "two",
	"some_thing" => {
		"some_param" => "one",
		"some_other_param" => "two"
	}
}

There are reasons for this that mostly have to do with building create/update routes for resources. Reasons that have nothing to do with my controller!

The solution

Fixing this meant adding this single line to my controller to opt-out of this default Rails behavior:

wrap_parameters false

But I was still getting “Unpermitted parameter” in my logs, this time from a different source.

Second: Premature Permitting

The log entry was pretty sparse, and I wanted to know what line was causing this error! The quickest way was to change the behavior when Rails encountered an unpermitted parameter to throw an exception instead of just logging the parameter. This should not be done in production!

ActionController::Parameters.action_on_unpermitted_parameters = :raise

Unless you need to have your application come to a full stop if the input is even the slightest bit off, you don’t want to do this in production. But doing this locally, it will pinpoint exactly where the issue is happening. And sure enough, I found the culprit:

class SomeConcern
	# ...
	def parameter_is_set?
		params.permit(:override)[:override] == "yes"
	end
	# ...
end

Somewhere deep in the controller stack, I was doing what I was “supposed” to do and only checking “permitted” parameters. Since this was a relatively safe check, I removed the “permit” check:

params[:override] == "yes"

This left the only params.permit call as the one in my main controller.

And the logs were quiet again. For now…

Recorded a test video. Used a teleprompter app to show the script while I delivered into my webcam.

Watched the video and saw my eyes go back and forth from the webcam to the script every time.

Bought a teleprompter on eBay.

Manton Reece on the last few weeks:

People are worried that Biden might lose. Good, be worried. If more people were worried in 2016, Hillary would be wrapping up her 2nd term right now.

Downloaded 37Signals’ Writebook because free. I might try to run it locally as a Scrivener replacement, but I’m bristling at the thought of running a full Rails app on the server for what should be static files.

Timed the “intro to Smolblog” talk at just under 35 minutes. I should probably shave five minutes off somewhere, right?

Is a “where’s the beef?” reference too dated?

Between the coffee and the general environment, I’ve needed this deskmat cleaning guide from Mintlodica for a little while.

Got my professionally-done resume back. Great words, but the formatting was incredibly plain (intentionally so, to make it work better with automatic scanning systems).

So of course, I had to make it look good.

I’m not interested in competing with anyone. I hope we all make it.

— Erica Cook

I’ve been spinning my wheels on UI stuff for a few days now, so I finally gave up and started compiling my own UI library. No idea if it’ll go anywhere or be useful to literally anyone including me. Based on shadcn-svelte but with my own opinionated layer on top.

OK, is there a good tool out there for running multiple containers on a server? I’m trying to do Docker Compose in the CLI, but it feels like I’m having to hold too much context to use it well and I keep shooting myself in the foot. Do I need to just work smarter, or is there a better thing?

I’m starting to get good at Keynote animations. Stay tuned for my 1-minute explainer on en💩ification/platform decay.

I had no idea the market for Intel Macs was so bad now.

Open questions: How was the model for Apple’s generative images trained? How much energy is the cloud compute using?

Unexpected potential upside: let’s put gen AI in the iPhone and Macs, build it into all that, so that it becomes as cringe as Word Art.

I can’t remember another time that I’ve avoided reading one of @gruber@mastodon.social’s articles, but here we are. The way life is for me right now, I need the childlike surprises on Monday.

Just got laid off. Not sure what my immediate moves are, but I’m listening for opportunities.

My friend’s kickstarter to make a children’s book about South Carolina plants and animals just needs a little bit more support. Anyone interested?

The problem with mic-dropping a zoom meeting is you don’t get to see people’s reactions.

I’m working on a fictional universe… and I’m thinking of making the website a point-and-click adventure like I don’t have anything else to work on.

One thing I’m trying to learn: it’s ok to take breaks. It’s ok to be slow. Even if I already feel like I’m behind.

Smolblog isn’t a startup. I’m not burning runway. The features that really matter will still matter a year from now.

Take time and rest.

I realized what irks me about some tech: the shoehorning of one tech into another (server-side JS, Not-SQL databases, anti-cascading CSS) shows unwillingness to learn the other tech. Experimentation or time constraints are valid, but don’t claim that it “fixes” something that’s not even understood.

Y’all whippersnappers and your Tailwinds and your server-side rendering like you’re allergic to CSS and PHP. Y’all never had to use font tags inside of every paragraph or try seeing which table property will actually change the background color or transcribe your angst from your YakBak to your LJ.