Rubyland

Since our last Board message that announced the launch of Steering Committees and making an open call for volunteer leadership, we have spent a significant amount of time discussing the future of our organization.

Those conversations covered sustainability, governance, infrastructure stewardship, community participation, membership, sponsorship, and the role Ruby Central should play in supporting the Ruby ecosystem for years to come.

As those discussions evolved, it became clear that our bylaws no longer reflected how Ruby Central operates today, nor how we want it to operate in the future.

Many of the governing documents that served Ruby Central well in the past were written for a smaller…

Siri doesn’t understand Argentinian Spanish. I have to pronounce some words in a neutral accent, which sounds weird here, and my toddlers learn it as local, or write them out, navigating the awkward iOS cursor, or tap each letter and then correct typos. I use calendar, timers, notes, and reminders as anyone else, and I’ve been a “tech person” since my early years.

So I was surprised by my own surprise when Fede, my brother-in-law, repeated my ask to his Telegram agent: “remind me to pick up the kids at 11:30”. Well that was simple, and it wouldn’t rely on our memory. He didn’t write or pronounce how Siri expects, he just said my words to his phone. I’ve long wanted to schedule calendar…

Normally I just fire off a tweet when I spot a nice performance PR landing in Ruby. Lately I've been catching up on a backlog of Ruby performance work I'd bookmarked and never gotten around to - so some of what's below isn't brand new, with a few PRs dating back to 2025. There were so many of them - some headline-grabbing, some small but delightfully clever - that a thread won't cut it. So here's a roundup instead, both the recent landings and the ones I'm late to.

A few ground rules: every PR below ships a concrete benchmark number, so when I say "Nx faster" it's the author's own measurement, not vibes. Numbers come from different machines and workloads, so treat them as "here's the win on…

Chris and David cover a lot of ground in this episode, starting with Chris’s experience teaching a Rails workshop for Frontend Masters in Minneapolis. Along the way, they dive deep into Rails authentication, Devise, Authlogic migrations, Chris’s ReviseAuth gem, password security, session handling, and the hard tradeoffs of maintaining open source tools. The episode wraps with big podcasting news: David is taking over The Ruby on Rails Podcast!  Hit download now to hear more! 

Links

• Judoscale- Remote Ruby listener gift
• Minnebar
• Ruby 4.0.5 Released 
• ReviseAuth
• The Ruby on Rails Podcast

• Chris Oliver X/Twitter
• Andrew Mason X/Twitter
• Jason Charnes X/Twitter

We scoped a client spike at 20 hours. Our Software Delivery Manager built it in five. Here's what made that possible.

Continue Reading

A quick look at new rate-limiter features in the upcoming Rails version.

I build quite a few sites. For my own products or I help others. Since I released Perron that is my go-to static site generator now. But it was missing one feature for a speedy development cycle: live reload. Not just a page refresh, but more like hot reloading.

Most live reload solutions either require ActionCable (overkill when using Perron) or just do full-page reloads (annoying/too minimal). I wanted something in between.

Meet Mata: a lightweight live reload solution for Rack apps. It uses Server-Sent Events (SSE) and idiomorph.

You can install Mata simply by running bundle add mata --group=development. Then configure the middleware with watch and skip paths. That’s it. No JavaScript…

RubyGems.org is the quiet backbone of the Ruby world. It processes over 1,500 gem requests per second, serves billions of downloads every month, and keeps the tools developers rely on available, secure, and free. It's the kind of infrastructure you only notice when something goes wrong. Which, thanks to supporters like 84codes, it rarely does.

84codes has long believed that great developer tools deserve to be sustained. As a company built around making infrastructure invisible, whether through CloudAMQP (their managed service) or LavinMQ (their open-source message broker), 84codes knows firsthand how much trust gets placed in shared services every single day. Supporting RubyGems.org isn't a…

RubyGems 4.0.13 includes enhancements and Bundler 4.0.13 includes enhancements, bug fixes and security.

To update to the latest RubyGems you can run:

gem update --system [--pre]

To update to the latest Bundler you can run:

gem install bundler [--pre]
bundle update --bundler=4.0.13

RubyGems Release Notes

Enhancements:

• Prevent extraction from escaping destination_dir via pre-existing symlinks. Pull request #9493 by thesmartshadow
• Close stdin immediately when using popen2e. Pull request #9540 by rwstauner
• Fallback to copy symlinks on Windows. Pull request #9296 by larskanis
• Installs bundler 4.0.13 as a default gem.

Bundler Release Notes

Enhancements:

• Do not hard-code…

Most supply-chain attacks against RubyGems exploit a narrow window: an account is compromised, a malicious version ships, and any bundle install in the minutes that follow resolves straight to it. Bundler 4.0.13 introduces cooldown, a time-based filter that refuses to resolve to a version until it has been public for at least N days. Releases too new to have been scrutinized are passed over in favor of ones that have aged past the window.

The feature was designed in the open, drawing on how other ecosystems approach the same problem. It is opt-in, and complements rather than replaces existing defenses like mandatory 2FA and trusted publishing.

Cooldown reads the per-version created_at…

Imagine this scenario: a developer added a pub/sub gem built on top of Sidekiq to handle background event broadcasting in your company’s Rails app. At the time, it was a huge win: instead of building a custom job orchestration system, they could drop in the gem, wire up a few events, and ship a feature in days instead of weeks.

Fast forward a few years: Sidekiq needed an update. You find out the gem wasn’t actively maintained anymore. But by then, the entire application depended on it. Core features like sending notifications, syncing with third-party APIs, and triggering billing logic all ran through this pub/sub layer.

Now you face a painful choice: either keep running on an…

This post walks the whole Agile process: why it needs structure, the four nested loops it runs on, and a single example traced from a raw idea down to buildable stories.

Contents

1. Why process?
2. The process on one picture
3. Four nested loops
4. The planning cycle is a tree
5. The six stages
6. Example for a cleaning business
   • Ideas are easy
   • Who are your users?
   • Building the persona
   • This isn’t a waste of time
   • The scenario
   • Storyboard and wireframe
   • The epic
   • The stories
   • The whole trunk, on one tree
   • The planning output: a design doc

Why process?

It is tempting to jump straight to coding: we know what we want, and we’ll…

For The Agile Process I recreated the cohesive cycle figure from LaunchSchool’s Process Overview: four feedback loops drawn as rings, where each loop opens into the next.

What I compared

Version 6.1.4 of the Passenger application server has been released. This release bumps the version of the builtin Nginx engine used in Standalone mode and adds prebuilt binaries for ruby 4.0.5.

Updates & improvements

• [Nginx] Upgrades preferred Nginx to 1.30.2 from 1.30.1.
• Updated various library versions used in precompiled binaries (used for e.g. gem installs):
  • ccache: 4.13.4 -> 4.13.6
  • cmake: 4.3.2 -> 4.3.3
  • gnupg: 2.5.19 -> 2.5.20
  • libgpg_error: 1.60 -> 1.61
  • libksba: 1.6.8 -> 1.8.0
  • rubygems: 4.0.10 -> 4.0.12
  • rubies:
    • 4.0.3 -> 4.0.5

Installing 6.1.4

Please see the installation guide for advice on getting started with Passenger. Coming from a language other than Ruby, Python, Meteor or Node? Even if we…

Two years in a row, we love to see it. A huge thank you to Jason Bosco and the Typesense team for coming back and continuing to invest in this community. It genuinely means a lot to us.

You might not know their name yet, but trust me you're about to. Typesense is an open-source search engine that's blazing fast, typo-tolerant, and actually a joy to work with. Think of it as everything you wished Algolia was (including open source), without the Elasticsearch therapy bills. They're self-funded and building for developers, not investors, and it shows in every line of their docs.

Oh, and one more thing: Typesense is your WiFi sponsor this year. That's right  every Slack message you send from the…

Sally and Joël get technical as they lay out their thoughts on blog posts.

Our hosts pick apart what makes a good technical blog post, why consistent terms are more important than you might think when communicating with your audience, and how to improve your own writing to ensure your reader remains engaged.

—

There’s still time to secure your place at thoughtbot’s upcoming UK meet ups over the next month.

London Tech Leader Meetup - Tuesday June 23rd
Brighton Tech Leader Meetup - Wednesday June 24th
Brighton Ruby - Thursday June 25th
Evolve - Friday June 26th

Your hosts for this episode have been thoughtbot’s own Joël Quenneville and Sally Hall.

If you would like to…

Frequently Played 🔗

I tend to listen to the same songs or albums on repeat that are evocative of how I’m feeling or what’s going on with me. Here is what I’m currently listening to over, and over, and over, and over, again.

Not Bad For New Jersey 🔗

A signature Tele AND two new tunes from Brian? Yes, please.

Full Lyrics

I can’t say I had a good time
But after all this crazy, I think we did alright

Make You Feel My Love 🔗

Thanks to K-Pop Demon Hunters, my daughter assumes any song lyrics she doesn’t understand are in Korean. But sometimes I get to say no, that’s just Bob Dylan singing.

Full Lyrics

The storms are raging on the rolling sea
And on the highway of regret
The winds of change are blowing wild…

The Original Sin, the Scorpion, and Local AI June 1, 2026 For the last few weeks, I have been experimenting with local AI models to help me develop and maintain Ruby projects. Built for Ruby on Rails Build Maps WithoutGoogle APIs Generate beautiful production-ready maps directly from your Rails backend. Fast rendering, zero external dependencies, … Continue reading The Original Sin, the Scorpion, and Local AI →

I went on Code with Jason for the second time. Jason and I got into the Fireside acquisition, how to actually find and finance a business to buy, why support is a product, and where I think developer tools are headed in the AI era.

Some of the highlights:

Why I Bought Fireside. Complete happenstance. I was already paying Garrett Dimon to push Flipper forward, and Garrett had worked on Fireside for Dan Benjamin back in the day. Dan had lost interest and was trying to sell, but it was too big for the small players and too small for the big ones. The math was simple: if I bought it, the profit could pay for Garrett to work on both Fireside and Flipper instead of it coming out of my pocket every…

Turning Years of Ruby Knowledge Into a Local Coding Assistant June 1, 2026 Introduction Over the years, most Ruby developers accumulate a vast amount of knowledge. Not just source code, but articles, documentation, experiments, bug fixes, pull requests, design decisions, and lessons learned from maintaining production systems. The problem is that this knowledge often remains … Continue reading Turning Years of Ruby Knowledge Into a Local Coding Assistant →

Storing data as a sequence of events - RubyConfAt lightning talk supplement

This post originated from the lightning talk and the discussions I had afterward at RubyConfAt.

It was a great conference. Especially the music part was amazing. Big kudos and applause to the organizers, once again!

The Lightning Talk

During my lightning talk I discussed an alternative way of storing data in Ruby applications. The alternative way is to store data as a sequence of events.

It all starts with admitting the fact that an update of data causes information loss. We do know what it is now - we see the current state in a database column. But we don’t know how we got there. Context is lost.

Event…

We can easily configure global rate limits, but how can we make them dynamic?

In the new glorous website of Hanakai there are two “getting started” guides for Hanami: one for a “web app” (meaning, a fullstack app) and one for an API app. Even though those two guides follow building the same application (bookshelf), they differ quite a bit in places. Sometimes it’s absolutely justified (you don’t have HTML templates in API app), sometimes it feels justified, but can also provoke a thought. This is one of these thoughts.

Let’s look about 30% in the guide at “Fetching books from database” subsection. It demonstrates how to get a books index page, paginated. This is how is looks for a fullstack app (combined into one listing for clarity):

# action
module Bookshelf
  mo…

Chris, Andrew, and David kick things off with a detour through Dungeon Crawler Carl, Rails World tickets, and conference travel before diving into developer tooling, package manager security, and the latest Ruby ecosystem updates. The conversation covers everything from Hotwire-style UI patterns and pnpm/Corepack setup to Jeff Dickey’s new package manager, the RubyGems malicious package attack, Ruby 4.0.4, Shopify’s Rubydex, Claude/Codex chatter, and the increasingly strange future of AI agents and delivery robots. Hit download now to hear more! 

Links

• Judoscale- Remote Ruby listener gift
• Dungeon Crawler Carl 
• Dungeon Crawler Carl RPG + Unstoppable
• Maciej Mensfeld X
• Aube
• Jeff Dickey X
• en.dev
• The…

Hi, Wojtek here. Let’s see a huge list of this week’s changes in the Rails codebase.

Action Cable server adapterization
Extract low-level Action Cable server responsibilities into ActionCable::Server abstractions. This refactoring separates socket handling, concurrency primitives, and other transport-specific behavior from application-level connections and channels. It makes Action Cable more flexible as a framework and opens the door to alternative server implementations without changing user-facing channel and connection code.

Active Storage Guide update
Can be read on Edge Guides already.

Add shims for Ractor shareability methods
Adds new core extension to Kernel ractor_shareable?, ra…

What follows is the complete text of an audit report I produced for the Organization for Transformative Works, a non-profit which was for many years run one of the largest fan-fiction archives on the Internet.

This was produced as part of my Ruby on Rails performance retainer service. Since the app is open source, OTW has kindly agreed to let me publish the report online for all to see.

The Archive Of Our Own, also known as “AO3”, is a Rails application that is more than 16 years old. It was the focus of my engagement.

Without any further ado, here’s what I handed over to OTW and their crack team of volunteers. I think I am one of a very, very small number of people who has ever been paid…

We’re thrilled to welcome SerpApi as a new silver-tier Hanakai sponsor!

SerpApi is the world’s leading provider of search data, pioneering APIs that turn search engine results into structured, developer-ready information. Founded in 2017, the company enables developers and organizations around the world to integrate live search insights from sources like Google, Bing, and YouTube.

SerpApi comes on board as we near the first anniversary of our sponsorship program. Support like this has been instrumental in everything we’ve achieved this past year: shipping Hanami 2.3, launching Hanakai, and cooking up a very special Hanami 3.0 release—more on that one soon!

SerpApi is proud to sponsor…

Running AI Locally for Ruby Development: A Practical Guide with Ollama, Aider, and Your Own Codebase May 28, 2026 Ruby Stack News — by Germán Silva There's a quiet revolution happening in developer tooling, and it doesn't require a cloud subscription, an API key, or sending your proprietary code to someone else's server. Over the … Continue reading Running AI Locally for Ruby Development: A Practical Guide with Ollama, Aider, and Your Own Codebase →

This is a short post to show the compatibility between Sidekiq and Ruby across different versions. In the process of upgrading really old applications to more modern versions of Ruby and Sidekiq we have run into a lot of these combinations.

Sidekiq’s maintenance policy only covers the current and previous major versions (8.x and 7.x today), as long as they are less than five years old. Older versions (6.x and below) no longer receive updates, including security fixes, so if you are on a legacy version, upgrading is the safer path.

A little while ago I was asked to to build a “white-label” feature into an existing app. Their customers can now customize the app to match their brand without touching code.

It will look a little something like this:

This article walks through how I build a custom theme system using Tailwind CSS and the OKLCH color space. The basics for this feature I extracted and is available on GitHub.

The approach I took generates an entire color palette from a single value, instead of managing eleven different color stops manually. Sounds complicated? It really is quite simple. Let me show you.

Tailwind allows defining custom colors using the @theme directive (these can then be used normally, e.g. te…

Exploring Ruby’s OpenSSL stdlib internals: from C bindings to Ruby APIs May 27, 2026 Ruby ships with a standard library gem named openssl, responsible for exposing cryptographic primitives, TLS/SSL sockets, certificates, digests, encryption, and secure communication APIs directly to Ruby developers. Built for Ruby on Rails Build Maps WithoutGoogle APIs Generate beautiful production-ready maps directly … Continue reading Exploring Ruby’s OpenSSL stdlib internals: from C bindings to Ruby APIs →

Agents iterate fast; your CI pipeline may not be ready for what that actually costs. More throughput means more test runs, a growing suite, and infrastructure spend that compounds in ways most teams don't catch until someone asks about more than token spend.

Continue Reading

We recently landed a new register allocator in ZJIT and I thought I’d write a post about it!

What is a register allocator?

Whenever a compiler generates machine code it needs to decide where to put values. Those values usually take the shape of a variable in your function, though the compiler can also compute intermediate values as well. When we need to perform a calculation on some value, the CPU needs to know how to find the value.

The CPU can typically only compute output based on inputs that are in registers, though some architectures (like x86) allow computations on values stored in memory. That said, reading and writing to registers is much faster than memory, so it behooves the…

We’re thrilled to announce that Mudflap is returning as a sponsor of RubyConf for the second year in a row. Their continued investment in the Ruby community means a lot to us, and we couldn’t be more excited to have them back.

If you’re not familiar with Mudflap, they serve the $800B trucking industry — the backbone of the U.S. economy. Their market-leading payments and marketplace platform helps truckers save thousands of dollars on fuel (their #1 business expense), while giving fuel stop partners access to new, hard-to-reach customers. It’s a powerful example of technology bringing transparency and efficiency to a historically fragmented space.

Mudflap is also expanding beyond fuel into the…

May 26, 2026 Ruby’s elegance hides an extremely sophisticated runtime underneath. Features like blocks, lambdas, closures, binding, method(:foo), and even &:to_s rely on a dense set of VM internals implemented in CRuby’s proc.c. This file is one of the best entry points for understanding how Ruby models executable code objects. The source analyzed here comes … Continue reading Understanding Ruby Proc Internals Through proc.c →

Ruby LSP is a wonderful language server built on top of Prism, Rubydex and RBS. It implements a variety of features that enrich the code editing experience in Ruby projects. Its add-on architecture allows extending it with Rails features, Rubocop support and custom functionality.

Coming from Vim, I was really used to rails.vim. When I switched to Zed, I started using Ruby LSP. In some ways I felt like I’d gained superpowers, as now I had all these modern editor features that are possible because my Ruby code is actually being parsed. On the other hand, I found there were some features I was missing.

One such feature was following render calls in view templates. Rails.vim offered a gf (“go…

Move LLM safeguards out of AGENTS.md: how agent hooks plus nano-staged run linters on changed files only, cut tokens, and tighten the agent's feedback loop

Small life hack: using agent hooks and pre-commit managers like nano-staged to run linters and safeguards is far more reliable—and faster—than asking an agent to do it in AGENTS.md. Read how five minutes of setup can mean a tighter loop and fewer tokens.

ActionCable brought WebSocket support to Rails, but it traditionally required Redis as a message broker. This added complexity and cost to deployments.

Rails 8 introduces SolidCable as the default ActionCable adapter. It stores messages in the database and uses polling to deliver them to subscribers. This eliminates Redis as a dependency for real time features.

In this post, we will explore how SolidCable works, how to configure it for production, and important considerations for the application.

How SolidCable Works

Traditional ActionCable with Redis uses pub/sub: when a message is broadcast, Redis immediately pushes it to all subscribers.

SolidCable takes a different…

Caching in Rails has traditionally meant choosing between Redis or Memcached. Both are fast but expensive when we need large caches. Memory costs add up quickly.

Rails 8 introduces Solid Cache as the default production cache store. It stores cache entries in the database, leveraging modern SSD performance to provide larger caches at significantly lower costs.

In this post, we will explore how Solid Cache works, how to configure it for production, and important tradeoffs to consider.

The Case for Database Backed Caching

Traditional memory based caches have a fundamental limitation: RAM is expensive. A 10GB Redis cache costs significantly more than 10GB of SSD storage.

Modern NVMe SSDs…

Background job processing has always required external dependencies like Redis or Memcached in Rails applications. With Rails 8, that changes. Solid Queue is now the default Active Job backend, and it stores jobs directly in the database.

This eliminates the need for Redis in many applications, simplifying deployment and reducing infrastructure costs.

In this post, we will explore Solid Queue in depth, covering installation, configuration, real world usage patterns, and important caveats to consider.

Why Solid Queue?

Traditional job backends like Sidekiq and Resque rely on Redis for job storage. While Redis is fast, it adds operational complexity:

• Additional infrastructure to manage
…

The Bike Shed celebrates its 500th episode with hosts new and old as they reflect on the show’s history and ask, what’s new in your world?

Our past hosts look back at their time on the show, their favourite moments while hosting, what they took away from producing the Bike Shed, and what they might do today if they were still in the hosting chair.

—

Your hosts for this special episode of The Bike Shed have been Joël Quenneville, Sally Hall and Aji Slater. Joining them have been our returning hosts Derek Prior, Sage Griffin, Stephanie Viccari, Chris Toomey and Stephanie Minn.

Listen back to some of our guest’s highlighted episodes
Bike Shed 14: An Acceptable Level of Hassle…

Like it or not, a lot of applications are adding AI–native features: anything related to automated answers, object classification, knowledge base search, or text summarization can already be handed off to an LLM with pretty good results. If you happen to do this as a Rails engineer, this post will definitely be useful.

In this post I will describe my approach to LLM integration for Rails applications. We will discuss some common problems, explore related gems, build our own architecture layer for LLM integration, cover it with specs, and discuss ways to prepare the context.

Why we need a layer

Integrating an LLM into a Rails app at the early stages usually does not differ much from…

Duck Typer is a Ruby gem that validates interface compatibility across polymorphic classes sharing the same role, so they can be used interchangeably. It detects and clearly reports interface drift directly in your test suite.

Since Duck Typer launched, there’s been some discussion about the validity of interface testing. In this post, I want to make the case for it.

“Interface tests are fragile, so you shouldn’t write them”

That’s not true without context. How is your test suite structured? What do you test? Obviously, if you write only interface tests like this:

def test_interfaces_match
  assert_interfaces_match [StripeProcessor, PaypalProcessor]
end

With no behavior tests…

Recent months have been crazy. AI changed software engineering and there is no way to escape it. Productivity growing exponentially, small teams beating huge companies, new models emerging every day. It’s a major shift in the way we work.

Unfortunately, it brings a lot of challenges. Experts on X telling you you’re being left behind if you’re not running 10 sessions at once. Code quality dropping to the ground. Constant exhaustion from context switching. It’s a clear path to burnout. I’ve seen it myself - on me and on my team.

But it doesn’t have to be this way. Over the last few months I’ve adjusted how I work with AI - how many agents I run, when I look at them, what I let interrupt me…

The videos from Blue Ridge Ruby 2026 are now available on YouTube. Check them all out!

I wanted a fast way to read the quality of a Ruby repository, so I wrote a small gem called linecounter.

Why bother

Most files should not be too long, and most methods should not be too long. A long file is hard to hold in your head, and a long method usually hides more than one job. I wanted a quick signal for that, plus which files change the most and where the branching piles up. Not a full audit, just a first read so I know where to look next.

gem install linecounter
cd your-ruby-project
linecounter

It prints one row per file, sorted so the files that change often and carry the most logic float to the top:

Churn  Branches LOC    File
4      34       189   …

Hi, I’m Emmanuel Hayford. Rails had a busy week, so grab a tea and let’s get into it.

The 2026 Ruby on Rails Community Survey is open
Open through July 3rd. Anonymous, and takes about 10 to 12 minutes, results published free. This year goes deeper on tools, deployment, team shape, and how AI is (or isn’t) showing up in your workflow.

Limit the size of strings we call to_i on in ActiveRecord
Calling to_i on a very long string can be a DoS vector. Active Model now caps auto-integer coercion to the first _limit * 4 bytes of the input, where _limit is the column’s storage size: 16 bytes for a default 4-byte integer, 32 bytes for an 8-byte bigint. That’s comfortably more than the digits any…

A lot of people have developed a gag reflex against anything touched by AI.

I understand where that comes from. There is a lot of slop, maintainers are tired of reviewing code from people who do not understand it, and people are tired of predictable cadence.

We’re also heading toward a version of the future where all code will be generated. The models are good enough that for a lot of work, especially the boring repetitive kind, typing everything by hand makes very little sense. You can describe what you want, steer the model, ask for changes, review the output, and get to a working implementation much faster than before.

That caused some people to jump from “models can generate code” to…

In this episode, Chris, Andrew, and David are back together with David starting out giving a recap of Blue Ridge Ruby and his renewed motivation to contribute to open source. The group discusses the value of smaller single-track conferences to hallway conversations, and lightning talks. The conversation then shifts into real-world Rails and Stripe lessons, including workshop prep, validation decisions, webhook recovery, subscription edge cases, and the growing complexity of payment integrations. Hit download now to hear more! 

Links

• Judoscale- Remote Ruby listener gift
• Getting Started with Rails with Chris Oliver (Frontend Masters Live Interactive Workshop)
• Ruby Conferences 2026

Introduction

Markdown has become the lingua franca of AI. Large language models output markdown by default, documentation lives in markdown files, and developers think in markdown.

Why AI “Speaks” Markdown

Markdown’s rise in the age of AI comes down to a few key factors:

• Simplicity and Structure: Its minimalist, plain text syntax (# for headings, * for lists) creates a clear, predictable structure that AI models are trained on and can easily interpret.

• Enhanced Comprehension: AI struggles with complex formats like PDFs or Word documents due to visual clutter and metadata. Markdown strips this away, letting AI focus on meaningful content.

• Improved Prompting…

May 21, 2026 How MRI Really Implements include, prepend, extend, Singleton Classes and Method Lookup Ruby’s object model looks elegant from the outside: module Logging def call puts "before" super end end class Service prepend Logging def call puts "service" end end But internally, MRI/CRuby performs a surprising amount of machinery to make this work. … Continue reading Inside Ruby’s Object Model →

Welcome Back, Judoscale! We're excited to welcome Judoscale back as a Silver Sponsor of RubyConf for the second year in a row. If you've ever lost sleep wondering whether your Rails app could handle a sudden traffic spike, Judoscale is probably already on your radar and if it's not, it should be.

Judoscale is a dedicated autoscaler for Rails apps (and beyond), purpose-built around request queue time rather than blunt metrics like CPU or memory. That distinction matters: queue time tells you when your app is actually struggling, not just busy. The result is smarter, faster scaling  up when you need it, down when you don't  without the overprovisioning tax most teams quietly pay every month.…

Fuik is a Rails engine for handling webhooks that I launched recently. But it can also be used to process inbound emails! 💡

When working with inbound email in Rails using Action Mailbox, there’s a key requirement: managing EML files and blob storage. Once an email arrives at your domain, your email provider captures it and sends the data to you via webhook. You then extract what you need and process (or store) it. Action Mailbox requires: ActiveStorage ánd ActionMailer.

But what if you don’t have a need for ActiveStorage (including its cloud storage setup) or ActionMailer (because you use Courrier).

Most transactional email providers send their inbound emails as webhooks: Postmark,…

Making software accessible often comes down to removing small but repeated points of friction in everyday workflows. Today, on Global Accessibility Awareness Day, we’re sharing recent improvements in JetBrains IDEs across several areas: compatibility with assistive technologies on various platforms, keyboard navigation, and non-visual feedback. Some of these improvements are already available, and some are coming later this year.

You can use the audio player below to listen to this blog post.

Better compatibility with…

RailsEventStore 2.19: Starting Gun for 3.0

RailsEventStore 2.19.2 is out — grab that one, not .0 or .1 (more on why below).

This release is the starting gun for 3.0. We’ve added deprecation warnings for everything we’re removing in the next major version. Run your test suite — every warning you see is a hard error in 3.0.

Deprecations

We’re deprecating a batch of APIs in 2.19 that will be removed in 3.0.

RubyEventStore

in_batches_of

Renamed to in_batches for consistency with the rest of the API.

# deprecated
event_store.read.in_batches_of(100).each { |batch| ... }

# use instead
event_store.read.in_batches(100).each { |batch| ... }

of_types

Renamed to of_type. Singular, consistent with…

RubyGems 4.0.12 includes enhancements and bug fixes and Bundler 4.0.12 includes enhancements and bug fixes.

To update to the latest RubyGems you can run:

gem update --system [--pre]

To update to the latest Bundler you can run:

gem install bundler [--pre]
bundle update --bundler=4.0.12

RubyGems Release Notes

Enhancements:

• Remove cygwin from WIN_PATTERNS. Pull request #9527 by fd00
• Installs bundler 4.0.12 as a default gem.

Bug fixes:

• Fall back to lockfile version when BUNDLE_VERSION is “lockfile”. Pull request #9545 by hsbt
• Read BUNDLE_VERSION env var in BundlerVersionFinder. Pull request #9538 by hsbt

Bundler Release Notes

Enhancements:

• Make bundle config get…

For more than two decades, Ruby has shaped how we think about software development at thoughtbot. It influenced how we write code, how we collaborate, how we teach, and how we build products alongside our clients. Many of the practices, tools, and ideas that define our company today were either born from or heavily influenced by the Ruby community.

Ruby also helped shape our careers, friendships, businesses, and opportunities. That’s a big part of why we’re excited to share that thoughtbot is joining the Ruby Alliance alongside Gusto as a founding company.

What is the Ruby Alliance?

The Ruby Alliance is a new coalition of companies making a long-term financial and operational…

A use-after-free vulnerability has been discovered in the pthread-based getaddrinfo timeout handler of Ruby. This vulnerability has been assigned the CVE identifier CVE-2026-46727. This issue has been fixed in Ruby 4.0.5. We recommend upgrading Ruby.

Details

A race condition exists in the timeout cancellation path of rb_getaddrinfo used by Addrinfo.getaddrinfo(..., timeout:) and Socket.tcp(..., resolv_timeout:). A remote attacker who can delay DNS responses near the specified timeout may cause the Ruby process to dereference freed memory and crash.

Recommended action

Please update to Ruby 4.0.5 or later.

Workaround

If you cannot upgrade immediately, avoid passing timeout: to Addrinfo.…

Ruby 4.0.5 has been released.

This release only contains a security fix for CVE-2026-46727: Use-after-free in pthread-based getaddrinfo timeout handler and a build system regression in Ruby 4.0.4 under C locale [Bug #22065].

Please see the GitHub releases for further details.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 4.0) every two months following the most recent regular release. Ruby 4.0.6 will be released in July, 4.0.7 in September, and 4.0.8 in November.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.

Download

• https://cache.ruby-lan…

We gathered again at Working & Co in Buenos Aires for another Ruby Argentina meetup. As always, the event was streamed live on RubySur’s YouTube channel, and our sponsors (SINAPTIA, Rootstrap, OmbuLabs, and Crunchloop) kept us fed and hydrated throughout the night.

Vacas, Rails y Blockchain

Ignacio Cesarani presented his thesis project: a cattle trading platform built with Ruby on Rails and blockchain. The interesting part is the architecture: it uses Ethereum RSK as a sidechain to record transactions immutably, while keeping operational data in a traditional database.

Break

After the first talk, we had time to eat, drink, and chat. The sponsors put together a good spread, and the…

AI-assisted code generation is not free. It comes with a hidden cost: burnout. Are we dangerously ignorant to this problem? And how can we cope with it? In this post, we discuss this question.

We’re more productive than ever. AI allows us to generate code at supersonic speeds, unfold entire modules in seconds, and ship thousands of lines of code. It's easier to pick up tasks and generate value, even in unfamiliar codebases. But there’s a dark side. AI-assisted code generation isn't free; there's a hidden cost that we as an industry are only beginning to realize: AI burnout. Are we…

We’re excited to share that thoughtbot has become the second company to join the Ruby Alliance.

For 23 years, thoughtbot has helped shape the Ruby ecosystem through thoughtful engineering practices, trusted guidance on large-scale application development, and some of the most respected educational resources in the community.

Their participation in the Ruby Alliance brings experienced leadership, operational perspective, and a strong commitment to helping support the long-term health of Ruby and the infrastructure the community depends on.

As the Ruby Alliance continues to take shape, thoughtbot’s consulting experience and community perspective will help inform how Alliance companies can work…

Version 6.1.3 of the Passenger application server has been released. This release adds packages for Ubuntu 26.04 "resolute", and removes packages for Ubuntu 25.10 "questing" and Ubuntu 20.04 "focal".

Added support for Ruby app post response hooks

The optional feature of Rack 3 (`rack.response_finished`) is now supported, Closes GH-2418.

Fix a crash when buffer creation fails

Passenger could crash when it was unable to create a buffer file while handling a request that exceeded the in-memory buffer size. This was fixed through additional pointer validation.

Updates & improvements

• [Nginx] Build Nginx dynamic modules against nginx-dev sources on Ubuntu/Debian where available to accommodate Ubuntu's…

Rails 8 introduces a significant change to the asset pipeline by making Propshaft the default asset pipeline, replacing Sprockets which has been the default since Rails 3.1.

This change reflects the modern approach to asset management in Rails applications.

What is Propshaft?

Propshaft is a lightweight asset pipeline that does one thing well: it fingerprints assets and serves them.

Unlike Sprockets which bundles, transpiles, and concatenates files, Propshaft delegates those responsibilities to specialized tools.

Here’s what each pipeline actually does:

AI-generated code can quietly introduce maintainability risks into long-lived Ruby on Rails applications. Here are four patterns engineering leaders should pay attention to.

Continue Reading

Arabic, Hebrew, and other right-to-left script users often can't type properly in apps that never considered them. The fix is usually two HTML attributes. Here's exactly what to add, and when.

You shipped, the app works, users sign up. Then a bug: "The input field doesn't work properly." Turns out their language is Arabic. When typing a prompt, text renders left-to-right. This meant alignment was off, punctuation lands on the wrong side, and the whole sentence reads garbled. When a user can use a right-to-left language, even English apps will break. This…

Business Goblin (left) is a character created by friend and colleague Matthew Grey (right). Originally drawn for an internal presentation, he represents greedy unscrupulous businesses selling fake AI hype without the ability to follow through on their promises. After the presentation, Business Goblin took on a bit of a life of his own, appearing around the office as a life-sized coreflute cutout.

Recently, after a couple of Friday evening beers, a small group of collegues and I asked the question: what if you could email Business Goblin and he actually emailed you back? I happened to be looking for an LLM-related side project, and so 24 hours later https://goblin.business/ was up…

Send him an email…

I’ve never used “social” media. Instead, I read a lot on various topics: Rails, web/tech and beyond. Next to the weekly practical article a week on Rails, Hotwire, CSS, SaaS and design I published, I have, since March, started sharing some thoughts and notes. They’re not publicly listed, but accessible via Atom feed only.

I hope to see more platform-independent Twitter-style feeds from others too. Web standards like RSS/Atom are great and don’t lock you into a platform or company. Just linear posts, no ragebaits or shitposting from others (and if so, unsubscribe).

With Perron’s customisable feeds feature, this is super easy to set up. I also created a tiny Raycast extension that makes…

I…

May 18, 2026 Most Ruby developers use ranges every day: (1..5) ('a'..'z') (1...) (..10) They feel lightweight, expressive, and almost deceptively simple. Built for Ruby on Rails Build Maps WithoutGoogle APIs Generate beautiful production-ready maps directly from your Rails backend. Fast rendering, zero external dependencies, full control. View Live Demo → Read Docs ✓ No … Continue reading Inside Ruby’s Range: A Tour Through range.c →

From Ruby User to Ruby Committer: Lessons from Stan Lo's Open Source Journey May 17, 2026 Stan Lo didn't follow the conventional path. No CS degree, no bootcamp pedigree, no Silicon Valley zip code just steady, deliberate contributions to the Ruby ecosystem over nearly a decade. The result? Ruby committer status, the 2025 Ruby Prize, … Continue reading From Ruby User to Ruby Committer: Lessons from Stan Lo’s Open Source Journey →

The Rails Infrastructure team built an open-source toolkit for benchmarking Bundler performance reliably across machines. Along the way I learned that AI is great for scaffolding, but you can’t oursource the engineering rigor required to catch when numbers don’t add up.

Read more on the Shopify’s Rails at Scale Blog

Hi, it’s Greg. Let’s explore this week’s changes in the Rails codebase.

Rails World 2026 update
General Admission tickets are now out, and the CFP is closing this weekend. Book your ticket or apply to speak at: https://rubyonrails.org/world/2026.

A new add-on tutorial is ready for community review This builds on the existing e-commerce app and adds a complete Product Reviews system with ratings, image uploads, rating filtering, and admin management. If you want to help by reviewing, leave your feedback in the PR here: https://github.com/rails/rails/pull/57244
Also, there are 2 new guides ready for community review: https://github.com/rails/rails/pull/57371 and https://github.com/rails/rai…

Add default #render_in implementation to ActiveModel::Conversion
This pull request adds a default #render_in…

<%#…

Hello! 8 years ago, I wrote excitedly about discovering Tailwind.

At that time I really had no idea how to structure my CSS code and given the choice between a pile of complete chaos and Tailwind, I was really happy to choose Tailwind. It helped me make a lot of tiny sites!

I spent the last week or so migrating a couple of sites away from Tailwind and towards more semantic HTML + vanilla CSS, and it was SO fun and SO interesting, so here are some things I learned!

As usual I’m not a full-time frontend developer and so all of my CSS learning has happened in fits and starts over many years.

it turns out Tailwind taught me a lot

When I started thinking about structuring CSS, I was intimidated…

Chris and Andrew catch up after Andrew’s whirlwind “vacation-ish” road trip before diving into Stripe’s latest announcements, usage-based billing, merchant-of-record pricing, Rails file upload quirks, Active Storage image handling, Sidekiq queue strategy, and the future of RubyGems. They also discuss browser form behavior, preserving and deleting attachments, image variant performance, and how to think more clearly about background job priorities. Hit download now to hear more!

Links

• Judoscale- Remote Ruby listener gift
• Dungeon Crawler Carl
• Everything we announced at Sessions 2026 (Stripe Blog)
• Scaling Sidekiq at Gusto (Medium)
• Scaling-Sidekiq -GitHub
• Nate Berkopec post on LinkedIn-Running…

• Chris Oliver X/Twitter
• Andrew Mason X/Twitter
• Jason Charnes X/Twitter

May 14, 2026 In-depth technical analysis · RubyStackNews · Concurrency & Performance For decades, the Global VM Lock (GVL) — also known as the GIL — was CRuby's great concession: the safety and simplicity of an object model free of data races, in exchange for not being able to execute Ruby code in parallel within … Continue reading Ractors: Real Parallelism in Ruby Without the GVL →

Added an MCP server and CLI commands to use Rails Blocks easily.

View full changelog →

I’ve been working professionaly with Ruby on Rails for nearly 15 years (I’m also the author of GoodJob and Spectator Sport). Last year I left GitHub and co-founded a technology startup, Frontdoor Benefits, that helps people enroll and manage their US government welfare benefits like SNAP/EBT.

Therefore, I’ve been working in a fresh Ruby on Rails app full-time now for 1 year. One of the Rails pillars is “convention over configuration”, so I thought it would be fun to share what has so far accumulated in my app’s /config directory: monkeypatches, extensions, and appwide behaviors.

Let’s start with the most controversial one.

Object#not_nil? and boolean extensions

#…

Custom elements have been covered here berfore. If you have used Hotwire in Rails, you have already used them. Both <turbo-frame> and <turbo-stream> are custom elements. They are just HTML tags with JavaScript behavior attached.

This article walks through building a drag-and-drop image upload custom element that works great in Rails forms. Starting with a simple avatar and ending with a reusable component that handles both inline and external forms. The code is, as usual, available on GitHub.

So first, why not use a regular file input or a Stimulus controller? The answer is that custom elements are perfect for self-contained components. They work anywhere in your HTML without needing to…

Redesign prep matters, but what does it actually look like when AI is in the room?

Continue Reading

I paid five dollars to read a Medium article about my own free, open source library. It was sold as hard-won production experience.

It was fabricated.

The first code sample used RubyLLM.client, which does not exist. It called client.chat(messages: ...), which does not exist. Then it invented RubyLLM::StreamInterrupted, RubyLLM::APIError, and a stream: proc API that RubyLLM has never had.

The problem was not merely wrong information. Wrong information can be corrected. This was sold as experience with RubyLLM in production, which is a much more valuable claim.

AI slop is not just filling the web with predictable cadence. It is fabricating experience. It is letting people skip the work,…

May 12, 2026 If you still think Ruby’s Array is “just a C struct with some methods on top,” you’re about 5 years out of date. Modern MRI tells a very different story. Today, Array sits at the intersection of: Ruby code (array.rb) VM intrinsics (Primitive.*) C runtime (array.c) JIT specialization (YJIT) And the result … Continue reading MRI Internals: How Ruby Arrays Became a VM Playground →

Why should you choose Solidus versus Spree? The projects share a common history up until 2015. That year, Solidus forked off of Spree and began a new direction. Since then, a lot has changed, but a lot has stayed the same.

Before we dive into the differences, it’s important to understand the history. Solidus is a community-led fork of Spree that kicked off shortly before the corporate backing of Spree evaporated, leaving the project unmaintained. The project ultimately picked up new leadership, but during that gap much of the community moved to the new fork. You can see the gap in Spree’s commit frequency:

If we look at Solidus’s commit frequency, you instead see a…