Rubyland

news, opinion, tutorials, about ruby, aggregated
Sources About
code.dblock.org | tech blog 

Fixing Bugs in the OpenSearch API Documentation using API Spec Tests

I’ve previously written about the OpenSearch OpenAPI Specification.

One of the neat features of the API spec repo is a set of declarative YAML integration tests. This turned out to be really useful in fixing bugs in the OpenSearch API reference documentation that is published to opensearch.org.

Here’s how I went about it.

To author tests, I started with reading the API documentation. For example, I read the docs for /_refresh, and added tests for that API in opensearch-api-specification#374.

The basic example that refreshes all indices was easy.

$schema: ../../json_schemas/test_story.schema.yaml

description: Test _refresh.

chapters:
  - synopsis: Refresh.
    path: /_refresh
    meth…
$ npm run test:spec--insecure -- --tests tests/indices/refresh.yaml 

>
Ruby Rogues 

What is a Top 5% Developer? - RUBY 644

The Rogues dive into who are top 5% developers, what they're doing and how to recognize them. They start out discussing how mid-level developers can move up and how developers can grow in more ways that technical skills.


Links

Picks


Become a supporter of this podcast: https://www.spreaker.com/podcast/ruby-rogues--6102073/support.
Matt Stuchlik 

Summing ASCII encoded integers on Haswell at almost the speed of memcpy

code { font-size: 13px; white-space: pre-wrap; word-wrap: break-word; }

“Print the sum of 50 million ASCII-encoded integers uniformly sampled from [0, 2³¹−1], separated by a single new line and sent to standard input.”

On the surface, a trivial problem. But what if you wanted to go as fast as possible?

I’m currently one of the top ranked competitors in exactly that kind of challenge and in this post I’ll show you a sketch of my best performing solution. I’ll leave out some of the µoptimizations and look-up table generation to keep this post short, easier to understand and to not completely obliterate the HighLoad leaderboard. Still, as far as I know nothing similar has…

Ruby on Rails 

New Rails beta release, immutable option in http_cache_forever and more

Hi, Wojtek here again. See another short list of changes from this past week.

Rails 7.2.0.beta3 have been released
With 91 commits since the last beta 2 version.

Make http_cache_forever use immutable option
The immutable: true option was added to expires_in in last week. This change sets immutable: true option for http_cache_forever which additionally affects proxied Active Storage files.

Do not watch for translation changes from gems
Optimizes the load time for I18n initialization by restricting I18n load paths passed to the file watcher to only those within the applications directory. Previously, the watcher would grab all of the available locales, including those in gems which do not…

Saeloun Blog 

Puma-dev And Using It With Rails Applications.

Puma

Puma is a modern, concurrent web server for Ruby and Rack applications. Designed with speed and simplicity in mind, Puma is known for its ability to handle multiple requests simultaneously, making it a popular choice for serving Ruby on Rails applications in both development and production environments.

Simplify Local Rails Development with Puma-dev

Developing Rails applications locally can be a hassle, especially when we want to run multiple Rails applications on our machine. Doing that with localhost:3000 will get annoying at some point (cookie sharing, changing ports, everyone in the team handling it differently, no HTTPS to test with…).

for example we have to run multiple…

Posts on Kevin Murphy 

Access Request Headers in a Rails Controller

Heads Up 🔗

A coworker presented a failing request spec. They asked if they were passing headers incorrectly in the test.

it "reports to be a teapot when asked to brew coffee" do  headers = { "X-COMMAND" => "brew coffee" }  get drinks_url, headers: headers  expect(response.status).to eq 418end

They wrote the test exactly like I’d expect. But, rather than providing the 418, a 200 OK was the status code. I then looked at the controller this request spec was accessing.

def index  if headers["X-COMMAND"] == "brew coffee"    head 418  end  @drinks = Drink.allend

Nothing obvious caught my attention. But now that I’d been effectively nerd sniped, I had to figure out what was going on.

Heading In For a…

Awesome Ruby Newsletter 

💎 Issue 425 - Rails 7.2 Adds app:update Task to be a Rails Command.

RubySec 

CVE-2024-27090 (decidim): Decidim vulnerable to data disclosure through the embed feature

### Impact If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embedded (such as a Participatory Process, an Assembly, a Proposal, a Result, etc), then some data of this resource could be accessed. ### Patches Version 0.27.6 https://github.com/decidim/decidim/commit/1756fa639ef393ca8e8bb16221cab2e2e7875705 ### Workarounds Disallow access through your web server to the URLs finished with `/embed.html`
RubySec 

CVE-2024-27095 (decidim-admin): Decidim cross-site scripting (XSS) in the admin panel

### Impact The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. The attacker is able to change e.g. to `` if they know how to craft these requests themselves. And then enter the returned blob ID to the form inputs manually by modifying the edit page source. ### Patches Available in versions 0.27.6 and 0.28.1. ### Workarounds Review the user accounts that have access to the admin panel (i.e. general Administrators, and participatory space's Administrators) and remove access to them if they don't need it. ### References OWASP ASVS v4.0.3-5.1.3
RubySec 

CVE-2024-32469 (decidim): Decidim cross-site scripting (XSS) in the pagination

### Impact The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter `per_page`. ### Patches Patched in version 0.27.6 and 0.28.1 ### References OWASP ASVS v4.0.3-5.1.3 ### Credits This issue was discovered in a security audit organized by the [mitgestalten Partizipationsbüro](https://partizipationsbuero.at/) and funded by [netidee](https://www.netidee.at/) against Decidim done during April 2024. The security audit was implemented by [AIT Austrian Institute of Technology GmbH](https://www.ait.ac.at/),
Ruby Weekly 

All the talks from RailsConf

#​711 — July 11, 2024

Read on the Web

Ruby Weekly

Finding Memory Leaks in the Ruby Ecosystemruby_memcheck is a tool that uses Valgrind to dig into, and debug, memory issues in native Ruby gems, an area that has historically been quite hard to work in. Peter looks at an improvement made to Ruby to track memory leaks and how you can use it.

Peter Zhu

💡 While native gems will always be necessary, Sidekiq's Mike Perham stresses why we should minimize our use of them whenever possible and says he won't let Sidekiq use them at all.

Simple, Fast Data Analytics with Postgres + DuckDB — Fast queries of…

Rails Designer 

Rails Designer V1 is here!

6 months and many, many early adopters later, and a long one-month holiday from yours truly, V1 is here! 💃

Rails Designer started at v0.5.1. The versions before that were internal that only I used to built my various, successful SaaS products.

Before the release of 0.5.1, multiple dozen people purchased, for a big discount, Rails Designer without getting immediate access! That was enough validation for me to switch gears and make Rails Designer ready for all of you.

Fast-forward a few months and Rails Designer now sees dozens of new customers every week! Possibly making it my most successful side-project to date. 🤯

With the release of V1, I am also removing the early-adopters discount…

honeyryder 

http-2 1.0.0, a fork’s tale

TL;DR The http-2-next gem has been officially archived, and has been replaced by http-2 (the gem http-2-next was originally forked from) as the only direct dependency of httpx, after being merged back into the latter.

Origin story

The http-2 gem, is a (quote) pure ruby implementation of the HTTP/2 protocol and HPACK header compression. It’s “transport agnostic”, as in, it does not mess directly with sockets, instead accepting byte strings (via conn << bytes), and allowing callbacks to be registered, in order to be called at key moments of an HTTP/2 connection management lifecycle.

# from the README
require 'http/2'

socket = YourTransport.new

conn = HTTP2::Client.new
conn.on(:frame) {|b…

Internally, it handles…

The Ruby on Rails Podcast 

Episode 519: Joel Hawksley on Web Accessibility

Joel is a staff software engineer at GitHub, working on user interface architecture and strategy. For the last several years, he has been part of the team working to improve the accessibility of GitHub.com. He also leads development of the ViewComponent framework. Today, he joins the show to teach us about Web Accessibility

Show Notes
Joel's RailsConf Talk - https://www.youtube.com/watch?v=4j2zlvE_Yj8
WCAG Guidelines - https://www.w3.org/WAI/standards-guidelines/wcag/
Axe Devtools - https://www.deque.com/axe/devtools/
Aria Live - https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Attributes/aria-live

Island94.org 

Notes from Carrierwave to Active Storage

I recently migrated Day of the Shirt, my graphic t-shirt sale aggregator, from storing image attachments with Carrierwave to Active Storage. It went ok! 👍

There were a couple of things driving this migration, though Carrierwave had served me very well for nearly a decade:

  • For budgetary reasons, I was moving the storage service from S3 to Digital Ocean Spaces. I knew I’d be doing some sort of data migration regardless.
  • I was using some monkeypatches of Carrierwave v2 that weren’t compatible with Carrierwave v3. So I knew I’d have to dig into the internals anyways if I wanted to stay up to date.
  • I generally trust Rails, and by extension Active Storage, to be reliable stewards when I…

And I had a couple of requirements to work though, largely motivated because images in Day of the Shirt are the content with dozens or hundreds displayed on a single page:

  • For budget (slash performance), I need to link directly to image assets. No proxying or redirecting through the Rails…
Gusto Engineering - Medium 

Platform Engineering at Gusto: Part 1

You can’t build beautiful apartments without the construction of a solid foundationYou can’t build beautiful apartments without the construction of a solid foundation

Improving customer communications and engineering productivity

Communicating the right message at the right time with the right channel is a critical part of running businesses. Gusto leverages several channels to communicate urgent action items to customers in order for them to run payroll, manage employees, and ensure that their business is running smoothly.

“Those who don’t know history are doomed to repeat it.”

In the past, customers were notified of any required actions primarily through two channels: in-app notifications and emails. When a customer logged into their Gusto account, in-app notifications,…

Rails at Scale 

Finding Memory Leaks in the Ruby Ecosystem

This blog post is adapted from a talk that Adam Hess and I gave at RubyKaigi 2024.

Until recently, Ruby lacked a mechanism for detecting native-level memory leaks from within Ruby and native gems. This was because, when Ruby terminates, it does not free the objects that are still alive or the memory used by Ruby’s virtual machine. This is because the system will reclaim all the memory used anyway, so it’s just extra work that would make Ruby’s shutdown slower. However, this meant that it was impossible to determine whether a piece of memory was leaked or was just not cleaned up.

This meant that it was hard to analyze Ruby applications that suffered from memory leaks, causing them to…

Peter Zhu 

Finding Memory Leaks in the Ruby Ecosystem

Until recently, Ruby lacked a mechanism for detecting native-level memory leaks from within Ruby and native gems. This meant that it was hard to analyze Ruby applications that suffered from memory leaks, causing them to consume increasing amounts of memory until the system runs out and terminates the application. In this blog post, we'll be looking at the RUBY_FREE_AT_EXIT feature, which allows memory leak checkers to find memory leaks in Ruby and in native gems.
RubySec 

CVE-2024-39308 (rails_admin): RailsAdmin Cross-site Scripting vulnerability in the list view

### Impact RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. The issue was originally reported in https://github.com/railsadminteam/rails_admin/issues/3686. ### Patches Upgrade to [3.1.3](https://rubygems.org/gems/rails_admin/versions/3.1.3) or [2.3.0](https://rubygems.org/gems/rails_admin/versions/2.3.0). ### Workarounds 1. Copy the index view (located under the path `app/views/rails_admin/main/index.html.erb`) from the RailsAdmin version you use, and place it into your application by using the same path. 2. Open the view file by an editor, and remove `strip_tags` from the title attribute (as shown in GHSA advisory…
BigBinary Blog 

How we fixed app downtime issue in neetoDeploy

We are building neetoDeploy, a compellingalternative to Heroku. Stay updated by following neetoDeploy onTwitter and reading ourblog.

At neeto we are building 20+ applications, and most ofour applications are running in neetoDeploy. Once we migrated from Heroku toneetoDeploy, we started getting 520 response code for our applications. Thisissue was occurring randomly and rarely.

What is 520 response code?

A 520 response code happens when the connection started on the origin webserver, but that request was not completed. This could be due to server crashesor the inability to handle the coming requests because of insufficientresources.

When we looked at our logs closely, we found that all the 520…

Evil Martians 

Connection avalanche safety tips and prepping for real-time applications

Authors: Vladimir Dementyev, Principal Backend Engineer, and Travis Turner, Tech EditorTopics: Backend, Ops, Performance Optimization, Site Reliability Engineering, Full Cycle Software Development, WebSocket, Hotwire, Ruby on Rails

Learn about different strategies for taming a specific case of the thundering herd problem in real-time applications—connection avalanches.

Launching a greenfield application or rolling out a new feature can be like going out into the wilderness: you can never quite be sure what is waiting for you out there (bears, falling rocks …or an avalanche?) With distributed systems, you can face many common problems, and a little awareness and preparedness could be what…

RubyGems Blog 

3.5.15 Released

RubyGems 3.5.15 includes enhancements, bug fixes and documentation.

To update to the latest RubyGems you can run:

gem update --system

To install RubyGems by hand see the Download RubyGems page.

## Enhancements:

  • Installs bundler 2.5.15 as a default gem.

## Bug fixes:

  • Restrict generic arm to only match 32-bit arm. Pull request #7830 by ntkme
  • Protect creating binstubs with a file lock. Pull request #7806 by deivid-rodriguez

## Documentation:

  • Make it clearer that add_dependency is the main way to add non-development dependencies. Pull request #7800 by jeromedalbert

SHA256 Checksums:

  • rubygems-3.5.15.tgz
    d086e1c368fd3cbe04ca0f108459d0142d0d57413ae9e1d2ff4b220ebc8e6b87
GoRails 

How to Extend the Ubuntu Default Logical Volume Partition

Using VirtualBox, I'll often give Ubuntu a certain disk size and only realize later on that it isn't using the full partition size for the disk.

Run these commands to extend the root filesystem to use the full disk:

lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
resize2fs /dev/mapper/ubuntu–vg-ubuntu–lv
df -h

For more details, see: https://packetpushers.net/blog/ubuntu-extend-your-default-lvm-space/

Saeloun Blog 

Rails 7.2 Adds app:update Task to be a Rails Command.

Rails 7.2, has made many improvements to speed the development process. One major change was the conversion of app:update task to a Rails command. This change aligns the app:update task with other Rails generators.

Why we use app:update ?

After updating the Rails version in Gemfile, We need to update all the configuration files that match with the Rails version,

Previously, updating the configurations files was a time consuming process that required manual changes. Now with the changes in app:update command, the process can be customized with flags according to our workflow.

Before

Previously in Rails, the bin/rails app:update was a Rake task. This implementation had its…

Ryan Bigg's Blog 

Debugging Checklist

Above my screen, I have simple reminder: “IT IS ALWAYS TIMEZONES.” It used to be a simple black-and-white sign until my daughter decided it needed to be turned into a brilliant rainbow of a warning.

The sign was put up after experiencing not one but two timezone-related bugs within a relatively close proximity. Periodically, I’ll see something similar crop up like a test failing before 10am, but not after, thanks to the differences between what day of the week it is in UTC vs my local computer (in +1000 or +1100, depending on the day).

In a work discussion yesterday we talked about debugging checklists and I wrote up one with what I could think of. I’m sharing it here as it might be…

The Bike Shed 

432: The Semantics and Meaning of Nil

The term ‘nil’ refers to the absence of value, but we often imbue it with much more meaning than just that. Today, hosts Joël and Stephanie discuss the various ways we tend to project extra semantics onto nil and the implications of this before unpacking potential alternatives and trade-offs.

Joël and Stephanie highlight some of the key ways programmers project additional meaning onto nil (and why), like when it’s used to create a guest session, and how this can lead to bugs, confusion, and poor user experiences. They discuss solutions to this problem, like introducing objects for improved readability, before taking a closer look at the implications of excessive guard clauses in…

Ruby News 

Ruby 3.3.4 Released

Ruby 3.3.4 has been released.

This release fixes a regression in Ruby 3.3.3 that dependencies are missing in the gemspec of some bundled gems: net-pop, net-ftp, net-imap, and prime [Bug #20581]. The fix allows Bundler to successfully install those gems on platforms like Heroku. If your bundle install runs correctly now, you may not have this issue.

Other changes are mostly minor bug fixes. Please see the GitHub releases for further details.

Release Schedule

Going forward, we intend to release the latest stable Ruby version (currently Ruby 3.3) every 2 months after a .1 release. For Ruby 3.3, 3.3.5 is supposed to be released on Sep 3rd, 3.3.6 on Nov 5th, and 3.3.7 on Jan 7th.

If there’s…

Matt Stuchlik 

The Syscall Showdown: CRuby writes files with 40% fewer syscalls than CPython?

We’ve released a new version of Cirron that can now trace syscalls and record performance counters for individual lines of Ruby code, just like it could already do for Python (more here and here). It makes it very easy to quickly inspect what’s happening in any section of your code and even assert what should be happening in tests, for example.

To put it through its paces I’ve compared what syscalls each language uses for several common patterns: File IO, generating random numbers, telling time and even just printing a string.

File IO

Let’s start with something surprising right away. Here are the snippets under investigation, simply writing a string to a file (I’ll be omitting the Cirron…

Julia Evans 

Entering text in the terminal is complicated

The other day I asked what folks on Mastodon find confusing about working in the terminal, and one thing that stood out to me was “editing a command you already typed in”.

This really resonated with me: even though entering some text and editing it is a very “basic” task, it took me maybe 15 years of using the terminal every single day to get used to using Ctrl+A to go to the beginning of the line (or Ctrl+E for the end – I think I used Home/End instead).

So let’s talk about why entering text might be hard! I’ll also share a few tips that I wish I’d learned earlier.

it’s very inconsistent between programs

A big part of what makes entering text in the terminal hard is the inconsistency…

Evil Martians 

Recapping the first Local‑First conference in 15 minutes

Authors: Andrey Sitnik, Author of PostCSS and Autoprefixer, Principal Frontend Engineer, and Travis Turner, Tech EditorTopics: Design, Frontend Development, CRDT, JavaScript

A recap of the talks and key insights from the first Local-First Conference 2024

Local-first apps keep data locally, only using the cloud to synchronize data between machines (or peer‑to‑peer). This concept has become popular in recent years, and on May 30, 2024, the local‑first community came together for the inaugural Local-First Conference.

Short Ruby Newsletter 

Short Ruby News - Edition #98

Stay up-to-date on the latest launches, events, code samples, videos, and articles in the Ruby world. Don't miss out on what's happening in our community!
Saeloun Blog 

Rails Add ActiveRecord.after_all_transactions_commit Callback

In Rails applications, it is common to perform actions that depend on the successful completion of database transactions. For instance, sending a notification email after a record is updated or triggering a background job.

However, if these actions are initiated within a transaction, there’s a risk they might be executed before the transaction is fully committed.

This can lead to errors such as ActiveJob::DeserializationError or RecordNotFound especially in environments where the job queue is fast but the database might be slow.

Consider a scenario where we confirm a user and want to send a notification email afterwards:

def confirm_user(user)
  User.transaction do
    user.update(conf…
Rails Designer 

Add a custom Tailwind CSS class for reusability and speed

This is another quick article about something I use in every (Rails) app.

I often apply a few Tailwind CSS utility-classes to create smooth transitions for hover- or active-states. I use this one so often that I create a custom smoothTransition class.

So instead of writing transition ease-in-out duration-200 I write smoothTransition. Much smoother!

Typically you’d write a CSS selector within the @layer utilities directive, like so:

@layer utilities {
  .smoothTransition {
    transition-property: all;
    transition-timing-function: ease-in-out;
    transition-duration: 200ms;
  }
}

And this would certainly work just fine. But Tailwind CSS allows you to write custom styles using its…

Drifting Ruby Screencasts 

Tracking Writebook Changes

In this episode, we look at setting up a mechanism to track the changes from an externally developed product. We'll also discuss branching strategies and how to develop your own features on top of Writebook.
Island94.org 

On the importance of Rails code reloading and autoloading

I’ve elevated to “strongly held belief” that code reloading and autoloading is the most important design constraint when designing or architecting for Ruby on Rails.

  • Code reloading is what powers the “make a code change, refresh the browser, see the result” development loop.
  • Code autoloading is what allows Rails to boot in milliseconds (if you’ve designed for it!) to run generators and application scripts and a single targeted test for tight test-driven-development loops.

When autoloading and reloading just works, it probably isn’t something you think about. When code autoloading and reloading doesn’t work or works poorly, as it has on numerous apps across my career and consulting,…

Hotwire Weekly 

Week 27 - Testing Stimulus Controllers, Optimistic UI with Hotwire, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to the another issue of Hotwire Weekly! This edition covers the latest Hotwire articles and videos.

Happy reading! 🚀✨

✨ Hotwire.io Updates

The community-driven documentation and resource hub Hotwire.io got a new section to list videos all about Hotwire. Thanks to Andres Urdaneta for this contribution!

If you produced Hotwire-releated videos or know of videos that would make sense to be featured on that page please open a pull request against marcoroth/hotwire.io by adding a new entry to the videos.yml file.

Otherwise, check-out the new videos page. We have more features and ideas planned for that page, so that you can find Hotwire-related videos more…

Dom Christie 

Optimistic UI with Ruby on Rails & Hotwire

This post details a proof-of-concept for optimistic UI. If you want to just browse the source, check out the optimistic-ui-hotwire-rails GitHub repository.

Optimistic UI enhances perceived speed and responsiveness by immediately updating the UI with an expected state before the server's response is received. This approach is used when the application can predict the outcome of an action based on context and user input, allowing for an immediate response to actions.

Pending and Optimistic UI on the Remix Docs

Optimistic UI is tricky for apps that predominantly render their HTML on the server. However, in simple cases where we can reasonably predict the outcome of a user action, we can…

Karol Galanciak - Distributed Systems Architect and Ruby on Rails expert 

Beyond the Engineering: The Business Risks of Ignoring Technical Debt

As technology companies continue to deliver innovative products, often on very tight deadlines and with limited budgets (especially now, in the post-zero interest rates era), they also accumulate one natural byproduct —the infamous technical debt.

The Real Impact of Technical Debt on Business

Technical debt is the sum of various trade-offs made while building and maintaining the product and all the things that should have been applied to the system but were not. While most seasoned software engineers have a good grasp of technical debt and know how to address it, they would likely invest more time to “pay it down” and take measures to prevent it in the future, but it’s getting more…

Island94.org 

Introducing GoodJob v4

GoodJob version 4.0 has been released! 🎉 GoodJob v4 has breaking changes that should be addressed through a transitionary v3.99 release, but if you’ve kept up with v3.x releases and migrations, you’re likely ready to upgrade 🚀

The README has an upgrade guide. If you’d like to leave feedback about this release, please comment on the GitHub Discussions post 📣

If you’re not familiar with GoodJob, you can read the introductory blog post from four years ago. We’ve come pretty far.

Breaking changes to job schema

GoodJob v4 changes how job and job execution records are stored in the database; moving from job and executions being commingled in the good_jobs table to Jobs (still in good_jobs)…

a-chacon 

ActiveRecord::Enum persisted in a string field. Is it a bad idea?

There was a moment in my applications when I stopped persisting the fields that I was going to define as enums in int fields and started doing it in strings. I made this decision because, on several occasions, I was asked for a database dump for analysis, and whenever they encountered a status field (or any other using enum) with values like 0, 1, or 2, they would end up asking me about its meaning. So, instead of using numerical values that lack meaning and context, I directly changed them to a string that in itself has meaning and provides context.

But a few days ago, I reviewed the documentation again and found a phrase that made me question this:

Finally it’s also possible to use a…

RubyMine : Intelligent Ruby and Rails IDE | The JetBrains Blog 

How to use Turbo in your Rails apps with RubyMine

Hello everyone!

The RubyMine team is constantly striving to provide support for new technologies for Ruby and Rails. One of the most exciting recent additions to Rails is undoubtedly Hotwire, so we’ve prepared an overview of this suite of frameworks and a tutorial on how to use the most important Turbo and Stimulus features in your Rails app with RubyMine. This post covers Turbo; to learn more about Stimulus support, stay tuned for our next blog post.

Hotwire and Turbo

What is Hotwire?

Hotwire simplifies web development by sending HTML instead of JSON over the wire (hence the name: it stands for “HTML over the wire”). This reduces the amount of JavaScript written and sent to…

Ruby Rogues 

Leveraging Ruby for Effective Prompt Engineering and AI Solutions - RUBY 643

 They dive deep into the world of advanced development techniques and tools. In today's episode, Valentino and Scott explore the challenges and breakthroughs in the realm of AI and code generation with a particular focus on Ruby.
Valentino vents about the complexities of prompt engineering, while Scott shares insights on prompt design, function calling for structured output, and the importance of breaking down code for reliability and testing. They highlight the declining effectiveness of prompt tricks and the growing significance of using large language models over fine-tuning.
The conversation delves into the unique advantages of Ruby for rapid prototyping, with Scott Werner, CEO and…
Ruby on Rails 

Configurable compressor for encryption, Rack 3 streaming and more

Hi, Wojtek here. See the short list of changes from this past week.

Add compressor option to Active Record encryption
ActiveRecord::Encryption::Encryptor now supports a :compressor option to customize the compression algorithm used. The default compressor is Zlib (as it was before).

Utilize Rack 3 streaming
Rack 3 introduced several features to enhance how streaming responses are handled, which Rails now benefits from.

Prefer ETag header over Last-Modified for cached responses
Add config.action_dispatch.strict_freshness configuration. When set to true, the ETag header takes precedence over the Last-Modified header when both are present, as specified by the RFC 7232, section 6. Defaults…

Enhance Action View…

Ryan Bigg's Blog 

Separation of data and view layers in React components

In my Apollo Handbook I cover how to use React + Apollo to interact with a GraphQL API. I thought I’d share a pattern from that book that is making working with this library easier, in particular the pattern where we separate the data layer from the view layer of a component.

With Apollo and GraphQL code generator, we get React hooks that we can use in our component. It can be tempting to combine both these layers together in a single component:

const Product = (id: string) => {
  const { data, loading, error } = usePurchaseQuery({ variables: { id } });

  // handle loading + error states...

  const { product } = data;

  return (
    <div>
      <h1>{product.name}</h1>

     …
Awesome Ruby Newsletter 

💎 Issue 424 - JRuby funding at Red Hat stopped – call for sponsors

Super Good Blog 

Upgrading from Solidus 2 to Solidus 3

I recently had the pleasure of upgrading a long-running e-commerce storefront from Solidus 2.11 to Solidus 3.0. Solidus is a free and open-source e-commerce platform, silently helping thousands of stores turnover hundreds of millions in revenue each year. Like most sensible software projects, Solidus sticks to the convention of only allowing breaking changes in major version bumps, so while I knew that the jump from 2.11 to 3.0 was going to take longer than a day, I figured I’d have it wrapped in a week or so.

I was super wrong.

It quickly became apparent that this long-running store had never paid down an ever-accumulating mountain of tech debt. A tale as old as time. Rather than…

RubySec 

CVE-2024-39316 (rack): Rack ReDoS Vulnerability in HTTP Accept Headers Parsing

### Summary A Regular Expression Denial of Service (ReDoS) vulnerability exists in the `Rack::Request::Helpers` module when parsing HTTP Accept headers. This vulnerability can be exploited by an attacker sending specially crafted `Accept-Encoding` or `Accept-Language` headers, causing the server to spend excessive time processing the request and leading to a Denial of Service (DoS). ### Details The fix for https://github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f was not applied to the main branch and thus while the issue was fixed for the Rack v3.0 release series, it was not fixed in the v3.1 release series until v3.1.5.
Ruby Weekly 

It's independence day for JRuby too

#​710 — July 4, 2024

Read on the Web

Ruby Weekly

Discovering an 'Old' Syntax Feature History — Victor continues his investigations into various aspects of Ruby’s features by digging into something he hadn’t noticed had made it into the language some 15 years ago: the ability to have mandatory arguments after optional arguments. I hadn’t noticed this either!

Victor Shepelev

JRuby's Independence Day: Red Hat Ceases Funding — The JVM-based JRuby is easily the most successful and feature-complete alternative Ruby implementation and has received much support from Red Hat over the years. Times are changing as…

Rails Designer 

UI Design Tips Using Tailwind CSS for Developers

The difference between an okay UI-design and a good great UI-design lies often in almost hidden details. Small tweaks that most may not recognize consciously, but once removed they are obvious.

This articles shows various little UI tweaks like these that can be applied immediately in your (Rails) app’s UI. It’s based on my 25+ years of UI/design experience. While it uses Tailwind CSS’ classes (it’s what Rails Designer’s customers use), the same tips can be used with vanilla CSS.

Each preview shows how a tip is applied to the UI element.

Adjust letter-spacing for headlines

Kerning refers to the adjustment of the space between characters in a text to achieve a visually pleasing result. It…

Nithin Bekal 

Script to bump Ruby version in Rails app

Any time I need to bump a Ruby version in a Rails repo, I need to find which files have hardcoded references to the version. The 3 files that usually have hardcoded versions are Dockerfile, Gemfile and .tool-versions. I wrote a script to automate Ruby version bumps by putting this in bin/bumpruby:

#!/usr/bin/env ruby

unless (new_version = ARGV[0])
  puts "💥 Usage: bin/bumpruby <version>"
  return
end

system("asdf install ruby #{new_version}")
system("asdf shell ruby #{new_version}")
puts "\n⭐️ Switched to ruby #{new_version}"

def bump_ruby_version(file_name, pattern, replacement)
  content = File.read(file_name)
  new_content = content.gsub(pattern, replacement)
  File.write(file_name, 
The JRuby Blog 

Independence Day

All Good Things…

Hello Ruby and JRuby friends! I have some exciting news!

As they say, all good things must come to an end, and so it is with our sponsorship from Red Hat. We recently received notice that after 12 years of support, JRuby funding at Red Hat would conclude. Recent reorganization has changed priorities, and unfortunately there’s no place for ongoing sponsorship of projects like JRuby. As of July 4, 2024, my employment at Red Hat will end, and by the end of this month there will be no salaried employees dedicated to JRuby.

JRuby’s Independence Day

I’m not giving up without a fight. It is still my goal to build the most scalable, most stable, best-possible Ruby runtime for…

Mike Perham 

Iteration and Sidekiq 7.3.0

Sidekiq is the most popular background job framework for Ruby and works really well if you follow the design guidelines: keep your jobs short and idempotent. What happens if you have a job which processes a large amount of data serially, the infamous long-running job? In that case, deployments can lead to the job failing mid-way because the job will not gracefully allow the Sidekiq process to restart. To fix this, Sidekiq 7.
Julia Evans 

Reasons to use your shell's job control

Hello! Today someone on Mastodon asked about job control (fg, bg, Ctrl+z, wait, etc). It made me think about how I don’t use my shell’s job control interactively very often: usually I prefer to just open a new terminal tab if I want to run multiple terminal programs, or use tmux if it’s over ssh. But I was curious about whether other people used job control more often than me.

So I asked on Mastodon for reasons people use job control. There were a lot of great responses, and it even made me want to consider using job control a little more!

In this post I’m only going to talk about using job control interactively (not in scripts) – the post is already long enough just talking about…

Ruby Magic by AppSignal 

Debugging in Ruby with Debug

Debugging is a valuable skill for any software engineer to have. Unfortunately, most software engineers are not trained in it. And that's not just specific to developers going through boot camps; even in universities, we are not often taught and trained to use a debugger.

My teachers and mentors were more interested in getting me to write programs rather than debugging them. If we are fortunate, debugging comes at the end of the semester, in a short, last session.

Luckily, we have tools that can help us with debugging. Since Ruby 3.1, Ruby ships with the debug gem, a powerful debugger.

In this article, we will go through a quick overview of the gem. We'll see how to use it for simple and…

katafrakt’s garden 

Checking Efx - testable effects for Elixir

Mocking in Elixir is always a hot topic, mainly because of people coming from different other technologies having different expectation. The most “cannonical” solution, Mox, gives a lot of security with regard to what the fake implementation returns, but requires a bit of a ceremony from the programmer. Other solutions like Mock, Rewire or Bypass offer more ad-hoc mocking, but t the price of the tests heving to be synchronous. Then there’s Mimic, which offers ad-hoc mocking and supports async tests.

In this busy area, a new library appeared very recently. It’s called Efx and its description does not even mention mocking:

A library to declaratively write testable effects

It…

Gusto Engineering - Medium 

Scope — OSS Local Dev Env Tooling

Scope — OSS Local Development Environment Tooling

Co-authored by Ethan Hall

Command prompt showing the sudo commandPhoto by Gabriel Heinzer on Unsplash

Building tools for Gusto developers and other developer experience teams

Gusto has over 300 active engineers contributing to our code base every day. When their local development environment breaks, those engineers turn to our Developer Experience team (DEx) to troubleshoot and solve their issue.

One of the first steps for an engineer with a local development issue is to start a Slack thread in the DEx support channel. When engineers reach out for help, there are several different formats they will use to convey the error information: text, images, and even video. While images and…

code.dblock.org | tech blog 

Using OpenSearch Cat API Response Formats

I’ve been working on the new OpenSearch OpenAPI Specification that aims to properly document OpenSearch RESTful APIs. The spec is to be used to auto-generate OpenSearch clients in Python, Java, .NET, etc. One of the neat features of the API specification repo is a set of declarative YAML integration tests that ensure that the spec has the correct request parameters, and that it matches the actual responses from the server. This is particularly useful when documenting a large existing API such as OpenSearch with its 1021 known APIs.

Thus, I recently added support for text/plain, application/yaml, application/cbor, and application/smile response types to the test tooling.

I’ve heard of…

JRuby.org News 

JRuby 9.4.8.0 Released

The JRuby community is pleased to announce the release of JRuby 9.4.8.0.

JRuby 9.4.x targets Ruby 3.1 compatibility.

Thank you to our contributors this release, you help keep JRuby moving forward! @edipofederle, @fidothe, @ikaronen-relex, @jimtng, @jsvd, @kares, @mullermp, @ntkme

Ruby Compatibility

  • Fixed a bug in the bytecode JIT causing patterns to execute incorrect branches. #8283, #8284

Standard Library

  • jruby-openssl is updated to 0.15.0, with updated Bouncy Castle libraries to avoid CVEs in older versions.
  • uri is updated to 0.12.2, mitigating CVE-2023-36617.
  • net-ftp is updated to 0.3.7 with…

58 Github Issues resolved for 9.4.8.0

BigBinary Blog 

Widget state synchronisation across tabs

The neetoChat widget is the end-user-facing companion widget of ourneetoChat application. By embedding theneetoChat widget on their website, neetoChat users can easily interact withtheir customers in real-time.

neetoChat chat screen

The neetoChat widget has a feature to synchronize its state across other widgetinstances you might have open in any other tab or window, in real-time. Thisability gives users the illusion of interacting with the same widget instanceacross tabs and provides a sense of continuity. For example, user interactionssuch as navigating to another page, and minimizing/maximizing the widgetperformed on a widget instance in one tab are reflected across widgets in everyother tab.

In fact, a widget…

Radan Skorić's personal site 

How to get good at noticing code smells

A code smell, put loosely, is code that looks like it’s going to be trouble. When it’s correctly identified you usually discover that: it’s hiding a much bigger problem it’s tightly coupled to another component causing maintenance headaches it’s hard to understand for new developers slowing done the development it’s brittle and will easily break with future changes put simply, it’s ...
Evil Martians 

Realtime diagnostic logging, or how to really spy on your Go web apps

Authors: Vladimir Dementyev, Principal Backend Engineer, and Travis Turner, Tech EditorTopics: Backend, Full Cycle Software Development, Go

Learn how to temporarily stream verbose logs from your Go application without restarts and even without changing the application-level logging settings.

Logging is essential for any application running out in the wild. Usually, we hit up logs retrospectively to learn about the past, but in some cases, real-time access to detailed insights on a particular user's actions is the best (and, sometimes, only) way to identify a problem. Let's see how we can implement this type of troubleshooting (or diagnostic) logging functionality with Go and its (still quite…

Remote Ruby 

RubyConf with Kinsey Durham Grace and Jim Remsik

In this episode of Remote Ruby, Jason, Chris, and Andrew reunite after six months to dive into the details of the upcoming RubyConf 2024 with program chairs Kinsey Durham Grace and Jim Remsik. The discussion covers various aspects of the conference, such as the emphasis on more technical talks, the introduction of several keynotes including Matz and Kent Beck, and the revival of the Madison Ruby conference.

Additionally, the episode highlights the Scholar and Guide Program, which aims to help newcomers at the conference. They also delve into the history of past Ruby and Rails conferences. Both Kinsey and Jim share their journeys and experiences within the Ruby community, outlining their…

The Bike Shed 

431: Developers Are Professional Question Askers

Stephanie shares her newfound interest in naming conventions, highlighting a resource called "Classnames" that provides valuable names for programming and design. Joël, in turn, talks about using AI to generate names for D&D characters, emphasizing how AI can help provide inspiration and reasoning behind name suggestions. Then, they shift to Joël's interest in Roman history, where he discusses a blog by a Roman historian that explores distinctions between state and non-state peoples in the ancient Mediterranean.

Together, the hosts delve into the importance of asking questions as consultants and developers to understand workflows, question assumptions, and build trust for better…

Honeybadger Developer Blog (Ruby Articles) 

Parsing CSV files in Ruby

Handling data in various formats is a common task in software, and CSV (Comma-Separated Values) files are among the most prevalent data formats you'll encounter. Whether for data migration, reporting, or simply importing and exporting data, processing CSV files efficiently is a necessary skill for any Ruby developer.

In this article, we'll learn the practical aspects of parsing and handling CSV data using Ruby. We'll cover various techniques, from parsing files line-by-line for memory efficiency to dealing with CSV data from form inputs and even integrating CSV parsing into a Rails application.

Parsing a file line-by-line

A simple way to parse CSV files in Ruby is to read the entire file…

Dimiter Petrov 

How I test Stimulus controllers

I caught myself relying too much on manual tests for a feature I was building on top of a Stimulus controller. Manual tests were enough for the initial proof of concept phase. However as I was adding more features to the prototype, I was also causing regressions.

As I threw away the prototype and started over with a test-driven approach, I thought about how I test in general and how that applies to Stimulus.js

No jsdom-based tests with sample HTML

I'll start by stating how I do not test Stimulus controllers.

It would be possible to attach the controller to some fixture HTML and test things on top of jsdom. That approach would be reasonable for a library. But I'm not packaging a stimulus…

Dom Christie 

Tailwind Repetition

The biggest complaint about Tailwind CSS is that it results in long, ugly lists of class names that are difficult to maintain, particularly if they’re repeated.

This popped up again the other day, with the following example… How do you usually avoid this in #tailwind? #rubyonrails:

<%= link_to "Home", "/", class: "text-white px-3 py-2 rounded-md text-sm font-medium hover:bg-gray-700 data-[active=true]:bg-gray-500" %>
<%= link_to "Projects", "/projects", class: "text-white px-3 py-2 rounded-md text-sm font-medium hover:bg-gray-700 data-[active=true]:bg-gray-500" %>
<%= link_to "Monitor", "/monitor", class: "text-white px-3 py-2 rounded-md text-sm font-medium hover:bg-gray-700…
<%= link_to "Dashboard"

With a traditional CSS approach, it’d be common to create a .nav-link class, and set the styles in a separate stylesheet. With Tailwind, this approach can be achieved with @apply:

code.dblock.org | tech blog 

Writing a Channel Slack Bot with Granular Permissions

In 2020 Slack introduced granular permissions and has begun enforcing that legacy applications use them. I’ve previously migrated a simple bot to use those in-place, but it has come time to rewrite my larger, more complex S’Up for Slack Teams and GameBot Leaderboard bots. Furthermore, the previous versions of the bots only allowed one S’Up group and one leaderboard per team, so I decided to take this opportunity to add support for actions and user settings in both DMs and individual channels.

Here’s a rundown of the code of Slack Gamebot. It’s MIT-licensed, open-source. Install it from gamebot2.playplay.io.

Components

The bot consists of several major components.

Models

The database…

RubyMine : Intelligent Ruby and Rails IDE | The JetBrains Blog 

RubyMine 2024.2 Early Access Program Update

Hi everyone!

We’re back with an update on the state of the RubyMine 2024.2 Early Access Program. In preparation for the release, we’ve been working on improving AI Assistant, as well as providing support for Rails 8 features, Stimulus, and more.
You can download the latest EAP build from our website, via the free Toolbox App, or by using snaps for Ubuntu.

AI features

For version 2024.2, our focus is on improving AI Assistant completion. With this in mind, we enhanced AI Assistant to make it work better with Ruby- and Rails-specific contexts.

For multiline code completion, we’ve upgraded the existing prompts to request specific technological details, including the Ruby version in…

Hi, we're Arkency 

Smooth Ruby and Rails upgrades

Smooth Ruby and Rails upgrades

Recently, we were consulting and performing updates for several different outdated projects. Those were production-running, keeping the business alive, but they haven’t been upgraded for a long time.

With the experience from those projects, I’m ready to share some insights on how to make the upgrade process smooth.

Before you start

Reduce dependencies

To make the whole process simpler, I always start with auditing the Gemfile.

I check if there are any gems that are not supposed to be there anymore, and usually, find some of them. Especially, I look for:

  • Gems that are not referenced in the code.

However, you should be careful with this one, because…

Saeloun Blog 

Rails Adds ActiveRecord::Base.with_connection To Optimize Database Operations.

In Rails, ActiveRecord is a powerful ORM (Object-Relational Mapping) framework that simplifies database interactions.

Efficient management of database connections is crucial for ensuring the performance and scalability of applications.

ActiveRecord::Base.connection

ActiveRecord::Base.connection enables direct access to the currently active database connection. It holds database connections until the end of the request cycle, ensuring they are available for the duration of the request processing.

However, relying on ActiveRecord::Base.connection can cause performance issues for applications with high I/O (input/output) demands, such as those heavily interacting with third-party APIs.…

Ruby Rogues 

Integrating AI in Application Development with Obie Fernandez - RUBY 642

Obie Fernandez is the Chief Scientist at Olympia. They dive deep into the fascinating world of AI and its transformative impact on music production and application development. Our special guest, Obi Fernandez, joins Valentino Stoll to share his incredible journey of living in Mexico City since 2017 while working on innovative startups like an NFT platform and Olympia, an AI-powered consultancy growing rapidly every month.
They also introduce us to a cutting-edge music production tool that can upload music, write lyrics, and generate vocals — a boon for lyricists and singers who might not have the best singing chops. Alongside this, they discuss pragmatic uses of AI through a new book, which…
Short Ruby Newsletter 

Short Ruby News - Edition #97

A Monday summary of the articles, discussions, and news from the Ruby community
Alchemists: Articles 

Git Deployments

Cover
Git Deployments

Git deployments are the result of a green Continuous Integration (CI) process which pushes changes from a Git repository to a remote server. There are many workflows for deploying changes from a Git repository and this article will highlight a few of them while specifically focusing the Rebased Branch Workflow.

I’m not sure if the Rebased Branch Workflow workflow goes by a different name but I’ve definitely not seen this workflow talked about as much as it should be even though I’ve alluded to aspects of this workflow in previous articles:

If you’re new to this site and…

Rails Designer 

When to use `link_to` and `button_to` in Rails

This article about forms inside forms triggered a question from a reader: when to use link_to and button_to in Rails? So I wanted to publish this short and quick article.

Rails has had both helpers from the very early beginnings. link_to likely from the first release, and button_to not much later.

With the release of Rails’ ujs, link_to could now accept data-attributes as seen in these older docs. This made many Rails developers belief this the right way to do it, but: you should use link_to for simple navigation and GET requests, and button_to for actions that submit data or require additional security, such as POST, PUT, or DELETE requests.

I’ve seen some nasty HTML-element abuse in…

zverok's space 

Vignettes on language evolution: discovering an old syntax feature history

One Ruby thing I never noticed before.

While working on Ruby Evolution-themed articles (and looking for a shape for the future book), I am starting to look deeper and deeper into the history of the language—and into other languages, too, trying to understand when some solutions became common in the industry, or, vice versa, when something has fallen out of fashion.

With Ruby, I spend a couple of hours now and then looking through the NEWS/Changelog files, making my own structured lists of when something changed, and frequently making some (mostly minuscule) discoveries. Mostly, those “discoveries” are along the lines of “Ah, that’s when it was introduced” or “Wait, it wasn’t always like…

a-chacon 

ActiveRecord::Enum persisted in a string field. Is it a bad idea?

String vs int fields in ActiveRecord::Enum: Which is the best option for your Rails database?
Giant Robots Smashing Into Other Giant Robots 

Using OpenAI ChatGPT Assistants API to Build a Landscape Assistant

After a few years of owning my home, I’m now at the point where I’ve become obsessed with taking care of my yard. I’ve also been wanting to start a flower and vegetable garden. Given the fact that I have a hard time remembering how much water I’ve consumed in a given day, I was terrified that I wouldn’t be able to care for all of my new plant friends correctly.

Enter the beta OpenAI/ChatGPT assistants API. If you haven’t heard about the assistants API just yet, I think it’s pretty awesome in my opinion.

Gardening with OpenAI/ChatGPT assistants API in Ruby

You can create different assistants and give them an instruction set up front so you don’t have to build up conversation…

Hotwire Weekly 

Week 26 - Hotwire Voting and Flash Messages, Django Components with Stimulus, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to the another issue of Hotwire Weekly! This edition covers the latest Hotwire articles and videos.

Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

The Rails Changelog - Structuring Rails Apps with Matt Swanson - Matt Swanson joins The Rails Changelog to share his thoughts on Hotwire and the misconception of using all its features about among other things.

Hotwire Voting and Flash Messages with Ruby on Rails - Andy Leverenz published a tutorial and video on creating a simple voting system for books using Ruby on Rails and Hotwire.

How to close modal after save in Rails (Turbo & Stimulus) - Ken Greeff published a video on closing a modal after saving…

Inertia.js on Rails Made…

Notes to self 

A very first update to Kamal Handbook

Kamal Handbook gets updated for Kamal 1.7.3

Kamal 1.7.3

Kamal Handbook was released 3 months ago just, around the time of Kamal 1.4, but Kamal improves fast and so I made an update targeting the latest Kamal 1.7.3.

Here are some of the required of the changes for the 1st edition:

  • Kamal’s removal of healthcheck containers and introduction of the web barrier
  • new servers tagging to provide specific env vars
  • new grepping options for logs
  • new default of building from git HEAD

I also improved the handbook here and there with:

  • a new healthcheck section
  • mention of publishing more ports for accessories
  • improved provisioning

This free update was already delivered to everyone…

Once a Maintainer 

Once a Maintainer: Sofie Van Landeghem

Welcome to Once a Maintainer, where we interview open source maintainers and tell their story.

This week we’re talking to Sofie Van Landeghem, core maintainer of the advanced NLP library spaCy. Sofie has been working in machine learning and NLP since 2006, and has worked on practical use cases in the pharmaceutical and food industries. She spoke with us from her home in Belgium.

Once a Maintainer is written by the team at Infield, a platform for managing open source dependency upgrades.

How did you get into software development?

It was a long time ago. I had always loved mathematics in high school, and I studied computer science at university. I guess I have quite a logical brain. So I loved…

Remote Ruby 

Desks, Deployments, and Databases

In this episode of Remote Ruby, Jason and Chris catch up with a discussion on setting up a home office with new furniture, organizing hardware with a 3D printer, and dealing with nostalgia for old video games.

Then they delve into technical issues faced with the Postgres database on DigitalOcean, migrating to Crunchy Data, and adjusting web concurrency settings in Rails. They also share their experiences experimenting with Kamal for server deployment, the complexities of AWS configuration, and using DigitalOcean and Hetzner for app instances.

The conversation shifts to performance and error monitoring with Honeybadger Insights, the challenges of using Docker, and the potential of Kamal in…

Ruby on Rails 

Immutable Rails Cache Header, Local Assigns in Strict Local Templates, Threaded Active Storage Mirror Service

Hi, it’s zzak. Let’s explore this week’s changes in the Rails codebase.

Support “immutable” directive in Cache-Control
This PR adds a new option to the expires_in method to support the immutable directive for the “Cache-Control” header.

Also pass “local_assigns” to strict locals templates
When using Strict Locals in a partial, local_assigns is now passed to the view in order to workaround an issue where trying to access the default values of a name that is also a reserved Ruby keyword.

Fix mailer templates to be RuboCop compliant
An issue was fixed with the mailer generator and scaffolding to make the generated code RuboCop compliant. This would impact newly generated apps, that create a…

Awesome Ruby Newsletter 

💎 Issue 423 - Ruby: a great language for shell scripts

The Rails Changelog 

024: Structuring Rails Apps with Matt Swanson

In this conversation, Matt discusses his podcast Yagny FM and the motivation behind it. He also talks about his approach to open source contributions within the Rails ecosystem. Matt shares his thoughts on Hotwire and the misconception of using all its features. He discusses the trade-offs between basic conditionals and feature management tools in terms of long-term maintainability and scalability. Matt also touches on the use of feature flags and how to balance simplicity with increasing complexity over time. Lastly, he briefly mentions his experience with background jobs and the potential move to Solid Queue. In this conversation, Matt Swenson discusses considerations for…

Ruby Weekly 

'In Ruby, a method without side effects should be public.'

#​709 — June 27, 2024

Read on the Web

Ruby Weekly

Awesome Ruby: A Curated List of 945 Ruby Libraries and Tools — Every year or two, we link to this epic, categorized collection of Ruby goodies. It continues to be updated frequently with new entries added (such as the new section on Gem servers) and you’re encouraged to contribute your own projects too.

Marc Anguera Insa

On the Use of Private Methods — Recently, Noel wrote about access control for methods generally, but now shares his strong opinions about when it does and doesn’t make sense to go private.

Noel Rappin

🚀 Need to Upgrade to…

Rails Designer 

How to add “Save and add another” feature to Rails apps

If your app has a business model that often is created in sequence (think tasks or products), the Save and add another UX paradigm can be a great option.

I stumbled upon a great example in the Linear app.

Previously articles often show a solution using two buttons. Then based on the value of the commit key (i.e. the button’s value) in the params, determine which branch is needed within the create action of the controller.

{
  // 
  "product": {
    "name": "Example Product",
    "description": "This is an example product",
    "price": "9.99"
  },
  "commit": "Save and Add Another",
  "controller": "products",
  "action": "create"
}

Given above params within your controller’s action…

Planet Argon Blog 

Building Inclusive Teams and Developer Satisfaction

Building Inclusive Teams and Developer Satisfaction

Insights on software development trends, diversity in tech, tips for inclusive hiring, and boosting developer satisfaction from our Engineering Manager’s recent podcast interview.

Continue Reading

JRuby.org News 

JRuby 9.3.15.0 Released

The JRuby community is pleased to announce the release of JRuby 9.3.15.0

JRuby 9.3.x is compatible with Ruby 2.6.x and stays in sync with C Ruby. As always there is a mix of miscellaneous fixes so be sure to read the issue list below.

This release only fixes a single problem. “AOT” compiled ruby (using jrubyc) had an uncommon race condition which led to strange endless looping behavior.

2 Github Issues resolved for 9.3.15.0

Ruby Central 

RubyConf 2024 Presale Tickets: UPDATE!

Ruby Central 

RubyConf 2024 Presale Tickets Now Available!

Write Software, Well 

How to Access Raw POST Data in Rails

I haven't published any new posts in the past few weeks because we recently welcomed a baby girl into the family 😊, and combined with all the ongoing clientwork, it has become quite challenging to find quality time for writing. I really appreciate your patience though, and be assured that once things settle down, I will return to a regular posting schedule ✌️
How to Access Raw POST Data in Rails

If you are building an API or any sort of web services, you often want to work with the raw, unchanged request body. For a long time, I used to add this helper method in my Rails controllers to access the the incoming request body.

def request_body
  @request_body ||= (
    request.body.rewind
    request.body.read
  )
end

Recently, in…

The Ruby on Rails Podcast 

Episode 518: Live From The Rails Conf Hallway Track!

While at Rails Conf, I caught up with several attendees and organizers to discuss their experiences. These quick interviews have been collected for this episode.

Our Guests:
Trevor John
https://github.com/trevorrjohn

Joshua Paine
https://github.com/midnightmonster/activerecord-summarize

David Hill
https://github.com/Esmale

Alex Mitchell
@a_mitch on instagram

Patrick O’Grady
https://github.com/heyogrady

Ella Herlihy
https://github.com/ellaherlihy

Steven Ancheta
https://LinkedIn.com/in/stancheta
https://github.com/stancheta

Ollie Atkins
https://github.com/oatkins8

Sponsors
Honeybadger

As an Engineering Manager or an engineer, too much of your time gets sucked up with…

Evil Martians 

Beyond monospace: the search for the perfect coding font

Authors: Roman Shamin, Head of Design, and Travis Turner, Tech EditorTopics: Design, Fonts

A guide for both font designers and users on the design differences that matter for programming and code readability.

What makes a font suitable for writing code? Back in 2021, when I started working on Martian Mono—the Evil Martians font for programming—I naively believed it was just a matter of making all characters the same width, and maybe including some code ligatures. But over the years, I’ve discovered that a well-made developer font requires much more than simply being monospaced.

The Bike Shed 

430: Test Suite Pain & Anti-Patterns

Stephanie and Joël discuss the recent announcement of the call for proposals for RubyConf in November. Joël is working on his proposals and encouraging his colleagues at thoughtbot to participate, while Stephanie is excited about the conference being held in her hometown of Chicago!

The conversation shifts to Stephanie's recent work, including completing a significant client project and her upcoming two-week refactoring assignment. She shares her enthusiasm for refactoring code to improve its structure and stability, even when it's not her own. Joël and Stephanie also discuss the everyday challenges of maintaining a test suite, such as slowness, flakiness, and excessive database…

Honeybadger Developer Blog (Ruby Articles) 

API versioning in Ruby on Rails

Versioning APIs is a critical part of building web applications, as it allows you to make changes that may otherwise break existing API users. Changing the contract between the API and the clients that depend on it is dangerous, and versioning endpoints adds flexibility and safety. Versioning is implemented in many ways - You can version with subdomains, query parameters, URL schemas, headers, and more!

Still, developers looking to introduce a new version of an API that wasn't originally versioned may find themselves in a pickle. Clients may be calling an endpoint that takes the form base_url/all_users, so replacing it with something like base_url/v1/users presents an obvious problem. In…

37signals Dev 

Homographic Spoofing: a new Ruby toolkit

What is an homograph attack

Homograph characters look the same or very similar to other characters, but are different. For example, the letters “l” and “ӏ” (Cyrrilic “ӏ”) look the same but are different characters. A homograph attack is a phishing attack where the attacker uses homograph characters to spoof another identity. Homograph attacks became a real security concern after the introduction of Internationalized Domain Names (IDNs), which allowed domain names to contain Unicode characters. For example, a malicious actor could send you a fake reset password email from “support@paypaӏ.com” (note the Cyrrilic “ӏ”) with a…

Jekyll • Simple, blog-aware, static sites 

Jekyll 3.10.0 Released

As Ruby continues to march on, the maintainers have made the decision to drop some previously-bundled gems. This release makes Jekyll depend directly on those gems so that whether your Ruby installation has them bundled or not, your experience can continue uninterrupted.

More details are in the changelog.

Happy Jekylling!

Gusto Engineering - Medium 

The current state of Gusto’s modularity tooling

A person lying down with boxes all over them

In my last post, I looked at how we are steering Gusto’s packaging and modularization work using a broadly applicable way to think about package structures. In this post, I aim to connect this to our tooling setup today. The previous article may not be the most riveting one — nonetheless, you should go back and read it — the most salient points for today are:

  • Applications and libraries can depend on and include libraries but not applications. Applications interact with other applications via their APIs.
  • The possible APIs for applications and libraries are very different, with the ones for applications being more restrictive.

How we got to today

We can roughly split Gusto’s journey of using pack…

Stefan’s Blog 

Using ‘Packs’ (a.k.a Packwerk) as code organization / Engine alternative’ - Starting point and recipes

Packs is a code organization technique introduced by Shopify and Gusto. It’s a “specification” for organizing (lots of) code in a Rails application. In short, you can imagine that you split your Majestic Monolith internally into multiple local “microservices” that are still part of the same Rails application. Each “pack” is a separate directory and partially mimics the Rails application structure (app/models, app/controllers, etc.). The idea is to have a clear separation of concerns and to make it easier to work on a specific part of the application without having to deal with the whole monolith when working on a specific feature.

We at pludoni have been using that in two of our projects…

Short Ruby Newsletter 

Short Ruby News - Edition #96

Explore Ruby's latest: InsertBot for Rails, RubyConf updates, XSS testing, HTTP/2 servers in 6 lines, and Unicode handling. New gems and fresh Ruby content: newsletters, podcasts, videos, and articles
Blogs on Noel Rappin Writes Here 

Better Know A Ruby Thing: On The Use of Private Methods

Last time around, we got to Better Know access control in Ruby, and I started to write my opinion on the use of private methods in Ruby, but my position/argument/rant had gotten out of hand and so I spun it off into its own post.

This is that post.

It’s long enough as it is, let’s just get to it, we’ll skip the internal ad.

What I think about Private Methods in Ruby

In Ruby, a method without side effects should be public.

You should only have a private method if there is a side effect such that the object will end up in a bad state if it called at the wrong time. (Also, you should try to avoid having methods that are dangerous if called at the wrong time…)

You are already arguing with me.

T…

Prathamesh Sonpatki 

Replace symlink with actual files

I had a use case where I want to replace existing symlinks with actual files.

cp --remove-destination `readlink filename` filename

Here filename is an existing symlink. With above command the symlink gets removed and gets replaced with actual file.

How this works?

We are using readlink which according to its manpage entry, reads contents of the symlinked file and puts into buffer.

And then cp --remove-destination removes the symlink before creating the same file with the actual contents of the file.

Hotwire Weekly 

Week 25 - Inertia.js in Rails, Stimulus in the Shadow DOM?, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to the another issue of Hotwire Weekly! This edition covers the latest Hotwire articles, videos, and releases.

Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Inertia.js in Rails: a new era of effortless integration - Svyatoslav Kryukov wrote an article on the Evil Martians blog about integrating Inertia.js in Rails. Inertia.js is a hybrid solution between only client-side rendering and only server-side rendering.

Running Rails System Tests with Playwright instead of Selenium - Justin Searls wrote an article on using Playwright for Rails system tests for less flaky (Turbo-related) tests. As an alternative, capybara-lockstep could also help in these…

Rémi Mercier 

Add comments to your tables columns

I’ve been looking for a way to add default comments on models attributes for ages!

By default, Rails adds comments to some attributes like id (not null, primary key for instance.)

But now, I can add my own. For example, I can specify the unit for a duration column. It’s like Yard documentation for methods, but for attributes.

These default comments are defined in your schema.rb, so gems like annotate will pick them up. No need to worry about overwrite anymore.

  class Book
    # == Schema Information
    #
    # Table name: books
    #
    #  id          :integer    👉 not null, primary key 👈
    #  duration    :integer   👉 in seconds 👈
    #
  end

See this lil’ in seconds above, that’s…

a-chacon 

Creating a REST API with Ruby on Rails. Chapter 2: Endpoints and Serialization

How to build efficient RESTful APIs with Ruby on Rails, covering fundamental REST principles, initial project setup, route optimization with nesting, and the use of serializers.
a-chacon 

Creating a REST API with Ruby on Rails. Chapter 2: Endpoints and Serialization

Before continuing to build our REST API with Ruby on Rails, I would like to take a step back to clarify a few points. When I started working as a developer, there were many things that were unclear to me and that took time, effort, testing, and errors to learn. One of those was: What is an API really, and what is the best way to build one? Which routes to define and what responses to give?

Now this seems obvious and basic to me, but I believe it’s worth reviewing. According to IBM, a REST API is:

A REST API (also known as a RESTful API or web RESTful API) is an application programming interface (API) that adheres to the principles of the representational state transfer (REST)…

Ruby Central 

RubyConf 2024 Tickets Sales Updates!

RubyConf 2024 ticket sales are coming soon! For full details, visit the link here.

Get early updates: Join our mailing list here.

Mailing list subscribers received this information in advance. Don't miss future announcements!

RichStone Input Output 

Open-sourcing Sloth Finder to search Ruby Weekly and side projects warnings

Open-sourcing Sloth Finder to search Ruby Weekly and side projects warnings

Hey folks, what have you been up to? One of my 100-minute hack detours just became a 20-hour grind, so I wanted to share it with you and warn you below.

Basically, I scraped Ruby Weekly to get some insights on my favorite Ruby topics and ended up hosting and open-sourcing it for no substantial reason. It was probably more just for fun and testing some boundaries, like “Can I host a Rails app for cheap on SQLite and a managed platform powered by a slow brute force search?”.

Now that I am writing this and trying to remember how I got here, I remember that I was doing a PoC for a friend who might soon be on a mission to scrape the Internet’s manufacturers’ data. 🦄

I had some fun setting up a…

Ruby Central 

June 2024 Newsletter

Hello! Welcome to the June newsletter. Read on for announcements from Ruby Central and a report of the OSS work we’ve done from the previous month.

In May, Ruby Central's open-source work was supported by Ruby Shield sponsor Shopify, AWS, the German Sovereign Tech Fund (STF), and Ruby Central memberships from 29 other companies, including Partner-level member Contributed Systems, the company behind Mike Perham’s Sidekiq. In total, we were supported by 189 members. Thanks to all of our members for making everything that we do possible. <3

Ruby Central News

RubyConf 2024 announcements

ICYMI: We’re thrilled to have confirmed our second RubyConf 2024 keynote speaker, Kent Beck!

Kent Beck is Chief…

Ruby on Rails 

New database sharding methods, improved Active Record Migration Docs, caching improvements for ActiveStorage and more!

Hey everyone, Happy Friday! Vipul here with the latest updates for This Week in Rails. Let’s dive in.

Improved Active Record Migration documentation
The Rails Foundation documentation team continues on improving different areas of the Guides. This Pull Request updates the Active Record Migration documentation to receive various additions, improvements and more.

Add .shard_keys, .sharded?, & .connected_to_all_shards methods to ActiveRecord::Base
This change adds .shard_keys, .sharded?, & .connected_to_all_shards methods to start returning sharding information for a model.

class ShardedBase < ActiveRecord::Base
  self.abstract_class = true

  connects_to shards: {
    shard_one: { writing:…