Rubyland

Hi future-me! This is just a list of snippets I might be looking for next time I suddenly have to deal with a huge list of failing Sidekiq jobs being retried over and over.

List job classes sitting in the retries list

Sidekiq::RetrySet.new.map(&:display_class).uniq

Number of jobs being retried for a specific class

Sidekiq::RetrySet.new.select { |j| j.display_class == "MyJob" }.count

Delete all jobs for a class from the retries list

Sidekiq::RetrySet.new.select { |j| j.display_class == "MyJob" }.map(&:delete)

(similarly, there’s &:kill, &:retry)

(similarly, there’s Sidekiq::DeadSet, Sidekiq::ScheduledSet)

If the jobs are RES async handlers, list the events:

Sidekiq::RetrySet.new
  .select  { |j…

Evil Martians spent six years with Groupon Russia in total: 18 months from the early days of a small Russian group-buying startup to acquisition by the global corporation and the next 4.5 busy years of worldwide expansion. Martians described this project as “work inside the eye of a tornado” (meaning its insane growth)—and we had liked this skydiving in a core tech team role. This article reveals the secret of solving scaling problems and implementing promising features in record-breaking or even last-minute time, and fighting against frequent DDoS attacks under that pressure.

Business model to hit the market

Groupon is considered a web…

Nick Schwaderer co-hosts with Brittany this week. They discuss Nick's new job at Shopify (!), the interview process and working with the Ruby/Rails core team. They wrap with Nick's promise to discuss Stimulus but that quickly evolves to Hotwire.

Links for this episode:

• Careers and Jobs at Shopify
  
• How to use Hotwire in Rails (Example) | GoRails
  
• Schwad4HD14 (@Schwad4HD14) | Twitter
  
• Episode Introduction and Outro by Michael Springer
  
• Episode Music by Kevin MacLeod
  
• Randy Steele's LinkedIn
  
• Email Randy Steele at steelerx155@gmail.com
  

Brought to you by:

Raygun

Save time, money, and sanity by visiting Raygun.com/ruby and join thousands of software teams who use Raygun every day to ship better quality…

Welcome back to the fourth installment of the Ruby on Rails Patterns and Anti-Patterns series.

Previously, we covered patterns and anti-patterns in general as well as in relation to Rails Models and Views. In this post, we are going to analyze the final part of the MVC (Model-View-Controller) design pattern — the Controller. Let’s dive in and go through the patterns and anti-patterns related to Rails Controllers.

At The Front Lines

Since Ruby on Rails is a web framework, HTTP requests are a vital part of it. All sorts of Clients reach out to Rails backends via requests and this is where controllers shine. Controllers are at the front lines of receiving and handling requests. That makes…

Charles Max Wood started podcasting because it sounded fun and because he wanted to talk about technology. He learned pretty quickly that it got him access to people who understood the things he wanted to learn. The reasons changed over the years, as Charles explains before he talks about the big payoff he gets now from doing the podcasts.

Panel

• Charles Max Wood

What do Rubyists need to know beyond the language fundamentals? What things about the language and its tooling will best serve developers working on projects in Ruby to help them navigate the code and avoid pitfalls that crop up in their apps. Luke, John, and Chuck walk through the ideas in within Ruby and the libraries and tools that ever Rubyist needs to understand in order to excel in their jobs.

Panel

• Charles Max Wood
• John Epperson
• Luke Stutters

Sponsors

• Dev Influencers Accelerator

Picks

• Charles- Dev Influencers | Devchat.tv
• Charles- The Courier (2020)
• Charles- No Safe Spaces (2019)
• John- Trailblazer
• John- Find yourself a local butcher
• Luke- Getting…

ActiveJob is used to enqueue and run the tasks in the background. But a job can fail because of many reasons. Say a network issue while communicating to the underlying datastore or non-availability of the datastore, etc.

ActiveJob has added the ability to communicate the failures related to enqueuing the job to the caller. This will allow developers to have a better grasp of the flows related to the job enqueue.

Before

While calling perform_later, there was no clean way for the caller to understand the reason behind job enqueue failures. If the enqueuing succeeded, the method would return the job object. But if the job could not be enqueued, it would just return false and one would have…

01:55 - Corey’s Superpower: Empathy

• Finding Voice: You Are Not a Statistic
• What does it mean to support Black lives?
• Authentic Self
• Having Conversations Around Allyship
• Owning Vulnerability

09:06 - Having People Hear Your Stories

• “How are you doing?”
• “Me Too” Movement – learned something about self and blind spots in the process and the feedback was helpful

13:01 - Allyship Best Practices

• Growth Mindset
• Trusted Sidekicks; Augmenting Journies
• Invisible Knapsack: How to recognize your white privilege — and use it to fight inequality (Peggy McIntosh)

19:04 - Developing Empathy

• Watch Hamilton! When it comes to leadership, Aaron Burr was right — “Talk less, smile more”…
• Deep Canvassing – How to talk…

Before Rails 6.1,to validate a numerical valuethat falls within a specific range,we had to use greater_than_or_equal_to:andless_than_or_equal_to:.

In the example below,we want to add a validationthat ensures that each itemin the StockItem classhas a quantity that ranges from 50 to 100.

class StockItem < ApplicationRecord  validates :quantity, numericality: { greater_than_or_equal_to: 50, less_than_or_equal_to: 100 }endStockItem.create! code: 'Shirt-07', quantity: 40#=> ActiveRecord::RecordInvalid (Validation failed: Quantity must be greater than or equal to 50)

In Rails 6.1,to validate that a numerical valuefalls within a specific range,we can use the new in: option:

class StockItem <…

“If you can’t measure it, it doesn’t exist” - Peter Drucker

Tackling technical debt can be a thankless task. You can spend hours tidying up old files but at the end there's little to prove it was a good use of time. No target was met and no new feature exists to show the bosses.

The lack of metrics means that maintenance tasks gets pushed back behind work with obvious outcomes and the debt keeps building.

To make matters worse, the costs of technical debt are also hidden. Projects will start to overrun and developers will get burnt out, but there’s nothing clearly showing that tech debt is the reason why. It means maintenance starts to feel like a chore with no obvious outcome or…

We have had to come up with ways…

On this week's episode, Chris and Steph discuss migrating a polymorphic relationship over to UUIDs and balancing trade-offs between data integrity vs complexity. They also touch on a new Rails feature that adds support to safely remove and add columns, GitHub Discussions, measuring team experiments, and purposeful communication.

This episode is brought to you by ScoutAPM. Give Scout a try for free today and Scout will donate $5 to the open source project of your choice when you deploy

• Modeling Polymorphic Associations in a Relational Database
• Rails 6.1 - Add support for if_exists/if_not_exists
• GitHub Discussions
• Loom: Video Messaging

Sponsored By:

• Scout: Give Scout a try for…

In this episode I talk with Casey Watts, author of Debugging Your Brain. We discuss modeling the brain, cognitive behavioral therapy, music, and bubbles.

Links:

• Debugging Your Brain
• CaseyWatts.com
• Casey Watts on Twitter
• Thinking in Systems: A Primer
• The Fearless Organization

Rails 7 adds ability to pass all_queries: true option to the ActiveRecord #scoping method.

The passed option will create a global scope that gets applied to all queries for the duration of the block.

Before

Let’s say we have an Article model which belongs to the User.

Scoping method only worked on class queries (Article.create, Article.all, Article.update_all) and not on class objects (article.update or article.delete).

We can check this in the below example:

article = Article.find(1)
Article.where(user_id: article.user_id).scoping do
  Article.update_all(title: "hello world")
  article.update(title: "Rails 7")
end

# UPDATE "articles" SET "title" = ? WHERE "articles"."user_id" = ? …

Interpreting the output of SQL EXPLAIN ANALYZE might seem like dark magic at first. I’m starting a series of blog posts where I’ll be well… explaining it based on common use cases from web applications. Read on if you’ve ever wanted to start using EXPLAIN ANALYZE for debugging slow PostgreSQL queries but did not manage to wrap your head around it. In the first part, we’ll discuss how the PostgreSQL query planner decides whether to use an index.

Examples in this tutorial are based on Ruby on Rails. However, SQL query analysis tips apply to all the web technologies like NodeJS, Python Django, or Elixir Phoenix.

Initial setup for analyzing PostgreSQL index usage

unused_indexes is one of the…

Assuming you’ve already generated the csr files and private key without password and you already have SSL certificate issued by GoDaddy

In GoDaddy go to https://certs.godaddy.com/ in Certs pic certificate and download the certificate for Other Server type. This will download a zip file containing files: xxxxxxxxxxxxxxxx.crt xxxxxxxxxxxxxxxx.pem gd_bundle-g2-g1.crt

note if your cert is close to expire make sure you renew the certificate before downloading so that you have a longer period. If you are couple of days before expire don’t worry you will gave year + those extra days on your new cert.

In AWS: go to EC2 > Load Balancers (left menu) > pic a load balancer; Then select Listen…

It is time to cast the long-teased new magic by DHH & Co. and learn to use Hotwire beyond 5-minute tutorials. The umbrella name behind libraries for building modern web interfaces seemingly without any effort or JavaScript is on everyone’s lips since the big unveil this year. The HTML-over-the-wire approach is making ripples through the Rails universe: countless blog posts, reddits, screencasts, and five RailsConf talks this year, including the one by yours truly, are dedicated to it. Here, I want to take more space to explain Hotwire thoroughly—with code examples and testing strategies. As my favorite rock band would say, let’s…

Custom Rails helpers modules are often overlooked, but they can be a great option for building lightweight components and reducing boilerplate in your Stimulus controllers.

One nice thing about Stimulus is that you can quickly infer the functionality just from reading the markup attributes, but for components that have a couple of values and actions, you can benefit from hiding some of the implementation details.

Let’s take the example from my GitHub-style Hovercards article:

<div class="inline-block"
  data-controller="hovercard"
  data-hovercard-url-value="<%= hovercard_shoe_path(shoe) %>"
  data-action="mouseenter->hovercard#show mouseleave->hovercard#hide"
>
  <%= link_to shoe.name, …

The hovercard_controller needs to be passed in a url value and have two actions added for showing and hiding the card on hover. The controller is wrapped…

Humble Beginnings

A simple Rails application exists with two models, Books and Authors.

class Book < ApplicationRecord
  belongs_to :author
end

class Author < ApplicationRecord
  has_many :books
end

After some domestic success, this simple Rails app goes international. A new column is required on the books table: country to denote which country published the Book.

A Reasonable Migration

To preserve data integrity, the country column should not allow null since null isn’t a country. Existing books also need to have a country set. This is all accomplished within a single migration in 3 steps:

1. Add a column
2. Update column for existing books with a reasonable value
3. Add a…

class AddCountryToBooks < Acti…

Disadvantages of Pull Requests

Pull requests with blocking reviews (sometimes mandatory) are widespread in our industry. A lot of developers believe pushing straight to the mainline should be prohibited. Sometimes it’s unavoidable (in a low-trust environment), but often people work with PRs just because everyone else does. And nobody ever got fired for it.

But what are the costs of working in such style? And what are the alternatives?

I wrote this post to gather the disadvantages of a typical PR flow, so that you can make a better informed decision — by knowing all the potential costs involved. You can judge yourself how each particular aspect applies to your specific work setting.

If…

You’ve heard the story before. You already have an application running upon your decentralized and fully-working back-end APIs and a front-end made with any ordinary toolset.

Now, you want to move on to Angular. Or, perhaps you’re just looking for a way to integrate Angular with your Rails projects because you prefer things this way. We don’t blame you.

With such an approach, you can take advantage of both worlds and decide whether you want to use features from Rails or Angular to format stuff, for example.

What We'll Build

There’s no need to worry. This tutorial was written for this purpose. We’ll dive into the creation of a fully-working CRUD application over a domain of users.

At…

One of the first things you learn in Rails is how to load all of the objects of a certain model from the database to be displayed in an index view.

Be wary of…

…ever using a “raw” .all:

class MoviesController
  def index
    @movies = Movie.all
  end
end

Use…

…either a limit scope or pagination gem.

class MoviesController
  def index
    @movies = Movie.limit(50)
  end
end

# using pagination
class MoviesController
  include Pagy::Backend

  def index
    @movies = pagy(Movie.all, items: 50, page: params[:page])
  end
end

My preferred pagination gem is pagy. It has a relatively small and understandable core, works well across frameworks, and is very performant.

Why?

Lots of…

Feature velocity is absolutely critical in today’s environment, however so is quality. An initial bad experience for your customer may result in them not coming back. Resolving the issue after the fact may be too late, as a first impression is difficult to change. What then do we do? You can choose to spend more time testing, but you reach a diminishing level of returns while remaining in the lab. There is no substitute for real world operational conditions. There is also no way to know a priori how customers will react to new features. Fortunately, there are a number of techniques you can use to release new features to the world with more confidence.

Prerequisites

If you’d like to follow along in this tutorial, I recommend first setting up a Rails application according to my how I set up a Rails application for testing
post. It doesn’t matter what you call the application.

The tutorial

Learning objectives

Before we list the learning objectives for Part Two of the tutorial, let’s review the learning objectives for Part One.

1. How to come up with test cases for a model based on the model’s desired behavior
2. How to translate those test cases into actual working test code, in a methodical and repeatable manner
3. How to use a test-first approach to make it easier both to write the tests and to write the application code

In Part One we dealt…

RubyGems 3.2.16 includes bug fixes.

To update to the latest RubyGems you can run:

gem update --system

To install RubyGems by hand see the Download RubyGems page.

## Bug fixes:

• Correctly handle symlinks. Pull request #2836 by voxik

SHA256 Checksums:

• rubygems-3.2.16.tgz
  40db1609fbc6132c1d1491c912526bb30bdfc3f49d758e37ce7131c86021f6ae
• rubygems-3.2.16.zip
  7fe58cee2d7f88e060f679561789e00a02b3cf74d860efae3e7d44150cc3c745
• rubygems-update-3.2.16.gem
  117c52869b434f60ef71ab8a55bd9f5e65c64cf8efd1cc3ca8fbacbeaa4e8576

Overview

Because there are so many tools and concepts involved in Rails model testing, I’ve separated this beginner tutorial into two parts.

Part One will deal with writing tests just for plain old Ruby objects (POROs) in order to get comfortable with the process without bringing specifics of Rails into the picture.

Part Two will repeat what was done in Part One but in the context of an actual Rails model instead of a PORO.

Before we get into the tutorial itself we’ll discuss a little bit of necessary context: what a model is and how model specs are different from other types of specs.

What a model is

It may seem obvious what a Rails model is. To many Rails developers, the model is the MVC…

What this is

Using you’re using RSpec to write Rails tests, there are several different types of tests you can write. There are system specs, request specs, view specs, model specs, and a number of others.

Among all these types of tests, I consider model specs to be perhaps the most important. Models are where I put the “meat” of my application’s code. Since model code is my most important code, model specs are my most important specs.

If haven’t done much model testing before and you aren’t sure how to come at it, this tutorial will show you how to take an idea for a feature and translate it into model specs.

Who this is for

This is a very beginner-level tutorial, intended for developers…

This patch release of the 3.9 series is released to fix a bug where the include tag does not allow valid filename characters. For example, this would previously fail:

{% include my-logo@2x.svg %}

This release adds support for the following characters in filenames:

• @
• -
• ( and )
• +
• ~
• #

Happy Jekylling!

RubyMine 2021.1 is now available! Visit our What’s New page to learn about all the latest features of the first major release of 2021, or check out the biggest highlights below.

DOWNLOAD RUBYMINE 2021.1

Ruby 3 RBS support and improved code completion

RubyMine 2021.1 now supports RBS and uses .rbs files in its Code Insight. This means code completion is improved for both Ruby’s standard library and user code with RBS definitions. You don’t even have to use Ruby 3.0 in your project. The only requirement is that you include the RBS gem in it.

JetBrains Space integration

You can now connect RubyMine to your organization in Space, where you can view and clone project repositories, review your…

Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in March.

RubyGems News

In March, we released new versions for RubyGems (from 3.2.12 to 3.2.15) and Bundler (from 2.2.12 to 2.2.15). Additionally, we worked on making the client tools more secure, and making Git sources faster and more disk efficient.

For this Month, RubyGems gained 150 new commits, contributed by 10 authors. There were 2124 additions and 753 deletions across 107 files.

RubyGems.org News

This month in RubyGems.org, we enabled Rails v6.0 defaults and dep…

Sean Devine, CEO of XBE and former host of this show is back to discuss the success of XBE in the past year, the use of Ember at XBE and how if you're a founder that can code, you've already raised your seed round.

Links for this episode:

• XBE
  
• Sean Devine on Twitter (@barelyknown)
  
• Episode Introduction and Outro by Michael Springer
  
• Episode Music: "Funkorama" by Kevin MacLeod
  

Brought to you by:

ExpressVPN

ExpressVPN is an app that reroutes your internet connection through their secure servers so your ISP can’t see the sites you visit.

If you visit https://EXPRESSVPN.com/RUBY right now, you can get an extra three months of ExpressVPN for free! Support the show and protect yourself at https://EXPR…

Jason Weimann started out as an enthusiast of the Massively Multiplayer Online Role Playing Game, Everquest. After becoming a software developer and building a collaborative community playing the game, learn how he used his connections to get a job working for the company that made the game, even if it wasn't a job working as a game developer and how that led to a career working on one of the most popular online games of the time.

Panel

• Charles Max Wood

Darren Broemmer joins the Rogues to discuss how Ruby on Rails enables a microservices architecture and when it's appropriate to approach your system's architecture with microservices. Chuck and Dave lend their experience and expertise in pointing out some of the challenges with microservices and the power of Rails in enabling the Majestic Monolith. Tradeoffs are discussed and approaches are considered for when parts of an application may make a good candidate for a microservice.

Panel

• Charles Max Wood
• Dave Kimura

Guest

• Darren Broemmer

Sponsors

• Dev Influencers Accelerator
• Raygun | Click here to get started on your free 14-day trial

Links

• Twitter: Darren…

02:21 - Melissa’s Superpower: Being Extremely Online

03:06 - Unionizing Glitch

• Glitch workers sign tech’s first collective bargaining agreement
• Misconceptions re: Unions
• Engineer Salary Discrepancies
• Middle Management, Product Management Unionization
• Minority Unions (i.e. Google)
• What is a Minority Union?
• [The Rise of Minority Unions: How Social Movements and Tech Giants Could Be Showing Signs of Things To Come](The Rise of Minority Unions: How Social Movements and Tech Giants Could Be Showing Signs of Things To Come)

14:58 - Melissa’s Previous Experience with Working w/ Unions

• Communications Workers of America (CWA)
• Civic Technology (What Is Civic Technology?)
• Chi Hack…

17:13 - Positive Skills Union Organizers Should Have

18:32 - Thoughts on…

Authentication flow is an essential part of any modern mobile application. Inthis article, we will see how to store and manage the authentication state inReact Native.

Storing auth data

Let's consider a basic scenario where we use a phone number and authenticationtoken for verifying API requests. Here we need to persist both the phone numberand authentication token. For storing these data we can use AsyncStorage, whichis a key-value data store commonly used to persist data locally in React Native.Even though we are storing two different values, we will always access themtogether and hence we can avoid multiple AsyncStorage calls by storing them as asingle key-value pair.

const auth = {  phone:…

Learn how to switch to the latest and greatest just-in-time compilation feature from the freshly released Tailwind CSS 2.1 in a modern Rails app with styles managed by Webpacker. Only two small commits are required to adopt an entirely different development experience.

Tailwind CSS gained quite a lot of traction in the world of Ruby and Rails. We even have the official tailwindcss-rails gem blessed by DHH himself that you can use with good ol’ Asset Pipeline if, for some reason, you stay away from Webpacker, ES6 modules, and processing CSS with webpack.

I joined the Tailwind army about a year ago when I started…

In this episode I talk with Julian Fahrer, Engineer at Brightline, about complex scheduling challenges and service objects.

Links:

• Julian Fahrer on Twitter
• LearnDocker.online

I’m not sure if the world needed another post about N+1 queries in Ruby on Rails. To make up for the cliche topic, I’ll describe less common solutions to this problem. Read on if you want to learn how to reduce the number of cascading N+1 SQL queries without using includes or additional table join operations.

N+1 queries 101

N+1 queries are the top performance killer for Rails applications. ActiveRecord makes it just too easy to misuse your database structure. Consider the following code:

# app/models/post.rb

class Post < ApplicationRecord
  belongs_to :user

  def author_name
    user.name
  end
end

# app/models/user.rb

class User < ApplicationRecord
  has_many :posts
end

#…

app/views/posts/index.html.erb

Rails 6.1 adds delegated_type to ActiveRecord which makesit easier for models to share responsibilities.

Before Rails 6.1

Let's say we are building softwareto manage the inventory of an automobile company.It produces 2 types of vehicles, Car and Motorcycle.Both have name and mileage attributes.

Let's look into at least 2 different solutions to design this system.<br/>

Single Table Inheritance

In this approach, we combine all the attributes of various modelsand store them in a single table.Let's create a Vehicle modelandits corresponding table to store the data of both Car and Motorcycle.

# schema of Vehicle {id: Integer, type: String[car or motorcycle], name: String, mileage: Integer}class…

<br/>

What are build_association and create_association constructors?

When we declare either a belongs_to or has_one association,the declaring class automatically gains the following methodsrelated to the association:

1. build_association(attributes = {})
2. create_association(attributes = {})

In the above methods_association is replaced with the symbol(association name)passed as the first argument while declaring the associations.For example:

class Book < ApplicationRecord  belongs_to :authorend@book.build_author(name: 'John Doe', email: 'john_doe@example.com')#=> Returns a new Author object, instantiated with the passed attributes#=> Links through the book's object foreign key#=> New author object…

We are familiar with thecompactmethod associated with arrays.The compact method returns a copy of the arrayafter removing all nil elements.

Ruby 3.1 introduces the compact methodin the Enumerable module.Now we can use the compact methodalong with theEnumeratorandEnumerator::Lazy classeswhich include the Enumerable module.

Before Ruby 3.1

=> enum = [1, nil, 3, nil, 5].to_enum=> #<Enumerator: ...>=> enum.compact=> NoMethodError (undefined method `compact' for #<Enumerator: [1, nil, 3, nil, 5]:each>)=>  enum.reject { |x| x.nil? }=> [1, 3, 5]

After Ruby 3.1

=> enum = [1, nil, 3, nil, 5].to_enum=> #<Enumerator: ...>=> enum.compact=> [1, 3, 5]

We can access the compact methodto remove all nil…

The Event handlers in React applications are passed instances of SyntheticEvent, a cross-browser wrapper around the browser’s native event.

Event Pooling

The SyntheticEvent objects are pooled.

This means, when an event is triggered, React takes an instance from the pool, populates its properties and, reuses it.

To assure consistent usage of the pooled events, React nullifies the properties of synthetic events right after executing an event handler.

This method saves allocations during high firing events, but adds a bit of overhead in “releasing”, “destroying” and “reusing” instances.

Though Event Pooling was built to increase the performance it didn’t improve the performance in modern…

Ruby 2.5.9 has been released.

This release includes security fixes. Please check the topics below for details.

• CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
• CVE-2021-28965: XML round-trip vulnerability in REXML

See the commit logs for details.

After this release, Ruby 2.5 reaches EOL. In other words, this is the last release of Ruby 2.5 series. We will not release Ruby 2.5.10 even if a security vulnerability is found. We recommend all Ruby 2.5 users to upgrade to Ruby 3.0, 2.7 or 2.6 immediately.

Download

• https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.9.tar.bz2

  SIZE: 13805484
  SHA1: 6ac21486996aa38a71f858d28d01ada5593d0b45
  SHA256:…

Ruby 2.6.7 has been released.

This release includes security fixes. Please check the topics below for details.

• CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
• CVE-2021-28965: XML round-trip vulnerability in REXML

See the commit logs for details.

By this release, we end the normal maintenance phase of Ruby 2.6, and Ruby 2.6 enters the security maintenance phase. This means that we will no longer backport any bug fixes to Ruby 2.6 except security fixes. The term of the security maintenance phase is scheduled for a year. Ruby 2.6 reaches EOL and its official support ends by the end of the security maintenance phase. Therefore, we recommend that you start to…

Ruby 2.7.3 has been released.

This release includes security fixes. Please check the topics below for details.

• CVE-2021-28965: XML round-trip vulnerability in REXML
• CVE-2021-28966: Path traversal in Tempfile on Windows

See the commit logs for details.

Download

• https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.3.tar.bz2

  SIZE: 14792727
  SHA1: 4f4a47465b48a91d43fb557b70e47d79f6727a29
  SHA256: 3e90e5a41d4df90e19c307ab0fb41789992c0b0128e6bbaa669b89ed44a0b68b
  SHA512: e9236138be3e61380140f2e0d42f8fb82ad8f5219d454de2f6c2ec546bb208acc8b0f2020f23e6446660d2b3b9ae873cdd8298471f166a5f1efba8e80b05e746
  

• https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.3.tar.gz

  SIZ…

Ruby 3.0.1 has been released.

This release includes security fixes. Please check the topics below for details.

• CVE-2021-28965: XML round-trip vulnerability in REXML
• CVE-2021-28966: Path traversal in Tempfile on Windows

See the commit logs for details.

Download

• https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.1.tar.gz

  SIZE: 19664598
  SHA1: 60c72f3e501a3be9616385cad3e48bc89d6150a1
  SHA256: 369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727
  SHA512: cb81db2c9b698cf8159b2ca6507f4c7f171e4eb387f5730c4b658ed632b7900a169808e6fbec0ee80598d937030ad5d9c56b63a2a339373ec5d9e1c06b7661d0
  

• https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.1.tar.xz

  SIZE…

There is an unintentional directory creation vulnerability in tmpdir library bundled with Ruby on Windows. And there is also an unintentional file creation vulnerability in tempfile library bundled with Ruby on Windows, because it uses tmpdir internally. This vulnerability has been assigned the CVE identifier CVE-2021-28966.

Details

Dir.mktmpdir method introduced by tmpdir library accepts the prefix and the suffix of the directory which is created as the first parameter. The prefix can contain relative directory specifiers "..\\", so this method can be used to target any directory. So, if a script accepts an external input as the prefix, and the targeted directory has inappropriate…

There is an XML round-trip vulnerability in REXML gem bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2021-28965. We strongly recommend upgrading the REXML gem.

Details

When parsing and serializing a crafted XML document, REXML gem (including the one bundled with Ruby) can create a wrong XML document whose structure is different from the original one. The impact of this issue highly depends on context, but it may lead to a vulnerability in some programs that are using REXML.

Please update REXML gem to version 3.2.5 or later.

If you are using Ruby 2.6 or later:

• Please use Ruby 2.6.7, 2.7.3, or 3.0.1.
• Alternatively, you can use gem update rexml to…

At Getaround, like at any other company, we sometimes experience incidents that negatively affect our product.

A couple of weeks ago from the time of writing, I released a feature that contained a seemingly harmless SQL query that returned the total balance of a user. This calculation was previously made on the fly with Ruby every time a user loaded a page where this was needed. This was particularly problematic with owners that had many cars and the query was slow to load, sometimes causing timeouts. So the commit that I had deployed was meant to counter this problem by using a table that was built exactly for this purpose. Instead, it brought the CPU utilisation to go over 90% and slowed…

A general way to describe caching is storing some data so that we can quickly retrieve it later. Sometimes, this means storing computed data so that it does not need to be re-computed, but it can also refer to storing data locally to avoid having to fetch it again. Your computer does this constantly, as your operating system tries to keep frequently accessed data in RAM so that it doesn't have to be fetched again from a hard drive or SSD.

Similarly, your browser tries to re-use resources it has already downloaded. You've probably seen this yourself when visiting a new website for the first time. The initial load takes longer because your browser has to pull down everything it needs,…

Yesterday I asked on Twitter about what problems people are solving with strace and as usual everyone really delivered! I got 200 answers and then spent a bunch of time manually categorizing them into 9 categories of problems.

All of the problems are about either finding files a program depends on, figuring out why a program is stuck or slow, or finding out why a program is failing. These generally matched up with what I use strace for myself, but there were some things I hadn’t thought of too!

I’m not going to explain what strace is in this post but I have a free zine about it and a talk and lots of blog posts.

problem 1: where’s the config file?

The #1 most popular problem was “this…

RubyMine 2021.1 Release Candidate is available!

Here’s a quick roundup of the most notable new features being introduced in the upcoming 2021.1 release.

The links will take you to the EAP posts published over the last few months, which contain detailed descriptions of each feature.

Ruby 3 support

• RubyMine now supports .rbs files and is able to provide more relevant code completion.

Collaborative development

• Code With Me is now bundled with the IDE, allowing you to edit code remotely together with your peers.

Space

• Added integration with JetBrains Space.

Tests

• We’ve added the ability to manually select and run multiple tests in a run configuration.

Version control systems

• I…

Often you’ll have an application screen like this:

After editing information about an employee, you’ll redirect back to the Company Directory page.

For a bit of extra polish, you can redirect with an anchor to automatically scroll the browser to the recently updated item and maintain your position in the list.

You can combine this with the most underrated Rails helper – dom_id – for a really clean solution.

Usage

Your controller will be exactly the same, just tack on the anchor option to the path helper when redirecting.

class EmployeesController < ApplicationController
  include ActionView::RecordIdentifier # adds `dom_id`

  def update
    @company = Company.find(params[:company…

Hello! Over the last few days I made a little tool called dnspeep that lets you see what DNS queries your computer is making, and what responses it’s getting. It’s about 250 lines of Rust right now.

I’ll talk about how you can try it, what it’s for, why I made it, and some problems I ran into while writing it.

how to try it

I built some binaries so you can quickly try it out.

For Linux (x86):

wget https://github.com/jvns/dnspeep/releases/download/v0.1.0/dnspeep-linux.tar.gz
tar -xf dnspeep-linux.tar.gz
sudo ./dnspeep

For Mac:

wget https://github.com/jvns/dnspeep/releases/download/v0.1.0/dnspeep-macos.tar.gz
tar -xf dnspeep-macos.tar.gz
sudo ./dnspeep

It needs to run as root…

Some time ago, we introduced breadcrumbs for Ruby and JavaScript. We're pleased to announce that breadcrumbs are now officially supported in our PHP libraries. Here's a quick walkthrough.

How do breadcrumbs help?

A big part of debugging errors is wondering, "How did this happen? Why is this value null?" To help with this, you've probably added extra logs to your app, so you can reference them when something happens.

Log::debug("Processed payment request for $userId");

Log::debug("Sending notification to user $userId on channel $channel");

But logs can be noisy and unstructured. Breadcrumbs let you replace those debug logs with structured event records. No more scouring log files to…

Often there need to be multiple database queries executed in the controller like,

@genres = Genre.all
@videos = Video.order(published_at: :desc)

These queries get executed sequentially which in most cases isn’t a big deal. However, as our database grows in size, response times get longer and longer. A large part of the query time is often just I/O waits. Assuming that each query takes 50ms to finish, these two statements would take 100ms in total. However, if executed in parallel, the I/O waits can be reutilized to perform the next execution.

Before

A naive approach to this would be to push the first query to a background thread and then perform the second one. Finally, we would wait…

Matt Swanson leads teams and builds products for customers at SEP, a software product design and development agency based in Indianapolis. He runs the blog Boring Rails. Brittany and he chat about producing Ruby content and Matt answers questions from listeners about his approach.

Links for this episode:

• Ruby Weekly
  
• Boring Rails: Skip the bullshit and ship fast
  
• Boring Rails | Feature Flags: The stupid simple way to de-stress production releases
  
• matt swanson (@_swanson) | Twitter
  
• Episode Introduction and Outro by Michael Springer
  
• Episode Music: "Funkorama" by Kevin MacLeod
  

Brought to you by:

Scout APM

Give Scout a try today with a free 14-day trial, and experience firsthand why Rails developers…

Chuck outlines how he's used his podcasts to find mentors to continue his learning journey over 12 years of podcasting. Some mentors have been long lived relationships while others have lasted only a few months or even days. This episode shares Chuck's experience learning from the top people in the development community as a programmer and podcaster.

Panel

• Charles Max Wood

Valentino Stoll takes us on a tour of the "gems" of features built into the core Ruby language. We explore tips and tricks for using irb that can also improve your Rails console.

Panel

• Charles Max Wood
• John Epperson
• Luke Stutters

Guest

• Valentino Stoll 

Sponsors

• Dev Heroes Accelerator

Links

• Dependency on mimemagic 0.3.x no longer valid 
• Add this `.irbrc` file and your Rails console will show a colorized banner with the environment | Twitter
• GitHub | pry/pry
• Ruby Jard
• Tree-sitter
• GitHub | ruby/ruby
• GitHub | ruby/reline
• GitHub | tree-sitter/tree-sitter
• GitHub | bcicen/ctop
• codenamev
• Twitter: Valentino Stoll ( @thecodenamev )
• GitHub: Valentino…

Picks

• Charles- SodaStream Aqua Fizz Sparkling Water Maker Bundle
• Charles- Soda Stream Flavor Syrups
• Charles- Teachable
• Charles- ThriveCart
• John- Char-Broil: 6-Burner Cart Style Gas Grill, Stainless/Black
• Luke- Dependency on mimemagic 0.3.x no longer valid 
• Valentino- GitHub |…

02:21 - Corey’s Superpower: Reading 3,400 WPM

• Increasing Reading Speed

05:35 - Keeping Up w/ AWS

• Last Week in AWS
• AWS Morning Brief
• Screaming in the Cloud

08:45 - Delivering Corey Quinn – Personal Evolution

• Speaking Truth to Power (Kindly, but Snarkily)
• Privilege
• Sonia Gupta and Corey Quinn - Embarrassingly Large Numbers: Salary Negotiation for Humans
• Holding Yourself Accountable
• Defensiveness
• This Cloud Computing Billing Expert Is Very Funny. Seriously. (NYT Article)
• Intentionality

25:51 - Career Snarkiness

• @SimpsonsOps
• @killedbygoogle

28:05 - Approaching and Handling D&I as a Business Owner

• Discussing Salary Compensation

43:44 - Making and Delivering Jokes

TLDR: A vessel called Mimemagic run aground, blocking a vital trade route and halting traffic for all others and forcing a reroute for some for six days.

Jokes aside, what happened in Rails last week is unprecedented, at least since I started working with Rails 4. Unless it did happen and I missed it.

As far as I understand, it was an issue with licensing. For some, licensing is not an issue of concern; a few people grab any open-source code available and use it anyhow they want. I was one of these people, but I’ve come to learn to pay more attention to the kind of dependencies I use and the licenses attached to them.

This blog post is a summary of what I think is happening. This…

We agree with Sandi Metz when she describes Object Oriented (OO) design as a style guide for arranging code. The so called "OO style guide" is underpinned by a few rules that we have come to know as the SOLID principles.

In this post we will discuss the S in SOLID. We will talk about the significance of this principle and perhaps even look at some practical ideas for applying it.

What

The S in SOLID refers to the Single Responsibility Principle (SRP). In this post we will explore SRP and highlight some of the easy to miss nuances that it presents.

We like how Matthieu Cneude explains that we should think in terms of sliding scales and not booleans when we talk about SRP. We evaluate…

Hotwire is a new suite of frontend tools from Basecamp for building “reactive Rails” apps while writing a minimal amount of JavaScript.

While the most exciting feature to some is the real-time streaming of server rendered HTML, my favorite addition is the Turbo Frame.

The Turbo Frame is a super-charged iFrame that doesn’t make you cringe when you use it. Frames represent a slice of your page and have their own navigation context.

One incredibly powerful feature is lazy-loading a Frame. One example of this pattern that you probably see everyday is the GitHub activity feed:

First you load the “outer shell” of the page and then you can make an AJAX call to fetch more content to fill in…

In this episode I talk with John Athayde, VP of Design at PowerFleet. John and I discuss some design tips for developers who want to improve their design skills. We also talk about farming and presidents.

Links:

• John Athayde on Twitter
• Sfumato Farm

In few applications, we have migrations to remove index where we don’t want to raise an error if an index was already removed.

Rails 6.1 adds a feature, where we can now pass if_exists option to remove_index operation. This is similar to if_not_exists option when we are adding an index on table.

Before

Let’s say we have a comments table with description, post_id and user_id as columns. We add a data migration to remove the index on the description column. If this index was already removed the data migration will throw an error as below.

class RemoveDescriptionIndexOnComments < ActiveRecord::Migration[6.0]
  def change
    remove_index :comments, :description
  end
end

rails db:migrate

…

On this week's episode, Steph shares a recent performance improvement, a Postgres delight, and testing concurrency in RSpec. Chris revisits an earlier theme of "Good Idea, Bad Idea?" as he explores ways to speed up tests builds and avoid duplicate test builds. They round things out with a listener question about managing ERB partials and Vue components.

This episode is brought to you by ScoutAPM. Give Scout a try for free today and Scout will donate $5 to the open source project of your choice when you deploy

• ActiveRecord - with_lock
• Domain Name Sanity by Edward Loveall
• strong_migrations gem
• react-rails gem

Become a Sponsor of The Bike Shed

Sponsored By:

• Scout: Give Scout a…

The JRuby community is pleased to announce the release of JRuby 9.2.17.0

• Homepage: http://www.jruby.org/
• Download: http://www.jruby.org/download

JRuby 9.2.x is compatible with Ruby 2.5.x and stays in sync with C Ruby. As always there is a mix of miscellaneous fixes so be sure to read the issue list below. All users are encouraged to upgrade.

As we are still actively working on 9.3.0.0 we decided to put out another 9.2.x release to fix some of the more recently reported issues.

Compatibility

• Miscellaneous small fixes to better support using Sorbet on JRuby. (sorbet/sorbet#1216, #6592)
• Improve detection of Java module support when launching JRuby (also in jruby-launcher…

Standard Library

• RubyGems updated to 3.1.6. (#6294)
• Build…

At work I was tasked to migrate our time-series analytics data from CSV file dumps that we’ve been feeding into Power BI to a dedicated database. Our Rails app’s primary database is currently MariaDB, but we wanted to have our analytics data in a separate database either way, so this was a good opportunity to use Postgres which we’re most comfortable with anyway.

We’re using Active Record for interaction with our primary database, which gained support for multiple databases in version 6.0. However, given that we expected the queries to our analytics database would be fairly complex, and that we’d probably need to be retrieving large quantities of time-series data (which could be…

Someone recently criticized some code I wrote in a class called SomeNamespace::File. (The particular namespace is not important.) Here’s the criticism:

I’d argue that the class name is misleading here: it does not represent a file, it does not read it or check its chmods. It’s a file writer.

The implication seems to be that a class can’t truthfully be called File unless the object does certain “filey” things, like reading the file and checking its chmods, in addition to just writing to the file.

I think this is a mistaken outlook. However, it is intuitive outlook, and one I used to share myself. I’ll explain why I think the outlook is mistaken via a couple examples.

Two pocketknives

Let’s…

In this article, we’ll test and analyze the performance of three most popular Ruby templating engines: ERB (the default one), HAML, and SLIM.

Benchmarking is the practice of comparing business processes and performance metrics to industry bests and best practices from other companies. Meanwhile, load testing is the process of putting demand on a system and measuring its response.

Our goal is to explore a little bit of the Ruby Benchmark module, which provides methods to measure and report the time used to execute Ruby code. We’ll create some inline templates, run them against the tests, and extract metrics over the three different engines.

After that, we'll dive into load testing by…

Hey everyone! Rails versions 5.2.5, 6.0.3.6 and 6.1.3.1 have been released. These versions upgrade Active Storage’s Marcel dependency to version 1.0.0.

Before 1.0.0, Marcel—which is distributed under the terms of the MIT License, like Rails—indirectly depended on MIME type data released under the incompatible GNU General Public License. Marcel 1.0.0 instead directly packages MIME type data adapted from Apache Tika, released under the permissive and compatible Apache License 2.0.

Here are the gem checksums:

$ shasum -a 256 *-5.2.5.gem
3771ca29ee67914eda1b5de3d66a0c4bb0250bb244d76e8690dc5af2ff10e699  actioncable-5.2.5.gem
5f58ae625622b1e5d2bf96101527a99e380f270fe030e2477d462f5229a7d5c5 …

Our Early Access Program is coming to an end, and we are happy to announce that RubyMine 2021.1 Beta 4 is now available! While we are finishing things up before the final release, we’d like to tell you a bit more about the new features for collaborative development and Docker:

• Code With Me
• Docker

Code With Me

Code With Me, a new JetBrains service for collaborative development and pair programming, is now bundled with RubyMine.

Code With Me allows you to share the project you currently have open in your IDE with others and work on it together in real time.

Your guests don’t even need to have their own IDEs installed. They just need an invitation link to be able to join your session. Hosts…

Chuck outlines how he's used his podcasts to find mentors to continue his learning journey over 12 years of podcasting. Some mentors have been long lived relationships while others have lasted only a few months or even days. This episode shares Chuck's experience learning from the top people in the development community as a programmer and podcaster.

Panel

• Charles Max Wood

What service objects are

Service objects and Interactors are fashionable among Rails developers today. I can’t speak for everyone’s motives but the impression I get is that service objects are seen as a way to avoid the “fat models” you’re left with if you follow the “skinny controllers, fat models” guideline. If your models are too fat you can move some of their bulk to some service objects to thin them out.

Unfortunately it’s not quite possible to say what service objects are because the term “service object” means different things to different people. To some developers, “service object” is just a synonym for plain old Ruby object (PORO). To other developers, a service object is more or…

When we talk about getting better at programming, we often talk about testing, writing reusable code, design patterns, and readability.

All of those things are important. But in this blog post, I want to talk about a different way to get better at programming: learning how the systems you’re using work! This is the main way I approach getting better at programming.

examples of “how things work”

To explain what I mean by “how things work”, here are some different types of programming and examples of what you could learn about how they work.

Frontend JS:

• how the event loop works
• HTTP methods like GET and POST
• what the DOM is and what you can do with it
• the same-origin policy and CORS

One of the main goals we set for 2021 is to become more efficient as an agile team. And one of the challenges we addressed was how to minimize the decision-making bottleneck. To confront that we decided to take some actions that I'm listing below.

We split into teams

Over the last couple of years, our team almost doubled in size, and all decisions were still the responsibility of the CEO. Starting 2021, we decided to split our team into several small independent departments. Each department would handle a different area of the business autonomously: Recruitment, Sales, Marketing, Open Source and learning, Dev-tooling, and Operations.

Some tasks overlap and would require cooperation…

Jemma Issroff is currently writing a book about managed garbage collection, with a focus on Ruby. She is passionate about making the tech industry a more inclusive space through teaching, mentoring, and community building. An avid Ruby blogger, she also writes the “Tip of the Week” for Ruby Weekly. Jemma has worked extensively as a backend and infrastructure software developer optimizing memory usage and performance in Ruby and Rails apps.

Links for this episode:

• Jemma Issroff's Personal Site
  
• Ruby Garbage Collection Deep Dive
  
• Ruby Weekly
  
• WNB.rb March 2021 Meetup Details and Ticketing
  
• Jemma Issroff (@JemmaIssroff) | Twitter
  
• Episode Introduction and Outro by Michael Springer
  
• Episode Music:…

Brought to you by:

Scout APM

Give Scout a try today with a free 14-day trial, and experience firsthand why Rails developers worldwide call Scout their best friend. And as an added bonus…

Mark Chao, or more well known as lulalala, is a happy rubyist from Taiwan. He works at GitLab, and likes to contribute to open source projects. He likes anime and has a hobby to self publish reviews into books/ebooks using Ruby libraries, git and InDesign. He and Brittany discuss ActiveModel::Errors.

Links for this episode:

• ActiveModel::Errors - Ruby on Rails API
  
• rails / rails Pull Request: Model error as object
  
• lulalala / adequate_errors
  
• Rails 6.1's ActiveModel Errors Revamp | All talk but no code
  
• A Place Further than the Universe
  
• lulalala_it (@lulalala_it) | Twitter
  
• Episode Introduction and Outro by Michael Springer
  
• Episode Music: "Funkorama" by Kevin MacLeod
  

Brought to you by:

Scout APM

Give…

Your app must comply with GDPR (General Data Protection Regulation) even if you are not located in the EU. It is enough that you have European users. In this blog post, I’ll describe eight ways to improve the GDPR compliance for your web app. Implementing the following techniques by itself will not make your app GDPR compliant. However, if you don’t have them in place, it means that there’s a severe loophole in your app’s security and compliance.

According to GDPR an encrypted storage and transfer medium is always preferred. In case of a security breach taking steps to encrypt your data might provide you an additional legal cover. You’ll be able to prove that you did take measures to…

What you need to know to choose a PaaS.

02:28 - Jonan’s Superpower: Jonan’s Friends

• The Quality and Reliability of One’s Personal Network
• Finding Community
• The Ruby Community in Particular – Focus on People and Programmer Joy
• Happy Birthday, Ruby!

09:07 - How Developer Relations is Changing (DevRel)

• Kicking Off New Relic’s New Developer Relations Program
• Outreach and Community Growth Value
• Developing Developer Empathy & Adjusting Content in the Spirit of Play
• The Correct Role of DevRel

22:41 - Doing DevRel Right

• Feedback Loops
• The Definition of Success

31:45 - Engaging with Communities & Networks via DevRel

• Using Twitch, YouTube, Discord, TikTok, Twitter, etc.
• Consider the Platform
• The Relicans
• Emily…

40:22 - Internal DevRel

• Conte…

With the advent of ActiveStorage, there have been many improvements to the way Rails stores files. However, there has been little support to how files can be extracted, downloaded or streamed.

While an app can easily support primitive features like downloading, larger files or video files benefit from being streamed. In the era of Netflix, no one wants to wait more than a minute to watch content, it needs to be delivered now!

This is where streaming could be beneficial. While downloading waits until the entire file is loaded in your local machine, streaming is useful to display only chunks of data at a time. This reduces wait times considerably. Let’s see how Rails can help!

If you want…

For the last few years, we did about one hackday a year where the whole team gathered together in Paris from different areas of France.

For one day, participants were given creative freedom to create a demo-able, team-based Getaround-related project. People try new technologies, explore new ideas, get coffee together and we all end up debriefing with a cold beverage and a cheese board 🧀🍻.

Despite the pandemic and the fact that we’re currently all working remotely, we didn’t see any reason to miss out on the fun. Thus, the first fully-remote Hackday was born!

The organization

A day is short and to come up with something meaningful, you need…

tmux

In February 2021, I learned about tmux and added it to my workflow. It’s been great so far, with a gentle learning curve. My main problem with it now is that I haven’t been able to find a way to implement scrolling.

When I get a very long stack trace, I have to use a standard terminal window to read through. I lose sessions and windows when I restart my machine; it would be nice if the sessions persisted. I’m yet to learn if that is possible. Other than that, it’s nice to work with tmux.

EDIT: I’ve since learned to persist sessions in tmux. Yay! It turns out there’s a tmux plugin for that. The scrolling issue was an easy fix. In my .tmux.conf, I had to pop in set -g mouse on.

CSS…