news, opinion, tutorials, about ruby, aggregated
Sources About
zverok with ruby 

More yield_self awesomeness. Also, the new name proposed.

Since my previous article about Ruby 2.5 new #yield_self method I started to use it a lot—in production and experimental code.

Here, I just want to share several code samples/ideas of usage, where this seemingly simple method allows to rewrite code in— let’s say another way. Which somebody may consider cleaner, more functional, or better showing the intention.

But first—

The name

After considering and comparing a lot of possibilities in experimental code, and after using yield_self extensively in production, I now firmly believe that the best possible name for the method is just .then. Despite being a keyword, it is allowed by current syntax to be a method and reads extremely clear in…

The Bike Shed 

147: Is a Lamda a Sandwich?

Derek shares his experiences with new features in Ruby 2.5 before we turn our ire towards daylight savings time and timezones once more.


Announcing Hanami v1.2.0.beta2

Hello people!

Today we're happy to announce v1.2.0.beta2 release 🙌 , with the stable release (v1.2.0) scheduled for April 2018.

Features 🍎

  • Support objects as CLI callbacks

Bug fixes 🐛

  • Ensure CLI callbacks' context of execution (aka self) to be the command that is being executed
  • Raise meaningful error message when trying to access session or flash with disabled sessions
  • Print stack trace to standard output when a CLI command raises an error

Released Gems 💎

  • hanami-1.2.0.beta2
  • hanami-model-1.2.0.beta2
  • hanami-assets-1.2.0.beta2
  • hanami-cli-0.2.0.beta2
  • hanami-mailer-1.2.0.beta2
  • hanami-helpers-…
Everyday Rails 

Rails test coverage: Measuring what matters with SimpleCov

Many developers strive for 100% test coverage in their Rails applications, but what does that mean? And does it matter? Here's how I use the wonderful SimpleCov to help guide my testing.
Awesome Ruby Newsletter 

Issue 97 - How I've Built a Profitable Slack Bot as a Side Project in Rails


XSS vulnerability in rails-html-sanitizer

Gavin Miller 

CSV & XML Injections - YYCRuby Presentation

This month I had the wonderful opportunity to speak again in front of the YYCRuby meetup group in calgary. The presentation covered CSV and XML injection attacks, and for me the highlight was popping a shell on a windows vm using CSV injection. hurtrealbad

You can view the slides below:

Ruby Weekly 

Rails 5.2 RC2, and benchmarking Ruby 2.6 Preview 1

Ruby Weekly Issue 391 — March 22, 2018
David Heinemeier Hansson
Rails 5.2 has an impressive feature list, including Active Storage, credentials, HTTP/2 Early Hints, and more. 5.2 is already in production at Basecamp and Shopify so don’t be worried to try it out.

Noah Gibbs
Full performance gains rarely materialize in pre-releases and JIT proves not to be a winner on a large, real-world Rails app so far but things are looking promising for the future.

CircleCI  Sponsored
The most common thing a customer will say in…
Vladimir Makarov – RHD Blog 

Towards The Ruby 3×3 Performance Goal

This blog post is about my work to improve CRuby performance by introducing new virtual machine instructions and a JIT. It is loosely based on my presentation at RubyKaigi 2017 in Hiroshima, Japan.

As many Ruby people know, the author of Ruby, Yukihiro Matsumoto (Matz), set up a very ambitious goal for performance of CRuby version 3. Version 3 should be 3 times faster than version 2.

Koichi Sasada did a great job improving the performance of CRuby version 2 by about 3 times over version 1, by introducing a byte code virtual machine (VM). So I guess it is symbolic to set up the same goal for CRuby version 3.

I do a lot of GCC benchmarking and I found that benchmarking is a very sensitive…

Sam Saffron 

Managing db schema changes without downtime

How we manage schema changes at Discourse minimizing downtime

At Discourse we have always been huge fans of continuous deployment. Every commit we make heads to our continuous integration test suite. If all the tests pass (ui, unit, integration, smoke) we automatically deploy the latest version of our code to

This pattern and practice we follow allows the thousands self-installers out there to safely upgrade to the tests-passed version whenever they feel like it.

Because we deploy so often we need to take extra care not to have any outages during deployments. One of the most common reasons for outages during application deployment is database schema changes.


Anthony Super 

Templates, Index Sequence, and Optimization

Recently, I’ve been working on a 2D game. Full-time, in fact: I recently graduated early, and I figured I might as well take a year and a half to work on this project before getting a “real” job. I initially started creating a game in Unity, however, I quickly realized that I didn’t actually like the engine. I actually disliked it fairly heavily, and it was hurting my productivity. So, naturally, my next thought was to code the game from scratch.

The natural choice for this was C++. I messed around with making a 2D engine before and enjoyed it, even if I didn’t actually get very far. I took a bit of a different approach this time, intentionally trying to make a game instead of an engine. H…

GoRails Screencasts 

Rails Application Templates

Learn how to build Rails app templates to save time building new applications and check out Jumpstart, the template used to build new Rails apps for GoRails episodes
Red Panthers 

Upgrading to Rails 5.1x

Rails 5.1rolled out with some major changes and features including

  • Yarn and webpack support
  • Dropped JQuery as a default dependency
  • Built-in support for writing system tests using Capybara
  • Encrypted secrets

and many more, you can find the detailed release notes here. Recently we upgraded one of our production apps to 5.1x and since we have good test coverage, upgrading was mostly painless. We still had to make some minor changes down the road

1. No more before_filter

One of our controllers still had the old-fashioned before_filter and we encountered the following error while booting up

undefined method 'before_filter' before_filter has been deprecated in Rails 5.0 and removed in 5.1.


Greater Than Code 

072: Story Time with Kerri Miller

Support for the Greater Than Code podcast comes from O’Reilly Fluent and Velocity conferences, coming to San Jose, California, June 11-14. From ops to apps, Velocity and Fluent will deliver the most comprehensive programs ever, including accessibility and progressive enhancement, as well as performance and operability. Best Price ends March 30! Save up to $839 using code GTC20. Learn more at


Jamey Hampton | Sam Livingston-Gray | Christina Morillo

Guest Starring:

Kerri Miller: motozor | Open Source & Feelings | moonconf |

Join Our Slack Channel!
Support us via Patreon!

Show Notes:

01:53 – Kerri’s Superpower: Looking ahead to the future.


All Ruby Podcasts by 

RR 354: Music, Musicians, and Programmers with Catherine Meyers


  • Charles Max Wood
  • Dave Kimura
  • Eric Berry
  • David Richards

Special Guests: Catherine Meyers

In this episode of Ruby Rogues, the panel discusses music, musicians, and programmers with Catherine Meyers. Catherine is a software engineer at Mavenlink in San Francisco and is a co-organizer of a meet-up called Women Level Up. Before getting into coding, she was actually an opera singer. They talk a lot about why she decided to change her career and how she came to be a successful coder after being a singer for many years.

In particular, we dive pretty deep on:

  • Check out React Dev Summit
  • Catherine intro
  • Previously an opera singer
  • How did you decide to get into programming?
  • Who…
Ruby Tuesday 

Issue #10

Hello! This issue will be dominated by the fact that last weekend I attended awesome wroc_love.rb conference. Besides listening to some really good talks, I also learned (or was reminded) about a couple of really cool gems I want to share with you:

  • Eventide – it is a complete solution for Event Sourcing in Ruby, supporting Event Store and PostgreSQL as backend
  • We all know about ActionCable in Rails, most of us also know that AnyCable is soooo much better for the task. However, what I did not know that there is a compatible replacement for non-Rails Rack applications called LiteCable. So, all your Hanami-, Sinatra-, dry-web- and what-not-based app can have it.
  • Plezi is another, quite…
Riding Rails 

Rails 5.2.0 RC2: Active Storage, Redis Cache Store, HTTP/2 Early Hints, CSP, Credentials

It’s almost time for RailsConf, and we’re determined to get the final version of Rails 5.2 released before then. So here’s the hopefully last release candidate before that can happen. We’ve put a ton of into ironing out all the issues with Active Storage in particular, now that more and more applications are starting to use it in production.

You can peruse the nearly 200 commits since the first release candidate from the beginning of the year to see everything that has been fixed.

If you’re about to start a new application, I feel confident enough in this release to recommend that you should base it off this RC2. If you like to keep up with the latest release, now is also a great time to…

BigBinary Blog 

Practical usage of identity function

If you are learning functional programming then you can’t go far without running into “identity function”.

An identity function is a very basic function that

  • takes one argument
  • returns the argument
f(x) = x;

This seems like the most useless function in the world. We never needed any function like this while building any application. Then what’s the big deal about this identity function.

In this blog we will see how this identity concept is used in the real world.

For the implementation we will be using Ramda.js. We previously wrote about how we, at BigBinary, write JavaScript code using Ramda.js.

Again please note that in the following code R stands for Ramda and not for prog…


JSONify your Ruby Translations

JSON is a ubiquitous format for storing and transmitting complex nested data, originally in Javascript but today in every major programming language. JSON is also increasingly used as a persisted data type, notably by PostgreSQL with its json and jsonb types, and more recently MySQL also supporting JSON natively. Ruby ORM like Sequel and ActiveRecord1 offer interfaces for querying on this kind of JSON-formatted data.

JSON Translation Data

Given its usefulness, I’ve naturally been interested in applying JSON to the storage of i18n data, a topic which I have written about before. As an arbitrary-depth hash format, JSON is a good fit for this kind of data, which tends to assume a similar nested key/value…


Loofah XSS Vulnerability


HTML injection/XSS in Sanitize


JSONify your Ruby Translations

JSON is a ubiquitous format for storing and transmitting complex nested data, originally in Javascript but today in every major programming language. JSON is also increasingly used as a persisted data type, notably by PostgreSQL with its json and jsonb types, and more recently MySQL also supporting JSON natively. Ruby ORM like Sequel and ActiveRecord1 offer interfaces for querying on this kind of JSON-formatted data.

JSON Translation Data

Given its usefulness, I’ve naturally been interested in applying JSON to the storage of i18n data, a topic which I have written about before. As an arbitrary-depth hash format, JSON is a good fit for this kind of data, which tends to assume a similar nested key/value…

Appfolio Engineering 

Ruby 2.6 preview 1: Timing JIT

The new Ruby 2.6 preview 1 has JIT capability built in. Awesome! But it's still early. They say JIT doesn't help on Rails apps, for instance.

Purely by coincidence, I happen to write a big concurrent Rails-based benchmark, which Takashi was hoping to see JIT results for. And I'm freshly back to part-time work after paternity leave.

So how is its performance for Rails apps? Let's find out.

(Disclaimer: Takashi says that 2.6 head-of-master has significantly better JIT performance than prerelease 1. And I'll get around to timing that soon, too. But for now let's go with the 2.6 prerelease.)

Some Graphs

There's a way I usually graph this stuff. And several people have pointed out that I could do…

Paweł Urbanek - Web Development Consultant, Full Stack Blog 

How I've Built a Profitable Slack Bot as a Side Project in Rails

The same dark guy as on Abot landing page

I’ve built a Slack bot in Ruby on Rails and it is profitable. In this blog post I will describe what I did and tools I used to create, promote and monetize a simple SAAS product.

Working professionally as a web developer you usually deal with huge projects containing tons of business logic. It is virtually impossible to create something similarly complex in your free time without going full indie.

I wanted to build something simple but still capable of providing real value to the users.

Here comes the story of Abot.

Purpose and origin

Abot allows you to send anonymous messages to channels and other members of your Slack team. Whoever receives a message can reply to the author without…

Andy Croll 

Check Your Database Indexes For ActiveRecord Scopes

It is alleged that Ruby is slow. However, whether you’re using Ruby, Elixir, or Go, the ‘benchmarked’ speed of a language is irrelevant if your web application eventually hits an unoptimised database.

Indexes allow your database to quickly find and sort records in a table by keeping pre-organised copies of your data. Conceptually, they’re like the index of a book.

Instead of…

…having your database do more work than it needs to.


…database indexes when you query on foreign keys and for queries over multiple fields.

class AddRecommendedIndexes < ActiveRecord::Migration[5.1]
  def change
    # where user_id is a foreign key
    add_index :model_with_foreign_key, :user_id
    # or the…
Riding Rails 

Time column improvements and bugfixes!

Hello everyone! This is Greg bringing you the latest news from the Rails world.

This Week’s Contributors

15 people contributed to Rails this week! If you’d like to join them, why not check out the list of open issues?

Time column improvements

This commit applies precision when assigning values to time columns, fixes issues with time columns not being normalised on SQLite and ensures that the date component from a time is stripped for MySQL and PostgreSQL.

RedisCacheStore configuration fix

When RedisCacheStore is initialised it  should take a redis instance but it didn’t before this patch.

Fix multiline expression indexes for postgresql

This commit fixes an issue with Active Record’s…

Glauco Custódio 

Inspecting Ruby Gems

Have you ever needed inspecting a gem in your local machine?

You need to figure out how a method works, to check the internal state or just out of curiosity.

Today I am here to share two techniques I have been using.

Suppose we are working in a Ruby project which Gemfile contains the following gem:

gem 'grape'

Getting a new copy of the gem

The first technique is to git clone the gem into your machine, change the branch/tag to the same version that is in Gemfile.lock and set the path option in your gem entry on Gemfile:

$ pwd
# /Users/myuser/projects

Clone the gem you want to inspect:

$ git clone

Change the branch/tag:

$ cd grape
$ git…
All Ruby Podcasts by 

MRS 035: Mike Gehard

Panel: Charles Max Wood

Guest: Mike Gehard

This week on My Ruby Story, Charles talks to Mike Gehard. Mike currently works for Pivotal working in the Platform Acceleration Lab. He first got into programming when he was 10 working with his Commodore 64, but really stepped up his interest after he graduated with his Bachelor’s in Chemical Engineering and started working at a petrochemical refining research company, where it was very computer based. They discuss how he found his way to Ruby and how easy it is to create things with it, as well as the things that he has contributed to the Ruby community that he is proud of.

In particular, we dive pretty deep on:

The Bike Shed 

146: --YOLO

Amanda, Derek, and Sean discuss style guides, automated code formatting, and the cycle of disillusionment in development work.

RubyMine Blog 

RubyMine 2018.1 Beta: Smarter and Faster

Hi everyone!

RubyMine 2018.1 Beta (build 181.4203.207) is out now and ready for your review! Earlier we told you about the new static analysis core engine that’s allowed RubyMine to understand and navigate your projects’ and Rails’ codebases better. These changes also had a great impact on the overall performance of RubyMine, which has become evident after fixing some bugs in the fresh 2018.1 Beta build.

Faster RubyMine

Performance improvements already were a major highlight of the v2017.3 release. Yet, we believe now we have pushed it to a whole new level, which is confirmed by our sample testing.

To check our progress, we inspected all .rb files located in Diaspora’s app directory for unr…

Awesome Ruby Newsletter 

Issue 96 - 25 Years of Ruby commits, using gource visualization. Happy Birthday Ruby!

Scout ~ The Blog 

Rollbar+Scout: a legit New Relic alternative

The New Relic price tag goes up dramatically as your server footprint grows. This might not be an issue if you are utilizing New Relic’s full product suite, but what if you just care about error and performance monitoring?

In that case, there's a solution that offers richer features as an alternative to New Relic. When you combine Rollbar (errors) and Scout (performance), you're choosing two best-of-breed, focused products that actually play well together.

First, let’s see what’s special about Rollbar’s error monitoring capabilities. Then, we’ll show how to combine Rollbar and Scout to give a unified app stability experience.

Purpose-built error monitoring with Rollbar

rollbar screen

Rollbar is a… 

Continuous Conscious Self-Improvement

How do you develop software?
Is it effective? (and how do you know that?)
Are you focusing on improving yourself?
Where are you at? Where do you want to be?
Could you do better?
Where could you put the least amount of effort to improve the worst?
When do you do that?
What would your teammates answer (about you)?
What can you learn from them?
What are you doing to get there?

Scout ~ The Blog 

Setting up a Rails app for CodeBuild, CodeDeploy, and CodePipeline on AWS

If you’ve followed along with our previous episodes, we’ve covered many different aspects of setting up a production service. We’ve used many different products to simplify the day-to-day operations of running and maintaining an application.

We’ve used Scout for monitoring our application, LogDNA for aggregating our logs, HoneyBadger for our exception handling, and a host of AWS services for running our services, managing our SSL certs, hosting our Docker images, etc.

But one thing we haven’t focused on tidying up yet is one of the places we spend most of our time. Building features, merging those features, running tests, and deploying that code.

In today’s episode, we’ll be talking…

Pat Shaughnessy 

How Rust Implements Tagged Unions

Rust describes itself as:

…a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.

Of course, this is in contrast to C, a different systems programming language that encourages segfaults and makes no guarantees at all about thread safety. Rust improves on C in many ways, most famously with its innovative ownnership model for managing memory.

Another less obvious improvement Rust makes to C has to do with the union keyword. The Rust compiler implements tagged unions, which prevent you from crashing your program by initializing a union with one variant and…

Ruby Weekly 

An overview of Ruby GUI development in 2018

Ruby Weekly Issue 390 — March 15, 2018
Olivier Lacan
If you’ve ever seen a notice like “Bundler attempted to update nokogiri but its version stayed the same” and struggled to work out why, this interesting dig into Bundler is a worthwhile read.

Satoshi Tagomori
An proof-of-concept Ruby implementation of Go’s defer, a way to ensure certain things occur upon the conclusion of a method (such as closing files).

Our out-source DevOps solution keeps your app updated and running. Pre-baked blue/green deployments mean you’re always able to…
Search Results for “ruby” – via @codeship 

VueJS as a Frontend for Rails

Reading Time: 9 minutes

VueJS is one of the fastest rising stars in the JavaScript frontend ecosystem. It largely embodies simplicity and composability of frontend design solutions without going overboard. It provides a more elegant way to reduce complexity in both scripting and your styling by grouping them into components. This protects your site’s styles from conflicts and also provides logical organization for individual parts of your frontend code.

“VueJS provides an elegant way to reduce complexity in frontend design” via @6ftdan
Click To Tweet

Getting Started

Some brief setup instructions.

gem install rails --version "5.2.0.rc1"
rails _5.2.0.rc1_ new vue_example --webpack=vue

Rails bounded contexts via value objects

In this article I will present really simple way how to introduce Bounded Contexts in Ruby on Rails application while still keep Rails conventions and its simplicity and playfulness.

This solution will not be perfect. It will not solve all problems of Bounded Contexts (like Microservices do). You will still be working with monolithic Ruby on Rails application on a one database sharing the same gems between boundaries.

But this is good !

This solution is trying to embrace monolith, Rails and simple technical implementation. With this solution both senior and junior developers can work with it.

This is a really really long article but it has really really interesting point. So please…

The Life of a Radar 

On Writing Software Well #2: Using callbacks to manage auxiliary complexity: A review

A few people have asked for my opinions on DHH's recent video series. And others have bemoaned the lack of a critical take on the videos. So here's a critical take involving my opinions on DHH's 2nd video) in the series.

Why not start with Video #1 in the series? Because it was great! Code comments that explain why things are the way they are... those are incredibly useful to people new / unfamiliar with parts of a codebase. His points were well made and I find nothing worth commenting on. (Pun intended)

Video #2 though has the word "callbacks" in it and so I'm intrigued to hear what DHH has to say about it.

So here's some "real-time" opinions that I wrote down while watching this video…

Olivier Lacan 

Why Won't Bundle Update?

You just received notification from GitHub’s nifty new repository dependency scanner that there is a critical vulnerability report for the Nokogiri Ruby gem you currently have locked to version in your Rails application’s Gemfile.

It looks a little bit like this:

Concerned, you decide to immediately update this dependency, run your test suite, and deploy to production to prevent even the remote possibility of an exploitation of this vulnerability in your application.

bundle update nokogiri
Fetching gem metadata from
(... coffee (or Mamba) time! ...)
Bundler attempted to update nokogiri but its version stayed the same
Bundle updated!



Memoizing in Ruby

Memoization is the pattern of calculating a value once, and re-using that value each subsequent time it is needed. It’s common to encounter this in Ruby in the form @variable ||= calculation. It’s so common that it is often used even where it’s not expensive or re-used; it’s become a part of idiomatic Ruby. In my last post I made an off-hand reference to solving the problem of using memoization for falsy values, and it seems a topic worth talking about in and of itself.

What do you mean there’s a problem?

Consider that the following methods have the same behavior:

def foo_or_equal
  @foo ||= calculate_foo

def foo_verbose
  @foo || (@foo = calculate_foo)

def foo_multiline

When calculate_foo returns a truthy object - anything…

Semaphore Engineering Blog 

Docker Image Size - Does It Matter?

Docker Image Size - Does It Matter?

Does Docker image size matter? The answer I usually hear is "yes". The logical question that follows is "why?". I've heard the following two answers too often for my liking:

  • A smaller image takes less disk space.
  • A large image is difficult to upload. It takes a long time.

Alhough both these statements sound like they make sense, neither is generally true.

There are some other legitimate reasons why it's desirable to have smaller Docker images, like reducing attack surface. But in this article, I want to address the urban legends mentioned above.

Smaller Docker images take up less disk space

A Docker image is composed of reusable layers, i.e. different images might share some…

Tech Tips and Freebies – Rubyroid Labs Blog 

Ruby has Hit Top-10 of TIOBE Index

Ruby is NOT dead! Our favorite language has finally come back to TOP-10 most popular coding languages according to TIOBE Index. As proof, we provide fresh infographics and stats! Check details inside. TIOBE Index is the rating of coding languages according to their popularity. It is created and maintained by the TIOBE Company based in...
Paweł Urbanek - Web Development Consultant, Full Stack Blog 

My Toolkit for Writing and Promotion of Blog Posts

Tools represent tools I use for my blog

I would like to describe a couple of tools which I use to create, release and promote my blog posts. If you already are a technical blogger, or maybe still only thinking about setting up your place on the internet, you might find some valuable tips for your own toolkit.

jekyll template optimized for SEO

I use jekyll based pixyll template for my blog.

So far I’ve customized the original template quite a lot, mostly in terms of SEO. I would like to share it for free. Click the below link to read the details:

jekyll SEO template

Looks like all the SEO tricks I applied started paying off. Recently I’ve noticed that most of the traffic comes from organic Google search results:

Most of the traffic is organic

My “pong…

Ruby Conferences 'n' Camps in 2018 - What's Upcoming? 

Ruby Open Source Software (ROSS) Conf Amsterdam @ Amsterdam, the Netherlands - Ruby Conferences 'n' Camps Update

Conferences 'n' Camps

What's News? What's Upcoming in 2018?

Ruby Open Source Software (ROSS) Conf Amsterdam Registration is open (FREE)
May/11+12 (2d) Fri+Sat @ Amsterdam, the Netherlands • (Updates)

See all Conferences 'n' Camps in 2018».

Greater Than Code 

071: Brein Power with Rein Henrichs

Support for the Greater Than Code podcast comes from O’Reilly Fluent and Velocity conferences. Join over 4,000 developers and engineers in San Jose, California, June 11-14. Check out the Super Bronze Pass for access to both conferences–you’ll get a unique learning experience that addresses the full web experience, from development and performance to operations and resilience. Best Price ends this Friday, March 30. Learn more at


Sam Livingston-Gray | Jessica Kerr | Christina Morillo | Jamey Hampton | Rein Henrichs

Join Our Slack Channel!
Support us via Patreon!

Show Notes:

02:41 – Rein’s Superpower: Perceiving and Being Aware of Connections Between…

All Ruby Podcasts by 

RR 353: Removing Business Logic from Rails Controllers with Aaron Sumner


  • Charles Max Wood
  • David Richards

Special Guests: Aaron Sumner

In this episode of Ruby Rogues, the panel discusses removing business logic from Rails controllers with Aaron Sumner. Aaron is a long time Ruby developer, using mostly Rails, writes a blog called Everyday Rails, and most people know him from his book, Everyday Rails Testing with RSpec: A practical approach to test-driven development. They discuss service objects, the pros and cons of using them, and they emphasize not trying to change something all at once, but gradually.

In particular, we dive pretty deep on:

  • Aaron intro
  • How to test code without controller tests?
  • The cons to controller tests
  • Soft deprecation
Search Results for “ruby” – via @codeship 

Deduplicating Large Data With Rails

Reading Time: 4 minutes

This article was originally published by Cheyne Wallace on his blog, and with his permission, we are sharing it here for Codeship readers.

Storing and retrieving large chunks of data from your database can be tricky if it’s not done correctly. What happens when you want to store a relatively large document or body of text in your database but that large chunk of text is likely to be identical for thousands of new records? You’re faced with the possibility of storing gigabytes of duplicated data that really doesn’t need to be there.

“Storing and retrieving large data can be tricky if it’s not done correctly.” via @cheynewallace
Click To Tweet

Here’s the scenario: say…


pull git private repo from github from npm modules or bundler

Direct password in NPM package

This is the stupid, but pragmatic way. Somtimes you want to do this if you want to avoid extra cost of DevOps overhead.

With git there is a https format

This format accepts User + password

So what you can do is create a new user that will be used just as a bot, add only enough permissions that he can just read the repository you want to load in NPM modules and just have that directly in your package.json / Gemfile

Github > Click on Profile > Settings > Developer settings > Personal access…
BigBinary Blog 

Ruby 2.5 adds Exception#full_message method

This blog is part of our Ruby 2.5 series. Ruby 2.5 was recently released.

Before Ruby 2.5, if we want to log a caught exception, we would need to format it ourselves.

class AverageService
  attr_reader :numbers, :coerced_numbers

  def initialize(numbers)
    @numbers = numbers
    @coerced_numbers = coerce_numbers

  def average
    sum / count


  def coerce_numbers do |number|
      rescue Exception => exception
        puts "#{exception.message} (#{exception.class})\n\t#{exception.backtrace.join("\n\t")}"
        puts "Coercing '#{number}' as 0.0\n\n"


  def sum
All Ruby Podcasts by 

MRS 034: Mikel Lindsaar

Panel: Charles Max Wood

Guest: Mikel Lindsaar

This week on My Ruby Story, Charles talks to Mikel Lindsaar. Mikel started a Ruby on Rails consultancy in 2010 and is most well known for being the original author of Mail gem. He first got into programming working as a volunteer for a church where he built a Rails parishioner management system. This experience led him to create the Mail gem, which has really made him well-known in the community. He always like the idea of being able to control and create something, and this has definitely influenced his programming career.

In particular, we dive pretty deep on: 

  • How did you first get introduced into programming?
  • Mail gem
  • Coders are…
Giant Robots Smashing Into Other Giant Robots 

Using `yield_self` for composable ActiveRecord relations

Ruby 2.5 introduces Object#yield_self, which can be thought of as a close cousin to Object#tap. Where tap executes a block returning the value it’s called on, yield_self yields the object its called on into the supplied block, returning the result of the block.

Many have compared yield_self to Elixir’s pipe operator, |>, and while I use and enjoy the pipe operator in Elixir, I had a hard time envisioning how I’d use yield_self in my Ruby code. However, days after my client project was updated to Ruby 2.5, an opportunity to use yield_self just about smacked me in the face. Let’s walk through it together.

The project I’m working on makes use of several query objects. The query objects take…

Leigh Halliday - Ruby On Rails 

Best Ruby & Ruby on Rails Resources

An ultimate list of Ruby resources, books, courses, people to follow, etc... This list contains resources I have used over the years while learning and writing Ruby (on Rails) professionally.
Paweł Urbanek - Web Development Consultant, Full Stack Blog 

How to Track Down and Fix Slow Active Record SQL Queries in Rails

Snail represents Rails Active Record SQL query before optimization techniques

Scaling issues are great because it means that you have traffic on your website. Before you decide that “Rails doesn’t scale!” and start a rewrite to a tech stack with potentially more performance, maybe you should double check your database queries first. Below I describe some tools and techniques you can use to track down, diagnose and optimize slow Active Record SQL query.

Problem with Active Record

I’ve started my programming career developing Rails apps. Thanks to Active Record I could start getting stuff done right away.

Active Record lets you write fairly complex database queries without understanding the underlying SQL. It is its best feature and the greatest sin at the same…

Valentino G. | Blog 

Tutorial: Django REST with React (Django 2.0)

A practical (opinionated) introduction to using Django REST with React. Featuring Django 2.0!

Tutorial: Django REST with React (Django 2.0)

There is no shortage of web frameworks these days.

Want to build an API? Here it is:

Rails, Node.js and Koa 2, Phoenix, you name it.

But here’s the reality: the client wants a prototype quickly. What should I do?

I pick a web framework that:

  • lets me write less code
  • lets me ship a MVP as soon as possibile
  • provides a solid foundation for extending the project

And trust me, Django is great when it comes to development speed.

But how to create a simple Django REST API?

How to structure a Django project with React?

Fear not, we’ll find out together!

Django REST with React: what you will learn

In the…

Bundler Blog 

February 2018 Bundler Update

Welcome to the Bundler monthly update!

Bundler saw some fixes in February thanks to contributors @nholden, @voxik, @cpgo, @deivid-rodriguez, and @alyssais. Fixes this month included a fix for certain instances of the “perhaps the lockfile is corrupted?” error, as well as clear enforcement steps for the code of conduct. We also received an awesome proposal to give the add command superpowers, and add a remove command.

This month, Bundler gained 23 new commits, contributed by 8 authors. There were 291 additions and 59 deletions across 50 files.

Interested in contributing to Bundler? We always welcome contributions in the forms of triaging bugs, adding new features, writing docs, and…

Ruby Weekly 

#389: A Huge Collection of Ruby One Liners

Ruby Weekly Issue 389 — March 8, 2018
Eliav Lavi
Using Ruby’s various Module lifecycle hooks, Timeasure ends up with a nice, clean interface for tracking methods. Homepage and live demo here.

Sundeep Agarwal
Ruby isn’t just for building webapps, y’know. It’s an amazing swiss army knife for anyone at the command line and these examples could help you out with a lot of menial tasks.

GoCD  Sponsored
Managing build versions is one of the key considerations for designing good CD pipelines. This blog uses a simple web…
The Bike Shed 

145: The Internet is Ruined

Derek and Sean commiserate about the latest generation of MacBooks, Slack, and the state of the Web.


The Local Variable Aversion Antipattern

In my experience writing Ruby, a strong aversion to using local variables is something I have noticed again and again. I would propose that in most scenarios this has several underrecognized drawbacks. The solution is easy: use local variables.

Methods take more lines

This may sound obvious, but every method definition results in +3 extra lines in a class.

  1. def name The method definition
  2. end The method definition termination
  3. A line of whitespace that separates the methods

Lines of code are meaningless, right? No big deal. WRONG! You walked right into that one (grin).

Lines of code represent a maintenance burden. They do matter, as they can add up quickly and turn a class that…


Rack::Protection v1.5.5 is out

I have just released Rack Protection v1.5.5 for backporting security fix.


The v1.5.5 contains a security fix for CVE-2018-1000119.

It was determined a timing attack vulnerability in the CSRF token checking that can result in signatures being exposed.

The original fix has already been merged at rack-protection v2.0.0.rc3. Therefore, there is no problem if you are using rack-protection v2.0.0.rc3 or later.

At first of all, we strongly recommend that you check the version of rack-protection you are currently using on your application. You can confirm that by looking at the version of rack-protection embedded in Gemfile.lock.

As a result, if you still are using rack-protection…

Awesome Ruby Newsletter 

Issue 95 - My thoughts on Hanami

The Life of a Radar 

Hiring Juniors (RubyConf AU Talk)

This is the transcript for a talk that I gave at RubyConf AU in March 2018. Video will be uploaded soon-ish.

Slides are on Speakerdeck

I have seen the future.

Five years from now, someone will get on a stage like this one (or perhaps midseven this one) and blow your freaking minds. This person will astound you with a radical talk on a subject we, in the present, can only guess at. That person is not going to be Sandi, or any of the other speakers here. It's not even going to be me -- as much as I (and my ego) would like that.

In fact, the person who will blow your minds knows a model today as someone who would walk down a catwalk in some ostentatious outfit. They think that a view is…

Ruby Together News 

February 2018 Monthly Update

Hello and welcome to the monthly update! During February, our work was supported by Stripe, GitLab, reinteractive, and many others.

ruby together news

In February, Ruby Together was supported by 76 different companies, including Sapphire member Stripe. Four companies joined as new members, including Nebulab, weLaika, Kickass Partners.

In addition to those companies, 6 new developers signed up as members or friends of Ruby Together, including Stan Lo. In total, we were supported by 91 individual members and 68 friends of Ruby Together. Thanks to all of our members for making everything that we do possible. <3

As we mentioned last month, Ruby Together applied to organize a Google Summer…

Test Double | Our Thinking 

Debrief: Lead Dev Austin 2018

Last weekend I had the great privilege of attending LeadDev Austin. As far as I'm concerned, the folks at White October knocked it out of the park! For a one day conference where the longest talks were 30 minutes, the speakers packed in plenty of valuable information.

If you'd like a preview before the videos become available, read on!

Common Themes

This is a list of ideas that came up in multiple talks (not a lot of disagreement between the speakers).

  • "What got us here won't get us there". This exact phrase came up in at least two talks. It's applicable to developers that become lead developers. The roles require different priorities and skills.
  • People over process. Most of the talks…
All talk but no code... 

Settei - 又一個讀取設定的 Gem

五年前,本部落格第一篇文章就是在講使用 Settingslogic 作設定。經過了漫長的歲月,終於想到了怎樣還能作的更好,最後作出了一個新的 gem 叫做 Settei 。這是一個使用 yaml,但是又能符合 12-factor app 的設定方式。


12-factor app 是一套讓部屬更容易的規則。其中第三點指到,要把設定跟程式分開,並把設定存在環境(變數)中。


# 傳統使用 ENV 就得寫一長串超累:

使用YAML 就簡單很多

    per_page: 5
    max_page: 10
    n_recent_only: 5
    avoid_only_n_hidden: 2

但是要怎樣結合 YAML 的優勢跟 ENV VAR 的優勢呢?

我的想法是:把 YAML 給 serialize 成一串文字,就能當 env var 傳到遠端了。






Aim of the talk: Show different ways how a developer can think about product.


Microservices and Serverless are all really cool Architectural strategies but if you are productive with monolith and don’t have any scaling or team organization issue stick with Monolith. Monolith is not dead.

You really need to have a good reason to reach for microservices / serverless and if you do I hope this talk will be helpful :)





BigBinary Blog 

Ruby 2.5 prints backtrace and error message in reverse order

This blog is part of our Ruby 2.5 series. Ruby 2.5 was recently released.

Stack trace or backtrace is a sequential representation of the stack of method calls in a program which gets printed when an exception is raised. It is often used to find out the exact location in a program from where the exception was raised.

Before Ruby 2.5

Before Ruby 2.5, the printed backtrace contained the exception class and the error message at the top. Next line contained where in the program the exception was raised. Next we got more lines which contained cascaded method calls.

Consider a simple Ruby program.

class DivisionService
  attr_reader :a, :b

  def initialize(a, b)
    @a, @b = a.to_i, b.to_i
bogdanvlviv / Bogdan 

I read books

Running with Ruby 

Karafka framework 1.2.0 Release Notes (Ruby + Kafka)

Note: These release notes cover only the major changes. To learn about various bug fixes and changes, please refer to the change logs or check out the list of commits in the main Karafka repository on GitHub.

Note: 1.2 release is the last release that will require ActiveSupport to work.

Code quality

I will start with the same thing as with 1.1. We’re constantly working on having a better and easier code base. Despite many changes to our code-base stack, we were able to maintain a pretty decent offenses distribution and trends.

It’s worth pointing out, that we’re now using more extensively many components of the Dry-Rb ecosystem and we love it!


This release brings significant…

Engine Yard Blog 

Memcached Security aka Don't Attack GitHub 

GitHub recently experienced the largest attack we've seen to date. At the peak, they received 1.35 Tbps via 126.9 million packets per second. We don't know who launched the attack but we know how they did it. The attackers used an amplification attack using memcached servers that were exposed to the internet.


How to Write a Ruby C Extension

Writing a C extension allows you to interact with Ruby from C. You may want to this if there is a particular important method you would like to optimize with the speed of C, or if you would like to create an interface between a C library and Ruby. Your First C Extension Create a […]

The post How to Write a Ruby C Extension appeared first on RubyGuides. Don't miss your free gift here :)

Greater Than Code 

070: Trusting The Universe with Kale Kaposhilin

Support for the Greater Than Code podcast comes from O’Reilly Fluent and Velocity conferences. Taking place in San Jose, California, June 11-14, it’s the best place to get the latest in software development, performance, operations, resilience, and so much more. Register before March 30th to lock in Best Price. And use discount code GTC20 to save an additional 20% on most passes! Learn more at

Cloud City Development is happy to support our coding community and especially Greater than Code. The Cloud City team are expert software programmers and designers with a strong desire to see more diversity in tech, more kindness on teams, and better tools. Please let them…

The Life of a Radar 

My thoughts on Hanami

(This was originally posted as a comment on Reddit)

I've been toying around with Hanami for a few weeks now and imo it feels better than Rails. If you want to see some code rather than text, here's my little example app I've been building with Hanami.

Here are the top three things that I like about Hanami, in long form:

Repository pattern instead of Active Record

Documentation link: Hanami | Guides - Models Overview

The Active Record pattern encourages you to throw everything into the model. Think: callbacks, validations, persistence, database logic (queries) and business logic.

In contrast, the repository pattern (through ROM) leads to a cleaner separation between your database and…

The Miners - Medium 

On Writing a Great Pull Request

Getting into the mindset of efficient pull requests

Nowadays, pull requests are essential tools to enable seamless collaboration within software teams. They’ve changed our workflows for the better and became a standard development practice.

Although there are many useful guides on the internet about increasing the quality of pull requests, this post aims to provide my own take on the matter: what I think are the essential characteristics of a great pull request. The focus will be on the pull request itself, not on the accompanying code. I shall note that this is my personal opinion, and some points may not apply to your case.

Don’t make me think!

Bob is opening a pull request for something he’s…

OmbuLabs Blog 

Upgrade Rails from 4.2 to 5.0

This article is part of our Upgrade Rails series. To see more of them, click here.

This article will cover the most important aspects that you need to know to get your Ruby on Rails application from version 4.2 to 5.0.

  1. Ruby version
  2. Gems
  3. Config files (config/)
  4. Application code
    1. ActiveRecord
    2. Controllers
  5. Testing
  6. Next steps

1. Ruby version

Rails 5.0 requires Ruby 2.2.2 or later.

This Ruby upgrade shouldn't generate any problems. However, if you run into this exception in your test suite:

cannot load such file -- test/unit/assertions (Load Error)

then you'll need to add:

gem 'test-unit'

to your Gemfile.

2. Gems

  • It's recommended that you check your Gemfile against Ready4Rails to…
Test Double | Our Thinking 

Please don't mock me

The video above was recorded at the inaugural Assert.js 2018 conference in San Antonio, Texas.

If you've ever been frustrated with how a test faked out a network request, mocked something out, or continued passing while production burned, then this talk is for you. In it, I do my best to boil down nearly a decade of practicing test-driven development with JavaScript to summarize the Do's and Don'ts of poking holes in reality when writing tests.

By watching this talk, you'll learn about 9 abuses of mocks and 1 workflow that uses test doubles effectively—each explained at a level of detail you probably haven't seen elsewhere. While you're at it, you'll also get a pretty good handle on how to…

All Ruby Podcasts by 

RR 352: React on Rails and Webpacker with Justin Gordon and Rob Wise


Charles Max Wood

Dave Kimura

Eric Berry

Special Guests: Justin Gordon and Rob Wise

In this episode of Ruby Rogues, the panel discusses React on Rails and Webpacker with Justin Gordon and Rob Wise. They talk about the origins of React on Rails and compare it to Webpacker. They also talk about how the two go hand in hand and how you can use them in your own coding to make your life easier.

In particular, we dive pretty deep on:

  • React on Rails library
  • Ruby on Rails adopted Webpack and called it Webpacker
  • Define your fence lines for your library
  • JavaScript
  • Key features of React on Rails
  • Angular issues with Webpacker
  • How the original React on Rails worked
  • Needed…
Search Results for “ruby” – via @codeship 

Using Genetic Algorithms in Ruby

Reading Time: 5 minutes

Did you know that there’s a way to use the power of natural selection to solve programming challenges? With genetic algorithms (GA), you can solve optimization problems using the same concepts that you find in nature:

  • Reproduction
  • Survival of the fittest
  • Adaptation to the environment

So what’s an optimization problem? It’s when you want to find not just a valid solution but the solution that will give you the best results.

For example, if you have a backpack that only fits a certain amount of stuff and you want to maximize the amount of stuff you can bring, then you could use a genetic algorithm to find the best solution. This is also known as *the knapsack problem*.

Ruby Inside - Medium 

How I Built Timeasure: Part 1 — Motivation & Method Wrapping

I’ve recently released Timeasure, a new gem that serves as a transparent method-level wrapper for profiling purposes in Ruby.

It was released under the GitHub account of the company I work for, Riskified, as its core was developed as part of a task I was given there. I have taken it as a passion project to go ahead and generalize it well enough so it can be useful to others and be released as a gem; I believe it might serve other Ruby developers out there looking to optimize the runtime of their code efficiently.

In this post, I will explain what Timeasure does, what parts it’s comprised of…

Hi, we're Arkency 

Rails Event Store - better APIs coming

Rails Event Store v0.26 is here with new, nicer APIs. Let’s have a look at some of those changes:

Persistent subscribers/handlers

subscribe used to take 2 arguments: handler (instance or class or proc) and event_types (that the handler was subscribed to).

class OrderSummaryEmail
  def call(event)
    order = Order.find(

client =
client.subscribe(, [OrderPlaced])

This can be now used as

client.subscribe(, to: [OrderPlaced])

I think this named argument to: makes it much more readable.

We also made it possible to subscribe Proc in much…

Julia Evans 

A few things I&#39;ve learned about computer networking

Somebody asked a few months ago “hey, what’s the best way to understand computer networking?”. I don’t really know how to answer this question – I’ve learned a lot of the things I know at work, and I think picking up new things when I need them has been fine.

But I thought it could maybe be useful to list a bunch of concrete skills and concepts I’ve learned along the way. Like anything else, “computer networking” involves a large number of different concepts and skills and tools and I’ve learned them all one at a time. I picked most of these things up over the last 4 years.

  • How to set up an Apache web server by copying and pasting things from the internet. (pre-2010)
  • What a http…
Julia Evans 

How does the internet work? podcast

I’m on the CodeNewbie podcast this week talking about how the Internet works – we talked about TCP, UDP, netcat, and a few other things. CodeNewbie is a podcast for people who are just getting started with programming. I was excited about doing this podcast because I feel like often people don’t learn about things like computer networking for a long time (I didn’t learn anything about how TCP worked until I’d been programming for 10 years!) but I think a lot of systems-y concepts are both really interesting and pretty approachable.

I feel like there’s a certain segment of people who get into programming partly because they just want to know how things work (what is my computer DOING when I…

GoRails Screencasts 

File uploading with ActiveStorage in Rails 5.2

Easily add file uploads to any model (including single or multiple files) using Rails 5.2's new ActiveStorage feature
Notes to self 

Implementing a basic debug mode for your Ruby CLI

We should all strive to handle all possible errors in our programs and display nice error messages to the users, but one can hardly be sure that nothing will ever go wrong. That’s why I believe we should try to embed a debug mode that users can take advantage of when submitting the issue or solving the problem. Luckily this is very simple thing to do.

First things first I like to add a well known –debug option to the CLI program. In case you use OptionParser from Ruby standard library:

require 'optparse'

options = {}

parser = do|opts|
	opts.banner = "Usage: invoice_printer [options]"

  opts.on('--debug') do
    options[:debug] = true

Now our users can…

Michał Konarski 

I got infected with malware and appreciated by its author

Events depicted in this article happened some time ago, but I’ve never had enough time and determination to actually write them down and publish them. Quite recently some of my friends who had heard this story convinced me to do so. Here it is.

It was a hot summer evening back in August 2014. I was working on my master’s thesis project. The project was about building software controlling a group of mobile robots and at that time I was running some simulations. The main part was running on a Linux machine, but the simulator had to be run on Windows, so I decided to put it in VMware virtual machine. Looking back, I must admit it was very overcomplicated, but I was still a student and I had a…

Paweł Urbanek - Web Development Consultant, Full Stack Blog 

Practical Differences between Working in Ruby and iOS

Much metaphor

Developing iOS mobile apps and server-based Ruby applications is different on many levels. In this blog post, I will present a high-level overview of different aspects of day-to-day working in these technologies.

I am writing it from a perspective of a developer with a couple of years commercial experience working in Ruby and JavaScript. Around a year ago I made a career pivot and started working as an iOS developer.

Read on if you’re interested in how these technologies differ in terms of the ease of development and problems you have to face every day. Just to warn you, it could also be that I am a bit biased towards favoring Ruby because it is the technology that I originate from.


Drifting Ruby Screencasts 

Encrypted Credentials in Rails 5.2

In this episode, we take a look at the Encrypted Credentials of Ruby on Rails 5.2 and how we can patch it so that we can use other YAML files like a development.yml and test.yml.
Andy Croll 

Only use named scopes outside models

Last time we discussed using the hash-style syntax in your #where methods but in my examples I did something I wouldn’t do in my real-life code…

Instead of…

…using #where scopes in your controllers or views.

class PostsController < ApplicationController
  def index
    @posts = Post.where(status: 'published')


…only named scopes that you define in your model.

class Post < ApplicationRecord
  scope :published, -> { where(status: 'published') }

And then use them like so:

class PostsController < ApplicationController
  def index
    @posts = Post.published

But why?

This technique improves the organisation of your code. It forces you to do two things…

zverok with ruby 

Embracing composability: be_json RSpec matcher

There is one small yet tricky thing when testing some HTTP APIs with RSpec: how to properly and idiomatically test response’s JSON? That’s where you typically start:

let(:response) { call_my_api }
subject { JSON.parse(response.body) }

it { ... }

But it quickly turns out to be really boring, especially when testing lots of small endpoints, and testing for several response properties at once, like:

subject { response }

its(:status) { eq 201 }
its(:headers) { include('Location') }
its(:body) { ... what?.. }

Note: If you feel uneasy or unfamiliar with this style of RSpec (exactly one statement per test being expectation,…

RubyMine Blog 

Postfix Code Completion in the Fresh RubyMine 2018.1 EAP Build

Hi there,

RubyMine 2018.1 EAP5 (build 181.3986.23) is now out and awaiting your review. The highlight of this build is the postfix code completion that lets you transform an existing expression without the need to move your caret back in the code to reverse, alter, or supplement the statement.

Expressions could come in handy in many different cases. For example, you can quickly create or redesign Ruby methods or Rails actions:

Find a list of all the postfix templates in the settings (Preferences / Settings | Editor | General | Postfix Completion) to learn and play around with all of them. You can always turn off the ones you don’t need, or even disable the whole thing:

Let us know in the…

The Bike Shed 

144: Fisher Price™ Tools

We talk about everyone's favorite Fisher-Price web framework and a small upcoming change to it before pivoting to discuss Derek's experience with his first Elm PR.

Awesome Ruby Newsletter 

Issue 94 - Learn GraphQL - Create a simple GraphQL server with Sinatra

Ruby Weekly 

Ruby 2.6 Preview Released

Ruby Weekly Issue 388 — March 1, 2018
Yui Naruse
Always exciting to see a preview release of a new version of Ruby, especially since 2.6 introduces an initial implementation of the performance-boosting MJIT compiler that we’ve mentioned a few times recently.

Mike Perham
Mike Perham of Sidekiq fame explains how freezing your strings can help performance quite a bit and how Ruby 2.3+ can help make this easier.

Codeship  Sponsored
In the race of container orchestrators, Kubernetes is surging ahead. However, people are often stuck on the step of getting their…

Protocol OAuth2: let’s play with Doorkeeper & Omniauth/OAuth2. Part 1.

Know your sandbox: shallow dive into OAuth2 protocol with Rails and Doorkeeper.
Engine Yard Blog 

Ajax on Rails with Unobtrusive JavaScript

This blog post is for Rails developers that want to use Ajax in their application using Unobtrusive JavaScript. This is divided into these parts:

BigBinary Blog 

Deploying Ruby on Rails application using HAProxy Ingress with unicorn/puma and websockets

After months of testing we recently moved a Ruby on Rails application to production that is using Kubernetes cluster.

In this article we will discuss how to setup path based routing for a Ruby on Rails application in kubernetes using HAProxy ingress.

This post assumes that you have basic understanding of Kubernetes terms like pods, deployments, services, configmap and ingress.

Typically our Rails app has services like unicorn/puma, sidekiq/delayed-job/resque, Websockets and some dedicated API services. We had one web service exposed to the world using load balancer and it was working well. But as the traffic increased it became necessary to route traffic based on URLs/path.


RubyGems Blog 

TLS 1.0 and 1.1 Deprecation Notice

Security is one of our top concerns for It’s a constant balance between providing easy access for all users and providing only the most secure ways of connecting. For the last few years, we’ve continued to allow several outdated, insecure, and weak cryptographic standards.

With this post, we are announcing the immediate deprecation and future disabling of TLSv1 and TLSv1.1 for all HTTPS connections to Both TLSv1 and TLSv1.1 will be disabled, and TLSv1.2 will be required, starting on April 30th, 2018.

As of February 2018, almost all HTTPS traffic to already uses TLSv1.2. Based on current usage statistics, we expect this cutoff to impact less than…


Announcing Hanami v1.2.0.beta1

Hello wonderful community!

Today we're happy to announce v1.2.0.beta1 release 🙌 , with the stable release (v1.2.0) scheduled for April 2018.


So what this cold winter ❄ has brought to you from the Hanami world?

HTTP/2 Early Hints

I experimented with HTTP/2 Push Promise in the summer of 2015, when Hanami was still called Lotus. I presented the results at the RubyDay of that year and build a demo app.

We didn't ship that feature because Rack and web servers didn't support Push Promise, so I had to write a toy HTTP/2 web server for Rack.

Given the adoption of HTTP/2 is slow, the IETF "backported" this feature to…

All Ruby Podcasts by 

RR 351: Thwarting Insider Threats with Greg Kushto


Charles Max Wood

Dave Kimura

Brian Hogan

Eric Berry

Special Guests: Greg Kushto

In this episode of Ruby Rogues, the panel discusses how to thwart insider threats with Greg Kushto. Greg is the vice president of sales engineering and security at Force 3. Greg talks about how it is a team effort to uphold information security in a company, especially insider threats. He got started with computer security when he worked at a helpdesk and then moved his way up to making it his full-time career. This episode is great for understanding insider threats, both what they are and how to prevent them.

In particular, we dive pretty deep on:

  • What are insider threats?
  • Malicious or…
All Ruby Podcasts by 

MRS 033: Aurynn Shaw

Panel: Charles Max Wood

Guest: Aurynn Shaw

This week on My Ruby Story, Charles talks to Aurynn Shaw. Aurynn got into programming when she was helping clients at a contracting company deploy early web things using Perl. Programming really clicked for her when she was fascinated by how programs really work when she created her own language. Currently, she works with Python for Lambdas and is doing a lot of client work. This includes building deployment pipelines and helping them ask information security questions. She also discusses programming culture and her views on it.

In particular, we dive pretty deep on: 

  • How did you first get introduced into programming?
  • GameDove
  • Matt’s Script…
Hi, we're Arkency 

How to use Algolia without coupling to ActiveRecord::Base

In my video course, I present using Algolia with Rails using the more direct integration provided by algoliasearch-rails gem. Like many gems in Rails ecosystem, the integration relies on ActiveRecord::Base and its callbacks. And while it certainly can be very convenient and fast to add to your app, there is also a certain amount of magic involved. Ie, when your classes are loaded, they send HTTP request to Algolia with the index settings. And for me, that’s a big no-no. I prefer the more explicit approach in which I treat those settings as database schema and update it in migrations so there is a history in the code.

But Algolia made a good decision by splitting their solution into 2…

Engine Yard Blog 

The 13 Ruby Conferences You Cannot Miss in 2018

Nothing remains constant, especially in technology. As we continue to develop new DevOps implementations for our clients, we understand how important it is to stay current with changes in programming techniques and best practices. Even though we consider ourselves experts in Ruby on Rails development, Ruby on Rails continues to evolve as more people contribute to the open source framework. That’s why Ruby conferences are so important; they are the best place to meet with other Ruby developers to share tips and techniques, and to gain a better understanding of what the future holds.

All talk but no code... 

Gem development inside Rails app

Often during app development, it's a good idea to extract some functionality into a gem. The simple way to do this is to open a new git repository, do a bundle gem foobar, publish it, install said gem inside Rails app, use it and test some more.

How about updates? We have to change the gem, guessing how it can be used inside Rails. Then release a version, install it inside your app, and finally do some testing. This is a lot of friction. This can be especially bad if your gem is closely coupled with the app, or gets updated a lot.

How about this?

  1. Create an empty gem (e.g. bundle gem foobar) (without doing any release)
  2. Push it onto Github.
  3. Put the gem in your Rails app as a submodule: gi…
Junior Developer 

Active Record associations without foreign keys

Suppose you've got a legacy database, or some other non-Railsy schema situation, and you want to define an association but the tables don't have the standard Active Record foreign key columns. You can accomplish this, to a certain extent, with an association scope that defines a new where relation. But there are some hitches.

For example, you might have an Order that has_one CustomLogo, but rather than a foreign key it relies on matching values for several other fields: origin and client_id. Here's how you could manage that:

class Order < ApplicationRecord
  has_one :custom_logo,
    ->(order) {
        origin_value: order.origin,
        client_id:    order

I wish I had thought of this technique, but credit goes to Dwight on Stack Overflow. It's a neat…

Mike Perham 

Ruby Optimization with One Magic Comment

Software performance optimization is simple: find a way to do less. Ruby has a reputation for being slow and, while that impression is a decade out of date, one of the leading offenders has been the garbage collector.

This leads to the question: can we speed up Ruby by creating less garbage? Absolutely!

A String Primer

Ruby has an unfortunate default semantic that all Strings are mutable:

string = ""
string << "mike"

This allocates two Strings, "" and "mike". The first, empty String is then mutated to contain "mike". However String mutation is quite rare, more common is something like this:

HASH = {
  "mike": 123

def getmike
  HASH["mike"] # unnecessary garbage here!


Greater Than Code 

069: Identity Is An Arrow with Avdi Grimm

Support for the Greater Than Code podcast comes from the O’Reilly Fluent and Velocity conferences. Join over 4,000 developers and engineers in San Jose, California, June 11 – 14th. Don’t miss this unique opportunity to attend 2 essential technology conferences under one roof! Learn more about the Super Bronze pass at


Janelle Klein | Rein Henrichs | Coraline Ada Ehmke | Jessica Kerr

Guest Starring:

Avdi Grimm: @avdi | | RubyTapas

Greater Than Code Episode 002:
Neutralizing Impostor Syndrome with Avdi Grimm

Join Our Slack Channel!
Support us via Patreon!

Show Notes:

01:52 – Avdi’s Superpower: The Power of Inspiration, RubyConfIndia, and…

04:28 – The Pursuit of a Fixed…


Doorkeeper gem has stored XSS on authorization consent view


Authentication bypass via incorrect XML canonicalization and DOM traversal

Ruby Tuesday 

Issue #9

  • Ruby turned 25 last Saturday. Wow, that’s a long time. And a lots of inspiring stories of people who picked Ruby at some point. I don’t want to bore you with mine, so have one from Dave Thomas, for example. Or find a lot more under Twitter hashtag #ruby25th (seriously, many nice stories).
  • As a part of celebration, preview of Ruby 2.6 has been released. There’s a lot of cool thing going on there, mostly concentrating on massive performance improvements with new experimental JIT and some more tweaks. Looking forward to stable version!
  • Hmmm… Do you want a brand new functional-style processor for hashes (for example obtained from some API)? Well, there is one. Take a look at hm.
  • Also…

Announcing Hanami v1.1.1

This is a patch release for bug fixes and minor enhancements:

  • Added support for Ruby MRI 2.5+
  • Fixed regression for mailer generator: when using options like --from and --to the generated Ruby code isn't valid as it was missing string quotes.
  • Generate tests for views including :format in exposures. This fixes view unit tests when the associated template renders a partial.
  • Ensure exposures are properly overwritten for partials when locals: option is used
  • Ensure Hanami::Action#send_file and #unsafe_send_file to run after action callbacks
  • Ensure Rack env to have the REQUEST_METHOD key set to GET during actions unit tests
  • Ensure Hanami::Router to properly respond to unlink HTTP requests
  • HTML…