news, opinion, tutorials, about ruby, aggregated
Sources About
Code with Jason 

Common Legacy Project Challenges and How to Address Them

What is a legacy project?

The terms “legacy project” and “legacy code” mean different things to different developers. I think one thing that most developers could agree on is that a legacy project is a project that’s difficult or painful to maintain.

Spend enough years in the software industry and you might find yourself forming the opinion that most projects are legacy projects. Some projects, of course, are “more legacy” than others.

What follows is a list of what I’ve found to be some of the most common characteristics of legacy projects. Under each item I’ve included the antidote to the issue.

Here are some common characteristics of legacy projects:

Passenger - Phusion Blog 

Passenger 5.3.7: fixes Ubuntu 18.04 packages

Passenger 5.3.7: fixes Ubuntu 18.04 packages

Version 5.3.7 of the Passenger application server for Ruby, Node.js, Meteor and Python has been released.

We don't necessarily like releasing this often (5.3.6 was released just last week), but the Ubuntu issue in particular prevented people from installing the updates to Passenger.

Fixes package installation issues

An update to the nginx-common package, released recently by Ubuntu, caused installation failures.

Related GitHub issues GH-2122: 'Ubuntu 18.04 packages fail to install', and GH-2140: 'Installation on Ubuntu 18.04 fails' are now fixed.

Various improvements & fixes

  • Fixes compilation problems and warnings with GCC 8.2. Tested on Alpine Linux edge 2018-11-05. Closes GH-2139.
  • Fixes…

9 New Features in Ruby 2.6

A new version of Ruby is coming with new features & performance improvements. Would you like to keep up with the changes? Let’s have a look! Endless Ranges Ruby 2.5 & older versions already support one form of endless range (with Float::INFINITY), but Ruby 2.6 takes this to the next level. The new endless range […]

The post 9 New Features in Ruby 2.6 appeared first on RubyGuides. Don't miss your free gift here :)

Julia Evans 

Some notes on running new software in production

I’m working on a talk for kubecon in December! One of the points I want to get across is the amount of time/investment it takes to use new software in production without causing really serious incidents, and what that’s looked like for us in our use of Kubernetes.

To start out, this post isn’t blanket advice. There are lots of times when it’s totally fine to just use software and not worry about how it works exactly. So let’s start by talking about when it’s important to invest.

when it matters: 99.99%

If you’re running a service with a low SLO like 99% I don’t think it matters that much to understand the software you run in production. You can be down for like 2 hours a month! If…

The way is long but you can make it easy on me 

Hash Rockets are good actually

I've been asked a few times recently why I prefer Ruby's hash rockets to the "new" or "1.9" hash syntax. I figured I'd document it for posterity. I'm aware this is like an extremely unpopular take. This is my opinion, I hope you give it the time to think about it. If you disagree, that's fine! I'm just outlining why I like my Hash Rockets.

One syntax for everything

Consider the following hash:

  :abc => "def",

Now, we could express that as:

  abc: "def",

and certainly, that's all very well and good. Let's consider though, what if we want a hash of strings:

  "abc" => "def",

or integers

  123 =>,

or arrays

  ["user", 123] => "bees",
Running with Ruby 

Extracting the device token from Xiaomi Air Purifier 2S EU for Domoticz usage

Xiaomi Air Purifier is one of the best on the market in the price/value category. Like many other Xiaomi devices, it can be controlled using a great home automation system called Domoticz.

The only problem that I had is that for the 2S version, there is no way to obtain the device token needed for controlling the device using the miIO library.

Here are the steps needed to obtain this token using a Linux machine and a non-rooted Android phone.

Getting the Mi Home data backup

  1. Download and install the Mi Home application. You need to have the 5.0.19 version of this app. The newer versions don’t persist the token locally in the SQLite database. You can get it from the APKMirror page. Note,…
Remote Ruby 

Embracing "The Rails Way", The GoRails Redesign, Utility CSS, and Stimuluuuuus

Back in the groove, Jason and Chris talk a lot more about Ruby than last week. This episode covers Jason's experience building a Rails app the Rails way (mostly), GoRails sweet new redesign, utility CSS frameworks (okay, just TailwindCSS), and Stimulus JS. News 

JRuby Released

The JRuby community is pleased to announce the release of JRuby

JRuby 9.2.x is our new major version of JRuby. It is expected to be compatible with Ruby 2.5.x and stay in sync with C Ruby. JRuby is our first release for 2.5 support.

If you do find issues then report them on using our issue tracker at We also encourage users to join our IRC channel (#jruby on Freenode) and mailing lists. You may also follow @jruby on Twitter for updates.


  • 1 issues fixed for

Github Issues resolved for

  • #5431 - Java::JavaLang::RuntimeException:…
RubyMine Blog 

How to Import Previous Darcula Color Scheme in RubyMine

Hey all,

This post explains why we decided to update the Darcula color scheme in RubyMine 2018.3, and shows you how to quickly rollback to the previous version of Darcula if you don’t like the new one.

Why new Darcula

RubyMine 2018.3 comes with a new, much nicer, Darcula color scheme. In the new version, we updated colors for most of the Ruby/Rails elements to make your code look less noisy. For example, we got rid of the glaring red color used for Ruby classes and require calls, reworked the strings that were too bright and bold, and fixed some other aesthetics to make it look that little bit prettier:

new darcula scheme

The new color scheme is also…

Appfolio Engineering 

RubyConf Malaysia and Getting the Most from a Distant Conference

I had a great trip to RubyConf MY — thanks for inviting me, Tevanraj! I won’t subject you all to a travel post about Kuala Lumpur, even though it’s awesome. I will talk about some interesting Ruby and development stuff from the conference and before. I’ll also talk about how to get more from a conference far from home.

 Kuala Lumpur is a city of gigantic, awe-inspiring buildings. The constant construction goes way above where most cities stop, vertically speaking. Also, click on any  other  image in this post for bigger pics.

Kuala Lumpur is a city of gigantic, awe-inspiring buildings. The constant construction goes way above where most cities stop, vertically speaking. Also, click on any other image in this post for bigger pics.

The Bike Shed 

177: Tricking Computers Into Doing Things

On this episode of the Bike Shed, Chris is joined by Christina Entcheva, developer from thoughtbot's New York studio who has been a product manager and designer previously in her career, but has since settled in to her role as a developer.

Chris & Christina share a conversation ranging from their shared love of "boring Rails apps", Christina's recent work with headless CMSs like Contentful & Prismic, and a discussion around Rails performance. Throughout the conversation they touch on theme's of keeping a focus on user needs throughout the work of developing applications.

Awesome Ruby Newsletter 

Issue 129 - Announcing Eventide 1.0: Evented, Autonomous Microservices for Everyone!

Giant Robots Smashing Into Other Giant Robots 

Rails Path Helpers and the Mystery of the Missing Route Key

While working on a Rails project and adding test coverage for an existing view, I ran into the following error:

  No route matches { :action => "edit", :controller => "users" }, missing required keys: [:id]

This error is informing the reader that the path to edit a user (ex: users/:id/edit can’t be built because the required :id value is missing.

The intriguing part of this error is that locally this page renders the correct path to edit a user. Yet, attempting to render the same view in isolation, in a view spec, is raising an error.

To understand what’s happening, let’s take a look at the existing code:

# users_controller.rb

class UsersController <… News 

JRuby Released

The JRuby community is pleased to announce the release of JRuby

JRuby 9.2.x is our new major version of JRuby. It is expected to be compatible with Ruby 2.5.x and stay in sync with C Ruby. JRuby is our first release for 2.5 support.

If you do find issues then report them on using our issue tracker at We also encourage users to join our IRC channel (#jruby on Freenode) and mailing lists. You may also follow @jruby on Twitter for updates.


  • 4 issues fixed for

Github Issues resolved for

GoRails Screencasts 

Link To Current Page With Params

Learn how to link to the current page and add, remove, or modify params in the URL. This is handy for things like search or index pages with filters.
Ruby Weekly 

Ruby 2.6.0 Preview 3 Released

#424 — November 8, 2018

Read on the Web

Ruby Weekly

Ruby 2.6.0 Preview 3 Released — The next step along the road to the (hopefully) eventual Xmas release of 2.6. The big news here is, as we’ve covered recently, the included initial ipmlementation of a JIT compiler, although overall performance is up slightly too. We also get endless ranges, then, and Bundler becoming a default gem.

Yui Naruse

Do You Test Ruby Code for Thread Safety? — If you don’t, here’s a demonstration of a new gem (called threads) and how it makes thread related testing easier.

Yegor Bugayenko

Semaphore 2.0 Is Now Public —…

The Miners - Medium 

Migrating from Paperclip to ActiveStorage

Migrating from Paperclip to Active Storage

My first challenge as an intern

First of all, I’m no expert in programming. In fact, I started with Ruby on Rails about one and a half month ago with the beginning of my internship at Codeminer 42.

So that's me, an intern trying to do things I've never done before based on some online documentation which I've just googled about, along with the effort of my colleagues to teach me.

Step 1: Read the documentation

That's right, as an intern who hasn’t got a clue about what to do, the first step I took was to google up for documentation, and there I found the official migration docs and a really great article.

The article, as it says, is a supplement to the…


Ruby Templating Engines: ERB, HAML & Slim

ERB is a templating engine. A templating engine allows you to mix HTML & Ruby. This helps you generate your page dynamically using data from your database. ERB is Rails default engine for rendering views. To be precise, Rails uses an implementation called erubi instead of the ERB class from the Ruby standard library. But […]

The post Ruby Templating Engines: ERB, HAML & Slim appeared first on RubyGuides. Don't miss your free gift here :)

All Ruby Podcasts by 

MRS 068: Jérémie Bonal

Panel: Charles Max Wood

Guest: Jérémie Bonal

This week on My Ruby Story, Chuck talks with Jérémie Bonal who works at Ekylibre. He is a web developer and he has been using Ruby for the past few years now. They talk about Jérémie’s background, Ruby, Ekylibre, past/current projects, and so much more! Check it out!

In particular, we dive pretty deep on:

0:00 – Get A Coder Job!

1:05 – Chuck: We are talking with Jérémie Bonal today. Tell us who you are!

1:21 – Guest: I am a web developer and I’ve been writing Ruby for about 2 ½ years now. I’ve been writing code now for 5 – 6 years.

1:54 – Chuck: I love writing in Ruby, too. Let’s get into your story. What’s the Ruby community like in…

Greater Than Code 

104: Jellyfish Signaling with Sam Livingston-Gray

In this panelist episode, Sam Livingston-Gray talks about driving evolution, fitness landscapes and functions, how humans make decisions, and scaling, optimizing, and thriving as individuals and communities. Check out a new podcast called The Local Maximum! It's hosted by Max Sklar who is a Machine Learning Engineer at Foursquare. He covers a lot of fascinating topics: AI, building better products, and the latest technology news from his unique perspective. Max interviews Engineers, Entrepreneurs, and Creators of all types - with half of the guests being successful women in software and tech. Subscribe to the Local Maximum podcast wherever you listen! Panelists: Jessica Kerr | Janelle… News 

JRuby Released

The JRuby community is pleased to announce the release of JRuby

JRuby 9.2.x is our new major version of JRuby. It is expected to be compatible with Ruby 2.5.x and stay in sync with C Ruby. JRuby is our first release for 2.5 support.

If you do find issues then report them on using our issue tracker at We also encourage users to join our IRC channel (#jruby on Freenode) and mailing lists. You may also follow @jruby on Twitter for updates.


  • Performance improvements and bug fixes for Java integration
  • More efficient layout of Ruby instance variables
  • Basic…

Possible XSS vulnerability in Rack


Possible DoS vulnerability in Rack

Ruby News 

Ruby 2.6.0-preview3 Released

We are pleased to announce the release of Ruby 2.6.0-preview3.

Ruby 2.6.0-preview3 is the third preview toward Ruby 2.6.0. This preview3 is released to test new features before coming Release Candidate.


Ruby 2.6 introduces an initial implementation of JIT (Just-in-time) compiler.

JIT compiler aims to improve performance of any Ruby program execution. Unlike ordinary JIT compilers for other languages, Ruby’s JIT compiler does JIT compilation in a unique way, which prints C code to a disk and spawns common C compiler process to generate native code. See also: MJIT organization by Vladimir Makarov.

How to use: Just specify --jit in command line or $RUBYOPT environment…

Search Results for “ruby” – via @codeship 

What’s the Difference Between Implicit vs. Explicit Programming?

Reading Time: 7 minutes

The terms implicit and explicit take some getting used to when you first hear them. When you hear them in terms of programming what exactly does that mean to you? Is one way better than another? Here we’ll go over each of these ideas and provide examples with some design pattern benefits that may come from them.

The Terms

In programming, implicit is often used to refer to something that’s done for you by other code behind the scenes. Explicit is the manual approach to accomplishing the change you wish to have by writing out the instructions to be done explicitly. In the smaller picture, implicit and explicit are often terms used for casting types in to the type you…

Passenger - Phusion Blog 

Passenger 5.3.6: fixes smart spawning

Passenger 5.3.6: fixes smart spawning

Version 5.3.6 of the Passenger application server for Ruby, Node.js, Meteor and Python has been released. Most notably in this release is the smart spawning fix.

Fixes smart spawning

A regression in Passenger 5.3.5, introduced during a refactoring effort, made it so that Passenger only used the direct spawning method. This issue was mostly noticeable in the form of increased process spawning times between v5.3.4 and v5.3.5.

This is now fixed.

Various improvements & fixes

  • Fixes Passenger Core and application processes staying on the Watchdog's OOM score (unkillable). Closes GH-2105.
  • Fixes mach_vm_map failed warnings on macOS >= High Sierra. These warnings were harmless, but annoying. Closes …
  • Fixes pa…
Passenger - Phusion Blog 

How Passenger 6 Generic Language Support is implemented

How Passenger 6 Generic Language Support is implemented

We recently unveiled an important feature in version 6 of the Passenger application server. Passenger 5 supports Ruby, Python and Node.js, but v6 will support all programming languages. We call this effort generic language support, or "GLS" for short.

How Passenger 6 Generic Language Support is implemented Artwork for Passenger 6, to be released.

We held a coding livestream and Q&A session on November 1st. The session didn't only show the feature being implemented, but it also explained Passenger's code and architecture. Questions such as the following were answered:

  • What does the code that's being written, actually do?
  • How does it fit in the architecture?
  • What are caveats (e.g. security) to look out for?
  • What patterns does Passenger use to…

Today, we are…

Engine Yard Blog 

It's Almost Time For Ruby Conf 2018!

It’s autumn and November is right around the corner! We all know what this means…

All Ruby Podcasts by 

RR 387: Ruby Performance Profiling with Dan Mayer


  • Dave Kimura
  • Charles Max Wood
  • David Richards

Special Guest: Dan Mayer

In this episode of Ruby Rogues, the panel talks with Dan Mayer who believes that small distributed software teams can make a large impact. Dan loves Ruby, distributed systems, OSS, and making development easier. The panel and Dan talk about performance and benchmarking. Check out today’s episode to learn more!

Show Topics:

0:00 – Sentry.IO – Advertisement!

1:07 – Chuck: Our panel is Dave, David, myself, and our guest is Dan Mayer. Say “Hi”!

1:24 – Chuck: Give a brief introduction, please.

1:32 – Dan gives his background and what he currently is working on.

1:53 – Chuck: We wanted to talk to you about…

Ruby on Rails Podcast 

249: Upgrading GitHub from Rails 3.2 to 5.2 with Eileen M. Uchitelle

On August 15th, GitHub celebrated a major milestone: their main application is now running on the latest version of Rails: 5.2.1! Upgrading Rails on an application as large and as trafficked as GitHub is no small task. Eileen M. Uchitelle, better known as @eileencodes, came on to the show to discuss the upgrade and supporting multiple databases in Rails 6.

Links for this episode:

RubyGems Blog 

October 2018 RubyGems Updates

Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and in October. news

In October, we updated 23 dependencies, including the update to Rails 5.2 (thanks @thomasdziedzic) and a security update to loofah. Thanks to @fwilkens, we added a new endpoint to our API which can be used to query for gem updates within a given time range. We also merged improvements to the French and Chinese translations of our site.

Early in October, we had to disable the endpoint that powers the reverse dependencies list on the website,…

Ruby Together News 

October 2018 Monthly Update

Hello! Welcome to the monthly update. During October, our work was supported by Handshake, Stripe, DigitalOcean, GitLab, and many others.

ruby together news

In October, Ruby Together was supported by 72 different companies, including Ruby member Handshake and Sapphire member Stripe. Three new developers signed up as members or friends of Ruby Together. In total, we were supported by 74 individual members and 68 friends of Ruby Together. Thanks to all of our members for making everything that we do possible!

On the events front, our developer evangelist PJ Hagerty spoke to audiences at Little Rock Tech Fest and GOTO:Berlin. Sam Giddins attended the Google Summer of Code Mentor Summit, and…

Martian Chronicles, Evil Martians’ team blog 

Five years of PostCSS: State of the Union

Author: Andrey Sitnik, Author of PostCSS and Autoprefixer, Lead Front-end Developer at Evil Martians

PostCSS 0.1, the very first version of the tool that introduced a novel way to transform CSS with JavaScript, was released in the early November 2013. On the project’s fifth anniversary, Andrey Sitnik, the creator of PostCSS, takes a chance to look back. He tells the story behind the project, reviews the community’s present achievements, and peeks into the future.

Before I started building PostCSS my mind was not entirely occupied by CSS and JavaScript, I was reflecting on a broader subject of the relationship between a human and a machine. If that sounds too broad—bear with me, soon it…

Passenger - Phusion Blog 

How lag isn't always a bad thing

How lag isn't always a bad thing

During my internship at Phusion I worked on improving the Passenger Library as my final assessment to graduate from Communication and Multimedia Design. Phusion received feedback from users having a hard time navigating through the Library, and finding basic content. I wanted to try and solve that.

A use case for React
An important choice for the new design was giving users the option to select the language and integration they wanted to read about. The old Library makes you choose the same option several times and can sometimes isolate you from that choice. By adding this option to the navigation on the left, users wouldn’t have to face this problem anymore.

How lag isn't always a bad thing

In the Docs we recently…

Drifting Ruby Screencasts 

Grab Bag of Ruby and Ruby on Rails Tricks

In this episode, we look at various tips and tricks.
Jekyll • Simple, blog-aware, static sites 

Jekyll 3.8.5 Released

This release fixes a bug where multiple Liquid tags were not supported in excerpts.

Thanks to @ashmaroli for fixing this issue in #7250.

Happy Jekylling!


How to Use attr_accessor, attr_writer & attr_reader

Let’s say that you have a class with instance variables & you want to expose them to the outside world… How? You have to define a method. Only methods can access instance variables. Why? Because you’ll get an error if you don’t do this. Here’s an example: class Food def initialize(protein) @protein = protein end […]

The post How to Use attr_accessor, attr_writer & attr_reader appeared first on RubyGuides. Don't miss your free gift here :)

Michał Konarski 

Git aliases I can’t live without

People are often surprised and curious at the same time when they see how I work with Git:

My Git workflow My Git workflow

My love for aliases started when I installed zsh and its addon suite oh-my-zsh for the first time. It contains a big set of predefined aliases and helper functions for different command line programs. I immediately liked the concept of typing just few letters instead of regular, long, parametrized invocations. The tool that I work with most often is Git, so it was a natural candidate for the alias revolution. Now, few years later, I can’t imagine using Git with the git command itself.

Of course, Git has its own system for defining aliases, which is perfectly fine. Personally I just…

Posts on 

Using random number generators to solve problems

I recently came across the following blog post detailing a very nice Ruby solution to the following problem: you are constantly creating robots, each of which must be given a unique name this name must follow the pattern letter letter number number number names need to be assigned at random, e.g. you can’t just call your first robot AA000, your second robot AA001, … there needs to be a way to reset this name generator The author came up with a very beautiful Ruby solution that makes clever use of ranges.
Bundler Blog 

An Update on Bundler 2.0

For the past few years the Bundler core team has been working hard on a major release of Bundler. We’ve been solving problems that users have seen since Bundler 1.0 first came out, but weren’t able to release without breaking changes. At the same time, we’ve spent a lot of time thinking about how to release a new major version with as little breakage and as few surprises as possible. We’ve come up with a system that allows everyone to use multiple major versions of Bundler at the same time, and we think that system will make future breaking changes much easier to handle.

However, this post isn’t about that system. This post is about a new plan for Bundler releases, dropping support for old…

Posts on 

Solving problems with random number generators

I recently came across the following blog post detailing a very nice Ruby solution to the following problem: you are constantly creating robots, each of which must be given a unique name this name must follow the pattern letter letter number number number names need to be assigned at random, e.g. you can’t just call your first robot AA000, your second robot AA001, … there needs to be a way to reset this name generator The author came up with a very beautiful Ruby solution that makes clever use of ranges.
Remote Ruby 

Basically No Ruby, a Lot of Stories, and an Abrupt Ending

All Ruby Podcasts by 

RR 386: Web Console Internals with Genadi Samokovarov


  • Dave Kimura
  • Charles Max Wood
  • David Richards

Special Guest: Genadi Samokovarov

In this episode of Ruby Rogues, the panel talks with Genadi Samokovarov who is a software developer and loves using Ruby. Genadi also likes dance music. You can check out his code at GitHub and his mixes on SoundCloud. Finally, he blogs about technology that he cares about. Check-out his post about a curious case in Ruby. If you are interested in his work experience, check out his resume here. Send Genadi an email or follow his social links.

Show Topics:

0:00 – Sentry.IO – Advertisement!

1:30 – Chuck: Introduce yourself please.

1:39 – The guest talks about his background and the…

RubyMine Blog 

RubyMine 2018.3 Goes Beta

Hi there,

RubyMine 2018.3 Beta (build 183.4139.32) is now available for your review. Please check out the new major features in this Beta build, and let us know if you encounter any issues. Here are the most notable changes made for v.2018.3:

Code insight

We have added support for Struct. Now you can autocomplete, navigate, and rename Struct objects without any issues.

We have also added nullability analysis for Ruby – a new inspection that checks your code for possible nil errors.

I18n improvements

RubyMine 2018.3 offers a new dialog for generating I18n translations from strings.…


Ruby Coding Challenges & How to Solve Them

Doing coding challenges is an excellent way to improve your Ruby & problem-solving skills. Why? Because you put all your focus on solving 1 specific problem. You don’t have to worry about anything else. They stretch your thinking skills, allow you to explore interesting language features & most of them can be finished in under […]

The post Ruby Coding Challenges & How to Solve Them appeared first on RubyGuides. Don't miss your free gift here :)

Riding Rails 

Webpacker, Action Text, Multiple database improvements, and more

Boo! It’s Daniel here, bringing you news about Rails for October. 🎃

Make Webpacker the default JavaScript compiler for Rails 6

Less than two years ago Rails introduced the Webpacker gem, making it easy to manage JavaScript with webpack. We started October strong by merging a whole bunch of commits by a number of people to make Webpacker the default for Rails 6.

Introducing Action Text

Combining the powers of Active Storage, Webpacker, and Trix, Action Text brings rich text content and editing to Rails. Check it out!

Improvements for multiple databases

In part 4 of the series, Eileen adds connects_to and connected_to. Stay tuned for the next episode!
We also got multi-db support for d…

RubyGems Blog 

2.7.8 Released

RubyGems 2.7.8 includes minor enhancements and bug fixes.

To update to the latest RubyGems you can run:

gem update --system

If you need to upgrade or downgrade please follow the how to upgrade/downgrade RubyGems instructions. To install RubyGems by hand see the Download RubyGems page.

Minor enhancements:

  • [Requirement] Treat requirements with == versions as equal. Pull request #2230 by Samuel Giddins.
  • Fix exec_name documentation. Pull request #2239 by Luis Sagastume.
  • [TarHeader] Extract the empty header into a constant. Pull request #2247 by Samuel Giddins.
  • Simplify the code that lets us call the original, non-monkeypatched Kernel#require. Pull request #2267 by Leon…
The Bike Shed 

176: The Machines Will Learn

On this episode of the Bike Shed Chris is joined by George Brocklehurst, development director in thoughtbot's New York studio. The conversation starts with a discussion around progressive enhancement and the state of the modern web, and then shifts to focus on George's recent explorations of machine learning. This episode is a perfect introduction to the topic of ML, and provides a great summary of why you might want to start working with it and how to go about that.

Frameworks and Tools For Exploring Machine Learning

Julia Evans 

Tailwind: style your site without writing any CSS!

Hello! Over the last couple of days I put together a new website for my zines ( To make this website, I needed to write HTML and CSS. Eep!!

Web design really isn’t my strong suit. I’ve been writing mediocre HTML/CSS for probably like 12 years now, and since I don’t do it at all in my job and am making no efforts to improve, the chances of my mediocre CSS skills magically improving are… not good.

But! I want to make websites sometimes, and It’s 2018! All websites need to be responsive! So even if I make a pretty minimalist site, it does need to at least sort of work on phones and tablets and desktops with lots of different screen sizes. I know about CSS and…

Awesome Ruby Newsletter 

Issue 128 - The Architecture No One Needs

Code with Jason 

Continuous Integration

As I’ve learned more and more about testing I’ve learned that there’s way more to testing than just automated tests. There are other practices which, when combined with writing automated tests, serve to make the development process smoother and improve the quality of the product the development team is working on.

One such practice is continuous integration. Perhaps the easiest way for me to explain what continuous integration (CI) is is to describe its opposite.

The opposite of continuous integration

In 2008 I worked at a higher-education software startup in Austin, Texas. As I recall it, our developers tended to work in feature branches that would live for up to a few weeks. About once a…

Drifting Ruby 

Loofah Gem – CVE-2018-16468

The Loofah gem recently had a vulnerability reported which could potentially expose your application to a Cross Site Scripting attack.

From it reads

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Since the Ruby on Rails framework depends on rails-html-sanitizer and this depends on loofah, there is a likely chance that your application is affected too.

To immediately address this issue, add this to your Gemfile.

gem 'loofah', '~> 2.2.3

Then run

bundle update loofah
Ruby Weekly 

New Bundler and Rubocop releases, plus using R and ggplot from Ruby

#423 — November 1, 2018

Read on the Web

Ruby Weekly

Building a Ruby C Extension From Scratch — While there are easier, gem-assisted ways to wrap C code from Ruby, knowing how to do this from the ground up can be handy.

Thijs Cadier

A Safer RuboCop with RuboCop 0.6 — In its new, just released version, 0.6, Ruby’s favorite code linter gains the ability to mark a “cop” as unsafe so you can pick and choose how auto corrections happen.

Bozhidar Batsov

An In-Depth Look at Ruby's Exception System — Ruby's exception system is more powerful than many people realize. This book shows you how to get the most…

Honeybadger sponsor


THE CONF - 2018 Edition Report

I am very overdue with this report as I ended up making a long trip right after the event. I apologize for that.

The main thing about this year's event was undoubtedly the increase in content quality. The Call for Papers that I released early this year was very successful, we had more than a 100 proposals posted, and I had a very tough time selecting just 28 of them. There was no appalling proposal.


After we published the website online in June, we only had 2 people that, unfortunately, had to cancel their participation because of personal matters. We hope they were able to sort out their problems. However, as I said, the event had more than enough proposals to choose. I really can't…

Passenger - Phusion Blog 

Tinkering with developer documentation: creating an ePub

Tinkering with developer documentation: creating an ePub

We launched the all new Passenger Docs last week, and were eager to hear your feedback. @deoren asked us on Twitter if we would consider making the docs available offline, too. That's a great question, and one we were dying to answer for ourselves as well.

The most popular format for offline docs is the ePub format. Rendering an ePub was something neither Floor or I had ever done. And while we were mostly worried about the maintainability and navigation of having the docs offline (the Docs rely heavily on filters), we were also curious to see if we would be able to work around this. This article aims to share some of the steps we've taken in helping you set up your own ePub docs.

Tools and…

All Ruby Podcasts by 

MRS 067: Daniel P. Clark

Panel: Charles Max Wood

Guest: Daniel P. Clark

This week on My Ruby Story, Chuck talks with Daniel Clark who is a Ruby and Rust enthusiast, blogger, and freelancer. Daniel and Chuck talk about Daniel’s background, and his past/current projects. Check out today’s episode!

In particular, we dive pretty deep on:

0.00 – Advertisement – GET A CODER JOB!

0:58 – Guest: Hi!

1:01 – Chuck: Introduce yourself real quick, please, and what are you known for?

1:08 – Guest: My blog posts – I write about about Ruby. I have a few projects that are well known: Faster Path among others. 

1:35 – Chuck: We had you on a past episode, 368 Ruby Rogues. Where do you write?

1:49 – Guest: I am a contractor…

Greater Than Code 

103: The Org You Were Born Into with Marcus Blankenship

In this episode, Marcus Blankenship talks about wanting to be in management vs. just ending up in management, the idea of organizational alignment and not agreement, defining the word “boss”, and the up/down managerial hierarchy. This episode is sponsored by Crickstart. They make organic cricket protein bars, gourmet crackers, and fruit smoothie mixes made with organically farmed crickets and other delicious wholesome ingredients. Visit and get 20% off with promo code GREATERTHANCODE! Panelists: Jessica Kerr | Jamey Hampton  | Sam Livingston-Gray Guest Starring: Marcus Blankenship: @justzeros |   Show Notes: 01:12 – Marcus’ Superpower: Helping…

Loofah XSS Vulnerability

BigBinary Blog 

Skip devise trackable module for API calls to avoid users table getting locked

We use devise gem for authentication in one of our applications. This application provides an API which uses token authentication provided by the devise gem.

We were authenticating the user using auth token for every API call.

class Api::V1::BaseController < ApplicationController
  before_action :authenticate_user_using_x_auth_token
  before_action :authenticate_user!

  def authenticate_user_using_x_auth_token
    user_email = params[:email].presence || request.headers['X-Auth-Email']
    auth_token = request.headers['X-Auth-Token'].presence

    @user = user_email && User.find_by(email: user_email)

    if @user && Devise.secure_compare(@user.authentication_token, auth_token)

Everything was working smoothly initially, but we started noticing significant reduction in the response times during peak hours after a few months.

Because of the nature of the business, the application gets API calls for every user after every minute. Sometimes the…

Search Results for “ruby” – via @codeship 

How CloudBees CodeShip Basic Can Set Up Ruby on Rails Projects

Reading Time: 5 minutes

When it comes to development – in general – we want to write fast and effective code and deploy without any defects. Testing the code we write manually and then having to save the sha, and then merge the commits, and then hit the deploy button using the sha again; this makes the process to production – long and defective – slow. Using some sort of development pipeline logic can make this process quick and effective communicating with providers creating continuous integration (CI).

Let’s say that you’re building a company and your engineering team is expanding – and you now feel it is time to automate the process of testing and deploying with constraints built in to…


How to Check If a Variable is Defined in Ruby

Ruby has this defined? keyword that helps you check if a variable is defined or not. If the variable exists you’ll get its type: apple = 1 defined?(apple) # "local-variable" If it doesn’t you’ll get nil: defined?(bacon) # nil This is like Javascript’s typeof operator. If you want to know the class of an object […]

The post How to Check If a Variable is Defined in Ruby appeared first on RubyGuides. Don't miss your free gift here :)

Ruby Magic by AppSignal 

Building a Ruby C Extension From Scratch

In this edition of Ruby Magic, we’ll show you how to use code written in C from Ruby. This can be used to optimize performance sensitive parts of your code or to create an interface between a C library and Ruby. This is done by creating extensions that wrap libraries written in C.

There are a lot of mature and performant libraries written in C. Instead of reinventing the wheel by porting them we can also leverage these libraries from Ruby. In this way, we get to code in our favorite language, while using C libraries in areas where Ruby isn’t traditionally strong. At AppSignal, we’ve used this approach in developing the rdkafka gem.

So let’s see how one can approach this. If you want to…

RubyMine Blog 

Running Tests in RubyMine: Overview & Improvements

RubyMine comes with a testing suite for running RSpec, Minitest, Cucumber, and other tests based on your current context, and working with them in a friendly graphical user interface. Let’s see how it works in the following example.

Run Tests

Once your database and test environment are all set up, you can run all tests in your application, directory, or file, or even run any specific test. Simply navigate to the desired scope, and choose Run test(s)… from the context menu. Alternatively, use the keyboard shortcut Ctrl+Shift+R on Mac or Ctrl+Shift+F10 on Linux/Windows:

When you run a test in RubyMine for the first time,…

Drifting Ruby 

Setting the Name in From Emails in Ruby on Rails

Sending emails in Ruby on Rails is pretty simple and it is something that we often do not give much thought about if the emails are received. However, attention to detail is important.

I too fell into this trap where I never took notice to the Name that was being displayed on emails that were being generated. Looking back, the name on each of the email addresses were showing up as support.

I started to investigate where this mixup was. I tried manually sending the email from my mail client and it came through properly. Since the emails are being sent through Amazon SES, I looked in there since I had initially verified the email address through there.

This led me to look into my application…

Engine Yard Blog 

Jekyll and Engine Yard: A Match Made in The Clouds

Blogging is without a doubt the most important way to get your ideas out to the world, whether your personal take on a recently released album or your professional word on the latest updates to various products from your organization. While social media pushes our concepts out in small bursts, a blog is more of a time tested method for putting our thoughts on record for our users, our readers, and our customers to understand. A blog is still the non-ephemeral placeholder of concepts, and therefore remains a necessary for the modern company.

Ruby Pigeon 

Forms—Comparing Django to Rails

This article is a short study in web application design. We will be comparing Rails to Django, using a simple web form as an example.


Let’s begin with some typical Rails code.

# A model, with a custom validation
class Post < ApplicationRecord
  validate :body_includes_title

  def body_includes_title
    unless body.include?(title)
      errors.add(:base, 'Body must contain title')

# A controller for rendering a form, and handling its submission
class PostsController < ApplicationController
  before_action :set_post

  def edit

  def update
    if @post.update(post_params)
      redirect_to @post
      render :edit


<%# A view that renders the form, displaying errors per-field %>
<%= form_for(@post) do |f| %>
  <%= @post.errors[:base].full_messages %>
  <%= f.text_field :title %> <%= @post.errors[:title].full_messages %>
  <%= f.text_area :body %> <%= @post.errors[:body].full_messages %>


Here is the same functionality, translated into Django.

Disclaimer: I am not a Django developer, so take this implementation with a grain of salt.

from django.db import models
from django import forms
from django.shortcuts imp…

Understanding The Differences Between Puts, Print & P

There are many ways to print something in Ruby. Here are the most useful: puts print p But how are these different? And when should you use one or the other? That’s what you’re going to learn in this article! How to Print Without A Newline When you want to print something on the screen […]

The post Understanding The Differences Between Puts, Print & P appeared first on RubyGuides. Don't miss your free gift here :)

Notes to self 

Building auto login for fast Rails development with Sorcery

Login as various users during development can become pretty annoying especially since it’s very difficult to remember all of the passwords across users or apps. If your app authentication happen to be built with Sorcery here’s is a very easy and straightforward way how to implement auto login.

First we need a new route:

# in routes.rb

if Rails.env.development?
  get 'autologin/:id', to: 'sessions#autologin', as: 'autologin'

Restricting to development environment is important security wise although there might be cases when you want to do auto login in different environment. Good option is also to go with an environment variable.

I am adding the autologin method to SessionsController

Julia Evans 

When does teaching with comics work well?

I’m speaking at Let’s sketch tech! in San Francisco in December. I’ve been thinking about what to talk about (the mechanics of making zines? how comics skills are different from drawing skills? the business of self-publishing?). So here’s one interesting question: in what situations does using comics to teach help?

comics are kind of magic

The place I’m starting with is – comics often feel magical to me. I’ll post a comic on, for instance, /proc, and dozens of people will tell me “wow, I didn’t know this existed, this is so useful!“. It seems clear that explaining things with comics often works well for a lot of people. But it’s less clear which situations comics are useful in! So this…

Julia Evans 

New zine: Oh shit, git!

Hello! Last week Katie Sylor-Miller and I released a new zine called “Oh shit, Git!”. It has a bunch of common git mistakes and how to fix them! I learned a surprising number of things by working on it (like what HEAD@{2} means, and that you can do my-branch-name@{2} to see what a branch was previously pointing to, and more ways to use git diff)

You can get it for $10 at Oh shit, git! or a swear-free version at Dangit, git!. Here’s the cover and table of contents: (you can click on the table of contents to make it bigger).

why this zine?

I’ve thought for a couple of years that it might be fun to write a git zine, but I had NO IDEA how to do it. I was in this weird place with git…

Julia Evans 

Some Envoy basics

Envoy is a newish network proxy/webserver in the same universe as HAProxy and nginx. When I first learned about it around last fall, I was pretty confused by it.

There are a few kinds of questions one might have about any piece of software:

  • how does do you use it?
  • why is it useful?
  • how does it work internally?

I’m going to spend most of my time in this post on “how do you use it?”, because I found a lot of the basics about how to configure Envoy very confusing when I started. I’ll explain some of the Envoy jargon that I was initially confused by (what’s an SDS? XDS? CDS? EDS? ADS? filter? cluster? listener? help!)

There will also be a little bit of “why is it useful?” and nothing…

Schneems - Programming Practices, Performance, and Pedantry 

Blockwalk for Beto: Enter to win my Technical Time

Today I have an unusual proposition for you. I’m spending a bunch of time to try to get Beto elected to Texas Senate, so I’ve not been able to write as much technical content. Rather than slow down on my door knocking, I’m looking to pick up the pace, and I want you to do it with me. Starting today, I’m offering anyone who phone banks or “block walks” (knocks on doors) the opportunity to win some of my technical time. Here’s how it’s going to work.


kramdown 2.0 and beyond

The kramdown project has become an umbrella project for many parsers, converters, math engines, … It is time to split things apart to make them more manageable and have faster release cycles.

Once kramdown was really a pure-Ruby Markdown-superset conversion library. Nowadays, it includes many extensions that rely on Ruby gems with C extensions or even on other programming languages like NodeJS. This makes updating and testing kramdown more time intensive since one has to install and manage all dependencies – and as we all know, NodeJS loves dependencies…

Therefore starting with release 2.0 the core kramdown gem will be reduced to a meaningful subset of extensions, and all other extension…

The Bike Shed 

175: Tell Me When It's Real

On this episode of the Bike Shed, Chris is joined by Josh Clayton, thoughtbot's managing director in our Boston studio. Chris and Josh spend the episode discussing the various patterns and trends they see in the world of web development. Specifically, they touch on server side frameworks like Ruby on Rails and Phoenix in the Elixir world. In addition, they discuss a variety of front end trends including the move towards typed languages like ReasonML, TypeScript, Elm, PureScript, and Scala.js, as well as frameworks like React, Ember, Angular, and Vue.js.

Awesome Ruby Newsletter 

Issue 127 - Introducing Yabeda: Modular framework for instrumenting Ruby applications

Code with Jason 

How to See Your Feature Specs Run in the Browser

When you write feature specs you can either have them run headlessly (i.e. invisibly) or not-headlessly, where you can actually see a browser instance being spun up and see your tests run in the browser.

I might be in the minority but I prefer to see the tests run in the browser, especially when I’m in the process of developing the tests.

Non-headless test running can be enabled with the following two steps.

First, add this to spec/rails_helper.rb:

Capybara.default_driver = :selenium_chrome

Then add these gems to the Gemfile:

group :development, :test do
  gem 'selenium-webdriver'
  gem 'chromedriver-helper'

And don’t forget to run bundle install.

Now, when you run your tests, they…

OmbuLabs Blog 

Upgrading a Rails Application from 2.3 to 4.2 with Neomind Labs

We recently spoke with Ryan Findley, Principal at Neomind Labs. We worked with his team to execute a Rails upgrade from 2.3 to 4.2 on one of their applications.

Ernesto: Thank you for taking the time to talk to us. To start out, what did you like about our Rails upgrade process?

Ryan: Big picture, it was great that you guys handled the upgrade. Doing something like this in-house, there can be a lot of back and forth, especially when you are dealing with upgrading an old version of Rails. There can be a lot of “what should we do in this case” and “what should we replace this code with”, and these decisions can take up a lot of time.

Ernesto: Definitely. The experience of having done so…

Code with Jason 

Factories and Fixtures in Rails

One necessity of automated testing is having some data to test with. There are three ways I know of to generate test data in Rails:

  • Manually
  • Fixtures
  • Factories

All three can be viable solutions depending on the situation. Let’s first explore manual creation.

Manual data creation

Manual data creation can be convenient enough if you only have a few attributes on a model and no dependencies. For example, let’s say I have a PaymentType model with just one attribute, name. If I want to test both valid and invalid states, that’s easy:

valid_payment_type = 'Visa')
invalid_payment_type = '')

But now let’s say we have the idea of an Order which is made…

Passenger - Phusion Blog 

We just launched the new Passenger Docs

We just launched the new Passenger Docs

We're archiving the Passenger 'Library', in favor of the industry standard 'Docs'. Docs however, is just the same Library, but updated, rerouted and regrouped for better discoverability and better flow.

Recurring feedback was that navigating through the Library was 'hard'. With some restructuring, a better search engine and an overall improved UX we hope you'll have an easier time finding what you’re looking for. Coincidentally we get to keep our Docs lean and maintainable.

We know a redesign can be troublesome for those who already spent time with the old documentation, especially with busy schedules that don’t allow for immediate exploration. That’s why we are keeping the Library up, and…

Ruby Weekly 

Yabeda: A Modular Framework for Instrumenting Ruby Apps

#422 — October 25, 2018

Read on the Web

Ruby Weekly

Yabeda: A Modular Framework for Instrumenting Ruby Apps“Adopt metrics-driven development with an extendable framework that supports Rails, Sidekiq, and Prometheus out of the box.” There’s a lot to dig into here.

Evil Martians

Distributed Cron for Rails Apps with Sidekiq Scheduler — This is a nice article on what has to be a common issue in larger applications that have background jobs.


Scaling Out Multi-Tenant Rails Apps on Postgres, the Citus Way — The activerecord-multi-tenant Ruby gem is Lukas’s recommended gem if you want to…

Blog About Web & Mobile App Development, Product Management, And IoT · Monterail 

How to Use Repository Pattern with Active Record— Ruby on Rails Development

Remember the story of tech leading a project in fours acts? It was a motivational (hopefully!) story about delivering a project and my experience with being a tech lead. It was focused around repositories helping us move all ActiveRecord calls into single files (per model or context). Although I provided some insights on what we did code-wise, I feel like it lacked a FULL technical explanation how it helped exactly. And it bore hard on me. After all, I’m a developer and I couldn’t let that knowledge-sharing opportunity slip away. Besides, looking back, I’ve noticed a couple of shortcomings in the presented solution. So, let me update the story with some tech meat and guide you…

Bundler Blog 

Announcing Bundler 1.17.0

The Bundler team is excited to announce Bundler v1.17.0, our next feature-packed release! Most of the changes in this release are the result of the work from our wonderful contributors whom we would like to thank. ❤️

Here are a few features we want to highlight:

Remove gems from the CLI

We’ve added a new command called remove that allows you to remove gems from the command line. Here’s a quick example:

# Gemfile
source ''

gem 'rake'
gem 'json'

We can now remove a gem using bundle remove:

$ bundle remove json
Removing gems from Gemfile
json was removed.

Bundler will then remove the json gem from the Gemfile. There also is an --install option that will run bundle…

Pat Shaughnessy 

Summer School With The Rust Compiler

A few months ago, I saw this tweet from Steve. I’m not even sure what “derridean” means, but now the image of an insane coach pops into my head every time I try to write Rust code.

Learning Rust is hard for everyone, but it’s even worse for me because I’ve been working with Ruby during past ten years. Switching to Rust from Ruby is leaving an anything-goes hippie commune to a summer school for delinquent programmers run by a sadistic and unforgiving teacher.

Why would anyone use a compiler like this? The answer is simple: to learn how to write better code. This past summer I had some free time and decided to convert a simple Ruby script into…

Notes to self 

Creating accessible visual select in pure JavaScript without dependencies

How to create a visually more appealing select in pure JavaScript without any framework.


Let’s imagine we need a visual select that allows users to click on images or text tags for selecting multiple countries/hobbies/tags. We can put a classic HTML <select> tag to do the job, but we want to delight the users with a more appealing visual selecting where we directly click on the options to select or deselect them. Also we might want to provide a simple input filter if there are too many options to display. On top we want this to be a general, accessible and maintainable solution.


To solve the problem we start with general HTML that works and can be used in case the…

Ruby on Rails – 

`ActiveSupport::ArrayInquirer` and even more Rails magic

In the previous article, we dived into ActiveSupport::StringInquirer class and superpowers it gives to String objects.  After I had published that article I decided to take another look at the ActiveSupport module and to my surprise, I found something even more interesting, ActiveSupport::ArrayInquirer class. If you read the previous article you might have already guessed what ArrayInquirer does. Directly speaking, it gives superpowers to Array objects. What does

The post `ActiveSupport::ArrayInquirer` and even more Rails magic appeared first on

BigBinary Blog 

Ruby 2.6 Range#cover? now accepts Range object as an argument

This blog is part of our Ruby 2.6 series. Ruby 2.6.0-preview2 was recently released.

Range#cover? returns true if the object passed as argument is in the range.

=> true

Range#cover? returns false if the object passed as an argument is non-comparable or is not in the range.

Before Ruby 2.6, Range#cover? used to return false if a Range object is passed as an argument.

>> (1..10).cover?(2..5)
=> false

Ruby 2.6

In Ruby 2.6 Range#cover? can accept a Range object as an argument. It returns true if the argument Range is equal to or a subset of the Range.

=> true

=> true

=> false


Here is relevant commit and discussion for this change.


How to Use RSpec Mocks (Step-By-Step Tutorial)

What is a mock in RSpec? (Or a mock in general, because this isn’t a concept unique to RSpec.) A mock is an object used for testing. You use mocks to test the interaction between two objects. For example: You’re writing an API that flips images. Instead of writing your own image-manipulation code you use […]

The post How to Use RSpec Mocks (Step-By-Step Tutorial) appeared first on RubyGuides. Don't miss your free gift here :)

All Ruby Podcasts by 

MRS 066: Nassredean Nasseri

Panel: Charles Max Wood

Guest: Nassredean Nasseri

This week on My Ruby Story, Chuck talks with Dean who is a senior software engineer at VTS, Inc. in New York City. Dean uses Ruby and is an advocate for the software. He and Chuck discuss his background, current projects, and more!

In particular, we dive pretty deep on:

1:00 – Dean: Hi, Everyone!

2:07 – Chuck: E363 of Ruby Rogues is your past episode.

1:13 – Dean: I am a Ruby developer and out in NY City. I have been developing Ruby for the past 6 years now.

1:42 – Chuck: What made you want to do something like Fir?

1:50 – Dean: I love developing developer tools and using something that I can use in my day-to-day work – I like that.…


Announcing Hanami v1.3.0

Hello wonderful community!

Today we're happy to announce v1.3.0 stable release 🙌.

Release 😻

The 1.3 series is a preparatory work for 2.0.

We care a lot about Semantic Versioning and to make the upgrade as smooth as possible for the next major release. This is why we took the change to focus only on stability and to introduce enhancements to ease the upgrade.

RSpec is the new default testing framework 🏆

Back in the days, when I started Hanami (which used to be known as Lotus), the choice about the default testing framework fell on Minitest because it's lightweight and feels more rubyish (if this is a thing). I used a lot…

Greater Than Code 

102: Sticky in the Flow with Katrina Owen

In this episode, Katrina Owen talks about organization and systematization, motivation by success, and how her past experience in training for circus is parallel to her career in software development. Panelists: Coraline Ada Ehmke | John K. Sawers  | Janelle Klein | Sam Livingston-Gray Guest Starring: Katrina Owen: @kytrinyx | | Greater Than Code Episode Episode 008: 99 Bottles of OOP with Sandi Metz and Katrina Owen Show Notes: 01:29 – Katrina’s Superpower: Organizing and Systematizing 09:44 – Motivation by Success The 5 Second Rule | Mel Robbins Procrastination | Mel Robbins 18:04 – Trust and Code Review 27:04 – Systematizing and Refactoring 30:54 –…

How to Read & Parse CSV Files With Ruby

CSV stands for “Comma-Separated Values”. It’s a common format for exporting & importing data. For example: You can export your Gmail contacts as a CSV file, and you can import them using the same format. This is what a CSV file looks like: id,name 1,chocolate 2,bacon 3,apple 4,banana 5,almonds Now you’re going to learn how […]

The post How to Read & Parse CSV Files With Ruby appeared first on RubyGuides. Don't miss your free gift here :)

Ruby Tuesday 

Issue #14

Welcome after the summer break!

  • Good time are coming for Ruby on serverless infrastructure. In September support for Ruby on Apache OpenWhisk was announced. But we already have another option: FaaStRuby. It’s a platform designed specifically for Ruby language, it’s still young, but growing fast. For example, last weekend a support for cron-like jobs was added – something that is missing in even more mature platforms, such as OpenFaaS.
  • If you really hate JavaScript and love Ruby, you can use the latter for writing frontend too! There is a project called Hyperstack that allows you to write frontend applications using quite ugly Ruby DSL. It is then compiled via Opal to some ReactJS,…
BigBinary Blog 

Rails 5.2 adds DSL for configuring Content Security Policy header

This blog is part of our Rails 5.2 series.

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate various types of attacks on our web applications, including Cross Site Scripting (XSS) and data injection attacks.

What is XSS ?

In this attack, victim’s browser may execute malicious scripts because browser trusts the source of the content even when it’s not coming from the correct source.

Here is our blog on XSS written sometime back.

How CSP can be used to mitigate and report this attack ?

By using CSP, we can specify domains that are valid sources of executable scripts. Then a browser with CSP compatibility will only execute those scripts that…

Notes to self 

Debugging silently failing compilation aka Webpacker can’t find application.js in public/packs/manifest.json

Webpacker can pretend everything went smooth with the compilation… until one loads a page with javascript_pack_tag helper.

I was deploying a new version of one application that included latest pre-release of Webpacker to production and it failed with:


Webpacker can't find application.js in .../app/public/packs/manifest.json. Possible causes:
1. You want to set webpacker.yml value of compile to true for your environment
   unless you are using the `webpack -w` or the webpack-dev-server.
2. webpack has not yet re-run to reflect updates.
3. You have misconfigured Webpacker's config/webpacker.yml file.
4. Your webpack configuration is not creating a…
Code with Jason 

Why “Users Don’t Care About Code” is a Harmful Saying

I’ve heard it said a lot of times that “users don’t care about code“. Along with things like “perfect is the enemy of the good”, this saying falls under the category of technically true, but unhelpful.

In order to understand why this saying is harmful, let’s dissect it. When people say “users don’t care about code”, what’s the meaning behind it? Here’s what I think they’re trying to communicate:

Jason, don’t waste time perfecting the code, which users won’t ever see. Users don’t care how clean or modular or whatever your code is. User only care that the product does what they need it to do. So please, be reasonable. Focus on the part of the work that really matters.

On the surface this…

All Ruby Podcasts by 

RR 385: “Ruby/Rails Testing” with Jason Swett


  • Dave Kimura
  • Eric Berry
  • Nathan Hopkins
  • David Richards

Special Guest: Jason Swett

In this episode of Ruby Rogues, the panel talks with Jason Swett who is a host of the podcast show, Ruby Testing! Jason also teaches Rails testing at He currently resides in the Michigan area and works for Ben Franklin Labs. Check-out today’s episode where the panelists and the guest discuss testing topics.

Show Topics:

0:00 – Sentry.IO – Advertisement!

Check out the code: DEVCHAT @

1:07 – I am David Kimura and here is the panel! Tell us what is going on?

1:38 – Jason: I started my own podcast, and have been doing that for the past few months. That’s one thing.…

Test Double | Our Blog 

My first talk in Spanish

This was originally posted at

My first talk in Spanish

This week I'll be giving a talk at NodeConf Argentina. It's going to be my first time giving a talk in Spanish. That's a huge deal for me, and it's all thanks to my friend Raul. Thanks to him, I've come to see creating content in Spanish as a responsibility I have to the Latin American development community.


This story starts in 2016, when I met Raul in Uruguay. We were both there to give our first international talks at JSConf Uruguay. As a Colombian and a Venezuelan, we had a lot in common to talk about and became friends quickly.

The conference offered to let us do our talks…

The Thoughtnotes | Ruby 

Lightweight multi-threaded Ruby application

We’re used to thinking of Ruby web applications being something slow, big and heavy like an elephant, but today let’s peek the opposite: the world of small pure Ruby web application capable of processing incoming data in the background.


Consider a tiny Ruby application providing a simple REST API for collecting structured messages and saving them into a database. We will not be using Rails for it, we’re going to keep it as lightweight as possible. It will be based on Rack and use Puma as a web server. Let’s sketch the key points of its algorithm:

  1. Wait for incoming request
  2. Extract data from request
  3. Save data into database

The most time-consuming stage here is step…

Martian Chronicles, Evil Martians’ team blog 

Meet Yabeda: A Ruby instrumentation framework

Author: Andrey Novikov, Back-end Developer at Evil Martians

Adopt metrics-driven development today with a drop-in open source framework and a family of gems that makes instrumenting Ruby web applications a breeze and works with Rails, Sidekiq, and Prometheus out of the box. Learn how Yabeda changed the way we monitor background jobs in one of the products we develop for eBay and adapt it to your own use case.

In our previous article dedicated to instrumenting Rails applications with Prometheus, we urged everyone to embrace a “metrics-driven development” mindset that will make your (and everyone’s on your team) life easier after an application is deployed to production.

We shared a…

Code with Jason 

“Perfect is the Enemy of the Good” is a False Dichotomy

“Perfect is the enemy of the good” is a very true and helpful saying that’s often applied to creative work.

For example, if I fret over the wording of a blog post and hesitate to hit publish because my writing isn’t perfect, then I’ve prevented myself from releasing value into the world. Better to just publish something that’s pretty good and get it out there.

But “perfect is the enemy of the good” is an egregiously counterproductive mindset in the context of software projects.

The reason is that it’s a false dichotomy. Software projects are always behind. All development teams are always under extreme time pressure. Practically every production codebase in existence is a crappy legacy…

The Miners - Medium 

Scalable frontend #1 — Architecture

Scalable Frontend #1 — Architecture Fundamentals

How can your frontend benefit from software architecture?

The two most common meanings of the word scalability regarding software development are related to the performance and the maintainability of the codebase over time. You can have both of them, but focusing on good maintainability will make it easier to tweak the performance without affecting the rest of the application. Even more so on the frontend, where we have an important difference from the backend: the local state.

In this series of posts, we’re going to talk about how to develop and maintain a scalable frontend application with real-life tested approaches. Most of our examples will…

Passenger - Phusion Blog 

Pair programming before and after Visual Studio Code

Pair programming before and after Visual Studio Code

In the past when members of the Phusion dev team have needed to do pair programming (or debugging) remotely, we would use the screensharing functionality of (and Skype before that). However the CPU usage of both of these applications when sharing your screen (as well as the bandwidth requirements) were excessive and slowed down the actual work being done.

Recently when debugging an issue with Passenger that I wasn’t able to reproduce in my testing environment, we used Visual Studio Code's Live Share Extension for the first time. At the behest of Hongli, I installed VSC (which being an Electron app, and inherently slow, was previously deliberately absent from my system), and the…

Passenger - Phusion Blog 

Debugging Docker

Debugging Docker

Recently a bug was fixed in Passenger which caused the OOM score adjustment to be inherited by processes spawned by Passenger (your web app). In effect the OOM score adjustment applied to Passenger's Watchdog1 process would not be reset in the Passenger Core, and then they would be inherited by the individual app processes that Passenger started.

This was especially problematic because the languages that Passenger currently supports are all high level interpreted and garbage collected scripting languages, which can easily use a lot of memory if you aren't careful, and the operating system wouldn't be able to kill the process to reclaim that memory. I had looked into this issue, and hadn't…

Kir Shatrov 

Capacity planning for web applications

Lately, I’ve been looking into capacity planning at work which is the area that I’ve never known about much. In the last couple of months, I went from “I have no idea” stage into “ok, I think I know how it works”. There’s still a lot for me to learn but I wanted to write this post for a three month ago version of myself with a recap of all my findings. Hope it will be useful for others.

There’s a lot of talk about the growth in tech, though I haven’t seen many discussions around planning that growth from the engineering point of view. How do you know if the number of application servers that you run is enough? Or if it’s way too high and you’re wasting money? Or what if you have an…


How to Use Ruby Any, All, None & One

Today you’ll learn about 4 Enumerable methods that will help you check a conditional statement against an array of elements, a hash, or any other objects that include the Enumerable module. These 4 methods return either true or false. Let’s do this! Ruby All Method If you want to check if all the strings inside […]

The post How to Use Ruby Any, All, None & One appeared first on RubyGuides. Don't miss your free gift here :)

ruby – Bibliographic Wilderness 

Ruby Magic helps sponsor Rubyland News

I have been running the aggregator for two years now, as just a hobby spare time thing. Because I wanted a ruby blog and news aggregator, and wasn’t happy with what was out there then,  and thought it would be good for the community to have it.

I am not planning or trying to make money from it, but it does have some modest monthly infrastructure fees that I like getting covered. So I’m happy to report that Ruby Magic has agreed to sponsor for a modest $20/month for six months.

Ruby Magic is an email list you can sign up for for occasional emails about ruby. They also have an RSS feed, so I’ve been able to include them on for some time.  I find their…

bogdanvlviv / Bogdan 

minitest-mock_expectations 1.0.0 released


A few months ago, utilum and me(bogdanvlviv) were working on removing Mocha from Rails. See our work in rails/rails#33162, and related pull requests The main reason for removing this as mentioned in the Mocha’s file is that “Mocha is currently not thread-safe”.

There were lots of Mocha’s mocks and stubs in the Rails’s tests, so we needed to replace all of them. We replaced some stub-objects with Ruby classes, Mocha’s #stubs method replaced with minitest’s #stub method, added new, and used already existed custom method call assertions.

I thought these “method call assertions” could be useful for the Ruby community, so I…

Passenger - Phusion Blog 

Livestreaming from Phusion HQ: adding a major feature to Passenger

Livestreaming from Phusion HQ: adding a major feature to Passenger

We're excited to announce that we'll be streaming a coding session. It will take place on November 1, 5 PM UTC.

  • 6 PM CET / 1 PM EDT / 10 AM PDT
  • Use Worldtime Buddy for conversion to your local timezone.

The livestream is free for everyone to join.

Generic Language Support implementation live stream
Nov 1st, 5 PM UTC
YouTube Live

How we're going to support every app

Back in 2008 I created the Passenger app server because Rails deployment was hard. Fast-forward 10 years, add the rise of countless other languages, frameworks and the containerization of apps and you'd be right to claim that in 2018 DevOps is hard.

Supporting all arbitrary programming languages ('Generic Language…

Appfolio Engineering 

QA at Appfolio

TLDR: An ongoing exercise of preventing issues before they become bugs.

Depending on your prior experience with Software Quality Assurance, your perception about what QA is responsible for in the Software Development Life Cycle might range from “What is QA?” to “They are testers”. When it comes to asking the question “at what point of the SDLC does QA get involved?”, all too often organizations rely on the “ready for QA” mindset to dictate when their QA team member is thought of or brought into the mix.  At times, QA might be added at the end of the process -- like frosting on a cake. But, that cake might have questionable cake interior under that questionable frosting!

Awesome Ruby Newsletter 

Issue 126 - Gradual Typing of Ruby at Scale