Rubyland

news, opinion, tutorials, about ruby, aggregated
Sources About
Short Ruby Newsletter 

Short Ruby News - Edition #81

A Monday summary of the articles, discussions, and news from the Ruby community
Write Software, Well 

Announcing: Rails Companion - Build a WebApp in Ruby Without Rails

Announcing: Rails Companion - Build a WebApp in Ruby Without Rails

Last year, I started writing a series of articles called Ruby no Rails on building a web application in Ruby, without using the Rails framework.

Part of the reason was to understand how frameworks like Ruby on Rails work. Like what really happens when your application receives a request? How does it invokes an action on a controller? How does it create the view? What? How? When? Why? So many questions...

Another reason was to demystify some of the magic that's typically associated with Rails, and try to explain in simple words the fundamentals of web applications, like HTTP, controllers, views, middleware, routing, and much more.

In all, I wrote 8 posts, and they were received very well by the…

a-chacon 

Exploring the Possibilities of WebAssembly: Ruby in the Browser

WebAssembly (abbreviated as Wasm) is a binary instruction format designed to be interpreted by stack-based virtual machines.
Drifting Ruby Screencasts 

Streaming LLM Responses

In this episode, we look at running a self hosted Large Language Model (LLM) and consuming it with a Rails application. We will use a background to make API requests to the LLM and then stream the responses in real-time to the browser.
Tom Dalling 

High Performance Requires Process

Processes are a prerequisite for high-performance in software engineering teams due to their ability to amplify the skill of the team. I believe there exists no team, given that there is little to no process to begin with, whose performance could not be improved by adding appropriate process.

RubySec 

CVE-2023-51774 (json-jwt): json-jwt allows bypass of identity checks via a sign/encryption confusion attack

The json-jwt (aka JSON::JWT) gem versions 1.16.5 and below sometimes allows bypass of identity checks via a sign/encryption confusion attack. For example, JWE can sometimes be used to bypass JSON::JWT.decode.
Mike Perham 

Serializing Ruby datatypes in JSON

Ruby’s JSON library allows you to convert Ruby datatypes into a JSON document, as long as those types are native to JSON: String, bool, int, float, nil, Hash and Array. Everything else converts to a String by default; if you use any other core datatypes, they will not survive a JSON.generate/JSON.parse round trip. Here I pass a Range, Symbol and Time; notice how the end result is three Strings instead of the actual types:
Write Software, Well 

What Does the Frozen String Literal Comment Do in Ruby?

What Does the Frozen String Literal Comment Do in Ruby?

When working with Ruby programs, you must have come across the following comment at the top of the file:

# frozen_string_literal: true

print "Let's learn Ruby on Rails"

# frozen_string_literal: true is a magic comment in Ruby, which tells the Ruby interpreter that all the string literals must be frozen and memory should be allocated only once for each string literal.

💡
What's a magic comment?

A magic comment is a special type of comment in Ruby that's defined at the top of the Ruby script. It affects how the Ruby code is executed. You can think of them as "directives" or "instructions" for the Ruby interpreter.

Magic comments must always be in the first comment section in the file. Their scope…
naildrivin5.com - David Bryant Copeland's Website 

Methods Don't Succeed our Fail: they Have Outcomes

On Matstodon, Peter Solnica posted some Ruby pattern-matching code, asking what Rails devs think about it. While pattern matching is interesting, I think I still prefer if statements based on return objects. But, I also think the “success/failure” dichotomy is unnecessary, confusing, and often a modeling error.

Peter’s code example is as follows:

def create
  create_user = Commands:: CreateUser.new

  case create_user.call(params[:user].to_unsafe_h)
  in Success(User => user)
    redirect_to users_url, notice: "User was successfully created."
  in Failure(user: user, errors: errors)
    render :new, locals: 1 user: user, errors: errors }
  in Failure(type: :exception, reason: :database

In follow up comments, there were ideas expressed that the method “succeeded or had various failures”, or that you can in theory compose such results and execute more logic only on success.

I find that treating both “the…

Alchemists - Articles 

XDG Base Directory Specification

Cover
XDG Base Directory Specification

The XDG Base Directory Specification defines an organized folder and file structure for applications to store associated user configuration, cache, data, state, and runtime information on UNIX-like systems. This allows for consistency across different programs and desktops. Consistency is key because, without the specification, we end up with messy and disorganized dotfiles.

The goal of this article is to explain what XDG Base Directory Specification is, why the specification is important, and how you can make use of it.

History

Version 0.1.0 of the…

Ruby Rogues 

Revolutionizing Ruby Deployment with Falcon Web Server and Async Concurrency Framework - RUBY 627

Samuel Williams is a Ruby Core Committer and the creator of Async & Falcon. They delve deep into the technical intricacies of Falcon, a cutting-edge application container that leverages the Async gem for event-driven concurrency. Additionally, they discuss the challenges and triumphs of deploying Ruby applications with Falcon and share insights into the evolution of async programming in Ruby. From the nitty-gritty of platform internals to the fascinating integration of async job execution in Rails, this episode is a must-listen for developers seeking to unravel the complexities of modern software deployment and concurrency.


Sponsors


Links

Ruby on Rails 

Added fixture method and bugfixes

Hi, Wojtek from this side. Let’s explore this week’s few changes in the Rails codebase.

Rails security update releases
Rails Versions 6.1.7.7, 7.0.8.1, and 7.1.3.2 have been released last week which contain fixes for security issues.

Expose a generic “fixture” method in tests
To avoid conflicting methods, in example with Minitest, it is possible now to load fixtures like this:

assert_equal "Ruby on Rails", web_sites(:rubyonrails).name
assert_equal "Ruby on Rails", fixture(:web_sites, :rubyonrails).name

Introduce assert_initializer
Compliments the existing initializer generator action.

Set default_url_options values in development/test environments
Prior to this commit, new Rails…

Awesome Ruby Newsletter 

💎 Issue 406 - 🌸 Hanami 2.1: Views that are a sight to see

Gusto Engineering - Medium 

Optimizing R&D Tax Credits

Accelerating Operations Through Automated Data Loading and Population with Optical Character Recognition (OCR)

Traditionally, R&D Tax Credits has been operationally intensive. Gusto leads the way in simplifying access to these credits for small and medium-sized businesses (SMBs) through automated, self-service solutions. To ensure compliance with IRS standards, we request relevant documentation from our customers, including business owners and accountants, regarding their business operations.

Problem: The human cost

For our Operations team, extracting and populating crucial data from provided documents demands a substantial amount of time when serving our customers.

This includes information…

Ruby Weekly 

Sidekiq, under the hood

#​692 — February 29, 2024

Read on the Web

Ruby Weekly

The Art of Forking: Unlocking Scalability in RubyKarafka (a Ruby processing framework for Apache Kafka) requires concurrency and parallelism, which can present challenges in Ruby. The explanations here of how Karafka uses Ruby’s constructs is informative and shows that you don’t necessarily need to use another language to address issues of concurrency.

Maciej Mensfeld

How Does Sidekiq Work?Sidekiq is the most heavily used background job system in the Ruby space, and this post digs into how it works, its architecture, and what’s going on under…

Test Double 

How to calculate the real ROI of offshore consulting

Ever wondered if offshore software consulting could be a magical shortcut to solve your software issues without burning a hole in your budget?

Offshore development centers are now sprawled across China, Malaysia, Pakistan, the Philippines, Mexico, Chile, and beyond. The promise: low-cost services from an army of programmers.

But is it truly a budget-friendly savior?

The price tag on software development goes far beyond the developers’ hourly rate. There’s the cost of time spent on communication, management, and approvals. There’s the quality of the software developed, the time it takes to develop and its impact on the business objectives. The maintenance costs required to support the…

RubySec 

CVE-2024-27285 (yard): YARD's default template vulnerable to Cross-site Scripting in generated frames.html

### Summary The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. ### Details The vulnerability stems from mishandling user-controlled data retrieved from the URL hash in the embedded JavaScript code within the "frames.erb" template file. Specifically, the script lacks proper sanitization of the hash data before utilizing it to establish the top-level window's location. This oversight permits an attacker to inject malicious JavaScript payloads through carefully crafted URLs. Snippet from "frames.erb": ```erb …
Evil Martians 

The complete guide to multi-tenant SaaS, part 1: collaboration

Authors: Anton Lovchikov, Sr. Product Designer, Irina Nazarova, CEO, and Travis Turner, Tech EditorTopics: Business, Full Cycle Software Development, Product Design

An experience-backed overview on adding a multiplayer/multi-tenant SaaS mode to an existing product with a focus on collaboration: conflict resolution, history management, and offline modes.

Until recently, realtime collaboration was just this shiny new thing: some of our consulting clients wanted it, but it was expensive to implement and the payoff wasn’t always crystal clear to them. In any case, the projects we had that saw us implementing collaborative features inspired us enough to go deep into building realtime tooling (see…

The Ruby on Rails Podcast 

Episode 509: The Future Of Ruby Central with Adarsh Pandit

Recently, Ruby Central named a new executive director, Adarsh Pandit. Ruby Central has been a force in the Ruby community for years, organizing conferences and contributing to the community. The recent changes in governance have led t some exciting things on the horizon. Adarsh joined the show to talk about what's going to happen with Ruby Central in 2024.

Show Notes
Ruby Central Website - https://rubycentral.org/
Ruby Conf Musical Number Video - https://www.youtube.com/watch?v=8WhbX6dS6x0
RubyConf Recap Survey Results - https://rubycentral.org/p/c9897883-2135-4704-b53a-a4111ca272f3/
Ruby Central Get Involved Page - https://rubycentral.org/leadership/
Ruby Central contact page - c…

Test Double 

Running Rails on AWS Elastic Beanstalk

Recently, I got a Rails app running on AWS Elastic Beanstalk for the first time. I wanted to share the steps to do so here. Although there are other tutorials, AWS and Rails both change over time, so some of these steps here are updated compared to other tutorials. Since AWS is so complex, a lot of tutorials assume prior AWS knowledge as well; this one walks you through everything you need step by step.

In this tutorial, we’ll:

I say “optionally” for the last two steps because if you aren’t ready to register a custom domain or set up SSL, you can stop before that point and the…

solnic.dev 

Speed Up Your Elixir Testing with Custom Tasks and Key Bindings in Visual Studio Code

Testing is an integral part of software development that ensures your code works as expected. However, running tests can sometimes be a slow and cumbersome process, especially when you're looking to quickly iterate on your code. I use a "secret" method that allows me to quickly run tests using custom tasks and key bindings in Visual Studio Code (VS Code). This approach is much faster and lighter than other solutions I've tried.

Custom Tasks in VS Code

The first step in speeding up your test runs is to set up custom tasks in VS Code. These tasks can be configured to run specific test commands, such as "test current line" or "debug current line.". All you need to do is to create .vscode/tasks.j…

Super Good Blog 

Debugging The Zeitwerk Migration

Rails 6 introduces a new way of autoloading, integrating the gem Zeitwerk. Rails 7 drops support for classic autoloading, so it’s necessary to switch to Zeitwerk if you ever want to upgrade to Rails 7.

For those not familiar: autoloading in Rails provides access to all your classes and modules automatically, without having to use require. Making the switch to Zeitwerk-based autoloading can be tricky, because it changes how your application looks up source code files. It’s easy to run into problems if you’re not aware of Zeitwerk’s conventions, and how it differs from the classic autoloader.

How are constants resolved in Ruby

module Admin
  class ProductsController < ApplicationController
  …
RubySec 

CVE-2024-27456 (rack-cors): Rack CORS Middleware has Insecure File Permissions

rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files.
Ruby Central 

February 2024 Newsletter

Hello! Welcome to the February newsletter. Read on for announcements from Ruby Central and a report of the OSS work we’ve done from the previous month. In January, Ruby Central's open-source work was supported by 29 different companies, including Fastly,  Sentry, Ruby Shield sponsor Shopify, and Partner-level member Contributed Systems, the company behind Mike Perham’s Sidekiq. In total, we were supported by 178 members. Thanks to all of our members for making everything that we do possible. <3

Ruby Central News

Ruby Meet-ups

  • Directory coming soon! We’re creating a directory of ALL active Ruby meetups to help us connect with one another, and so we can offer resources and support. Click to fill…
BigBinary Blog 

Streamlining translation resource loading in React apps with babel-plugin-preval

At Neeto, our product development involves reusing common components, utilities,and initializers across various projects. To maintain a cohesive andstandardized codebase, we've created specialized packages, or "nanos" such asneeto-commons-frontend, neeto-fields-nano, and neeto-team-members-nano.

neeto-commons-frontend houses utility functions, components, hooks,configuration settings etc. neeto-fields-nano manages dynamic fieldcomponents, while neeto-team-members-nano handles team member managementfunctionalities.

These nanos, along with others, reduce redundancy and promote consistencyacross our products.

Translation Challenges

Many of our packages export components with text that requires…

Radan Skorić's personal site 

How to debug issues with Turbo Morphing

Turbo’s morphing feature can look magical. There’s a lot of pieces moving behind the scenes to make it come alive. That’s great when it works but when it doesn’t you might be left staring at the screen unsure where to start to debugging it. Maybe you made a mistake in your code. Maybe it’s all working as expected but it caught you by surprise. Maybe you ran into a bug in Turbo itself. Yes, that...
Ruby on Rails 

Rails Foundation and Doximity to Sponsor Rails Girls São Paulo 2024

(Portuguese below)

The Rails Foundation and Doximity are teaming up with Rails Girls São Paulo and Tropical.rb to co-host the return of the Rails Girls São Paulo in 2024.

Name: Rails Girls São Paulo
Date: April 6, 2024
Location: Le Wagon São Paulo

Scheduled for the weekend following Tropical.rb, Rails Girls São Paulo aims to bring together 30 individuals in teams of 6, each guided by dedicated Portuguese-speaking mentors, for a weekend of learning, coding, and community building.

Rails Girls took place regularly in São Paulo from 2015 to 2019, introducing nearly 300 local students to Rails in that time. Inspired by the current momentum in the Rails community and the return of…

Hanami 

Hanami 2.1: Views that are a sight to see

After a year of work, Hanami 2.1 is here! This release introduces our view layer and front-end assets support, and brings Hanami a big step closer to our full stack vision.

It all starts with hanami dev

Working on your app’s front-end now starts with a single new command: hanami dev.

Running hanami dev starts the familiar Hanami web server alongside our new front-end assets watcher and compiler.

From there, you’re ready to open http://localhost:2300 and take in our gorgeous new welcome screen, in both light and dark mode.

Welcome screen in light mode

Welcome screen in dark mode

Welcome (back!) to Hanami. We’ve been building something special for you!

You’ll love our view on views

Test Double 

Flipping the script on Black history: Transforming challenges into career superpowers

I think about our journey as Black business leaders every February. Black History Month is a time to honor and celebrate the strength we’ve summoned to overcome the obstacles in our path.

This year, my focus is on the skills and strategies Black business leaders develop in response to challenges. Adversity becomes a platform for us to enhance our capabilities and become even stronger. Our trials force us to cultivate superpowers.

I want to emphasize that I am not diminishing the impact of racism on our history. It’s been a horrible stain on our country since the first Africans arrived on this continent. We were considered property until 1865. Legal segregation continued until 1964.…

The Bike Shed 

416: Multi-Dimensional Numbers

Joël discusses the challenges he encountered while optimizing slow SQL queries in a non-Rails application. Stephanie shares her experience with canary deploys in a Rails upgrade. Together, Stephanie and Joël address a listener's question about replacing the wkhtml2pdf tool, which is no longer maintained.

The episode's main topic revolves around the concept of multidimensional numbers and their applications in software development. Joël introduces the idea of treating objects containing multiple numbers as single entities, using the example of 2D points in space to illustrate how custom classes can define mathematical operations like addition and subtraction for complex data types.…

Giant Robots Smashing Into Other Giant Robots 

Linear Regression using dataframes in Ruby

This article will introduce data science by presenting an essential method: linear regression.

It’s a method used when two types of continuous numeric data correlate. Typical examples of data that correlate are the size of a flat and its price, the amount of time spent studying and test scores, the number of years at work and the salary, the sales of a product and the amount spent on advertising.

So, we have two types of values, one of which will help predict the other. Standard terms used are dependent variables, the variables we’re trying to find, and independent variables for the variables that help us predict it. When thinking about mathematical functions, the x is the independent…

Saeloun Blog 

Rails 8 adds Brakeman by default to new applications

What is Brakeman?

Brakeman is a security scanner for the Rails application. It statically analyzes the source code and looks for security issues at any stage of development.

Brakeman requires no configuration, once it is installed, we can just run it.

It scans the application code and produces a report of all the security issues it has found.

Brakeman helps in early security issues detection, Developers are better aware of any security vulnerabilities with the help of Brakeman.

It can identify a wide range of security vulnerabilities like SQL injection, Cross-site scripting(XSS), and Cross-site request forgery(CSRf).

It also checks for code that allows users to bypass security checks…

Short Ruby Newsletter 

Short Ruby News - Edition #80

A Monday summary of the articles, discussions, and news from the Ruby community
Rémi Mercier 

Domain complexity vs applicative complexity

For years, code would fall into two categories: easy (good!) and hard (bad!).

Recently, I’ve realized that not every piece of hard code is created equal. Complex code often encompasses two kinds of complexity: domain complexity and applicative complexity.

And I often failed to identify which is which.

Domain complexity

Domain complexity is what we refer to when we talk about “rocket science”. Building actual spaceships, forecasting extreme meteorological events, studying the human genome, etc… You know, hard stuff.

But any domain where programming happens has inbuilt complexity.

I once worked for a real estate company. The regulations were abstruse enough that our codebase reflected…

Andy Croll 

Validate Email Addresses

Ensuring you have data that makes sense is why Rails provides validations through the Active Model library, which underpins Active Record.

Making sure you can email your users is one of the most important things to get right in your application, so you probably already have validation checks around your User#email attribute.

Instead of…

…inventing your own regular expression, or using this one from the older Rails docs:

class User < ApplicationRecord
  validates :email,
    format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i },
    presence: true,
    uniqueness: { case_insensitive: true }
end

Use…

…one of these several better options:

Devise

A reasonable choice, if…

Closer to Code 

The Art of Forking: Unlocking Scalability in Ruby

Introduction

The journey towards efficient parallelization in library development has often been based on using threads. As Karafka celebrates its eighth anniversary, it's become clear that while threads have served us well for many tasks, there's room to explore further. That's why I've decided to introduce forking capabilities into Karafka, aiming to offer another dimension of parallelization to its users. This move isn't about replacing threads but about providing options to cover a broader spectrum of use cases than before.

For those who wonder what Karafka is, Karafka is a Ruby and Rails multi-threaded efficient Kafka processing framework designed for building efficient and scalable…

RubySec 

CVE-2024-25126 (rack): Denial of Service Vulnerability in Rack Content-Type Parsing

There is a possible denial of service vulnerability in the content type parsing component of Rack. This vulnerability has been assigned the CVE identifier CVE-2024-25126. Versions Affected: >= 0.4 Not affected: < 0.4 Fixed Versions: 3.0.9.1, 2.2.8.1 # Impact Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability. Impacted code will use Rack’s media type parser to parse content type headers. This code will look like below: ``` request.media_type ## OR request.media_type_params ## OR Rack::MediaType.type(content_type) ``` Some frameworks (including Rails) call this code…
RubySec 

CVE-2024-26141 (rack): Possible DoS Vulnerability with Range Header in Rack

There is a possible DoS vulnerability relating to the Range request header in Rack. This vulnerability has been assigned the CVE identifier CVE-2024-26141. Versions Affected: >= 1.3.0. Not affected: < 1.3.0 Fixed Versions: 3.0.9.1, 2.2.8.1 # Impact Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). # Releases The fixed releases are available at the normal locations. # Workarounds There are no feasible workarounds for this…
RubySec 

CVE-2024-26142 (actionpack): Possible ReDoS vulnerability in Accept header parsing in Action Dispatch

There is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-26142. Versions Affected: >= 7.1.0, < 7.1.3.1 Not affected: < 7.1.0 Fixed Versions: 7.1.3.1 # Impact Carefully crafted Accept headers can cause Accept header parsing in Action Dispatch to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade or use one of the workarounds immediately. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. # Releases The fixed releases are available at the…
RubySec 

CVE-2024-26143 (actionpack): Possible XSS Vulnerability in Action Controller

There is a possible XSS vulnerability when using the translation helpers (`translate`, `t`, etc) in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2024-26143. Versions Affected: >= 7.0.0 Not affected: < 7.0.0 Fixed Versions: 7.1.3.1, 7.0.8.1 # Impact Applications using translation methods like `translate`, or `t` on a controller, with a key ending in “_html”, a `:default` key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. For example, impacted code will look something like this: ``` class ArticlesController < ApplicationController def show @message = t("message_html",…
RubySec 

CVE-2024-26144 (activestorage): Possible Sensitive Session Information Leak in Active Storage

There is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a `Set-Cookie` header along with the user’s session cookie when serving blobs. It also sets `Cache-Control` to public. Certain proxies may cache the `Set-Cookie`, leading to an information leak. This vulnerability has been assigned the CVE identifier CVE-2024-26144. Versions Affected: >= 5.2.0, < 7.1.0 Not affected: < 5.2.0, >= 7.1.0 Fixed Versions: 7.0.8.1, 6.1.7.7 # Impact A proxy which chooses to caches this request can cause users to share sessions. This may include a user receiving an attacker’s session or vice versa. This was patched in 7.1.0 but not previously identified as…
RubySec 

CVE-2024-26146 (rack): Possible Denial of Service Vulnerability in Rack Header Parsing

There is a possible denial of service vulnerability in the header parsing routines in Rack. This vulnerability has been assigned the CVE identifier CVE-2024-26146. Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.4, 2.1.4.4, 2.2.8.1, 3.0.9.1 # Impact Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. `Accept` and `Forwarded` headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. # Releases The fixed releases are available at the normal locations. # Workarounds There are no feasible workarounds for this issue.
Ruby on Rails 

Enhanced assert_broadcasts, file support for Logger outputs and more!

Hope you’re having a lovely weekend. Emmanuel here with yet another batch of Rails updates for you!

assert_broadcasts returns the messages that were broadcast
assert_broadcasts now not only confirms the broadcast but also provides access to the messages that were broadcast. This enhancement, similar to what we have in assert_emails, facilitates additional analyses of the transmitted messages.
Here’s an example:

def test_emails_more_thoroughly
  email = assert_emails 1 do
    ContactMailer.welcome.deliver_now
  end
  assert_email 'Hi there', email.subject

  emails = assert_emails 2 do
    ContactMailer.welcome.deliver_now
    ContactMailer.welcome.deliver_later
  end
  assert_email 'Hi…

Autosaving has_one sets foreign key attribute when unchanged
This pull request corrected an issue where the has_one association would erroneously set the foreign key attribute even when unchanged.…

Everyday Rails 

Why I’ve started using justfiles in my Rails apps

Boost your developer experience with consistent command line interfaces. Here's how.
Write Software, Well 

Speed Up Your Tests Using VCR Gem in Ruby

Speed Up Your Tests Using VCR Gem in Ruby

I am currently working on a client project where the application needs to sync data between two content management systems using their respective APIs (no UI involved).

As you can imagine, there're a lot of API calls and the data needs a lot of massaging after fetching before it's ready to be synced with the other CRM.

Here's the general pattern that's repeated everywhere in the codebase.

class Entity
  def map_data
    resources = Net::HTTP.get("example.com/api/v2/resources")
    
    # lots of data manipulation, JSON / XML Parsing, 
    # mapping, and  conversion logic goes here 
    # to build the final result that will be 'push'ed
    # to the second API.
    
    result
  end
end

Since…

Saeloun Blog 

Rails 7.1 Allows ActiveRecord::Relation#explain To Accept Options

We can run ActiveRecord::Relation#explain on relation. It runs EXPLAIN on the query or queries triggered by the relation and returns the result as a string. The string is formatted imitating the ones printed by the database shell.

It used to analyze and display the SQL query execution plan generated by ActiveRecord for a particular query.

This method helps us to understand how the database will execute the query and identify potential performance bottlenecks.

To use the explain method, we can append it to an ActiveRecord query chain.

User.where(id: 1).explain
SELECT "users".* FROM "users" WHERE "users"."id" = $1  [["id", 1]]

=>                                    
EXPLAIN for: SELECT
Remote Ruby 

Andy Croll - Railsconf - Free Chicken

In this episode, we jump straight into a candid conversation with Jason, who
humorously contemplates how to kick things off, earning him the title of “recovering
podcaster” from Chris after a whirlwind month of Ruby discussions without him. We also
have the charming Andy Croll back, ready to dive into opinions, insights, and personal
stories. With RailsConf on the horizon, the conversation brings us to discussing Andy’s
role with Ruby Central and his efforts to revitalize the conference experience. As they
navigate through conference planning challenges and the spirit of the community that
defines the Ruby world, this episode promises a mix of laughter and encouragement for
RailsConf attendees, and…

Awesome Ruby Newsletter 

💎 Issue 405 - Why are non-DRY specs more maintainable?

Mike Perham 

How does Sidekiq work?

A few weeks ago, I sat gobsmacked at my laptop reading one of the most impressive technical deep dives I’ve ever read. Dan Svetlov wrote a blog post “How does Sidekiq really work?” on his blog which delved deep into Sidekiq’s internals, explaining how it actually works. The most impressive part of this blog post is that it was 100% accurate. There were no mistakes or misunderstandings, Dan did the work and shows the receipts.
BigBinary Blog 

Introducing neetoUI v6

Introduction

neetoUI is an open-source React component librarydeveloped for neeto. It makes it easier to buildaccessible and consistent UI in React applications. It is currently being usedin more than 20 neeto products. In this blog post, we will explore the excitingnew features and enhancements of neetoUI.

The Spark

Though we were using neetoUI across all our products, we had to avoid neetoUI incertain products that followed a different UI style. For example,neetoCode, a coding platform built by BigBinary, hasits own special design that is drastically different from the establishedneetoUI style. So, while building the new landing page for neetoCode, we alsohad to create custom buttons and…

Ruby Rogues 

Accelerating Growth: SaaS Frameworks, Mentorship, and Ruby Development - RUBY 626

Charles and Valentino delve into a wide array of topics, from time management struggles to the intricacies of building SaaS frameworks within Rails apps. They also explore the idea of apprenticeship programs for coding, discussing the potential benefits for mentors and apprentices alike. The episode is filled with insights on open-source projects, AI model integration, and the Ruby Dev Summit.


Sponsors




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Ruby Weekly 

Detecting radiation with Tenderlove

#​691 — February 22, 2024

Read on the Web

Ruby Weekly

A Decent VS Code Setup for Ruby and Rails Development“Setting up VS Code for Ruby on Rails development can be tricky, so I wrote this article to help. In it, I share different VS Code extensions for things like autocomplete, linting, formatting and more.” Harrison also shares his own Ruby on Rails extension pack that brings together all his suggestions in one install.

Harrison Broadbent

▶  Discussing YJIT with Maxime Chevalier-Boisvert — A 23-minute podcast episode with veritable Ruby VM and JIT compilation expert, Dr. Maxime Chevalier. She…

Ruby on Rails 

Rails Versions 6.1.7.7, 7.0.8.1, and 7.1.3.2 have been released!

Hi folks,

Rails versions 6.1.7.7, 7.0.8.1, and 7.1.3.2 have been released!

These are security releases, so please upgrade at your earliest convenience.

The 7.1.3.1 releases contained a small bug, so we released 7.1.3.2 with a bug fix, but it doesn’t contain any other changes.

Here is a list of security issues that these releases address:

Additionally there have been new releases of Rack to address DoS vulnerabilities.

CVE-2024-25126 Denial of Service Vulnerability in Rack Content-Type Parsing CVE-2024-26141 Possible DoS Vulnerability with Range Header in Rack CVE-2024-26146 Possible Denial of Service…

Here are the shasums for the released gems:

$ shasum *
fde325a53820f30abafc4bb4b347b0736628ea04 …
RubySec 

CVE-2023-47634 (decidim): Race condition in Endorsements

"### Impact\n\nA race condition in the endorsement of resources (for instance, a proposal) allows a user to make more than once endorsement.\n\nTo exploit this vulnerability, the request to set an endorsement must be sent several times in parallel.\n \n### Workarounds\n\nDisable the Endorsement feature in the components. "
RubySec 

CVE-2023-47635 (decidim-templates): Possible CSRF attack at questionnaire templates preview

### Impact The CSRF authenticity token check is currently disabled for the questionnaire templates preview as per: https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb#L11 This was introduced by this commit in the PR that introduced this feature (#6247): https://github.com/decidim/decidim/pull/6247/commits/5542227be66e3b6d7530f5b536069bce09376660 The issue does not imply a serious security thread as you need to have access also to the session cookie in order to see this resource. This URL does not allow modifying the resource but it may allow attackers to gain access…
RubySec 

CVE-2023-48220 (devise_invitable): Possibility to circumvent the invitation token expiry period

### Impact The invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. When using the password reset functionality, the `devise_invitable` gem always accepts the pending invitation if the user has been invited as shown in this piece of code within the `devise_invitable` gem: https://github.com/scambra/devise_invitable/blob/41f58970ff76fb64382a9b9ea1bd530f7c3adab2/lib/devise_invitable/models.rb#L198 The only check done here is if the user has been invited but the code does not ensure that the pending invitation is still valid as defined by the `invite_for` expiry period as explained in the gem's…
RubySec 

CVE-2023-51447 (decidim): Cross-site scripting (XSS) in the dynamic file uploads

### Impact The dynamic file upload feature is subject to potential XSS attach in case the attacker manages to modify the file names of the records being uploaded to the server. This appears in sections where the user controls the file upload dialogs themselves and has the technical knowledge to change the file names through the dynamic upload endpoint. Therefore I believe it would require the attacker to control the whole session of the particular user but in any case, this needs to be fixed. Successful exploit of this vulneratibility would require the user to have successfully uploaded a file blob to the server with a malicious file name and then have the possibility to direct the other…
Ruby Central 

A Look Back at RubyConf 2023, Featuring the Brand New Community Day!

Catherine Ricafort McCreary, of Artists Who Code, and Ruby veteran Aaron Patterson take their bows after a surprise, Ruby-themed musical number. Photo by San Diego Conference Photography.

To all of our attendees, speakers, volunteers, sponsors, vendors and the staff at the Town and Country Resort, thanks for helping us make RubyConf 2023, a huge success! Over 500 Rubyists joined us in San Diego from Monday November 13th through Wednesday November 15th for the 23rd annual RubyConf, and experienced our brand new format. Read on to soothe some of your FOMO if you missed it, or relive all the fun you had with us there!

DEV Community: Truemark Technology 

Devise raise validations error when new and old passwords are same

Authentication is a deal breaking feature in any applications nowadays. In Rails, Devise makes authentication a breeze; install a gem, run few commands and you have authentication working in your app.

Today, with the help of Devise we will look into a solution for a very common feature request in the app; throw validation error if user tries to change their password but add the same old password.

Skills required to follow the tutorial

Intermediate:

  • Rails

You should have

  • Existing Rails app with authentication already handled using Devise

Validation Implementation

Let's dive into the code now.

Add the following validation error to the model that is…

Write Software, Well 

Playing Sounds in Rails with the Audio API

Playing Sounds in Rails with the Audio API

This is the second article in the series where we read Campfire's source code to understand and extract useful techniques, practices and patterns. In today's article, we'll learn how you can play sounds in your Rails application using the Audio API.

Check out the first article here:

Custom URL Helpers in Rails with the direct Method
This is the first post in the Campfire deep dive series where we explore the first ONCE product from 37signals to learn and extract useful patterns, ideas, and best practices. This post explores the direct method in the Rails Router that lets you define custom URL helpers for your application.
Playing Sounds in Rails with the Audio API

Before we begin, you should know that…

The Ruby on Rails Podcast 

Episode 508: YJIT with Maxime Chevalier-Boisvert

Over the years, the performance of Ruby has improved quite a bit. One of the big recent performance improvements came from the development of YJIT inside Shopify. YJIT is a just-in-time compiler for Ruby written in Rust. Dr. Maxime Chevalier-Boisvert joined the show to talk about YJIT

Show Notes
YJIT Website
Maxime on X https://twitter.com/Love2Code (❤️→ λ)
Maxime’s Github https://github.com/maximecb

Test Double 

Why Rails upgrades are so important

There’s going to be another Ruby on Rails upgrade. There always will be.

No one likes the actual upgrade to the latest Rails version. It can be a long and tedious process that costs time and money with seemingly nothing to show for it. Changes can be so broad-based that it brings all feature development to a halt, causes unanticipated breaks, or disrupts day-to-day work.

So, when budgets are limited, can you just skip the Rails upgrades? Or wait until the next major release and do all the updates at once?

In general, no. Skipping your Rails upgrades creates a serious security risk. And the longer you wait the more likely something will go seriously wrong.

Upgrading to the latest…

Test Double 

Why it’s worth outsourcing your Rails upgrades

Upgrading to the latest Rails versions is a critical investment to protect platform stability, prevent security breaches and enable future releases.

Rails upgrades can also feel like a nuisance: They usually take longer than expected, and they pull your engineer away from day-to-day work and feature development where their domain expertise is critical.

Worse, along the way, the upgrades can cause unanticipated breaks. You are not only changing the foundation an app sits on, but also changing the cruftiest parts of the app that no one has touched in years.

Over more than a decade, we’ve built an expertise in how to make Rails upgrades seamless, while your team continues to deliver…

Saeloun Blog 

Next.js vs. Remix - A Developer's Dilemma

The React ecosystem is a bustling landscape, brimming with frameworks promising to revolutionize web development. Today, we’ll be diving into two popular contenders: Next.js and Remix.

Next.js is one of the most popular React frameworks used for server-side rendering. It’s been there for a significant time, and it provides an exceptional developer experience with all the features developers need.

Remix, a newer entrant into the scene, was created by the founders of React Router. It promotes a full-stack development approach and brings several innovative features. With the open-source introduction of Remix in 2022, developers have started to wonder which the better framework for their…

Both boast impressive features and…

Ruby Magic by AppSignal 

Hotwire Modals in Ruby on Rails with Stimulus and Turbo Frames

Modals are widely used on the web, but they are rarely built with accessibility in mind. When a modal is displayed, the background is dimmed visually but it's still visible to screen readers and keyboard-only users.

In this post, the first of a two-part series, we'll look at presenting accessible modals in Rails using two different approaches powered by Hotwire's Turbo and Stimulus libraries.

But first, let's see what we need to do to make modals accessible.

How Can We Make Modals Accessible?

To make modals accessible, we need to:

  • Hide the background from screen readers.
  • Implement "focus trapping" so keyboard users cannot focus on elements outside the modal.
  • Shift focus to the first…

We could accomplish the first two by setting in…

Gusto Engineering - Medium 

Spaghetti Model Part 4: Safely Remove ActiveRecord Associations and Scopes

Note: This is one part of my journey to tame a spaghetti model or god object. Start with Post 1: Unraveling a Spaghetti Model to see how I chose to tackle this problem.

Your spaghetti model has been a dumping ground of methods and associations for years.

Overview

In your journey to detangle a spaghetti model, you may come across ActiveRecord associations that you are pretty sure aren’t getting used, but you want to add a deprecation warning just in case you are wrong.

Rails makes it easy to have a model access all of its related entities through belongs_to, has_many and has_one helpers. These convenience methods allow us to quickly prototype and build new features. Rails and AREL make it easy…

JRuby.org News 

JRuby 9.3.14.0 Released

The JRuby community is pleased to announce the release of JRuby 9.3.14.0

JRuby 9.3.x is compatible with Ruby 2.6.x and stays in sync with C Ruby. As always there is a mix of miscellaneous fixes so be sure to read the issue list below.

Ruby Compatibility

  • IO#fcntl had inverted logic for setting O_NONBLOCK (setting it cleared the value, etc). #8081, #8090

Standard Library

  • strscan is updated to the 3.1.0 version #8086

Native Integration

  • The subsystem used for native calls has been updated to support RHEL/CentOS 7 and the Java 9+ Cleaner API. #8104 Note: Due to a mistake in the release process…
JRuby.org News 

JRuby 9.4.6.0 Released

The JRuby community is pleased to announce the release of JRuby 9.4.6.0.

JRuby 9.4.x targets Ruby 3.1 compatibility.

Thank you to our contributors this release, you help keep JRuby moving forward! @evaniainbrooks, @ahorek, @kares, @most00, @ntkme, @sk757a

Ruby Compatibility

  • Support for the new Prism parser for Ruby code has been merged in. A blog post will follow soon. #8103
  • IO#fcntl had inverted logic for setting O_NONBLOCK (setting it cleared the value, etc). [#8081], [#8090]
  • Many fixes to language and core class compatibility, see issue list.
  • Warnings should match verbosity levels of CRuby, with…

Standard Library

  • json is updated to 2.7.1. #7752, #7954
  • io-console is updated to 0.7.2. This version fixes IRB on Apple M-series by using stty for console manipulation. #8012
  • nkf is…
Once a Maintainer 

Once a Maintainer: David Wobrock

Welcome to Once a Maintainer, where each week we interview an open source maintainer and tell their story.

This week we’re talking to David Wobrock, a Senior Software Engineer at Back Market. David is a maintainer of the Python framework Django and a contributor to many projects in the Python ecosystem. He lives in Berlin.

Once a Maintainer is written by the team at Infield, a platform for managing open source dependency upgrades.

How did you get into programming?

How far should back should we go? My parents are both university professors, and they do research on meteorology. So they always had computers around to do cloud modeling and stuff. My brother and I always wanted to play around, to…

Felipe Vogel 

Two months of LinkedIn posts

A few months ago I was laid off and learned that job networking…

Test Double 

The myth of industrializing software engineering

Does this sound familiar: a vague feature gets conceived by “the business,” budgeted behind closed doors, and then handed off to a team in “IT” with fixed requirements and timelines to deliver? You’re expected to deliver it flawlessly, but kept at arm’s length from the problem you’re solving. It’s an assembly-line mentality: rigid, linear, prescriptive. But software engineering isn’t an assembly line, and engineers aren’t interchangeable parts. They’re creative collaborators who could drive real innovation given the chance. The model is broken and there’s a better way, rooted in how assembly lines are made. Let’s rethink outdated assumptions we’ve inherited and move toward a better…

RailsNotes, the Ruby on Rails guides you wished you had. 

A decent VS Code + Ruby on Rails setup

Setting up VS Code for Ruby on Rails development can be tricky, so I wrote this article to help. In it, I share different VS Code extensions for things like autocomplete, linting, formatting and more! I've even put together a handy extension pack to get you setup fast.
Short Ruby Newsletter 

Short Ruby News - Edition #79

Find out about new products launched, events and code samples along with library updates. A lot is happening each week in Ruby.
BigBinary Blog 

Debugging memory issues in ReactJS applications

Memory leaks can occur when resources allocated for a particular task have notbeen released after the task is finished. This leads to the accumulation ofmemory until applications do not have enough for the required tasks. In React,memory leaks can occur due to a multitude of reasons.

  • Components are not unmounted properly.
  • Event listeners are not cleared after use.
  • Unnecessary data stored in the state as well as not resetting the state.

This video shows how we can use the memory tab in Chrome Developer Tools to testour application for memory leaks.

The following video was made for internal use at BigBinary. The video is beingpresented "as it was recorded".

<iframewidth="966"height="604"src="https:…

Saeloun Blog 

Rails 7.1 Introduces ActiveRecord regroup Method

ActiveRecord::QueryMethods are methods provided by Rails to build and execute database queries.

The group method is used to perform grouping operations in a database query.

It allows us to group the retrieved data based on specific columns. It generates a SQL query with a GROUP BY clause.

Project.group(:name).count
SELECT COUNT(*) AS "count_all", "projects"."name" AS "projects_name" FROM "projects" GROUP BY "projects"."name"

=> {"Mac"=>1, "Azure.com"=>1, "Google"=>2}  

Before

Like we have ActiveRecord select and reselect methods to reset the previously set select statement, we don’t have method to reset the group statement.

To reset the group statement we have to use unscope method.

Write Software, Well 

How to Generate Random Numbers in Ruby

How to Generate Random Numbers in Ruby

Ruby has a Random class that can generate pseudo-random numbers. The reason for pseudo is that it produces a deterministic sequence of bits which approximate true randomness. You can generate integers, floats, and even binary strings.

I've always found myself referring to the docs to understand various ways Ruby lets you generate random numbers and thought it'd be nice to write a cookbook-style post listing the important recipes. So here it goes.

Random Number Generation in Ruby

The simplest way to generate random numbers in Ruby is to use the Kernel#rand method.

rand           # 0.47578359467975184
rand 10        # 2
rand 4.5       # 3
rand 1.2..3.5  # 3.3037237197517415
rand 5...8     # 6

Wh…

Test Double 

Fair contracts build trust: How Test Double does it differently

Over the years, I’ve become comfortable with our approach to software consulting being different.

We didn’t want Test Double to be like a lot of the other consultancies we’d worked at as many of them were set up for failure. They heavily incentivized a commission based sales force to do whatever they could to close a deal. That sales force would often agree to fixed bid contracts as it was the easiest path to a signature.

All of this urgency to close a deal eventually left me and the rest of the delivery teams with a set of constraints and goals that were unachievable, so we had to choose between making the project successful in terms of profit or successful in terms of quality, but…

Notes to self 

Business Class 1.6 with direct uploads, antispam, default avatars, and Kamal CD

Here’s the list of freshly baked updates for Business Class, a Rails starter template.

Direct uploads

Business Class goes direct uploads! Forget hunting for the right uploader library or messing with Active Storage integration. Filepond uploads with file size validations and image previews are now available for any form you might have, just add the class .filepond on the input element.

Blog post previews and user avatars are now utilizing it for a far better user experience. Here’s a preview.

Antispam

Spam is not much fun, so I added an invisible captcha to the user registration form. It’s also easily available for all other forms you might have.

Default avatars

I have user avatars…

Bootrails 

Rails 7 pagination with Kaminari tutorial

Intro : bloated data Displaying bulk of data in a single page is not a good practice because it slows down our rails application and will decrease the performance of the database server. Displaying long lists has a significant performance impact on both front-end and back-end: First, the database reads a lot of data from disk. Second, the result of the query is converted to...
RubyGems Blog 

January 2024 RubyGems Updates

Welcome to the RubyGems monthly update! As part of our efforts at Ruby Central, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in January.

RubyGems News

In January in RubyGems, we released RubyGems 3.5.5 and Bundler 2.5.5. These releases included fixes to: the caching specifictions directory, development dependency ommission and formatting of compact index requests headers, as part of our continuous effort to enhance the Ruby development experience.

Some other important accomplishments from the team this month include:

  • Fixing a bug inrack-test related to Importmaps

    During the…

Notes to self 

How to use private SSH keys with passwords in GitHub Actions

Most people opt for going with a passwordless key for their CI/CD pipeline, but what if you want to keep the password?

GitHub secrets

Let’s start by adding our SSL private key as a secret. If you don’t have one yet, create it:

$ ssh-keygen -t ed25519 -C "ci@domainplaceholder.com"

Adding a new private SSH key to be used in a GitHub action is same as adding it as any other secret.

Navigate to your repository Settings and then select Actions under Secrets and variables. Here you can add new secrets for GitHub Actions that will be made available in your workflows.

If we’ll add SSH_PRIVATE_KEY, then this will be available as ${{secrets.SSH_PRIVATE_KEY}}.

Similarly if we want to store a…

Matt Stuchlik 

Tracing System Calls in Python

Last time we counted CPU instructions, let’s look at syscalls now!

I’ll show you a little tiny tool I added to Cirron that lets you see exactly what syscalls a piece of Python code is calling and how to analyze the trace more effectively.

Let’s start with print("Hello") as before:

from cirron import Tracer

with Tracer() as t
    print("Hello")

print(t.trace)
# write(1, "Hello\n", 6) = 6 <0.000150s>

You can see1 print uses only a single write to write the string "Hello\n" to stdout (that’s what the 1 stands for) and asks it to write at most 6 bytes. Write then returns 6, meaning it managed to write all the bytes we asked it to. You can also see it took 0.00015s or 150μs (that’s just…

Tender Lovemaking 

Using Serial Ports with Ruby

Lets mess around with serial ports today! I love doing hardware hacking, and dealing with serial ports is a common thing you have to do when working with embedded systems. Of course I want to do everything with Ruby, and I had found Ruby serial port libraries to be either lacking, or too complex, so I decided to write my own. I feel like I’ve not done a good enough job promoting the library, so today we’re going to mess with serial ports using the UART gem. Don’t let the last commit date on the repo fool you, despite being over 6 years ago, this library is actively maintained (and I use it every day!).

I’ve got a GMC-320 Geiger counter. Not only is the price pretty reasonable, but it also…

Ruby Rogues 

Ruby Dev Summit - Jason Swett

Charles Wood catches up with Jason Swett to discuss the intriguing future of Ruby and his unwavering commitment to the language. The conversation delves into Jason's projects, including his upcoming CI product, and his motivation for continuing to work with Ruby. They also touch on the Sin City Ruby conference, the direction of Jason's career, and his unique approach to building relationships in the tech community. Tune in to gain insight from Jason's perspective on Ruby, technology, and his passion for connecting with others in the industry.


Socials

LinkedIn: Jason Swett




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Ruby Rogues 

Ruby Dev Summit - Andy Maleh

Charles Wood delves into the latest advancements in the realm of technology and software development. In this episode, he brings you an in-depth exploration of the evolving landscape of Ruby programming, featuring insights from the esteemed Andy Maleh. Join them as they uncover Andy's in-depth discussion on Ruby's expanding potential, particularly in the domains of desktop development, gaming, and cross-platform compatibility. Prepare to gain valuable insights into the future applications of Ruby, including its viability in AI, machine learning, and mobile app development. 


Socials




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Rémi Mercier 

Growing old as a programmer

I’ll be turning 40 this year, and I’ve started to wonder about my professional life in the next two decades. Not a lot of 60-year-old developers, hey?

I started working some twenty years ago, and I feel I need to plan - albeit very loosely - for the future. Building software is still very new to me. I want to keep working at it for some time. But I don’t know how to make this job grow with me.

a screenshot of a Mastodon toot with me asking: I've been wondering a lot about aging in software development. Any > 40-year old developers out there that'd like to share their perspective? How did you grow (technically, managing, etc...)? Picked up fields over others (embeded systems over web app, for instance)?

I shared my angst with folks on Mastodon. Turns out, there is a handful (*cough*) of older programmers. Many were kind enough to share their experience publicly.

This post is a collection of their replies, loosely sorted into broad categories. I’ll add some thoughts or reactions along the way.

Julia Evans 

Popular git config options

Hello! I always wish that command line tools came with data about how popular their various options are, like:

  • “basically nobody uses this one”
  • “80% of people use this, probably take a look”
  • “this one has 6 possible values but people only really use these 2 in practice”

So I asked about people’s favourite git config options on Mastodon:

what are your favourite git config options to set? Right now I only really have git config push.autosetupremote true and git config init.defaultBranch main set in my ~/.gitconfig, curious about what other people set

As usual I got a TON of great answers and learned about a bunch of very popular git config options that I’d never heard of.

I’m going…

Ruby Central 

Meet RailsConf 2023 Scholar: Dominic Lizarraga

Thinking of applying to this year's RailsConf Scholars and Guides program? Read on to hear from last year's Scholars about what it was like and why you should take the leap and apply!

Name: 

Dominic Lizarraga

Professional Title:

Software Developer

How did you get into Ruby?

Attending Le Wagon bootcamp.

Are there any Ruby projects you're working on that you're excited about? 

I'm very into Keto, glucose control, morning stretching and want to develop a small app for those topics.

Why did you decide to join the Scholars/Guides program?

It was a big event and I knew that going on my own would not be easy because English is my second language and also because I'm a junior dev so I thought I can ease the…

Ruby Rogues 

Ruby Dev Summit - Jeremy Evans

Charles Wood sits down with Jeremy Evans, the author of several well-known Ruby gems, including the SQL gem and the ROTA web framework. Jeremy shares his insights on the future of Ruby, including stability, performance improvements, and potential advancements. He also discusses his work in eliminating unnecessary allocations, upcoming changes in the Ruby community, and his book, "Polished Ruby Programming." Join them as they explore the exciting developments and challenges in the world of Ruby development with Jeremy Evans.


Socials




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Ruby Rogues 

Ruby Dev Summit - Alex Rudall

In this episode, Charles Wood engages in an insightful conversation with Alex Rudall about the evolving role of AI within the Ruby community. They dissect the implications of AI advancements on the future of Ruby, addressing the declining usage of the language and its potential staying power. Through this discussion, they aim to uncover the opportunities and obstacles that await developers in the rapidly evolving AI landscape.


Socials




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Ruby on Rails 

Rails World CFP, ActiveRecord::Base.with_connection, devcontainer and puma-dev support and more!

Hi! Vipul here with the latest updates for This Week in Rails!

Rails World CFP
Call for Papers is now open for The Rails World 2024 conference that will be held in Toronto, Canada this year. The CFP will remain open until 21st March. Head over here to submit your proposal!

Generate devcontainer files by default
This change generates a .devcontainer folder and its contents when creating a new app. The .devcontainer folder includes everything needed to boot the app and do development in a remote container. These files can be skipped using the --skip-devcontainer option.

Add ActiveRecord::Base.with_connection as a shortcut for leasing a connection for a short duration
This change adds Acti…

Ruby Rogues 

The Future of the Ruby Programming Language

Charles Wood delves into the intricacies of the Ruby programming language, exploring the recent and upcoming advancements. He provides insightful discussions on performance upgrades such as the just-in-time compiler (JIT), the Prism parser, the async library, and Ruby types. He also gets a sneak peek of the upcoming 5-day Ruby challenge with OpenAI. Join them as they uncover the significant developments in Ruby and their impact on the developer community. Tune in for a thought-provoking exploration of the future of the Ruby programming language.



Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Test Double 

Cracking the code: Test Double's engineers speak human

It might not make sense at first why Test Double, a custom software consultancy, hired a news reporter.

I joined the team in October as senior content manager – and my roots are in journalism, not tech. I spent more than 10 years as an investigative reporter and editor for the top newspaper publishing company in the U.S.

I’ve also worked with very bright engineering minds in aerospace, healthcare, and IT, and it can be tough to fully understand what they do, let alone tell the story of their work in an authentic yet relatable way. So, when I joined Test Double, I was prepared for a challenge.

It turns out the developers and engineers at Test Double have a rare gift: an ability to…

Ruby Rogues 

Unveiling the Secure Fusion: Ractors, Native Extensions, and Efficiency in Ruby Projects - RUBY 625

Marc-André Cournoyer is the founder and president and Code Monkey at Coded Inc. They explore the intricate details of Ruby and its integration with various technologies to create robust and secure solutions. They enlighten us with their expertise on event-driven frameworks and the importance of simplicity in software development. They also uncover the pioneering work of Shopify with the liquid templating language and the potential of leveraging Rust in combination with Ruby for enhanced safety and performance. Additionally, they delve into personal anecdotes and local business highlights, adding a human touch to the technical discussions.


Sponsors

Remote Ruby 

Exploring Dependabot-Unraveling Rails LSP-Vim Customization

In this episode, join Chris and Andrew as they kick things off with Chris’s rant about
computer hardware woes. Andrew contrasts this with tales of automation mishaps and
a firm stance on avoiding Windows, while Chris plans to leverage Proxmox for versatile
virtual machine testing. They touch on past experiences with Hackintosh, the merits of
various software management tools like Homebrew and asdf, and the intricacies of Rust
programming. They explore into the world of SQL learning and the hype around SQLite
and share tips for managing VS Code extensions and the quirks of using MacVim. The
conversation also covers the challenges and solutions for Dependabot configuration,
the business model behind…

Hanami 

Hanami 2.1.0.rc3

After our last release candidate, we discovered a few limitations in our approach to asset compilation. With the end-of-year break approaching, we decided to step back, look at things fresh, and find an approach that would serve as a solid foundation for the future.

With 2.1.0.rc3, we’re happy to release this new approach!

Independent assets per slice

Now when you run hanami assets compile or hanami assets watch, we’ll fork and run a separate assets compilation process for each slice in your app containing assets.

These assets will then be compiled into separate directories under public/assets/, each with their own manifest file: app assets compile into pu…

Ruby Rogues 

Ruby Dev Summit - Soutaro Matsumoto

Charles Wood has the privilege of hearing from Soutaro Matsumoto, a prominent figure in the Ruby community. Soutaro offers an in-depth exploration of RBS, a crucial aspect of Ruby development, and discusses the future of the language. He delves into the complexities of type signatures in Ruby, the potential benefits of type systems, and provides valuable insights into the ongoing developments in the Ruby ecosystem. Join them as they gain a deeper understanding of Ruby's trajectory and the impactful work being done by Soutaro Matsumoto.


Socials




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Awesome Ruby Newsletter 

💎 Issue 404 - What is new in Ruby 3.3

Ruby Rogues 

Ruby Dev Summit - Federico Iachetti

 In today's episode, Charles Wood delves into the future of Ruby, with a keen focus on performance enhancements, parser modifications, and syntax updates. Our guest, Federico Iachetti, shares valuable insights into the potential integration of a JIT compiler and parser with his editor, shedding light on the technical advancements poised to shape the future of Ruby. Join them as they navigate the intricate world of programming languages and their impact on the development community.


Socials 




Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
code.avi.nyc 

Turbo View Transitions in Rails

I'm trying to improve my design engineering and have been practicing and looking for opportunities to flex and grow. One of my favorite new techniques is View Transitions, a simple way using CSS to animate transitions between states of the view, whether it's a full page reload or a DOM update. I happen to love JS but I want to write as little of it as possible, especially when it comes to adding and removing classes to facilitate animations. So view transitions really speak to me.

Support for view transitions just hit the Turbo library with the release of Turbo 2.0. Along with DOM morphing support and combined with the rest of Rails, it's a powerful combination where you can achieve some…

Ruby Rogues 

Ruby Dev Summit - Stephen Margheim

Charles Wood explores the resurgence of Ruby and Ruby on Rails in the web development community. Our featured speaker, Stephen Margheim, delves into the technical aspects that have contributed to the renewed interest in Ruby, including its simplicity, intuitive nature, and pragmatic approach. They discuss the practical applications of Ruby in web development, the emergence of new companies adopting Ruby on Rails, and the ongoing efforts to expand the ecosystem of tools and guides for advanced use cases with SQLite in web applications. Join them as they analyze the impact of Ruby's resurgence and its potential to shape the future of web development.


Socials




Advertisin…
Ruby Rogues 

Ruby Dev Summit - Kinsey Durham Grace

In this episode, Charles Wood presents a thought-provoking interview with Kinsey Durham Grace. The conversation centers around the future of Ruby and the crucial need for the inclusivity of parents and caregivers within the Ruby community. Furthermore, Charles explores Kinsey's endeavors within the Ruby Central board, including efforts to support in-person Ruby meetups and secure funding from corporations. This episode provides valuable insights into the ever-evolving realm of Ruby and the profound impact of caregiving responsibilities on the tech industry. Join them as they navigate through the complexities of tech and family dynamics.


Socials




Advertising…
Ruby Rogues 

Ruby Dev Summit - Amanda Perino

In this episode, Charles Wood delves into the exciting world of Ruby on Rails with Amanda Perino, director of the Ruby on Rails Foundation. Charles and Amanda discuss the future of Ruby, the renewed energy and positivity in the Ruby and Rails community, the latest developments and frameworks in Rails, and the significance of events and community outreach in the technology space. With a focus on documentation, education, and marketing initiatives, Amanda shares her insights on the ever-evolving landscape of the Ruby on Rails community and provides valuable advice for current and aspiring developers. Tune in to gain a deeper understanding of the advancements in the Ruby on Rails community…

Ruby Rogues 

The Future of Ruby's Community

 Charles Wood takes an in-depth look at the future of Ruby's community, examining the recent revival of energy at conferences and the resurgence of local events. Chuck discusses the impactful contributions to the Ruby and Rails communities, as well as the initiatives of organizations like Ruby on Rails Foundation and Ruby Central. Tune in for insights from Ruby experts and compelling discussions on the evolving landscape of the Ruby community.



Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy
Bootrails 

Ruby-on-Rails ERB vs HAML

This is an opinionated article about ERB and HAML with Rails. Let’s compare each other and pick a winner. Use case In the Ruby-on-Rails world, they are known as templating languages. In the MVC concept, they represent “the View”. Both are here to output HTML. Example Examples worth a thousand words, so here are two examples, one with ERB, the other with HAML. Both are strictly equivalent. I...
Ruby Weekly 

Now Ruby's on the Nintendo Wii

#​690 — February 15, 2024

Read on the Web

Ruby Weekly

The Plan for Rails 8 — There’s been a fair amount of buzz around the Rails 8 feature announcements, such as less of a need for Redis, no more Sprockets, Rack 3 support, and more progressive web app features (like push notifications). Exciting stuff.

Brad Gessler (Fly.io)

RunRuby.dev: Run Ruby (and Bundler!) in the Browser — Last week, we linked to Yusuke Endoh's emirb which uses WebAssembly to run IRB in the browser. Svyatoslav Kryukov has upped the ante here, providing more of an editor plus a clever workaround to get Bundler working too. 🐦 This…

Test Double 

TDD and Winston Logger now with less pain and more gain

You know what gets swept under the rug and forgotten during TDD a lot? Logs. After many years of test-driven development (and/or pretending to do test-driven development), testing is still more of an art than a science to me in many cases off the beaten path. Especially determining exactly what to test, and how much testing is “good enough.” I would argue that, unless the worried face on the man in this oil panting I commissioned to illustrate my point1 sparks joy for you, zero tests for logging is not “good enough.”

Oil painting of a worried man surrounded by ticker-tape machines and paper Someone who didn't test their loggging

However, don’t feel bad if you’ve skipped testing your logging; I haven’t done a survey or anything, but you’re…

Saeloun Blog 

Memo vs. useMemo: When to use each for better React performance?

Optimizing React applications for better performance is an ongoing pursuit in the ever-evolving landscape of web development. Two key tools within the React toolkit, React.memo() and useMemo(), play pivotal roles in enhancing efficiency. In this article, we’ll explore the importance of these tools, delve into the concept of memoization, shallow comparison, provide insights into React.memo() and useMemo(), weigh their advantages and disadvantages, analyze the differences between them, and offer strategic guidance on when to deploy each for optimal results. Additionally, we also discussed some complex rendering scenarios and how we can avoid unnecessary child re-renders.

Source: WallpaperC…

Ruby Rogues 

Ruby Dev Summit - Samuel Williams

In today's episode, Charles Wood delves into the expertise of Samuel Williams, a prominent Ruby developer hailing from New Zealand. Charles Wood dissects his extensive experience with Ruby, the challenges he encountered while grappling with scalability, and the inception of his pivotal projects, Async and Falcon. Join them as they unravel the complexities of concurrency, actor-based models, and the future landscape of Ruby's scalability and efficiency. This episode promises to shed light on the world of Ruby development, the pursuit of streamlined code performance, and the potential environmental implications of refining programming languages.



Advertising Inquiries: https://redcircle.com/bra…
Giant Robots Smashing Into Other Giant Robots 

A review of FOSDEM 2024 ruby talks

I will present the talks in order of appearance. They were organized in such an order, from the most accessible to the most complex.

The first one was The best case scenario by Sandjiv. Sandvij introduced everything about pattern matching in Ruby, from it’s implementation in the VM to it’s usage. It kicked the room up to a great start.

The second one was “A front-end journey back to Rails” by Kevin Vanzandberghe. Kevin is a seasoned Rails developer who did a stint in React. He detailed how the features that were easy to implement in React are now even more easily implemented with Hotwire.

The third one was “Besides Web: a Worker Story” by Philippe Van Eerdenbrugghe. Philippe talked…