Rubyland

news, opinion, tutorials, about ruby, aggregated
Sources About
Joy of Rails 

Sending Web Push Notifications from Rails

You may have heard Rails 8 will extract a new framework for delivering Web Push notifications from your web app. Web Push notifications are powerful because they allow you to engage with your users even when they're not on your site.

Webkit announcment https://webkit.org/blog/13878/web-push-for-web-apps-on-ios-and-ipados/?

that will likely be called Action Notifier.

Though we don’t have Action Notifier yet, it is already possible to implement

I'm going to share how to I got a working demo of the Web Push API for Joy of Rails to push notifications through supporting browsers - currently Chrome and Firefox at the time of this writing.

We'll cover the basics of implementing Push yourself with Rails.

Awesome Ruby Newsletter 

💎 Issue 439 - Cleaning up Ruby code with Railway Oriented Programming

37signals Dev 

All about QA

Quality Assurance (QA) is a team of two at 37signals: Michael, who created the department 12 years ago, and Gabriel, who joined the team in 2022. Together, we have a hand in projects across all of our products, from kickoff to release. Our goal is to help designers and programmers ship their best work. Our process revolves around manual testing and has been tuned to match the rhythm of Shape Up. Here, we’ll share the ins and outs of our methods and touch on a few of the tools we use along the way.


Kicking things off

At 37signals we run projects in six-week cycles informed by Shape Up. At the beginning of each cycle, Brian, our Head of Product, posts a kick-off message detailing what we…

Graceful.Dev 

Site News #23: Progressive Automation

Hi there graceful devs! Here’s what’s new in the garden…

Content Updates

I love when I get a chance to make an episode about the guiding light of Graceful.Dev: making the iterative feedback loops of software development more sustainable, robust, and, well, graceful at every level of the process. That’s why I’m happy to deliver a video on the concept of progressive automation: the idea that software solutions don’t have to be all-or-nothing, but can instead loop-in humans for the bits that aren’t automated (yet). Check it out as part of The Full-Circle Developer.

Site Improvements

The episode I mentioned above was actually inspired by some improvements I’ve been making…

Ruby Central 

October 2024 Newsletter

Hello! Welcome to the October newsletter. Read on for announcements from Ruby Central and a report of the OSS work we’ve done from the previous month.

In September, Ruby Central's open source work was supported by Ruby Shield sponsor Shopify, AWS, the Sovereign Tech Fund (STF), and Ruby Central memberships from 29 other companies, including Partner-level member Sidekiq. In total, we were supported by 188 members. Thanks to all of our members for making everything that we do possible. <3

Ruby Central News

RubyConf 2024

Get ready for RubyConf in Chicago from November 13-15—only 4 weeks away! Join your #RubyFriends and dive into the Ruby community, whether you're new or experienced. We’ve also…

Ruby Weekly 

RubyGems.org gets a redesign

#​724 — October 17, 2024

Read on the Web

📝 We're taking next week off, so the next issue of Ruby Weekly will be on Thursday, October 31 – see you then! :-)
__
Peter Cooper, your editor

Ruby Weekly

Rails World 2024 Recap: All Talks Now OnlineRails World was a resounding success (save for a fire alarm that woke everyone up at 2am, we hear!) and while it’s great to hear what a good time everyone had, it’s even better to finally get to enjoy all the great talks for ourselves. I’ve been watching for hours and point out some highlights below.

✨ SOME TALK HIGHLIGHTS:

  • My top highlight was Stephen Margheim's well…

Rails Designer 

Changing CSS as You Scroll with Stimulus

Tweaking the UI element or component based on some scroll state, can help make it stand out or guide focus from the user.

I recently had to add such a feature where a, potential, long list of items could scroll below the navigation’s leader element. If the list “touched” the leader, extra CSS classes would be added, making sure it would still be eligible with the items scrolled below it. Something like this:

Preview of the end result of this article

Typically this would a case for JS’ MutationObserver, but since the scrolling is tied to the SidebarNavigationComponent and not the body, it cannot be used and a slight reinventing of the wheel is needed. It will result in a small, but reusable Stimulus controller. Ready to be…

Let’s go…

Mintbit 

Morphing With Turbo Streams

Turbo Streams provide a real-time, server-driven way to update Rails applications without complex JavaScript. One of the latest enhancements to Turbo Streams is the ability to use the method: :morph option in various actions, allowing more efficient DOM updates. This option can be used with actions like update, replace, and others, providing more control over how updates are applied.

What is Morphing?

Morphing refers to updating only the changed parts of a DOM element rather than fully replacing it. This helps preserve the state of interactive elements—like form inputs, scroll positions, or event listeners—providing a smoother user experience and improving performance.

Using the method:…

Giant Robots Smashing Into Other Giant Robots 

Build a (better) search form in Rails with Active Model

I recently had the opportunity to refactor a custom search form on a client project, and wanted to share some highlights through a distilled example.

Our base

We’ll start with all logic placed in the controller and view.

def index
  @posts = sort_posts(Post.all).then { filter_posts(_1) }
end

private

  def sort_posts(scope)
    if (order = params.dig(:query, :sort))
      column, direction = order.split(" ")

      if column.presence_in(%w[title created_at]) && direction.presence_in(%w[asc desc])
        scope.order("#{column} #{direction}")
      else
        []
      end
    else
      scope.order(created_at: :desc)
    end
  end

  def filter_posts(scope)
    filter_by_titl…
Tenderlove Making 

Monkey Patch Detection in Ruby

My last post detailed one way that CRuby will eliminate some intermediate array allocations when using methods like Array#hash and Array#max. Part of the technique hinges on detecting when someone monkey patches array. Today, I thought we’d dive a little bit in to how CRuby detects and de-optimizes itself when these “important” methods get monkey patched.

Monkey Patching Problem

The optimization in the previous post made the assumption that the implementation Array#max was the original definition (as defined in Ruby itself). But the Ruby language allows us to reopen classes, redefine any methods we want, and that those methods will “just work”.

For example, if someone were to reopen Array

RubyGems Blog 

3.5.22 Released

RubyGems 3.5.22 includes enhancements and bug fixes.

To update to the latest RubyGems you can run:

gem update --system

To install RubyGems by hand see the Download RubyGems page.

## Enhancements:

  • Prevent ._* files in packages generated from macOS. Pull request #8150 by deivid-rodriguez
  • Fix gem pristine etc resetting gem twice sometimes. Pull request #8117 by deivid-rodriguez
  • Allow gem pristine to reset default gems too. Pull request #8118 by deivid-rodriguez
  • Update vendored uri and net-http. Pull request #8112 by segiddins
  • Installs bundler 2.5.22 as a default gem.

## Bug fixes:

  • Fix gem contents for default gems. Pull request #8132 by deivid-rodriguez
  • Fix duplicated…
Andy Croll 

Launching UsingRails: A Directory of Rails-Based Organisations

In the week or two before Rails World (two words), I launched UsingRails. It’s a directory of Rails-based organisations and companies.

It’s the culmination of a couple of years of research, a rapidly built Rails application and the world’s largest Apple Note.

Why?

I’ve been a Rails developer for a long time. I’ve built a few Rails applications, and I’ve been involved in the community for a while. The external narrative of Rails is that it was a great platform for building web applications, but somehow it’s no longer a good choice. This is despite the continuing push of the framework to improve and evolve as the best way to (joyfully) build useful web and native applications with small…

RubySec 

CVE-2024-41128 (actionpack): Possible ReDoS vulnerability in query parameter filtering in Action Dispatch

There is a possible ReDoS vulnerability in the query parameter filtering routines of Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2024-41128. ## Impact Carefully crafted query parameters can cause query parameter filtering to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade or apply the relevant patch immediately. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected. ## Releases The fixed releases are available at the normal locations. ##…
RubySec 

CVE-2024-47887 (actionpack): Possible ReDoS vulnerability in HTTP Token authentication in Action Controller

There is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. This vulnerability has been assigned the CVE identifier CVE-2024-47887. ## Impact For applications using HTTP Token authentication via `authenticate_or_request_with_http_token` or similar, a carefully crafted header may cause header parsing to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade or apply the relevant patch immediately. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected. ##…
RubySec 

CVE-2024-47888 (actiontext): Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plain_text_for_blockquote_node helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. ## Impact Carefully crafted text can cause the plain_text_for_blockquote_node helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade or apply the relevant patch immediately. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 depends on Ruby 3.2 or greater so is unaffected. ## Releases The fixed releases are available at the normal locations. ##…
RubySec 

CVE-2024-47889 (actionmailer): Possible ReDoS vulnerability in block_format in Action Mailer

There is a possible ReDoS vulnerability in the block_format helper in Action Mailer. This vulnerability has been assigned the CVE identifier CVE-2024-47889. ## Impact Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade or apply the relevant patch immediately. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaffected. Rails 8.0.0.beta1 requires Ruby 3.2 or greater so is unaffected. ## Releases The fixed releases are available at the normal locations. ## Workarounds Users can avoid calling the…
Notes to self 

Deploying a Next.js application with Kamal 2

Here’s the simplest example to deploy a containerized Next application with Kamal.

What’s Kamal

Kamal is a new tool from 37signals for deploying web applications to bare metal and cloud VMs. It comes with zero-downtime deploys, rolling restarts, asset bridging, remote builds, and more.

Kamal needs SSH configured and Docker installed to run. You also need to create a cloud VM somewhere like Hetzner or Digital Ocean.

SSH configuration

Linux and macOS should come with SSH installed but you’ll need a new key pair for the server:

$ ssh-keygen -t EcDSA -a 100 -b 521 -C "admin@example.com"

This will promt you for the key name and will save the keys to ~/.ssh/ by default.

Add the private…

Rails Designer 

Announcing JavaScript for Rails Developers

📚 Lean more about the why, TOC and publish date 🤑

Over the past 25 or so years I’ve dabbled with various programming languages. From ASP, to PHP to ActionScript (who remembers this?!). But for well over 10 years my main languages are Ruby and JavaScript. In that order.

I try to write as much Ruby as possible. But if you build modern web/SaaS apps, there is simply no way you can do without writing JavaScript. Even with all the fantastic Hotwire tools.

Over those 10+ years I’ve come to enjoy JavaScript quite a bit. And when I launched Rails Designer I got many a question to help other teams with their JavaScript. And then often, after a successful project, the question (request?): you…

So I’m (pre)…

Fractaled Mind 

Supercharge the One Person Framework with SQLite

NOTE: This is an edited transcript of a talk I gave at Rails World 2024. You can watch the full talk on YouTube.

From its beginning, Rails has been famous for being a kind of a rocket engine that could propel your idea to astronomic heights at supersonic speed. But, at least for me, it has lately felt like I needed to be a rocket scientist to then deploy and run my full-featured application.

And that is because just as, over time, rocket engines have grown larger and more complex,

So too has the “standard” web application architecture only grown more complicated with time.

Let’s consider a typical Heroku application architecture from, say, 2008. It would have had some web dynos…

Ruby on Rails 

Rails World 2024 Recap - All talks now online!

All the talks from Rails World 2024 are now available online! Revisit your favorite sessions or catch up on ones you missed on the Rails World 2024 YouTube playlist.

On to the recap

Just over 1,000 Rails devs from 57 countries gathered in Toronto for two days of technical talks, workshops, networking, evening parties, the Rails 8 beta release…and one glorious neon sign.

We packed a lot into these two days, so here’s a quick run down of the highlights:

  • Rails Core launched Rails 8 beta live from the audience during DHH’s keynote.
  • We followed 24 technical talks (and a workshop) by 28 great speakers on two tracks hosted by GitHub and AppSignal.
  • Shopify CEO Tobi Lütke invited DHH
Hanami Mastery newest episodes! 

#54 Last Puzzle in place! Fullstack Hanami 2.2!

Hanami 2.2-beta2 is relased, which finally becomes a complete, fullstack framework. Let's make a blog in Hanami taking a closer look at its basic features.
Ruby on Rails 

Rails Versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1 have been released!

Hi everyone!

Rails Versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1 have been released!

These are security patches addressing 4 possible ReDoS (Regular expression Denial of Service) attacks. All of these only affect Ruby versions below 3.2 so we urge users on older versions of Ruby to upgrade to these new Rails versions at their earliest convenience.

Additionally we strongly recommend users upgrade to Ruby 3.2 or greater, to take advantage of the improved ReDoS mitigations in newer versions.

Ruby 3.1 is approaching it’s end of life for security support from Ruby upstream and is the only maintained version of Ruby still vulnerable to these attacks. Going forward we plan to continue to…

Planet Argon Blog 

Community, Connections, and Insights from Rails World 2024

Community, Connections, and Insights from Rails World 2024

Explore our software developer William Mena’s key takeaways from Rails World 2024, where he reignited his passion for Rails and learned about the exciting future of Rails 8.

Continue Reading

RubyGems Blog 

New Design for RubyGems.org

We are excited to announce the initial release of the new design for RubyGems.org!

The new design is the result of a collaboration with UX designer Ian Taylor and the RubyGems.org core team. Eventually, the full refresh of the site aims to meet our goals of modernizing the design and improving the usability of RubyGems.org for all of our users.

The design will be released incrementally and we’ve chosen the /pages routes to be refreshed first. These pages contain non-critical, mostly static content, allowing us to release the design without risking problems for our users.

As part of the roll-out strategy, we are prioritizing stability over a “big reveal”.

The new design aims to support…

Ruby on Rails 

New Rails maintenance policy and end of maintenance announcements

We’re excited to announce updates to our maintenance policy for Ruby on Rails.

These changes are designed to provide clarity on our support timelines and help you plan your Rails upgrades effectively. You can find the full details of our new policy in our site.

New Maintenance Policy Overview

Our support is now divided into three categories:

  1. New Features
    • We aim to release a version containing new features every six months.
  2. Bug Fixes
    • Minor releases will receive bug fixes for one year after the first release in their series.
    • For example, if version 1.1.0 is released on January 1, 2023, it will receive bug fixes until January 1, 2024.
  3. Secu…

Currently Supported Releases

As of now, the following releases are supported:

  • 7.…
Fullstack Ruby 

Episode 11: Designing Your API for Their API (Yo Dawg!)

It’s tempting to want to take the simplistic approach of writing “to the framework” or to the external API directly in the places where you need to interface with those resources, but it’s sometimes a much better approach to create your own abstraction layer. Having this layer which sits between your high-level business logic or request/response handling, and the low-level APIs you need to call, means you’ll be able to define an API which is clean and makes sense for your application…and then you can get messy down in the guts of the layer or even swap out one external API for another one. I explore all this and more in another rousing episode of Fullstack Ruby.

Links & Show Notes:

Evil Martians 

A taste of Go code generator magic: a quick guide to getting started

Authors: Valentin Kiselev, Backend Engineer, and Travis Turner, Tech EditorTopics: Backend, Go

Make a small program that generates wrapping functions for the given type methods, and use this example as a good starting point for your own Go code generator!

Many languages have support for metaprogramming and code generation, but in Go, it feels like something that requires more effort. For instance, if you Google “How to write a Go code generator” you’ll find very few articles explaining the tools and concepts even for creating a simple code generator. So, in this short post, I’d like to share a small program that generates wrapping functions for the given type methods, and this specific…

Alchemists: Articles 

Git For Each Ref

Cover
Git For Each Ref

The Git for-each-ref command (Documentation) — if not aware — is a powerful plumbing command for obtaining information about your repository references (i.e. .git/refs). An example of this is shown in the screenshot above. Don’t worry, we’ll discuss what the command is doing shortly.

As of Git 2.47.0, the for-each-ref command has gained a new superpower in the form of a new is-base field which can dynamically calculate the current parent branch. This is a most welcomed enhancement so I want to spend time talking this and more in this article. 🎉

Basics

Out of the box,…

Greg Molnar 

TailwindCSS and Rails 8

Someone asked on Twitter yesterday about the how to add TailwindCSS to a Rails 8 project the easiest way and having hot reload. This is how I believe it is to do so in a few minutes.

Mintbit 

3 Must-Know Module Extensions in ActiveSupport

In this post, we’ll explore some of the most useful core extensions in Rails that enhance how developers work with modules: delegate, concern, and the deprecated but still important alias_method_chain. These tools simplify method delegation, modularize code, and modify method behavior. While alias_method_chain is no longer in use, understanding its history is helpful for maintaining legacy code. We’ll break down how each of these methods works and why they’re valuable, especially when writing cleaner, more efficient Rails applications.

1. Module#delegate

One of the most widely used extensions in Rails is Module#delegate. This method allows you to delegate method calls from one object to…

BigBinary Blog 

Benchmarking Crunchy Data for latency

In Rails world 2024 DHH unveiled Kamal 2 in hisopening keynote. Now folks wantto give Kamal a try but some people are worried about the data. They want totake one step at a time and they feel more comfortable if their database ismanaged by someone else.

That's where Crunchy Data comes in. They providemanaged Postgres service. Checkout thistweet from DHH about CrunchyData.

In our internal discussion one of the BigBinary engineers brought up the issueof "latency". Since the PostgreSQL server will not be in the same data center,what would be the latency. How much impact will it have on performance.

We didn't know the answer so we thought we would do some benchmarking.

Benchmarking

To do the…

Saeloun Blog 

Rails 7.1 Raises Error On Assignment To Readonly Attributes.

In Rails, we can mark certain attributes of a model as readonly using the attr_readonly method. Once an attribute is marked as readonly, it cannot be changed after the record is created.

class User < ActiveRecord::Base
  attr_readonly :email
end

Before

If we try to assign a new value to a readonly attribute, the assignment operation would appear to succeed, but the change would not be persisted to the database.

user = User.create!(email: "doe@example.com")
user.email # => "doe@example.com"

user.email = "andy@example.com" # allows assignment
user.email # => "andy@example.com"

user.save! # change to email won't be persisted to database

user.reload.email # =>"doe@example.com" 

After

R…

The Bike Shed 

444: From Solutions To Patterns

What’s the difference between solving problems and recognizing patterns, and why does it matter for developers? In this episode, Stephanie and Joël discuss transitioning from collecting solutions to identifying patterns applicable to broader contexts in software development. They explore the role of heuristics, common misconceptions among junior and intermediate developers, and strategies for leveling up from a solution-focused mindset to thinking in patterns. They also discuss their experiences of moving through this transition during their careers and share advice for upcoming software developers to navigate it successfully. They explore how learning abstraction, engaging in code…

Short Ruby Newsletter 

Short Ruby Newsletter - edition 109

The one with Ruby 3.4.0-preview2 launch, videos from Rails World published, Xavier explaining how Zeitwerk and namespacing work and inspiring Ruby code samples
justin․searls․co - Digest 

📸 Fall fashions

New brand of T-shirt (Bella Canvas) for the uniform. Fresh colors to mark the start of what's next.

Rails Designer 

Rails UI Components Library Tips and Tricks

Rails Designer is the first UI component library built for modern SaaS apps built with ViewComponent, designed with Tailwind CSS and enhanced with Hotwire. Launched earlier in 2024 it has seen, next to a huge amount of components and variants, many great quality of life improvements too.

I want to highlight a few of these features that are more than components, but that surely will help you build your next SaaS app in Rails.

When you install Rails Designer an initializer is created. This holds the most important configuration to make Rails Designer’s components truly yours.

Customize colors

Tailwind CSS comes with a huge color palette. The full rainbow is available among some nice gray…

Remote Ruby 

DHH on Rails World 2024 and what's coming in Rails 8.1

In this episode, Chris and Andrew welcome David Heinemeier Hansson (DHH) to
discuss the release of Rails 8, starting with a recap of the Rails World Toronto conference. DHH shares insights on the growing Rails community, the challenges of planning large-scale conferences, and Rails’ philosophy of staying independent from venture capital. They dive into developer ergonomics in Rails 8, new deployment and notification tools like Kamal, Action Notifier, House (MD), and Propshaft, and upcoming features like ActiveRecord Search. The episode also covers accessibility improvements, Rails' approach to frontend frameworks, and DHH’s long-term vision for the platform. Hit download now to hear more!

Hon…
RoRvsWild's blog 

RoRvsWild RDoc theme

So we started to investigate the RDoc template generator, which powers the Ruby documentation, to see how it worked and what we could do with it. We finally made quite a few changes.

Layout and navigation

We updated the layout and structure of the page to make it easier to navigate the documentation.

We added a fixed top bar with the project title and moved the search field there to make it always reachable. The search result benefits from more space than when they were in the sidebar.

RDoc RoRvsWild theme – search results

On larger screens, we’ve hidden the navigation toggle and made the main navigation always visible. The main navigation content is now always the same on all documentation pages. It lists all the classes…

Ruby Rogues 

Secrets Management Best Practices and Tools - RUBY 655

Charles and Valentino are joined by special guest Brian Vallelunga, CEO and co-founder of Doppler, a leading secrets management platform often described as "GitHub for secrets."
Dive into an engaging conversation about best practices for managing sensitive information, such as API keys and encryption keys, and treating all environment-configured settings as secrets. Brian shares insights on using tools like AWS Secrets Manager, Docker, and Doppler’s seamless integration with popular development workflows, ensuring robust access control and audit logging.
They discuss about the severe consequences of data breaches, compelling real-world scams, and the human cost of leaked data. Learn how…
SINAPTIA 

This week in #devs - Issue #2

Our #devs channel is a cross-project, shared space where the entire dev team of SINAPTIA can ask questions, share opinions, and discuss interesting articles or tech they come across. The idea is to post a curated extract of what happens there every week.

Rails data migrations

Fernando shared news regarding Rails 8: new script folder and generator. Rails 8 introduces a new script folder dedicated to holding one-off or general-purpose scripts, such as data migrations, cleanup tasks, or other utility operations. This addition helps organize these scripts neatly, keeping them separate from your main application logic.

This news triggered a conversation about how we handled data migrations in…

Joy of Rails 

Mastering Custom Configuration in Rails

As your Ruby on Rails application grows, you‘ll need to add your own bits of configuration.

Where do you put API keys for third-party apps? What if you need different application values depending on the Rails environment? What if you‘re testing a new feature that should be disabled in production for the time-being? Sure, you can add some ENV vars here and there. You could manually load YAML files in different places throughout your app. You might be tempted to reach for another Ruby gem to help manage all this behind a common interface.

But there‘s no need for all that. Rails.configuration has your back. It‘s got features to support your custom configuration, not to mention the built-in…

The…

Rémi Mercier 

Interfacing with external APIs: the facade pattern in Ruby

Interacting with third-party APIs is common practice in applications. You might need to convert addresses into geographic coordinates, fetch subscription information from marketplaces, prompt an LLM, etc.

Coding with Ruby, you’ll often find gems providing a first abstraction over third-party APIs: the client layer. The client layer is usually responsible for accessing the features of the external API.

One could use the client as is and sprinkle calls to the external API across their codebase. By doing so, teams will often duplicate logic, reinvent the wheel, and create multiple change points.

One way to DRY this is to create an authoritative representation of the external API that’ll…

Ruby – Dogweather 

Cleaning up Ruby code with Railway Oriented Programming

I’ll lead with my code—before and after—then follow up with an explanation. Before Refactoring I had a gigantic method, Perm#make for creating permanent redirects. The site I’m working on has a million or so pages, and they move around for many reasons, often outside of my control. After Refactoring Railway Oriented Programming turned out to…More
Hotwire Weekly 

Week 41 - Celebrating 1 Year of Hotwire Weekly! 🎉

Hotwire Weekly Logo

Celebrating 1 Year of Hotwire Weekly! 🎉

Welcome to the 1-year anniversary issue of Hotwire Weekly! It’s been one year since we launched Hotwire Weekly! With 52 editions, we’ve delivered the latest Hotwire content every week for the last year.

While the concept hasn’t changed much, now feels like the perfect time to reflect on how the newsletter is going and what could improve.

We Want Your Feedback!

We’d love to hear your overall thoughts on Hotwire Weekly! Is the newsletter useful for you? Are the sections too long, too short, or just right? Should anything change, or stay the same?

Is there anything you’d like to see more of, less of, or done differently? Feel free to share any…

Greg Molnar 

Introducing Silk Rail

2 weeks ago, at the last day of Rails World, Sahil, the founder of Gumroad made a tweet, stating that Rails is a legacy framework, and announced that their are rewriting Gumroad in TypeScript for a few reasons. One was to get rid of the technical debt. It is a very weird take, because you will end up with the same technical debt after a while with whatever language or framework you use. Another reason he stated was that LLMs can generate TypeScript code better than Ruby code, so he will be able to move faster. I don’t agree with that statement either, I think Ruby and Rails offers all the tools to move fast.

Posts on Kevin Murphy 

Two Drawer End Tables Construction

Building in 3D 🔗

I make a lot of things. Most commonly code. I blog (maybe you’re aware, given you’re here). I build conference talks. Sometimes manifestos. Most of these live on the computer. Sometimes I need to step away and not look at a screen.

On occasion, I’ll build some piece of furniture we need in the house. Or some small accessory out of wood that I’ll use on my desk. This is one such time, and I decided to document it.

Similar to my recent posts on music I’m listening to, this isn’t directly related to software development. If you want to bail because of that, no judgement.

The Problem 🔗

There wasn’t really so much a problem. I recently built an end table for my office. I had extra…

avdi.codes 

https://avdi.codes/26784-2/?utm_source=rss&utm_medium=rss&utm_campaign=26784-2

One of the ways the Californian Ideology won in tech is to make everyone a US Republican in their relationship with governance. So obsessed with decentralization (we’ll get it right this time!) that when centralization inevitably builds up no one knows how to manage it healthily, or even that it needs to be managed. And then a Matt Mullenweg happens and everyone is like “oh no, I have learned nothing from this other than that centralization is bad, we’ll get it right this time!”. Rinse, repeat.

It’s a perpetual motion machine of suck: ignore the role of governance, let it devolve to the worse people in the worst emergent structures, complain about how bad it is, try to get rid of it,…

Saeloun Blog 

Rails 7.1 Supports Multiple Preview Paths For Mailers.

ActionMailer previews provide a way to see how our emails look in the browser by visiting a special URL that renders them without actually sending the emails.

It is particularly useful for testing and developing email templates.

class UserInvitationPreview < ActionMailer::Preview
  def send_invitation_email
    UserInvitationMailer.with(invitation: Invitation.last).invitation_email
  end
end

Before

By default, Rails looks for mailer previews in the test/mailers/previews directory.

If we want to customize the location of our mailer previews, we can only specify a single path using the preview_path configuration, as ActionMailer is limited to one preview path.

For example, if we want…

John Nunemaker 

Founder Quest: Acquiring Fireside

Last, but not least for this week, I was on Founder Quest. I'm doing my best third wheel impression over there and appreciate that Ben and Josh haven't kicked me off yet. We talked about a lot of things but mostly focused on the fireside acquisition.

FounderQuest | Acquiring Fireside with John Nunemaker
Josh and Ben talk with John about his recent acquisition of Fireside, covering the finances, pitfalls avoided, and more acquisition tips.https://www.johnnunemaker.com/acquiring-fireside/https://www…

If you missed the other podcasts this week, here you go:

Ruby on Rails 

Lazy i18n watcher on boot and more

Hi, Wojtek here still feeling the good vibe of the Rails World. Cheers to all the attendees and see you in Amsterdam!

Fireside Chat with DHH, Matz and Tobi
The video from the Rails World is now ready to watch, followed by the Eileen keynote. All the videos will be available soon!

Don’t execute i18n watcher on boot
It shouldn’t catch any file changes initially which unnecessarily slowed down boot of applications with lots of translations.

Support method names for :block in browser blocking
Prior to this commit, :block options only supported callables. This commit aims to bring browser blocking closer in parity to callbacks declarations like before_action and after_action by supporting…

Add :except_on option for validations
Grants the…

Mintbit 

Migrations in Rails 8: Using the New Not Null Shortcut

In the latest version of Ruby on Rails (Rails 8), developers have been given a handy new shortcut for adding a NOT NULL constraint to database columns. This small but powerful enhancement simplifies the process of generating migrations, making them cleaner and more intuitive.

In this blog post, I’ll show how this new feature works and how it can help you create migrations faster.

What Is a NOT NULL Constraint?

Before diving into the new shortcut, let’s quickly revisit what a NOT NULL constraint is and why it’s important.

In a relational database, a column marked as NOT NULL ensures that no row can have a NULL value for that column. This constraint enforces data integrity by ensuring…

Tejas' Blog 

Redis pipelines to the rescue

In my earlier blog post we saw how using redis connection pools can help us improve performance in a multi-threaded/multi-process application like Rails. Now we will see another typical scenario where Redis is a bottleneck and how we can optimize it.

I was designing a caching system and ran into a problem where I wanted to delete a bunch of keys on some event and it turned out to be much slower than I expected.

Intuitively I assumed Redis would be fast enough to handle it with sub-millisecond response times. Turns out Redis uses client-server model and each command waits for response. So if you are sending each delete separately, the latency can add up quickly, more so if you are running…

Josh Software 

Creating a Dedicated Device Using Home Screen Admin App for Android

There are many ways to create a dedicated device. For Android, it’s even easier to do. But every approach has its pros and cons. In this article, we’ll learn about this in detail. Topics covered in this article: What is a Dedicated Device? By definition: A dedicated device is a specialized device that is built … Continue reading Creating a Dedicated Device Using Home Screen Admin App for Android
Remote Ruby 

Rails World and SellRepo

In this episode, Jason, Chris, and Andrew discuss their upcoming plans for the Rails World conference, sharing stories about travel arrangements, hotels, and Andrew's first time flying first class. The conversation delves into the technical side, with updates on Rails 8.1, Ruby’s new release schedule, and challenges related to Docker on Apple Silicon. Chris introduces his latest project, SellRepo, which allows users to sell digital products through GitHub. The episode also covers frustrations with JavaScript package management, GitHub CI caching, and API integration issues. They wrap up the episode with a  humorous conversation about nostalgic sodas like Surge and fast-food soda machines.…

Everyday Rails 

Testing with RSpec book updates for October 2024

Brand new chapter on testing controllers via request specs, and more!
Planet Argon Blog 

IMAX Screens, Duck Boats, and Myrtle the Turtle: My SquiggleConf Recap

IMAX Screens, Duck Boats, and Myrtle the Turtle: My SquiggleConf Recap

I had the privilege of opening SquiggleConf 2024 at the New England Aquarium, sharing the story of Oh My Zsh. Highlights included inspiring talks on Excalidraw, Chrome DevTools, and web animations, plus a fun Duck Boat tour where I got to drive on the Charles River.

Continue Reading

Awesome Ruby Newsletter 

💎 Issue 438 - What's New in Ruby on Rails 8

John Nunemaker 

The Moneyball approach

I joined Adam and Jerod to share my new thesis for acquiring Rails based SaaS apps. The conversation was great! This new moneyball approach (dubbed so by Jess) has been swimming around in my head for a few months now. So it's great to talk about it in public finally.

Changelog Interviews 612: The Moneyball approach – Listen on Changelog.com

If you like the episode, give 5 Businesses Acquired with a Long-Term Hold Model a listen too. Great stuff by someone with a lot more experience than me.

If you missed the other podcasts this week, here you go:

naildrivin5.com - David Bryant Copeland's Website 

A Simple Explanation of Postgres' Timestamp with Time Zone

Postgres provides two ways to store a timestamp: TIMESTAMP and TIMESTAMP WITH TIME ZONE (or timestamptz). I’ve always recommended using the later, as it alleviates all confusion about time zones. Let’s see why.

What is a “time stamp”?

The terms “date”, “time”, “datetime”, “calendar”, and “timestamp” can feel interchangeable but the are not. A “timestamp” is a specific point in time, as measured from a reference time. Right now it is Oct 10, 2024 18:00 in the UK, which is the same timestamp as Oct 10 2024 14:00 in Washington, DC.

To be able to compare two timestamps, you have to include some sort of reference time. Thus, “Oct 10, 2025 18:00” is not a timestamp, since you don’t know…

The Rails Changelog 

026: Exploring Rails' Default Debugger with Stan Lo

The debugger you didn't know you needed. Ruby comes with an official debugger called Debug, which is now included in new Rails applications. Surprisingly, many Rails developers are still unaware of just how powerful this tool is. In this episode, Stan and I dive into its capabilities, exploring how it enhances the debugging process and makes troubleshooting more efficient.

Debug
The Startup of You 

Ruby Weekly 

Ruby 3.4 (preview 2) gets a new parser

#​723 — October 10, 2024

Read on the Web

Ruby Weekly

Ruby 3.4.0 Preview 2 Released — The preview releases leading up to final Christmas Day Ruby releases don’t tend to throw up many changes, but this is an exception. A significant change is that Ruby’s default parser has been changed to Prism, so it’s absolutely worth testing your code against it now. You can also now use it as a default block parameter, amongst other minor syntax tweaks.

Yui Naruse

An Introduction to the Ruby LSP Add-on SystemRuby LSP is a language server that uses static analysis to improve Ruby editing features in editors like…

Andy Waite

👊RailsBump.org Is Now…

Rails Designer 

Smooth Transitions with Turbo Streams

With Turbo Streams you can update specific parts of your app. Inject a chat message, update a profile picture or insert a Report is being created alert.

The preciseness Turbo Streams offers is great. But often the abruptness of it, its not too appealing to me. The new component is just there (or isn’t, if you remove it).

I’d like to add a bit more joy to my apps and this technique is something that does just that. I previously explored multiple techniques to add some kind of transition or animation when an element was inserted or removed. I fine-tuned it over the years while using it in production. And I can say I’m happy with how the technique works I am outlining today.

First, this…

André Arko 

Updating iTunes Track Parser Scripts for Music.app

Moving from my usual niche interests to a niche so small that I have only seen two people on the internet who care about this: I have some really great news if you still want to manage metadata tags like it’s 2010 and you’re ripping CDs into iTunes. I’ve updated the most useful iTunes track naming script to ever exist, so you can use it in Music.app on macOS 15.1 Sequoia in the year 2024.

The scripts are named Track Parser (Clipboard) and Track Parser (Song name), and they were written by Dan Vanderkam in 2004. He maintained them until 2009, put them into a public Google Code project, and eventually moved on with his life. I used both scripts hundreds or maybe even thousands of times…

Jake Zimmerman 

Approximating strace with Instruments.app

The other day I learned that Instruments.app can record file system activity on macOS!
The Ruby on Rails Podcast 

Episode 525: Catching Up With Ruby Central with Marty Haught

Ruby Central has been a foundational part of the Ruby community since 2003. They organize Ruby Conf and Rails Conf and maintain critical Ruby infrastructure like rubygems.org. With Ruby Conf Chicago just around the corner and new initiatives at Ruby Central, we thought it would be a good time to catch up with our friends at Ruby Central. Marty Haught joins the show to tell us more about Ruby Central's open source initiatives.

Show Notes
https://rubyconf.org/
https://rubycentral.org/news/

John Nunemaker 

Code and the Coding Coders who Code it

Last week Drew invited me on his podcast. I loved the format (what are you working on, what are your blockers, what have you learned recently) and suspect I'll become a regular listener.

The episode summary pretty much sums it up...

Ever wondered why a seasoned entrepreneur would choose acquisition over starting from scratch? Join us as veteran Rubyist John Nunemaker unravels the secrets behind his strategic purchase of Fireside FM. You’ll discover the ins and outs of transitioning ownership and handling infrastructure while gaining insights into why stepping into an existing company can be a game-changer for entrepreneurs.

John's journey doesn't stop at Fireside FM. He shares his…

Nithin Bekal 

Contributing to Ruby docs

Last week, I came across a few small improvements that I could make to the Ruby docs. In the past, I’ve found the idea of contributing to the Ruby repo quite daunting, but I found that it’s actually pretty straightforward.

I made some notes about the steps to get things set up locally, and I’m sharing these here in the hope that I can convince someone else how easy it is to contribute!

Getting set up to make changes to docs

First, I forked the ruby repo, and cloned my fork:

git clone git@github.com:nithinbekal/ruby.git

Before I could run the configure scripts, I had to install autoconf:

brew install autoconf

Next, you generate the configure script:

./autogen.sh

And then run the…

Posts on Kevin Murphy 

1,000 Miles

eBike eXcitement 🔗

This evening, on the way home from gymnastics, with my daughter in the rear cargo seat, my eBike’s odometer ticked over 1,000 miles. I was riding at the time, so you’ll need to settle for the obligatory picture of it at 1,001 miles.

My bike's odometer reading 1,001 miles

And you’ll have to trust me that by getting to 1,001 I first rode 1,000 miles.

We’ve had the eBike for almost 14 months, and it’s been the primary way my daughter and I get around town. I ride her into school every day on the bike, no matter how cold it is. We ride to the playground. We go to the library. We ride in to drop her off at summer camp in the morning. Maybe we’ll go to get ice cream. We go to her activities. Stop to run an errand.

It’s…

Gusto Engineering - Medium 

Envelope Encryption in Authentication Service Using Google Tink

Encypting TOTP secrets in the Keycloak library

A coder in front of a computerDesigned by Freepik

Overview

At Gusto, our team is building a new authentication service using the open source authentication library called Keycloak. Keycloak offers a comprehensive range of security features and customizations but some components of the Keycloak library require enhanced security hardening to meet the security needs of Gusto. As part of our authentication service, it is crucial to support various Multi-Factor Authentication (MFA) methods — SMS, TOTP, WebAuthn, etc. to strengthen our security posture and prevent unauthorized access.

Problem

Keycloak currently stores TOTP secret (seed) in plain text within its database. This secret…

BigBinary Blog 

Evaluating JavaScript code in the browser

NeetoCourse allows anyone to buildinteractive courses where they can add codeblocks and assessments. This allowsthe user to run their code, see the output and check if their solution iscorrect or not. Check outBigbinary Academy's JavaScript courseto see this in action.

Let's see how we evaluate JavaScript code and check if the output matches thecorresponding solution.

Synchronous code

For a simple synchronous code, first thing we need to check is if everythinglogged by the user is same as that of the solution code. What we do here isaggregate all the logs to an array and then compare that array with the arraygenerated by the solution code. This is done by transforming the code using anAST…

ruby – Bibliographic Wilderness 

Getting rspec/capybara browser console output for failed tests

I am writing some code that does some smoke tests with capybara in a browser of some Javascript code. Frustratingly, it was failing when run in CI on Github Actions, in ways that I could not reproduce locally. (Of course it ended up being a configuration problem on CI, which you’d expect in this case). But this fact especially made me really want to see browser console output — especially errors, for failed tests, so I could get a hint of what was going wrong beyond “Well, the JS code didn’t load”.

I have some memory of being able to configure a setting in some past capybara setup, to make error output in browser console automatically fail a test and output? But I can’t find any…

RichStone Input Output 

RubyMine Debugger: You have already activated X, but your Gemfile requires Y

This is just a post for myself since otherwise, every half a year or so, I'm running into this.

At some point, I start to get an error like the one from the title when running my apps in the RubyMine debugger.

Typically, my first reaction is to leave that in peace and let it resolve itself. Then, after I'm annoyed with all the other debugging tools, I make myself search for it on Google. Usually, I hit this StackOverflow post and skim it for any answers or comments I upvoted:

By the way, I tried some ChatGPT incantations, but it doesn't seem to pick up the comment.

So here we go ChatGPT, you just need to do this in your terminal:

$ bundle clean --force

And then run the RubyMine debugger again.

So…

Rails Inside Out 

Deploying Rails Apps to a Caprover Instance

A few days ago I wrote an article on deploying rails apps with nginx + puma + mina. Some people in the comments suggested I try Caprover, Dokku and other open source PaaS software. Dokku didnt cut it for me, its a good piece of software it just wasnt for me.

Im aware of kamal and its also a great piece of software especially since its a first class rails citizen, however as always competition cant hurt. (I also didnt like how kamal is full of configuration) I mean, rails at its core is convention over configuration and kamal in its current state is the opposite of that, which I totally understand its only on version 2 and writing software takes a lot of work.

Getting Caprover

Back to this…

Greg Molnar 

Upgrading to Kamal 2

Kamal 2 was released recently and it brings a few singnificant changes. Traefik is replaced by kamal-proxy, Kamal runs all containers in a custom Docker network and secrets are passed differently to new containers. All these changes mean that the upgrade is not simple, but in this article I will walk you through an example to help with the process.

The Bike Shed 

443: Rails World and Open Source with Stefanni Brasil

Learning from other developers is an important ingredient to your success. During this episode, Joël Quenneville is joined by Stefanni Brasil, Senior Developer at Thoughtbot, and core maintainer of faker-ruby. To open our conversation, she shares the details of her experience at the Rails World conference in Toronto and the projects she enjoyed seeing most. Next, we explore the challenge of Mac versus Windows and how these programs interact with Ruby on Rails and dive into Stefanni’s involvement in Open Source for Thoughtbot and beyond; what she loves about it, and how she is working to educate others and expand the current limitations that people experience. This episode is also…

Short Ruby Newsletter 

Short Ruby Newsletter - edition 108

The one where there is a new Ruby core committer, Dragon Ruby v6.0 release, Ruby Central looking for a new board member, and so many interesting code samples.
Posts on Kevin Murphy 

Office End Table Construction

Building in 3D 🔗

I make a lot of things. Most commonly code. I blog (maybe you’re aware, given you’re here). I build conference talks. Sometimes manifestos. Most of these live on the computer. Sometimes I need to step away and not look at a screen.

On occasion, I’ll build some piece of furniture we need in the house. Or some small accessory out of wood that I’ll use on my desk. This is one such time, and I decided to document it.

Similar to my recent posts on music I’m listening to, this isn’t directly related to software development. If you want to bail because of that, no judgement.

The Problem 🔗

In my office, I have a couch. Right now there’s a metal filing cabinet next to the couch that I’m…

Julia Evans 

Some notes on upgrading Hugo

Warning: this is a post about very boring yakshaving, probably only of interest to people who are trying to upgrade Hugo from a very old version to a new version. But what are blogs for if not documenting one’s very boring yakshaves from time to time?

So yesterday I decided to try to upgrade Hugo. There’s no real reason to do this – I’ve been using Hugo version 0.40 to generate this blog since 2018, it works fine, and I don’t have any problems with it. But I thought – maybe it won’t be as hard as I think, and I kind of like a tedious computer task sometimes!

I thought I’d document what I learned along the way in case it’s useful to anyone else doing this very specific migration. I upgraded…

Write Software, Well 

Not-Null Shortcut in Rails 8 Migration Generator

Not-Null Shortcut in Rails 8 Migration Generator

If you're on the latest (8) version of Ruby on Rails, there's a nice shortcut to add the not null modifier to your database columns. Just add an exclamation mark after the type, and Rails will mark that column as not null.

For example, consider the following generator command.

$ bin/rails generate migration CreateUsers email_address:string!:uniq password_digest:string!

It will produce the following migration.

class CreateUsers < ActiveRecord::Migration[8.0]
  def change
    create_table :users do |t|
      t.string :email_address, null: false
      t.string :password_digest, null: false

      t.timestamps
    end
    
    add_index :users, :email_address, unique: true
  end
end

Pretty handy!

P.…

Fullstack Ruby 

Top 10 Most Excellent Gems to Use in Any Ruby Web Application

The ecosystem of Ruby gems is rich with libraries to enable all sorts of useful functionality you’ll need as you write your web applications. However, at times it can be a challenge when you’re working within a broader Ruby context (aka not using Rails) to find gems which integrate well into all sorts of Ruby applications.

Occasionally you’ll come across a gem which doesn’t clearly label itself as Rails-only. In other cases, the manner in which you can use the gem outside of Rails isn’t clearly documented or there are odd limitations.

But thankfully, there are plenty of gems which are quite solid to use no matter what architecture you choose, and a few you might come across may even…

In this…

Ruby Magic by AppSignal 

What's New in Ruby on Rails 8

The first Rails 8 beta has officially been released, bringing an exciting set of features, bug fixes, and improvements. This version builds on the foundation of Rails 7.2, while introducing new features and optimizations to make Rails development even more productive and enjoyable.

Key highlights include an integration with Kamal 2 for hassle-free deployments, the introduction of Propshaft as the new default asset pipeline, and extensive ActiveRecord enhancements. Rails 8 also brings several SQLite integration upgrades that make it a viable option for production use.

Let's dive in and explore everything that Rails 8 has to offer!

Effortless Deployments with Kamal 2 and Thruster

Rails 8…

Ruby News 

Ruby 3.4.0 preview2 Released

We are pleased to announce the release of Ruby 3.4.0-preview2.

Prism

Switch the default parser from parse.y to Prism. [Feature #20564]

Language changes

  • String literals in files without a frozen_string_literal comment now emit a deprecation warning when they are mutated. These warnings can be enabled with -W:deprecated or by setting Warning[:deprecated] = true. To disable this change, you can run Ruby with the --disable-frozen-string-literal command line argument. [Feature #20205]

  • it is added to reference a block parameter. [Feature #18980]

  • Keyword splatting nil when calling methods is now supported. **nil is treated similarly to **{}, passing no…

Core classes updates

Note: We’re only listing outstanding class updates.

  • Exception

    • Exception#set_backtrace now accepts an array of Thread::Backtrace::Location. Kernel#raise, Thread#raise and Fiber#r…
  • Range

Notes to self 

Running multiple apps on a single server with Kamal 2

Kamal 2 finally brings the most requested feature to reality and allows people to run multiple applications simultaneously on a single server. Here’s how.

The Kamal way

Kamal is an application-centric deploy tool rather than a small PaaS. And this hasn’t changed with the new version 2. But what does it even mean?

Let’s look at a typical config/deploy.yml to run a generic application:

# config/deploy.yml
service: [APP_NAME]

image: [DOCKER_REGISTRY]/[APP_NAME]

servers:
  web:
    - 165.22.71.211
  job:
    hosts:
      - 165.22.71.211
    cmd: bin/jobs

proxy:
  ssl: true
  host: [APP_DOMAIN]

registry:
  username: [DOCKER_REGISTRY]

  # Always use an access token rather than real…

As you can notice the configuration describes only one particular service. And this hasn’t changed. Applications still have…

Mintbit 

Using Active Record Store in Ruby on Rails

Active Record Store is a powerful feature in Ruby on Rails that allows you to store structured data in a flexible way. Instead of creating separate tables for every piece of information, you can store data as a hash directly in your model. This is especially useful for scenarios where the structure of the data may change over time or is not strictly defined.

Example Scenario: Managing Book Preferences

Let’s imagine you are building a book review application where users can save their reading preferences. Instead of creating separate columns for each preference (like favorite genres, preferred authors, and reading status), you can use Active Record Store to simplify the model.

Step 1:…

Rails Designer 

S3 Alternatives for Rails’ ActiveStorage

ActiveStorage is a Rails framework that simplifies file uploads and attachments to cloud storage services. It provides a unified interface for handling file uploads, transformations, and storage across various cloud providers.

It’s beautifully simple and easy to set up. Adding an user avatar is just one line of code:

class User < ApplicationRecord
  has_one_attached :avatar
end

Love Rails! ❤️

Being one of the first to market, Amazon’s S3 (Simple Storage Service), has been the default storage provider for your ActiveStorage attachments. But the last few years more options have appeared. This is great for companies and customers alike!

For my next big thing, I have explored other…

Drifting Ruby Screencasts 

Kamal 2

In this episode we look at deploying a Rails 8 beta application to a Digital Ocean droplet. We'll also look at a scenario of deploying Action Cable broadcasts and another with recurring background jobs.
justin․searls․co - Digest 

🎙️ Breaking Change podcast v21 - Not From Backup

Direct link to podcast audio file

Get ready for a three-hour-plus Breaking Change spectacular! Why is it special? I'm not going to tell you. You'll just have to listen.

Remember, money doesn't change hands when you consume this Content™, but that doesn't make it free! In exchange for downloading this MP3, the license requires you to write in to podcast@searls.co at least once every three episodes. Some of y'all are past due, and I know where to find you.

Want URLs? I got URLs:

Hotwire Weekly 

Week 40 - Why Your Turbo Form Submission Fails, Hotwire Native content, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Next week, Rocky Mountain Ruby 2024 takes place in Boulder, Colorado, Oct 7-8, featuring some Hotwire and Hotwire-adjacent talks:

  • How to make your application accessible (and keep it that way!) - Joel Hawksley
  • Evolution of Real-Time and AnyCable Pro - Irina Nazarova
  • Leveling Up Developer Tooling For The Modern Rails & Hotwire Era - Marco Roth

I hope to see you there! Happy reading! 🚀✨


📚 Articles, Tutorials, and Videos

ActiveStorage Direct Upload with Stimulus - This article by Rails Designer explains how to implement direct uploads with ActiveStorage using Stimulus. It shows how to set up a Stimulus controller to…

katafrakt’s garden 

Mruby: Errors in Ruby code and how to find them

In the article about using mrbgems we had a situation when ARGV constant was not defined, but referenced. As a result the code execution failed (the side-effects were not produced), however it did that completely silently. No error message was emitted. And even the exit code was zero.

This is obviously bad. So I set to fix it. By examining mruby source code I discovered mrb_print_error function. Putting it to use looks like this:

#define MRUBY_ERROR 1

// ...

/* handle exceptions */
if(mrb->exc) {
  fputs("Error when executing Ruby code:\n", stderr);
  mrb_print_error(mrb);
  mrb_close(mrb);
  return MRUBY_ERROR;
}

We can invoke it by referencing some undefined constant in our Ruby…

RichStone Input Output 

Getting into home games and reading a new book

Getting into home games and reading a new book

Hey friends!

My subscribers are usually good and driven people, so you are probably busy with some good stuff, so no time to wonder where this Rich guy has been for the past four months.

Well, TL;DR: After a few mini projects for fun, a failed SaaS project with a buddy of mine (we had no co-founder fit), and a month or two in figuring out what's next. I'm starting a new project.

I'm a natural born gamer, so this time, it's about my favorite topic in real life: home games.

The first part of the app is a score tracker to answer a few questions that bother me for the past 25+ years:

How do you track scores and determine who's the best in your bar card round? How often does your kid really win in…

zverok's space 

On programming and poetry (not Python’s tool)

Some thoughts on how programming’s unlikely relations to poetry, and some implications of those relations

I don’t have much time recently to work on articles about programming (especially considering my typical article length); but I have some previously written content to share. This article was drafted as a Twitter thread on my 39th birthday: a day when I published my new site, and announced “I’ll be writing more here soon!” It was Feb 14, 2022, ten days before the full-scale Russian invasion started. Two and a half years later, I finally go to making it into a standalone text with clearer arguments, some links and conclusions. Anyway.

You don’t see poetry (as in writing and reading…

justin․searls․co - Digest 

📸 Everybody needs a hobby.

Maybe I’ll start posting more photos.

justin․searls․co - Digest 

📸 gj everyone

X marks the spot on this SEO.

katafrakt’s garden 

Mruby: Beyond “hello world”

In the last article , I took an initial look at mruby: how to install it using asdf, how to execute a simple code and how to build a standalone binary from a Ruby source. Now it’s time to try to look further and build something more complex.

But first, let me just acknowledge how really basic the mruby is. It supports almost all Ruby syntax (apart from pattern matching), but when it comes to standard library, you’ll find many things missing. Some potentially surprisin omissions include: JSON parsing/building, regular expressions, HTTP client.

> JSON.parse('{"test": [null]}')
uninitialized constant JSON (NameError)

Does this mean that I have to write a JSON parser or regular…

Julia Evans 

Terminal colours are tricky

Yesterday I was thinking about how long it took me to get a colorscheme in my terminal that I was mostly happy with (SO MANY YEARS), and it made me wonder what about terminal colours made it so hard.

So I asked people on Mastodon what problems they’ve run into with colours in the terminal, and I got a ton of interesting responses! Let’s talk about some of the problems and a few possible ways to fix them.

problem 1: blue on black

One of the top complaints was “blue on black is hard to read”. Here’s an example of that: if I open Terminal.app, set the background to black, and run ls, the directories are displayed in a blue that isn’t that easy to read:

To understand why we’re seeing this…

RubySec 

CVE-2024-43795 (openc3): OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)

### Summary The login functionality contains a reflected cross-site scripting (XSS) vulnerability. Note: This CVE only affects Open Source Edition, and not OpenC3 COSMOS Enterprise Edition ### Impact This issue may lead up to Remote Code Execution (RCE). **NOTE:** The complete advisory with much more information is added as [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-vfj8-5pj7-2f9g#advisory-comment-104904).
RubySec 

CVE-2024-46977 (openc3): OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)

### Summary A path traversal vulnerability inside of `LocalMode`'s `open_local_file` method allows an authenticated user with adequate permissions to download any `.txt` via the `ScreensController#show` on the web server COSMOS is running on (depending on the file permissions). Note: This CVE affects all OpenC3 COSMOS Editions ### Impact This issue may lead to Information Disclosure. **NOTE:** The complete advisory with much more information is added as [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-8jxr-mccc-mwg8#advisory-comment-104903).
RubySec 

CVE-2024-47529 (openc3): OpenC3 stores passwords in clear text (`GHSL-2024-129`)

### Summary OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting (see GHSL-2024-128). Note: This CVE only affects Open Source edition, and not OpenC3 COSMOS Enterprise Edition ### Impact This issue may lead to Information Disclosure. **NOTE:** The complete advisory with much more information is added as [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm#advisory-comment-104905).
Ruby on Rails 

Make Float distinguish between float4 and float8 in PostgreSQL and more

Hi, it’s Greg, bringing to you the latest changes from Rails, while recovering from an amazing Rails World experience.

Make ActionController::AllowBrowser::BrowserBlocker private
To reduce the API surface area of the allow_browser feature, this commit marks the class as private API.

Change ActiveSupport::HashWithIndifferentAccess#stringify_keys to stringify all keys not just symbols
This pull request changes ActiveSupport::HashWithIndifferentAccess#stringify_keysto stringify all keys, not just symbols.
Before the change:

{ 1 => 2 }.with_indifferent_access.stringify_keys[1] # => 2

After this change:

{ 1 => 2 }.with_indifferent_access.stringify_keys["1"] # => 2

Make Float distinguish…

justin․searls․co - Digest 

📸 Are Apple Vision personas… people?

This is some real snake-eating-its-own-tail shit by Apple Photos. What the hell am I supposed to click in order to not screw up its training of Aaron's face?

SINAPTIA 

This week in #devs - Issue #1

Our #devs channel is a cross-project, shared space where the entire dev team of SINAPTIA can ask questions, share opinions, and discuss interesting articles or tech they come across. The idea is to post a curated extract of what happens there every week.

On Rails Performance

Last week, we discussed Rails performance extensively due to some work we’re doing on one of our client’s Ruby on Rails applications. Fernando shared an article about DHH’s take on N+1 queries: “N+1 is a feature”. Used with a Russian doll caching setup, it could be even more performant than eager loading. The topic is a bit controversial, as DHH’s opinions usually are, but we found the thought exercise fruitful. Both…

Ruby Rogues 

Navigating Rails for Front-End Developers: A Comprehensive Guide to Integration and Transition - RUBY 654

In this episode, Valentino and Ayush dive deep into the evolving landscape of web frameworks, particularly focusing on Ruby on Rails. Join them as they explore the challenges and advantages of transitioning from front-end-centric frameworks like Next.js to Rails, the seamless features Rails offers, and the complexities of integrating front-end components.


They also discuss exciting potentials like better integration of Vue component libraries with Rails, the simplicity and utility of custom elements, and the desire for Rails to incorporate features similar to Phoenix LiveView. The panelists share their thoughts on the evolving Rails stack, the need for better tools and documentation, and the…
Remote Ruby 

Jeremy and Jess from IndieRails

In this crossover episode, Jason and Chris are joined by Jeremy and Jess from the Indie Rails podcast to discuss Ruby programming, indie development, and the challenges of building and maintaining software as solo developers. They dive deep into the origins of Indie Rails, share their individual career journeys, and explore Jeremy's project, Liminal, which aims to replace traditional forums and Slack with a more modern solution. The group reflects on the frustrations with current platforms, their experiences with indie development, and the importance of marketing alongside coding. They also compare Rails and Laravel, talk about the "one-person framework" concept, and the challenges in…

justin․searls․co - Digest 

📸 I hate code review less now

I've hated the culture of asynchronous code review for years, especially as the popularity of GitHub and its pull request workflow lent itself to slow, uninformed, low-empathy, bureaucratic workflows to address problems that would be better solved by higher-bandwidth collaboration between team members.

That said, as someone who's spent the last 9 months building an app by myself, I've really enjoyed having GPT 4o as my "pair". It's still too slow: I get bored and tab away to check Mail or Messages. But instead of waiting hours for feedback I'm waiting for literal seconds. There's also zero ego, politics, or posturing. And while it does hallucinate bullshit, there's far less of it than one…

DEV Community: Brandon Weaver 

Let's Read - Eloquent Ruby - Ch 22

Perhaps my personal favorite recommendation for learning to program Ruby like a Rubyist, Eloquent Ruby is a book I recommend frequently to this day. That said, it was released in 2011 and things have changed a bit since then.

This series will focus on reading over Eloquent Ruby, noting things that may have changed or been updated since 2011 (around Ruby 1.9.2) to today (2024 — Ruby 3.3.x).

Chapter 22. Use method_missing for Delegation

Y'know after reading that intro paragraph in the book I'm questioning whether or not I want to pursue management again, but then again a lot of my job nowadays is writing Documents (heh) and delegating work to others and trying to distill context…

DEV Community: Brandon Weaver 

Let's Read - Eloquent Ruby - Ch 21

Perhaps my personal favorite recommendation for learning to program Ruby like a Rubyist, Eloquent Ruby is a book I recommend frequently to this day. That said, it was released in 2011 and things have changed a bit since then.

This series will focus on reading over Eloquent Ruby, noting things that may have changed or been updated since 2011 (around Ruby 1.9.2) to today (2024 — Ruby 3.3.x).

Chapter 21. Use method_missing for Flexible Error Handling

What exactly happens when Ruby doesn't find the method it's looking for? Well it goes hunting for that method of course, but it has to go all the way up its inheritance chain to try and find it first before it then falls back to the…

Awesome Ruby Newsletter 

💎 Issue 437 - It has to be the most beautiful open source project written in Ruby

DotRuby - Things we have to say. 

How to Create Custom Error Pages in Rails

Don't let error pages break your brand's flow. Learn how to create custom error pages in Rails that match your design, keeping the user experience smooth—even when things go wrong.
Rails at Scale 

An Introduction to the Ruby LSP Add-on System

CONFERENCE NEWS

The Ruby LSP team will be in attendance at RubyConf 2024 in Chicago (November). Reach out if you want to chat about anything related to Ruby LSP, or the wider Ruby developer experience.

Overview

In this post we introduce the Ruby LSP add-on system. We’ll explain the problem it solves, discuss its architecture, showcase some example add-ons, and share our vision for a future add-on ecosystem that enhances the Ruby development experience.

Introduction

Ruby LSP is a language server implementation designed to streamline writing Ruby code. It uses static analysis to parse your code to provide editor features. However, in the Ruby ecosystem, dynamic programming and DSL

RubyGems Blog 

3.5.21 Released

RubyGems 3.5.21 includes enhancements and bug fixes.

To update to the latest RubyGems you can run:

gem update --system

To install RubyGems by hand see the Download RubyGems page.

## Enhancements:

  • Fix Gem::MissingSpecVersionError#to_s not showing exception message. Pull request #8074 by deivid-rodriguez
  • Remove code that makes suggest_gems_from_name give worse results. Pull request #8083 by duckinator
  • Warning about PATH in --user-install mode is only necessary for gems with executables. Pull request #8071 by deivid-rodriguez
  • Installs bundler 2.5.21 as a default gem.

## Bug fixes:

  • Fix error in one source when fetching dependency APIs clearing results from all sources. Pull…