Rubyland

news, opinion, tutorials, about ruby, aggregated
Sources About
Blogs on Noel Rappin Writes Here 

Object Constellations

Last time, I talked about ways to use dynamic typing to manage objects and business logic in your code. Doing so involves leaning into the object system, going beyond just “one class for each noun” and creating objects to model different states within the business logic directly.

In a basic Object-Oriented design, you might have an object called User. This object, by itself, represents the entire concept of a user within the system. In this design, specific states of a user — admin, unauthorized, deleted, subscriber, what have you — are all represented by the single class User.

That’s one way to model users. But you could also have the User class be a home for the underlying data and manage…

RubyGems Blog 

October 2024 RubyGems Updates

Welcome to the RubyGems monthly update! As part of our efforts at Ruby Central, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in October.

RubyGems News

In October, we released RubyGems 3.5.21 and 3.5.22 along with Bundler 2.5.21 and 2.5.22. These releases bring a series of enhancements and bug fixes designed to improve the overall developer experience with RubyGems. Notable improvements include updates to the vendored uri and net-http libraries, fixes to prevent gem pristine etc from resetting twice and the removal of code that degraded the accuracy of suggest_gems_from_name.

Some other important…

Fullstack Ruby 

Dissecting Bridgetown 2.0’s Signalize-based Fast Refresh

As the lead maintainer of the Bridgetown web framework, I get work on interesting (and sometimes very thorny!) Ruby problems which veer from what is typical for individual application projects.

With version 2 of Bridgetown about to drop, I’m starting a series of articles regarding intriguing aspects of the framework’s internals. This time around, we’re taking a close look at one of the marquee features: Fast Refresh.

The Feedback Loop

Bridgetown is billed as a “progressive site generator” which offers a “hybrid” architecture for application deployments. What all this jargon means is that you can have both statically-generated content which is output as final HTML and other files to a…

Ruby Central 

Securing Ruby’s Future: How Ruby Central is Strengthening Security

Securing Ruby’s Future: How Ruby Central is Strengthening Security

As open source software powers more of the world’s technology, security in the Ruby ecosystem has never been more critical. With billions of downloads per month and over 180,000 gems, RubyGems.org plays a key role in ensuring the reliability of software worldwide. At Ruby Central, we are leading the charge with a comprehensive approach to security, addressing today’s threats while anticipating tomorrow's challenges.

The Ruby Central Open Source Program, now guided by the OSS Committee formed in August 2023, has been at the forefront of our security efforts. The Committee, composed of contributors from across the Ruby community, acts as a steering body, providing oversight and strategic…

Mintbit 

Best Practices for Adding a Boolean Column in Rails: A Case Study

When adding a boolean column to a table in a Rails application, one common question is whether to set a default value for it. Let’s explore why this choice matters, the best practices around it, and how it impacts data handling. Using a real-world example, we’ll take a look at a migration adding a women_only column to a trips table.

Imagine you need to add a women_only attribute to the trips table in a Ruby on Rails application. This attribute is intended to indicate if a specific slot is restricted to women-only access. Here’s how the migration might look:

1
2
3
4
5
class AddWomenOnlyToTrips < ActiveRecord::Migration[6.1]
  def change
    add_column :trips, :women_only, :boolean, default…

This migration adds a new column, women_only, with a default value of false.

Why Set a…

Saeloun Blog 

Rails 7.1 Introduces By Argument For increment_counter And decrement_counter Methods.

Counter caching is a common practice in Rails, used to keep track of counts such as the number of comments on a post or likes on a video. Rails 7.1 provides built-in methods like increment_counter and decrement_counter for updating counters without loading records into memory. However, before Rails 7.1, these methods could only update by a value of 1.

In scenarios where counter caches needed to be incremented or decremented by amounts greater than 1, such as recalculating counts or applying bulk updates, we often turned to workarounds or relied on gems like counter_culture. With the introduction of the by argument in Rails 7.1, managing these cases is now much simpler.

Before Rails 7.1:

Ruby Magic by AppSignal 

Rack for Ruby: Socket Hijacking

In the first part of this series, we set up a basic Rack app, learned how to process a request and send a response.

In this post, we'll take over connections from Rack and hold persistent connections to enable pathways such as WebSockets.

First, though, let's look at how an HTTP connection actually works.

HTTP Connections

As this diagram shows, a TCP socket is opened, and a request is sent to a server. The server responds and closes the connection. All communication is in plain text.

HTTP sequence diagram

Using a technique called socket hijacking, we can take control of a socket from Rack when a request comes in. Rack offers two techniques for socket hijacking:

Rails Designer 

Don’t expose primary id’s with Rails’ dom_id

If you use Hotwire with Rails, you have most likely used dom_id. It’s a clever, little helper to give a unique id to an element. This helps to easily target an element with Turbo Streams (to update, append or delete).

You use it like this:

dom_id(User)          # => "new_user"
dom_id(User.find(42)) # => "user_42"

It is this last example I have issues with. As it exposes the primary id of that record. Depending on your app, you might not care, but when you run a (SaaS) business, this might be sensitive business information you don’t want exposed.

So I created a little gem, called stealth_dom_id.

It’s based on an a small class I added in my lib folder for years (there might be more…

BigBinary Blog 

How to code-sign and notarize an Electron application for macOS

Recently, we built NeetoRecord, a loomalternative. The desktop application was built using Electron. In a series ofblogs, we capture how we built the desktop application and the challenges we raninto. This blog is part 5 of the blog series. You can also read aboutpart 1,part 2,part 3 andpart 4.

macOS identifies applications that are not code-signed and notarized as beingfrom unknown publishers and blocks their installation. Code-signing allows macOSto recognize the creator of the application. Notarization, an additional step,provides extra credibility and security, ensuring a safer experience for users.

What is code-signing?

Code-signing is the process of generating a unique digital…

Island94.org 

Keep your secrets.yml in Rails 7.2+

Ruby on Rails v7.1 deprecated and v7.2 removed support for Rails.application.secrets and config/secrets.yml in favor of Encrypted Credentials. You don’t have to go along with that! I like Secrets functionality because it allows for consolidating and normalizing ENV values in a single configuration file with ERB (Encrypted Credentials doesn’t).

It’s extremely simple to reimplement the same behavior using config_for and the knowledge that methods defined in application.rb show as methods on Rails.application:

# config/application.rb

module ExampleApp
  class Application < Rails::Application
    # ....
    config.secrets = config_for(:secrets) # loads from config/secrets.yml
    config.secr…

That is all you need to continue using a secrets…

Giant Robots Smashing Into Other Giant Robots 

Process slow network requests with Turbo and Active Model

I recently had the opportunity to improve the UX on a client project by backgrounding a slow network request and broadcasting the response to the browser asynchronously with Turbo.

At first, I was a little overwhelmed because I didn’t know exactly how to do this. The response was mapped to a Ruby object, and was not Active Record backed, so I wasn’t sure how to leverage Turbo. However, I found it to be surprisingly easy, and I wanted to share the highlights through a distilled example.

Although we’ll be focusing on network requests, I want to highlight that this approach works for all types of slow operations.

Here’s an outline of what we’re trying to accomplish.

  1. A request is made that…
Saeloun Blog 

Rails 7.1 Adds Rails.application.deprecators Method

Deprecations are warnings that notify developers about features slated for removal or change in future versions. They ensure a smooth transition to newer alternatives while maintaining compatibility.

Before

Before Rails 7.1, deprecations were managed globally through ActiveSupport::Deprecation, with no way to differentiate or individually configure different types of deprecations and it lacked flexibility for managing multiple deprecations.

class User < ApplicationRecord
  def full_name
    ActiveSupport::Deprecation.warn("The `full_name` method will be removed in the next major release.")
  end
end
user = User.first
user.full_name

DEPRECATION WARNING: The `full_name` method will be r…
The Bike Shed 

447: How to (not) implement impersonation

For developers, impersonation can be a powerful tool, but with great power comes great responsibility. In today’s episode, hosts Stephanie and Joël explore the complexities of implementing impersonation features in software development, giving you the ability to take over someone’s account and act as the user. They delve into the pros and cons of impersonation, from how it can help with debugging and customer support to its prime drawbacks regarding security and auditing issues. Discover why the need for impersonation is often a sign of poor admin tooling, alternative solutions to true impersonation, and the scenarios where impersonation might be the most pragmatic approach. You’ll…

Mintbit 

Kamal in Rails 8: Simplifying Deployment

Rails 8 has introduced many exciting features to streamline the development process, and one of the most significant is the default inclusion of Kamal 2. But what exactly is Kamal, and how does it simplify deployments? In this post, we’ll delve into this powerful deployment tool and explore its integration with Rails 8.

What is Kamal?

Kamal is a deployment tool designed to streamline the deployment of web applications. It automates many of the complex tasks involved in deploying applications to production, providing a more efficient and reliable deployment process. Key benefits of Kamal include:

  • Zero-downtime deployments: Kamal enables seamless deployments without interrupting your…
  • Con…
Short Ruby Newsletter 

Short Ruby Newsletter - edition 114

The one where we find out what's next for Rails and SQLite, with the new Rails demo and where Nick invites us to discover their blog via DRB
The Code Gardener 

Speaking Is Hard... Until It's Not

Speaking Is Hard... Until It's Not

In May, 2022, I gave my first lightning talk at RailsConf in Portland, Oregon. I'm not sure I've ever been so nervous. I was physically shaking. My voice kept cracking. And, even though I knew the material up one side and down the other, I panicked when I couldn't see my speaker's notes. Here's how that went...

Alan Ridlehoover speaking at RailsConf 2022 in Portland, Oregon

Even within this talk itself, you can hear my voice settle down as I kept speaking. That's not to say that I wasn't still nervous. You can see me lose my place a couple of times – no thanks to the A/V department. But by the end, I definitely got better at it.

Fast forward two and a half years to October, 2024, and watch my…

Julia Evans 

Importing a frontend Javascript library without a build system

I like writing Javascript without a build system and for the millionth time yesterday I ran into a problem where I needed to figure out how to import a Javascript library in my code without using a build system, and it took FOREVER to figure out how to import it because the library’s setup instructions assume that you’re using a build system.

Luckily at this point I’ve mostly learned how to navigate this situation and either successfully use the library or decide it’s too difficult and switch to a different library, so here’s the guide I wish I had to importing Javascript libraries years ago.

I’m only going to talk about using Javacript libraries on the frontend, and only about how to use…

Evil Martians 

Founders, if you want A+ startup success, do the homework first!

Authors: Kirill Yakovenko, Account Manager, Travis Turner, Tech Editor, and Victoria Melnikova, Head of New BusinessTopic: Business

We've worked with dozens of early-stage startups and seen how rushed product development can blur founder focus, blow up budgets, and lead to frustration. So, before jumping in—do your homework!

Many first-time startups rush their product development to validate their ideas without a proper run-up. Sure, if you have an intense grasp on the market this can work, but frankly, it's still extra risky. At Evil Martians, we've worked with dozens of early-stage startups and seen how rushed product development can blur founder focus, blow up budgets, and lead to…

Saeloun Blog 

Rails 7.1 Allows Validators To Accept Lambdas Without Record Argument

Rails validations are a key feature for ensuring the integrity of the data being saved to the database. They allow us to define rules for model attributes, such as requiring a value, ensuring uniqueness, or excluding specific values. Rails also allows us to use custom logic for validations by using blocks or callable objects like lambdas.

What Is a Lambda in Ruby?

A lambda is a type of Proc object in Ruby with stricter rules.

  • Argument checking: A lambda ensures the number of arguments passed matches the number expected. If not, it raises an error.
  • Return behavior: A lambda returns control back to where it was called, instead of exiting the enclosing method like a regular proc.
pri…
Rails Designer 

Announcing: Build a SaaS with Ruby on Rails

I am starting a new section on Rails Designer, aptly called Build a SaaS with Ruby on Rails.

This year, next to launching the first UI components library for Rails, I published many articles every month that helped thousands of developers and teams with their UI, HTML, (Tailwind) CSS and JavaScript.

Graph of railsdesigner.com showing month over month growth That early peak was from the orange site—where an article was shared.

But something you might not know is that I have been running (successful) SaaS companies for over 10 years! I have also mentored multiple solo-founders and helped a few dozen other small SaaS teams (which is something I enjoy doing!).

This 10+ years of building and mentoring comes with lots of experience and I want to…

Saeloun Blog 

Rails 7.2 Prevents Job Scheduling Within Transactions.

In Rails applications, it is common to perform actions that depend on the successful completion of database transactions. For instance, sending a notification after a record is updated or triggering a background job.

Before

When jobs are enqued within a transaction there’s a risk they might be executed before the transaction is fully committed.

If the transaction is rolled back due to an error or other reasons, the job might still execute, even though the data it relies on was never committed to the database.

This could lead to errors such as ActiveJob::DeserializationError or RecordNotFound.

Consider a scenario where we confirm a user and want to send a notification afterwards:

User.
Hotwire Weekly 

Week 46 - Hotwire Tips from thoughtbot, Inline Form Updates, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨


📚 Articles, Tutorials, and Videos

4 tips when getting started with Hotwire - Joël Quenneville shares tips on the thoughtbot blog to help developers ease into Hotwire, including starting with standard Rails pages, structuring applications RESTfully, using dom_id for consistent IDs, and visualizing Turbo Frames to manage updates effectively.

Using Hotwire for Inline Form Updates Without Form Submission - Akshay Khot demonstrates how to create dynamic forms in Rails using Turbo and Stimulus. The tutorial guides you through building forms that update in real-time based on user input, without requiring…

Hey, AnyCable speaking! Needing help with a…

Ruby Rogues 

Kamal and Docker: Efficient Application Deployment Strategies - RUBY 660

Today, they delve deep into the world of application deployment with our special guest, Josef Stribny, a freelance software engineer and author of "Deployment from Scratch" and "Kamal Handbook". Joined by the insightful panelists, Valentino and Ayush, they explore the intricacies of deploying applications using Kamal, a minimalistic deployment tool inspired by Ruby on Rails creator David Heinemeier Hansson.
In this episode, Josef shares his expertise on Kamal’s deployment process, Docker registries, managing database backups, and the use of accessories like Sidekick for background processing. They discuss the differences between Kamal and tools like Capistrano and Kubernetes, highlighting…
All about coding 

What I wrote this week about Ruby

In the last month or so, I have only had a little time to write an article about Ruby, but I have shared some posts online. I still shared various technical posts online; I did not have time to expand them into a more extensive/deeper article.

It could be interesting to make a weekly summary of everything I write online each week. This would be an exercise in looking back and reviewing what I wrote about.

Monday: Short Ruby Newsletter - edition 113

My week started (as it always starts) with publishing the Short Ruby Newsletter on Monday: https://newsletter.shortruby.com/p/edition-113

Tuesday: Three Ruby Links #8

I followed up on Tuesday with another series that I am starting that I call Three…

Posts on Kevin Murphy 

RubyConf 2024 Recap

RubyConf 2024 🔗

RubyConf recently wrapped up in Chicago, Illinois. This post is meant to highlight the great work from all involved. I documented my updates from “on the ground” elsewhere. I hope you’ll seek out the full videos of all the sessions that interest you once they are available. Unfortunately, I couldn’t be everywhere, so this covers what I saw. I certainly did not come anywhere close to doing all the things I planned.

Day 1 🔗

Opening Keynote 🔗

Yukihiro “Matz” Matsumoto started the conference after the opening remarks. He reviewed some key features introduced in Ruby throughout the years. Ruby was originally created for a developer with the following interests:

  • Loves programming
  • Loves…
zverok's space 

Elixir-like pipes in Ruby (oh no not again)

On a new approach to implement that long-envied feature.

In Elixir1, there is a pipeline operator that allows rewriting this code:

a(b(c(d)))

into this:

d |> c() |> b() |> a()

which helps to write code in clearly visible “pipelines” corresponding to the order in which data processing is happening.

The concept is so captivating that many languages that don’t have an operator like this have either language proposals or libraries that implement one. Ruby is no exception.

This is a story of my take on implementing it.

But first…

Why we don’t need it

There have been many proposals to introduce the operator to Ruby over the years. The crucial reason they are typically met with…

justin․searls․co - Digest 

📍 Sumibi Yakiniku Kyu

This Yakiniku place in Akita was so fancy that they charge you full price if you cancel within 14 days of your reservation. It's also got a 4.2 on Tabelog. So expectations were quite high… and they were absolutely met. Every plate in the course was perfectly cut, portioned, and arranged. The quality of the meat was great. Our waitress…

Planet Argon Blog 

Emotional Intelligence for Project Managers

Emotional Intelligence for Project Managers

What’s the real key to project management success? Hint: It’s not another tool.

Continue Reading

RubySec 

CVE-2024-45594 (decidim-meetings): decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

### Impact The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. ### Workarounds Disable the creation of meetings by participants in the meeting component. ### References OWASP ASVS v4.0.3-5.1.3 ### Credits This issue was discovered in a security audit organized by mitgestalten Partizipationsbüro against Decidim. The security audit was implemented by the Austrian Institute of Technology.
Ruby on Rails 

Rails 8 demo, Rails World re-edited videos, NotificationAssertions and more!

Hey everyone, Happy Friday!

Vipul here with the latest updates for This Week in Rails. Let’s dive in!

Rails 8: The Demo
In case you missed it, Rails 8 was released last week. A new demo from DHH is now up Rails 8: The Demo showcasing its usage. The video covers getting started with Rails 8 by building a basic blog, adding a WYSIWYG editor, putting it behind authentication, making it available as PWA, and deploying to production. In just 30 minutes!

Rails World re-edited videos!
All Rails World videos have been re-edited and are up on YouTube! They also now have Japanese, Brazilian Portuguese, and Spanish subtitles thanks to Happy Scribe (a transcription platform built on Rails).

Add…

Ruby Central 

Help Make RailsConf 2025 Happen

Help Make RailsConf 2025 Happen

RailsConf is the longest-running gathering of Rails developers, dedicated to building, managing, and testing Rails applications. After almost 20 years, RailsConf 2025 will be our final conference — a celebration of the Rails community and the incredible legacy we’ve built together.

We are aiming to host RailsConf in July in Philadelphia. We’re working hard to finalize these plans and secure our venue, but we need your support to make this vision a reality.

Help Make RailsConf 2025 HappenA crowded hallway of happy developers.

Here’s how you can help

Register your interest

Let us know if you’re interested in attending RailsConf 2025 by sharing your email below! Understanding the level of interest from the community is crucial…

Alchemists: Articles 

Git Init

Cover
Git Init

Creating a new Git repository might seem trivial but there are a few tricks git init has up it’s sleeve worth talking about.

Let’s say we create a new repository like this:

mkdir demo
cd demo
git init
eza --all --group-directories-first --tree .git

The above will yield the following when using Eza to render a tree view of your directory structure:

.
└── .git
   ├── hooks
   │  ├── applypatch-msg.sample
   │  ├── commit-msg.sample
   │  ├── fsmonitor-watchman.sample
   │  ├── post-update.sample
   │  ├── pre-applypatch.sample
   │  ├── pre-commit.sample
   │  ├── pre-merge-commit.sample
   │  ├── pre-push.sample
   │  ├── pre-rebase.sample
   │  ├──…
Mintbit 

How to Skip Validations When Updating in Rails

Rails provides several methods to update records, but one that stands out for its simplicity and efficiency is update_attribute.

What does update_attribute do?

  • Direct Attribute Update: Unlike update, update_attribute targets a single attribute. This means you don’t need to pass a hash of attributes; just the attribute name and its new value.
  • Bypass Validation: The most significant feature of update_attribute is that it skips validation. This is useful in scenarios where you’re certain the new value is valid, and you don’t want to incur the overhead of running validations.
  • Callback Invocation: While it bypasses validations, update_attribute still invokes callbacks. This means before…

The Problem

Imagine you have a Rails model with a validation that ensures a value must always be greater than zero:

1
2
3
class Product < ApplicationRecord
  validates :stock, numericality: { greater_than: 0 }
end

This validation is critical for the system’s functionality…

Hi, we're Arkency 

The difference between Turbo Streams and Turbo Frames

The difference between Turbo Streams and Turbo Frames

The first point of the Rails Doctrine is “Optimize for programmer happiness”, and I personally consider this one as the one that is responsible for the huge popularity and success of RoR. I would even go one better and say that it’s optimized for non-programmer happiness, too, as we know stories of “non-technical” people starting their online businesses with Rails. A considerable part of that is possible due to Rails’ convention over configuration, and we may have different views on this one, but that’s the way the cookie crumbles.

“Optimize for programmer happiness” is finally described as: “Optimizing for happiness is perhaps the most…

justin․searls․co - Digest 

📸 Fixing bugs in production when all you have is an iPhone

Noticed an issue with Beckygram yesterday where single-video posts weren't successfully syndicating to Instagram as reels if she didn't also upload a custom thumbnail ("cover") image—which Instagram's API doesn't require.

Even though I'm in Japan with nothing but a phone, a crappy LTE signal from Google Fi (that I can't believe they charge money for), and spotty hotel Wi-Fi, I was glad to find I had the tools to fix it:

  1. Log into my Mac Studio over SSH using Terminus
  2. Run heroku run rails c to get into the production Rails console to reproduce the error
  3. Clone the repository with Working Copy
  4. Fix the bug
  5. Commit & push
  6. Wait for it to deploy

It was a relief this whole ordeal didn't take more…

Awesome Ruby Newsletter 

💎 Issue 443 - Rails 8.0: No PaaS Required

Aha! Engineering Blog 

We love bugs (and you should, too!)

img { max-height: 400px; margin-right: auto; margin-left: auto; } table, th, td { font-family: Red Hat Display, "Helvetica Neue", Arial, "Noto Sans", sans-serif; border: 1px solid var(--aha-gray-400); } th { background-color: var(--aha-gray-100); color: var(--aha-gray-900); text-align: left; } td img { margin: 0.5em auto !important; }

OK, maybe "love" is a bit strong. But the Aha! engineering team has a shocking confession: We embrace bugs in our software. Our CTO, Dr. Chris Waters, often says, "If your feature ships without any bugs, you waited too long to ship it."

Having worked at software organizations of all sizes, many engineers…

Notes to self 

Show all running apps on the server with Kamal

Kamal 2 can deploy multiple apps on a single server so it’s easy to lose track of what’s deployed. This alias will fix it.

To see all running apps on a server we need to query Kamal Proxy:

$ ssh [USER]@[SERVER]
$ docker exec kamal-proxy kamal-proxy list
Service          Host                 Target           State    TLS
dealership    	 dealearship.com      cde2433e86d6:80  running  yes
dealership-api   api.dealearship.com  82361b53174f:80  running  yes
...

But even better, we can create an alias inside config/deploy.yml:

# config/deploy.yml
...
aliases:
  apps: server exec docker exec kamal-proxy kamal-proxy list

Now running kamal apps gives us a nice rundown of what’s running which…

Notes to self 

Subclassing STI models in Rails

Here’s a short tip on opting out a specific model from Single Table Inheritance (STI).

Imagine a Vehicle model which is implemented using STI and extented with a type parameter to Sedan and Wagon models:

# Superclass
class Vehicle < ApplicationRecord
  self.inheritance_column = :type
end

# STI model
class Sedan < Vehicle
end

# STI model
class Wagon < Vehicle
end

All of this is nice except we might want to also subclass the Vehicle model as usual without any STI magic.

To do that we simply set inheritance_column to type_disabled:

# Non-sti sublassing, will behave as Vehicle
class Product < Vehicle
  self.inheritance_column = :type_disabled
end
Saeloun Blog 

Rails 7.1 Adds --parent Option To The Controller Generator.

Rails provides generators to quickly create files that follow Rails conventions.

The most power-packed one is the scaffold generator which creates a model, controller, views, and tests for a given resource.

Of course, each file can be created individually using the model, controller, and job generators.

Before

The controller generator can be used to create an ApplicationController class, which serves as the base class for all controllers in the application.

Prior to Rails 7.1, It was not possible to directly generate a controller that inherits from a class other than ApplicationController.

We need to manually update the parent class in the controller file after it has been generated.

Saeloun Blog 

Rails 7.1 Added Support For Array#intersect? To ActiveRecord::Relation.

Ruby 3.1 introduced the Array#intersect? method which returns true if two arrays have at least one common element, otherwise returns false.

fruits_list_1 = ['apple', 'banana', 'cherry']
fruits_list_2 = ['orange', 'banana', 'grape']
fruits_list_3 = ['kiwi', 'peach', 'mango']

fruits_list_1.intersect?(fruits_list_2)
=> true

fruits_list_1.intersect?(fruits_list_3)
=> false

Before

To check if two ActiveRecord relation objects have any common elements, we had to chain the intersection method with any? or empty? methods.

products1 = Product.where(id: [1, 2, 3])
=> [#<Product id: 1, name:...>, #<Product id: 2, name:...>, #<Product id: 3, name:...>]

products2 = Product.where(id: [2, 4, 5])
=>
(products1 & products2).any?
=> true

(products1 & products2).empty?
=> f…

But the ActiveRecord::Relation did not have built-in…

Ruby Weekly 

Rails 8.0 pulls into the station

#​727 — November 14, 2024

Read on the Web

💎 RubyConf is taking place right now in Chicago – we hope you're having fun if you're there, and look forward to sharing all the news that comes out next week.. ;-)
__
Peter Cooper, your editor

Ruby Weekly

A New Chapter for RubyGems: How Ruby Central is Building a Sustainable FutureRuby Central sits at the heart of the Ruby community, maintaining things like RubyGems and Bundler and running RubyConf. Here they tell the full story of RubyGems, its management, and how the new Ruby Central OSS Committee is pushing it forward.

Ruby Central

💡 Ruby Central has also…

Rails Designer 

Rails’ Partial Features You (didn’t) Know

Partials have been an integral part of Rails. They are conceptually simple to understand, but they pack quite a few smart and lesser known features you might not know about. Let’s look at all of them!

Basic rendering

Let’s look at the basics of rendering a partial.

<%= render partial: "application/navigation" %>

This will render the partial app/views/application/_navigation.html.erb. The filename starts with an underscore, but is referenced without one.

You can also omit the partial keyword.

<%= render "application/navigation" %>

So far nothing you didn’t know already, I assume.

Local Variables

You can pass variables like so.

<%= render partial: "user", locals: {user: @user}  %>
Write Software, Well 

A Small Rant on Hiring Developers in India

A Small Rant on Hiring Developers in India

Have noticed a concerning pattern when trying to hire full-time developers in India for some companies I am working with as a contractor. Mostly observed this in the Rails ecosystem in India, though I wouldn't be surprised if it's the same—or worse—for other tech stacks.

Like clockwork, every time I post about an opening, a bunch of Rails developers who work for consulting companies and outsourcing firms apply.

You’d think they’re applying for themselves. No, even though they show up as an individual applicant, they’re recruited by these firms to get clients. So, even though the client thinks they’re hiring a dedicated, full-time developer, behind the scenes, the dev is just another…

Stefan’s Blog 

Rails: add maintenance (read-only) mode to move everything off to a new server

On a recent larger migration, we wanted to move our whole app, including the database to a new server. The easiest way while keeping consistency was to put the app in maintenance mode, so no new data would be written to the (old) database. On the other hand, we have many read-only requests, so we could keep the app running for those, without any global maintenance page.

Simplest way: App wide downtime with a (styled) 503 page

Rails by default already provides html pages in public. The easiest way to make “maintenance mode” is to just kill your production puma processes, and let the webserver serve the 503 page. This is a global downtime, but it’s the easiest way to do it.

Better idea:…

Giant Robots Smashing Into Other Giant Robots 

Zero-downtime with Rails credentials

The project we’re working on is currently set to have new code released following a schedule, twice a week and the process is heavily manual. A developer needs to be online at specific times, after-hours, to limit the impact on the users. By impact we mean that the site has to be taken into maintenance mode, preventing the users from accessing the app while new code is being deployed.

The amount of time it takes to do a release varies, and there are several steps involved, which are all documented, but the list is cumbersome and can be prone to errors. When an automatic system can do it, why should a developer do it? It is a cost for the client, where they could employ our developer time…

Jardo.dev: Blog 

How to Fail at Solidus

In 2022, I spoke at SolidusConf 7 on how to make the most of the Solidus platform (or fail, by doing the opposite of my suggestions.) Solidus is a framework for building custom eCommerce stores. If you choose a platform like Solidus, you need to leverage the benefits of the platform as much as you can to reap advantages that aren’t available to less customizable platforms, like Shopify. Additionally, you don’t want to fall victim to common and avoidable mistakes. My talk helps guide you towards the best experience possible when building on Solidus.

Getting Started With Solidus

The kinds of stores that benefit the most from Solidus are high-volume businesses, stores with large catalogs,…

RubySec 

CVE-2024-43415 (decidim-decidim_awesome): Decidim-Awesome has SQL injection in AdminAccountability

## Vulnerability type: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ## Vendor: Decidim International Community Environment ### Has vendor confirmed: Yes ### Attack type: Remote ### Impact: Code Execution Escalation of Privileges Information Disclosure ### Affected component: A raw sql-statement that uses an interpolated variable exists in the admin_role_actions method of the `papertrail/version-model(app/models/decidim/decidim_awesome/paper_trail_version.rb`). ### Attack vector: An attacker with admin permissions could manipulate database queries in order to read out the database, read files from the filesystem, write files from the…
Gusto Engineering - Medium 

Managing user permissions in Tableau Cloud leveraging people [Gusto employee] data

Co-Author: Juan Aguirre

Managing permissions for sensitive data is a hard problem. Every solution that implements Identity and Access Management effectively needs to have following components:

In this blog, we are focusing on Authorization and Directory services for automating the user membership of a group on Tableau Cloud.

What this solves: automated membership into security groups on Tableau [Example]:-

  • Employee A is a member of group people partner, people lead and DEI Partner.
  • Employee Event: Employee A changes the role to focus on recruiting efforts than DEI .
  • Employee A automatically gets access to recruiting leads and maintains permission to people partner, people lead and gets removed…
This prevents any unauthorized access to Race/Ethnicity dashboards for Employee A and provides access to candidate funnel data to get ramped up…
The Ruby on Rails Podcast 

Episode 527: Evangelizing Rails with Irina Nazarova

We all love Ruby on Rails. You may remember that my first episode on this show was about whether Rails was still relevant. In the last few years, there’s been so many exciting things coming to Ruby and Rails. I have felt that excitement in the community. I’ve felt it at conferences and in my conversations with many of you. Today, Irina Nazarova joins us to talk about how we can better evangelize Rails

Show Notes
Neighbor gem https://github.com/ankane/neighbor
Irina’s Keynote https://www.youtube.com/watch?v=-sFYiyFQMU8
Rails stack from Evil Martians: https://evilmartians.com/rails-startup-stack (this includes Turbo Mount and other things Irina mentioned)
Irina’s Meetups Blog Post h…

RubyMine : Intelligent Ruby and Rails IDE | The JetBrains Blog 

RubyMine 2024.3: Rails 8 Support, Inline AI Prompts, Integration With RBS Collection, Ruby 3.4 Updates

RubyMine 2024.3 is now available!

The latest version of JetBrains’ IDE for Ruby and Ruby on Rails comes with Rails 8 support, including Kamal 2 code completion, nilability annotations from schema.rb for type support, and Solid Queue and Solid Cache code insights. 

Enhanced by JetBrains AI Assistant, RubyMine now offers faster and more contextually aware cloud-based code completion, inline AI prompts, and more context about Rails applications for unit test generation.

With built-in integration with the RBS Collection, you can benefit from the type signatures included in the RBS Collection even if you don’t use RBS in your project. RubyMine 2024.3 also includes Ruby 3.4 updates,…

Saeloun Blog 

Rails 7.1 Raises Error When Generating Model Attributes With Reserved Names.

ActiveRecord migrations are a convenient way to modify our database schema over time.

They allow us to create, modify, and manage database tables and columns, ensuring consistency across environments.

Before

Currently, ActiveRecord::Migration has a weird behaviour where we can generate migrations with reserved keywords like attributes, type etc.

bin/rails generate model Post title:text attributes:jsonb

class CreatePosts < ActiveRecord::Migration[6.0]
  def change
    create_table :posts do |t|
      t.text :title
      t.jsonb :attributes, default: '{}'
      t.timestamps
    end
  end
end

It generates the migration without any issues. But it raises error when we try to use it.

Post
SINAPTIA 

This week in #devs - Issue #4

Our #devs channel is a cross-project, shared space where the entire dev team of SINAPTIA can ask questions, share opinions, and discuss interesting articles or tech they come across. The idea is to post a curated extract of what happens there every week.

Your ActiveJobs are your service layer

The team had an interesting discussion about the role of Service Objects and Jobs in Rails applications. Fernando kicked off the discussion with this comment:

Do we really need these single-line Job objects whose only purpose is to instantiate and call a service object? Ultimately, SomethingJob.new(params).perform and SomethingService.new(params).call are functionally equivalent. Also, if we put…

justin․searls․co - Digest 

📸 Check out this deep-fried egg sandwich

Tonkatsu-fried layered omelette sandwich.

Greatest country on earth. 🇯🇵

justin․searls․co - Digest 

📍 Jikasei Baizen Coffeeann

If you're ever in the mood for a more interesting experience than Starbucks, consider visiting a high-end traditional kissaten. For about $5 out the door had table service for a fantastic hand-ground pour over and the…

Jardo.dev: Blog 

The Agile Fluency Model and eCommerce

In 2020, I had the pleasure of speaking at the first digital version of SolidusConf. It was also my first SolidusConf as a member of Solidus’s Core Team. I’d been a contributor to the project since before the fork from Spree was publicly announced, but when I started Super Good I was able to dedicate more time to managing the open-source project and that quickly landed me a seat on the Core Team.

In my talk I discussed what Agile is and how we can use something called the the Agile Fluency Model to help refine our team’s approach to software development to get the benefits of this style of development.

Solidus provides better support for Agile software development than any other…

Planet Argon Blog 

Prepare to Tack: Steering Rails Apps out of Technical Debt - Rails World 2024

Prepare to Tack: Steering Rails Apps out of Technical Debt - Rails World 2024

Robby Russell's Rails World talk redefines technical debt, showing how thoughtful maintenance can turn legacy code into a strategic asset. Watch the talk here!

Continue Reading

Schneems - Programming Practices, Performance, and Pedantry 

RubyConf 2024: Cloud Native Buildpack Hackday (and other Ruby deploy tools, too!)

I’ve spent the last decade+ working on Ruby deploy tooling, including (but not limited to) the Heroku classic and upcoming Cloud Native Buildpack. If you want to contribute to a Ruby deployment or packaging tool (even if it’s not one I maintain), I can help. If you want to learn more about Cloud Native Buildpacks (CNBs) and maybe get a green square on GitHub (or TWO!), keep reading for more resources.

Note: This post is for an in-person hackday event at RubyConf 2024 happening on Thursday, November 14th. If you found this but are away from the event, you can still follow along, but I won’t be available for in-person collaboration.

What is a buildpack?

If you’re new to Cloud Native…

Evil Martians 

Hey, AnyCable speaking! Needing help with a Twilio-OpenAI connection?

Authors: Vladimir Dementyev, Principal Backend Engineer, and Travis Turner, Tech EditorTopics: Backend, AI-Native Development, LLMs, Twilio, Go, WebSocket

Learn how to use AnyCable to integrate a voice assistant to your project with Twilio Media Streams and OpenAI Realtime API

The last 20 years has seen cascading tech revolutions, especially with how we communicate with one another. The mobile revolution! The smartphone revolution! The AI revolution(?) Things have really changed, but traditional phone calls are also still here, despite the evolving tech. Sure, we sometimes have to escalate through human representatives to reach the person who can help us, "press 2 for billing", or something…

BigBinary Blog 

Configuring webpack to handle multiple browser windows in Electron

Recently, we built NeetoRecord, a loomalternative. The desktop application was built using Electron. In a series ofblogs, we capture how we built the desktop application and the challenges we raninto. This blog is part 4 of the blog series. You can also read aboutpart 1,part 2,part 3 andpart 5.

When developing desktop applications with Electron, managing multiple browserwindows within a single app is often necessary. Whether we need to displaydifferent types of content or create a more complex user interface, handlingmultiple windows efficiently can be challenging.

In this blog, we'll explore how to configure Webpack to manage multiple browserwindows in our Electron application, ensuring that…

Ruby on Rails 

Rails World 2024 videos re-edited and localized in 3 languages

Hi everyone!

We’re pleased to announce that thanks to Rails World sponsor Happy Scribe, all Rails World 2024 videos are now available with Japanese, Brazilian Portuguese, and Spanish subtitles.

Happy Scribe is a transcription and subtitling service built on Rails, and when they reached out about sponsoring Rails World earlier this year, I had just returned from Tropical on Rails in Brazil, where many community members there asked me about localizing Rails content in other languages.

While translating and maintaining the Rails Guides presents a host of long-term challenges, these conversations did make me think. When Happy Scribe got in touch, the answer fell into our lap. We agreed to…

Write Software, Well 

Using Hotwire for Inline Form Updates Without Form Submission

Using Hotwire for Inline Form Updates Without Form Submission

On a recent client project, I had to build a dynamic form where users could select a customer from a dropdown and immediately see that customer's details update within the form, without having to submit the form or refreshing the page. The goal was to allow users to continue filling the form while reflecting their choices in real time.

To be specific, I wanted to update specific sections of the form with data fetched from the server, based on user interactions (e.g., select an option from a dropdown). The challenge: the form couldn’t be submitted during these updates, and I didn't want to use nested forms, which is forbidden anyway, because it causes unpredictable behavior. What's more,…

Eager loaded turbo frames provided a nice solution for this dynamic…

Posts on Kevin Murphy 

At RubyConf 2024

RubyConf 2024 🔗

I’m starting this post from Terminal B in Logan Airport (Boston). Waiting for my plane, I figured I might put together a post to document a quick and loose exploration of what I see while I’m in Chicago. Check out my recap post for more details about the sessions I visited.

Travel 🔗

I had a surprisingly uneventful airport experience. Got there bright and early. Left and arrived without issue.

Obligatory photo out an airplane window

For anyone landing at Midway, look for the “Ground Transportation” signs, and eventually “CTA”. The Orange Line Loop to Roosevelt will get you close to the conference hotel.

Chicago Transit Authority Orange Line Map

Hotel 🔗

I’m staying at the conference hotel. I’ve got myself a fancy city view. It’s only MOSTLY a view of HVAC systems…

Saeloun Blog 

Understanding `inverse_of` In Rails Associations.

ActiveRecord offers a range of powerful features, and one often overlooked yet highly useful option is inverse_of. This simple association option enables us to explicitly define bi-directional relationships between models.

Bi-directional Associations

In Rails, bi-directional associations refer to relationships where two models reference each other, allowing data to flow in both directions. It makes easier to query, manipulate, and maintain data integrity.

For instance, a Project has many Tasks, and each Task belongs to a Project. This allows us to traverse from a Project to its Tasks, and from a Task back to its Project.

class Project < ApplicationRecord
  has_many :tasks
end

class
Saeloun Blog 

Rails 7.1 Adds --unused Option To Detect Dormant Routes.

As projects grow and undergo refactoring, some routes can become obsolete, leading to cluttered routing files and potential confusion. These unused or dormant routes are routes defined in the configuration but not actively used in the application.

Dormant routes (extraneous routes)

Dormant routes are defined routes that are not linked to any controllers, actions, or views. These unused routes can accumulate over time, making it difficult to manage and understand the routing configuration.

Before

Identifying unused routes in a Rails application was previously a manual process. Since Rails did not provide built-in support for detecting dormant routes, developers had to rely on third-party…

The Bike Shed 

446: All about rewrites

When is it time for a rewrite? How do you justify it? If you’re tasked with one, how do you approach it? In today’s episode of The Bike Shed, we dive into the tough question of software rewrites, sharing firsthand experiences that reveal why these projects are often more complicated and risky than they first appear. We unpack critical factors that make or break a rewrite, from balancing developer satisfaction with business value to managing stakeholder expectations when costs and timelines stretch unexpectedly. You’ll hear about real-world rewrite pitfalls like downtime and reintroducing bugs, as well as strategies for achieving similar improvements through incremental changes or…

Short Ruby Newsletter 

Short Ruby Newsletter - edition 113

The one where we have two web framework releases, Rails 8 and Hanami 2.2, and two Rubies releases, Ruby 3.3.6 and JRuby 9.4.9.0 - it is the best time to code!
Code Otaku 

Streaming Rack with Falcon

An overview of how to use Falcon to stream requests and responses in Rack applications.
Ruby Central 

Ruby Central's First Annual OSS Report (2024)

Ruby Central's First Annual OSS Report (2024)

This is a web preview of Ruby Central's FIRST Annual OSS Report, for 2024, sharing everything we've been working on over the last 12 months and the impact of our work. We will be publishing a finalized report by the end of this year.

Executive Summary

From November 2023 to November 2024, Ruby Central’s Open Source Program made significant progress in enhancing the infrastructure and security of RubyGems, Bundler, and RubyGems.org, building a stable and resilient foundation for Ruby developers and organizations.

This inaugural open source report is intended to be released annually near the beginning of Q4 and coincide with RubyConf. It highlights our achievements, sponsors, team, and future…

Rails Designer 

Mathematical and Optically alignment in (visual/UI) design

Here is a quick design tip for you that will push you to the top 10% of developers!

When aligning elements there are two ways you can do it:

  • mathematical: centered based on measurements (this is what you know);
  • optical: adjusted slightly to appear centered to the human eye.

Most of the time mathematical centering will do just fine, but sometimes it will look off. That is when you have to place the element slightly off its true center. This is called optical, or visual, alignment. It is a fundamental principle in design to create more pleasing and balanced compositions.

Here is a typical example of a play-button in a rectangle. The one on the left is optically aligned, meaning I…

Andy Croll 

Use blank? and present? in Rails

When working with Rails, you often need to check if a value contains meaningful data or if it is effectively empty. Rails, for this very purpose, provides, via Active Support, two very useful methods that are mixed into all objects: blank? and present?.

Instead of…

…using a combination of nil?, empty?, and other checks:

def process_data(input)
  if input.nil? || input.empty? || input.strip == ""
    puts "No valid input provided"
  else
    puts "Processing: #{input}"
  end
end

Use…

…Rails’s blank? and present? methods:

def process_data(input)
  if input.blank?
    puts "No valid input provided"
  else
    puts "Processing: #{input}"
  end
end

# Or, using present?
def process_data(i…

Why?

The blank? and pres…

Hotwire Weekly 

Week 45 - Hotwire Live Reload, Alpine.js as an alternative, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨


📚 Articles, Tutorials, and Videos

Alpine.js as a Stimulus alternative - Felipe Vogel explores Alpine.js as an alternative to Stimulus for adding JavaScript to server-rendered pages. He highlights that Alpine.js also allows to write JavaScript in separate files, similar to Stimulus, and addresses the "Content Security Policy (CSP) build" to prohibit inline JavaScript.

How to Set Up View Components in a Rails App - Ken Greeff offers a step-by-step guide to implementing ViewComponents in Rails, helping to organize code similar to modern front-end frameworks. It covers setting up a Rails app with…

justin․searls․co - Digest 

🎙️ Breaking Change podcast v24 - Prophylactic Jet Lag

Direct link to podcast audio file

TIL that 4 AM is way too goddamn early to record a podcast. Apologies if I'm more chipper than usual, that's probably the coffee talking.

Had some great e-mails this show. You should keep the streak alive and mouth off with your fingers at podcast@searls.co.

Savor this version, folks. Gonna be at least a few weeks until you'll have another one.

Julia Evans 

New microblog with TILs

I added a new section to this site a couple weeks ago called TIL (“today I learned”).

the goal: save interesting tools & facts I posted on social media

One kind of thing I like to post on Mastodon/Bluesky is “hey, here’s a cool thing”, like the great SQLite repl litecli, or the fact that cross compiling in Go Just Works and it’s amazing, or cryptographic right answers, or this great diff tool. Usually I don’t want to write a whole blog post about those things because I really don’t have much more to say than “hey this is useful!”

It started to bother me that I didn’t have anywhere to put those things: for example recently I wanted to use diffdiff and I just could not remember what it was…

th…

justin․searls․co - Digest 

📺 The Empowered Programmer: The Searls Cut

It is finished. As mentioned elsewhere, I gave my final conference presentation at Rails World 2024 in Toronto back in September.

The tremendous organizers did me a solid by humoring my request to provide the audio and video feeds they recorded of my talk, which allowed me to create my own edit in the same basic style I've used since discovering screen recording. You can view it on YouTube if you want.

Why watch this one when the official video is also on YouTube? Well, here's what the very exclusive and deluxe and never-before-seen Searls Cut gets you:

  • No obstruction, hiding, or movement of the slides themselves—they're the star of the show, not me
  • Myself off to the side (where I belong),…
katafrakt’s garden 

Booleans Are a Trap

As developers, we love our booleans. They map perfectly into how computers work at a low level and play nicely with if statements, our primary control-flow tool. They are simple to reason about. What's not to like?

We actually like them so much that we use them for domain modeling. And that's where things get problematic. I would like to show you some examples of a mess we land in because of using booleans and to offer a better approach.

Expectations vs Reality

Domain modeling is a core responsibility of software engineers. It has many definitions, but in short it is taking some real-world problem and representing it using code, databases, network calls etc. If there's one thing we know…

Alexandre's Blog 

Perfecting Your Rails Form: Nested Attributes

In this second part of the series, let's explore nested attributes how they work and why they are so complex.
Ruby Central 

A New Chapter for RubyGems: How Ruby Central is Building a Sustainable Future

A New Chapter for RubyGems: How Ruby Central is Building a Sustainable Future

RubyGems and Bundler are the package management systems for Ruby applications used by developers worldwide. They’re also the backbone of a thriving world of Ruby software. For nearly two decades, these tools have simplified how developers develop, share, and install gem libraries, extending the simple Ruby programming language into a powerful and versatile ecosystem. 

Software engineers working in Ruby, including Rails, use these tools every day when they initialize their development environment and deploy an application, making them vital to innovation, entrepreneurship, and several aspects of the world economy. However, maintaining this essential infrastructure has been a long and complex…

justin․searls․co - Digest 

🔗 What is Build with Becky?

The people have been clamoring (clamoring!) for a demo of the hot new strength-training system everyone's been talking about, and today Becky has answered their call:

My program, Build with Becky, is designed to make progressive strength training approachable, enjoyable, and sustainable. It’s about helping people get comfortable with lifting, stay consistent, and build confidence using a structured yet mindful, grace-filled approach. 💪

If you've got 3 minutes and a functioning set of eyeballs, I hope you'll give this demo a watch. This video is the cherry on top of several years of work, and I'm incredibly impressed by how well this web app realizes Becky's vision for a more graceful…

justin․searls․co - Digest 

📄 Apple's own documentation doesn’t know about watchOS 11’s biggest feature

From Apple's support page for connecting an Apple Watch to Wi-Fi:

Note: Apple Watch won’t connect to public networks that require logins, subscriptions, or profiles. These networks, called captive networks, can include free and pay networks in places like businesses, schools, dorms, apartments, hotels, and stores.

This has indeed been my experience ever since buying the Series 0 in 2015. But because the Apple Watch can piggyback off its parent iPhone for data over Bluetooth—and because most people are never more than a few feet from their phone—odds are you've never even noticed that attempting to join a Wi-Fi network with a captive portal would silently fail instead of bringing up a…

The Rails Changelog 

028: Discussing Ruby's Data class, some Ruby quirks with Victor Shepelev

In this episode, I’m joined by Victor Shepelev, a member of the Ruby Core team and the author of Ruby’s new Data class. We dive into why Ruby needed the Data class, exploring how it fits into the language and enhances Ruby’s capabilities. Victor also shares insights on some other exciting Ruby features, including Numbered Block Parameters, the "it" keyword, and the growing role of functional programming in Ruby.

Beyond coding, Victor has a unique perspective as he’s officially enlisted in the Ukrainian Army. I had the chance to talk with him about what it’s like to balance life as a Rubyist and a soldier, and we discuss meaningful ways to support him and Ukraine.

Try Mailtrap for free

Ruby on Rails 

Rails 8.0 and more

Hi, Wojtek here. Let’s explore this week’s Rails news.

Rails 8 has been released
Along with the announcement, you can read the release changelog.

Action Controller guide improvements review
Along with the improvements, there will be the new guide “Action Controller Advanced Topics”. It’s awaiting community feedback.

Support disabling transactional tests per database
A test class can now override the default use_transactional_tests setting for individual databases, which can be useful if some databases need their current state to be accessible to an external process while tests are running.

class MostlyTransactionalTest < ActiveSupport::TestCase
  self.use_transactional_tests = true
  sk…

Fix running with BACKTRACE=1…

RubyGems Blog 

Maintainer Role

Today, we are excited to announce a new type of permission for users to have on gems. Until today, permissions on a gem were simply binary: either you were an owner on a gem, and you could do anything, or you were not an owner, and you could do nothing. In response to user requests, we have added a new option, the maintainer role.

What can maintainers do?

Like owners, maintainers are able to publish new versions of a gem. Unlike owners, maintainers are not allowed to change gem permissions, which means they cannot add additional owners or maintainers to the gem, and they cannot add trusted publishers to make automated pushes.

  Owner Maintainer …
Remote Ruby 

Solid Cable with Nick Pezza

In this episode of Remote Ruby, Andrew and Chris catch up on their week, discussing challenges with Stripe integration and the absence of Jason. The highlight of the episode is their guest, Nick Pezza, who talks about creating Solid Cable, a database-backed adapter for Action Cable, and how it simplifies infrastructure for Rails developers. The conversation dives into technical details, use cases, and the journey of Solid Cable becoming a default gem in Rails, with insights into its design, performance, and future development. Hit download now to hear more!


Ruby on Rails 

Rails 8.0: No PaaS Required

Deploying modern web apps – with all the provisions needed to be fast and secure while easily updateable – has become so hard that many developers don’t dare do it without a PaaS (platform-as-a-service). But that’s ridiculous. Nobody should have to pay orders of magnitude more for basic computing just to make deployment friendly and usable. That’s a job for open source, and Rails 8 is ready to solve it. So it’s with great pleasure that we are now ready with the final version of Rails 8.0, after a successful beta release and several release candidates!

Here are all the major new bits in box:

Enter Kamal 2 + Thruster

Rails 8 comes preconfigured with Kamal 2 for deploying your application…

Awesome Ruby Newsletter 

💎 Issue 442 - Low-poly image generation using evolutionary algorithms in Ruby

Ruby Rogues 

Inertia.js - The Modern Monolith with Jonathan Reinink - RUBY 659

In this episode of Ruby Rogues, guest Jonathan Reinink joins the Rogues to talk about what Inertia.js is and why Rails developers would want to use it.

Links

Picks


Become a supporter of this…
Posts on Kevin Murphy 

Frequently Played Nov 2024

Frequently Played 🔗

I tend to listen to the same songs or albums on repeat that are evocative of how I’m feeling or what’s going on with me. Here is what I’m currently listening to over, and over, and over, and over, again.

Great Expectations 🔗

I have to admit, I’ve never read the book.

Full Lyrics

And I learned about the blues from this kitten that I knew
Her hair was raven and her heart was like a tomb
My heart is like a wound
And I saw taillights last night in a dream about my first wife
Everybody leaves and I’d expect as much from you
I saw taillights last night in a dream about my old life
Everybody leaves, Mary why, why wouldn’t you?

Isn’t Everyone 🔗

Good luck out there everyone.

Full Lyrics

Nothing…

Ruby Weekly 

This one's for Jason Seifer

#​726 — November 7, 2024

Read on the Web

Ruby Weekly

json v2.8: Ruby's JSON Implementation Gets Faster — Ruby’s json is depended on by (almost) everything so updates like this have far reaching implications. v2.8 includes significant performance improvements (up to 1.7x faster on real world documents) and support for optionally parsing trailing commas.

The Ruby Team

🙏 My brain works in odd ways, but this update reminded me of my friend, the late Rubyist Jason Seifer, who we lost seven years ago. Gone but never forgotten, not least for his role in playing DJ Ango in a classic ▶️ Rails vs Django bit.

Rub…

Rails Designer 

Store UI State in localStorage with Stimulus

It is pretty common in SaaS apps to store certain user preferences or appearance settings. Things like font-size, theme colors or the open/closed state of an accordion.

Toggling between expanded/collapsed navigation items

(this example from my new SaaS stores the state of the navigation’s sections)

You could save those settings to the user, especially if you need to restore those between sessions or different browsers. I got you covered with this article on adding simple preferences for Rails. But if these settings don’t need to be persisted, this is a really nice and simple alternative.

It involves a small and reusable JavaScript functions and the browser’s localStorage. Let’s dive right in.

For this example I am going to store the the…

Saeloun Blog 

Rails 7.1 Adds exclude? And extract_value methods To ActionController::Parameters

Rails ActionController::Parameters is a convenient way to pass data from a request to a controller action.

It allows us to choose which attributes should be permitted for mass updating and thus prevents accidentally exposing parameters that shouldn’t be exposed.

Before exclude?

To check if the given key is present in the parameters, we can use the include? method, but ActionController::Parameters does not provide any method to check if the given key is not present in the parameters.

params = ActionController::Parameters.new(name: "John", age: 26)

params.include?("name") #=> true

After exclude?

Rails 7.1 adds exclude? method to ActionController::Parameters. It is the inverse of inclu…

The exc…

Dimiter Petrov 

"We don't deploy on Fridays"

Hearing "we don't deploy on Fridays" makes me sad, because I always encounter it as a precautionary measure.

Fear and precaution

The subtext is "it's not safe to deploy" and "if there is a problem, it takes too long to fix".

There is plenty out there about this topic. Search for "deployment on Friday". I almost forgot I've also written about this before. The arguments are more or less the same. If you are afraid to deploy, it may be because:

  • you have insufficient monitoring and alerting; or
  • the deployment process is error-prone; or
  • deployments, and thus rollbacks, are too slow; or
  • if something breaks, you don't know how to fix it; or
  • risky changes are deployed all at once (vs using feature…

Those are all valid reasons. But they're also valid reasons on a Monday morning. So, do address them.

Valid reasons to not deploy on Fridays

Still, I'd love…

Evil Martians 

How to do launch weeks for developer tools, startups, and small teams

Authors: Olga Rusakova, Head of Communications, and Travis Turner, Tech EditorTopic: Business

A launch week is densely packed with content and activities designed to announce and explain new releases and features from different angles. They are a tested promotional strategy for early stage startups (and especially for developer tools with small teams!)

A “launch week” is a tested promotional strategy for early stage startups (especially for developer tools with small teams!) They are effective at reaching your target customers from multiple channels—and can also be very cost-efficient when properly done. In this post, we’ll unravel launch weeks, determine if they’re a good option for your…

Planet Argon Blog 

Ruby on Rails vs. React: Finding the Perfect Fit for Your Web Development Project

Ruby on Rails vs. React: Finding the Perfect Fit for Your Web Development Project

Let's explore how React and Ruby on Rails can streamline your development process. This combination is a perfect fit for small teams wanting to get more done with less hassle.

Continue Reading

BigBinary Blog 

Creating blurred or virtual backgrounds in real-time video in React apps

Recently, we built NeetoRecord, a loomalternative. The desktop application was built using Electron. In a series ofblogs, we capture how we built the desktop application and the challenges we raninto. This blog is part 3 of the blog series. You can also read aboutpart 1,part 2 andpart 4,part 5.

Modern tools like Zoom and Google Meet allow us to blur or completely replaceour background in real-time video, creating a polished and distraction-freeenvironment regardless of where we are.

This is possible because of advancements in machine learning. In this blog,we'll explore how to achieve real-time background blurring and replacement usingTensorFlow's body segmentation capabilities.

Tensorflow…

RubyGems Blog 

3.5.23 Released

RubyGems 3.5.23 includes enhancements, bug fixes, performance and documentation.

To update to the latest RubyGems you can run:

gem update --system

To install RubyGems by hand see the Download RubyGems page.

## Enhancements:

  • Validate user input encoding of gem CLI arguments. Pull request #6471 by deivid-rodriguez
  • Fix gem update --system leaving old default bundler executables around. Pull request #8172 by deivid-rodriguez
  • Installs bundler 2.5.23 as a default gem.

## Bug fixes:

  • Fix commands with 2 MFA requests when webauthn is enabled. Pull request #8174 by deivid-rodriguez
  • Make --enable-load-relative binstubs prolog work when Ruby is not installed in the same directory…

## Performance:

  • Speed up gem install <nonexistent-gem> by…
Greg Molnar 

Deploying a Jekyll site with Kamal

Since Kamal 2 can host multiple sites on the same server, I am consolidating my apps into larger hosts so I have less servers to worry about. Most of my apps are Rails apps, but I have a few static jekyll sites like this blog and I decided to look into how could I move this site to a server I host other Rails apps on.

Stefan’s Blog 

Postfix + ActionMailbox - integrating into existing postfix server by using aliases + curl command

In the past, I built several e-Mail processing features using Ruby that predate the official ActionMailbox - Such as: Bounce processing, e-mail notifications, newsletters, order confirmations, forwardings etc. So before, I always used a IMAP client run by a great mail_room to fetch emails from a mailbox and process them by directly supplying them to Sidekiq queue. The internal Mail routing (Which email should be processed and shown to which customer etc.) was handled internal, as well as bounces etc. So it was time, that I try out the whole ActionMailbox stack instead, which is a more standardized solution and has great testing support.

We are using Postfix so handle our own e-mail…

Rémi Mercier 

Poking around PostgreSQL full-text search: a beginners primer

Today, I want to share a different type of post. Nothing polished. Just me goofing around with PostgreSQL’s full-text search capabilities. And yes, if you’re wondering how someone can have fun while using full-text search, well, I’m wondering about that myself.

A note: this post is beginners friendly. Even though it is long, I’ll only scratch the topic’s surface.

Let’s start with the basics!

What is full-text search?

The PostgreSQL documentation says it best:

Full-Text Searching (or just text search) provides the capability to identify natural-language documents that satisfy a query, and optionally to sort them by relevance to the query.

PostgreSQL documentation

In layman’s…

Saeloun Blog 

Rails 7.1 Supports Descending Order For in_batches Without Block

ActiveRecord::Batches provides methods like find_each, find_in_batches, and in_batches to process records in batches, reducing the load on the database and memory consumption.

By default, records are processed in ascending order by primary key(ID).

Rails 6.1 has added support for providing order(ASC/DESC) to batch processing methods like find_each, find_in_batches and in_batches.

Before

Before Rails 7.1, using in_batches without a block on an ActiveRecord relation did not support descending order, even if it was specified. Instead, records were processed in ascending order.

Note that the ordering works fine for both find_each and find_in_batches methods with ASC/DESC.

It also works…

Hanami 

Hanami 2.2: Persistence pays off

Two years ago, we released Hanami 2.0, opening a new chapter for Hanami and our vision for Ruby apps.

Earlier this year, we took another step and introduced our view layer with Hanami 2.1.

Today we complete the vision! We are thrilled to share Hanami 2.2 with you. With this release, we introduce a powerful new database layer and a brand new tool for organizing your business logic.

Persistence pays off: Hanami’s new database layer

Hanami’s new database layer gives you a clear home for every aspect of your database interactions, along with the means to build your own clean interface for your app’s business layer to consume.

When you generate a new app,…

Nithin Bekal 

avante.nvim: AI copilot in Neovim

Lately, I’ve been trying out the Cursor IDE at work. The editor itself is VS Code under the hood, but it adds a bunch of AI-driven features on top, much like Github Copilot.

I’ve found Cursor quite enjoyable to use, especially in the unfamiliar corners of the codebase, where I’m trying to understand what’s going on. However, my ideal editing environment would be Neovim with these capabilities thrown in.

Enter avante.nvim, which emulates the behavior of Cursor from within Neovim. Over the past few days, I’ve been playing around it, and found it quite pleasant to use.

Basic setup

The initial setup was really easy. I copied over the config from the readme into my lazy.nvim config, and set…

Short Ruby Newsletter 

Short Ruby Newsletter - edition 112

The one where Jeremy launched the Liminal forum and with many releases - Ruby 3.2.6, Rails 8.0.0.rc2, Hanami 2.0.0.rc1, Rails 7.1.6, Rails 7.2.2 and the big discussion about Fibers
Ruby News 

Ruby 3.3.6 Released

Ruby 3.3.6 has been released.

This is a routine update that includes minor bug fixes. It also stops warning missing default gem dependencies that will be bundled gems in Ruby 3.5. For more details, please refer to the release notes on GitHub.

Release Schedule

As previously announced, we intend to release the latest stable Ruby version (currently Ruby 3.3) every 2 months following a .1 release.

We expect to release Ruby 3.3.7 on January 7th. If any significant changes arise that impact a large number of users, we may release a new version earlier than scheduled.

Download

JRuby.org News 

JRuby 9.4.9.0 Released

The JRuby community is pleased to announce the release of JRuby 9.4.9.0.

JRuby 9.4.x targets Ruby 3.1 compatibility.

Thank you to our contributors this release, you help keep JRuby moving forward! @kares, @jpcamara, @jsvd

Ruby Compatibility

  • Various fixes for keyword arguments. #8344, #8344, #8382, #8389
  • Mutex has been fixed to check for thread interrupts (Thread#kill, Thread#raise) immediately after acquiring the lock. #8403, #8404

Standard Library

  • The fiddle library is now a default gem and can be upgraded independently of JRuby. #8385

Developer Experience

  • The core jar file of JRuby can be…
Felipe Vogel 

Alpine.js as a Stimulus alternative

Recently I discovered Alpine.js as an alternative to Stimulus for conveniently sprinkling JavaScript into server-rendered pages—and it may even be a better alternative.

You may know of Alpine as that little JS library where you write inline JS in the HTML—ewww! That’s all I knew about it too.

But it turns out that you can put the JS in separate…

Rails Designer 

Use Action Cable with Your Main PostgreSQL Database

In a recent article I wrote about broadcasting Turbo Streams without Redis. Next to using the long-available PostgreSQL adapter, there is the new Solid Cable gem.

The default installation assumes another (SQLite) database to store the “messages”. While that works if you host your Rails (via something like Kamal), if you use Heroku (like I do for all my SaaS apps), this gets tricky.

I want to highlight how to install Solid Cable and use it with your primary (PostgreSQL) database.

  1. bundle add solid_cable
  2. bin/rails solid_cable:install

So far this is the default installation. Some manual work now!

  1. Create a new migration file bin/rails generate migration CreateSolidCableTables
  2. Ope…
Drifting Ruby Screencasts 

Kamal Kitchen Sink

In this episode, we look at creating an entire infrastructure (proxy, load balancer, app servers, worker servers, database server, and a storage server) on our own hardware use Kamal to provision and deploy our Ruby on Rails application.
Hotwire Weekly 

Week 44 - Comparing Hotwire with HTMX, Nested Models in One Form, and more!

Hotwire Weekly Logo

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! There is a lot to unpack this week, Happy reading! 🚀✨

P.S. You can now find us on Bluesky too! 🦋


📚 Articles, Tutorials, and Videos

How To Use Importmaps With Rails - This GoRails episode by Chris Oliver introduces the basics of using Importmaps in Rails, a feature allowing developers to manage JavaScript modules without relying on bundlers.

Create Nested Models with One Form - Nested Attributes Explained - Vini Oyama explores in his blog post and video how to handle complex nested models in Rails using nested attributes within a single form. He provides a step-by-step guide on setting up models, controllers, and views…

Safely Passing Ruby Variables…

RubySec 

CVE-2024-21510 (sinatra): Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision

Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into this header. If used for caching purposes, such as with servers like Nginx, or as a reverse proxy, without handling the X-Forwarded-Host header, attackers can potentially exploit Cache Poisoning or Routing-based SSRF.