Issues » 127

What's new in Rails 4, big Rails vulns, Ruby 2.0.0-rc1 Previous issues | Read this issue on the Web
Ruby Weekly Issue 127
January 10, 2013
Featured
Ruby 2.0.0 Release Candidate 1 Released
The latest step on the road to Ruby 2.0's final release in late February. The default encoding for Ruby scripts is now UTF-8.
Rails 3.2.11, 3.1.10, 3.0.19, and 2.3.15 Released Due to Security Flaws
A couple of significant security vulnerabilities have been found in Rails 3.2, 3.1, 3.0, and 2.3, resulting in rapid point releases each of each. These are billed as "extremely critical" upgrades.
MountainWestRubyConf 2013 (Salt Lake City, April 3-5)
The CFP is open until January 19.
RubyConf Uruguay 2013 (March 22-23)
The CFP is open until the end of January.
From Our Sponsor
Are You Ready For Better CI?
Treat yourself with fast, amazingly easy to use continuous integration. Use coupon code RWHAPPY2013 in January and save 50% in your first month.
Reading
Multiple Vulnerabilities in Parameter Parsing in Action Pack
Billed as CVE-2013-0156 in the National Vulnerability Database, this is one of the two rather bad security vulnerabilities in many versions of Rails and could allow attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, and more. If you want to be convinced to do an upgrade or disable features as a workaround, read this.
Dependency Injection Is Not A Virtue in Ruby
David Heinemeier Hansson's latest opinion piece.
Constant and Global Optimization in JRuby 1.7.1 and 1.7.2
Charles Nutter shares some interesting implementation practicalities in JRuby and how they affect performance.
RubyFlux: Statically Compiling Ruby to Java
Last week we linked to a Ruby-to-Java static compiler project by JRuby's Charles Nutter. This post by Shawn Anderson explains more and shows off a simple benchmark.
Why I Love DATA
Caius Durling shows off Ruby's DATA variable/constant, why it's useful, and some ways you can use it.
'A letter to my daughter, Augusta, in Ruby'
In which a Ruby developer creatively expresses his affection for his daughter.
mruby-browser Is Now Called WebRuby
Xuejie Xiao's project to bring mruby to the Web using JavaScript and Emscripten now has an official name and some ideas for progression.
Cleaner Specs With Custom RSpec Example Groups
Know Your Closures: Blocks, Procs, and Lambdas
John Biesnecker shares some basics.
Watching and Listening
What's New in Rails 4 (RailsCasts Episode #400)
Rails 4.0 still isn't finished and released but it nonetheless shaping up to become a great release. In this 20 minute episode of RailsCasts, Ryan Bates shows how to set up a new Rails 4.0 (edge) application and walks through many of the new features.
Libraries and Code
rbenv 0.4.0 Released
ruby-local-exec deprecated. Now prefers .ruby-version files to .rbenv-version files (for added cross version manager support). And lots more.
DismissibleHelpers: Dismissible Help Text Helpers for Rails
Have an application where you want to add some help text for the user, but they really only need to see it once? With the dismissible_helpers gem, you can quickly add dismissible help text to your application. Demo visible online.
RubyOnRuby: Ruby Compiled to JavaScript Running on V8 under Ruby (Whoa..)
Describes itself as an 'unholy amalgam' of therubyracer's V8 engine and emscripted-ruby which provides a truly sandboxed Ruby-on-Ruby environment. An interesting experiment, at least.
μLithp: A Lisp in 27 Lines of Ruby
Ruboto 0.10.1 Released: Ruby App Development on Android
Updates JRuby to 1.7.1, changes the stdlib location to one that meets new Google Play Store restrictions, and more.
JewelryBox 1.4 Released: The Official OS X RVM GUI
Jobs
Senior Software Developer at State [London, United Kingdom]
Full Stack Software Engineer at FreeAgent [Edinburgh, United Kingdom]
Post a full job listing here in Ruby Weekly
Last but not least..
Why The Lucky Stiff's Site is Back?
The folks at Hacker News noticed that 'whytheluckystiff.net', a domain belonging to Why The Lucky Stiff, has been resurrected. Why, commonly known as _why, was an enigmatic and whimsical character in the Ruby world for many years before he went 'missing' in 2009.
Published by Cooper Press.
Want to sponsor an issue? See our Q2 2014 media kit.

© 2014 Cooper Press Ltd. Email policy Privacy policy
Office 30, Fairfield Enterprise Centre, Louth, LN11 0LS, UK
Update your email address
or unsubscribe here

ONE e-mail each Thursday. Easy to unsubscribe. No spam — your e-mail address is safe
Published by Cooper Press and curated by Peter Cooper