Ruby Weekly Issue 797: April 23, 2026

#797 — April 23, 2026

Together with

JRuby 10.1 Released with Ruby 4.0 Compatibility — The first major release of the popular JVM-based Ruby implementation “since catching up with Ruby compatibility” gets Ruby 4.0 compatibility and shifts to a biennial LTS release cycle. There are memory improvements too: every object is 8 bytes smaller, plus tighter numeric representations.

Charles Oliver Nutter

Memetria K/V: Efficient Redis & Valkey Hosting — Memetria K/V hosts Redis OSS and Valkey for Ruby apps, featuring large key tracking and detailed analytics.

Memetria sponsor

A New Chapter for Ruby Central — After a year in post as Executive Director, Shan Cureton has left Ruby Central, along with its CFO, as the organization finds itself in financial jeopardy. When one door closes, another opens, however, and some positive, long-needed changes are coming in and you can get involved.

Jey Flores and Ran Craycraft

💡 There are also some changes to this year's RubyConf.

ERB Has a Deserialization Vulnerability (CVE-2026-41316) — Any app that calls Marshal.load on untrusted data and has both erb and activesupport loaded is vulnerable to arbitrary code execution. Upgrade your erb gem to version 4.0.3.1, 4.0.4.1, 6.0.1.1, 6.0.4 or later.

Takashi Kokubun

⚡️ IN BRIEF:

Ruby 4.0.3 has been released. It's a minor release to update ERB to v6.0.1.1 as a fix for the ERB vulnerability (above).
🕹️ The DragonRuby project has shared an update as it celebrates its 7th birthday with an SDL3-powered update of the Ruby-based game toolkit just around the corner.
In The Missing Bundler Features, Jean Boussier makes the case that Bundler's real ergonomic problems have nothing to do with its speed and are more about user control.
🎤 On the latest On Rails podcast, Intercom's Brian Scanlan talks about his team's 'AI-first' approach to working on their 15-year-old Rails app.

Optimizing Ruby Path Methods — byroot has been speeding up path methods (e.g. File.expand_path), with File.join now faster than string interpolation! A beautifully technical tour through Bootsnap internals, Ruby 4.1’s forthcoming Dir.scan, and why Shift JIS made all of this slower than it needed to be.

Jean Boussier

Selective Test Execution at Stripe: Fast CI for a 50M-Line Ruby Monorepo — How Stripe runs only ~5% of their full 1.2-million-test suite on each build using a variety of techniques like dependecy-graph analysis and heuristics for test selection.

Aditya Anchuri (Stripe)

How a Solo SaaS Founder Stopped Worrying About Rails Maintenance — See how Bonsai helped Tim go from chasing contractors to peace of mind. Hand over the hard tech debt to the experts. 🚀

Bonsai by FastRuby.io® sponsor

📄 Let's Enable MFA for All Ruby Gems – It takes a community effort to make the ecosystem safer. Matheus Richard

📺 Monitoring Cron Jobs with Whenever – A 12-minute screencast. Chris Oliver (GoRails)

📄 PII Filtering for RubyLLM with Top Secret Steve Polito

🛠 Code & Tools

mruby 4.0 Released — Built by a team led by Matz himself, mruby is a lightweight, embeddable Ruby implementation for constrained environments. v4.0 focuses on pattern matching support and adds read-only method tables for lower memory use, mirb improvements, and new gems for multitasking, benchmarking, plus a strftime implementation.

The mruby Team

💡 There's an official tutorial on all the different ways you can run mruby code.

Your Rails App Has an N+1 Problem. AppSignal Will Show You Where — AppSignal auto-detects N+1 queries and leaks. Get Sidekiq, ActionView, Puma metrics. One gem, minutes to monitor. Free 30-day trial, no card.

AppSignal sponsor

Informers 1.3: Run Modern Transformers Models from Ruby — Transformers.rb can run Transformers-compatible models from Ruby, but if a model has an ONNX variant, Informers makes it faster and easier. I’ve been running embedding models in milliseconds with this, but you can also do things like reranking and image classification.

Andrew Kane

oj 3.17 – Fast JSON parser and object marshaller. v3.17 adds a safe parser mode that enforces various limits to protect from large or heavily nested payloads.
Faker 3.8 – The long-standing artificial data generation library adds lazy loading, making it far faster to load.
🌐 LibGD-GIS 0.5 – GIS and map-rendering engine built on ruby-libgd, supporting GeoJSON layers and tiles.
Spreadsheet 1.3.5 – Library for reading, writing and modifying Excel (XLS) spreadsheets. GPL 3.0 licensed.
Single Cov 2.1 – Produce code coverage reports for Ruby code and tests.
✉️ Roadie 5.3 – Inlines CSS and rewrites relative URLs for HTML emails.
RSpec Tracer 1.1 – Specs dependency analyzer and flaky-test detector.
RatatuiRuby 1.5 – Cook up impressive TUI interfaces with Ruby.
Versionaire 15.2 – Immutable, semantic version type.

📰 Classifieds

Faster CI without rewriting your workflows. Depot CI supports GitHub Actions syntax — just faster.

🧪 Claude Code writes better tests with a coverage feedback loop. Read about the experiment.

📢 Elsewhere in the ecosystem

✉️ Sup is a Ruby-powered terminal-based email client with Gmail-like thread-centered archiving, tagging and muting, plus you can write hooks in Ruby. It's nearly twenty years old, but v1.4 just landed.
Git 2.54 has been released. git history offers a new, easy way to edit commit messages or interactively split a commit into two. You can now also define hooks in config files rather than just in .git/hooks and run multiple hooks for the same event in this way.
Cloudflare has released a preview of a new cf tool for working with its various services from the terminal.
🐘 The first draft of the PostgreSQL 19 release notes has been written. The final release is expected in September.
🇯🇵 I'm looking forward to covering some of the RubyKaigi news next week (it's currently taking place in Japan) especially after seeing this cryptic X post by k0kubun saying "Ruby is faster than C" (!)