Issues » 132

Haml 4, more Rails releases, Ruby 2.0.0-rc2 Previous issues | Read this issue on the Web
Ruby Weekly Issue 132
February 14, 2013
More Security Releases: Rails 3.2.12, 3.1.11, and 2.3.17 Released
The Rails codebase is undergoing some serious security testing lately and so releases for critical vulnerabilities are popping up a lot. This week's releases tackle issues with serialized attributes and attr_protected circumvention.
Haml 4.0 Released
The popular template language gets a major update including SCSS, Less and CoffeeScript filters, better HTML5 support, hyphenated data attributes, and lots of fixes. Be careful when upgrading, however, as Haml 4.0 does not support Rails versions under 3.0 or Ruby versions before 1.8.7.
Rack 1.5.2, 1.4.5, 1.3.10 and More Released Due to Security Issues
Thought you were avoiding the security hassles by only using Sinatra or similar Rack-based systems? You have some updates to do as well.
From our Sponsor
Our performance data is not the only thing you'll love
Fall in love again. We have announced February as Date-a-Nerd month and to celebrate, we're sending one lucky winner on the date of a lifetime to New York City! Enjoy airfare, two nights at a boutique hotel, a Broadway show, and fine dining each night, all on us.
Getting To Know RubyMotion with Laurent Sansonetti
Pat Shaughnessy interviews Laurent Sansonetti, the creator of RubyMotion and former lead of MacRuby, about how the RubyMotion project started and what's involved with its development.
Aaron 'tenderlove' Patterson dissects the attack vector used in the recent YAML based Rails exploit.
How to Parse Ruby
"If you want to parse Ruby, I wish you luck - there isn't any documentation or a formal grammar that fully describes the language," says Thomas Figg.
Handle Incoming E-mail with Griddler
Joel Oliveira of Thoughtbot looks at Griddler, a Rails engine that provides an endpoint for the SendGrid Parse API which allows you to easily handle inbound e-mails.
Rubytune's Rails Devops/Sysadmin Cheat Sheet
A collection of command line tips and time-saving snippets. None are Ruby specific but cover things Rails app admins are likely to do.
Rails Vulnerable to Mass Assignment and SQL Injection
Thomas Hollstegge of Zweitag digs into the recent JSON parsing hole.
Refactoring Towards 'Better' Code
PORO (Plain Old Ruby Object) Validators in Rails
Effective Rails - Part 1: ActiveRecord Callbacks
Active Record Scopes vs Class Methods
Watching and Listening
Jim Weirich's Roman Numerals Kata
It's a little blurry, but Ruby legend Jim Weirich performs a live programming exercise, doing a code kata for a Roman Numerals Calculator. He gives some great tips about TDD, complexity, and refactoring that anyone could apply in their daily programming.
Contributing To Ruby
Zachary Scott is a core committer to MRI and in this recent talk at BostonRB, he looks at the ethos of open source before diving into how the Ruby contribution process works and how you can submit documentation patches of your own.
Public Activity (RailsCasts)
In the latest public episode of RailsCasts, Ryan Bates demonstrates how to add a 'user activity feed' to a Rails application using the public_activity gem.
Libraries and Code
Ruby 2.0.0 Release Candidate 2 Released
The final release of Ruby 2.0 on Sunday, February 24 inches ever closer with RC2 following a month after RC1. RC2 vs RC1 is mostly documentation improvements and bug fixes, although the CSV library's potentially dangerous load and dump methods were also removed.
BetterReceive: A More Assertive Mock
RSpec's 'should_receive' doesn't check whether or not an object responds to the mocked method which can hide code that isn't working. BetterReceive solves that.
RailsView: An Open Rails Themes Marketplace
I can't vouch for this as I haven't tried it, but it's an interesting idea.
Sucker Punch: Ruby Async Processing using Celluloid
A Ruby 2.0.0-rc2 Vagrant VM
Full-stack Web App Engineer for fast-growing SaaS company
FreeAgent are looking for a talented full-stack web app engineer to come and join their amazing team on their mission to democratize small business accounting.
Senior Developers at Envato (Melbourne, Australia)
Are you looking for an amazing team working on a top 200 site and genuinely interesting problems to solve? Envato is looking for people with experience building, testing and maintaining large scale webapps.
Web Application Developer for the Big Nerd Ranch
Seeking smart, kind folks who want to make the world a little better through bad-ass development.
Last but not least..
Nominations Open for the Ruby Hero Awards 2013
Each year at RailsConf, Code School gives awards to Rubyists who've been nominated by their peers. Head over and nominate your chosen Rubyist for RailsConf 2013 now.
Rails Security Monitor by Code Climate
Code Climate is accepting reservations to try out its Rails app security monitoring service.
Published by Cooper Press.
Want to sponsor an issue? See our Q2 2014 media kit.

© 2014 Cooper Press Ltd. Email policy Privacy policy
Office 30, Fairfield Enterprise Centre, Louth, LN11 0LS, UK
Update your email address
or unsubscribe here

ONE e-mail each Thursday. Easy to unsubscribe. No spam — your e-mail address is safe
Published by Cooper Press and curated by Peter Cooper