Ruby Weekly
Issue 219 — October 30, 2014
The latest production release of MRI includes a security fix for CVE-2014-8080 and tightened default settings on ext/openssl (both mentioned below). 2.0.0-p594 and 1.9.3-p550 also include the same tweaks.

Paul Sobocinski
An attempt at comparing the relative merits of Rails and Sinatra by building the same webapp with both.
Unrestricted entity expansion can lead to a DoS vulnerability in REXML (an XML processor in the Ruby standard library). It has been fixed in 2.1.4, 2.0.0-p594, and 1.9.3-p550, all released this week.

Semaphore  Sponsored
Semaphore has everything you need to automatically test any Ruby project from a Git repository on GitHub and now also Bitbucket. The service is free for open source projects and up to 100 private builds per month.


Nouran Mahmoud demonstrates, from bare essentials, how to create your own simple tagging system.

Leonard Garvey
A look at using Rollout to implement feature flags on your app, a way to roll out new features to only a subset of users.
Insecure SSL/TLS options are now disabled by default on 2.1.4+, 2.0.0-p594, and 1.9.3-p550. This may cause problems in some cases so be alert.

In brief