Ruby Weekly Issue 366: September 14, 2017

Ruby Weekly

Issue 366 — September 14, 2017

ruby-lang.org

Ruby 2.4.2 Released With Multiple Security Fixes

The vulnerabilities include a buffer under-run vuln in Kernel.sprintf and RubyGems issues. Ruby 2.2.8 and 2.3.5 are also out for the same reason.

Sandi Metz

Breaking Up the Behemoth

Three metrics that can be combined to measure the maintainability of your code and find outliers of complexity.

Brakeman Pro Sponsored

Cross-Site Scripting in Rails Applications

Cross-site scripting (XSS) is the most common web vulnerability and Rails applications are not immune. Learn how XSS can sneak into Rails apps and how to prevent it in this blog post. Want to check your code for XSS? Brakeman Pro can help.

Michael Hoffman

A Puzzle About Ruby Constants

Ruby’s algorithm for finding the definition of a constant is more complex than you might think.

Brandur Leach

Using Atomic Transactions to Power an Idempotent API

The start of a series of posts on building more robust (and data accurate) APIs by leaning on Postgres’s transactional features.

Sergii Makagon

Is Ruby Pass by Value or Pass by Reference?

An analysis of how arguments are passed in Ruby which, as you might’ve guessed, depends on many factors.

Jobs

Senior Backend Engineer @ Capcom Beeline (Vancouver, Los Angeles)Become a core member of our team. We are crafting the next-generation eSports platform for mobile games. Capcom Beeline
Full stack Ruby and Rails dev (remote)We’re a realtime platform solving complex distributed problems for the developer community. If you enjoy building web services, apply. Ably realtime
Ruby on Rails Full Stack Engineer (California, USA)The Apple Media Products Engineering team is looking for a software engineer to build and enhance algorithmic quality evaluation tools. Apple

In brief

'Effective Testing with RSpec 3' Book Has Been Released news
RSpec.info
Sublime Text 3.0 Released news
A text editor heavily used by Ruby developers in particular.
Jon Skinner
Rails 5.1.4 and 5.0.6 Released news
Official Rails Blog
14 Ruby Conferences Taking Place This Fall (2017) news
Basecamp Cancels Its Ruby Together Membership Over Concerns news
DHH on Twitter
Troubleshoot Ruby app performance with Datadog
Get to the bottom of performance issues. Dive into distributed request traces, infrastructure metrics, and more.
Datadog Sponsored
Improving Spec Speed in A Huge, Old Rails App tutorial
Goiabada
Write a JSON API from Scratch with Grape tutorial
A Rails-free approach to a JSON API in Ruby.
Brewing Bits
How to Write Your First CLI with Thor tutorial
Magnetis Backstage
How to Include Rails Associated Model Data in React Components tutorial
In short, jbuilder is your co-pilot.
Learnetto
Rails Best Practice: Persisting Addresses in PostgreSQL tutorial
A look at several solutions to storing addresses for users.
Frederick John
Graceful Shutdown of Sidekiq Processes on Kubernetes tutorial
Rahul Mahale
Using Docker Compose with Your Rails Apps tutorial
Chris Blunt
Data Sheet: Database Performance Monitoring
VividCortex is the best way to improve your database performance, efficiency, and uptime.
VividCortex Sponsored
Refactoring A Query Weighing in At 41 Lines and 2844 Chars story
Cody Boyko
How Recent RubyGems Vulnerabilities Were Patched on Heroku story
Richard Schneeman
The 11-Minute Guide to Building an Online Store with Rails and Stripe video
Hrishi Mittal
The Road to Ruby Error Domination Starts Here
ROLLBAR Sponsored
strong_migrations: Catch Unsafe Migrations at Dev Time code
Andrew Kane
did_you: A Ruby Version-Agnostic Wrapper for the 'did_you_mean' Gem code
Victor Shepelev
Karafka (Ruby + Kafka): A Framework for Kafka + Rails App Dev code
React Chat: A Chat App Built with React and ActionCable in Rails 5.1 code
Learnetto