Ruby Weekly
Issue 393 — April 5, 2018
Benoit Larroque
Specifically CVE-2018-8778, a buffer under-read vulnerability in String#unpack. This post goes deep on what it all means, how it can be exploited, and how it’s resolved.

SideCI Team
10 points on the development of Ruby from a recent interview with Matz at the Ruby25 event. Ruby 3 will be backward compatible, and Matz plans to ‘never retire from developing Ruby’.

Semaphore  Sponsored
Tired of fragile code? This hands-on book will teach you how to build better Rails apps with confidence. Learn practical BDD from the makers of Semaphore.


Janko Marohnić
Aims to be a one-stop-shop for resizing and processing images. Uses either ImageMagick or libvips behind the scenes.

Noah Gibbs
It uses Discourse, a real-world Rails forum app, and a simulated realistic workload to benchmark the speed of Ruby.

Victor Shepelev
People are finding more use cases for the new yield_self function in Ruby 2.5, but maybe a better name could drive adoption?

Jeff Kreeftmeijer
By nesting cache fragments, views are almost never rendered completely. Even when the data changes, most of the rendered pages are served straight from the cache.


In brief