|| ||Ruby Weekly <rw-AT-peterc.org> |
|| ||<lwn-AT-lwn.net> |
|| ||This Week's Ruby News - Issue 130 |
|| ||Thu, 31 Jan 2013 15:07:57 +0000|
|| ||Article, Thread
Ruby Weekly - A Weekly Ruby Newsletter
Issue #130 - January 31, 2013
This Week's Security Updates
I wouldn't normally link to a Hacker News discussion but it's a great
source of information. Basically, a gem was pushed to RubyGems.org that
took advantage of a YAML-parsing vulnerability to break into some of the
site's configuration files, prompting a widespread security alert. (Things
have now died down a bit, thankfully.)
Rails 3.0.20, and 2.3.16 Released Due to JSON Vulnerabilities
Fresh security fixes are out for the Rails 3.0.x and 2.3.x branches. If
you're on Rails 3.1.x and 3.2.x, you can breathe easy (for now).
How to Apply a Rails Security Patch
There may be reasons you can't upgrade your entire set of Rails gems so
you'll instead want to apply a patch. Brian Buchalter shows how it's done.
Security Announcement: Devise v2.2.3, v2.1.3, v2.0.5 and v1.5.3 Released
From our Sponsor
Monitor Your Apps' Performance Anytime, Anywhere with New Relic for iPhone
At New Relic, we want to make your life more enjoyable, even when you’re on
the go. That’s why we built a New Relic iPhone app, a new way to interact
with New Relic. The app is perfect for those on the go who need quickly
understand how their applications, servers and key transactions are
Threads, Not Just for Optimizations
Jesse Storimer looks at some potentially unexpected ways MRI uses threads.
A nice investigation.
We Can Solve The Multiple-'Default'-Stacks Problem With Rails Application Templates
Giles Bowkett picks up on the oft-forgotten Rails 'application templates'
feature for rolling out fresh apps with custom setups.
One Way 1.9 Drives Me Nuts
Do you think "if !foo" and "unless foo" are functionally equivalent in
Ruby? Ryan Davis explains why, in Ruby 1.9, they're not.
Ruby MRI Source Code Idioms #2: C That Resembles Ruby
Chief MRI spelunker Pat Shaughnessy is back with another look at MRI's C
source code, this time picking up on how you can read Ruby's C code with an
eye trained solely in Ruby patterns.
Functional Eye for the Ruby Guy
A craftily titled blog post that looks at practical applications of Ruby
2.0's Enumerator::Lazy and refinements features.
Ruby and Random
A look at why relying on 'srand' may not be the best solution and a way to
get random numbers more securely.
Padrino Framework 0.11 and 1.0
A slide deck that walks through Padrino and looks at what's coming in
versions 0.11 and 1.0.
Building a PaaS in Ruby
ActiveState are building what is essential a 'Heroku-in-a-box' which you
can run in a VM or on your own hardware cluster. This article goes behind
the scenes and shows off what other tools they're using to do it.
Ruby Speedup: Memoize those Methods
A crafty memoization/caching technique involving using ||= and a multi-line
Rails 4 Security for Session Cookies
Handling Requests Asynchronously in Rails
Refactoring the Deeply-Nested Hash Antipattern
Watching and Listening
DRb Basics: A Free MetaCasts Screencast for Ruby Weekly Readers
MetaCasts is a new screencasting venture recently launched by Mark Bates.
No money is changing hands but he kindly agreed to let Ruby Weekly readers
watch an episode all about Ruby's DRb library for free. Enjoy.
Rails Is Omakase: A Dramatic Reading
Giles Bowkett presents an amusing 'dramatic reading' of DHH's recent "Rails
is Omakase" blog post. Steer clear if you have no time for humor though.
Libraries and Code
Sinatra 1.3.4 Released: Bug Fix Release, 1.4.0 Promised Soon
Wrong: A General Assert Method with Rich Failure Messages
Wrong provides a general assert method that takes a predicate block. Hard
to remember matchers be gone. Not new but a piece of gold from the archive.
multirb: Run Ruby Code From A Prompt Across Multiple Ruby Versions
Something I've built to help me with recording my Ruby 2.0 Walkthrough.
Primo: A Better, Configurable, Default ('prime') Rails Stack.
I'm not convinced this is the answer but it's <em>an</em> answer.
split: A Rack-Based A/B Split Testing Framework
Sometimes: Let Ruby Blocks Run.. Sometimes
Ruby Infrastructure Engineer
Passionate about Ruby and infrastructure? Zendesk is looking for an
engineer to join our most excellent infrastructure team in San Francisco.
Solid challenges? Check. Smart colleagues? Check. Great culture? Check.
Software Developer (Amsterdam) - Good in Perl or willing to Learn?
Join the #1 Accommodation website of the world: Booking.com. We need 25
sharp devs to join our big Perl shop in Amsterdam. You don’t need to know
Perl, only the willingness to learn. This position is open to worldwide
candidates –visa and relocation package included. Join our international
team of hackers.
Great people, awesome workplace, and new projects all the time. Work with
seasoned pros building products people use and keep your nights/weekends
Ruby Developer at HouseTrip (London, UK)
Last but not least..
Euruko 2013: Athens, June 28-29
The venue and date for Europe's primary Ruby conference have now been
nailed down and they have a Web site ready to roll. No tickets for sale yet
but save those dates.
You opted in for Ruby Weekly at http://rubyweekly.com/ to get weekly e-mails
about the Ruby programming language.
Our mailing address is: Office 30, Lincoln Way, Fairfield Enterprise Centre,
Louth, Lincs, UK, LN11 9EJ.
You can e-mail the list maintainer directly at firstname.lastname@example.org in case of
to post comments)