|| ||Ruby Weekly <rw-AT-peterc.org> |
|| ||<lwn-AT-lwn.net> |
|| ||This Week's Ruby News - Issue 137 |
|| ||Thu, 21 Mar 2013 18:02:26 +0000|
|| ||Article, Thread
Ruby Weekly - A Weekly Ruby Newsletter
Issue #137 - March 20, 2013
Rails 3.2.13, 3.1.12 and 2.3.18 Released: New Security Issues
Four new security issues (symbol DoS vulnerability in ActiveRecord, XML
parsing vulnerability, and two XSS vulnerabilities) have forced the quick
release of some new Rails versions. Careful, though, as 3.2.13 is proving
less simple of an upgrade as would be suspected (see item below).
Beware Rails 3.2.13: Performance Regressions and Major Bugs?
The minor security release of 3.2.13 doesn't seem to be as simple as it
would appear. Numerous bugs seem to have crept in and <a
experienced a major issue</a> upon upgrading. The biggest problems are a
change in <a href="https://github.com/rails/rails/issues/9813">how scopes
work</a> and <a
with asset path resolution.
The Ruby on Rails Tutorial for Rails 4.0 (Beta) Available
A Rails 4.0–compatible version of Michael Hartl's popular 'Ruby on Rails
Tutorial' book is now available online. The e-book and screencast versions
will be available once Rails 4.0 is officially released, however.
RubyGems.org Gets a Snazzy New Blog Design
From our Sponsor
How Fast Are Your Tests? Try Tddium's Parallel CI For One Month Free
Solano Labs, the maker of Tddium, has integrated major updates to make the
product easier to use, and we want to share these awesome changes with you.
These changes include Github Sign-In, Pull-Request & Status
Integration. Heroku Single Sign-On. Flowdock. BitBucket. Simple Setup
Hooks. Our parallel optimizations usually get your build results 10 to 20
times faster. <a href="http://www.solanolabs.com">Sign up</a> for a free
one-month trial using promo code <code>MarchRubyWeekly</code> and see for
yourself. Visit us at <a
href="http://support.tddium.com">http://support.tddium.com</a> and let us
know how to make this product work even better for you.
Understanding Method Lookup in Ruby 2.0
Method lookup has changed a little in Ruby 2.0 with both the introduction
of Module#prepend and a number of optimizations made at the VM level.
Marc-André Lafortune looks at the bigger picture here.
Ruby delegate.rb Secrets
Jim Gay shows off the 'delegate' library and Delegator class that comes in
Ruby's standard library.
Happily Upgrading Ruby On Rails At Production Scale
Envato's marketplace sites recently upgraded from Rails 2.3 to Rails 3.2
with no downtime despite handling 8000 requests per minute. The team shares
some of their story.
A Practical Guide to Using Signed Ruby Gems
A three part series of posts on making gems more secure. It starts with <a
href="http://blog.meldium.com/home/2013/3/3/signed-rubygems-part">a look at
a new Bundler feature</a> which can enforce signing policies on gems, but
moves on to <a
signed gems on Heroku</a> and <a
your own gems.</a>
Customize Your IRB
Stephen Ball demonstrates how to customize your IRB installation from the
prompt and default gems through to things for Rails and command history.
Giles Bowkett's 'Unf**k A Monorail For Great Justice'
Not one to shy away from a controversial title, Ruby's l'enfant terrible,
Giles Bowkett, is back with an incisive look at how to get large,
monolithic Rails apps back on track. But yes, it costs money.
The Inadequate Guide to Rails Security
Testing Subdomains in Rails with xip.io
Watching and Listening
Ruby Rogues: Patterns of Enterprise Architecture with Martin Fowler
The Rogues sit down with the esteemed Martin Fowler (of Agile fame, not the
EastEnders character) to discuss patterns, service layer, and similarly
tasty 'serious developer' stuff.
PeepCode Now Has an iOS App
The popular PeepCode screencasting site (to which many of you are
subscribed, I'm sure) now has apps for iPhone and iPad users so you can
more easily watch their entire video library on the go. I've given it a
quick go and it seems pretty good.
Libraries and Code
minitest 4.7.0 Released
The minitest library, as included in the Ruby standard library, has been
updated with a key enhancement: the MiniTest::Spec class has been <a
into a more easily extended DSL module.</a> In turn, minitest-spec-rails
has had <a
update</a> which uses this new module to avoid a lot of monkey patching.
Huginn: Build Agents That Perform Automated Tasks for You Online
Think of it as Yahoo! Pipes plus IFTTT on your own server. It's built in
Rails and looks pretty impressive.
SitePrism: A Page Object Model DSL for Capybara
SitePrism gives you a simple, clean and semantic DSL for describing your
site using the Page Object Model pattern, for use with Capybara in
automated acceptance testing.
ActionCost: Counts SQL Queries Per Controller Action in ActiveRecord
Hooks into ActiveRecord (and RecordCache, if used) and counts the number of
SQL queries per controller action and per table.
Scorched: An 'Evolutionary Enhancement of Sinatra'
A generic, unopinionated, DRY, light-weight web framework for Ruby.
Ruby Developer for Financial Tech Startup (SF Bay Area)
Software startup in stealth mode finds hidden treasures among asset
management debris. Can you write Ruby code, create the algorithms, mine the
data, and deliver tools to return the treasure to its owner? We explore,
map, and match assets with owners.
Software Engineering /Academic Applications Developer at Dartmouth College [Hanover, New
Software Engineer at Nextpoint [Madison, Wisconsin]
Last but not least..
SliceCraft: PSD to Modular Haml, Sass, Compass and CoffeeScript for Rails Apps
We deliver on time, have expert knowledge on Haml, Sass, Compass &
CoffeeScript and understand the Rails asset pipeline. How’s that for a
change? <a href="http://www.slicecraft.com/our-track-record.html">Check out
our track record too.</a>
You opted in for Ruby Weekly at http://rubyweekly.com/ to get weekly e-mails
about the Ruby programming language.
Our mailing address is: Office 30, Lincoln Way, Fairfield Enterprise Centre,
Louth, Lincs, UK, LN11 9EJ.
You can e-mail the list maintainer directly at firstname.lastname@example.org in case of
to post comments)