I recently went on a brief deep dive into 103 Early Hints because I looked at a Shakapacker PR for adding 103 Early Hints support. Here’s what I learned.
Briefly, 103 Early Hints is a status code for an HTTP response that happens before a regular HTTP response with content like HTML. The frontrunning response hints to the browser what additional assets (javascript, css) the browser will have to load when it renders the subsequent HTTP response with all the content. The idea being that the browser could load those resources while waiting for the full content response to be transmitted, and thus load and render the complete page with all its assets faster overall.
If...
Direct link to podcast audio file
Post-recording update: As I've been lobbying for (both publicly and behind the scenes), it has been announced that the RubyGems and Bundler client libraries are being transferred to Matz and the Ruby core team.
Mike McQuaid (of Homebrew fame) and I scheduled this episode of Hot Fix a week before the Ruby community exploded. Hot Fix is all about getting spicy, but even we were a little wary of the heat in that particular kitchen. The problem Mike brought to the table is the same one he's always on about: open source is not a career. Incidentally, Mike's favorite topic also happens to be relevant to the latest RubyGems controversy—because it all boils...
Not content to miss out on the...
Earlier today, the Ruby core team announced the transfer of repository ownership for RubyGems and Bundler to the Ruby core team. This decision reflects our shared commitment to the long-term stability and growth of the Ruby ecosystem.
While repository ownership has moved, Ruby Central will continue to share management and governance responsibilities for RubyGems and Bundler in close collaboration with the Ruby core team. We remain deeply committed to strengthening security, performance, and the developer experience through ongoing investments, grants, and active development.
Dear Ruby community,
RubyGems and Bundler are essential official clients for rubygems.org and the Ruby ecosystem, bundled with the Ruby language for many years and functioning as part of the standard library.
Despite this crucial role, RubyGems and Bundler have historically been developed outside the Ruby organization on GitHub, unlike other major components of the Ruby ecosystem.
To provide the community with long-term stability and continuity, the Ruby core team, led by Matz, has decided to assume stewardship of these projects from Ruby Central. We will continue their development in close collaboration with Ruby Central and the broader community.
We want to emphasize the following...
Two weeks after beta1, it’s time for 2.3 beta2!
This will be our last beta, and we’re aiming for the full 2.3 release in two weeks. Read on to see what’s new.
hanami run commandYou can now can run your own scripts and code snippets with the hanami run command!
$ bundle exec hanami run my_script.rb
$ bundle exec hanami run 'Hanami.app["repos.commit_repo"].all.count'
Our previous approach to action formats config (config.formats in action classes or config.actions.formats in app or slice classes) made it too hard to configure and use your own custom formats. We’ve now overhauled this config and...
This is an important...
Just like git, jj offers tiers of configuration that layer on top of one another. Every setting can be set for a single repo, for the current user, or globally for the entire system. Just like git, jj offers the ability to create aliases, either as shortcuts or by building up existing commands and options into new completely new commands.
Completely unlike git, jj also allows configuring revset aliases and default templates, extending or replacing built-in functionality. Let’s look at the ways it’s possible to customize jj via configurations. We’ll cover basic config, custom revsets, custom templates, and custom command aliases.
Let’s start with some configuration basics. You...
Active Storage is a wonderful library for managing file uploads in Rails. But terms like blob and attachment are easy to mix up, and that confusion can remain even after you’ve been using Active Storage regularly. I’ve run into that myself. I’ve used Active Storage for a long time in several projects, without ever really understanding how models, blobs and attachments worked together.
So I decided to read up and really understand the whole system, and what follows is my understanding of the Active Storage domain model. Once you understand their roles, it becomes easier to reason about file uploads, deletions, and reuse. This understanding is really useful as your app grows over time and you...
#771 — October 16, 2025
Ruby Weekly
Lost in Minitest? Start Here! — I’m a big Minitest fan, but RSpec is still the most common testing framework in most survey results I see. Remi’s article will help, though, if you want to make the move to an option that comes with Ruby’s standard library and is the default solution in Rails.
Remi Mercier
💡 If you still prefer spec-style tests, Remi followed up with a look at Minitest::Spec, a way to get spec-style syntax in Minitest.
❤️ Giving Back After 17 Years in Rails — After building 50+ Rails products, we’re giving back with a free 30-min tech...
I am excited to introduce Perron, an OSS Rails-based static site generator (SSG). This one has been in the making for years. Not that the actual building took years—it was just a few hours every week over the last months—but conceptually I have been thinking about this for a long time.
Want to check it out right away? Check out and ⭐ the repo or explore the docs. 👈
So... another static site generator? In 2025? While there are already hundreds (thousands?) of similar tools out there? Why?!
Good question! For one, because I can. 🤷 But more importantly all of the existing (great!) SSG, including those written in Ruby, do not match the framework I built my products in, which happens to be...
system = { users: [ { username: 'alice', role: 'admin', email: 'alice@example.com' }, { username: 'bob', role: 'user', email: 'bob@example.com' }, { username: 'charlie', role: 'moderator', email: 'charlie@example.com' } ]}moderator = system[:users].find { |u| u[:role] == 'moderator' }email = moderator[:email] puts email # charlie@example.comNow here is doing the same thing in Ruby using pattern matching:
system = { users: [ { username: 'alice', role: 'admin', email: 'alice@example.com' }, { username: 'bob', role: 'user', email: 'bob@example.com' }, ...Our friends at FastRuby share how to spot the quiet warning signs of growing technical debt and how to address it strategically instead of reactively.
Debugging AI agents shouldn’t mean digging through endless JSON. AgentPrism, an open-source React component library by Evil Martians, turns raw OpenTelemetry traces into clear visualizations, instantly revealing loops, errors, and cost spikes. Built with Quotient AI, AgentPrism helps teams ship reliable, production-grade AI systems up to 5x faster.
AI agents fail silently, loop endlessly, skip steps, and give wrong answers. If you're debugging them by parsing JSON logs at midnight, you're suffering needlessly. At Evil Martians, we've built enough AI agents to intimately know this pain: 4-hour...
Sometimes, when working in a feature branch, you’ll find yourself wishing you could segment your work without having to create and maintain multiple feature branches. Thankfully, Git has a nifty way of handling this use case via empty commits. Example:
git commit --allow-empty --no-verify --message "----- End of API Work -----"The above can broken down as follows:
--allow-empty: Makes empty commit creation possible.
--no-verify: Bypasses Git Hooks since empty commits will most likely trip up your lint checks.
--message: Specifies the commit subject. The five dashes (-) on each side of the message makes for a nice — and clear — visual que when reviewing...
When creating an empty commit, you’ll only have the commit message (subject) which, as shown above, is: "----- End of...
I'm two weeks behind on the newsletter, so I was trying to be responsible by resisting the urge to document the success I've had with my current coding agent setup. My self-restraint has paid off, as Peter Steinberger essentially wrote the exact post I was planning to write.
There's lots of good nuggets in here, and it's uncanny how many I agree with:
In part one of this series, we walked through how to use Showcase in a Rails app.
It's now time to read some Ruby code written by experienced Rails developers. To do this without getting lost, we'll choose one feature of the showcase engine and analyze how it works: rendering a preview of a component.
Let's get started!
If we visit http://localhost:3000/docs/showcase/previews/components/button in the browser, we should see the complete documentation for a button component:
Showcase button documentation
According to the showcase documentation, this view is generated by the following code in the test/dummy application:
<%#...psych to load the YAML files for locales.If you have something like this in your en.yml file:
en: terms: yes: Yes no: No switch_on: On switch_off: Off accept: true reject: falseAnd then you will try to load them via Rails console like this:
I18n.locale = :en # make sure you have set a default localeI18n.backend.send(:translations)[:en][:terms]# => {true => true, false => false, switch_on: true, switch_off: false, accept: true, reject: false}Notice there that there is no key yes, no and more so all values Yes, No, On Off, true, false were converted to TrueClass or FalseClass in Ruby.
That for me was quite interesting so I dig deeper to understand...
There seems to be a lot of confusion about vision and mission statements, what each is for, and how they should be structured. I honestly could not find a canonical definition for either. So, I wrote my own. Values are equally as important, so I've included them here, too.
A vision statement should be an inspirational postcard from an aspirational future. It should be brief. It should paint a picture. And it should make you wish you were there!
A great example is Microsoft's 1980s vision statement:
A computer on every desk and in every home, running Microsoft software.
A mission statement describes an organization's reason for being. These statements often take the structure of,...
In the first three parts of this guide, we set about building up a way that works with a table called books to display these records through some controller actions, and to allow us to create more and edit them in forms.
In this part, we’re going to cover how we can set up an association to books called reviews. We’ll create a new table for this, and work out how to display reviews next to books on the books.show page. In this part, we’ll be spending a lot of time working back on our repositories and relations.
To get started, we first need to create a table called reviews....
Lexxy is a new rich text editor for Action Text, developed by Basecamp. It is built on top of Lexical.
Lexical is a fast, robust, flexible framework for building text editors, developed by Meta (and used in WhatsApp and Facebook apps).
Lexxy makes it easy to write and format rich text content. It is designed to work smoothly with Action Text and Active Storage, so users can add images, videos, and other files directly in the editor.
Lexxy was created because Trix didn’t meet Basecamp’s expectations or support all the features they wanted to offer. With Lexxy, the team now has a strong foundation to build on.
Let’s see which features Lexxy...
In my previous post, I talked a lot about how Minitest comes in various syntax flavors. One flavor I did not cover much is Minitest’s spec extension.
Before I dive in with a dedicated post about assertions, I want to cover this RSpec-style way of writing tests.
As I wrote in my previous post, Minitest comes in multiple flavors:
def test_this_method
test "this method"
Minitest::Spec: it "tests this method"
Each flavor changes the syntax we use to define our test files and our test examples. The changes in the DSL are minimal, in the sense that they all look familiar to Ruby developers.
Assert...
Aji and Sally sit down to discuss their struggles with ADHD and the systems they have in place to stay focused at work.
They each share the note taking systems and tools they use to navigate a normal working day, how they came to fully understand and manage their ADHD, and Sally reminds us all why it’s very important to use a slash in your Slack reminders.
—
This episode of the Bike Shed has been sponsored by Judoscale - Autoscale the Right Way, check the link for your free gift!
Try out the reminder app Aji mentioned in this episode to help keep yourself on track.
Your hosts for this episode have been thoughtbot’s own Sally Hall and Aji Slater
If you would like to support...
Ruby takes a large part of its inspiration from two older languages:
I’ve been in kind of a writers block, for all kinds of reasons, personal and professional. I started to think about an article that I could write that would get my fingers typing, and drifted into what I could do for another "Better Know A Ruby Thing", started thinking about String literals, wondered how I would answer the question of why Ruby has so many ways to write String literals.
The answer to that is that most of them were inherited from Perl.
In fact, a lot of Ruby’s more unusual syntax was taken from Perl.
And then I realized...
I have a Boss Katana-50 MkII combo guitar amp. This is far from unique, but it serves my needs. It more than serves my needs, given I pretty much use it as a pedal platform.
My amp on the floor, with my pedalboard in front of itYou could argue that this is redundant given the built-in features of the Katana, and you wouldn’t be wrong. But it’s more fun for me to tweak knobs and dials that I can more easily see than play with presets. Or, even worse, have to connect it to my computer. I’m trying to get away from the computer!
Anyway, it works great for my use case, with one minor problem. I’m guessing it might sound a little...more like it’s supposed to...if the speaker wasn’t pointed at my feet.
I had an opportunity to reunite with my...
We’ve spent the last decade optimizing for scale. How do we handle more traffic? More users? More engineers? The assumptions were baked in: Growth is coming. Prepare accordingly.
So we split things apart. We mapped services to teams. We built for the org chart we were about to have.
Then 2023 happened. And 2024. And now 2025.
Turns out, the future isn’t always bigger.
What if your team gets smaller? Not as a failure scenario. As a design constraint.
What if you architect with the assumption that in three years, you’ll have less capacity than you do today? Less engineers. Less time. Less runway to maintain complexity.
How would that change what you build...
Have you ever felt completely stuck on a task, unsure of how to move forward? In the fast-paced world of work, it’s easy to get bogged down by blockers and context switching. This blog post details actionable productivity habits. These aren’t just concepts to grasp, but practical strategies to implement consistently until they become ingrained. By adopting these habits, you can overcome common challenges and significantly boost your work efficiency.
Proactively address challenges and adapt your approach to consistently overcome blockers and ensure continuous progress.
When I’m working on a task, I often feel blocked, sometimes by design decisions or other external factors, but I...
DHH unveiled Rails 8.1 during his keynote at Rails World 2025, releasing the first beta live on stage. This new version brings a suite of tools aimed at making Rails apps simpler to build, maintain, and collaborate on. With a strong focus on developer experience and consistent workflows, Rails 8.1 helps teams sidestep common frustrations and work together more smoothly.
Continuous Integration (CI) is a cornerstone of modern Rails development. It’s a common pain for developers to run tests with slightly different commands on their own machines, while CI servers like GitHub Actions or CircleCI use their own scripts; they might also have different versions of bundler or a specific gem...
Something that's been on my mind lately: Why is a customer going to choose my product? There's tens to hundreds or even thousands (looking at you CRM's) of every app for every problem. Why would someone choose mine?
Price? I'm a firm believer in charging a price that works for the customer and for you. Competing on price is a race to the bottom. If this is where you are at, you've already lost.
Features? Maybe but that's a grind and a bit whack-a-mole. Having all the features someone could ever want waters down a product. Honestly, it makes products confusing. How do you build work flow and create value for the customer when the customer is anyone and the work flow is anything?
Something...
A recruiter sent me this screenshot of some kind of GitHub profile scraper. Aside from naming me as a "top 1%" JavaScript developer (which I'm not sure is a compliment or a threat...), I just couldn't get over the "active on weekends" checkmark.
Lady, on weekends I charge double. 🤌
Exceptions are a fundamental part of programming in Ruby, allowing developers to handle errors gracefully and ensure robust, fault-tolerant applications. Ruby’s exception-handling mechanism is intuitive yet powerful, enabling developers to raise errors when something goes wrong and rescue them to prevent application crashes. In this 2000-word guide, we’ll explore how to raise and rescue exceptions in Ruby, covering the basics, advanced techniques, best practices, and real-world examples.
Exceptions in Ruby are objects that represent errors or unexpected conditions during program execution. When an error occurs—such...
Now that you hopefully have an idea of how to operate jj, let’s look at the commands you need to get work done in jj. One great aspect of jj layering on top of git repos is that the git repo is still there underneath, and you can use any git command exactly like you usually would if there’s anything missing from your jj workflows.
The flow to create and send a PR will probably look pretty familiar: use jj git clone to get a copy of the repo, make your changes, use jj commit to create your new commits. When you’re ready, use jj bookmark set NAME to give your changes a name and jj git push to create a new branch on the remote. Use GitHub.com or gh pr create --head NAME...
If you amend the commits in your PR, you can force-push the...
Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨
Create a Kanban board with Rails and Hotwire - Rails Designer builds a drag-and-drop Kanban UI using Stimulus + SortableJS + Rails Request.js, backed by a model structure and minimal controller logic.
Preventing edit conflicts in Rails with Turbo and Stimulus - Nicolás Galdámez on the Unagi Blog shows how to lock records when a user begins editing, broadcast lock status across clients with Turbo Streams, and unlock automatically using Stimulus listeners on navigation or page unload.
Improving Turbo Frame UX with the busy Attribute - Victor Cobos...
A good week for Hanami 2.3 prep. My goal is to release beta2 in a week, so before then I wanted to address a few of the longstanding issues that would be best served by some extra community testing time.
The first was this router performance improvement by Kyle. A small amount of code, but a lot of great discussion along the way, and ultimately a big impact on our runtime router performance and we took an inadvertent hit while addressing some behavioural bugs for Hanami 2.2.
Second major thing was clarifying and improving the flexibility of configuring formats for Actions. This should make it much easier to have format configuration in a parent action class (or in app config) while...
This week I was away on a little trip to Paris to attend a Paris.rb meetup and meet some friends, so I was less productive, but still got some stuff done, and still managed to do some work on Papercraft. Here’s what’s changed:
Up until now, perhaps the biggest limitation of Papercraft was that you couldn’t use it in an IRB session. That was because Papercraft always compiles your templates, and for that it needs access to the templates’ source code. But if you’re defining a template in IRB, where is that source code?
Then, while taking the train to Paris, it occurred to me that maybe IRB keeps the lines of code you input into it somewhere, and maybe it would be...
With the help of many new contributors, and after many late nights wrestling with make, we are happy to (slightly belatedly) announce the 0.2 release of rv!
This version dramatically expands support for Rubies, shells, and architectures.
Rubies: we have added Ruby 3.3, as well as re-compiled all Ruby 3.3 and 3.4 versions with YJIT. On Linux, YJIT increases our glibc minimum version to 2.35 or higher. That means most distro releases from 2022 or later should work, but please let us know if you run into any problems.
Shells: we have added support for bash, fish, and nushell in addition to zsh.
Architectures: we have added Ruby compiled for macOS on x86, in addition to Apple Silicon, and added...
In July, I wrote a short tutorial called Code Reloading for Rack Apps. It laid out all the pieces required to get Rails-like code reloading in Rack app using Zeitwerk. Today, I'm announcing that I've put the main pieces of that in a gem!
At the moment Burg.rb (pronounced 🍔🐝) has no documentation, but if you follow the tutorial I'm sure you'll figure out how to use it. I'm using Burg.rb in an app that's deployed in the wild right now. My plan is to continue extracts the more framework-y bits of that app into Burg as they stabilize.
I hope that in its current state, Burg serves as a decent reference for getting code reloading working in a Rack app. If I have time at some point, I might even...
Java 9 added the ability to mark a @Deprecated annotation with a "since" version, so we figured it was worth updating JRuby.
Deprecation is the process of marking a feature as "no longer supported" or "on its way out", usually in a programmatic way so users can see warnings at build time. Nearly all languages and ecosystems have some way to mark features, APIs, or libraries as deprecated.
In Java 1.4 and earlier, this was done via the @deprecated directive (note lower-case "d") in JavaDoc, which was great for documentation users but required extra processing by source-level tools and was not visible to any tools at runtime.
Java 1.5 introduced a new annotation java.l...
Yesterday, we released our Security Incident Report, a comprehensive review of the September AWS root-access event. The report reflects both independent and internal analysis, outlining what occurred, what was verified, and the actions we’ve taken to strengthen our systems and practices.
You can read the full report here → Rubygems.org AWS Root Access Event – September 2025
The findings confirm that this was a procedural lapse in credential management for production hosting after a person was discharged.
Where We Are Now
All RubyGems.org services remain stable, secure, and operational.
The triggering event revealed weaknesses in credential management practices, which we have corrected. All...
Hello! Earlier this summer I was talking to a friend about how much I love using fish, and how I love that I don’t have to configure it. They said that they feel the same way about the helix text editor, and so I decided to give it a try.
I’ve been using it for 3 months now and here are a few notes.
I think what motivated me to try Helix is that I’ve been trying to get a working language server setup (so I can do things like "go to definition") and getting a setup that feels good in Vim or Neovim just felt like too much work.
After using Vim/Neovim for 20 years, I’ve tried both "build my own custom configuration from scratch" and "use someone else’s pre-buld...
Hi, it’s zzak. Let’s explore this week’s changes in the Rails codebase.
New documentation PR is up for community review
The Rails Initialization Guide covers how Rails boots up, including the internal method calls, file load order, and how to hook into the initialization process.
If you want to help by reviewing, find the PR here: https://github.com/rails/rails/pull/55862
Add link-local IP ranges to RemoteIp default proxies
This PR updates the RemoteIp middleware to include the following link-local addresses as trusted proxies: 169.254.0.0/16 for IPv4 and fe80::/10 for IPv6.
Don’t ignore X-Forwarded-For IPs with ports attached (again)
A change originally requested over 4 years ago lands...
Use time.iso8601
Use time.to_fs(:iso8601)
For example, to compare two DateTime values maybe you can try to write it like this:
def test_question_answered_at_the_same_as_survey assert_equal question.answered_at, survey.answered_atenddescribe 'question#answered_at' it 'is the same as survey' do expect(question.answered_at).to eq(survey.answered_at) endendThis approach can cause issues if there are microsecond delays when saving...
Ruby Central posted an extremely concerning "Incident Response Timeline" today, in which they make a number of exaggerated or purely misleading claims. Here’s my effort to set the record straight.
First, and most importantly: I was a primary operator of RubyGems.org, securely and successfully, for over ten years. Ruby Central does not accuse me of any harms or damages in their post, in fact stating "we have no evidence to indicate that any RubyGems.org data was copied or retained by unauthorized parties, including Mr. Arko."
The actions I took during a time of great confusion and uncertainty (created by Ruby Central!) were careful, specific, and aimed to defend both Ruby Central the...
I’ve been thinking about what happens when open source organizations hit their breaking point... when funding dries up, relationships fracture, and everyone’s scrambling to make sense of what went wrong.
It turns out, the patterns look familiar.
Open source projects rarely start with governance documents. They start with people solving problems. Infrastructure gets donated. Roles emerge organically. Someone’s AWS account becomes the infrastructure. Someone’s time becomes the bottleneck. Someone’s relationships become the organization.
This works remarkably well... right up until it doesn’t.
The moment you try to formalize what’s been organic, you discover all the...
Maintaining a Ruby on Rails application often slips down the priority list. Everything seems fine, until suddenly it isn’t. A gem update breaks a feature, a security flaw makes headlines, or your app refuses to deploy after a server upgrade. When that happens, teams scramble to find help, often at the worst possible time. This "as-needed" upgrading approach may appear cost-effective in the short term, but it leads to stress, downtime, and unpredictable expenses.
But there is a smarter path forward: fixed-cost monthly maintenance. In this post, you’ll see why investing in a maintenance retainer is better than reactive upgrades, and how our service delivers value month after month.
Just a list of haikus, mostly written when I was (削除) working (削除ここまで) dying of boredom in marketing. Making fun as a tool to push through.
PH sends crazy traffic
A scream splits the office
Forgot the sign-up form on my website
---
Outbound marketing is dead
They love data now
Who wants my huge billboard
---
Growth hacker they say
Hottest job right now
Crunch data in excel
---
PR agency nowadays
Is 2.0
Starts its tweets with a handle
---
Beta launch due
Bug riddled
Push to prod anyway
---
SEO course today
Teacher says
Meta keywords rock
---
Tweet about...
[TL;DR, Ruby Central has alleged that after he was notified that the board had voted to remove his production access to RubyGems.org, André Arko accessed the Ruby Central AWS account without authorization and proceeded to change the root password. 👇]
For context, last week I wrote a post bringing to light a number of things André Arko had said and done in the past as a way to provide some context. Context that might explain why any of the principal actors involved in the RubyGems maintainer crisis (summarized well up to that point by Emanuel Maiberg) would take such otherwise inexplicable actions and then fail to even attempt to explain them.
#770 — October 9, 2025
Ruby Weekly
Buckle Up, There’s a New Gem Server in Town: gem.coop — The recent, tense situation around RubyGems and Ruby Central has led to the launch of a new public gem server called gem.coop, a project led by several RubyGems developers and with support from Homebrew’s Mike McQuaid. It doesn’t support gem pushes yet but mirrors all public gems from RubyGems.org.
Jared White
🗣️ Unsurprisingly, this news led to an extensive discussion on Hacker News.
🚨 Rails 7.1 Hit EOL On 10/1. Plan Your Upgrade With Our AI 🤖 — No more security updates for Rails 7.1. Get a...
As part of standard incident-response practice, Ruby Central is publishing the following post-incident review to the public. This document summarizes the September 2025 AWS root-access event, what occurred, what we verified, and the actions we’ve taken to strengthen our security processes.
On September 30th, a blog post raised concerns that a former maintainer continued to have access to the RubyGems.org production environment after administrative access was removed from several accounts earlier that month. We want to share the outcome of our investigation including: what happened, the extent of what we verified, what we got wrong, and the actions we have taken to strengthen our security...
I’ll be giving a talk in November in at SF Ruby Conference (tickets on sale now!). My talk is speeding up your application’s development cycle by taking a critical eye at your application’s development boot. Which all boils down to do less. In Ruby, the easiest, though not the simplest, is to load less code. So yeah, autoloading.
To expand my horizons and hopefully give a better talk, I branched out beyond my experience with Ruby on Rails to talk to Tim Riley about Hanami and how it handles code loading during development.
The following are my notes; it’s not a critical review of Hanami, and it only looks into a very narrow topic: code loading and development...
I’ve been meaning to write a post about my perspective on Open Source and corporate entities. I already got the rough outline of it; however, I’m suffering from writer’s block, but more importantly, the whole post is a praise of how Shopify engages with Open Source communities. Hence, given the current climate, I don’t think I could publish it without addressing the elephant in the room first anyway.
So here it is, I am deeply convinced that contrary to what has been alleged recently, Shopify has nothing but good intentions toward Ruby and its community.
It is healthy to be skeptical toward corporations, I certainly am, but I believe Shopify is currently receiving undue distrust...
This one has been in my "articles backlog" for a long time. But for whatever reason it kept getting pushed back. I’ve built drag & drop features multiple times in the past, but recently I helped a new client with some custom UI work and a kanban-like feature was on the list. So I assessed again what resources for such a feature for Rails and Hotwire are out there on the internet, and concluded that there is a place for another article as my approach is really clean, I think.
This is the feature I want to build in this article:
The solution is using three key components to make life easier:
This blog post is part of a series called "Hanami for Rails Developers".
In the first two parts of this guide, we covered off the familiar concepts of models and controllers, and saw how Hanami approached these designs. We saw that Hanami split the responsibilities of models between repositories, relations and structs, and we saw that the responsibilities of a controller and its views were split between actions, views and templates.
In this part, we’re going to continue building on our application’s foundation by introducing a form that lets us add further books to our application. In a Rails app, we would handle...
Join me on a breathtaking journey as we add a client-side search to an SSG docs-first site, built with Astro!
Building static sites with Astro is a dream (especially for documentation). But what to do when your growing docs need full-text search, but you don’t want to give up that static delight? In this post, see how to bring powerful, fuzzy, and accessible search to Astro-generated sites. (This means no external crawlers and no remote APIs.) We’ll also look at the limits of AI-based and third-party search, demonstrate how to generate a build-time JSON index with Astro’s endpoints, and fine-tune the...
In this episode of Remote Ruby, Chris is on paternity leave celebrating the birth of his son, so Andrew brings in Drew Bragg and Rachael Wright-Munn (aka ChaelCodes), to discuss recent controversies surrounding Ruby Central and its alleged takeover of Ruby Gems and Bundler. They dive into the timeline of events, conflicting narratives, communication failures, and the underlying security concerns. They address theories and facts, scrutinize the governance of Ruby Central, and discuss the implications for the Ruby community. The episode emphasizes the importance of asking questions and seeking clarity, while advocating for a balanced and constructive approach to resolving the community's...
Direct link to podcast audio file
Jared Norman interviewed me after he wrote about the order in which programmers choose to write their code and I offered this response. In this episode, we touch on this before launching into a more expansive discussion on why the agile movement fizzled out and what we can reclaim from a developer workflow perspective now that we're experiencing our first major market upheaval since then with the rise of coding agents.
Appearing on: Dead Code
Published on: 2025年09月09日
Original URL: https://shows.acast.com/dead-code/episodes/fear-driven-everything-with-justin-searls
Comments? Questions? Suggestion of a podcast I should guest on? podcast@searls.co
We get attached to code - sometimes to a fault. Old migrations are exactly that. They’re digital hoarding at its finest, cluttering up your codebase with files that serve absolutely no purpose other than to make you feel like you’re preserving some kind of historical record.
But here’s the brutal truth: your old migrations are utterly useless. They’re worse than useless - they’re actively harmful. They’re taking up space, they are confusing (both for you and new developers on the project), and they give you a false sense of security about your database’s evolution.
If your database is out-of-sync with schema.rb you need to solve that problem anyway, and - if anything - the migrations make...
This is our second threat intelligence post. Each week, if appropriate, we will aim to share some wider industry news that might impact our clients.
What we cover will depend on what has been happening the previous week, this week, for example, is a much shorter update.
Some of the folk that previously maintained and operated RubyGems.org have started a new server for hosting gems https://gem.coop.
No action needed unless your team feels they want to migrate away from RubyGems (which is understandable).
Github recently rolled out sign in with Apple. Unless your organisation specifically requires this, I would recommend against employees tying log in to Apple IDs.
They are...
The need for a user friendly tool that hits the sweet spot between performance and scalability in web development at 5.3 zettabytes of global cross border IP traffic every year September 2025 RoR and React are two technologies that play a great role in building applications these days. Full-stack backend framework RoR was developed by David Heinemeier Hansson in 2004, and is known for its "convention over configuration" and "don’t repeat yourself" (DRY) mantras which allow the developers to write very less code when compared other frameworks. Prior to React, Front-End engineers rendered dynamic in-component trees using complex JavaScript...
I’ve thought deeply about building CLIs and built a
lot of them over the years. I’ve used Rake, Thor, my own gem GLI and many others. After all that, the venerable OptionParser—part of
Ruby’s standard library—is the best choice for scripting and sub-command (git-like) CLIs. I want to show you how.
At first glance, OptionParser doesn’t seem to support a sub-command CLI, like so (I’ll explain what each part is below):
> bin/test --verbose audit --type Component specs/front_end
Yes, you could configure --verbose and --type TYPE, then figure out that the first thing left over in ARGV was a command, but it gets very cumbersome when things get beyond trivial,...
Ruby 3.4.7 has been released.
This release includes an update to the uri gem addressing CVE-2025-61594, along with other bug fixes. Please refer to the release notes on GitHub for further details.
We recommend updating your version of the uri gem. This release has been made for the convenience of those who wish to continue using it as a default gem.
We intend to release the latest stable Ruby version (currently Ruby 3.4) every two months following the most recent release. Ruby 3.4.8 is scheduled for December and 3.4.9 for February.
If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift...
I have a confession to make: I have never used Minitest in the seven years I’ve been a professional programmer.
I’ve always used the other framework.
But earlier this year, I started working with a client whose application relied solely on QA instead of automated tests. In an effort to bring the team peace of mind during releases, I started adding tests to the most critical parts of the application.
Lured by the promise of speed and wide adoption, I suggested we try Minitest.
As I started working on writing my first tests, I hit an unexpected roadblock.
After writing several hundred tests, I can confidently say that Minitest’s biggest weakness is its...
Open source, talks around the world and prepping SFRuby for Nov 2025. Catch up Evil Martians' blog, open source, podcast, and get ready as we head for SFRuby Conference in San Francisco.
Summer has ended! In this post, we recap Martian posts, talks, open source + more you might have missed.
Struggling with a slow Rails app? Learn our five-step framework to identify, analyze, and fix performance bottlenecks without just throwing more hardware at it.
Go straight to the site: forge.railsdesigner.com.
Announcing Forge: a minimal, self-hosted community app with channels, threads, and more. Pay once, no monthly fees, and customize everything you need.
Forge is a forum-like (think Slack/Discord) platform to build your paid community. You provide a Stripe payment link, and after payment your new member gets an invite link to your community. It has all the typical community features, like: channel-based organization, threads, user profiles and moderation tools.
It is, of course, built with the latest Rails (including the new rich-text editor Lexxy!) and as vanilla as possible. The only extra gems added are: Courrier, Rails Icons, Perron...
Designed...
My previous article about timezones turned out to be useful for quite a few folks, which makes me happy. One candle lights another.
Ben Sheldon asked about then actually doing something with those converted times. How do you actually send a newsletter every morning on every working day, regardless of what the user’s time zone is?
There are a number of approaches to this - once you know the UTC time of the delivery. I will cover a few of them, including the one I prefer. Let’s wind the clocks!
I am currently available for contract work. Hire meto help make your Rails app better!
Remember how I told you that you...
Time to plan an upgrade as Joël and Aji talk about the hurdles involved with various change management in their projects.
The pair lay out some different approaches to protecting your data when planning a migration, the risks of code and data changes, the elements that will and won’t be affect in the process, and Joël gives his experience on a tough migration project and what he learnt from it.
—
If you’ve not used Merge before you can learn more about it here.
Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (check the link for your free gift!), and Scout Monitoring.
Your hosts for this episode have been thoughtbot’s own Joël Quenneville and Aji...
If you...
We published security advisory for CVE-2025-61594.
In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials.
This vulnerability has been assigned the CVE identifier CVE-2025-61594. We recommend upgrading the uri gem.
When using the + operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure.
Please update URI gem to version 0.12.5, 0.13.3, 1.0.4 or later.
Assuming you haven’t been living under a rock these past few weeks, the Ruby community has been embroiled in quite a bit of drama. I won’t recap it here...there are plenty of other sources to go (Joel Drapper for one), and I also have my own pointed take on the matter on my personal blog. But here on Fullstack Ruby I like to maintain a positive, can-do attitude, and to that end, let’s talk about some very exciting developments!
Most Rubyists are familiar with rubygems.org and the reason that you see source "https://rubygems.org" at the top of every Gemfile is so Bundler can download and install gems from the rubygems server.
What I, and I suspect most of you, never considered is that source...
A screenshot of my application with little presence indicators decorating content
I recently was heads down building a "presence" feature for the case and communications management part of my startup’s admin dashboard. The idea being that our internal staff can see what their colleagues are working on, better collaboarate together as a team of overlapping responsibility, and reduce duplicative work.
The follow is more my notes than a cohesive narrative. But maybe you’ll get something out of it.
In building this feature, I got a lot of value from:
I recently started using ViewComponent. I’ve been gradually removing non-omikase libraries from my Rails applications over the past decade, but ViewComponent is alright. I was strongly motivated by Boring Rails’ "Hotwire components that refresh themselves", cause matching up all the dom ids and stream targets between views/partials and... wherever you put your Stream and Broadcast renderers is a pain.
You might also know me as the GoodJob author. So of course I wanted to have my Hotwire components refresh themselves later and move stream broadcast rendering into a background job. I to simply call MessagesComponent.add_message(message) and broadcasts an update later to...
In an ever-changing industry such as web development, many will argue that RoR is one example of how elegant design with a collection of programming best practices can encourage productivity. Created in 2004 by David Heinemeier Hansson, RoR transformed the way developers create scalable and maintainable applications using a "convention over configuration" approach. Fast-forward again to September 2025, and RoR is still one of the favorites for fueling several such iconic websites globally, whether e-commerce giants, social platforms, or enterprise tools. Though we’ve seen the advent of new frameworks like Next. Due to the speed of development...
Fast Forward to Sept. 2025: In the high-speed, digital economy of September 2025, businesses in virtually every industry are competing effectively using various new forms of dynamic and adaptive web content-centered strategies to rapidly grow their prospects/customers and user experiences. Founded in 2004, Ruby on Rails (RoR), a powerful open source framework, is still particularly appreciated for its potential to enable quick and scalable application development. By following the "convention over configuration" paradigm and sticking to its "don’t repeat yourself" (DRY) policy, RoR makes it easy for developers to create complex web apps...
Sometimes, after a few pints in a respectable gathering of Rubyists, someone will ask me "what is the most undervalued module in the Ruby standard library?"
There are many possible answers, of course, and some favoritism is to be expected. Piotr Szotkowski, who untimely passed away this summer, did a wonderful talk on the topic a wee while back.
My personal answer to that question, however, would be Random. To me, Random is a unsung hero of a very large slice of the work we need to do in web applications, especially so when we need things to be deterministic and testable. So, let’s examine this little jewel a bit closer.
I am currently available for contract work. Hire meto...
The team behind the last ten years of rubygems.org, including @deivid-rodriguez, @duckinator, @martinemde, @segiddins, @simi, and myself, is very pleased to announce a new gem server for the Ruby community: gem.coop.
The new server’s governance policies are being prepared in coordination with Mike McQuaid of Homebrew, and will be released later this week.
The current versions of RubyGems and Bundler work with this new server already, and any Ruby developer is welcome to switch to using this new server immediately.
We have exciting plans to add new features and functionality in the coming days. Join us!
Welcome to another, sligthy shorter, issue of Hotwire Weekly! Happy reading! 🚀✨
How does Turbo listen for Turbo Streams? - Sid Krishnan explains how Turbo automatically detects and applies Turbo Stream updates when a response includes <turbo-stream> tags.
How to elegantly update other UI when a Turbo Frame is updated - Radan Skorić shares a Rails trick to update UI elements outside a Turbo Frame from a frame update. His turbo_aware_content_for helper switches between content_for and a matching Turbo Stream replacement to keep extra frame content in sync.
How to detect Safari and iOS versions with ease in 2025 - Evgeniy Valyaev...
I tend to listen to the same songs or albums on repeat that are evocative of how I’m feeling or what’s going on with me. Here is what I’m currently listening to over, and over, and over, and over, again.
‘Tis the season.
Well I think I saw you for the flash of a moment
Your broken heart and the body that holds it
I lost your scent in the flash of the party
The big bright lights, baby, constantly haunt me
I’ve never been right, have you ever been lied to?
I think I just saw the same scars upon you
Is this a disguise? Or a masquerade for me?
I’ve been listening to a lot of Siamese Dream.
Behind me the grace of falling snow
Cover up everything...
Lately I’ve been really excited about Papercraft and the possibilities it brings to developing web apps with Ruby. Frankly, the more I use it, the more I see how simple and joyful it can be to write beautiful HTML templates in plain Ruby.
Now that the Papercraft website is up, I’d like to concentrate on making it easier for everyone to use Papercraft in their apps, whatever their web framework. So this is exactly what I set out to do this weekend. First on my list: Hanami, an established Ruby web framework with a substantial following.
Since I never used Hanami, I decided to follow the Getting Started guide and then started to peek under the hood to see how I could replace the ERB...
The big achievement this week: I released Hanami 2.3 beta1!
It had been a while since we cut a release (a lot of work had gone into setting up our sponsorship and preparing our upcoming site), so I’m very happy to have this out.
This release included contributions from a whopping nineteen contributors! This is one of the surest signs of our growing success, and I’m very thankful for everyone’s help!
This was also a whopping week for the Hanami Discord, which as Kyle aptly put it, is popping off. A slew of new people have joined (both old friends and new!) and are sharing ideas and questions. It’s exciting to see! And since a lot of the chat happens while I’m still asleep in Australia, I’m...
This blog post is part of a series called "Hanami for Rails Developers".
There’s plenty of writing out there for why you should use Hanami, and so this post won’t cover that. If you want those thoughts, see my Hanami 2.0 thoughts and my earlier thoughts on Hanami posts.
This post covers off how to get started with Hanami, with a focus on those who are familiar with Rails and the MVC structure it provides. I’m unashamedly going to crib parts of this from the Hanami Getting Started Guide, but explain them in a different way.
With a Rails app, you’ll be familiar with the Model-View-Controller...
This blog post is part of a series called "Hanami for Rails Developers".
In the first part we saw how to interact with a database by using Hanami’s repositories and relations. In this part, we continue that by serving that data out through routes of our Hanami application.
To get started here, we can run the Hanami server (and its asset compilation step) by running:
hanami dev
This will run a server on localhost:2300 and once you come back to the browser to figure out why your muscle-memory’d localhost:3000 didn’t work, change that 3000 to a 2300.
In a Hanami application, you can...
This article isn’t specifically about Solid Cache or encouraging you to use it. Recently, I read the source code of the solid_cache gem and learned some interesting things that I’m going to share here.
Solid Cache is a database-backed cache storage system. In simple words, it enables you to use any database for caching, rather than relying solely on RAM-based stores. Solid Cache was introduced at the RailsWorld 2023 Conference’s Keynote, and Donal McBreen, the main contributor, provided more details about it. I highly recommend watching the presentation if you want to understand the reasoning behind this paradigm shift.
I’d like to thank Donal for reviewing this article and providing...
Added dock navigation, navbar, sidebar, and toast notifications.
Hi, it’s Claudio Baccigalupo. Let’s explore this week’s changes in the Rails codebase.
Bump PostgreSQL client version to 18
The PostgreSQL client version in the devcontainer now points to the latest release of PostgreSQL, which is great because...
Support virtual generated columns on PostgreSQL 18+
PostgreSQL 18 supports virtual (not persisted) columns, which can be added in Rails migrations with stored: false. For instance:
create_table :users do |t|
t.string :name
t.virtual :lower_name, type: :string, as: "LOWER(name)", stored: false
t.virtual :name_length, type: :integer, as: "LENGTH(name)"
end
Fix Enumerable#sole when element is a tuple
Restores the original behavior...
Thanks for holding us to a regular cadence. I’m liking being able to share with you all regularly.
Today’s Friday update is brief, as we shared a comprehensive status on Tuesday, and much of that work is still in motion. Here’s where things stand:
I’ve been working quite a bit on Papercraft these last few weeks. Yesterday I released Papercraft version 2.16, and here are some of the notable changes introduced since the last update:
DOCTYPE for html tag by default. Before this change, you needed to
use the html5 tag to include the DOCTYPE at the top of the generated
markup. Now you can just use html. This is important since this way you
avoid quirks mode.style and script tags. This makes it easier to write
inline CSS and Javascript.Papercraft.markdown_doc convenience method which returns a
Kramdown::Document instance for further processing of Markdown content.I’ve also been working on a website for Papercraft and it’s finally online. Check it out:
Like the noteflakes.com website, which you’re currently reading, the Papercraft website is made using Syntropy. All of the documentation pages are written using Markdown. Let’s look at some examples of how Papercraft is used on its...
In this episode of Remote Ruby, Chris and Andrew chat with Travis Dockter, the founder of a brand-new Ruby conference, Blastoff Rails. They dive deep into Travis’s journey from business school to bootcamp, his love for conferences, and why he decided to organize one of his own in Albuquerque, New Mexico. From planning venues and sponsors to shaping a unique conference philosophy, Travis shares both the behind-the-scenes challenges and the excitement of creating a new community space for Rails developers.
Links
After getting set up for sponsorship (we still want to hear from you!), we’re back with a new Hanami release. Today we’re pleased to announce the first beta of Hanami 2.3.
This one goes up to eleven three.
With this release, we introduce Rack 3 support to Hanami!
We now support Rack versions 2 and 3, so you can use whichever version suits your situation. We still encourage you to upgrade Rack when you can, and we’re happy that Hanami is no longer a blocker on this path.
To upgrade your app to Rack 3, update your Hanami gems to this beta release, then bundle update rack. You should also check out the Rack 3 upgrade guide. Most changes will...
Now, let’s take a look at the most common jj commands, with a special focus on the way arguments are generally consistent and switches don’t hide totally different additional commands.
The log command is the biggest consumer of revsets, which are passed using -r or --revisions. With @, which is the jj version of HEAD, you can build a revset for exactly the commits you want to see. The git operator .. is supported, allowing you to log commits after A and up to B with -r A..B, but that’s just the start. Here’s a quick list of some useful revsets to give you the flavor:
@- the parent of the current commitkv+ the first child of the change named kv
..A & ..B changes in the intersection...#769 — October 2, 2025
Ruby Weekly
The Ruby Association's Call For Grant Proposals — Each year, the Ruby Association, chaired by Ruby’s creator Matz, puts out a call for proposals for Ruby related projects that they can give a grant (of 750,000 Yen - roughly 5000ドル) to assist further development. The deadline for this run is October 6, next Monday.
Ruby Association
Tuple - What Core Contributors Use to Pair on Ruby and Rails — 4 out of the 10 top contributors to Ruby use Tuple to pair on code. Tired of verbally steering on Zoom? Discerning developers choose Tuple.
Tuple sponsor
...I made this yesterday by typing a few words and uploading a couple of pictures to Sora:
When Sora 2 was announced on Tuesday, I immediately saw it as exactly what I've wanted from AI ever since I first saw Stable Diffusion in the Summer of 2022. For years, I've fantasized about breaking free from the extremely limited vocabulary of stock video libraries (as a Descript subscriber, I've long had access to Storyblocks' library). Stitching together stock content to make explainer videos like this one is fun, but the novelty wears off as you quickly burn through all three clips for "child throws spaghetti at family member." Stock video is great if you only talk about mundane household and...
When you use Turbo Frames on your page you can set an initial loading state. Something like Loading.... This text then will then be replaced once the request’s body is injected into the frame element. That works great for loading parts of your app asynchronous.
But what if you have a turbo frame element permanently on your page? For example for an overlay or modal component? And what if it is a bit slow? By default it will show nothing (except the progressbar at the top after ~500ms) until the resource is loaded. This makes for a poor UX. Ideally you want to give feedback, even if it is a "loading" text, right away. This is better and tells the user something is happening.
See this GIF:
...