Bundler's Multiple Source Security Vulnerability
While working on a project, I discovered a major security vulnerability that affects all stable versions of Bundler.
Multiple Personalities in Git
At Collective Idea, we use Git all the time. Right now, I have 50 Git repositories cloned on my computer and they fall into a few categories. My problem is that I need to commit from a different email address depending on which type of project I’m working on. I explored three ways to do this, looking for the least intrusive.
Scheduling Crowd-Sourced Entropy with Webhooks
I love writing gems. Lately, I’ve been particularly interested in tackling the big, important problems in math, like how can a computer generate a truly random number. I took this challenge head-on when I developed the fair_dice_roll gem.
Spring Is Dead to Me
Spring, as described in its README, is a Rails application preloaded. “It speeds up development by keeping your application running in the background so you don’t need to boot it every time you run a test, rake task or migration.” I want to focus on the first assertion in that description…
Non-Message Flash in Rails
Flash messages were one of those little features that amazed me when I was first introduced to Rails. Developers often use Rails’ flash to display messages to their users, but messages aren’t the only reason to use flash.
String Interpolation: The Bad Parts
On Documentation-Driven Development
I love designing and developing APIs. In building a great API, the design and development processes demand equal attention. The problem is that popular development approaches don’t emphasize the design process. You may be familiar with the concepts of “test-driven development” and “behavior-driven development”, but let’s talk about the lesser-known concept of “documentation-driven development”.
A potential client asked us recently: “What makes you rockstars?” The question had us stumped and it took a while for us to realize why. Here’s how we responded:
We’re not rockstars. We’re the roadies.
Public Methods != Public API
I love designing and building APIs. Usually those APIs are in the form of REST web services. A lot of care goes into the interface of a web service because it’s how your application is presented to the outside world. But what about the interfaces of your internal code?
The Marriage of Figaro… and Rails
Two years ago and 264,309 downloads ago, I wrote the Figaro gem. I had been using the pattern for some time already and was frustrated that something so simple wasn’t already included in Rails. And now, finally, it is! Well… sort of.
Background Job Monitoring for Atheists
I’m a Rails developer but I’m not much of an Ops guy. So when it comes to server monitoring, I want a simpler solution than God. God is a “Process Monitoring Framework in Ruby” and while I know it’s awesome, sometimes it’s not quick and dirty enough for my liking.
Factory Girl without Active Record
Factory Girl has been around for more than five years now and has become the standard for building and saving valid model data for your test suite. Out of the box, Factory Girl plays nicely with the major ORMs: Active Record, Mongoid, DataMapper and MongoMapper. But what about those pesky models that fall outside of your ORM? Fear not… Factory Girl’s got you covered there too!
Long Lost Allocation
There’s a great little method in Ruby that you might not be familiar with. It’s used all the time but it’s hardly ever called directly. The method is Class#allocate.
Inter-Service Authentication with SSL
At Collective Idea, we love building web services. Oftentimes we also build the client applications that consume those services.
One of the major challenges with a service-oriented architecture is authenticating communication between the client and the service as well as between services.
At Collective Idea, we’re hard at work moving into a bigger, new and improved office space. We have big plans for the space, including refinished hardwood floors, Flor carpet, Nest thermostats and more. But before all the bells and whistles, we need to be able to… work.
A Different Approach to Gem Development
Not too long ago, I had the idea to write a gem (as I often do) to wrap elasticsearch with some smart conventions for Active Model. First step: name the gem.
Testing File Downloads with Capybara and ChromeDriver
At Collective Idea, we ♥ Cucumber, Capybara and ChromeDriver… and alliteration. But we recently encountered an issue with a very Ajaxy Rails app where we need to test a file download and assert its content.
Starting is Easy. Finishing is Hard.
Finish something at Finish Weekend!
Simultaneous Capybara Sessions in Cucumber
There’s something very satisfying about watching your Cucumber test suite run (and pass), especially when the tests are running in your browser. I can’t help but think, “Man, I’m glad I don’t have to do all of this myself.” That’s especially true when your testing requires multiple sessions. The old me would fire up a couple different browsers and get to work. But that was the old me.
Test Your API with Cucumber and json_spec
At Collective Idea, we do a lot of work with RESTful JSON APIs. They can be a joy to build but a pain to test. We’re currently working on a project that’s all API all the time, so we developed some reusable Cucumber steps for testing. Now, we’ve abstracted all that goodness out into its own gem… json_spec.
Get Your Conditions in Order
It’s programming 101 but it’s easy to miss in practice. If a condition has multiple expressions, some may never be evaluated. Use that fact to your advantage.
The Billy Baldwin of Conditional Assignment
For those of you who don’t know, Billy Baldwin is the lesser-known and generally-less-useful little brother of famed actor Alec Baldwin.
In the world of Ruby’s conditional assignment operators,
||= is Alec Baldwin; charming and versatile. But not many people know about
||=’s little brother… the
Automatic Login Links
Scary, I know, but hear me out. Implemented correctly, an automatic login link can be just the ticket to appease those pesky, forgetful, real-world users.
More User-centric Routes: Rails 2
Writing routes that are conditional upon whether a user is logged in is easy with Rails 3 but if you find yourself (as many of us do) stuck with a Rails 2 app, here’s how to achieve the same fancy routes without the latest Rails.
User-centric Routing in Rails 3
Have you ever noticed that the GitHub homepage is different once you log in? I’m not talking about little changes here and there. It’s a completely different page. I have no idea how GitHub does this but I’ll venture a guess and demonstrate how to achieve the same effect.