Chris Oliver

Shoutout to the folks at Honeybadger for being awesome. 🫡

What have you tried?

Using Rails main, betas, or release candidates are great ways to find bugs and contribute to Rails itself. 🎉

I thought it would be fun to start a thread where we can post the things we've learned recently.

Today I learned that __dir__ returns a full path while File.dirname(__FILE__) returns a relative path thanks to Xavier's recent commit in Rails: https://github.com/rails/rails/commit/de4d8744744acab2dd9db0683ccf784ea45810b2

Have you used GitHub Action Inputs for any other cool things?

As more and more vulnerabilities like "xz" with Linux happen, reproducible builds and releasing processes like Trusted Publishing that the Rubygems team has built will be critical. I mean, how many of us actually check the code that is downloaded by bundler to ensure it's secure? Probably very few of us!

Follow the GoRails Learning Path.

Cloudflare as a proxy could help block the malicious user. They can block requests from known bots and present barriers to stop them.

They also run hCaptcha that you can implement in the sign up process to protect from bots. We have a lesson on that here: https://gorails.com/episodes/how-to-usehcaptcha-with-ruby-on-rails

I also like using invisible_captcha which is similar and doesn't require a third-party service (although it's not quite as good).

I don't see this feature used often in Rails apps, but it's super powerful for things like this. An easy way of creating Ruby objects like this allows you to really organize functionality instead of stuffing it all in models.

Keep watching. Nokogiri is just an HTML parser, but you need to write code to interact with it, which is why we create the Scraper class.

You may not want / need that to be accessible by everyone, in which case you don't want to add it to the ActiveRecord class, just the association.

Maybe we'll start a new series on metaprogramming. 👍

Make sure you added the credentials to the right credentials file (using rails credentials:edit --environment development) and that you've added it to all of the ones you need.

You can also open up the Rails console and use Rails.application.credentials to confirm they're loaded properly.

You can either check the class with is_a? or check methods if with respond_to?

Yes, it's fixed. https://github.com/basecamp/mission_control-jobs/pull/47

No different than html.erb views. Both just generate the HTML independently of the JavaScript.

I feel like components in Ruby are super duper handy for arguments and other complex helper methods. Phlex takes it a step further with the HTML helper methods so you don't even really have to leave Ruby while you're coding. Pretty cool stuff!

I'm not sure if anyone's using Litestack, but SQLite is ready to go. You'll just want to set the SQLite database location to the shared directory so it isn't lost between deploys. I think Rails has changed it's default location to /storage which is automatically symlinked on deploy (just make sure the folder is not in your repo), so it may be good to go as-is.

That should work but let me know if it doesn't!

Yeah, Puma is the Rails default.