Recently, nVisium made SecCasts free to subscribe. It's got a ton of application security tips in screencast format, and most recently we've been on a Rails kick, releasing Rails-specific screencasts. Check them out for some easy fixes to security issues we regularly see in Rails apps.
ernie — 32 posts
Talk: An Intervention for ActiveRecord erniemiller.org
Confreaks just posted my talk from RailsConf 2013, "An Intervention for ActiveRecord". Video, slides, and SpeakerRate are all right here. If you'd like to take a whirlwind tour of some things that may surprise you about ActiveRecord, please have a look!
Ruby Tidbit: Include vs Extend with Module Class Variables erniemiller.org
I just put together a quick article about an interesting difference between include vs extend of modules when it comes to class variables. Interesting, if not necessarily practically applicable. :)
Making Ruby Dance! erniemiller.org
I posted video, code, and slides from my lightning talk at Ruby Hoedown, entitled "Making Ruby Dance!". It talks a bit about dependency injection and a particularly evil bit of code. I had a great time with it, so wanted to share. Obviously the video was not professionally recorded, but I think you'll get the idea. :)
SQL Literals in Squeel (or, Overriding Backticks in Ruby) erniemiller.org
I just posted details about how Squeel overrides the behavior of backticks in its DSL blocks, along with some of the criteria I used when determining whether or not backticks were a good candidate for the behavior. I hope they'll be useful as a starting point for thinking about overriding just about any default Ruby behavior in your code, especially backticks.
I just posted a quick walkthrough on using attribute whitelisting using the Ransack search gem. But, ignore that part. It was really just an excuse to talk about why a class macro was the wrong way to go about implementing this kind of feature.
Squeel 1.0 Released erniemiller.org
I've just released version 1.0 of Squeel, the gem that adds all sorts of powerful new querying syntax for ActiveRecord 3.0.x - 3.2.x. It's been over a year in development, so I'm really excited to get it out the door for this RailsConf. Check out this post for details on what's new, and a rundown of some of its nicer features.
Valium: The Cure for Your ActiveRecord Instantiation Woes metautonomo.us
I just released a tiny little gem called Valium that makes it simpler to get at your attribute values (properly cast and deserialized) without going through the pain of ActiveRecord instantiation. Here's the blog post.
Benchmarking Enumerable metautonomo.us
Over the weekend, I did some benchmarking of several Enumerable methods. Some of the results surprised me. They might surprise you, too.
attr_bucket, A Gem for Your Lolrus Model metautonomo.us
I just posted an article about attr_bucket, a little gem I should probably never have written that allows you to do evil things to your models. Things like serializing a bunch of attributes into a single "bucket" column, but still support using them with validations and form_for.
MetaWhere and MetaSearch 1.0 Released metautonomo.us
After months of development, the MetaWhere and MetaSearch gems for Rails 3 have finally hit 1.0. MetaWhere provides improvements to AR3 query syntax, offering access to ARel predicate methods that aren't available in stock ActiveRecord, support for outer joins, SQL functions, and more, while MetaSearch provides simple object-based searching and sorting for use in Rails forms, and will be a comfortable transition for those used to using Searchlogic in Rails 2.x.
MetaSearch: A better Searchlogic-ish plugin for Rails 3 metautonomo.us
MetaSearch is extensible searching for your form_for enjoyment. It “wraps” one of your ActiveRecord models, providing methods that allow you to build up search conditions against that model, and has a few extra form helpers to simplify sorting and supplying multiple parameters to your condition methods as well.
MetaWhere: AR 3.0 Query Syntax on Steroids metautonomo.us
MetaWhere offers the ability to call all Arel predicate methods (matches_any, lt, gt, etc) on your model's attributes instead of the ones normally offered by ActiveRecord's hash parameters. It also adds convenient syntax for order clauses, smarter mapping of nested hash conditions, and a debug_sql method to see the real SQL your code is generating without running it against the database.