While I was writing Serving ruby gems, the paranoid way, I gradually became interested in the rubygems API and especially in its implementation in both gem server and geminabox. This is how I started a new journey inside the internals of these two programs.
Read more: http://blog.gemnasium.com/post/63452494107/hacking-rubygems-servers
As I wrote in a previous blog post, there are good reasons to be paranoid with Ruby gems: they may have been hacked and “enhanced” with malicious code. It would be great if we could check every gem that we want to install, including their dependencies. You may think “this is not practical at all”, and you are probably right. But still, I wanted to give this idea a try and learn about the challenges that people will face if they want to review their gems before installation.
Ruby is my everyday programming language to develop web applications. But it is also a powerful scripting language that comes with all "batteries included" for interacting with my Unix system. It is especially suited to write new command-line utilities. For instance, I often use guard to trigger some automatic processing on my files.
Read more: https://discuss.gemnasium.com/t/package-your-ruby-based-tool-the-safe-and-easy-way/44
In the past few months, I have experimented with some Pomodoro applications on my mobile phone. These were great, but I don't actually spend my days staring at my mobile phone. Something was itching me: if the whole point of the technique is to stay focused by avoiding useless context switches, then why should an external device keep stealing my attention just to be more productive? So where do I spend most of my time? In the Unix shell, interacting with the command-line! So I looked for Pomodoro tools that suit my lifestyle and this is how I discovered pomo, a Ruby Pomodoro application for the command-line. Let's check it out!
Most software developers tend to write code where objects are given too many responsibilities.
Code with bloated objects is more difficult to test, to understand and to maintain in the long run.
To keep the code small and focused, different strategies can be used to extract behavior.
A new gem, "casting", claims to bring the benefits of both mix-ins and delegation, but without their drawbacks.
Read more: https://discuss.gemnasium.com/t/casting-adding-behavior-to-objects-without-using-extend/34
A malicious gem could do pretty much everything on the environment that runs its code, from stealing critical data to taking control over the entire operating system. It may only take minutes for the malicious software to access poorly protected files or to exploit its way up, from running as restricted user to escalating to a privileged user.
The French government legalized online betting in 2011 and created an Authority (named "ARJEL") in charge of this new market. This authority enforces betting operators to follow a lot of technical rules; one of them being the tracking of all events in secure vaults. This article explains how Ruby was used to save us a lot of time.
Rails STI will be just fine for most cases. Anyway, for large databases, or when attributes vary a lot between models, using table inheritance could be very helpful. Using it with rails is really easy, learn how here.
In continuation of the capistrano subject, we would like to introduce Webistrano, edited by Peritor. Webistrano is a web interface to the Capistrano tool. It pulls projects from a Git repository (in our case it’s github) and place the files on the web server. Webistrano allows to roll back to an earlier version in case of problem, it also keeps a log of every deployment. Most important, it allows users (our customers) to deploy without any direct access to servers. Read more
Annotator is gem to document your model attribute.
You might heard of AnnotateModels, which gives you basic column description (title, type etc.) in your model file. With Annotator, in addition to such basic info, you can add comments to the columns.