Rubyland

Added dock navigation, navbar, sidebar, and toast notifications.

Components in this release:

• Dock
• Navbar
• Sidebar
• Toast

View full changelog →

Hi, it’s Claudio Baccigalupo. Let’s explore this week’s changes in the Rails codebase.

Bump PostgreSQL client version to 18

The PostgreSQL client version in the devcontainer now points to the latest release of PostgreSQL, which is great because…

Support virtual generated columns on PostgreSQL 18+

PostgreSQL 18 supports virtual (not persisted) columns, which can be added in Rails migrations with stored: false. For instance:

create_table :users do |t|
    t.string :name
    t.virtual :lower_name,  type: :string,  as: "LOWER(name)", stored: false
    t.virtual :name_length, type: :integer, as: "LENGTH(name)"
end

Fix Enumerable#sole when element is a tuple

Restores the original behavior…

Thanks for holding us to a regular cadence. I’m liking being able to share with you all regularly.

Today’s Friday update is brief, as we shared a comprehensive status on Tuesday, and much of that work is still in motion. Here’s where things stand:

Production services (rubygems.org operations)

• We remain on track to finalize and execute operator agreements on the schedule we set.
• Service is stable; publishing and installing gems continue as normal with on-call coverage active.

Code & repositories (Ruby Gems/Bundler and rubygems.org source)

• A narrow set of elevated permissions remains under the temporary procedural hold while roles are confirmed and least-privilege + MFA are verified. This matches…

I’ve been working quite a bit on Papercraft these last few weeks. Yesterday I released Papercraft version 2.16, and here are some of the notable changes introduced since the last update:

• Emit DOCTYPE for html tag by default. Before this change, you needed to use the html5 tag to include the DOCTYPE at the top of the generated markup. Now you can just use html. This is important since this way you avoid quirks mode.
• Do not content of style and script tags. This makes it easier to write inline CSS and Javascript.
• Add Papercraft.markdown_doc convenience method which returns a Kramdown::Document instance for further processing of Markdown content.
• Add support for rendering of…

New Papercraft Website

I’ve also been working on a website for Papercraft and it’s finally online. Check it out:

papercraft.noteflakes.com

Like the noteflakes.com website, which you’re currently reading, the Papercraft website is made using Syntropy. All of the documentation pages are written using Markdown. Let’s look at some examples of how Papercraft is used on its…

In this episode of Remote Ruby, Chris and Andrew chat with Travis Dockter, the founder of a brand-new Ruby conference, Blastoff Rails. They dive deep into Travis’s journey from business school to bootcamp, his love for conferences, and why he decided to organize one of his own in Albuquerque, New Mexico. From planning venues and sponsors to shaping a unique conference philosophy, Travis shares both the behind-the-scenes challenges and the excitement of creating a new community space for Rails developers.

Links

• Travis Dockter LinkedIn
• Travis Dockter X
• Blastoff Rails X
• Blastoff Rails-June 11-12, 2026, Albuquerque New Mexico
• Albuquerque Museum
• Pirates of Silicon Valley
• Kieran Klaassen X
• Ruby Conference…

After getting set up for sponsorship (we still want to hear from you!), we’re back with a new Hanami release. Today we’re pleased to announce the first beta of Hanami 2.3.

Rack 3 support

This one goes up to eleven three.

With this release, we introduce Rack 3 support to Hanami!

We now support Rack versions 2 and 3, so you can use whichever version suits your situation. We still encourage you to upgrade Rack when you can, and we’re happy that Hanami is no longer a blocker on this path.

To upgrade your app to Rack 3, update your Hanami gems to this beta release, then bundle update rack. You should also check out the Rack 3 upgrade guide. Most changes will…

Now, let’s take a look at the most common jj commands, with a special focus on the way arguments are generally consistent and switches don’t hide totally different additional commands.

jj log

The log command is the biggest consumer of revsets, which are passed using -r or --revisions. With @, which is the jj version of HEAD, you can build a revset for exactly the commits you want to see. The git operator .. is supported, allowing you to log commits after A and up to B with -r A..B, but that’s just the start. Here’s a quick list of some useful revsets to give you the flavor:

• @- the parent of the current commit
• kv+ the first child of the change named kv
• ..A & ..B changes in the intersection…

I made this yesterday by typing a few words and uploading a couple of pictures to Sora:

When Sora 2 was announced on Tuesday, I immediately saw it as exactly what I've wanted from AI ever since I first saw Stable Diffusion in the Summer of 2022. For years, I've fantasized about breaking free from the extremely limited vocabulary of stock video libraries (as a Descript subscriber, I've long had access to Storyblocks' library). Stitching together stock content to make explainer videos like this one is fun, but the novelty wears off as you quickly burn through all three clips for "child throws spaghetti at family member." Stock video is great if you only talk about mundane household and…

When you use Turbo Frames on your page you can set an initial loading state. Something like Loading…. This text then will then be replaced once the request’s body is injected into the frame element. That works great for loading parts of your app asynchronous.

But what if you have a turbo frame element permanently on your page? For example for an overlay or modal component? And what if it is a bit slow? By default it will show nothing (except the progressbar at the top after ~500ms) until the resource is loaded. This makes for a poor UX. Ideally you want to give feedback, even if it is a “loading” text, right away. This is better and tells the user something is happening.

See this GIF:

…

We have fun here.

Ruby on Rails has always moved at a steady, thoughtful pace: each new version brings not only features and performance improvements but also important security hardening. But with every release cycle, older versions reach the end of their lifespan. When a version is officially End-of-Life (EOL), it no longer receives bug fixes or security patches — leaving applications increasingly vulnerable as new threats emerge.

In this post we will talk about why continuing to use EOL Rails versions can be dangerous, and how ignoring upgrade timelines can put your business at risk — not just technically, but legally and contractually.

Rails Maintenance Policy

The Rails core team has a clear mainten…

I'm never one to turn down being on a podcast, especially since acquiring Fireside.fm, a podcast host. So yesterday, I hopped on a call with Tim Campsall to chat about running Box Out and Very Good. And the crazy thing is it's already out on Youtube. I wasn't in my home office so my background was bleak and my audio was subpar but still a great conversation.

Highlights

• Shortest path between builders and users is critical.
• Hire “batteries included” people who are self-driven.
• I’m not really good at anything specific. I’m just good at being glue.
• Measure progress (time tracking) and celebrate wins to avoid burnout.
• Design products to save people time. Design your business to free your own time.
• Peop…

Learn how to build a dedicated API documentation repository that becomes your team's single source of truth, enabling true contract-first development.

Learn how to build a dedicated API documentation repository that becomes your team's single source of truth, enabling true contract-first development. We'll focus on the frontend tech stack approach and demonstrate exactly how I set up a contract-first environment.

Reading a lot of code from very senior engineers is probably one of the best ways to level up as a Ruby on Rails developer. By doing so, we can learn new tips and techniques that we can reuse in our jobs. Thanks to open source, we can read code written by the best developers from all over the world, and for free!

However, reading code from a Ruby gem or a Rails engine for the first time without being guided can be daunting. There are so many files; how do we even know where to start?

In this three-part series, we are going to read the source code from the Showcase Rails engine.

We will learn about:

• The main files in a Rails engine
• How to read source code without getting lost

In this first…

It's true, you catch more bugs with honey than vinegar.

Clipped from my conversation with José Valim about how little we know about the future of coding agents (and, as in the case of this video, also their present).

Dear Rubyists,

Thank you for giving me this opportunity to share with you. We take our stewardship of the Ruby Gems ecosystem seriously. Our mission is clear: keep the language and the infrastructure you rely on stable, safe, and trustworthy. Before we get to what the next steps will be, here is a quick recap from the video that we shared last week.

Moving parts:

• We recognize there is confusion between some of the moving parts in this conversation, and we would like to add some clarity around that.
• The rubygems client and bundler source code both live in the rubygems/rubygems Github monorepo 
• Similarly, the source code for the rubygems.org service lives in the rubygems/rubygems.org Github repo
• La…

Well my Ruby friends, a new day has dawned with the release of the Ruby web framework Bridgetown 2, and that means I can start to enjoy the fruits of our labor by sharing useful code examples and architectural explanations here on Fullstack Ruby. Yay! 🎉

(BTW…how cool is this custom artwork by Adrian Valenzuela??)

Now onto today’s little batch of snippets.

Swapping Video Links with Embeds

On a Bridgetown client project, we wanted to be able to drop in links to the client’s many videos hosted on Vimeo. I didn’t want to have to deal with the hassle of grabbing <iframe> tags for every single video, so my first inclination was to write a helper method and use those calls in the markup…

• Some types of coding challenges
  • Algorithms / interview prep
  • Holiday competitions
  • Miscellaneous challenges outside the holiday season
  • Learning-oriented
  • Language-specific practice
  • Engineering-oriented challenges
  • “Build your own X”
  • Competitive programming
  • Code golf
  • Kata
  • Programming games
• Other activities that are not exactly coding challenges
• Are coding challenges worthwhile?
• If not coding challenges, then what?

To many developers, “coding challenge” evokes technical interview trauma.

But there are many kinds of coding challenges, not all of them dehumanizing. I’ve been making a list of of them over the…

Is it smarter to specialize or stay flexible? Discover why generalist developers may have the edge in today’s fast-moving tech world.

Continue Reading

This is our first threat intelligence post. Each week, if appropriate, we will aim to share some wider industry news that might impact our clients.

We will be covering; Ruby, JavaScript, Postgres, Heroku, Render, Cloudflare, and Github, as well as wider geo-political points.

Ruby

The Ruby community has never looked more uneasy. No issues that require immediate attention, but worth knowing there is a lot of energy being spent on several topics, and there are a lot of folk disenfrancised with the language.

DHH has went, pardon the pun, off the Rails. The Ruby Community has a DHH Problem explains the core issues with DHH (creator of Rails) making xenophobic claims about London. This has…

Read how to accurately detect Safari and iOS versions using WebKit feature checks, behavioral tests, and selective UA hints to gate features safely and avoid breaking UX.

Why is accurately detecting the version of Safari and iOS you're dealing with so important for modern web development? The reasons are seriously many: applying fixes/enhancements only where needed, preventing confusion for users on other browsers, displaying the right prompts for actions or installations, enabling or disabling features, providing accurate analytics, and support users with tailored instructions,…

Joël and Sally sit down to discuss their green and red flags when it comes to PR review.

Joël breaks down the different ways humans review code vs AI, how they both break down large projects into smaller digestible PRs and clarifying your reasoning for certain decisions, as well as discussing the most common red flags they’ve encountered when looking over code.

—

Take a break from coding to brush up on your Roman History.

Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (check the link for your free gift!), and Scout Monitoring.

Your hosts for this episode have been thoughtbot’s own Joël Quenneville and Sally Hall.

If you would like to support the…

Direct link to podcast audio file

If you know who José Valim is, then you know he probably made a mistake by joining me for our third installment of 🔥Hotfix🔥. The inventor of the Elixir programming language is at it again with his colleagues at Dashbit and they've got a new product called Tidewave. It's a coding agent with a twist: it has such a deep level of integration with your web framework that it can get the executable feedback it needs to tackle the entire feature development lifecycle.

I do eventually let him plug the tool (and our conversation genuinely makes me want to try it—I logged a todo and everything!), but to be on Hotfix you gotta bring a thorny problem to the…

Rails 7.1 has been a dependable workhorse since its release in 2023. But on October 1, 2025, Rails 7.1.x will lose official security support. That means no more patches for new vulnerabilities, no more backports, and no safety net if a zero-day exploit lands in your stack.

If you’re running Rails 7.1, your risk level depends heavily on which Ruby version you pair it with. Some Rails and Ruby combinations will be doubly unsupported after October 1st, creating “dangerous pairings” that should be upgraded immediately.

In this post, we’ll break down:

• Which Ruby on Rails setups will lose support after October 1, 2025.
• Why those combinations are risky.
• How to quickly check your…

The State of Rails…

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Hotwire Caching Problem - Amanda Klusmeyer published a blog post on the Flagrant blog about a bug where session-based tab state clashes with Turbo’s navigation cache.

How to install the Bridge Components library - Joe Masilotti published a new video in which he's showing how to install his bridge-components library in a Rails application, alongside the iOS and Android Hotwire Native apps.

View Components Over Turbo Streams with Hotwire - Juan Ferrari shows how to render ViewComponents directly in Turbo Streams, replacing partials.

Rails Views Performance Matters: Can …

This post was originally given as a talk for JJ Con. The slides are also available.

Welcome to “stupid jj tricks”. Today, I’ll be taking you on a tour through many different jj configurations that I have collected while scouring the internet. Some of what I’ll show is original research or construction created by me personally, but a lot of these things are sourced from blog post, gists, GitHub issues, Reddit posts, Discord messages, and more.

To kick things off, let me introduce myself. My name is André Arko, and I’m probably best known for spending the last 15 years maintaining the Ruby language dependency manager, Bundler. In the jj world, though, my claim to fame is completely…

The recent Ruby Central tragedy has me in shambles, honestly. It cuts deep at the very spot where I am feeling the most insecurity and the most disenfranchisement.

The crux of the issue is creative control. Writing software is a creative endeavor, and we are just now barely getting to the understanding that even though free software promises open source, it does not promise open governance or shared ownership. Something made by a person is their creation, and in the world of pervasive corporate grift and endless growth-at-any-cost it remains one of the few, and - to my view - purest - forms of being attached to what you produce. Having creative control and exercising it is the ultimate…

We are in the midst of a Ruby drama for the ages. I'm sure a bunch of people figured we were all too old for this shit, but apparently we are not.

This debate has been eating at me ever since the news first broke, but I've tried to keep the peace by staying out of it. Unlike most discourse about what's going on, my discomfort stems less from the issue at hand—what Ruby Central did, how they did it, and how poorly it was communicated—and more to do with how one-sided the public discussion has been. Beneath the surface of this story are the consequences of a decade-old conflict that was never fully resolved. Then and now, one side—Andre Arko and many people associated with him—has availed…

I’ve been working on a blog post about migrating to jj for two months now. Rather than finish my ultimate opus and smother all of you in eight thousand words, I finally realized I could ship incrementally and post as I finish each section. Here’s part 1: what is jj and how do I start using it?

pls, I just want to use jj with GitHub

Sure, you can do that. Convert an existing git repo with jj git init --colocate or clone a repo with jj git clone. Work in the repo like usual, but with no add needed, changes are staged automatically.

Commit with jj commit, mark what you want to push with jj bookmark set NAME, and then push it with jj git push. If you make any additional changes to that branch,…

I’ve been watching the recent drama within the Ruby community slowly devolve in the last few days into name-calling and virtue-signalling, and frankly just plain silliness. I won’t repeat here the details of the disagreement, and I won’t link to any posts written about what’s happened.

It is clear to me that some of this has to do with business interests of the different parties involved, some of this has to do with political views, and some of this apparently also has to with a clash of personalities. But what really troubles me is not the details of the disagreements themselves, however strongly each of us may feel about them, but rather how people have come to treat each other over…

Happy Friday! After three weeks of conferencing, this is Greg, bringing you the news about the latest changes in your favorite framework. It was a busy week with a lot of changes, let’s dive in.

Rails Version 8.0.3 has been released!
A new version of Rails has been released. Read the CHANGELOG for the list of changes.

Deprecate usage of custom ActiveJob serializers without public #klass methods
With this change, custom Active Job serializers must have a public #klass method, the previous behavior is deprecated.

Make engine routes filterable in bin/rails routes, improve engine formatting
This pull request adds engine route filtering and better formatting in bin/rails routes.

Make all…

At the end of my post on JRuby and JDK 25 startup time features, I teased a bit of the unreleased improvements from Project Leyden. It turns out the latest commits improve startup time even more, so it seems worth posting a quick follow-up!

Project Leyden is LIT

Of the many OpenJDK projects I follow, Leyden has been near the top as far as activity and interest. In the past month, there’s been 527 commits to all branches… over 15 commits per day. And this doesn’t include commits being done by contributors on their own repositories. It’s exciting to watch!

After my recent post, Aleksey Shipilëv reached out to me on Bluesky:

If you know Aleksey, you know to listen when he makes a…

Doing something at a time convenient for the user is a recurring (sic!) challenge with web applications. And the more users you have across a multitude of time zones, the more pressing it becomes to do it well.

It is actually not that hard, but it does have a few fiddly bits which can be challenging to put together. So, let’s do some time traveling.

I am currently available for contract work. Hire meto help make your Rails app better!

What makes time zones so tricky?

Time zones are tricky because they change over time. There is a global UTC clock, which has leap seconds – that’s already a bit tricky, but not that tricky. Timezones are tricky because they are d…

In this episode, Chris and Andrew reflect on their recent trip to Rails World 2025 in Amsterdam, sharing travel adventures, highlights from the conference, and insights into major Rails announcements. From slide-heavy talks to new features like ReActionView, Action Push, Kamal Geo Proxy, Hotwire Native, and Action Text Lexxy, they explore how the Rails ecosystem continues to push developer experience forward. Hit download now to hear more!

Links

• Chris Oliver X
• Andrew Mason Bluesky
• Judoscale- Remote Ruby listener gift
• Rails World 2025- Amsterdam Talks (YouTube)
• ReActionView
• Lexxy
• Kamal Proxy
• Hotwire Native
• STRAAT Museum

Quite often I work with various clients that don’t, or want, or can’t use a third-party library like ViewComponent or similar. That leaves me with partials. Which, granted, often brings me really far early on. But then I hit a wall with maintainability and clean code (mostly too much logic in views which really triggers me). When you read up about this topic, you will often find things like helpers mentioned. The global scope of helpers is my biggest gripe with them. I only reach for one if a helper can truly be used throughout parts of the app.

In this article I want to lay out the various techniques I use for apps I started myself and for others that need more than vanilla Rails partials…

Rails 8 upgrade story: duplicate keys sneaking into our JSON responses

The upgrade from Rails 7.2.2.2 to 8.0.2.1 went surprisingly smoothly.
After deployment, we didn’t notice any new exceptions, and the application seemed stable.
At least at first…

First reports

After a while, we started receiving complaints from an external application consuming our JSON API.
Identifiers that were supposed to be strings suddenly started arriving as integers. 🤔

We rolled back the changes and began debugging.

The suspicious line

It turned out the problem originated in the code responsible for serializing an ActiveRecord object.
We had something like this:

attributes.merge(id: public_id)

The intention was…

I’ve spent 15 years of my life working on Bundler. When I introduce myself, people say “oh, the Bundler guy?”, and I am forced to agree.

I didn’t come up with the original idea for Bundler (that was Yehuda). I also didn’t work on the first six months worth of prototypes. That was all Carl and Yehuda together, back when “Carlhuda” was a super-prolific author of Ruby libraries, including most of the work to modularize Rails for version 3.

I joined the team at a pivotal moment, in February 2010, as the 0.9 prototype was starting to be re-written yet another time into the shape that would finally be released as 1.0. By the time Carl, Yehuda, and I released version 1.0 together in August 2010,…

JDK 25 is the newest LTS release since JDK 21, and it ships with a gaggle of amazing VM-level features. This post will cover one of the most important improvements for command-line ecosystems like JRuby’s: the AOTCache (ahead-of-time cache) and its ability to pre-optimize code for future runs.

We’ll explore how AOTCache can speed up your JRuby workflow, starting with a discussion of JRuby startup time challenges and finishing with “coming soon” features that didn’t quite make it into the JDK 25 release.

The Challenge of Fast Startup on the JVM

It’s worth taking a quick look at why startup time has been such a difficult challenge for JRuby, and how we’ve worked to improve it over the…

I’ve just got back home from Euruko last night. The conference ended on Friday, but I decided to stay two more nights in Portugal and visit Porto. In between walking all over the city, eating great food and enjoying the dancing and music making in the street, I’ve also had time to think about all the wonderful people I met at the conference (and even some I’ve met and talked to by chance on the streets of Viana do Castelo and Porto), and the incredible experiences I’ve had at Euruko.

First, I’d like to express my deep appreciation for the organizers, headed by Henrique. This was my first ever programming conference that I go to, so I had no idea how it was going to go. But it was obvious…

Recently on this blog, I wrote about in-memory filesystems in Rust, and concluded that I wasn’t able to detect a difference between any form of in-memory filesystem and using a regular SSD on macOS. I also asked anyone who found a counterexample to please let me know.

Last week, David Barsky of ERSC sent me an extremely compelling counter-example, and I spent several days running benchmarks to understand it better.

The top level summary is that the test suite for the jj VCS exhibits an absolutely huge difference between running on an SSD and running against a ramdisk. In my first reproduction attempt, I found the SSD took 239 seconds, while the ramdisk took just 37 seconds. That’s bananas!…

Recently I’m finding myself leaning towards writing some Elixir code in a bit different way than the community standard. I call it, perhaps unjustly and a bit tongue-in-cheek, “OCaml-flavoured Elixir”. Now, I don’t really write OCaml well (or: at all), but I spent last 3 years working with a frontend written in ReScript. And I think in recent months it started to affect how I think about the Elixir code.

But to start the conversation, let me show you what I actually mean:

def close_ticket(ticket_id, actor_id) do
  fetch_ticket = fn ->
    Repo.get(Ticket, ticket_id)
    |> Result.wrap_not_nil(:ticket_not_found)
  end

  fetch_user = fn ->
    Repo.get(User, actor_id)
    |> Result.wrap_no…

Kent Beck’s "Tidy First?" isn’t just a book about refactoring—it’s a guide to making change less painful by starting small.

Continue Reading

A frequent request from listeners of my Breaking Change podcast has been for chapter support. At one point, I tried to manually incorporate this into my (extremely light) editing workflow, but it was fiddly and error-prone to do manually.

That is, until yesterday, when I had the thought, "what if I had a script that could detect each time the audio switched from mono to stereo?"

See, like most podcasts, I record my voice in mono, but the music jingles (or "stingers") are all in stereo. And because each mono segment is punctuated by a stereo stinger, the resulting timestamps would indicate exactly where the chapter markers ought to go.

So, an hour later, some new shovelware was born! I call…

The Ruby community experienced significant turbulence in September 2025 when Ruby Central forcibly took control of the RubyGems GitHub organization, removing long-standing maintainers without warning. As someone who has worked extensively on RubyGems security - first independently and later with Mend.io - protecting our ecosystem from supply chain attacks and handling vulnerability reports, I found myself caught between understanding the business necessities and being deeply disappointed by the execution.

I should clarify: I'm not affiliated with Ruby Central, but I've been working behind the scenes to keep RubyGems secure for years. Most people don't realize the constant vigilance…

Flaky tests got you down? The Evil Martians formula stops chronic CI retry irritation! Clinically proven on ClickFunnels' massive test suite and dozens of developers!

Every developer knows this pain: your test suite passes locally but fails on CI. You click "Retry" and hold your breath. It passes! But was it a real fix or just luck? Well now, no luck needed! We've helped dozens of developers from ClickFunnels, a leading sales funnel platform, go from flaky tests with ~80% success rates to 100%* reliability across their massive test suite (9k+ unit, 1k+ feature…

Dev Containers are a lightweight, semi-standardized way to provision robust development environments for applications. They can be run locally, or in a cloud environment like Github Codespaces.

Rails itself provides dev container images and features, and even a tool to create a Rails application without any prerequisites on your machine besides Docker being installed (rails-new). Additionally, you can pass --devcontainer to rails new when starting out with a greenfield Rails app.

So let’s go and see what it’s all about.

What Are Dev Containers?

In a nutshell, dev containers provide a standardized way to define portable, reproducible development environments using (Docker) containers. To…

Sally and Aji discuss their experiences with invisible mentorship when it comes to code review.

Together they question when is the right time to have conversations with your team in a bid to chase improvement, the importance of understanding your co-workers perspectives, as well as the best ways to initiate a mentoring moment.

—

Check out some of the things mentioned in this episode - The Coding Train - Sarah Mel’s Livable Code

Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (check the link for your free gift!), and Scout Monitoring.

Your hosts for this episode have been thoughtbot’s own Sally Hall and Aji Slater

If you would like to support the…

Hi everyone,

I am happy to announce that Rails 8.0.3 has been released.

CHANGES since 8.0.2

To see a summary of changes, please read the release on GitHub:

8.0.3 CHANGELOG To view the changes for each gem, please read the changelogs on GitHub:

• Action Cable CHANGELOG
• Action Mailbox CHANGELOG
• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Action Text CHANGELOG
• Action View CHANGELOG
• Active Job CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Storage CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as…

As the opening keynote on Day 2 of Rails World 2025, I had the chance to host a panel with three people who’ve been shaping the direction of both Ruby and Rails from deep within the internals.

• Aaron Patterson (@tenderlove)
• Hiroshi Shibata (@hsbt)
• Jean Boussier (@byroot)

We covered a lot in an hour:

• What they’ve been working on behind the scenes
• Which areas of Ruby and Rails could use more community support
• The evolving release process for the language
• Why Hiroshi’s focused on improving the experience for developers on Windows
• How security fixes are coordinated across multiple versions
• Performance work related to YJIT and ZJIT
• JSON parsing performance and…

There’s even a moment where Aaron and Jean get into a friendly disagreement about performance and priorities. If you enjoy technical nuance and sharp perspectives, you’ll appreciate that exchange.

And yes… I asked Aaron about his favorite Regular…

Classic performance optimization strategies in a Ruby on Rails application involve moving slow or expensive logic to background jobs, looking at slow queries and adding missing indexes, or tracking and fixing N+1 query issues. The view layer, most of the time overlooked, should also be a target for performance improvements. In this post, we will do a quick recap of the different rendering strategies in Rails, benchmark them to set the base, and analyze them to decide when to use them (or when not to).

Rendering strategies in Rails

In Rails, we can render a template in many ways. To illustrate the different rendering strategies, we’re going to use a simple Rails 8 app, like the one in the…

September is conferencing season for me, and this year, I decided to do the Ruby Triathlon, so I attended Rails World in Amsterdam, FriendlyRb in Bucharest, and EuRuKo in Viana do Castelo.

Direct link to podcast audio file

Hey, look! Breaking Change now has chapter support for each segment! More on how I did that while still upholding my commitment to laziness later.

I didn't get a good job connecting this version's release to what I was referencing, so to be clear I was referring to my heart rate as opposed to any other bodily functions. The other ones are getting up just fine, thank you. Get your head out of the gutter.

Thanks for all the great e-mails the last couple weeks! Throw yours on the pile at podcast@searls.co. Hopefully Fastmail won't lose it.

For the folks who pronounce URLs like Earls:

• Fallout comes to HHN
• Apple's bullshit Watch Series 11 battery claims
…

Welcome to Hotwire Weekly!

Welcome to another, slightly delayed, issue of Hotwire Weekly! Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Rails World 2025 talk recordings - The Rails Foundation published the recordings for Rails World 2025. Here are direct links to the Hotwire-adjection talks:

• "Hotwire Native - A Rails Developer's Secret Tool for Building Mobile Apps" by Joe Masilotti

• "Offline Mode to Hotwire with Service Workers" by Rosa Gutiérrez

• "Introducing ReActionView: A new ActionView-Compatible ERB Engine" by Marco Roth

• "Lessons from Migrating a Legacy Frontend to Hotwire" by Radan Skorić

Hotwire Native is extremely future proof - Dennis Paagman explains how iOS 26's…

I finally had a little time to look more into the Rubygems drama. I don’t know anything else than what you can publicly read and it looks like that information is also hard to trust.

David Celis recently published a thoughtful piece on Rails governance in response to the latest troubling blog post from DHH, the creator of Rails. Like David, I’ve also been troubled by DHH’s recent output and the harm it is causing to the Ruby community.

I think it’s worth taking a moment to analyse DHH’s post in more detail and make it clear exactly why it’s so problematic.

In his post, DHH complains that London is no longer a city he wants to live in because it is now only a third “native Brit”. His use of “native Brit” is as a proxy for “White British”. The implication is clear: if you are not White, you are not British.

In the same post he praises Tommy Robinson (actual name…

So here's a neat way to magically cut in half the time it takes to transfer to your new iPhone.

Back in 2019, I realized iPhone restores run much faster when the device is kept cold, because thermal throttling—not data transfer rate—is the real bottleneck. The thing is, a fridge isn't quite cold enough and a freezer was way too cold (phones don't work well at below zero temperatures, apparently). So the stopgap solution I initially arrived at was to sandwich the phone between a couple ice packs. Not only did it work great, I was tickled to see a few sites like Cult of Mac publish how-to guides on the technique.

Anyway, figuring out how to best cool my iPhones to expedite a dir…

I’ve been part of the Ruby on Rails ecosystem for over two decades. I’ve watched teams adopt Rails with wild enthusiasm… evolve their systems… struggle through growing pains… and eventually find themselves in an uncomfortable position; debating whether to abandon the tools that once brought them so much joy.

I don’t think that’s necessary… or even wise.

But I do think it’s understandable.

After working with and talking to hundreds of teams… many of them using Rails, Laravel, Ember.js, or even React… I’ve noticed a pattern. A lifecycle of sorts. The way teams internally adopt and evolve their relationship with a technical stack. I’ve seen it reflected in our consulting clients at Planet…

If you read reviews of iPhone Air, you will quickly find that the pundit class has concluded it's a mixed bag. A "compromised" product, even.

For tech reviewers lining up all these phones next to each other and weighing the pros and cons, I can absolutely understand how iPhone Air doesn't seem to earn its spot in the lineup at $999. Just look at all these downsides:

• Battery: The battery life is slightly worse than iPhone 17 and much worse than iPhone 17 Pro
• Performance: The A19 Pro chip in iPhone is not only binned (it loses a GPU core), it's so thermal-constrained it probably wouldn't be able to use that core anyway—one review saw significantly worse sustained performance from iPhone Air…

Ages ago, when I was still a student, I taught myself Ruby on Rails for my senior thesis and fell in love. Fifteen years later, and I’ve used Rails at every job I’ve ever held in the tech industry. Fifteen years, and I still love Rails! But there’s something rotten at its core, and we share a name.

The DHH Problem

Back in 2014, Tom Stuart delivered a pithy yet salient lightning talk at the Scottish Ruby Conference titled The DHH Problem, in which he succinctly describes the character of David Heinemeier Hansson, the creator of Rails. I recommend watching it because, in just three and a half minutes, he effectively…

Updated 2025-09-25 to reflect: Postponement of Q&A Session and link to updated statement.

Ruby Community,

At the heart of Ruby Central’s mission is our responsibility to steward the open source tools that power the Ruby ecosystem. That commitment is only as strong as the people and processes behind it. Over the past several months, we have been carefully reviewing how RubyGems.org, RubyGems, and Bundler are governed, and we are making changes to ensure these critical services are supported in a sustainable, transparent, and secure way.

As the nonprofit steward of this infrastructure, Ruby Central has a fiduciary duty to safeguard the supply chain and protect the long-term stability of the…

I’ve written and talked extensively about Hypermedia APIs for about a decade. The HATEOAS constraints in representing resources for a RESTful API has numerous advantages in API design, readability, discoverability, and performance over a hand-rolled REST API. Unfortunately, adoption of Hypermedia APIs is very low compared to, for example GraphQL, but I find the implementation a lot simpler and continue adding Hypermedia APIs to my pet projects.

At its root a Hypermedia API looks like so.

{
  "_links": {
    "self": {
      "href": "https://sup2.playplay.io/api"
    },
    "status": {
      "href": "https://sup2.playplay.io/api/status"
    },
    "team": {
      "href": "https://sup2.playp…

The above example is an extract from this API. For this post we will use one of my Slack bots called S’Up, which…

Live from Rails World 2025 in Amsterdam, Chris and Andrew hang with Andy Croll and Jason Charnes to trade conference vibes, hair envy for DHH, and real talk on the keynote roadmap: Turbo offline, Hotwire Native 1.3, Kamal, “CI on your machine,” SQLite, and Beamer. The conversation also touches on the quirky and entertaining embassy experience at Rails World, favorite talks, plans for the final day of the conference, and the museum party.  Hit download now for an episode that will keep making you laugh! 

Links

• Chris Oliver X
• Andrew Mason Bluesky
• Judoscale- Remote Ruby listener gift
• Andy Croll X
• Jason Charnes X
• Rails World 2025 Opening Keynote- David Heinemeier Hansson
• Buzzsprout

Hey, Emmanuel Hayford here with the latest from the Rails codebase. Let’s get to it!

Oh! In case you missed it, all the talks from #RailsWorld 2025 are now available online here.

Fix SCRIPT_NAME handling for engines mounted at root.
When an engine is mounted at / and SCRIPT_NAME is in use, URL helpers were incorrectly dropping the script name from generated URLs. The issue was traced to RoutesProxy#merge_script_names, which didn’t handle the edge case where the script name was just /. The fix trims trailing slashes from new_script_name, restoring correct URL generation for apps deployed under a path prefix.

Generalize :rich_text_area Capybara selector
The :rich_text_area Capybara…

As chronicled by my teammate Ellen, the RubyGems team is no more. I wish the best of luck to everyone taking on the herculean task of keeping package management functional and working for the entire Ruby community.

In the meantime, I’m looking forward to spending my new free time focusing on projects that I’m truly excited about, like rv. We’d love to have your help as we work to build next-generation tools for Ruby.

I have written a fair amount on the basics of Stimulus, but I never wrote about the absolute basics: what actually is a “Stimulus controller”? That is why I want to cover some basics. This article was taken from various parts of the book JavaScript for Rails Developers

The foundation of Stimulus is the “controller”, which serves as the primary building block for organizing your interactive features. Stimulus encourages you to write small, reusable controllers. Opposed to component-specific controllers (though those have their place too!).

A Stimulus controller is essentially a regular JavaScript class. So, what does that look like?

class Editor {
  constructor(content) {
    this.content =…

The Verge is included in Apple News+, so if you're an Apple One subscriber (as I imagine, many Verge readers are), whenever you hit the paywall in your browser you can—at least from Safari's Share Sheet—very easily open the same article in the News app and avoid the paywall.

I bought The Iconfactory's Tot app years ago when it first released, but found I didn't really have a need for a semi-ephemeral, intentionally finite scratchpad.

That changed this summer! Why? Because in this nascent era of terminal-based coding agents, I have found a semi-ephemeral, intentionally finite scratchpad to be invaluable.

Use cases include:

• Writing long prompts directly in the terminal only for things to go wrong can sometimes make it hard or even impossible to recover later, so instead I write them first in Tot and then paste them into my terminal. If anything goes wrong, I no longer try to multi-shot it and watch the model spin, I just restart the chat, tweak the prompt, and…

There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier CVE-2025-58767. We strongly recommend upgrading the REXML gem.

Details

Parsing invalid XML containing multiple XML declarations may cause increased execution time and memory usage. Please update REXML gem to version 3.4.2 or later.

Affected versions

• REXML gem from 3.3.3 to 3.4.1

Credits

Thanks to Sofi Aberegg for discovering this issue.

History

• Originally published at 2025-09-18 03:00:00 (UTC)

Posted by naitoh on 18 Sep 2025

My iPhone Air MagSafe Battery came in the mail today, and it was the first time I've ever seen this ridiculous sticker.

Does this mean the product can't be taken on passenger planes? Because the only risk factor other than the product the battery itself in the box is a few layers of cardboard.

Quick impressions on the product:

• It is a battery
• It can be charged via USB-C and charge other devices via USB-C
• It can connect to phones other than the iPhone Air, but generally only sideways, and iOS 26 handles it in software correctly (meaning whatever software integration Apple built for the product isn't gated to iPhone Air serial numbers)
• It will attach to MagSafe chargers but not charge…

Last year at Friendly.rb, we installed our monitoring gem on our friend Yaro’s SupeRails app, and discussed what he could eventually do to improve its performance. He enjoyed it and suggested we do it for more people. Back from the conference, we started doing it.

We are going to Euruko this year week, and we’ll have a small booth. Let’s do it again!

Attending Euruko?

Exciting right? Here is the plan:

1. Create an account, install the gem in your application, and deploy it. (Skip to 3 if you did it before the conference)

2. Watch a talk while the monitoring data is being collected.

3. Come and see us at our booth, and we’ll review your data together and discuss ways to optimize your app’s…

No Euruko?

You’ll be missing out, but rejoice, you can have almost the same experience when we come back:

Building a Node.js server without a full framework is technically possible, but leaning on a framework will certainly improve your development speed and likely your app’s quality. Frameworks give us reusable tools that help us not have to reinvent the wheel for every little thing. Choosing a Node framework (and picking the right one) will ensure you spend less time on basic functionality and more time on your actual application logic.

The popularity of JavaScript and Node.js means we get a handful of really incredible frameworks to choose from and plenty of great hosting options. In this article, I’ll explain what makes each framework unique and how you can choose…

Imagine debugging a performance issue in your Rails ecommerce app’s checkout process. The default logs display a vague "slow request," but this is insufficient to determine what's actually happening. You need to pinpoint exactly which database query, external API call, or background job is causing the bottleneck. More importantly, you need to understand the business impact: How many customers are abandoning their carts due to this issue? What's the revenue loss per minute?

Custom instrumentation with AppSignal for Ruby enables you to tag and measure these components in real time, providing both technical insights and business intelligence.

In this tutorial, we'll custom instrument a…

The Apple Photos app sometimes corrupts images when importing from my camera. I just wanted to make a blog post about it in case anyone else runs into the problem. I’ve seen other references to this online, but most of the people gave up trying to fix it, and none of them went as far as I did to debug the issue.

I’ll try to describe the problem, and the things I’ve tried to do to fix it. But also note that I’ve (sort of) given up on the Photos app too. Since I can’t trust it to import photos from my camera, I switched to a different workflow.

Here is a screenshot of a corrupted image in the Photos app:

How I used to import images

I’ve got an OM System OM-1 camera. I used to shoot in RAW +…

Turbo Streams is pretty awesome.

It’s a great tool to make surgical updates to your pages over websocket/SSE. You can easily build applications that require live updates with the kind of minimal effort that would make the modern Javascript developer blush. And even more impressive, it’s made possible by reusing your existing Rails view partials, giving it essentially 8 new super powers.

It’s a fine tool to have. I must have it.

Earlier this year, we announced Superglue: The Rails Way of building React and Rails applications. In the same spirit, today we’re announcing Superglue 2.0 Alpha and our new tooling: Super Turbo Streams, a port of Turbo Streams made for Superglue.

Why? …

This blog post was adapted from our paper and talk at the International Symposium on Memory Management 2025.

This browser does not support displaying PDFs. Please download the PDF to view it: Download PDF.

We would first like to acknowledge the late Chris Seaton, who initiated our collaboration with the Australian National University on this project. We are thankful for his contribution, vision, and leadership. Without him, none of this would have been possible.

Background

The Australian National University (ANU) and Shopify are collaborating on integrating the Memory Management Toolkit (MMTk) with Ruby. We are…

Previously, I wrote Everyday Performance Rules for Ruby on Rails Developers. I will try to provide another round of good practices. I hope that will help you speed up your application as well.

Rendering a collection is faster than calling a partial in a loop

<%# Slower %>
<% records.each do |record| %>
  <%= render "partial", record: record %>
<% end %>

<%# Faster %>
<%= render partial: "partial", collection: records, as: :record %>

Because render "partial" lookups for the partial N times and generates N instrumentations.

Whereas, rendering a collection lookups for the partial only once and generates a single instrumentation.

As always, less is faster. Here is a benchmark to…

It’s board game night at the Bike Shed as Joël and Aji crack out the game pieces to assess how their work as programmers influences strategy when playing some of their favourite games.

As they make their way round the board they discuss the cycle of setbacks and iteration, finding the optimal solution to a puzzle, as well as the key skills that best links their programming work to board games.

—

Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (check the link for your free gift!), and Scout Monitoring.

Check out the upcoming conferences mentioned in this episode - XO Ruby and Rocky Mountain

Your hosts for this episode have been thoughtbot’s own Joël…

Ruby 3.4.6 has been released.

This is a routine update that includes bug fixes. Please refer to the release notes on GitHub for further details.

Release Schedule

We intend to release the latest stable Ruby version (currently Ruby 3.4) every two months following the most recent release. Ruby 3.4.7 is scheduled for November and 3.4.8 for January.

If a change arises that significantly affects users, a release may occur earlier than planned, and the subsequent schedule may shift accordingly.

Download

• https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.6.tar.gz

  SIZE: 23266686
  SHA1: f44d45ca26d54ff92ab00a3515335cae755b18ec
  SHA256:…

James O'Sullivan has a banger of an editorial on the "late attention economy", including this bit illustrating the various platforms' pivot from active participation to passive absorption:

While content proliferates, engagement is evaporating. Average interaction rates across major platforms are declining fast: Facebook and X posts now scrape an average 0.15% engagement, while Instagram has dropped 24% year-on-year. Even TikTok has begun to plateau. People aren't connecting or conversing on social media like they used to; they're just wading through slop, that is, low-effort, low-quality content produced at scale, often with AI, for engagement.

I'm grateful to be living a timeline-free…

The dust has settled on Rails World 2025, and we owe a huge thank-you to everyone who came to Amsterdam and made it unforgettable.

But first and more importantly: All the talks are now online! Catch up on ones you missed on the Rails World 2025 YouTube playlist.

Recap

814 Rails devs from 62 countries gathered in Amsterdam for more than two days of the latest news in Rails, technical talks, networking, and a fantastic closing party.

Here’s a quick run down of the highlights:

Keynotes

DHH opened by challenging tech’s obsession with complexity, announcing Rails 8.1 beta and a wave of new features—including Markdown Rendering, Active Job Continuations, Action Text Lexxy, Beamer, Active…

Scale your Rails app without rewrites. Learn to keep business logic in Ruby and delegate heavy work to specialized tools, built with Go, C, and Rust, for performance and scalability.

Ruby on Rails excels at business logic, developer happiness, and rapid iteration. Still, when performance bottlenecks emerge, the typical refrain is: "rewrite in Go," "extract to microservices," or "break up the monolith." But there's a better way: scaling your Rails app without breaking the recipe by optimizing your kitchen instead.

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Rails World 2025 Recap - ReActionView, Herb v0.7 and Herb::Engine - Marco Roth published a recap of his Rails World Talk in which he introduced the ReActionView initiative, a new ERB engine compatible with ActionView, together with Herb v0.7, and so much more. All aimed at leveling up Rails’ view layer without having to abandon .html.erb.

Leveraging Hotwire for Dynamic Input Field Label Pluralization - Amanda Klusmeyer shows how to use a Stimulus controller with singular and plural values to update a label like night vs nights based on user input, making forms more…

Walkthrough Video: Opal Stimulus - Joseph…

Whenever I need to verify a network connection with a remote LLM, I always ask it 1+1. I'm sure it'll still raise the ocean level by a millimeter, but it seems less bad than a more complex query.

I forgot I had unhidden chain-of-thought reasoning, so I chuckled when I got this:

Sure thing! The task is straightforward: I just need to respond to "1+1" with "2." It's a simple calculation, so I won't overthink it. There's no need to use any tools for this, and I know the guidelines about "Destructive Deletions" and "No Comments by Default" don't really apply here. I'll just keep it short and clear, and the answer will simply be "2."

At least it didn't overthink it.