Rubyland

Vibe coding can speed up app development, but it can also quietly introduce serious security flaws. Here are the four most common risks and how to avoid them.

Few things let us build full-fledged applications from scratch as quickly as vibe coding. And few things introduce security risks into code as quickly as vibe coding. In this post: the most common security holes that can materialize when vibe coding, and how to resolve them. Not all have an easy or fast solution, but we’ll tackle them and learn how to stay vigilant!

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Implementing OAuth in Hotwire Native apps with Bridge Components - Mike Dalton shows how to build a reusable OAuth bridge component for Hotwire Native, letting your app authenticate with external providers.

Responsive code formatting on web - Paweł Pacana explores how to make code listings adapt their formatting for different container sizes using CSS container queries, smart typographic patterns and Turbo Frames.

The Turbo + ActionCable Trap: When Your Real-Time Rails Feature Fights Itself - Ed Ruder warns about a subtle pitfall when combining Turbo Streams with…

Joël talks with guest thoughtbotter Steve Polito about his recent work rewriting Suspenders, an old thoughtbot gem from the 2000s.

Steve discusses his role on the rewrite and the steps he took in optimising it for modern rails, Joël dives into some of the new features found in the gem, before discussing with Steve the use cases for Suspenders and why you might choose it over other rails starter apps.

—

Want to learn more about our gem Suspenders? Check out some of these links to get yourself up to speed and try it for yourself.

Suspenders Gem - Suspenders Feature List - thoughtbot’s guide for programming

Your hosts for this episode have been thoughtbot’s own Joël Quenneville…

February 10, 2026 Introduction libgd-gis now supports legends, introducing a fundamental building block in map communication. With the release of v0.4.1, legends become a first-class feature of the rendering pipeline, pushing the library one step closer to covering the essential capabilities expected from a modern GIS engine. Legends are not just a visual accessory. They … Continue reading When Maps Explain Themselves: Legends, Style, and Finished Images in Ruby →

An intermediate report for Ruby Association Grant on TutorialKit.rb, a toolkit for building interactive Ruby and Rails tutorials that run entirely in the browser using WebAssembly and WebContainers.

Ruby and WebAssembly are both powerful technologies, but together they unlock vast new possibilities. Evil Martians continue pursuing our goal of making ruby.wasm beneficial to the broader Ruby community (and beyond). To that end, we'd like to introduce our new project: TutorialKit.rb.

You’ve probably seen Rails.env.production? in your codebase to ensure that certain code only runs in production. Instead of having to compare strings, Rails.env == "production", Rails wraps the string in an ActiveSupport::StringInquirer so you get readable methods like .production? and .development?.

Active Support also adds an inquiry method to String so you can use this same pattern in your own code.

Instead of…

…comparing strings with ==:

class Writing < ApplicationRecord
  # category is a string: "story", "nursery_rhyme", "song", "article", "social_post"

  def online?
    category == "article" || category == "social_post"
  end
end

Use…

…the inquiry method to ask questions of…

Scott Werner (founder of Sublayer and organizer of Artificial Ruby) told me something that stuck with me:

“The first version of the sublayer gem was actually a coding agent, but it was coming together so quickly… I was like, wait… if this is so easy for me, it’s going to be easy for everybody, and everybody is going to be making these…”

Last week, we open-sourced a minimal but feature-packed coding agent. We were after the simplest, straightforward, stupidly effective agent possible, so we named it Detritus, after Lance Constable Detritus of the Ankh-Morpork City Watch from Discworld (thanks for so much and so many, Sir Terry).

Detritus is built in just 250 lines of code, yet it…

Today is a sad day because last week a platform that we know, like, and trust made a surprising and disappointing announcement.

On February 6, 2026, Heroku published an update on the future of the platform. The announcement confirms what many in the community had suspected for a while: Heroku is transitioning to a “sustaining engineering model.”

In plain English, that means maintenance model: No new features, no new Enterprise Account contracts for new customers, and a focus on stability only.

If your Rails application runs on Heroku, this is the moment to start thinking about your next move. The platform is not disappearing overnight, but the direction is clear: Heroku’s best days are…

Sometimes, engineering improvements don’t begin with a grand roadmap. They start with a small moment of curiosity.

One afternoon, while working on a React component, I noticed something strange.

When I typed my component props directly, TypeScript flagged an unused prop. But when I wrapped the same component in React.FC, the warning vanished.

That didn’t feel right. TypeScript is supposed to protect us from mistakes — not silently ignore them.

I opened up a TypeScript playground and tried a few experiments. Sure enough, React.FC was changing how the compiler treated props. It was as if TypeScript was politely saying, “Don’t worry, everything’s…

Software quality practices have evolved over six decades. What began as a response to the “software crisis” of the 1960s has grown into collaborative specification techniques that bridge the gap between business and technical teams.

Contents

1. Evolution of Quality Approaches
2. The Software Crisis (1968)
3. Structured Programming (1968)
4. Fagan Inspections (1976)
5. Cleanroom Software Engineering (1980s)
6. Personal Software Process (1990s)
7. UML and Design Communication (1997)
8. Extreme Programming (1996-1999)
9. Test-Driven Development
10. Behavior-Driven Development (2006)
11. The C4 Model (2011)
12. Given-When-Then Format
13. User Stories
14. Specification by Example (2010s)
15. Example Mapping
16. TDD…

Evolution of Quality Approaches

1968-1990s: Quality through PROCESS

The early focus was on disciplined processes to catch defects: Fagan Inspections (formal peer review), Cleanroom (defect prevention), and PSP (individual measurement).

1994-1997: Quality through DESIGN COMMUNICATION

Teams needed shared visual languages. UML unified…

We ordered a wood chest that arrived with cosmetic damage. After logging the damage in their customer support interface, it prompted me to start a chat with their AI virtual assistant.

What happened next:

1. It immediately offered me a 15% refund to keep the product
2. I asked for 20% and it immediately agreed
3. I asked for 25% and it immediately agreed
4. I asked for 30% and it turned me down
5. I took the 25%, which was, indeed, immediately refunded

Turns out that negotiating with a rules engine is way easier than negotiating with a human tasked with operating a rules engine.

So basically, all Wayfair did was add a chatbot to the end of their existing "Report a Problem" interface…

As a year winds down, entrepreneurs often pause to reflect on the risks taken, the lessons learned, the wins celebrated, and the setbacks overcome behind the scenes.

What if those moments could be captured visually in a way that felt personal, branded, and inspiring?

That is exactly what we set out to do with a custom GenAI-powered card builder created for the Entrepreneurs Organization of Philadelphia.

A Custom AI Experience for EO Philadelphia

This project started as a small but meaningful side project for the Entrepreneurs Organization (EO) Philadelphia community.

Our founder, Ernesto Tagwerker, has been a part of this community since ‘23.

The goal was simple:

• Celebrate…

I woke up today and my workflow is already obsolete. At least that’s what X is telling me. New models, new tools, new “game changing” workflows. Everything happens so fast in the AI world. Social media is going crazy. You haven’t even tried the last big thing and it’s already obsolete. It’s so easy to fall into the feeling of being behind. This feeling may even transform into fear, since everyone shouts that AI is coming for your job. So you try to catch up, check out the latest solutions, find something you like, spend hours perfecting your new workflow. Then you wake up the next day and you’re behind again.

Yes, things are happening fast, but it’s not a reason to panic. Think for a…

This is the concluding article in the series On the Way to Step Functions - you will find the other articles linked below:

• On the way to step functions: Part 1
• On the way to step functions: Part 2
• On the way to step functions: Part 3

We have established a few important points so far.

• The spirit, the desiderata of durable execution comes from the desire to have marshalable stacks - which are unachievable.
• Second-best option are workflows, which are actually DAGs under the hood.
• The DAG definition and the code inside the nodes are two separate worlds with different semantics.
• Systems that pretend they are one body of execution will make you hurt.

So: how do we apply…

In medicine there is the concept of a disease being “subclinical”, and I think the concept can apply to bullying in the workplace.

Every workplace has a threshold for bad behaviour, and subclinical bullying is bad behaviour which doesn’t cross the threshold. Much like how a doctor often won’t treat a subclinical disease, your manager often won’t address subclinical bullying. There are lots of reasons why this might be the case, for better or for worse. One of those reasons might be that your manager is showing grace, which can feel unfair, but is also important for a healthy team dynamic.

Not a tutorial, not a benchmark — just experimenting with 2D and 3D rendering in Ruby and confirming that the foundation is already mature and reliable. Links: https://rubygems.org/gems/ruby-libgd https://github.com/ggerman/ruby-libgd # frozen_string_literal: true require "gd" W = 1400 H = 500 TEXT = "Ruby-LibGD v0.2.4" FONT = "/usr/share/fonts/truetype/dejavu/DejaVuSans-Bold.ttf" SIZE = 72 DEPTH = 32 img = … Continue reading A quick DEMO of Ruby-LibGD v0.2.4. →

Happy Friday! This is Greg, bringing you the latest changes in the Rails codebase. It was a quiet week, but there are still noteworthy changes, let’s explore them.

Read from ENV[‘REVISION’] if present
Rails.app.revision now checks ENV["REVISION"] before falling back to the REVISION file or git.

Improve error page to make nested stack traces more discoverable
This pull request adds a small arrow on the side of the summary bar of the error page in development and it can be clicked to reveal the stack trace.

Pass SQL query to query log tags
With this change, the SQL query is passed to query log tags. If you are using the query log tags for debugging, you can access the SQL query like this:

…

Mitchell Hashimoto, founder of Hashicorp and, more recently, Ghostty in a post on his relationship with AI coding:

Instead of giving up, I forced myself to reproduce all my manual commits with agentic ones. I literally did the work twice. I'd do the work manually, and then I'd fight an agent to produce identical results in terms of quality and function (without it being able to see my manual solution, of course).

This was excruciating, because it got in the way of simply getting things done. But I've been around the block with non-AI tools enough to know that friction is natural, and I can't come to a firm, defensible conclusion without exhausting my efforts.

But, expertise formed. I…

In this episode, Chris, Andrew, and David kick off with humorous stories about coding experiences across different languages, and then they welcome back guest Kevin Newton who shares his journey from Shopify to Meta. Then, Kevin discusses the intricacies of Ruby and Python, particularly the challenges and trade-offs in their runtime implementations. The conversation then shifts to the development and adoption of the Prism parser in Ruby, highlighting its impact on various projects. Lastly, Kevin shares insights on his work with a pure Ruby YAML parser and a regex engine, emphasizing the complexities and joys of coding and parsing languages. Hit download now!

Links

• Judoscale- Remote Ruby…

The timezone bug that hid in plain sight for months

We recently fixed a bug in a financial platform’s data sync that had been silently causing inconsistencies for months. The bug was elegant in its simplicity: checking DST status for “now” when converting historical dates.

The broken code

I found this while debugging a different sync issue — the real bug turned out to be hiding in a helper method I wasn’t even looking at.

def self.date_to_utc(value, timezone_key)
  offset = Time.now.in_time_zone(TIMEZONE_MAP.fetch(timezone_key)).formatted_offset
  Time.new(*value.to_s.split('-').map(&:to_i), 0, 0, 0, offset).utc
end

Looks reasonable, right? Get the timezone offset, create a Time object,…

At the end of May 2025, my partner (Shaz) and I went to buy a new house. We had inspected it a few times previously and loved it. It was the day of the auction, and we went out for a morning walk with the dog and my heart started doing a weird thing: it started beating really really fast. It sustained the pace for about 5-10 seconds, then returned to baseline. Then it would repeat this about every minute. I put it down to the stress of the auction.

We went to the auction and we were the only bidders, and got bumped up a few notches by vendor bids, and then settled on a final price. All through this time my heart was still doing its slow-fast-slow switching every minute or two. Still…

My friend Eric Doggett became a Disney Fine Artist a couple years back and he's currently being featured at EPCOT's 2026 Festival of the Arts. Each day this week, he's holding court to talk to people about his work at a pop-up gallery just outside the Mexico Pavilion. Myself and a few other friends ganged up on him this afternoon to lend our moral and financial support by showing up and buying a few pieces.

I really like the painting I picked up. It's a semi-subtle ode to Big Thunder Mountain, a celebration of Walt's love of trains, a not-so-hidden Mickey-shaped rockface, and a tiny nod to the goat.

If you're a local, swing by and say hi to Eric—he's great! If you're not,…

Direct link to podcast audio file

Elon has combined 3 of his 4 businesses and everything makes sense. Also, I went to Japan and all I came back with was another weird story about animal sperm. Other stuff happened too, but let's be honest, it's the typical AI schlock you've come to expect from this decade.

Write in with your own takes to podcast@searls.co. Please. Really! Do it.

Citations needed?

• 白子揚げ = 🐟🍆💦🍟
• scrapple scrapes Apple docs for agents
• prove_it forces Claude to verify his shit works
• Aaron's puns, ranked
• A sane but extremely bull case on Clawdbot / OpenClaw
• US Insurer 'Lemonade' Cuts Rates 50% for Drivers Using Tesla's 'Full Self-Driving' Software
• Elon Musk's SpaceX…

Rails, when using turbo(-links), has long shipped with a built-in confirmation dialog for destructive actions. You’ve probably used it countless times:

<%= button_to "Delete",
  post_path(post),
  method: :delete,
  data: { turbo_confirm: "Really delete this post?" }
%>

It works. It’s simple. But it’s also… well, a bit boring. The browser’s native confirm dialog is functional but not exactly pretty. And customizing it? Not really an option.

The default turbo_confirm uses the browser’s built-in confirmation dialog. It gets the job done, but you have no control over how it looks or what content it displays. Want to add formatting? Can’t do it. Want to match your app’s design? Nope. Want…

RubyGems 4.0.6 includes enhancements and Bundler 4.0.6 includes bug fixes and documentation.

To update to the latest RubyGems you can run:

gem update --system [--pre]

To update to the latest Bundler you can run:

gem install bundler [--pre]
bundle update --bundler=4.0.6

RubyGems Release Notes

Enhancements:

• Update vendored resolv to 0.7.0. Pull request #9298 by hsbt
• Installs bundler 4.0.6 as a default gem.

Bundler Release Notes

Bug fixes:

• Fix gzip cache corruption when recovering from HTTP 416 responses #9272
• Fallback git/path sources to default source #9301
• Ensure revision is always re-resolved in git_proxy.rb #9294

Documentation:

• Clarify local gem override…

Evil Martians make the impossible possible: launching a new Aptos Network website in just one month!

Evil Martians have proudly collaborated with our client Aptos for 3+ years. Recently they had a special task: a brand new website in just one month! In this post, the secret Martian sauce that allowed us to win a race against time, lessons learned on the way, and practical advice for achieving development goals without compromising quality!

Choosing the right hosting environment for a Node.js application will define much of both your development workflow and application performance. The hosting option you choose directly affects the developer experience (how easy deployments and updates are), the cost model of running your app, its scalability under load, and how much control (and responsibility) you have over your infrastructure.

For example, a fully managed platform can eliminate server maintenance at the cost of less flexibility and more money, whereas running your own server gives maximum control but demands more operational work.

Your goal in deciding on where to host a node app is to align your hosting choice…

As a JavaScript developer, you’re probably used to ORMs like Sequelize, TypeORM, or Prisma. You define schemas, write migrations, and explicitly map database columns to object properties. Everything is typed out, configured, and visible.

Then you encounter Rails ActiveRecord and it feels like the entire database just materialized into your models with zero configuration. You have getters, setters, query methods, validations, and associations—all without writing a single line of code defining your attributes.

The first time I saw a Rails model with three lines of code querying a database table with 20 columns, I was suspicious. Where are the column definitions?

JavaScript ORMs vs…

It’s not old software that stalls teams. It’s what happens when the future stays unresolved.

Continue Reading

As a year winds down, entrepreneurs often pause to reflect on the risks taken, the lessons learned, the wins celebrated, and the setbacks overcome behind the scenes.

What if those moments could be captured visually in a way that felt personal, branded, and inspiring?

That is exactly what we set out to do with a custom GenAI-powered card builder created for the Entrepreneurs Organization of Philadelphia.

A Custom AI Experience for EO Philadelphia

This project started as a small but meaningful side project for the Entrepreneurs Organization (EO) Philadelphia community.

Our founder, Ernesto Tagwerker, has been a part of this community since ‘23.

The goal was simple:

• Celebrate…

Research-backed insights into what AI-assisted developers can actually deliver: when productivity improves, when it doesn’t, and how setting realistic expectations means best quality results.

AI has quickly reshaped software development, but the benefits are still quite foggy. So, if you're working with developers who regularly use AI to speed up their work, what can you actually expect of them? Can AI truly transform us all into "10x engineers" or is this just a pipe dream? This post has research-backed answers to help set reasonable expectations when dealing with AI-assisted developers.

Sally and Aji assess some common metrics for success when working a project and how they may not always provide the clearest picture of how things are going.

Together they discuss how to communicate effectively with stakeholders who are less technical to fully appreciate certain decisions and choices being made on a project, as well as the different metrics you can use to better reflect success and setbacks on a project.

—

Your hosts for this episode have been thoughtbot’s own Sally Hall and Aji Slater.

If you would like to support the show, head over to our GitHub page, or check out our website.

Got a question or comment about the show? Why not write to our hosts: hosts@bik…

Opening the Heart of libgd-gis February 3, 2026 How Ruby Turns Coordinates into Maps (and Why Tests Matter) Maps look simple on the surface. You give them coordinates. They give you an image. But anyone who has gone even slightly deeper knows that coordinates are never just numbers. They are context. They are assumptions. They … Continue reading Opening the Heart of libgd-gis →

Recently, some Neeto customers reported experiencing a verylong page load time. For some of them, the page didn't even load. We found thatthe issue is related to CDN caching.

Neeto uses React.js for the front-end code, and the asset files are hosted atCloudFront. To complicate matters, we use CloudFlare as our DNS resolver.Between CloudFlare and Cloudfront, we were not sure what was being cached and atwhat level. Since this problem was being faced only by our customers, it was abit difficult to reproduce and debug.

The whole setup is like this:

• Browsers make requests to https://cdn.neetox.com/assets/xyz.js
• Clouflare forwards the request to Cloudfront
• CloudFront acting as the caching layer will…

If the browser is not getting the…

The JRuby community is pleased to announce the release of JRuby 10.0.3.0.

• Homepage: https://www.jruby.org/
• Download: https://www.jruby.org/download

JRuby 10.0.3.x targets Ruby 3.4 compatibility.

Thank you to our contributors this release, you help keep JRuby moving forward! @mrnoname1000, @ngr-ilmarh, @Earlopain, @philr, @jotamartos, @kares, @aleksandrs-ledovskis, @trinistr, @katafrakt, @chadlwilson, @khasinski, @evaniainbrooks

Compatibility

• JRuby now reports RbConfig::CONFIG['arch'] without a version number, as universal-java. This allows using different JDK versions without triggering RubyGems missing extension warnings for installed gems. The host Java version is still…

Glad to see Jerod properly follow up on this one:

In September of last year, I covered a post by Mike Judge arguing that AI coding claims don't add up, in which he asked this question:

If so many developers are so extraordinarily productive using these tools, where is the flood of shovelware? We should be seeing apps of all shapes and sizes, video games, new websites, mobile apps, software-as-a-service apps — we should be drowning in choice. We should be in the middle of an indie software revolution. We should be seeing 10,000 Tetris clones on Steam.

I was capital-T Triggered by this, having separately fired off my own retort to Judge's post at the time, and even going so far as…

And that…

When checking if a value exists within a collection, Ruby’s include? method does the job, but Rails provides a more natural alternative through Active Support’s in? method.

Instead of…

…reading your conditions backwards with include?:

nsync = ["Justin", "JC", "Chris", "Joey", "Lance"]

if nsync.include?(candidate)
  puts "#{candidate} is in the band"
end

# Or inline
if ["Justin", "JC", "Chris", "Joey", "Lance"].include?(member)
  puts "#{member} can join the inevitable reunion tour"
end

Use…

…Rails’s in? method for more natural reading:

nsync = ["Justin", "JC", "Chris", "Joey", "Lance"]

if candidate.in?(nsync)
  puts "#{candidate} is in the band"
end

# Reads naturally even inline
…

Why?

The i…

Frequently Played 🔗

I tend to listen to the same songs or albums on repeat that are evocative of how I’m feeling or what’s going on with me. Here is what I’m currently listening to over, and over, and over, and over, again.

The Weatherman 🔗

Trying to predict the future is almost as bad as my prediction coming true.

Full Lyrics

And I put aside my strongest desires that ruled me before
And I took all the pain that I could find
‘Til I exploded in electric light
Now I wander the open skies, waiting on the storm

Killing In The Name Of 🔗

I am of course essentially contractually obligated to point out that his former boss showed up with something new and something familiar.

Ain’t nobody coming to save us…

I’ve been working through the fantastic Crafting Interpreters book, and implementing the Lox interpreter in Ruby. I wanted a minimal type checking setup for the code, so I decided to configure sorbet with RBS comment syntax.

First, we add the sorbet and tapioca gems to the Gemfile.

gem "sorbet"
gem "tapioca", require: false

Next, we add a sorbet/config file that includes all the arguments that we would pass when running the srb typecheck command:

--dir
lib
--enable-experimental-rbs-comments

And that’s basically it! You can now type check your Ruby codebase with bundle exec srb typecheck.

Based on my experience adding Sorbet to a Rails app in the past, I expected this to be more…

For however expensive LLM inference supposedly is, OpenAI continues to be stupidly stingy with respect to web searches—even though any GPT 5.2 Auto request (the default) is extremely likely to be wrong unless the user intervenes by enabling web search.

Meanwhile, ChatGPT's user interface offers:

• No way to enable search by default
• No keyboard shortcut to enable search
• No app (@) or slash (/) command to trigger search
• Ignores personalization instructions like "ALWAYS USE WEB SEARCH"
• Frequently hides web search behind multiple clicks and taps, and aggressively A/B tests interface changes that clearly will result in fewer searches being executed

All of this raises the question: how does…

I've been using @conductor_build heavily for weeks now and it's completely changed how I ship Ruby on Rails code when working with Claude models.

The multi-workspace, multi-process model feels unusual at first compared to a single editor flow, but once you handle the Rails-specific quirks, your ability to work in parallel and ship faster skyrockets.

Here are the key practical steps and fixes I've found essential for getting a Rails app running reliably across multiple Conductor workspaces. I'll try to keep this up to date as I find new things.

Copy essential gitignore'd files

Anything in .gitignore (credentials, .env.local, custom config files, active storage…

Version 6.1.2 of the Passenger application server has been released. This is a very small bugfix release, which rolls out the new signing key for linux repos.

New Signing Key

While not a change to Passenger itself the APT and RPM repos are now signed with a new signing key. You can read about it here: https://blog.phusion.nl/important-new-signing-key-for-passenger/

Ruby Version Compatibility

Passenger 6.1.2 has improved support for Ruby 4 and Rubies < 2.3. Closes Github issues: 2642 and 2641.

Updates & improvements

Updated various library versions used in precompiled binaries (used for e.g. gem installs):

• cmake: 4.2.1 -> 4.2.2
• curl: 8.17.0 -> 8.18.0
• gnupg: 2.4.8 -> 2.5.16
• rubygems: 4.0.2 -> 4.0.4
• rubi…

Installing 6.1.2

Please see the installation guide for advice…

January 2026 README

Our January README newsletter is live!

Inside: highlights from the Fundraising Gala, Awards & Honorees, Ruby news, introductions to our new Ruby Central Board members, volunteer spotlights, and a supporter feature with GitButler.

Check out our January 2026 README here: https://buff.ly/MPIPdSW

In this episode, Blue Ridge Ruby organizers Jeremy Smith and Joe Peck join Andrew, Chris, and David to talk about the conference returning in 2026. They explain why it’s different (single-track, long breaks, and memorable community activities), what they’ve learned from running it, and how folks can help (speaking, sponsoring, and attending). The discussion also highlights the importance of community and in-person interactions in the tech industry, offering insights into how these events support professional growth and long-term sustainability in software development. Hit download now to hear more! 

• Chris Oliver X/Twitter
• Andrew Mason X/Twitter
• Jason Charnes X/Twitter

2025 was the year I started something I’ve been wanting to do for a very long time: freelancing.

I had already been a freelancer twelve years ago, and it did not go well. I was working too much, for too little, and some clients never paid me for my work. I was young(er) but I learned my lesson: freelancing is a whole extra job, on top of your core offering.

So when the opportunity arose last year, I knew I needed to get better at being a “company”.

A year of freelancing

I started freelancing at the very end of 2024. After a taxing four-month job search – that only emphasized how broken some tech companies are – I decided to switch my approach.

I reached out to Sunny – an internet pal…

Hi, Wojtek here. Let’s see what changed in the Rails codebase.

Disable the Active Record query cache in the console by default
Pass –query-cache to enable it for the session.

Fix inflections to better handle overlapping acronyms

ActiveSupport::Inflector.inflections(:en) do |inflect|
  inflect.acronym "USD"
  inflect.acronym "USDC"
end

"USDC".underscore # => "usdc"

Skip unique index lookup for insert_all!
insert_all! uses on_duplicate: :raise which performs a plain insert without any ON CONFLICT clause. Previously, find_unique_index_for was called unconditionally, requiring a unique index even when one wasn’t needed.

This caused unnecessary failures for tables with composite primary…

A practical look at why website redesigns stall and how choosing the right lead at each stage keeps work moving forward.

Continue Reading

AI can generate a full dashboard in an afternoon. But speed doesn't eliminate design decisions—and building the wrong thing faster is an expensive mistake. Here's what design work looks like across four stages, from framing problems to learning after launch.

If you're shipping with AI (which can mean generating everything from mockups to working code) you know it works. When something breaks, the problem usually isn't the AI. Instead, it's the decisions that were made for it. For dev tools and professional apps, the most expensive mistake is building something that doesn't fit how people…

Making Maps with Ruby January 29, 2026 Static and animated cartography built directly from GeoJSON For a long time, generating maps from code meant working inside heavy ecosystems designed primarily for analysis. Those tools are powerful, but they are not always the right fit. In many practical scenarios, the problem is simpler and more concrete: … Continue reading Making Maps with Ruby →

You know those times when you have a list of links and you want to show a nice icon next to each one? Maybe social media links in a footer, or a list of resources, or links in a bio page? You could manually add icons for each platform, but that gets tedious fast. What if the link could just show the right icon automatically?

That’s exactly what the <link-icon> custom element does. Pass it a URL and it figures out which icon to show. Twitter, GitHub, LinkedIn, Instagram, YouTube and a bunch more. If it doesn’t recognize the URL, it shows a generic link icon. Simple!

Here’s what it looks like in action:

<link-icon url="https://twitter.com/username"></link-icon>
<link-icon url="https://githu…

RubyGems 4.0.5 includes enhancements, bug fixes and documentation and Bundler 4.0.5 includes enhancements and bug fixes.

To update to the latest RubyGems you can run:

gem update --system [--pre]

To update to the latest Bundler you can run:

gem install bundler [--pre]
bundle update --bundler=4.0.5

RubyGems Release Notes

Enhancements:

• Removed unused deprecate loading. Pull request #9266 by hsbt
• Validate executable names for invalid characters. Pull request #9257 by hsbt
• Installs bundler 4.0.5 as a default gem.

Bug fixes:

• Fix RubyGems not able to require the right gem:. Pull request #9246 by Edouard-chin
• Remove special behavior for rake. Pull request #9245 by JasonLunn

I’m enabling comments via Mastodon using this webcomponent. @dpecos has done a nice job keeping it self-contained and has made good tradeoffs in functionality vs simplicity IMO. Thanks @sardaukar!

Rails uses inheritance and mixins heavily to make methods appear throughout your application. This can be confusing for JavaScript developers used to explicit imports. While Rails framework code uses inheritance heavily, thoughtbot recommends your application code prefer composition. This makes your code easier to test and makes dependencies visible.

Why Composition Matters: Testing

The primary benefit of composition is easier testing. You can inject test doubles instead of real objects, making your tests fast, isolated, and free from external dependencies.

With implicit dependencies (inheritance):

# Inheritance example - requires database and complex setup
class WelcomeNotifi…

Hello! One of my favourite things is starting to learn an Old Boring Technology that I’ve never tried before but that has been around for 20+ years. It feels really good when every problem I’m ever going to have has been solved already 1000 times and I can just get stuff done easily.

I’ve thought it would be cool to learn a popular web framework like Rails or Django or Laravel for a long time, but I’d never really managed to make it happen. But I started learning Django to make a website a few months back, I’ve been liking it so far, and here are a few quick notes!

less magic than Rails

I spent some time trying to learn Rails in 2020, and while it was cool and I really wanted to like Rails…

Tailwind CSS 4 changed how configuration works. The JavaScript config file has been replaced by CSS-based configuration using @theme directives and uses the tailwind CLI to shake down the generated tailwind classes and minify. Here’s how to set it up with Jekyll.

The Setup

Changes to four files, plus one more step if you want plugins.

Gemfile

gem "jekyll-tailwind", group: [:jekyll_plugins]

Run bundle install to fetch the gem. The jekyll-tailwind gem handles everything. No separate build pipeline, no PostCSS config, no watching for changes. It hooks into Jekyll’s build process.

Under the hood, it uses tailwindcss-ruby—the same gem that powers Tailwind in Rails.

_config.yml

plugins:
…

Build optimistic UI in Rails with Inertia by updating props before requests complete. Learn the replaceProp pattern, automatic reconciliation, rollback behavior, and history caveats using a kanban board example.

Your user drags a card across a kanban board. They expect instant feedback. Not a loading spinner, brief flicker, or "please wait." Here's the thing: optimistic UI is a lie. And the modern web has trained everyone to expect interfaces that lie convincingly. We show the user what we expect to happen before the server confirms it. With Inertia Rails, telling that lie takes…

January 27, 2026 From Disaster Prevention to High-Performance Maps On December 26, 2025, I published an article titled “Ruby at the Front Line of Disaster Prevention.” It was inspired by a real, uncomfortable fact: Tokyo Gas uses Ruby to protect millions of people during earthquakes. Not in theory. Not as a prototype. In production. That … Continue reading Ruby Rendering Seismic Observation Data →

Joël and Aji reference their personal bibliographies as they compare the different influences that have shaped their programmer world view.

Our hosts discuss their most influential programming material, from books, talks and video, and how it’s impacted the way they write code, Joël hones in on the importance of confidence and dealing with uncertainty of objects in a project, while Aji dips into his knowledge of RailConf talks to find his biggest inspiration.

—

Take a leaf out of our hosts book and discover some of the material that influenced them and their work for yourself - POODR - Confident Ruby - RailsConf 2014 Talk - Take Smart Notes - Working Effectively with Legacy…

Your hosts for this episode have been…

I visited 浪漫 on January 27, 2026. I gave it a 4.0 on Tabelog.

I visited The Villa & Barrel Lounge on January 27, 2026. I gave it a 3.7 on Tabelog.

さりげなくクール。発想力が光る。

Welcome to Hotwire Weekly!

Welcome to another issue of Hotwire Weekly! Happy reading! 🚀✨

📚 Articles, Tutorials, and Videos

Drifting Ruby: Turbo Permanent - Dave Kimura published a new video for Drifting Ruby about the data-turbo-permanent attribute and how it can help with solving some common problems with broadcasting refreshes and page morphs.

Building optimistic UI in Rails powered by Turbo - Rails Designer explains how to use Turbo’s client-side visits for snappy optimistic feedback in Rails apps without heavy JavaScript.

Getting Started with Vite on Rails - Julio Lucero on the FastRuby.io blog shows how to set up Vite Rails for fast builds and hot module replacement while still…

CSS Counters: auto-update list…

The Myth vs Reality of AI at Work

As an engineer, I’ve grown skeptical whenever I hear the word “AI” thrown around as a solution. There’s an unspoken belief that AI should just figure things out on its own. Feed it enough data, write a clever prompt, and something magical happens.

After spending months building Gusto’s Risk Onboarding Work Agent (GROW), Gusto’s first AI-powered risk agent, I can tell you: the common mental model of prompt + data = magic, is wrong. The missing variable is context but realizing how much we needed took more effort than we expected. We found ourselves debating things that felt absurdly small like: what does this field represent? How…

This is a quick-tip about a CSS feature. It is the kind of feature most developer (and LLM’s) would use JavaScript for. With CSS you get this for free. Knowing about it, makes you a better developer! 🏆

Recently I helped build a new product that involved pages with content in a specific order.

For the ordering I used the nice positioning gem. This gives sequentially numbering (1, 2, 3 and so on).

So you can display them like this:

The ERB is something simple like this:

<%# locals: (page:) %>
<li draggable data-reposition-id-value="<%= page.id %>">
  <%= tag.span page.position class: "" %>

  <%= tag.p page.content %>
</li>

(reposition is coming from the Kanban article)

But, of…

I visited 静岡かきセンター 呉服町店 on January 26, 2026. I gave it a 3.4 on Tabelog.

宮城県産のカキは蒸し焼きでとても美味しかった！

I visited ほんな骨 静岡店 on January 26, 2026. I gave it a 3.5 on Tabelog.

本格的博多ラーメンは見つかりにくいですか、ほんな骨はほんな骨です！一口餃子もとても美味しいです！

From Benji Edward’s “10 things I learned from burning myself out with AI coding agents” describing the challenge of maintaining novelty during AI coding:

Due to what might poetically be called “preconceived notions” baked into a coding model’s neural network (more technically, statistical semantic associations), it can be difficult to get AI agents to create truly novel things, even if you carefully spell out what you want.
For example, I spent four days trying to get Claude Code to create an Atari 800 version of my HTML game Violent Checkers, but it had trouble because in the game’s design, the squares on the checkerboard don’t matter beyond their starting…

I visited 大衆食堂BEETLE 原宿 on January 24, 2026. I gave it a 3.2 on Tabelog.

めちゃくちゃいそがしても、10分待ってから迎えていました。お通しまないし、お得！

A recap of a LeadDev panel on why maintenance still feels outdated and what it takes to keep long-lived software moving forward.

Continue Reading

Hi, it’s Claudio Baccigalupo. Let’s explore this week’s changes in the Rails codebase.

Optimize String#squish
A RegExp improvement in the Rails codebase makes squishing a string twice as fast.

Render stream errors are reported to Rails.error
Now that Rails has a dedicated API to report errors we can call it also when an error is raised during streaming.

reload! will reset the console’s executor when present
The Rails console is wrapped with an executor which can have side effects such as implicitly enabling the Query Cache. After this PR, calling reload! will not just reload the console, but reset the executor too.

Detect JS package manager from lockfiles in generators
Generators can…

I recently sat down with Marty Mechtenberg on the Rooted and Reaching podcast to talk about my entrepreneurial journey, from struggling through my first programming class at Bethel to building multiple SaaS businesses while staying rooted in the South Bend area.

The Early Days: Learning to Code (the Hard Way)

I wasn't a natural programmer. In my sophomore year at Bethel, I was pulling a D in my programming class while my future business partner Steve would walk in, hand in his homework, and leave. I spent hours in office hours, terrified of failure after a lifetime of straight A's. But that struggle taught me something important: once I learned something the hard way, it stuck.

What really…

Reading the article about Nexus that Obie has posted I got absolutely struck. Yes, it can be said without a shade of doubt that the modern way of building software, the late-2025-way with Opus 4.5 in the picture, is markedly different from the one we operated in for the last decade (or more).

I haven’t been sitting on my hands either. One of my smaller pursuits, now that I am a proud self-employed raconteur, has been moneymaker - a piece of kit I wanted for all the business aspects of the said raconteurship. Think:

• basic accounting
• bank statements and balances
• invoicing
• time tracking
• …all of that - across several projects, clients and managing entities

And, out of principle,…

If you’ve worked on a Rails app, you’ve probably written or seen something like:

it { is_expected.to validate_presence_of(:email) }
it { is_expected.to have_many(:orders).dependent(:destroy) }

It feels a bit like a magic trick: one short line, and a lot of behavior is being tested.

In this post, we’ll peek behind the curtain and see what these matchers are actually doing for you.

More than shorter specs

Those one-liners aren’t just shorter, they’re less fragile. Each matcher:

• Builds an isolated setup focused only on the behavior under test
• Encapsulates battle-tested patterns for exercising Rails features
• Makes your specs read like documentation and creates self-contained…

That third point is easy to miss, so let’s make it concrete.

Imagine you wrote a presence test that happens to reuse some…

In this episode, Chris, Andrew, and David dive into details about refactoring with SQL, updates on new Ruby versions, and share their views on various developer tools including Mise, Overmind, and Foreman. They also touch on standardizing tools within their teams, the benefits of using Mise for Postgres, and the efficiency of task scripts. The conversation also covers encoding issues, Basecamp Fizzy SSFR protection, and rich-text editors like Lexxy and its application in Basecamp. Additionally, there's a light-hearted discussion on the speculative future of AI and Neuralink.  Hit download now to hear more! 

Links

• Judoscale- Remote Ruby listener gift
• Ruby Releases
• Foreman-GitHub
• Overmind-GitHub
• Mi…

Hi everyone,

I am happy to announce that Rails 8.1.2 has been released.

CHANGES since 8.1.1

To see a summary of changes, please read the release on GitHub:

8.1.2 CHANGELOG To view the changes for each gem, please read the changelogs on GitHub:

• Action Cable CHANGELOG
• Action Mailbox CHANGELOG
• Action Mailer CHANGELOG
• Action Pack CHANGELOG
• Action Text CHANGELOG
• Action View CHANGELOG
• Active Job CHANGELOG
• Active Model CHANGELOG
• Active Record CHANGELOG
• Active Storage CHANGELOG
• Active Support CHANGELOG
• Railties CHANGELOG

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-256

If you’d like to verify that your gem is the same as…

Introduction

In the fast paced world of startups, speed to market can make the difference between success and failure.

Every day spent in development is a day without user feedback, without revenue, and without validation of the core business hypothesis.

Ruby on Rails has been the secret weapon behind some of the world’s most successful startups including

Airbnb, Shopify, and Stripe.

In this post, we’ll explore why Rails continues to be an excellent choice for MVP development, and how it can accelerate the journey from idea to launch.

What Makes an Ideal MVP Framework?

• An ideal MVP framework should deliver speed without sacrificing quality.
• It needs sensible defaults so teams…

A while back I showed you how to build optimistic UI using custom elements. It worked great! And you thought too, it was shared far and wide (it was readseen by many thousands!).

Something like this (no, really, this is not the same gif as the one from the custom elements article):

But something bugged me. The custom element wrapper felt like extra ceremony. What if I could get the same instant feedback without the extra markup? Just a form, some data attributes (Rails developers ❤️ data attributes) and a sprinkle of (custom) JavaScript? 😊

Guess what? You can! And it is even simpler. 🎉

The code is available on GitHub (see the last commit).

The custom element approach looked like this:

I visited 本格板前居酒屋 お魚総本家 アスティ静岡店 on January 21, 2026. I gave it a 3.5 on Tabelog.

「特大」というホッケ開き焼きは嘘ではない！まじでデカい

As a senior JavaScript developer learning Rails, you’ve probably felt this frustration: you’re reading Rails code and suddenly come across a method like current_user, redirect_to, or belongs_to, and you have no idea where it originated. There’s no import statement. No require. It’s just… there.

Coming from JavaScript’s explicit world of imports and modules, Rails can feel like programming in a house of mirrors. Everything seems to appear out of thin air. This magical appearance was one of my biggest struggles too, so I want to demystify where everything actually comes from.

The Fundamental Difference: JavaScript vs Rails

In modern JavaScript, if you want to use something, you…