Jeremy is an app builder and software steward at Basecamp and Rails core.
Your existing message system is great, until it gets overloaded. Then what? That's when you should try Kafka.
Kafka's designed to be resilient. It takes the stress out of moving from a Rails monolith into a scalable system of microservices. Since you can capture every event that happens in your app, it's great for logging. You can even use Kafka's distributed, ordered log to simulate production load in your staging environment.
Come and learn about Kafka, where it fits in your Rails app, and how to make it do the things that message queues simply can't.
Being a Rails developer is more than just understanding how to use the Framework to develop applications.
To become an efficient developer, you should learn how the Framework works; how deep this understanding should be is up to you. Exploring the Framework code is something that everyone should do at least once.
Not only may you learn how it works but also, you might learn new tricks from the code itself or discover small features that are not widely publicized.
Before a request ever hits your Rails application, it winds its way through a series of pieces of Rack middleware. Middleware sets session cookies, writes your logs, and enables the functionality in many gems such as Warden.
With Rails or any Rack app, you can easily insert your own custom middleware, allowing you to log, track, redirect, and alter the incoming request before it hits your application.
You will leave this talk confident in writing your own custom middleware, better able to troubleshoot gems that rely on middleware and with an understanding of how your Rails app functions.
So you've just graduated from a bootcamp and you're starting your first real job in software development. You've got several Rails apps under your belt and you're excited to get started. But few jobs offer the opportunity to build new apps; it's much more likely that you will be part of a team charged with maintaining and growing a legacy application. How can you get started working on an aging codebase when the sum of your experience so far was with greenfield apps?
Nothing makes or breaks our teams like the members they hire. And so we rate and quiz, assign homework and whiteboard algorithms until candidates are blue in the face. But does it work? In this session, we’ll unpack common interviews and how they stack up with research into predicting performance. We’ll learn to design interviews that work, what kinds don’t work at all, and how to tell the difference, with science!
Shopify is one of the largest Rails apps in the world and yet remains to be massively scalable and reliable. The platform is able to manage large spikes in traffic that accompany events such as new product releases, holiday shopping seasons and flash sales, and has been benchmarked to process over 25,000 requests per second, all while powering more than 243,000 businesses. Even at such a large scale, all our developers still get to push to master and deploy Shopify in 3 minutes. Let's break down everything that can happen when deploying Shopify or any really big Rails app.
The eager Pat Packet just started his first job at KPS (Kernel Parcel Service). He knows an important package is coming through from Firechrome Industries destined for the Puma Kingdom for Ruby Rails herself! Pat’s boss acquiesces to Pat’s pleas to deliver the package. Come follow Pat’s journey as he delivers this very important package to Ruby Rails!
Whether we realize it or not, a lot of magic goes behind the scenes to deliver an HTTP request from a browser to a Rails server. In this talk, learn about TCP/IP, DNS, HTTP, routers, and much more as they help Pat Packet deliver his package.
ActiveJob made a huge impact when it landed Rails 4.2. Most job processors support it and many developers use it. But few ever need to dig into the internals. How exactly does ActiveJob allow us to execute performant, thread-safe, asynchronous jobs in a language not known for concurrency? This talk will answer that question. We'll build our own asynchronous job processor from scratch and along the way we'll take a deep dive into queues, job serialization, scheduled tasks, and Ruby's memory model.
You might think that hiring interns is charity work. Your company is bringing on less-than-baked engineers and spending precious engineering resources to train them and bring them up to speed on your technologies.
Surprise! Interns actually help your team, too. Running a successful internship program helps your team level up its teaching skills, discourages silos, and encourages writing maintainable code. I’ll talk about mistakes, successes, and specific processes to keep your team and interns productive, and you’ll leave this talk with plenty of fodder for hiring interns at your company.
Searching content across multiple database tables and columns doesn't have to suck. Thanks to Postgres, rolling your own search isn't difficult.
Following an actual feature evolution I worked on for a client, we will start with a search feature that queries a single column with LIKE and build up to a SQL-heavy solution for finding results across multiple columns and tables using database views.
We will look at optimizing the query time and why this could be a better solution over introducing extra dependencies which clutter your code and need to be stubbed in tests.
Nowadays, we often rely on third party services that we integrate into our product, instead of building every aspect of an application. In many cases, well written API clients exist, but on occasion you run into the issue that there isn't a ready to use client or it simply doesn't fit your needs. How do you write a good API client and more importantly how do you test it without hitting the remote API. So far, the standard approach has been replaying requests with VCR or stubbing them with Webmock. There is a third option: simulating foreign APIs with Sinatra from within your test suite!
In 2015, nearly a hundred programming boot camps produced thousands of graduates in North America alone. While boot camps help address a need for professional software developers, their graduates have different skill sets and require different interview assessment and career management than fresh college graduates with degrees in computer science. In this talk, we'll look at how boot camps prepare their students, how to interview graduates, and how to help them continually learn during their careers, developing a holistic model for hiring and growing boot camp graduates in the process.
Adopting Rails and Ruby for use within a large development organization was and continues to be an adventure. Rails and Ruby have been in use at Cerner for 7 years and over that time, their use has gone from niche technology used by a handful of people to a core platform used by hundreds. Along this adventure, we have learned many lessons and gained lots of experience. In this talk, we’ll share the interesting up and downs of this adventure in an effort to share our experiences and knowledge.
ActiveRecord is a great tool, but knowing SQL can help you to build better, faster applications and quickly find answers to common business questions. In this talk you'll see an overview of basic-to-intermediate SQL techniques that you can use to: learn about unfamiliar data sets, identify and resolve slow query problems, quickly build ad-hoc reports, combine multiple tables and perform calculations.
Specifically targeted to the Junior Rails Developer, we will explore with non-trivial yet approachable examples and see how learning SQL can help you become a better software developer.
Rails ships as a number of components, Active Record, Active Support, ..., largely independent of each other, but somehow something orchestrates them and presents a unified view of the system.
Then we have config/boot.rb, config/application.rb... what do they do? Application initializers, environment configuration, what runs when?
Understanding how that works becomes an inflection point in any Rails programmer that goes through it. You go from that cloudy idea of an initialization that sets things up for a certain definition of "things", to a well-understood process.
Ever felt jealous of "other" Ruby web frameworks whose applications can be run from a single file? Did you know Rails can do this too?
Starting from a fresh "rails new" install, we'll gradually delete and pare away to find the beautiful, light, modular and object-oriented web framework underneath. Eventually we'll end up with a tweet-size Rails application! We'll learn about Rails' initialization process and default "stack", and investigate the bare-bones required to get a Rails app up and running.
GorbyPuff is setting off on a grand world tour and leaving us clues so we can follow him. Using Google Cloud tools such as Cloud Vision, BigQuery, Google Translate we'll track down Gorby at all his stops. While we're at it we'll learn some tools you can use to add awesome functionality to your web applications.
Just like there’s an app for that, there’s an API for that! But not all APIs are created equal, and some APIs are harder to work with than others. In this talk, I will walk through some common gotchas developers encounter when consuming a 3rd party API. I will explain why it’s important to familiarize yourself with the API you’re consuming prior to coding, as well as share tools to help you get acquainted with an API much faster. Lastly, I will go over debugging and testing the API you’re consuming, because testing is not just for the provider of the API!
Matz declared that the next major version of Ruby is going to be 3x faster than Ruby 2. But how can we make a software 3x faster? Can we do that for Rails?
In this session, we will discuss the ways to survey performance hotspots in each layer of the framework, tuning techniques on the performance issues, and some actual works that you can apply to your apps.
Topics to be covered:
Speeding up DB queries and model initialization
View rendering and template lookup
Routes and URLs
Object allocations and GC pressure
Faster Rails boot and testing
Asset Pipeline tweaks
Ever hire someone from a traditional IT organization who seemed like a great person, only to have them end up a sucking pit of negativity that had to be fired? Traditional IT can be an incredibly hostile environment, leading to survival strategies that aren’t always compatible with small agile-based teams. In this session, I will show how these survival strategies came to be, and ways to deprogram them to reduce your recruiting churn. Better yet, the tools to do so are already in agile.
As developers we often forget that with our development skills we have the power to change the world. This talk describes how our company organized a hackathon to create three open source projects that helped charitable organizations become more efficient at helping people. Bringing our team together around a shared philanthropic goal created more team unity, improved team communication and most importantly allowed us to apply our development skills to do good in the world.
So you’re fresh out of boot camp or just off a month long binge on RoR tutorials/examples and you’re feeling pretty good about MVC and how controllers fit into the whole framework. But projects in the wild are often far more complicated than you’ve been exposed to. In this talk, we’re going to discuss several techniques used by seasoned engineers to build and refactor controllers for features you’ll actually be working on.
They bridge your application and your database. They're object-relational mappers, and no two are alike. Join us as we compare ActiveRecord from Rails with Ecto from Phoenix, a web framework for Elixir. Comparing the same app implemented in both, we'll see why even with two different web frameworks in two different programming languages, it's the differing ORM designs that most affect the result. This tale of compromises and tradeoffs, where no abstraction is perfect, will teach you how to pick the right ORM for your next project, and how to make the best of the one you already use.
How can you tell a story using only email, a laser printer, voicemail? Last year I created an immersive experience for one audience member in a standard office cubicle. The piece used a rails app and some other custom software and no live actors to tell a story about office culture. This talk focuses on the techniques of digital storytelling, my process of developing the story as I wrote the code, and the strategies I used to create an emotional connection with a user. If you are interested in the intersection between stories, software, game design and narrative design, this talk is for you!
Whether you are building a Robot, controlling a Radar, or creating a Web App, the Ruby Garbage Collector (GC) can help you. The stats exposed by the Garbage Collector since Ruby v2.1 caught my attention and pushed me to dig deeper. Both Ruby 2.1 and 2.2 brought great performance improvements. From a practical point of view, we will discuss how to use the GC to enhance the performance of your software, from configuration parameters to different approaches on how you can change them yourself.
Great individuals often outperform their peers, and when going through school and applying for jobs this seems to be the most important aspect. But who is really outperforming whom? Also, what are we using to measure people? How do you know you’re being fair? Hiring is such a subjective topic and of utmost importance when building a team.
Let’s explore how our strengths and weaknesses affect ourselves and the team and, how we need to look past ourselves when building a team.
It's impossible to iterate quickly on a product without a reliable, responsive CI system. At a certain point, traditional CI providers don't cut it. Last summer, Shopify outgrew its CI solution and was plagued by 20 minute build times, flakiness, and waning trust from developers in CI statuses.
Now our new CI builds Shopify in under 5 minutes, 700 times a day, spinning up 30,000 docker containers in the process. This talk will cover the architectural decisions we made and the hard lessons we learned so you can design a similar build system to solve your own needs.
Assertions (or expectations) are the most important part of any test framework. How are they written? What happens when one fails? How does a test communicate its results? Past talks have shown how test frameworks work from the very top: how they find, load, select, and run tests. Instead of reading code from the top, we’ll write code from scratch starting with assertions and building up a full test framework. By the end, you'll know how every square inch of your testing framework works.
"WTF asset pipeline?"
"What are all these errors?"
"Why is my app running so slow?"
If you're new to Rails development, or just want some tips on deploying and running in production, this is the talk for you. Relying on real-world experience as part of the Heroku support team, we'll talk through common issues (and a few funny ones) we see when people take their "but it works in development!" app to a production environment.
Nickolas hails from the Breakfast Taco Capital of the World, Austin, TX. When he's not busy eating said tacos, he's VP of Engineering at Wellmatch Health , working with an incredibly talented team of engineers to bring transparency to healthcare pricing. He believes that software engineering is mostly human interaction and he's passionate about building empathetic, compassionate teams.
In this talk we'll learn about the options we have to let a computer running Ruby do multiple things simultaneously. We'll answer questions such as: What's the difference between how Puma and Unicorn handle serving multiple Rails HTTP requests at the same time? Why does ActionCable use Eventmachine? How do these underlying mechanism actually work if you strip away the complexity?
With a background in Psychology, Computer Science and Cybersecurity, Art Direction & Design, Chanelle Henry has an intense passion for problem-solving and creating methodologies; helping outline, encourage, and propel the UX Process. Currently serving as a Director of User Experience at Bluewolf, she uses creative and innovative solutions to execute ideas to consult with everyone from startups to Fortune 50 companies to help refine their goals, make progress, spread the gospel of UX.
Feature creep is a common problem in many projects. When you have to take into account customer requests and the ideas of designers and developers, how do you finish all of the features on time? Setting expectations and keeping customers happy can be impossible without the right focus, good communications and proper design. This talk will cover tools and tricks that you can use to prioritize what to complete first and help you iterate through the design process more quickly.
Every project...well most projects...begin in a great kumbaya where everyone is great friends and has high hopes for the future. About halfway through the project, an epic Braveheart style clash begins, with designers firmly lined up on one side and developers on the other.
In this talk, I'll share some of the things we've discovered over years of working on projects for over 100 clients that have helped to better define requirements and meet the needs of designers and developers throughout the life of a project.
RealTime updates using WebSockets are so-hot-right-now, and Rails 5 introduces ActionCable to let the server talk to the browser. Usually, this is shown as a Chat application -- but very few services actually use chats.
Instead, Rails Apps want to be able to update pages with new inventory information, additional products, progress bars, and the rare notification. How can we make this happen in the real world? How can we handle this for unauthenticated users? How can we deploy this?
Ruby 2.3 introduced the precompilation feature which compiles Ruby scripts to a binary data format. You can store them to storage (file systems and so on) and then load from them.
Many people believe a myth: precompilation is a silver bullet to reduce long boot times. However, our initial evaluations do not show impressive reduction of boot times. We faced the fact that we need more effort to achieve short boot times.
This talk will introduce this new feature and detailed analysis of Rails application loading time. Also, I will show you our new tricks to reduce loading time.
There are many development tricks and habits that lie at the root of productive coding. IDEs, like RubyMine, are a big one. Adopting a new tool does require an initial investment of time though, as you customize your environment and learn the shortcuts.
Halfway through a dev bootcamp? Straight out of college with a CS degree? Hacking away at Hartl after your day job? Now what?
With articles about how employable you are and how much money you can make printed daily, it can be hard to stay focused on the most important tangibles – the job search, interview readiness, and your early career goals.
In this talk, we’ll cover how to prepare yourself and your projects for the interview process, and how to adequately vet the companies interested in you, allowing you to not only secure a rails job, but one that you love.
Your team gains a new developer. You are responsible for bringing them up to speed. While not everyone is a natural teacher, everyone can be taught basic teaching fundamentals. We will take a look at principles anyone can use to become a more effective trainer/teacher. Better teaching technique makes the training process more effective and enjoyable. Effective training reduces new developer frustration and increases job satisfaction for everyone.
If you apply for a programming job, you may be asked to complete a take home code challenge, "pair program" with another developer, and/or sketch out some code on a whiteboard. A lot has been said of the validity and fairness of these tactics, but, company ethics aside, what if you just need a job? In this talk, I'll show you a series of mistakes I have seen in these interview challenges and give you strategies for avoiding them. I'll give recommendations for how you can impress the programmers grading your work and I'll tell you which rules you should bend in your solutions.
You were living alone in the town of Ruby-on-Rails until you decided to open up your spare room to guests. Now your first visitor has booked in. Her arrival is imminent.
How do you prepare? How can you make sure she has a great visit?
Let’s explore the art of code hospitality — working on codebases in a way that respects your teammates and provides for their needs. By working hospitably, we can facilitate team productivity and help new members quickly feel at home.
Rails is the ideal framework for creating software to run successful new businesses.
We've all heard about Action Cable, Turbolinks 5, and Rails::API. But Rails 5 was almost a thousand commits! They included dozens of minor features, many of which will be huge quality of life improvements even if you aren't using WebSockets or Turbolinks.
This will be a deep look at several of the "minor" features of Rails 5. You won't just learn about the features, but you'll learn about why they were added, the reasoning behind them, and the difficulties of adding them from someone directly involved in many of them.
You’re very happy as a Rails developer for drinking the Docker kool-aid. You just need to toss a Docker image to your Ops team and you're done! However, like all software projects, your Docker containers start to decay. Deployment takes days to occur as you download your gigantic Docker image to production. Everything’s on fire and you can’t launch the rails console inside your Docker container. Isn’t Docker supposed to take all these things away?
In this talk, I will discuss some Docker optimizations and performance tuning techniques to keep your Rails packaging and shipping pipeline in shape.
Baskin-Robbins wishes it had as many flavors as there are JS frameworks, build tools, and cool new "low-level" languages. You just want to solve a problem, not have a 500-framework bake-off! And how will you know whether you picked the right one? Don't flip that table, because we'll use the "hype cycle" and the history of Ruby and Rails as a guide to help you understand which front-end and back-end technologies are a fit for your needs now and in the future.
Code reviews, stand ups, retros, and performance reviews acknowledge the importance of communication and feedback, but they don’t help you give negative feedback or ensure that you hear the small things before they become big things.
Let’s talk about feedback and examine frameworks for how to ask for and frame feedback effectively. Not all situations call for the same type of feedback and some are more sensitive than others. We will look at Non-Violent Communication, techniques from family and marriage therapy, as well as more traditional frameworks for feedback.
Learn how Turbolinks 5 enables small teams to deliver lightning-fast Rails applications in the browser, plus high-fidelity hybrid apps for iOS and Android, all using a shared set of web views.
Testing Rails 5 apps has become a better experience out of the box. Rails has also become smarter by introducing the test runner. Now we can't complain about not being able to run a single test or not getting coloured output. A lot of effort has gone into making tests -- especially integration tests -- run faster.
Come and join me as we commence the journey to uncover the secrets of testing Rails 5 apps.
This talk is for anyone who's had to promise new features to a client when they weren't actually sure how they'd deliver on the promise.
We all have big visions and big ideas, but our teams and abilities are finite resources. We'll talk about how to manage expectations, growth, technical debt and delivery (and still be able to sleep at night despite that last wonky commit). We'll talk about the never-ending product roadmap, product reality and how what we create falls somewhere in between.
What do you do when a maintainer leaves a project with over 44 million downloads? That is what we had to consider this year when Sprockets lost the developer responsible for more than 70% of the commits. In this talk we will look at recent efforts to revive Sprockets, and make it more maintainable. We will look into how your projects can be structured to avoid burnout and survive a change of maintainers. Let's save Sprockets.
Most people are on the lookout for the Next Big Thing™, but at Skylight we know it’s #allthelittlethings that make for the best possible user experience. From the many not-so-happy paths of authentication to the challenge of guessing a user’s preferred name, we’ll dig deep into all those tiny details that will surprise and delight your customers. If you were hoping to hear more about how we use Rust, don't worry—we've got you covered! We’ll be sharing many of our finer implementation details as well as the thought processes behind them.
This is a talk for anyone who wants a more diverse engineering culture at work. If you've ever been frustrated by the sameness of your engineering peers, you'll hear practical advice you can use immediately.
Creating a diverse team is more than a moral issue - it makes business sense. Diverse engineering teams recruit the best talent, are more innovative, better reflect the needs of their users and make for incredibly fun places to work.
Compose is committed to making remote work work. Our biggest hurdle is communication and teamwork. When we joined forces with IBM, we added a new issue - how to scale. So, our devs built an app we’re open-sourcing called Fizz. Built on Rails, Fizz helps us empower our team to do great work, feel like family, and operate happily and efficiently as an international, remote, self-managing organization. We work transparently, commit to open-source, wear sweatpants, and genuinely enjoy each other and we’re committed to keeping it that way. We harnessed the power of Rails to make that happen.
At the beginning of 2015 I was a Director in the non-profit sector, 13 years into my career. My days revolved around crisis intervention and violence prevention. I kept people alive and was well respected in my field. A mom of two, flying solo, people thought I was brave, stubborn... and a little insane... to step out on the ledge of career change. Come on out on the ledge and humble yourself with me. It'll make you a better engineer.
Hindsight is 20/20, and there's a lot of advice out there telling you to do what the author wishes they had done at their last company to avoid disaster. Let's try to follow their advice and see where it lands us.
We'll take four journeys from rails new into a reasonable future. The first three, “dedicated team pulling apart the monolith a year later than hoped”, "nothin' beats a monolith", "services from day one" will blow up the Enterprise, while the fourth, “take reasonable steps to let the system evolve”, won't.
Although bundle exec rake db:migrate is probably the single biggest killer feature in Rails, there is a lot more to rake.
Rails offers several rake tasks to help with everyday project management, like redoing a migration because you changed your mind on one of the columns, clearing your log files because they get so big, and listing out the TODOs and FIXMEs.
What's even more awesome that all that is that you can create your own rake tasks. Got a tedious command-line process? Write a rake task for it!
When you look at your response times, satisfied that they are "fast enough", you're forgetting an important thing: your users are on the other side of a network connection, and their browser has to process and render the data that you sent so quickly. This talk examines some often overlooked parts of web applications that can destroy your user experience even when your response times seem fantastic. We'll talk about networks, routing, client and server-side VMs, and how to measure and mitigate their issues.
Something's in the air. It's Rails 5! A lot of Ruby developers are preparing to get their apps upgraded to Rails 5. Vitally important is, of course, your test suite. In this talk, you will learn everything you need to know to get your RSpec suite working on Rails 5. Learn about:
The deprecation of controller specs and what to do about them
ActionCable! How to test our favourite new feature
General tips for upgrading
The technical content of this talk is for almost everyone, from bootcamp grad to seasoned veteran. Come along to learn and ask practical questions about RSpec.
The Ruby Hero Awards recognize everyday heroes of the Ruby community.
The Ruby community is full of good people who help each other in diverse ways to make the community a better place.
Once a year at RailsConf, we take a moment to appreciate their contributions and hopefully encourage others to make a difference.
4:26 Thomas Witt
12:42 Michael Hartl
17:53 Reid Morrison
32:27 Mike Virata-Ston
37:33 John Sawers
43:00 Matthew Nielsen
47:37 Adam Cuppy
51:14 Godfrey Chan
58:42 Nadia Odunayo & Saron Yitbarek
1:02:30 Saron Yitbarek
1:07:45 Stephanie Nemeth
1:10:44 Jose Castro
1:22:29 Benjamin Fleischer
1:27:39 Stephanie Marx
Aaron was born and raised on the mean streets of Salt Lake City. His only hope for survival was to join the local gang of undercover street ballet performers known as the Tender Tights. As a Tender Tights member, Aaron learned to perfect the technique of self-defense pirouettes so that nobody, not even the Parkour Posse could catch him. Between vicious street dance-offs, Aaron taught himself to program. He learned to combine the art of street ballet with the craft of software engineering. Using these unique skills, he was able to leave his life on the streets and become a professional software engineer. He is currently Pirouetting through Processes, and Couruing through code for GitHub. Sometimes he thinks back fondly on his life in the Tender Tights, but then he remembers that it is better to have Tender Loved and Lost than to never have Tender Taught at all.
Translation, be it a word, sentence, concept, or idea, for different audiences has always been a challenge. This talk tackles problems of translation, especially those that tend to crop up in building software. We'll dive into the eminently practical—how to design apps for easier localization, common pitfalls, solutions for managing translations, approaches to version control with translations—and the more subjective—possible impacts of cultural differences, and what makes a "good" translation.
Join me for a wild ride through the dizzying highs and terrifying lows of web security in 2015. Take a look at some major breaches of the year, from Top Secret clearances, to medical records, all the way to free beer.
We’ll look at how attack trends have changed over the past year and new ways websites are being compromised. We’ve pulled together data from all the sites we protect to show you insights on types and patterns of attacks, and sophistication and origin of the attackers.
After the bad, we’ll look at the good - new technologies like U2F and RASP that are helping secure the web.
Hired's mission is to get everyone a job they love. As a transparent marketplace, Hired connects companies and engineers using technology and a personal touch. Initially a weekend hack project, it's grown to help thousands find their dream jobs/teams in 16 cities in 6 countries. From that origin, Hired has regularly focused efforts in hackathons, which have spurred much of the company's innovation.
Hiten & Brad will talk about their culture of empowerment, creativity, and trust and highlight several core features that have grown from small experiments to foundational parts of the experience.
Unit testing is mostly a solved problem, but how do you write tests for the visual side of your app—the part that your users actually see and interact with? How do you stop visual bugs from reaching your users?
We will dive deep into visual regression testing, a fast-growing technique for testing apps pixel-by-pixel. We will integrate perceptual diffs in Rails feature specs, and learn how to visually test even complex UI states. We will show tools and techniques for continuous visual integration on every commit, and learn how to introduce team visual reviews right alongside code reviews.
Your team has been tasked with releasing new and better versions of your product at record speed. But the risk of moving quickly is things break in production and users abandon your buggy app. To stay competitive, you can't just ship fast - you also have to solve for quality.
We'll rethink what it means to actively monitor your application in production so your team can ship fast with confidence. With the right tooling, workflow, and organizational structures, you don't have to sacrifice release times or stability. When things break, you'll be able to fix errors before they impact your users.
Rails comes with protection against SQL injection, cross site scripting, and cross site request forgery. It provides strong parameters and encrypted session cookies out of the box. What else is there to worry about? Unfortunately, security does not stop at the well-known vulnerabilities and even the most secure web framework cannot save you from everything. Let's take a deep dive into real world examples of security gone wrong!
Your phone rings in the middle of the night and the site is down—- do you know what to do? Whether it's Black Friday or a DDoS attack, our Ruby apps and Ruby devs have to be prepared for the best and the worst. Don't let a crisis catch you off guard! Fortunately, you can sharpen your skills ahead of time with load testing. Learn tips and common pitfalls when simulating application load, as well as key metrics and graphs to understand when site availability is compromised.
Serverless is a new framework that allows developers to easily harness AWS Lambda and Api Gateway to build and deploy full fledged API services without needing to deal with any ops level overhead or paying for servers when they're not in use. It's kinda like Heroku on-demand for single functions.
If you've struggled through writing complex queries in raw SQL, ActiveRecord methods are a helpful breath of fresh air. If you're not careful though, those methods could potentially leave your site open to a nasty SQL Injection attack.
We'll take a look at the most common ActiveRecord methods (and some of the lesser known ones!) with one question in mind....will it inject? If it's vulnerable to a SQL injection attack, we'll cover how to structure your query to keep your data secure.
This talk illustrates the development techniques, Ruby patterns and best practices we adopt at DNSimple to develop new features and ensure long-term maintainability of our codebase. It also features how we used Lotus to develop the new API as a standalone Rack app mounted under the Rails router.
Two years ago we started a major redesign of our REST API with the goal to decouple it from our main Rails application and expose all the main features via API. It was not a trivial task, but still feasible due to the guidelines we adopted in the last 6 years to structure our Rails application.
Whether you want it or not, you're the constant victim of neuro-marketing. By tapping into your "reptile brain", you are unconsciously made to click, like and buy. We'll look at scarcity, social validation, reciprocity and much more. All web apps have customers of some sort, and it's your job to guide them, either for usability or profit. You'll learn how to see others' influence on you, and maybe to exert some influence of your own.
Since 1884, humans have been building skyscrapers. This means that we had 6 decades of skyscraper-building experience before we started building software (depending on your definition of "software"). Maybe there are some lessons we can learn from past experience?
This talk won't make you an expert skyscraper-builder, but you might just come away with a different perspective on how you build software.
Application view layers are always hard to manage. Usually we handwave this as the natural consequence of views being where fuzzy user experience and designer brains meet the cleaner, neater logic of computers and developers. But that handwave can be misleading. View layers are hard to manage because they’re the part of a system where gaps in a team’s interdisciplinary collaboration become glaring. A comprehensive, well-documented styleguide and component library is a utopian ideal. Is it possible to actually get there? It is, and we can do it incrementally with minimal refactor hell.
Ruby is not the fastest language in the world, there is no doubt about it. This doesn't turn out to matter all that much – Ruby and its ecosystem has so much more to offer, making it a worthwhile tradeoff a lot of the times.
However, you might occasionally encounter workloads that are simply not suitable for Ruby. This is especially true for frameworks like Rails, where the overhead wants to be as little as possible.
In this talk, we will explore building a native Ruby extension with Rust to speed up parts of Rails. What does Rust have to offer here over plain-old C? Let's find out!
You may have heard about Phoenix and Elixir. It is a language and framework that give you performance without sacrificing productivity. Learn why Phoenix is a great choice for Rails developers and how you can introduce it into your organization.
Refactoring sometimes devolves into an appalling mess. You're chasing a broken test suite, and every change just makes it worse. An even more insidious antipattern is the slow, perfectly controlled process culminating in dreadful design.
This talk presents an end-to-end refactoring that demonstrates simple strategies to avoid such misadventures.
Indeed Prime is the job-search industry’s newest disruptive product. Prime takes the best job-seekers, works hard to make sure their profiles are perfectly polished, and puts them on the Prime platform, where our exclusive group of clients come to them. With Indeed Prime, jobs come to the job-seeker.
In this session, join Indeed Prime’s expert group of talent specialists as they set time aside to help you practice interview questions, edit your resume, and prep for the next step in your career.
The client/server architecture that powers much of the web is evolving. Full stack, monolithic, apps are becoming a thing of the past as new requirements have forced us to think differently about how we build apps. New client/server architectures create a clear separation of concerns between the server and the client.
As developers, we have the ability to create the new abstractions that will power the web. Understanding the past, present, and future of the client/server help us to become more active participants in the future ecosystem for building web applications.
Docker’s gotten a lot of press, but how does it fare in the real world Rubyists inhabit every day?
Together we’ll take a deep dive into how a real company transformed itself to run on Docker. We’ll see how to build and maintain Docker images tailored for Ruby. We’ll dig into proper configuration and deployment options for containerized applications. Along the way we’ll highlight the pitfalls, bugs and gotchas that come with such a young, fast moving platform like Docker.
Whether you’re in production with Docker or just dabbling, come learn how Docker and Ruby make an awesome combination.
GitLab, the open source alternative to GitHub written in Rails, does not scale automatically out of the box, as it stores its git repositories on a single filesystem, making storage capabilities hard to expand. Rather than attaching a NAS server, we decided to use a cloud-based object storage (such as S3) to replace the FS. This introduced changes to both the Ruby layer and the deeper C layers. In this talk, we will show the audience how we did the change and overcame the performance loss introduced by network I/O. We will also show how we achieved high-availability after the changes.GitLab, the open source alternative to GitHub written in Rails, does not scale automatically out of the box, as it stores its git repositories on a single filesystem, making storage capabilities hard to expand. Rather than attaching a NAS server, we decided to use a cloud-based object storage (such as S3) to replace the FS. This introduced changes to both the Ruby layer and the deeper C layers. In this talk, we will show the audience how we did the change and overcame the performance loss introduced by network I/O. We will also show how we achieved high-availability after the changes.
High-velocity organizations deliver change to their customers quickly in a repeatable and predictable way. This talk will explore some pre-requisites and best practices that will help your team move to safe, continuous delivery of your Rails applications. We will demonstrate the path from code commit, to packaged application, to an updated production environment. All of the necessary steps along the way will be fully automated using Chef Delivery. You will leave with some new ideas, practices, and techniques your team can adopt, continuously delivering value to your customers.
Most code is a mess. Most new requirements change existing code. Ergo, much our work involves altering imperfect code.
That's the bad news.
The good news is that every big mess consists of many small ones. Certain small problems occur so frequently that they've been given names, and are collectively known as "Code Smells".
This talk shows how to take a pile of perplexing code, identify the "smells", and surgically apply the curative refactorings. It breaks a messy problem into clear-cut pieces, and proves that you can fix anything without being forced to understand everything.
Paul Lamere works at Spotify, where he spends all his time building machines to figure out what song you really want to listen to next.
When not at work, Paul spends much of his spare time hacking on music apps. Paul's work and hacks are world-renowned including the 'The Infinite Jukebox', and 'Girl Talk in a Box'. Paul is a four-time nominee and twice winner of the MTV O Music Award for Best Music Hack (Winning hacks: 'Bohemian Rhapsichord' and 'The Bonhamizer') and is the first inductee into the Music Hacker's Hall of Fame. Paul also authors a popular blog about music technology called 'Music Machinery'.