3666 cards
View

Bundler: Releasing a gem with enabled 2FA

Rubygems supports a 2FA for your account. Once enabled you need to provide your personal OTP code for every release. Despite the CLI of the rake release task does not work well with the command promt for your OTP code with Bundler versions < 2.0.2. It just looks like the task is frozen:

Image

  • Workaround 1: Just type your OTP code and hit enter, your gem is released afterwards.
  • Workaround 2: Upgrade to Bundler >= 2.0.2.. Your supported Ruby versions for this gem must be all >= 2.3.
Linked contentRepeats

ActiveSupport includes Timecop-like helpers

ActiveSupport (since 4.1) includes test helpers to manipulate time, just like the Timecop gem:

  • To travel a relative amount of time, use travel:

    travel 1.day
    
  • To travel to a specific moment in time, use travel_to:

    travel_to 1.hour.from_now
    
  • To freeze a specific time, use freeze_time (ActiveSupport 5.2+):

    freeze_time 1.hour.from_now
    

All those methods may also receive a block to call and restore time afterwards. If you don't provide a block, you must call `travel_bac…

Minified JavaScript and CSS

JavaScripts and CSS should be minified for production use.

In Rails 3.1+ the asset pipeline will take care of this. Thus you're best off using an uncompressed version of your Javascript in development. Also load the non-minified versions of libraries. This way debugging will be easier and you will still get all the minification love once deployed.

In Rails 2.3 and 3.0 you should at least embed external JavaScript libraries in minified form, using something like JavaScript compressor.

Repeats

Rails: how to write custom email interceptors

Nowadays it is fairly easy to intercept and modify mails globally before they are sent. All you have to do is register an interceptor class which responds to .delivering_email(message). This card will show you two common use cases.

Subject prefix:

Usually you want to prefix the subject line of emails with the current environment (except production) so you can differentiate between production mails and mails from other environments. Of course a prefix can be set directly in the mailer, however, it is safer and cleaner to d…

Repeats

Bookmarklet to generate a Pivotal Tracker story from Zammad Ticket

This is a bookmarklet you can add to Chrome or Firefox which will allow you to create a story in Pivotal Tracker from a Zammad ticket. This might come in handy when creating stories for SWAT Teams.

But first you will have to set two variables in the script below:

  • pt_project_id: the ID of the Pivotal Tracker Project you want to add stories to. This can be found as part of the URL of the project (https://www.pivotaltracker.com/n/projects/<pt_project_id>)
  • pt_token: the Pivotal Tracker token used for authentication. Can be found in y…

Linux, Arial and Helvetica: Different font rendering in Firefox and Chrome

When text renders differently in Firefox and Chrome, it may be caused by a font alias that both browsers handle differently.

Situation

A machine running Linux, and a website with the Bootstrap 3 default font-family: "Helvetica Neue", Helvetica, Arial, sans-serif.

Issue

Anti-aliasing and kerning of text looks bad in Firefox. Worse, it is rendered 1px lower than in Chrome (shifted down).

Reason

Firefox resolves "Helvetica" to an installed ["TeX Gyre Heros", which is its Ghostscript clone](https://www.fontsquirrel.com/fonts/…

Linked content

Guideline for moving from jQuery to vanilla JavaScript

jQuery is still a useful and pragmatic library, but chances are increasingly that you’re not dependent on using it in your projects to accomplish basic tasks like selecting elements, styling them, animating them, and fetching data—things that jQuery was great at. With broad browser support of ES6 (over 96% at the time of writing), now is probably a good time to move away from jQuery.

[Practical and clear reference with the most common jQuery patterns and their equivalent translations in vanilla JS](https://tobiasahlin.com/blog/move-from-j…

Linked contentAuto-destruct in 52 days

Updated: makandra_sidekiq 0.2.0 now respects the configured Sidekiq timeout

Rewrote the previous "Head up Sidekiq looses jobs" card for the new release of makandra_sidekiq 0.2.0.

Anyone using makandra_sidekiq should read this and update soon.

Ruby: The YAML safe_load method hides some pitfalls

The Ruby standard lib ships with a YAML Parser called Psych. But serializing and deserializing data seems not as obvious as if you are using JSON.

To safely write and read YAML files you should use Psych#dump (String#to_yaml) and Psych.safe_load (YAML.safe_load):

data = {'key' => 'value'}.to_yaml
=> "---\nkey: value\n"
YAML.safe_load(data)
=> {"key"=>"value"}

Unfortunately you might encounter a few pitfalls which are not obvious in the first place. All of them are a side effect that you can not configure Psych#dump to w…

Linked contentAuto-destruct in 48 days

Updated: JavaScript: How to check if an object is NaN

Added an ES6 option to check if an object is NaN with Object.is().

Linked contentRepeats

Don't open user-supplied links with target="_blank"

This will give the target site full access to your Javascript environment through window.opener, if the target is on the same domain.

Even if the target site is on another domain, it still has some access and can for example manipulate window.location to perform a phishing attack.

You may use a rel="noopener" attribute to avoid this in modern browsers, except IE or Edge.

Repeats

Don't require files in random order

A common pattern in Ruby is to to require all files in a specific diretory, using something like

Dir.glob(Rails.root.join('lib/ext/**/*.rb')).each do |filename|
  require filename
end

However, this causes files to be required in an order determined by the file system. Since load order can be important, this may lead to different behavior on different machines which are hard to debug.

Simply add a .sort:

Dir.glob(Rails.root.join('lib/ext/**/*.rb')).sort.each do |filename|
  require filename
end
Repeats

Merge request check list

Merge requests are regularly rejected for the same few reasons.

We don't want that any more. Please attach the following list (colloquially known as "the TPS report") to future merge requests and check all (relevant) boxes:

```plain
I confirm that the code in this merge request… ————————————————
[ ] has green tests
[ ] has been manually tested in the browser
[ ] has no missing translations in the UI
[ ] has no ugly UI changes (long content breaking out of boxes, elements without margins, etc.)
[ ] works wi…

Repeats

Capybara: you can use `evaluate_async_script` to execute asynchronous JavaScript

Capybara provides execute_script and evaluate_script to execute JavaScript code in a Selenium-controlled browser. This however is not a good solution for asynchronous JavaScript.

Enter evaluate_async_script, which allows you to execute some asynchronous code and wait until it finishes. There is a timeout of a couple of seconds, so it will not wait forever.

Use it like this:

```ruby
page.evaluate_async_script(«~JS)
let [done] = arguments
doSomethingAsynchronous().then(() => {
done() // call this to indicate we're done
})
J…

Linked contentAuto-destruct in 47 days

Updated: Cucumber: Testing file downloads with Selenium

Added an alternative method that also works on CI setups.

Auto-destruct in 49 days

Geordi 2.6.0 released

Linked contentAuto-destruct in 45 days

Updated: rbenv: How to switch to another Ruby version (temporarily, per project, or globally)

Updated: Run rbenv shell --unset after using rbenv shell to enable the rbenv auto switch again.

Email validation regex

There is a practical short list for valid/invalid example email addresses - Thanks to Florian L.! The definition for valid emails (RFC 5322) can be unhandy for some reasons, though.

Since Ruby 2.3, Ruby's URI lib has a built in email regex. Probably that's the best solution to work with:

```
URI::MailTo::EMAIL_REGEXP

=> /\A[a-zA-Z0-9.!#$%&'*+\/=?^_`{ }~-]+@[a-zA-Z0-…
This website uses cookies to improve usability and analyze traffic.
Accept or learn more