open-next-failure: An alias to speed up test debugging
Open the next failing spec directly in the IDE to cut down the back-and-forth between test runs and debugging. RSpec --next-failure and JSON output support the workflow.
Gitlab: How to cancel redundant pipelines
Redundant GitLab CI pipelines can waste runner capacity when new pushes arrive. interruptible: true and auto-cancel help stop outdated test runs and keep the latest commit building.
Capistrano: creating a database dump if migrating
Create a database dump only when Capistrano will run Rails migrations, using conditional migration checks and a deploy hook.
Rails: Pluck across associated tables
pluck can fetch values from joined tables in one query, returning columns from associated records without loading full Active Record objects.
A very compatible default CSP for Rails projects
Keep Rails apps protected with a minimally restrictive Content Security Policy that blocks injected scripts while preserving compatibility with nonces and strict-dynamic.
Zeitwerk: How to collapse folders in Rails
Rails can keep subfolders for organization without turning them into namespaces; collapse lets nested files define top-level constants instead of modules.
PSA: Be super careful with complex `eager_load` or `includes` queries
eager_load and includes can explode 1-n association queries into huge cross products, wasting memory. preload uses separate queries and avoids the row multiplication.
Heads up: Quering array columns only matches equally sorted arrays
PostgreSQL array queries in Rails match element order, so [16, 17] and [17, 16] are different. Order-independent matching needs normalization or bidirectional containment.
How to make sure that manual deploy tasks (scheduled in Pivotal Tracker) are executed on deploy (with Capistrano)
Manual deploy work around releases can be missed easily; tracking pre- and post-deploy tasks in Pivotal Tracker and wiring them into Capistrano adds a safety net.
Split your parallel tests by execution time and keep execution logs up to date
Historic timing data keeps test distribution balanced, but stale logs and CI-only updates can skew results and clutter diffs. Automating runtime log generation reduces maintenance.
redirect_to and redirect
Rails URL redirects differ in status code, query-parameter handling, and security implications; choosing 301 or 302 affects browser behavior and search engine indexing.
Do not pass params directly into url_for or URL helpers
Passing untrusted parameters into url_for or _url helpers can create open redirect vulnerabilities and send users to attacker-controlled hosts.
Do not use "permit!" for params
params.permit! marks all request parameters as safe and mutates the original object, risking mass assignment vulnerabilities later in Rails code.
Minifying object properties in JavaScript files
JavaScript minifiers can shorten private members safely when internal names follow _ or # conventions, reducing bundle size without mangling public APIs.
How to prevent a 1fr grid column overflow
Long content in a 1fr grid track can force overflow and hide neighboring columns. minmax(0, 1fr) lets the track shrink instead of keeping its automatic minimum size.
CarrierWave: Processing images with libvips
CarrierWave uploads can process images with libvips instead of ImageMagick for faster, lower-memory handling and reduced security risk, including resizing, color conversion, metadata stripping and PDF thumbnails.
Balance your texts today with text-wrap: balance
text-wrap: balance improves headings and teaser text that break awkwardly, balancing line widths where supported while progressively enhancing browsers that lack it.
Checklist for Implementing Design
Design changes need more than visual parity: implementations should be tested, responsive, touch-friendly, accessible, localized, and consistent with existing patterns.
Best practice: How to manage versions in a Gemfile
Gem version pins in Gemfile are usually unnecessary because Gemfile.lock fixes installed versions; use constraints only for lockfile-free setups, known regressions, or blocked upgrades.
Don't assert exceptions in feature specs
Capybara feature specs do not reliably catch server exceptions in another thread; request specs or visible UI assertions fit this user-level behavior better.
The numericality validator does not care about your BigDecimal precision
validates_numericality_of converts values to Float or integer, so high-precision BigDecimals can round and fail comparisons unexpectedly.
Preventing users from uploading malicious content
Uploaded HTML or SVG can execute JavaScript and steal session cookies; safer uploads rely on extension allowlists, strict CSP, attachment disposition, or octet-stream delivery.
Rails: Fixing ETags that never match
Rails default ETags often never repeat because rotating CSRF tokens and CSP nonces change response bytes, blocking cache hits and 304 responses.
ActiveRecord::Relation#merge overwrites existing conditions on the same column!
ActiveRecord::Relation#merge can overwrite conditions on the same column and return too many records; where, subselects, and, or SQL snippets preserve the intersection.