3977 cards
Linked contentRepeats

Bash: Build and execute command lines on the fly with "xargs"

xargs is a powerful bash tool that can take input from $STDIN and pass it to a given command. I.e. you can do the following:

$> cat tmp/parallel_cucumber_failures.log

$> cat tmp/parallel_cucumber_failures.log | xargs geordi cucumber
# Running features
> Only: features/authentication.feature:33 features/backend/pages.feature:5 features/backend/pages.feature:60

Beside the linked article you might also be interested in reading ...


Using regular expressions in JavaScript

Regular expressions in Javascript are represented by a RegExp object. There also is a regex literal as in many other languages: /regex/. However, they are used slightly differently.

Regex literal

  • Usage: /foo+/
  • Shorthand for creating a regular expression object

RegExp() object

  • Usage: RegExp("foo+") or new RegExp("foo+")
  • No surrounding slashes required (they're the literal markers)
  • Since the argument is a string, backslashes need to be escaped as well: RegExp("\\d+")


  • Regex objects [never eq...
Linked content

Encrypting messages with age (alternative to PGP)

age is a simple, modern and secure file encryption tool, format, and Go library.
It features small explicit keys, no config options, and UNIX-style composability.

Generally we are happy with GPG for encrypting emails. In case you are not happy with the CLI of GnuPG, this might be a tool you can use under the hood for encryption.

Linked content

SSL for your local development environment

The linked tool mkcert Archive helps you to setup locally-trusted development certificates. We also have cards that describe how to use SSL in development with Passenger and Thin.

Unpoly 2: Don't try to download files through AJAX requests

Rails has the handy controller method send_file Archive which lets us download files easily. We can decide whether the file should be downloaded (disposition: 'attachment') or shown in the browser (disposition: 'inline'). The default is disposition: 'attachment'.

Downloading files will not work when you are calling the controller action from an AJAX request. The browser will try to render the file and insert it in the DOM, which is never what you want.

Unpoly 2

Unpoly (sin...


Webpack: How to avoid multiple versions of jQuery

To avoid multiple versions of a package, you can manually maintain a resolutions section in your package.json. We recommend you to do this for packages like jQuery. Otherwise the jQuery library attached to window might not include the functions of your packages that depend on jQuery.

Note: This is only an issue in case you want to use a package functionality from window e.g. $(...).datepicker() from your dev console or any other javascript within the application.


By default yarn will create a folder node_modules ...


How to define constants with traits

This is pretty much like defining subclasses through traits with the Modularity gem.

module MyConstantTrait
  as_trait do
    self::MY_CONSTANT = 'hello universe'

This would set MY_CONSTANT for any class using the trait.

Of course you can also use parameters (for logic or for setting values, like here):

module DoesValues
  as_trait do |*args|
    self::VALUES = args

class Foo
  include D...

Cucumber Factory: How to assign polymorphic associations

Cucumber factory Archive supports polymorphic associations out of the box. Just keep in mind that you need to use named associations for this purpose.

class Person < ApplicationModel
  has_many :buildings, inverse_of: :owner

class Company < ApplicationModel
  has_many :buildings, inverse_of: :owner

class Building < ApplicationModel
  belongs_to :owner, optional: true, polymorphic: true


Given there is a person with the name "Nice person"
  And there is a buildin...

Don't build randomness into your factories

Tests are about 100% control over UI interaction and your test scenario. Randomness makes writing tests hard. You will also push tests that are green for you today, but red for a colleague tomorrow.

That said, please don't do something like this:

Factory(:document) do |document|
  document.category { ['foo', 'bar', 'baz'].sample }

Instead do this:

Factory(:document) do |document|
  document.category 'foo'

The case against Faker

I even recommend to not use libraries like [Faker](http://...


Cucumber features as documentation

Cucumber allows for prose in features and scenarios. Example:

Feature: Cancel account

  There are several ways to cancel a user account. Admins need to 
  do it in complex cases, but normally, users can do it themselves.
  Scenario: User cancels his own account
    Users should be able to cancel an account themselves, so the 
    admins do not need to do it.
    Given a user account for "willy@astor.de"
    When I sign in as "willy@astor.de"
    And I follow "Cancel account"
    Then I should see "Account canceled"



You should probably load your JavaScript with <script defer>

It is generally discouraged to load your JavaScript by a <script src> tag in the <head>:

  <script src="app.js"></script>

The reason is that a <script src> tag will pause the DOM parser until the script has loaded and executed. This will delay the browser's first contentful paint Archive .

A much better default is to load your scripts with a <script src defer> tag:

  <script src="app.js" defer></script>

A deferred script has many useful properties:

  • I...

Bookmarklet to facilitate generating new git branches for PivotalTracker Stories

This bookmarklet grabs a PivotalTracker story title, transforms it into a valid git branch name and automatically prepends your initials and an optional abbreviation (for better tab completion). It will output the following formats:

If you cancel the first dialog or confirm it without entering text:

git checkout -b kw/178298638-card-320-state-machines

If you enter an abbreviation (e.g. stm in this case):

git checkout -b kw/stm/178298638-card-320-state-machines

How to set it up:

  • in the attached file replace `YOUR_INITI...

Unobtrusive JavaScript helper to progressively enhance HTML

The attached compiler() function below applies JavaScript behavior to matching HTML elements as they enter the DOM.

This works like an Unpoly compiler Archive for apps that don't use Unpoly Archive , Custom Elements Archive or any other mechanism that pairs JavaScript with HTML elements.

The compiler() function is also a lightweight replacement for our legacy [$.unobtrusive()](https://makandracards.com/makandra/4-unobtrusiv...

Using inline event handlers with a strict Content Security Policy (CSP)

Given you have a strict CSP that only allows <script src> elements from your own domain:

Content-Security-Policy: script-src 'self'

This will block JavaScript handlers inlined into your HTML elements. Clicking on the following link will only log an error with a strict CSP:

<a href="javascript:alert('hello')">click me</a>
<a href="#" onclick="alert('hello')">click me</a>

Solution 1: Move the handler into your JavaScript

The recommended solution is to move the handler from the HTML to the allowed JavaScript fi...

Linked contentRepeats

RSpec: Debug flickering test suites with rspec --bisect

In modern default RSpec configurations, your tests are usually run in random order. This helps to detect "flickering" tests that only fail when run in a certain order.

The reason for this are tests that have side effects causing other tests to fail later. The hard part is to find the offending test.

Enter rspec --bisect:

  1. Say you have a flickering test that passes on its own, but you just saw it fail in a full test run. At the top of the RSpec output, you will see a message like Randomized with seed 12345. Take a note of the number....

How to use html_safe correctly

Back in the war, Rails developers had to manually HTML-escape user-supplied text before it was rendered in a view. If only a single piece of user-supplied text was rendered without prior escaping, it enabled XSS attacks Archive like injecting a <script> tag into the view of another user.

Because this practice was so error-prone, the rails_xss plugin Archive was developed and later integrated into Rails 3. rails_xss follows a different approach: Instead of relying...


Understanding database cleaning strategies in tests

TLDR: In tests you need to clean out the database before each example. Use :transaction where possible. Use :deletion for Selenium features or when you have a lot of MyISAM tables.

Understanding database cleaning

You want to clean out your test database after each test, so the next test can start from a blank database. To do so you have three options:

  • Wrap each test in a transaction which is rolled back when you're done (through DatabaseCleaner.strategy = :transaction or `config.use_transactional_fi...

MySQL: Careful when using database locks in transactions

We tend to use database transactions as a magic bullet to get rid of all our concurrency problems. When things get really bad, we might even throw in some locking mechanism, but then are usually done with it.

Unfortunately, transactions semantics in databases are actually very complicated, and chances are, your making some incorrect assumptions.

The MySQL innodb engine actually has [four different modes](ht...

This website uses short-lived cookies to improve usability.
Accept or learn more