GitHub was recently compromised by a vulnerability in Ruby on Rails know as mass assignment. This vulnerability is thought to not only affect a large number of Ruby-based websites, but also those using ASP.NET MVC and other ORM-backed web frameworks.
Phusion announced that their Ruby 1.8.7 based Enterprise Edition (REE) is nearing its end-of-life. A Ruby 1.9 based version is not planned, instead the team focuses on Phusion Passenger, their solution for running Ruby on Apache and Nginx.
Travis CI, a cloud-based continuous integration (CI) offering for open source projects on Github, has announced support for Java builds, as well as Scala and Groovy additions. After gaining traction among the Ruby open source community the project is now looking into the possibility of expansion to a hosted CI service (nicknamed Travis Pro).
JetBrains released version 4 of their Ruby IDE RubyMine. This release focuses on better performance, and contains incremental improvements and polishing in many areas. For NetBeans 7.1, a preview release of the community Ruby support is now available.
The successor of Ruby 1.9.3 will replace the current Lazy Sweep Garbage Collector with a Bitmap Marking GC, which will significantly reduce Ruby's memory usage for parallel programs, similar to Ruby Enterprise Edition's copy-on-write-friendly GC. We talked with Narihiro Nakamura who implemented both the current Lazy Sweep and the Bitmap Marking GC.
Security researcher Alexander Klink and Julian Wälde revealed a serious vulnerability that until recently affected the vast majority of web server. The attack only requires a single HTTP request that is specially designed to create hash code collisions in POST form data. When first discovered this attack affected Python, Ruby, PHP, Java, and ASP.NET, but vendors have been working on patches.
The Ruby on Rails team announced the first release candidate of Rails 3.2. New features include a faster development mode, an explain feature for database queries and several smaller features. After 3.2, the next major release of Rails will be 4.0 and drop support for Ruby 1.8.7
Unlike other templating engines that focus on given as much power as possible to the user, Liquid is designed to restrict what the user can do. The goal is to allow end-users to create their own templates without jeopardizing the security of the server. Originally created for Ruby, Liquid is now available for .NET as well.
Engine Yard joins the growing number of hosters with Node.js support. InfoQ talked to Dr Nic Williams about the nature of the Node.js support and more.
The MagLev project has released version 1.0 of their Ruby VM. The Ruby implementation is based on the GemStone/S Smalltalk VM which comes with GemStone's distributed cache, ACID transactions, and persistence system (OODB). InfoQ caught up with Monty Williams of the MagLev project to talk about where MagLev fits on the NoSQL spectrum, and much more.
The latest Ruby release 1.9.3 further improves the stability and performance of the 1.9 series and brings only few new features. Ruby's license changed to 2-clause BSD + Ruby License instead of GPLv2 + Ruby License.
Today, Facebook and Heroku announced an integration between the their respective developer platforms that simplifies the development of Facebook Apps. With just a few clicks, you can select your language and configure which type of App you want to develop (Web Site, Canvas or Page Tab).
Exactly one year after the last major released, the Ruby on Rails team released Rails 3.1. The highlights of this release are support for HTTP Streaming, more intelligent migrations and the new assets pipeline that makes it easier to use CoffeeScript and Sass.
Keeping up to date on software architecture is difficult, because only a few information sources cover this important area explicitly. Of course, Online Services like InfoQ offer a lot of information on software architecture and design. But what about learning in your spare time,for instance when you are commuting or during your running exercise? Can audio podcasts provide an appropriate solution?
CONTENT IN THIS BOX PROVIDED BY OUR SPONSOR
- DevOps All-In-One-Guide: Tools, Case Studies, Articles
- 5 Unsung Tools of DevOps
- DevOps and Continuous Delivery: How to Reduce Cycle Times
- Mobile App Creation: 5 Key Phases for Success
- Infographic: State of the Mobile Stack
Get visibility across your entire software ecosystem in one single intuitive UI. One tool for all you’re programming languages: Ruby, PHP, Java, .NET, Python, iOS and Android.
New Relic is the only fully SaaS web app performance tool that monitors your entire application stack in real time with a single product and a single UI.
New Relic lets you:
- Increase visibility: Monitor your web or mobile app’s overall health, performance and availability
- Troubleshoot proactively: Quickly identify issues before they disrupt critical services & impact your bottom line
- Scale languages: Monitor your current languages and scale your APM to optimize your future needs
- Keeping the Mobile Enterprise Moving
- Breaking Down ApDex
- Your Application Toolkit – One Platform to Easily View All Metrics
- In Any Language: Adapting to the Polyglot Programming Challenge
- App Developers-Agents of Change and Influence
- Are Your Mobile Apps Really Enterprise Ready?
On Demand Webinars:
- The Advantages of Mobile Application Performance Monitoring
- The Business Case for APM in the Enterprise
- Engaging Mobile Users: Maintaining Relationships After the Download