Ruby/Rails Digest #3: Hanami v.1.0.0, Checklist on Security in Rails and Idiosyncratic Ruby

  • 7 minutes

Maryna Z.


Vlad V.

Chief Executive Officer

Dear Rubyists, sunny April days brought us plenty of practical and useful material. We saw the release of Hanami v.1.0.0 and became so inspired that we decided to share a few links that’ll uncover a bit more about the framework. Also, we’d like you to take a look at a checklist for security in Rails and a selection of hidden tricks and tips for Ruby. Enjoy the reading!

To Read


Ruby on Rails Web Application Vulnerabilities: How to Make Your App Secure ‒ A longread on common security issues in Rails applications, this article is a must-read for all who care about security in Rails.

One Line of Code that Compromises Your Server ‒ A session secret is a key for encrypting cookies. This article explains how this key can be cracked and what potential menaces there are for your Rails app.

Resilience in Ruby: Handling Failure ‒ If you’ve decided not to store all your application’s data in a single database, read this article to learn how to handle this task and prevent failures.

Zen Rails Security Checklist ‒ A checklist on safety measures that should be taken into account while developing Rails applications.


5 Tips for More Effective Capybara Tests ‒ Capybara is an extra-popular framework for testing web applications. However, even savvy developers will reap benefits from these five tips for more effective testing with Capybara.

Yardcheck: Validate YARD Docs by Running Your Test Suite ‒ The Yardcheck gem checks if your YARD types are correct by running your test suite.

Full-Stack Testing with Rails System Tests ‒ An article on Rails 5.1’s approach to system testing and its advantages for old-school integration tests as well as current testing solutions built on Capybara.


The Rubyist’s Guide to Memoization ‒ Memoization is an effective approach to improving software performance. The detailed examples in this article reveal the essence of memoization.

Monitoring Sidekiq Using AWS Lambda and CloudWatch ‒ A case study on the use of AWS Lambda to visualize data about enqueued jobs and Sidekiq retries.

GraphQL::QueryResolver: Minimize N+1 Queries Generated by GraphQL and ActiveRecord ‒ GraphQL::Query Resolver allows you to minimize N+1 queries generated by GraphQL and ActiveRecord.

ActiveJob::TrafficControl: Rate Limiting/Job Enabling for ActiveJob Using Distributed Locks in Redis or Memcached ‒ The ActiveJob::TrafficControl gem enables you to limit or enable jobs for ActiveJob with the help of distributed locks.

GitHub::DS: A collection of Ruby Libraries for Working with SQL on top of an ActiveRecord Connection ‒ GitHub::DS is a collection of Ruby libraries for working with SQL along with ActiveRecord connections.

Jumping Off The Ruby Memory Cliff ‒ Richard Schneeman explains why the RAM hits the limit and how to mitigate this issue.


Ruby 2.4 Series from BIGBinary ‒ A collection of articles on Ruby 2.4 that’ll keep you posted about new functionality and updates.

Versioning a Rails API ‒ Learn what you can get from versioning a Rails API and how you can update your app to make it work.

How I Wrote the HTTP-Client for Mruby ‒ A case study on writing a small HTTP client for mruby.

Ruby 101: Data Structures ‒ An article for beginner Ruby developers about data structures in Ruby: array, hash, and iteration.

Dry-Validation as a Schema Validation Layer for Ruby on Rails API ‒ Legacy code is never the way we want it to be. However, thanks to ready-made solutions like Dry-Validation the legacy code issue is easily solved.

A Ruby Shadowing Bug in the Wild ‒ Not all developers notice a hidden bug in Ruby when local variables “shadow” class methods. Tom Copeland tells more about this pitfall.

All Rails Service Objects as One Ruby Class ‒ Service objects have become popular in the Rails community. This article reveals the essence of service objects grouped in a single class.

Speed Up Your Sinatra Development with OpeningAct ‒ OpeningAct is a gem that offers a simple Sinatra template, so you’re able to concentrate on developing your app.

Idiosyncratic Ruby: Documenting All Ruby Specialities ‒ A collection of various tips and tricks in Ruby that you’ll definitely enjoy.

Support for Ruby 2.1 Has Ended ‒ Ruby 2.1 is no longer supported; it’s recommended to upgrade to Ruby 2.3 or Ruby 2.4 as soon as possible.

To Listen

TinyTDS, Databases, and SQL Server with Ken Collins ‒ The hosts of the Ruby Rogues podcast discuss TinyTDS, databases, and SQL servers with Ken Collins, the author of SQL Server Adapter for ActiveRecord and TinyTDS.

The Rails 5 Way with Obie Fernandez ‒ A star guest of another Ruby Rogues podcast is Obie Fernandez, the author of The Rails 5 Way.

To Watch

Using Webpack in Rails with the Webpacker Gem ‒ A screencast featuring the Webpacker gem. Webpacker enables you to create modern frontend JavaScript solutions in your Rails app.

Ruby Snack #60: Create New Rails App with Docker ‒ Another RubyThursday podcast, this one explains how to create a new Rails app with Dockerfile and the docker-compose.yml file.

Ruby Snack #61: Rails Development Flow with Docker ‒ A follow-up to the previous screencast on Rails app development with Docker.


Ruby on Rails 5.1.0 Deprecations ‒ A list of deprecated methods in Rails 5.1.0.

Configuring New Rails Projects With .railsrc and Templates ‒ How to configure new Rails-projects with .railsrc file and templates.

Action Cable ‘Hello World’ with Rails 5.1 ‒ A step-by-step tutorial on how to send an HTML code from a console to a loaded webpage.

Slim Down Hefty Rails Controllers AND Models Using Domain Model Events ‒ An article (and an additional screencast) on a refactoring technique that allows for following the “fat model, skinny controller” guideline.

Importing Invalid Legacy Data with Rails ‒ A tutorial on how to import legacy code that’s incompatible with your new Rails application.

Stop Using Case Statements in Ruby ‒ When checking for data types, it’s better to avoid the use of case statements and instead rely on polymorphism. This tutorial explains how to resolve the issue of case statements.

Releases ‒ Fae CMS is a new CMS built with Rails. Fae CMS features a user-friendly interface and rich functionality: a change tracker, global search, an image uploader and image processor, and much more.


Hanami v1.0.0 ‒ April brought us the release of Hanami v1.0.0. This is a small victory for a relatively new framework (work on Hanami started in 2012). The release includes new versions of gems:

  • hanami-1.0.0
  • hanami-model-1.0.0
  • hanami-utils-1.0.0
  • hanami-validations-1.0.0
  • hanami-router-1.0.0
  • hanami-controller-1.0.0
  • hanami-view-1.0.0
  • hanami-helpers-1.0.0
  • hanami-mailer-1.0.0
  • Hanami-assets-1.0.0

Also, we’ve prepared informative articles on the topic that’ll help you compare Hanami with Ruby on Rails and get to know more about Hanami’s capabilities.

What I learned Building an App in Hanami ‒ A never-ending question, “Is Hanami better than Rails?” keeps many Rubyists interested. This article tells about an experience of building an app in Hanami.

Rails vs Hanami ‒ A comparison of Rails and Hanami on all fronts: catalog structure, controllers, application routing, view helpers, and more.

Hanami Trick: Default Template for Mailers ‒ An article on creating default templates for emails.

Uploading Files with Shrine in Hanami ‒ Shrine is a gem that enables file uploading in Hanami. This step-by-step tutorial explains how to implement file uploading functionality with Shrine.

How to Run Hanami in RubyMine ‒ A tutorial on how to run Hanami in RubyMine.


GoogleCloud: The Google Cloud Client Library for Ruby ‒ Google’s Cloud Client library provides APIs for integrating with Google Cloud Platform services.

Postal ‒ A full-fledged mail server for websites and web servers that quickly got into the top of the trending section on GitHub with more than 2600 stars.


Rails, Angular, Postgres, and Bootstrap: Powerful, Effective, Efficient, Full-Stack Web Development ‒ On June 25, the second edition of Rails, Angular, Postgres, and Bootstrap: Powerful, Effective, Efficient, Full-Stack Web Development will be released by The Pragmatic Programmers. Available for pre-order.

Effective Testing with RSpec 3 ‒ O’Reilly Media releases Effective Testing with RSpec 3 in June.

Functional Web Development with Elixir, OTP, and Phoenix ‒ The Elixir community is flourishing. This new book on web development with Elixir will be released on October 10 by The Pragmatic Bookshelf. The ebook version is already available.


Maryna Z.


Vlad V.

Chief Executive Officer

Share article with

Comments (0)
to leave a comment

There are no comments yet

Leave comment

Subscribe via email and know it all first!