Search overlay panel for performing site-wide searches
Salesforce (Heroku) Named a Leader. Learn More!

Richard Schneeman

Ruby Engineer at Heroku
Heroku Staff

Richard “Ruby Hero” Schneems writes Ruby at Heroku, maintains CodeTriage.com, and co-organizes Keep Ruby Weird. He is in the top 50 Rails contributors and is an accidental maintainer of Sprockets. He also wrote a few gems you might have heard of including Wicked, and derailed_benchmarks. Find more writing at https://schneems.com

Migrating Your Ruby Apps to the Latest Stack

Do you run Rails or pure Ruby applications on Heroku? If so, it’s important to be aware of upcoming end-of-life (EOL) dates for both your stack and your Ruby version. The Heroku-20 stack, built on Ubuntu 20.04 LTS, will reach EOL for standard support in April 2025. Ruby 2.7 has already passed its EOL, meaning it’s no longer receiving critical security updates. Continuing to run your app with either an outdated Ruby version or an unsupported Heroku stack exposes your application to increasing security and stability risks. In this article, we’ll cover: What the Heroku-20 EOL means for your application.…

The Life-Changing Magic of Tidying Ruby Object Allocations

Your app is slow. It does not spark joy. This post will use memory allocation profiling tools to discover performance hotspots, even when they're coming from inside a library. We will use this technique with a real-world application to identify a piece of optimizable code in Active Record that ultimately leads to a patch with a substantial impact on page speed. In addition to the talk, I've gone back and written a full technical recap of each section to revisit it any time you want without going through the video. I make heavy use of theatrics here, including a Japanese…

A Fast Car Needs Good Brakes: How We Added Client Rate Throttling to the Platform API Gem

When API requests are made one-after-the-other they'll quickly hit rate limits and when that happens: If you provide an API client that doesn't include rate limiting, you don't really have an API client. You've got an exception generator with a remote timer. — Richard Schneeman Stay Inside (@schneems) June 12, 2019 That tweet spawned a discussion that generated a quest to add rate throttling logic to the platform-api gem that Heroku maintains for talking to its API in Ruby. If the term "rate throttling" is new to you, read Rate limiting, rate throttling, and how they work together The Heroku…

Ruby 2.7.0 Holiday Release

When Heroku launched in 2007 there was only a single Ruby version that could be used on the platform. In 2012 Heroku began to support multiple Ruby versions. Since then, we've had a holiday tradition of releasing the new versions of Ruby on the same day they come out, which always happens on Christmas day (December 25th). If you're new to the community, you might be curious about where releasing a new minor version on Christmas comes from. To help answer that question, we interviewed Matz's, who works as the Chief Ruby Architect at Heroku in 2015. In his own…

The Curious Case of the Table-Locking UPDATE Query

Update: On closer inspection, the lock type was not on the table, but on a tuple. For more information on this locking mechanism see the internal Postgresql tuple locking documentation. Postgres does not have lock promotion as suggested in the debugging section of this post. I maintain an internal-facing service at Heroku that does metadata processing. It's not real-time, so there's plenty of slack for when things go wrong. Recently I discovered a Postgres performance issue that bogged down the system to the point where no jobs were being executed at all. After hours of debugging, I found that an…

Puma 4: Hammering Out H13s—A Debugging Story

For quite some time we've received reports from our larger customers about a mysterious H13 – Connection closed error showing up for Ruby applications. Curiously it only ever happened around the time they were deploying or scaling their dynos. Even more peculiar, it only happened to relatively high scale applications. We couldn't reproduce the behavior on an example app. This is a story about distributed coordination, the TCP API, and how we debugged and fixed a bug in Puma that only shows up at scale. Connection closed First of all, what even is an H13 error? From our error page…

Debugging in Ruby—Busting a Year-old Bug in Sprockets

Debugging is an important skill to develop as you work your way up to more complex projects. Seasoned engineers have a sixth sense for squashing bugs and have built up an impressive collection of tools that help them diagnose and fix bugs. I'm a member of Heroku’s Ruby team and creator of CodeTriage and today we’ll look at the tools that I used on a journey to fix a gnarly bug in Sprockets. Sprockets is an asset packaging system written in Ruby that lies at the heart of Rails’ asset processing pipeline. At the end of the post, you will…

Cache Invalidation Complexity: Rails 5.2 and Dalli Cache Store

Rails applications that use ActiveRecord objects in their cache may experience an issue where the entries cannot be invalidated if all of these conditions are true: They are using Rails 5.2+ They have configured config.active_record.cache_versioning = true They are using a cache that is not maintained by Rails, such as dalli_store (2.7.8 or prior) In this post, we discuss the background to a change in the way that cache keys work with Rails, why this change introduced an API incompatibility with 3rd party cache stores, and finally how you can find out if your app is at risk and how…

Rails Asset Pipeline Directory Traversal Vulnerability (CVE-2018-3760)

All previously released versions of Sprockets, the software that powers the Rails asset pipeline, contain a directory traversal vulnerability. This vulnerability has been assigned CVE-2018-3760. How do I know if I'm affected? Rails applications are vulnerable if they have this setting enabled in their application: # config/environments/production.rb config.assets.compile = true # setting to true makes your app vulnerable Note: The default value of this setting that ships with Rails in production.rb is false. By default, Rails apps running in production mode are not vulnerable to this exploit. How do I fix it? To remediate this vulnerability, applications can either change…

Rails 5.2 Active Storage: Previews, Poppler, and Solving Licensing Pitfalls

Rails 5.2 was just released last month with a major new feature: Active Storage. Active Storage provides file uploads and attachments for Active Record models with a variety of backing services (like AWS S3). While libraries like Paperclip exist to do similar work, this is the first time that such a feature has been shipped with Rails. At Heroku, we consider cloud storage a best practice, so we've ensured that it works on our platform. In this post, we'll share how we prepared for the release of Rails 5.2, and how you can deploy an app today using the new…

Subscribe to the full-text RSS feed for Richard Schneeman.