rails
- Engineering
- Last Updated: April 15, 2019
- Jonan Scheffler
Setting up a database is a relatively straightforward process (Heroku has an add-on for that), but getting it to run well in production is sometimes another matter. As your application grows and your data grows along with it, you will likely find a number of performance bottlenecks specifically related to your database, and this post aims to help you diagnose and address those issues when they arise. As with all components of your infrastructure it’s important to have early visibility into the performance characteristics of your database. Watching this data as your application grows will give you a much better…
- Engineering
- Last Updated: March 20, 2019
- Amy Unger
This blog post is adapted from a talk given by Amy Unger at RailsConf 2018 titled "Knobs, buttons & switches: Operating your application at scale." We've all seen applications that keel over when a single, upstream service goes down. Despite our best intentions, sometimes an unexpected outage has us scrambling to make repairs. In this blog post, we'll take a look at some tools you can integrate into your application before disaster strikes. We'll talk about seven strategies that can help you shed load, fail gracefully, and protect struggling services. We'll also talk about the technical implementations of these techniques—particularly…
- Engineering
- Last Updated: May 14, 2024
- Richard Schneeman
Debugging is an important skill to develop as you work your way up to more complex projects. Seasoned engineers have a sixth sense for squashing bugs and have built up an impressive collection of tools that help them diagnose and fix bugs. I'm a member of Heroku’s Ruby team and creator of CodeTriage and today we’ll look at the tools that I used on a journey to fix a gnarly bug in Sprockets. Sprockets is an asset packaging system written in Ruby that lies at the heart of Rails’ asset processing pipeline. At the end of the post, you will…
- Engineering
- Last Updated: June 03, 2024
- Stella Cotton
This blog post is adapted from a talk given by Stella Cotton at RailsConf 2018 titled “So You’ve Got Yourself a Kafka.” https://www.youtube.com/embed/Rzl4O1oaVy8 In recent years, designing software as a collection of services, rather than a single, monolithic codebase, has become a popular way to build applications. In this post, we’ll learn the basics of Kafka and how its event-driven process can be used to power your Rails services. We’ll also talk about practical considerations and operational challenges that your event-driven Rails services might face around monitoring and scaling. What is Kafka? Suppose you want to know more information about…
- Engineering
- Last Updated: June 03, 2024
- Richard Schneeman
Rails applications that use ActiveRecord objects in their cache may experience an issue where the entries cannot be invalidated if all of these conditions are true: They are using Rails 5.2+ They have configured config.active_record.cache_versioning = true They are using a cache that is not maintained by Rails, such as dalli_store (2.7.8 or prior) In this post, we discuss the background to a change in the way that cache keys work with Rails, why this change introduced an API incompatibility with 3rd party cache stores, and finally how you can find out if your app is at risk and how…
- Engineering
- Last Updated: June 19, 2018
- Richard Schneeman
All previously released versions of Sprockets, the software that powers the Rails asset pipeline, contain a directory traversal vulnerability. This vulnerability has been assigned CVE-2018-3760. How do I know if I'm affected? Rails applications are vulnerable if they have this setting enabled in their application: # config/environments/production.rb config.assets.compile = true # setting to true makes your app vulnerable Note: The default value of this setting that ships with Rails in production.rb is false. By default, Rails apps running in production mode are not vulnerable to this exploit. How do I fix it? To remediate this vulnerability, applications can either change…
- Engineering
- Last Updated: May 22, 2018
- Craig Ingram
The Public Cloud Security (PCS) group at Salesforce partners very closely with Heroku engineering to review and advise on new product features across the platform, from infrastructure to applications. One of the most rewarding aspects about this partnership and working on this team for me is when we not only identify security concerns, but take an active role in building safe solutions. Heroku recently announced support for Active Storage in Rails 5.2, which introduces the ability to generate previews of PDFs and videos. As a security engineer, hearing about a new feature in a product that automatically parses media files…
- Engineering
- Last Updated: June 03, 2024
- Charlie Gleason
How to blend a rock-solid CMS and API with the absolute best in front-end tooling, built as a single project and hosted seamlessly on Heroku. Rails is an incredible framework, but modern web development has moved to the front-end, meaning sometimes you don’t need all the bulk of the asset pipeline and the templating system. In Rails 5 you can now create an API-only Rails app, meaning you can build your front-end however you like—using Create React App, for example. It’s no longer 100% omakase. And for projects that don’t need CMS-like capabilities, Rails and that works pretty great straight away. Create…
- Engineering
- Last Updated: June 03, 2024
- Richard Schneeman
Rails 5.2 was just released last month with a major new feature: Active Storage. Active Storage provides file uploads and attachments for Active Record models with a variety of backing services (like AWS S3). While libraries like Paperclip exist to do similar work, this is the first time that such a feature has been shipped with Rails. At Heroku, we consider cloud storage a best practice, so we've ensured that it works on our platform. In this post, we'll share how we prepared for the release of Rails 5.2, and how you can deploy an app today using the new…
- News
- Last Updated: April 30, 2024
- Chris Castle
Austen Ito is a software engineer at leading online fashion brand Bonobos, based in New York. Read our Bonobos customer story for more information about how Heroku has helped their business. What do you have running on Heroku? We’re running just about everything on Heroku, including our Bonobos.com website, cross-app messaging services, an API for our ERP, as well as some internal tools. The only pieces that are not on Heroku are the Data Science and ERP components. We’re also using Desk.com for customer service queuing. Walk us through your stack We use a mix of Backbone and React in…
Subscribe to the full-text RSS feed for Jonan Scheffler.