Announcing a new and improved Node.js Buildpack

Last week we released a new version of our node buildpack that features dependency caching, faster downloads of the node binary, and support for any recent version of node. This new build process is now the default for all node apps on Heroku, so keep deploying your apps as you normally would and you should start to notice the speed improvements.

Read more →

A Patch in Time: Securing Ruby

There have been thousands of reported security vulnerabilities in 2013 alone, often with language that leaves it unclear if you're affected. Heroku's job is to ensure you can focus on building your functionality, as part of that we take responsibility for the security of your app as much as we're able. On Friday, November 22nd a security vulnerability was disclosed in Ruby (MRI): CVE-2013-4164 . Our team moved quickly to identify the risk to anyone using the Heroku platform and push out a fix.

Read more →

Batkid Saves the Day in SF

Editor's Note: This is a guest post from Jonathan Cipriano, creative developer based in San Francisco currently working as a Creative Research & Development Manager at AKQA.

A few weeks back, the Make-a-Wish Foundation made a 5-year old cancer survivor named Miles dream come true by helping him play out a Batman-style adventure in San Francisco. The city was morphed into Gotham for a day with the help of 12,000 volunteers. A rescue mission turned the pint-sized crusader into a social media sensation. Miles became Batkid for a day.

Inspired by his story, some creative devs at AKQA thought it would be fitting to memorialize the heroic event with an interactive comic book, and created it on Heroku.

Read more →

Message Queues, Background Processing and the End of the Monolithic App

Editor's note: This is a guest post from Ken Fromm and Paddy Foran at's services are designed for building distributed cloud applications quickly and operating at scale.

Platform as a Service has transformed the use of cloud infrastructure and drastically increased cloud adoption for common types of applications, but apps are becoming more complex. There are more interfaces, greater expectations on response times, increasing connections to other systems, and lots more processing around each event. The next shift in cloud development will be less about building monolithic apps and more about creating highly scalable and adaptive systems.

Don’t get us wrong, developers are not going to go around calling themselves systems engineers any time soon but at the scale and capabilities that the cloud enables, the title is not too far from the truth.

Read more →

Heroku Postgres Followers Patched

On November 18th, a replication bug was found in Postgres that affected the most recent versions of every Postgres release. The corruption that this bug may introduce could go undetected, and it manifests itself as a follower potentially having an inconsistent view of the data. For example, data could be present in the primary and not on the follower, or data deleted or updated on the primary and not from the follower. The likelihood of triggering this bug is higher for write-heavy workloads, such as many OLTP applications seen at Heroku.

We always recommend placing applications in maintenance mode and scaling down workers when performing a follower based changeover, and following this procedure largely decreases the chances of corruption introduced by this bug.

At Heroku Postgres we recognize the importance of data integrity and consistency in your databases: As of now there are no Heroku Postgres databases vulnerable to this corruption bug. Even though new versions of Postgres have not been released yet and are scheduled to ship early December, a patch was made available to the Postgres community on all git branches for affected versions. We have back-ported this patch to all of our supported Postgres versions, and all affected instances have been replaced. As this bug only impacts followers, no primary databases were at risk and no primary databases required the patch.

If you were worried about this bug affecting your Heroku Postgres database, worry no longer: just sit back and enjoy your healthy followers.

Browse the blog archives, subscribe to the full-text feed, or visit the engineering blog.