How to blend a rock-solid CMS and API with the absolute best in front-end tooling, built as a single project and hosted seamlessly on Heroku.
Rails is an incredible framework, but modern web development has moved to the front-end, meaning sometimes you don’t need all the bulk of the asset pipeline and the templating system. In Rails 5 you can now create an API-only Rails app, meaning you can build your front-end however you like—using Create React App, for example. It’s no longer 100% omakase.
Rails 5.2 was just released last month with a major new feature: Active Storage. Active Storage provides file uploads and attachments for Active Record models with a variety of backing services (like AWS S3). While libraries like Paperclip exist to do similar work, this is the first time that such a feature has been shipped with Rails. At Heroku, we consider cloud storage a best practice, so we've ensured that it works on our platform. In this post, we'll share how we prepared for the release of Rails 5.2, and how you can deploy an app today using the new Active Storage functionality.
At Heroku, trust is our number one value. When we learned that Active Storage...
Heroku Webhooks let you create powerful real-time integrations and drive custom operations workflows whenever your Heroku app changes. Today, we're excited to announce a new user experience that makes managing and creating webhooks easier than ever. Now everyone on your team can create a webhook, update it and see deliverability, using a straightforward interface in the Heroku Dashboard. Until now, app webhooks functionality was only available through the Heroku CLI.
You can find the new webhooks interface by going to the Dashboard view for an app, clicking on “More” on the right hand side of the page, and then selecting “View...
I sat down with some Ruby friends in Hiroshima last year to have a conversation about just-in-time compilation for Ruby, specifically the new MJIT method-based implementation. Those of you who are already familiar with JITs and how they work might want to skip directly to the interview, the rest of us are going to hang out for a minute and learn about how things presently work in Ruby, and what it is exactly that the MJIT would change.
Computers don’t speak Ruby or any other high-level language, they only speak machine language. In a compiled language like C++ you use a compiler to convert all of your C++ code into machine language directly before you run...
At Heroku we consistently monitor vulnerability feeds for new issues. Once a new vulnerability drops, we jump into action to triage and determine how our platform and customers may be affected. Part of this process involves evaluating possible attack scenarios not included in the original vulnerability report. We also spend time looking for "adjacent" and similar bugs in other products. The following Ruby vulnerability was identified during this process.
A vulnerability, CVE-2017-8817, was identified in libcurl. The FTP function contained an out of bounds read when processing wildcards. As soon as the vulnerability was made public, we went through our...
Browse the blog archives or subscribe to the full-text feed.