Sunsetting Heroku’s Legacy Platform API (v2)

Two years ago we released the Heroku Platform API (v3), providing a supported way to automate and instrument Heroku and making it even easier for you to build new products. Today we are deprecating the legacy, unofficial version of the API that preceded it (v2), as its usage is limited and we are focusing development on the newer, officially-supported API.

Read more →

React, Ruby and CI: An Interview with Matthew Eckstein

Matthew Eckstein is the VP of Engineering for charity: water. For more information, visit: www.charitywater.org. Read our charity: water customer story to learn more about how Heroku has helped their organization deliver clean water to millions of people around the world.

Tell us a bit about charity: water

charity: water is a non-profit organization that brings clean and safe drinking water to people in developing nations all around the world.

We rebuilt our online fundraising and donation platform on Heroku and are super excited to share our story today, March 22nd on World Water Day.

When we first moved to Heroku, we decided to rebuild our system from the ground up. The engineering team was already familiar with Heroku, which made it an easy choice.

Read more →

Heroku Behind the Curtain: Patching the glibc Security Hole

If you’re a developer, it’s unlikely you’ve ever said "I wish I could spend a whole day patching critical security holes in my infrastructure!" (If you do, we’re hiring). And if you’re running a business, it’s unlikely you’ve ever said “Yes! I would like my developers to lose a day’s worth of feature-building on security patches!”.

At Heroku, we believe you shouldn’t have to spend the time required to patch, test, and deploy security fixes. Because of that, some of Heroku’s most important features are ones you never see: we keep our platform reliable and secure for your apps so you don’t have to.

Recently Google Security and Red Hat both discovered a high severity bug in a fundamental system library—glibc. This library is in common usage across the internet. If a server with a vulnerable version of the library were to make a DNS request to a malicious resolver, the DNS server could potentially execute code on the system making the request.

Read more →

Finally, Real-Time Django Is Here: Get Started with Django Channels

Django Channel header

Today, we're thrilled to host Jacob Kaplan-Moss. Jacob's a former Herokai and long-time core contributor to Django, and he's here to share an in-depth look at something that he believes will define the future of the framework.

When Django was created, over ten years ago, the web was a less complicated place. The majority of web pages were static. Database-backed, Model/View/Controller-style web apps were the new spiffy thing. Ajax was barely starting to be used, and only in narrow contexts.

Read more →

How to Deploy Your Slack Bots to Heroku

Starbot

Whether they're publishing notifications, responding to /slash commands or carrying a conversation, bots have become an integral part of the way we work with Slack. A bot can do any number of things for your team as part of your day-to-day work, you're only limited by your imagination. For some first-hand experience, check out the Heroku Button Gallery, where users have created all types of bots: from fun bots like poker and Jeopardy!, to more practical ones like a bot that tracks the satisfaction of your team members or one that reminds your team to review existing pull requests.

That said, the real power and fun of Slack bots comes once you know how to build your own. In this post, we'll show you how to create and deploy a Slack bot that will respond to /slash commands in order to show the top trending repos in GitHub. While a Slack bot can be built in practically any language, today we're going to build ours with Node, and not just because I 💖 Node. Anything beyond a simple notification bot depends on Slack's WebSocket-based RTM (Real Time Messaging) API, and WebSockets and Node go together like 🍔🍟.

Read more →

Browse the blog archives, subscribe to the full-text feed, or visit the engineering blog.