Weeks of January 14 - January 20, 2013

• 8b72d689 adds a Javascript path matching widget to the in-browser routes output, so you can see which route will match on a particular path.

• TheSortableTree - Drag and drop GUI for nested sets in Rails.
• Colour Schemes - Themes compatable with DT2, TextMate, VIM, and other editors.
• Railyo - Private job board for Rails developers.
• Font Awesome - Icon font for Bootstrap.
• HTTP Compression Test - Easy way to make sure your servers are sending compressed content when requested to do so.
• RubyJS - "A JavaScript standard library based on the Ruby core-lib."

• Stately - State Machine gem with a clean and simple DSL.
• Isolating High System Load - Well-written set of steps for investigating Linux problems.
• Turtles All the Way Down - An argument that we should switch away from YAML to Ruby for configuring Ruby systems.
• How to create a simple CSS3 tooltip - One less thing to use JavaScript for.

• Ruby 1.9.3-p374 is released - With fixes for the segfault issues reported in p362.
• Announcing Testling-CI - Cross browser continuous integration for modules intended to run in a browsers.
• Learn CSS Layout - Online course.
• Faster Websites: Crash Course on Web Performance - From Ilya Grigorik, who know a ton about this stuff.
• The Absolute Beginner's Guide to Sass - The basics.

I hate dealing with server mysteries.

• Squash - Online bug trackers with some interesting new capabilities.
• How to: Configure Burp and Chrome for HTTPS (SSL) packet inspection and web site debugging on Mac OSX - A useful trick to know.
• Case Study: Pro-active Log Review Might Be a Good Idea - A cute story of developer malfeasance.
• jQuery 1.9 final, jQuery 2.0 beta, Migrate final released - Big updates from the jQuery folks.
• Thredis - Threaded fork of redis.

• Notes on Distributed Systems for Young Bloods - Worth reading if you're tinkering with a non-trivial web application.
• How to Permanently Prevent OS X 10.7 Lion from ever Re-Opening Apps After a Restart - Useful tweak.
• Rails has Two Default Stacks - Or many, really. A small exploration of why it's getting really hard to learn "Rails" these days.
• Draper 1.0.0 released - One of the more complex alternatives for decorators.

Weeks of January 7 - January 13, 2013

• 88cc1688 merges in the latest Rails security fixes. If you didn't already know about them it's probably too late.
• Starting with 3e1ed781 performance tests are removed to a separate rails-performance_tests gem.
• 2549a3b0 deprecates update_attributes in favor of update.

• [SECURITY] Graylog2 v0.9.6-x & 0.10.0-x Rails CVE-2013-0156 fixes - Have you thought about what parts of your infrastructure are Rails-based yet?
• Firebug 1.12 alpha 1 - Now with a Javascript closure inspector. Perhaps I'll finally understand closures.
• Scoped Style Support - New CSS construct that works in Firefox.
• Asset Pipeline Internals - Writing one in a ruby project outside of Rails.
• Rails Devops Checklist - A bunch of useful linux commands for those of us who don't spend all day at the command line.
• Rust 0.5 released - Mozilla-sponsored concurrency-oriented language moves along.
• interprocess_attribute - Share attributes between parent and child processes.
• Instrumental - Statistics tracking as a service.

All patch and no play makes Jack a cranky boy.

• Rails Security Vulnerability - Heroku explains to their customers.
• multi_xml 0.5.2 - You need to upgrade this too, for another security fix (and check your Rails app, you're probably using this gem whether you know it or not).
• URGENT: Faye security releases - And yes, one more.
• Dependency Injection != Inversion of Control - Just in case you'd like to go back from security issues to arguing about patterns.
• Gem Badge - Automatically link your Github repo to built gems.
• You Don't Need the DOM Ready Event - Speeding up your javascript a bit.

You know…I really don't need any more application issues just at the moment.

• Rails' Remote Code Execution Vulnerability Explained, Rails PoC exploits for CVE-2013-0156 and CVE-2013-0155, and Serialization Mischief in Ruby Land (CVE-2013-0156) - Lots of code floating around now to exploit that Rails security bug. Patch or be pwned.
• Rails 3.2.11 regression with empty nested attributes in parameters - Meanwhile, if you did patch, there's a good chance your code that uses nested attributes are busted.
• Sequel Pro 1.0 RC1 - Nice little OS/X MySQL client.

• Rails 3.2.11, 3.1.10, 3.0.19, and 2.3.15 have been released! - To fix a serious security hole. Literally, if you're running an early version of Rails, an attacker has a way to run code on your server. This one's no joke, upgrade now.
• Analysis of Rails XML Parameter Parsing Vulnerability - A bit of digging into the guts of the problem.
• Hash#to_xml supports YAML attributes - The commit that started it all.
• Ceaser - Tool to play with CSS easings.
• A Beginner's Guide to HTML & CSS - With an advanced guide promised for the future.
• 5 great visual tweaks for Sublime Text - From a forthcoming ebook.
• NSLogger - Advanced logger for iOS applications.

• PurgoMalum - Profanity filter as a service.
• Writing Web Apps Quickly With Mortar - A set of templates from Mozilla.
• Minitest-focus - Choose to run only a single test by adding a declaration to your code, rather than remembering a command-line switch.
• ruby 2.0.0-rc1 release announcement - It's out.
• Using Rack HEAD causes CookieStore security warnings - If you've upgraded rack recently, you may have noticed scary warnings in your Rails logs. This issue is tracking that (turns out the warning is spurious).

Weeks of December 31, 2012 - January 6, 2013

• 44930b2d is the fix for the recent (fairly unlikely) SQL injection vulnerability in Active Record.
• cb2bd4aa merges in work to replace update_attributes with update.
• 009873ae solidifies Rails treatment of executables: "Introduce ./bin for your app's executables: bin/bundle, bin/rails, bin/rake. Executable scripts are versioned code like the rest of your app. To generate a stub for a bundled gem: 'bundle binstubs unicorn' and 'git add bin/unicorn'".

If you want to learn about the DCI controversy, you can Google it. Personally, I'm crushingly uninterested.

• cocoa-rest-client - Native OS X app for testing HTTP endpoints.
• μLithp - Lisp interpreter in 27 lines of Ruby.
• rbenv - Version 0.4.0 of this ruby switcher, which has the endorsement of Rails, is out.
• No Clients? 5 Ways to Spend All That Free Time - Suggestions for what to do if you're experiencing a contract drought.
• JSComplexity.org - Online analyzer for JavaScript code.
• Securing the Rails session secret - Some approaches for open-source applications.
• vigil - Programming language that really enforces contracts.

• Rails 4: What's New - Another overview of the major changes.
• Rails SQL injection vulnerability - A more detailed look from Phusion.

• Regexper - Enter a regular expression, see a visualization of its effects.
• Working with time zones in Ruby on Rails - A good rundown of the ins and outs.
• Automating the Setup of My Perfect Developer Environment on OSX 10.8 Mountain Lion - Using Chef and Soloist.
• hubtime - Generate graphs and stats of your GitHub activity.
• Rails 3.2.10, 3.1.9, and 3.0.18 have been released! - And yes, you need to upgrade due to security fixes.

• The Philosophy of Tent - More news from one of the social networking dark horses.
• Thinking Sphinx 3.0.0 - It's released.
• Get Your App Ready for Rails 4 - A list of things to do as you're on the way to upgrading.
• Logstalgia - Visualize your web access log as a pong game.

And a happy new year to you too.

• gitrep - Search and tagging site for GitHub repositories.
• Iron.io - Hosted workers, queuing, and caching for your cloud applications.
• Basics of fog and AWS for Rails apps - Starting from the AWS console commands.
• Building Ruby 1.9.3 package for Debian Squeeze - Came in handy last night as I brought up a new server.

Weeks of December 24 - December 30, 2012

After anticipating Rails 4 for a year, it feels close to me. I'd be amazed if we weren't playing with it by RailsConf.

• 61b91c4c removes the /bin directory from the default .gitignore. Seldom has a one-line change generated so much heated discussion. My point of view? I never use the default .gitignore unchanged and neither should you. If you don't want to check in /bin, ignore it yourself.
• f75addd0 introduces assert_not foo to replace assert !foo.

Last weekend's fun: overnighting in a hammock in 13F weather.

• Summary of the December 24, 2012 Amazon ELB Service Event in the US-East Region - " The data was deleted by a maintenance process that was inadvertently run against the production ELB state data." That's corporate-speak for "Joe screwed up."
• Kotlin - New statically typed language from JetBrains that compiles to JVM byte codes and JavaScript.
• rubyflux - And here's a Ruby to Java compiler.
• What Is New in Rails Contributors - A note on the latest updates to the RailsContributors site. I'm amazed that I'm still #29 on the overall list.
• Koudoku - Subscription support for Rails applications via Stripe.
• Private windows coming to Firefox - Or already here, if you're using the nightlies.
• Browser Details - Rack middleware to write user agent information to your Rails log.
• Deploying with Gitploy - Using this simple git-based deployment tool.
• RailsConf 2013 CFP - It's coming April 29-May 2 in Portland.
• Ember.js Guides - Freshly spiffy documentation site.
• Do Not Want - Gem to hide some of the more dangerous parts of Active Record.
• resizeMyBrowser - See and set the viewport size of your browser with this site.