Posts by andre

Learn everything about Ruby, all in under a minute. In this episode of Ruby55 we cover the fastest way to create a new RubyGem, using Bundler’s gem command

It’s been a month since San Francisco and the surrounding counties announced a lockdown, and at least a couple of weeks in most of the US. The good news is that it’s possible to build software even when everyone is staying at home every day, unlike a lot of jobs!

The bad news is this isn’t remote working, not the way that anyone has ever talked about it before. In the words of Juan Pablo Buritica, this is “stuck at home work”, and that’s much worse.

Building secure web applications is really, really hard. One of the biggest attack vectors in modern webapps is passwords. Even if we set aside the dangers of phishing or other more sophisticated attacks, passwords themselves are a source of danger, between simple passwords, guessable passwords, shared passwords among family members or teammates, and reused passwords across accounts.

Over several years of working at Cloud City Development, I’ve seen a consistent demand crop up repeatedly amongst our clients' companies: How can a team of software engineers hire aggressively to meet future needs, while still having time to meet current needs? How can developers (or their managers) find the expertise that they need to evaluate candidates, when it is precisely that very expertise that is needed for them to do so?

Andre Arko, Cloud City Development senior developer and lead developer of Bundler, the Ruby dependency manager, has three questions you should ask yourself before diving in. Then once you've answered why open source (and confirmed you have the time), he shares his 15 minute a day blueprint to go from Open Source Newbie to Core Contributor.

Improving diversity in tech won’t happen overnight and can’t start until we include everyone. Andre Arko covers five things he’s seen and experienced over the last six years of working on Bundler. Before jumping in blindly, keep in mind that they may not work for everyone. Pay attention to how tech as a field mistreats underrepresented people and actively work to fix it.

At Cloud City Development, we care a lot about people--treating them humanely, helping them accomplish their goals, and working together to make the field of tech and the world a better place. Andre Arko shares five reasons why including people in tech matters and why everyone, not just marginalized or excluded people must speak up.

This post was originally given as a presentation at RailsConf 2015.

Using Ruby code written by other developers is easy! Just add it to your Gemfile, run bundle install, and start using it.

But what's really happening when you do that? How can use you someone else's code just by putting it in your Gemfile?

The other day, I helped debug an issue on some production Joyent Cloud servers (which use SmartOS, based on Illumos, the open-source successor to Solaris). The solution turned out to be so non-obvious, and the cause pretty interesting, so I thought it was worth writing up.

This post is a part news, part technical documentation, and part request for comment. I’m going to explain the technical nitty-gritty details of the planned next generation index that allows Bundler and Rubygems to know what gems exist and how to install them.

So I titled this “How to be an ally,” but that’s a lie. You can’t be an ally. No one can. Ally-ness isn’t something that you can have intrinsically, any more than you can inherently be kindness, or rudeness. You can do ally actions. So probably a better name for this is How To Do Ally Work. But I’m getting a bit ahead of myself.

Bundler, Rubygems, and rubygems.org are vital infrastructure that every Rubyist uses just about every day. Over the last year, that infrastructure has seen a huge amount of change. This is an overview of the changes, an update on where things are now, and an explanation of where we’re going soon.

Last week I went to Tel Aviv, Israel for the Rails Israel and DevConTLV conferences, where I gave three talks on new developments in the Ruby community. The first talk was about how Bundler took down Rubygems.org last year, what we did to fix it, and the lessons that we learned as a result.

Security is a hard topic. It’s an especially hard topic in the Ruby community, where the security situation has historically been so great that hardly anyone has had to care about it. You may not know this, depending on how long you’ve been a rubyist, but Ruby security issues usually only come up once or maybe twice per year. They’re usually relatively benign, as those things go, so everyone updates as soon as it’s convenient, and life goes on.