Improve remember me cookie expiration in Devise (CVE-2015-8314)

A security bug (CVE-2015-8314) has been reported in Devise’s remember me system. Devise implements the “Remember me” functionality by using cookies. While this functionality works across multiple devices, Devise ended-up generating the same cookie for all devices. Consequently, if a malicious user was able to steal a remember me cookie, the cookie could be used … »

O aprendizado a partir de indicadores ágeis

Desenvolver software é algo que traz naturalmente uma carga de incerteza, afinal de contas, envolve uma mistura de desafios técnicos e dúvidas de negócio. Independente do processo ou framework adotado pelo time (ex. Scrum, Kanban, Cascata, etc.); clientes, usuários e stakeholders demandarão uma resposta quando o assunto diz respeito ao prazo de entrega do produto … »

Comparing Elixir and Erlang variables

Sometimes Erlang programmers are worried “Elixir variables may be the source of hidden bugs”. This article discusses those concerns and shows how variables in Erlang can produce related “hidden bugs”, some of those eliminated by Elixir. Before we start, a short disclaimer: Elixir does not have mutable variables, it has rebinding. Mutability is often associated … »

Ecto v1.1 released and Ecto v2.0 plans

Ecto v1.1 has been released. Ecto v1.1 brings improvements and bug fixes to Ecto but, more importantly, paves the way for the upcoming Ecto v2.0 release by deprecating functionality that has been said to be error prone or confusing by developers. This article will highlight both improvements and what to expect by Ecto 2.0. For … »

Mocks and explicit contracts

Our test tools often make it very easy to abuse mocks. This post provides some guidelines on using them properly by relying on explicit contracts.

RubyConf BR 2015, te esperamos lá

Acho que você já sabe, mas neste ano a RubyConf BR será bem diferente, começando pelo lugar (será na FECOMERCIO em São Paulo) e preços dos tickets separados pelos andares. Mais informações no http://www.rubyconf.com.br/. Como não poderia deixar de ser, a Plataformatec estará lá. Estaremos com um espaço no Open Floor e várias palestras. Aproveite … »