Incorrect Access Control in Simple Form (CVE-2019-16676)

Simple Form version 5.0 was released today with a fix for a security issue that could allow an attacker to execute methods on form objects. The issue is explained in details below.

Entendendo a motivação do seu time

Como líderes podem motivar suas equipes a utilizarem plenamente suas habilidades e atingirem todo o seu potencial ?

Using Broadway at

This is a quick blog post about our experience replacing’s GenStage pipeline with Broadway. To give some background information, started out as basically just static file hosting for documentation. With the introduction of private Hexdocs it became a distinct Elixir application. Over time, we have also moved handling of documentation tarballs there to offload API servers. Instead of API servers doing … »

Desenvolvendo um olhar de produto na organização

É possível observar um interesse das empresas em migrar seu modelo de gestão para uma perspectiva de entrega de produto ou serviço digital. Inspiradas por estruturas orgânicas e multidisciplinares que vão contra as práticas que padronizam e especializam o trabalho, as empresas estão em busca de entregar novas formas de proposta de valor aos clientes, … »

Improve confirmation token validation in Devise (CVE-2019-16109)

Devise version 4.7.1 was released with a fix for an edge case that could confirm accounts by mistake. We’ll explain now in details what is the issue, how it was fixed and which actions you might want to take in your applications. Description We received a security report saying that it was possible to confirm … »

How to manage deadlines in agile environments? Get to know the Reality Check Tool

TL;DR: The Reality Check is an agile tool designed to check if a deadline is feasible given the project context. It works by formulating a hypothesis, which can be updated every week by the technical team, where we organize our demands and the weeks before the delivery date. It only requires a simple board – physical or … »