Bootstrap 3 support for Simple Form

Apr 14, 2014

We just released Simple Form 3.1.0.rc1 with support to Bootstrap 3. To make it possible, we leveled up the Wrapper API to make it more extensible and to allow developers to directly configure it instead of relying on global state. After such improvements, it was very easy to change the Simple Form configuration to work … »

Tags: bootstrap, rails, simple_form, Posted in English, 5 Comments »

3 features from Rails 4.1 that I’m excited about

Apr 8, 2014

Written by Lucas Mazza.

Rails 4.1 was just released this week and I already had a great experience trying out the release candidates on my latest project, so I decided to write a bit about my favorites features on this release and some things I have learned by using them so far. 1) secrets.yml Placing your configuration in a … »

Tags: rails, rails 4.1, ruby, Posted in English, Comments Off on 3 features from Rails 4.1 that I’m excited about

Devise 3.1: Now with more secure defaults

Aug 13, 2013

Written by José Valim.

We are glad to announce that Devise 3.1.0.rc is out. On this version, we have focused on some security enhancements regarding our defaults and the deprecation of TokenAuthenticatable. This blog post explains the rationale behind those changes and how to upgrade. Devise 3.1.0.rc runs on both Rails 3.2 and Rails 4.0. There is a TL;DR … »

Tags: devise, rails, security fix, Posted in English, 6 Comments »

CSRF token fixation attacks in Devise

Aug 2, 2013

Written by José Valim.

Devise has been reported to be vulnerable to CSRF token fixation attacks. The attack can only be exploited if the attacker can set the target session, either by subdomain cookies (similar to described here) or by fixation over the same Wi-Fi network. If the user knows the CSRF token, cross-site forgery requests can be made. … »

Tags: devise, rails, security fix, Posted in English, Comments Off on CSRF token fixation attacks in Devise

Active Record scopes vs class methods

Feb 7, 2013

Written by Carlos Antônio.

One of the recent topics in our discussions at Plataformatec was about whether we should use scopes or class methods throughout the project to be consistent. It’s also not hard to find discussions about it all over the internet. This is an attempt to show the differences between scopes and class methods, to help you understanding what scopes can give you for free and deciding what makes you feel more comfortable when writing your code.

Tags: activerecord, rails, rails 3.2, rails 4, scopes, Posted in English, 18 Comments »

Carlos Antonio da Silva joins the Rails Core team \o/

Jan 3, 2013

Written by Marcelo Park.

We cannot express how excited we are with such great news. In our last blog post we were celebrating Rafael’s achievement and just a few months later we are celebrating again. Years ago, having three Plataformatec teammates as Rails Core members would be something we’d only dream of, but in 2012 it became reality. I must say that it didn’t happen by chance, not at all.

Tags: culture, great work, rails, rails core, Posted in English, 6 Comments »

Posts tagged "rails"