Personally, I'm starting to think that the feature where it automatically adds xray.js to the document is more trouble than it's worth. I propose that we remove that automatic feature and just make it part of the install instructions that you need to add this line to your template/layout: <%= javascript_include_tag 'xray', nonce: true if Rails.env.development? %>

Now that I've thought more about it, I honestly think the auto-adding the script feature is overrated, over-complicated, and error-prone (#98, #100), and I propose we just remove it (#110).

now that I've thought more about it, I think the auto-adding the script feature is overrated, over-complicated, and error-prone (#100), and ought to just be removed (#110).

now that I realize how easy it is to just manually include this in my app: <%= javascript_include_tag 'xray', nonce: true if Rails.env.development? %> I regret even wasting my time getting it to automatically look for and add a nonce to the auto-injected xray.js script

This is failing CI because CI is testing against Rails < 6. I think the appropriate next steps are: Open a separate PR to add Rails 6 to the CI matrix Update this PR to only run CSP-related test code for Rails >= 6.0.0 Can you help with either or both of those?

At work, we often mention "throwing something over the fence" and "wrong rock" so there is (to us) a proverbial fence and a proverbial wrong rock.

Keeping bootstrap-sass in sync with upstream changes from Bootstrap used to be an error prone and time consuming manual process. With Bootstrap 3 we have introduced a converter that automates this.

For example, what if your site has a customer interface and an “admin” interface? If the two have totally different designs and features, then it might be considerable overhead to ship the entirety of the admin interface to every customer on the regular site.

Before we get into what the manifest.js does, let’s look at what it is replacing.

Have you ever felt like a framework was getting in the way instead of helping you go faster? Maybe you’re stuck on some simple task that would be easy to do manually, but your framework is making you jump through configuration hoops. I end up getting lost in a sea of documentation (or no documentation), and the search for that one magical config key takes just a tad bit too long. It’s a productivity sink, and worse than the time delay it adds to my frustration throughout the day.

In order to invoke, or run

A task is often called step.

In other words: the controllers usually contain only routing and rendering code and dispatch instantly to a particular operation/activity class.

They help streamlining the control flow, and take away control code while providing you with an incredibly cool developer experience.

found that using only the Pascal-provided control structures, the correct solution was given by only 20% of the subjects, while no subject wrote incorrect code for this problem if allowed to write a return from the middle of a loop.

Let’s start with the same number dividing example, which returns 0 when the error happens. Maybe instead we can indicate that the result was not successful without any explicit numerical value?

You can use container values, that wraps actual success or error value into a thin wrapper with utility methods to work with this value. That’s exactly why we have created @dry-python/returns project. So you can make your functions return something meaningful, typed, and safe.

Not all cases can be covered and easily restored. And sometimes when we will reuse this function for different use-cases we will find out that it requires different restore logic.

You still need to have a solid experience to spot these potential problems in a perfectly readable and typed code.

So, the sad conclusion is: all problems must be resolved individually depending on a specific usage context. There’s no silver bullet to resolve all ZeroDivisionErrors once and for all. And again, I am not even covering complex IO flows with retry policies and expotential timeouts.

despite initially appearing to be an appropriate and effective response to a problem, has more bad consequences than good ones

I'm not a fan of listing exceptions functions can throw, especially here in Python, where it's easier to ask forgiveness than permission.

Make your functions return something meaningful, typed, and safe!

can transform monadic values m a applying f to the unwrapped value a

procedure to wrap values of any basic type within the monad (yielding a monadic value)

Supporting languages may use monads to abstract away boilerplate code needed by the program logic.

Another solution is using the Safe Navigation Operator &. introduced in Ruby 2.3 which is a bit better because this is a language feature rather than an opinionated runtime environment pollution

I want to emphasize that Result is just an alternative name for the Either monad.

it is inconvenient to write specific implementations for each datatype contained, especially if the code for each datatype is virtually identical. For example, in C++, this duplication of code can be circumvented by defining a class template

An operation has two invocation styles. This is the only difference to an Activity.

Instead of dealing with a mix of before_filters, Rack-middlewares, controller code and callbacks, an endpoint is just another activity and allows to be customized with the well-established Trailblazer mechanics.

Endpoint is the missing link between your routing (Rails, Hanami, …) and the “operation” to be called. It provides standard behavior for all cases 404, 401, 403, etc and lets you hook in your own logic like Devise or Tyrant authentication, again, using TRB activity mechanics.

What this means is: I better refrain from writing a new book and we rather focus on more and better docs.

Using a terminus to indicate a certain outcome - in turn - allows for much stronger interfaces across nested activities and less guessing! For example, in the new endpoint gem, the not_found terminus is then wired to a special “404 track” that handles the case of “model not found”. The beautiful thing here is: there is no guessing by inspecting ctx[:model] or the like - the not_found end has only one meaning!

A major improvement here is the ability to maintain more than two explicit termini. In 2.0, you had the success and the failure termini (or “ends” as we used to call them). Now, additional ends such as not_found can be leveraged to communicate a non-binary outcome of your activity or operation.

The new 2.1 version comes with a few necessary but reasonable changes in method signatures. As painful as that might sound to your Rails-spoiled ears, we preferred to fix design mistakes now before dragging them on forever.

To make it short: we returned to the Rails Way™, lowering our heads in shame, and adhere to the Rails file and class naming structure for operations.

It’s so simple that I sometimes wonder why it took years to develop it!

There is nothing wrong with building your own “service layer”, and many companies have left the Traiblazer track in the past years due to problems they had and that we think we now fixed.

They fail to recognize the value of an initial investment of time in future productivity.

Why is TRB licensed under LGPL, not MIT?

In Trailblazer, models are completely empty. They solely contain associations and finders. No business logic is allowed in models.

While Trailblazer offers you abstraction layers for all aspects of Ruby On Rails, it does not missionize you. Wherever you want, you may fall back to the "Rails Way" with fat models, monolithic controllers, global helpers, etc. This is not a bad thing, but allows you to step-wise introduce Trailblazer's encapsulation in your app without having to rewrite it.

bird counts across the United States have fallen a staggering 29 percent in the last 50 years

In any case signal handling in shells is one of the least reliable and portable aspects. You'll find behaviours vary greatly between shells and often between different versions of a same shell. Be prepared for some serious hair pulling and head scratching if you're going to try to do anything non-trivial.

Check yourself some shell-sources.

If interested, you can check the plain old /bin/sh signal handling in the source code here.

Also, this code will fail if $$ is not the process group leader, such as when the script is run under strace. Since a call to setsid(2) is probably tricky from a shell script, one approach might be to ps and obtain the process group ID from that.

you really need #!/bin/sh -m for correct behavior of nested subshells. fg, bg, and wait wont work correctly otherwise

A popular strategy for bootstrapping networks is what I like to call “come for the tool, stay for the network.” The idea is to initially attract users with a single-player tool and then, over time, get them to participate in a network. The tool helps get to initial critical mass. The network creates the long term value for users, and defensibility for the company.

In Ruby 3 we now have a “rightward assignment” operator. This flips the script and lets you write an expression before assigning it to a variable. So instead of x = :y, you can write :y => x

In this simple example, the destroy interaction doesn't do much. It's not clear that you gain anything by putting it in an interaction.

This is a breaking change so it'll have to go into a major release. I was working on a v4 release but it's too much. I think I'm going to pair it back and we can add this to the new v4. When I have that ready, I'll rebase the merge onto that branch.

No one has requested it before so it's certainly not something we're planning to add.

To give a little more context, structures like this often come up in my work when dealing with NoSQL datastores, especially ones that rely heavily on JSON, like Firebase, where a records unique ID isn't part of the record itself, just a key that points to it. I think most Ruby/Rails projects tend towards use cases where these sort of datastores aren't appropriate/necessary, so it makes sense that this wouldn't come up as quickly as other structures.

Learn more about how we made the decision to put our guidance in the public domain

In order to support easy reuse, revision, remixing, and redistribution, the entire Hypothesis Help knowledge base by Hypothesis is dedicated to the public domain via CC CC0 1.0. While we appreciate attribution and links back to Hypothesis from anywhere these works are published, they are not required.

I don't think seeing it in Rails PRs naturally means we should do it blankly. Put it another way, what's the justification in those PRs for doing it?

The main realization came when I figured out that the main_model was just another association. This means we can move a lot of logic to just that class and reason about it a lot better.

But ActiveModel doesn't support out of the box argument parsing, e.g. having a datetime attribute be a datetime attribute and a boolean attribute be a boolean attribute.

Examples of different ways of defining forms

The press release also quoted a UA assistant provost for institutional research who explained that while the swipes of student ID cards were not used in the current student retention analytics, about 800 other data points were

The researcher noted that the data she had used had been anonymized before she was given access to it—however, she added that if/when her research might inform the ongoing efforts to improve student retention, the student’s personal details would be “shared” with the students' academic advisers.

She then used that data to create large networks mapping which students interacted with one another and how often.

On the university’s website, a press release

At the University of Arizona, for example, a researcher analyzed the swipes of student ID cards at locations across campus, “to see what they reveal about students' routines and relationships, and what that means for their likelihood of returning to campus after their freshman year.”

We are still open to the idea but the implementation should leverage the attributes API introduced in Rails 5.2 in Active Model.

If you don't understand both sides of an issue, you cannot make an intelligent choice; in fact, if you don't understand all the ramifications of your actions, you're not designing at all. You're stumbling in the dark.

Stating that some language feature or common programming idiom (like accessors) has problems is not the same thing as saying you should never use them under any circumstances.

By the same token, marketing or political incentives often push design idioms

I think maybe the terms we're using are a bit confusing.

It makes me happy to see people actually think about things and not just accept a shitty API.

with ActiveForm-Rails, validations is the responsability of the form and not of the models. There is no need to synchronize errors from the form to the models and vice versa.

DSLs can be problematic for the user since the user has to manage state (e.g. am I supposed to call valid? first or update_attributes?). This is exactly why the #validate is the only method to change state in Reform.

The reason Reform does updating attributes and validation in the same step is because I wanna reduce public methods. This is to save users from having to remember state.

We think that, although Ruby is a great language for the backend, the view should be written in languages designed for that purpose, HTML and JavaScript.

As with other software patterns, MVC expresses the "core of the solution" to a problem while allowing it to be adapted for each system.

The Lord led me to a wonderful Christian ophthalmologist with unconventional methods of arresting the disease through diet alone and that has saved my sight.

These two mistakes, especially the second one, plant worries in your customers mind before they’ve even had time to think of them.

Stop warning people – no contract, no obligations, cancel anytime – companies can’t resist saying this on every pricing page but by using negative words they’re just putting ideas into people’s heads.

Let's face it, these days, if you want to socialize, you don't go out to the mall or the library, and it's a 50/50 shot if you even have anything resembling a town square. You go on the internet.

The Timeless Way of Building is the first in a series of books which describe an entirely new attitude to architec- ture and planning. The books are intended to provide a complete working alternative to our present ideas about ar- chitecture, building, and planning—~an alternative which will, we hope, gradually replace current ideas and practices,

Historical LowSteam on 2020-05-100% off$0.00

Yes, you do face difficult choices (moral) but you don't care about it. All you care are the reputation bars. So... Let's kill this guy, who cares if he is innocent, but this faction needs it or I'm dead. Sounds great on paper but to be honest... you just sit there and do whatever for these reputation bars. If you won't, then you lose

The press will tell you that "the concept" is great but the execution is bad. What should I tell you? The experience is shallow. The game is mediocre. But listen carefully, when a game is mediocre and can't even make you feel something then it's the worst kind of gaming. I will give it a 4 out of 10. You know, if this was a test in a school then this game should be marked D (someone answered a few questions, but overall missed the point). I understand that many people care about the "concept" of this game, but why if the experience is just... not here. I'm talking about the experience becaus We. The Revolution tried to be an actual experience. And it fails so badly.

the gameplay is meaningless and the devs just missed the point.

Unlike naming children, coding involves naming things on a daily basis. When you write code, naming things isn’t just hard, it’s a relentless demand for creativity. Fortunately, programmers are creative people.

Naming matters for both idealogical and practical reasons.

Naming is just one part of the micro-design activity that we call programming. If design weren’t hard, we wouldn’t find good design so satisfying.

I think you want a symbol with a circle around it, like the circle around the C in ©. That way the association with the copyright symbol is clear.

Now if you think about it, PJAX sounds a lot like Turbolinks. They both use JS to fetch server-rendered HTML and put it into the DOM. They both do caching and manage the forward and back buttons. It's almost as if the Rails team took a technique developed elsewhere and just rebranded it.

Our app is mostly about displaying pages of static information. We crunch a lot of data to generate a single error report page.

Honeybadger isn't a single page app, and it probably won't ever be. SPAs just don't make sense for our technical requirements.

It’s always about the money… Fish got’a swim, birds got’a fly, and development has to have money. If you think otherwise you’re a fool!

I recall that we wanted to reserve the right to make it more conservative in the future

Flexbox's strength is in its content-driven model. It doesn't need to know the content up-front. You can distribute items based on their content, allow boxes to wrap which is really handy for responsive design, you can even control the distribution of negative space separately to positive space.

Flexbox is for one dimensional layout (row or column). CSS grid is for two dimensional layout.

Although one thing you want to avoid is using frames in such a manner that the content of the site is in the frame and a menu is outside of the frame. Although this may seem convienient, all of your pages become unbookmarkable.

There is one situation where iframes are (almost) required: when the contents of the iframe is in a different domain, and you have to perform authentication or check cookies that are bound to that domain. It actually prevents security problems instead of creating them. For example, if you're writing a kind of plugin that can be used on any website, but the plugin has to authenticate on another domain, you could create a seamless iframe that runs and authenticates on the external domain.

Iframes can have similar issues as frames and inconsiderate use of XMLHttpRequest: They break the one-document-per-URL paradigm, which is essential for the proper functioning of the web (think bookmarks, deep-links, search engines, ...).

The most striking such issue is probably that of deep linking: It's true that iframes suffer from this to a lesser extent than frames, but if you allow your users to navigate between different pages in the iframe, it will be a problem.

never care and try to understand design standards

I normally try to figure out if that's a good solution for the problem before resorting to iframes. Sometimes, however, an iframe just does the job better. It maintains its own browser history, helps you segregate CSS styles if that's an issue with the content you're loading in.

Usually, if you can do it without an iframe, that is a better option. I'm sure others here may have more information or more specific examples, it all comes down to the problem you are trying to solve.

cultural capital

So what's the worst part? Well, if you're like most entrepreneurs, marketers, and salespeople... it's finding your potential clients' email addresses to reach them out. (Yawn... I almost fall asleep just writing about it.) You see, it's boring and time-consuming, you wish you could skip this part and go straight to the sales process.

What's the best part about running a business? You know, it's closing the deals and counting the money.

We don’t do politics, and we certainly don’t do religion. You’re bringing these here by using terms such as “politicians” or “evil”.

Ubuntu also supports ‘snap’ packages which are more suited for third-party applications and tools which evolve at their own speed, independently of Ubuntu. If you want to install a high-profile app like Skype or a toolchain like the latest version of Golang, you probably want the snap because it will give you fresher versions and more control of the specific major versions you want to track.

The Gmail Android app that comes pre-installed with most new Android phones contains a feature to access non-Google accounts using POP and IMAP. Unfortunately, emails accessed through this setup lack the embedded style (<style>) support as well as the support for background images.

Avec la construction de complexes tels que le Mirage (ouvert en 1989) et le Mandalay Bay (1999), l’architecture des casinos de Las Vegas s’est complètement écartée des formes des années 1950 et 1960, devenant encore plus spectaculaire.

George was seen as sharing the hardships of the common people and his popularity soared.

overflow-wrap: break-word; makes sure the long string will wrap and not bust out of the container. You might as well use word-wrap as well because as the spec says, they are literally just alternate names for each other. Some browsers support one and not the other.

definite good news, as it will hopefully have a ripple effect on crappy chipset makers, getting them to design and test their hardware with Linux properly, for fear of losing all potential business from Lenovo.

I suppose it means 2 things, first, you get official support and warranty, and second, the distros will be Secure Boot approved in the UEFI, instead of distro makers having to figuratively ask Microsoft for pretty please permission.

No, this is not a duplicate of that linked question. I don't need to know "why it's a snap". I want to know how to use it without snap.