Security - Giant Robots Smashing Into Other Giant Robots

- All Topics
- Design
- Development
- Product
- More topics
This week in #dev (Jan 24, 2025)

Avoiding ReDoS attacks, using Active Resource in modern Rails, and how to improve flaky tests with Playwright.
thoughtbot
February 3, 2025
- This Week In Dev
- TIL
- Security
- Testing
- Rails
Why should I avoid regular expressions?

Regular expressions are wondrous, but they’re ill-suited for many tasks; parsers are often more reliable.
Summer ☀️
December 13, 2024
- Regex
- Ruby
- Security
- Web
Use Inline Email Attachments for Images

In outgoing email messages, include images as inline attachments instead of as external images for privacy, resilience, and security.
Summer ☀️
March 14, 2024
- Action Mailer
- Rails
- Email
- Images
- Web
- Privacy
- Security
Rails advanced routing constraints

Learn how to authorize requests at the routing layer to improve security and ergonomics.
Steve Polito
January 25, 2024
- Rails
- Ruby
- Web
- Security
- Routes
This week in #dev (Aug 4, 2023)

A guide on web security, DeMorgan Laws, force-pushing without losing your work, and more!
thoughtbot
August 16, 2023
- This Week In Dev
- Rails
- Ruby
- Git
- TIL
- Tip
- Security
- Performance
- Mathematics
Are you absolutely sure your Rails caching strategy isn't leaking sensitive information?

Rails writes a new cache entry based on the first request. But what happens when that request is from an admin?
Steve Polito
July 26, 2023
- Rails
- Ruby
- Web
- Security
This week in #dev (Jul 14, 2023)

Lots of Active Record goodies, VS Code features, and a Heroku CLI extension.
thoughtbot
July 25, 2023
- This Week In Dev
- Rails
- Vs Code
- Security
- Heroku
Switching from ENV files to Rails Credentials

A little bit of my struggles with ENV files throughout the years, and hopefully a better solution.
Marina Joranhezon
March 29, 2022
Security: Start today

Simple actions can make a big difference in Security. What can we do today to make our lives safer?
Matheus Richard
January 24, 2022
- Beginner
- Security
Why remove user tracking?

Individual tracking has been removed from thoughtbot.com. Learn more about why and how we made this change.
Chad Pytel and Lindsey Christensen
January 12, 2021
Sign up to receive a weekly recap from thoughtbot

Your email address

Looking for even more ways to stay connected?

Check out our feeds

Sign up to receive a weekly recap from thoughtbot