---
title: 'This week in #dev (Aug 4, 2023)'
teaser: 'A guide on web security, DeMorgan Laws, force-pushing without losing your
  work, and more!

  '
tags: this week in dev,rails,ruby,git,til,tip,security,performance,mathematics
author: thoughtbot
published_on: 2023-08-16
---

Welcome to another edition of [This Week in #dev](https://thoughtbot.com/blog/tags/this-week-in-dev),
a series of posts where we bring some of the most interesting Slack conversations to the public.

## Learning DeMorgan Laws

[Matheus Richard] recommended using [DeMorgan Laws] to simplify boolean
operations or spot _wrong_ refactoring. He also shared a RailsConf talk by [Joël
Quenneville] about this very topic: [The Math Every Programmer Needs].

## Mozilla's Guide to Web Security

[Steve Polito] shared that Mozilla maintains a [guide on web security] which
provides information on how to protect websites from security threats. It covers
topics such as authentication, encryption, and secure coding. The guide has a
[web security cheat sheet] that is particularly useful!

## Glob Expansion On Rake Tasks

[Summer ☀️] shared a client's tip to use glob expansion on rake tasks. Here's an
example:

```sh
rake db:{drop,create,migrate,test:prepare}
# This is the same as:
rake db:drop db:create db:migrate db:test:prepare
```

## Optimizing Heavy Queries on Rails with `accessed_fields`

[Neil Carvalho] suggests using the [`accessed_fields` method] to help optimize
heavy queries on Rails when using `select`. This method returns all the database
fields that were read by an ActiveRecord model instance.

## Creating or Finding with Rails 6+

[Neil][neil carvalho] also shared Rails 6+'s [`create_or_find_by method`], which attempts
to create a record in the database and, if it fails, finds the record instead.

## The Benefits of Using `--force-with-lease`

[Jeanine Soterwood] advised a client to use git's [`--force-with-lease`] instead
of `--force` when pushing to a git branch, as it will not allow you to force
push if another developer has added other commits to the branch in the meantime.
She also mentioned that she uses `--force-with-lease` even when working on a feature branch by herself to make it a habit and avoid accidentally force-pushing over someone else's work when working together on a feature branch.

<aside class="info">
  <p>
    If you're using
    <a href="https://github.com/thoughtbot/dotfiles">
      thoughtbot's dotfiles
    </a>, there's a git alias for that. Oh My Zsh
    <a href="https://github.com/ohmyzsh/ohmyzsh/blob/master/plugins/git/git.plugin.zsh#L254-L258">
      also has them
    </a>, in case that's your thing.
  </p>
</aside>

## Thanks

This edition was brought to you by [Jeanine Soterwood], [Matheus Richard], [Neil
Carvalho], [Steve Polito], and [Summer ☀️]. Thanks to all contributors! 🎉

[Matheus Richard]: https://thoughtbot.com/blog/authors/matheus-richard
[DeMorgan Laws]: https://en.wikipedia.org/wiki/De_Morgan%27s_laws
[Joël Quenneville]: https://thoughtbot.com/blog/authors/joel-quenneville
[The Math Every Programmer Needs]: https://www.youtube.com/watch?v=wzYYT40T8G8
[Summer ☀️]: https://thoughtbot.com/blog/authors/summer
[steve polito]: https://thoughtbot.com/blog/authors/steve-polito
[guide on web security]: https://infosec.mozilla.org/guidelines/web_security
[web security cheat sheet]: https://infosec.mozilla.org/guidelines/web_security#web-security-cheat-sheet
[`--force-with-lease`]: https://thoughtbot.com/blog/git-push-force-with-lease
[neil carvalho]: https://thoughtbot.com/blog/authors/neil-carvalho
[`accessed_fields` method]: https://api.rubyonrails.org/classes/ActiveRecord/AttributeMethods.html#method-i-accessed_fields
[`create_or_find_by method`]: https://api.rubyonrails.org/classes/ActiveRecord/Relation.html#method-i-create_or_find_by
[Jeanine Soterwood]: https://thoughtbot.com/blog/authors/jeanine-soterwood