The Phusion founders’ PGP keys have been updated

Posted 5 months back at Phusion Corporate Blog

Phusion takes security very seriously. This is why we strongly believe in protecting the authenticity and integrity of our communications and our software, and why we employ the use of PGP digital signatures. Using our PGP keys, you can verify the authenticity and integrity of all emails and files that we publish to you or to the world. All software releases that we make are signed with one of our PGP keys.

The founders’ keys have changed

As Phusion’s founders, we – Hongli Lai and Ninh Bui – have our own personal PGP keys as well, which we use to encrypt or sign some of our emails and git commits. We’ve recently run a security audit and noticed that our PGP keys are no longer deemed as secure as they should be. The keys that we’ve been using until today were made back in 2009, but the recommended algorithms and key sizes in 2014 are quite different from what they were 5 years ago. For this reason, we’ve decided to revoke our old keys and to create new ones, with stronger security settings.

Nothing has been compromised. We are simply renewing our keys as a precaution.

Effective immediately, our new PGP keys are as follows:

  • Hongli Lai (hongli@phusion.nl)
    Short key ID: 8C59158F
    Long key ID: CD70085E8C59158F
    Fingerprint: 218A 7255 83D0 2ECE F3A9 C2A7 CD70 085E 8C59 158F
  • Ninh Bui (ninh@phusion.nl)
    Short key ID: 69481265
    Long key ID: AE405F7869481265
    Fingerprint: A77C 9CEF 766D 0E7D A95B 8778 AE40 5F78 6948 1265

If you had our old keys in your keyring, please update them so that you see the revocations:

gpg --refresh-keys --keyserver pool.sks-servers.net
# -OR-
gpg --refresh-keys --keyserver keyserver.ubuntu.com

No effect on the signatures of our file releases

Please note that Phusion’s software releases and Ruby gems are not signed with our personal keys. Instead, they’re signed with the Phusion Software Signing key, which is still considered strong enough.

Our git commits, though, are often signed with our personal keys.

If you’re using Phusion Passenger, we strongly recommend you to cryptographically verify every release. The Phusion Passenger documentation contains comprehensive instructions that explains how you can verify our tarballs, Ruby gems, Git commits and more.

Onward and upwards!

With kind regards,
Hongli Lai
Ninh Bui

Episode #451 - March 25th, 2014

Posted 5 months back at Ruby5

Aimee and Carlos talk about Postgres & jsonb, Cucumber JVM, Rails remote factories, and deploying to OpenShift on today's episode of Ruby5.

Listen to this episode on Ruby5

Sponsored by ElixirSips

If you're interested in learning Elixir, but don't know where to start, then elixirsips.com is perfect for you. It's two short screencasts each week - between 5 and 15 minutes each. ElixirSips currently consists of over 7 hours of densely packed videos, and there are more every week.
This episode is sponsored by ElixirSips.com

PostgreSQL introduced jsonb

Oleg Bartunov has recently announced Postgres' support for jsonb, a binary JSON data type. This should come as great news for Ruby developers, since lots of us choose PostgreSQL as our database of choice. This feature is super new, and it's currently only available on the 9.4 development version of Postgres.
PostgreSQL introduced jsonb

Cucumber JVM 1.1.6

Aslak Hellesoy announced yesterday that version 1.1.6 of Cucumber-JVM has been released. Cucumber JVM is the pure Java implementation of Cucumber, with support for languages that run on the Java Virtual Machine. This new version includes over 40 bugfixes and improvements. The most significant improvements are on the areas of DataTable API, performance, concurrency and Android support. Check out the github repo for a full list of what's changed in the 1.1.6 version of Cucumber JVM.
Cucumber JVM 1.1.6

Offshore: Rails Remote Factories

The folks at TaskRabbit just released Offshore, a gem that allows you to use factories from your central application in another application’s test suite. In addition to that, a normal test suite has factories and/or fixture data and it uses database transactions to reset the data for every test, and Offshore brings this to the SOA world by handling the rollback between tests for you.
Offshore: Rails Remote Factories

Deploying to OpenShift

Ramesh Jha recently wrote a blog post on how to deploy a Rails application to OpenShift. OpenShift is an open source Platform-As-A-Service solution from RedHat. It's kind of like Heroku, as it allows you to easily manage apps without any hassle, but with OpenShift, you can install it on your server and create your own sort of private cloud.
Deploying to OpenShift

Thank You for Listening to Ruby5

Ruby5 is released Tuesday and Friday mornings. To stay informed about and active with this podcast, we encourage you to do one of the following:

Thank You for Listening to Ruby5

Introducing Lotus::View

Posted 5 months back at Luca Guidi - Home

The missing part of all the Ruby web frameworks is the distinction between views and templates. A view is an object that encapsulates the presentation logic of a page. A template is a file that defines the semantic and visual elements of a page. In order to show a result to an user, a template must be rendered by a view.

Keeping things separated, helps to declutter templates and models from presentation logic. Also, since views are objects they are easily testable. If you ever used Mustache, you are already aware of the advantages.

Lotus::View is based on these simple concepts.

Views

Here how a view looks like:

require 'lotus/view'

module Articles
  class Index
    include Lotus::View
  end
end

This syntax follows the Lotus philosophy: include a module that injects a minimal interface. Before to illustrate how to use a view, I’d like to talk about a few conventions:

* Templates are searched under Lotus::View.root, set this value according to your app structure (eg. "app/templates"). * A view will look for a template with a file name that is composed by its full class name (eg. "articles/index"). * A template must have two concatenated extensions: one for the format one for the engine (eg. ".html.erb"). * The framework must be loaded before to render for the first time: Lotus::View.load!.

Usage

Suppose that we want to render a list of articles:

require 'lotus/view'

module Articles
  class Index
    include Lotus::View
  end
end

Lotus::View.root = 'app/templates'
Lotus::View.load!

path     = Lotus::View.root.join('articles/index.html.erb')
template = Lotus::View::Template.new(path)
articles = ArticleRepository.all

Articles::Index.new(template, articles: articles).render

While this code is working fine, it’s inefficient and verbose, because we are loading a template from the filesystem for each rendering attempt. Also, this is strictly related to the HTML format, what if we want to manage other formats?

require 'lotus/view'

module Articles
  class Index
    include Lotus::View
  end

  class AtomIndex < Index
    format :atom
  end
end

Lotus::View.root = 'app/templates'
Lotus::View.load!

articles = ArticleRepository.all

Articles::Index.render(format: :html, articles: articles)
  # => This will use Articles::Index
  #    and "articles/index.html.erb"

Articles::Index.render(format: :atom, articles: articles)
  # => This will use Articles::AtomIndex
  #    and "articles/index.atom.erb"

Articles::Index.render(format: :xml, articles: articles)
  # => This will raise a Lotus::View::MissingTemplateError

First of all, we are preloading templates according to the above conventions, they are cached internally for future use. This is a huge performance improvement.

A view is able to understand the given context and decide if render by itself or delegate to a subclass.

All the objects passed in the context are called locals, they are available both in the view and in the template:

require 'lotus/view'

module Articles
  class Show
    include Lotus::View

    def authors
      article.map(&:author).join ', '
    end
  end
end
<h1><%= article.title %></h1>
<article>
  <%= article.content %>
</article>

All the methods defined in the view are accessible in the template:

<h2><%= authors %></h2>

Custom rendering

Since a view is an object, you can override #render and provide your own rendering policy:

require 'lotus/view'

module Articles
  class Show
    include Lotus::View
    format :json

    def render
      ArticleSerializer.new(article).to_json
    end
  end
end

Articles::Show.render({format: :json, article: article})
  # => This will render from ArticleSerializer,
  #    without the need of a template

Other features

Lotus::View supports countless rendering engines, layouts, partials and it has lightweight presenters. They are explained in detail in the README and the API documentation.

Roadmap

As part of the Lotus roadmap, I will open source a framework each month. On April 23rd I will release Lotus::Model.

To stay updated with the latest releases, to receive code examples, implementation details and announcements, please consider to subscribe to the Lotus mailing list.

<link href="//cdn-images.mailchimp.com/embedcode/slim-081711.css" rel="stylesheet" type="text/css"/>

Episode #450– March 21st, 2014

Posted 5 months back at Ruby5

Ruby Tricks, Prawn Release, How the Bundler API works

Listen to this episode on Ruby5

Sponsored by NewRelic

New Relic, CEO Lew Cirne made what he believes is New Relic’s biggest and most exciting announcement since the company was founded in 2008: the launch of New Relic Insights.
NewRelic

Nobody Knows Ruby

Arne Brasseur gave a great lightning talk at wroc love rb entitled Nobody Knows Ruby
Nobody Knows Ruby

The New Rubygems Index Format

Andre Arko posted an update on The New Rubygems Index Format
The New Rubygems Index Format

Rails Girls Summer of Code 2014

Rails Girls Summer of Code 2014 is now open. After their successes last summer they are going to do it again. If you run an Open Source project they would love to help you this summer
Rails Girls Summer of Code 2014

Ruby Command Line Interface Gems

Jesse Herrick has written up a summary of Ruby Command Line Interface Gems
Ruby Command Line Interface Gems

Ruby5

Thank you for listening to Ruby5. Be sure to tune in every Tuesday and Friday for the latest news in the Ruby and Rails community.
Ruby5

Prawn 1.0 is finally here

The current team says their history is long and complicated, but the basic story is that Prawn is a very powerful but unwieldy ball of legacy code that they've been trying to rebuild from the inside out for many years now.
Prawn 1.0 is finally here

Knowledge Base Only

Posted 5 months back at entp hoth blog - Home

Howdy!

While Tender is a great support platform, sometimes all you need is a simple Knowledge Base. So we just deployed an option to do just that. You can find out more in the knowledge base article.

Cheers!

Library, Bologna, Italy

Posted 5 months back at omg blog!! lol!!



Library, Bologna, Italy

Turquoise, Lake Sauris, Friuli, Italy

Posted 5 months back at omg blog!! lol!!



Turquoise, Lake Sauris, Friuli, Italy

Ancient House, Brittany, France

Posted 5 months back at omg blog!! lol!!



Ancient House, Brittany, France

Episode #449– March 18th, 2014

Posted 5 months back at Ruby5

Business time features, Rails is half your app, Rake rule tasks, Polymorphism, Hash Selectors and Rails 4.0.4 released all on today's Ruby 5.

Listen to this episode on Ruby5

Sponsored by Top Ruby Jobs

If you're looking for a top Ruby job or for top Ruby talent, then you should check out Top Ruby Jobs. Top Ruby Jobs is a website dedicated to the best jobs available in the Ruby community.
This episode is sponsored by Top Ruby Jobs

Experimental Features for business hours only.

This week David Celis at New Relic wrote about how his team uses business hours feature flags for new features in production.
Experimental Features for business hours only.

Rails is Half Your App

Marcin Kulik recently sent a blog post entitled “Rails is half of your application”.. Where he explains that there are two parts of your application, the part that only works inside Rails and the part that is independent of Rails.
Rails is Half Your App

Rake Rule Tasks

This week our very own Jacob Swanner wrote about how create “rule” tasks in rake.
Rake Rule Tasks

Back to Basics: Polymorphism

If you’re not familiar with all the different ways that Ruby can be Polymorphic, you definitely should check out Britt Ballard’s post on the Thoughtbot blog.
Back to Basics: Polymorphism

Hash Selector Pattern

Zack Siri wrote to us this week to let us know about a pattern in ruby he’s found helpful he even recorded a screencast and wrote up a blog about it. He’s calling it the Hash Selector Pattern.
Hash Selector Pattern

Rails 4.0.4 released

Last Thursday Rails 4.0.4 was released.
Rails 4.0.4 released

Thank You for Listening to Ruby5

Ruby5 is released Tuesday and Friday mornings. To stay informed about and active with this podcast, we encourage you to do one of the following:

Thank You for Listening to Ruby5

Narrow Street, Dodecanese Islands, Greece

Posted 5 months back at omg blog!! lol!!



Narrow Street, Dodecanese Islands, Greece

Phusion Passenger 4.0.39 released

Posted 5 months back at Phusion Corporate Blog

Phusion Passenger is a fast and robust web server and application server for Ruby, Python, Node.js and Meteor. Passenger takes a lot of complexity out of deploying web apps, and adds powerful enterprise-grade features that are useful in production. High-profile companies such as Apple, New York Times, AirBnB, Juniper, American Express, etc are already using it, as well as over 350.000 websites.

Phusion Passenger is under constant maintenance and development. Version 4.0.39 is a bugfix release.

Phusion Passenger also has an Enterprise version which comes with a wide array of additional features. By buying Phusion Passenger Enterprise you will directly sponsor the development of the open source version.

Recent changes

  • Fixed a crash that could happen if the client disconnects while a chunked response is being sent. Fixes issue #1062.
  • In Phusion Passenger Standalone, it is now possible to customize the Nginx configuration file on Heroku. It is now also possible to permanently apply changes to the Nginx configuration file, surviving upgrades. Please refer to the "Advanced configuration" section of the Phusion Passenger Standalone manual for more information.
  • The programming language selection menu in passenger-install-apache2-module and passenger-install-nginx-module only works on terminals that support UTF-8 and that have a UTF-8 capable font. To cater to users who cannot meet these requirements (e.g. PuTTY users using any of the default Windows fonts), it is now possible to switch the menu to a plain text mode by pressing ‘!’. Fixes issue #1066.
  • Fixed printing UTF-8 characters in log files in Phusion Passenger Standalone.
  • It is now possible to dump live backtraces of Python apps through the ‘SIGABRT’ signal.
  • Fixed closing of file descriptors on OS X 10.9.
  • Fixed compilation of native_support on Rubinius.

Installing or upgrading to 4.0.39

OS X OS X Debian Debian Ubuntu Ubuntu
Heroku Heroku Ruby gem Ruby gem Tarball Tarball

Final

Fork us on Github!

Phusion Passenger’s core is open source. Please fork or watch us on Github. :)

<iframe src="http://ghbtns.com/github-btn.html?user=phusion&amp;repo=passenger&amp;type=watch&amp;size=large&amp;count=true" allowtransparency="true" frameborder="0" scrolling="0" width="170" height="30"></iframe><iframe src="http://ghbtns.com/github-btn.html?user=phusion&amp;repo=passenger&amp;type=fork&amp;size=large&amp;count=true" allowtransparency="true" frameborder="0" scrolling="0" width="170" height="30"></iframe><iframe src="http://ghbtns.com/github-btn.html?user=phusion&amp;type=follow&amp;size=large&amp;count=true" allowtransparency="true" frameborder="0" scrolling="0" width="190" height="30"></iframe>

If you would like to stay up to date with Phusion news, please fill in your name and email address below and sign up for our newsletter. We won’t spam you, we promise.



Blue Forest, United Kingdom

Posted 5 months back at omg blog!! lol!!



Blue Forest, United Kingdom

Mountain Top, Meteora, Greece

Posted 5 months back at omg blog!! lol!!



Mountain Top, Meteora, Greece

Snow Lanterns, West Village, New York City

Posted 5 months back at omg blog!! lol!!



Snow Lanterns, West Village, New York City

Forest Steps, Japan

Posted 5 months back at omg blog!! lol!!



Forest Steps, Japan