Blog
Thoughts, tutorials, and insights on web development
What happens behind the scenes during gem install: automated scanning, risk scoring, retroactive scanning, incident response — and why companies should support RubyGems critical infrastructure.
Step-by-step guide to integrating bundler-audit, license_finder, and OSV Scanner into CI/CD pipelines — with YAML examples that block deployments until issues are fixed.
Why Rack::BodyProxy is fading out, how rack.response_finished delivers accurate post-response hooks with fewer allocations, and a step-by-step migration path for your middleware.
Forward-only migrations, expand–contract pattern, online DDL, dual-write models, monitoring, and disaster recovery — a practical guide to evolving Rails database schemas without downtime.
Learn how feature flags work, why they're needed, and how to implement them in your applications. Discover how to enable safe releases, quick rollbacks, A/B testing, and flexible configuration without code changes.
A comprehensive guide to Keycloak and identity federation, covering modern IAM, authentication functions, user experience, and security benefits.