Ruby Meditation 21 in Kharkiv

Ruby Meditation 21 will take place in Kharkiv on Sat, April 14, 2018 at 11:00 AM EEST
02 April 2018   3194

At first in history, Ruby Meditation goes to Kharkiv! It will be hot. Join us in the delightful city Kharkiv, April 14!

Interesting talks, live discussion and awesome speakers. Friendly atmosphere, charming professionals and tasty lunch ;)

Planned talks

Tetiana Chupryna

Topic: "We're rewriting everything"

Tetiana Chupryna
Tetiana Chupryna

"Rewrite from scratch” is considered by many developers as an ultimate tool to fix problems with programs. However, what will happens if a team of a booming startup decide to put aside their code base and start with a fresh beginning? This talk is inspired by a true story. A story of success or failure, it’s up to you to decide.
 

Tetiana Chupryna

Ruby developer

Andrey Blazhey

Topic: "Peatio"

Andrey Blazhey
Andrey Blazhey

Create your platform for crypto trading. Features of the development and support of the platform. Connecting popular crypto currency.
 

Andrey Blazhey

Ruby/Node.js Developer

Victor Shepelev

Topic: "A tale of query languages. Is GraphQL The Chosen One?"

Victor Shepelev
Victor Shepelev

Should you switch to GraphQL today or avoid it as long as you can? How is GraphQL similar to guinea pig? Would it become even scarier than SOAP once was? What query languages prefer really huge data sources like OpenStreetMap? Answers to those and other questions, contrived examples, and shameless rants. Be prepared.
 

Victor Shepelev

Ruby developer

Maxim Goncharov

Topic: "Compromise Driven Development: The right way."

Maxim Goncharov
Maxim Goncharov

Every team often get some problems with implementation of selected solutions. In discussions, developers could find some compromise decision. But will this way be right?
 

Maxim Goncharov
Full-stack developer

Sergii Koba

Topic: "Ruby microservices with Docker"

Sergii Koba
Sergii Koba

Docker Compose infrastructure for Microservices. Multistage Docker images build for minimalistic Ruby images. Requests routing and interservice communication. ELK stack for logging microservices with ease.
 

Sergii Koba
Web Team Lead

Sponsors: Svitla, Aejis.

Share your positive experience and best practices on this Ruby Meditation #21. If you have any work issues you cannot solve, our community will gladly help you to find the best way out in live discussion at Lightning talks session. You may also try yourself as a speaker with a short 5-10 mins talk. Please, fill in the form.

Students. who interested in ruby and have a willingness to visit Ruby Meditation will get a discount 50% with promo code 'student'.

If you are a parent of a small baby (0-3) on maternity leave and you want to learn more about ruby development you can get a special discount for a ticket with promo code 'GrowWithYourKid'.

If you have any questions or suggestions, don't hesitate to contact us via cell phone: 099 202 63 08 or by email rubymeditation@gmail.com

Buy a ticket 

Ruby and Rails to Get New Updates

Six vulnerabilities in the RubyGems package management system are now fixed and three in Rails framework
14 March 2019   178

There are corrective versions of the Ruby 2.6.2 and 2.5.4 programming language, which eliminate six vulnerabilities in the RubyGems package management system:

  • CVE-2019-8324: the ability to execute code when installing an untested package (an attacker can place the code on the gemspec and this code will be executed via a call to eval to ensure_loadable_spec at the verification stage before installation);
  • CVE-2019-8320: the ability to delete directories through manipulations with symbolic links when unpacking tar files;
  • CVE-2019-8321: the ability to substitute escape sequences through the handler Gem :: UserInteraction # verbose;
  • CVE-2019-8322: the ability to substitute escape sequences through the command "gem owner";
  • CVE-2019-8323: Ability to substitute escape sequences in the API handler (Gem :: GemcutterUtilities # with_response);
  • CVE-2019-8325: The ability to substitute escape sequences through error handlers (Gem :: CommandManager # run calls alert_error without escaping characters).

In addition, an update was provided to the Rails 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2 framework. and 6.0.0.beta3 with the elimination of three vulnerabilities:

  • CVE-2019-5420 - potentially allows you to remotely execute your code on the server, when Rails is running in Development Mode. If there is information about the attacked application, you can predict the automatically generated mode token for developers, knowledge of which allows you to achieve the execution of your code;
  • CVE-2019-5418 is a vulnerability in the Action View that allows you to get the contents of arbitrary files from the server's file system by sending a specially crafted HTTP Accept header if the code in the "render file:" handler is present.
  • CVE-2019-5419 - DoS-vulnerability in Action View (MODULE / COMPONENT), allowing to achieve 100% load on the CPU through manipulations with the contents of the HTTP-header Accept;