Ruby on Rails vs Node.js

Ruby on Rails or Node.js: what to choose to create a web application?
18 July 2017   4127
Ruby on Rails

Framework, written on Ruby programming language.

Compare Node.js and Ruby on Rails "face to face" will not work. Ruby on Rails is a framework, and what is Node js? This is a software platform that serves as the environment for executing JavaScript code. However, if we consider both solutions as a set of capabilities and tools that they can provide to the developer to create a full-fledged product, then we can draw some analogies. It is in this vein that we will compare these platforms in the article. You can have more info about Ruby on Rails at this article.

Ruby on Rails code example
Ruby on Rails code example

So, let compare Ruby on Rails vs Node.js.

Accessibility for beginners

Node.js can be learned more quickly, because It uses JavaScript. And this language is known for its rather low entry threshold. In addition, frontend developers face JS more often. Therefore, many developers can already have a base to begin learning the basics of Node.

A programmer who has learned Ruby "in passing" on a level sufficient for mastering Rails is a rarity. Usually, if someone writes in this language, he studies it purposefully. Ruby, though it has built-in useful methods for dates, strings, arrays and other elements, can still scare away with more complex syntax.

Performance

The V8 engine running Node.js shows excellent speed results. Ruby is a slow language, and Rails does nothing to increase productivity, inheriting all the problems of the parent. When developing a small application, it is most likely not affected.

Node.jsNode.js

But as soon as there is a certain load on the project, the speed of Node.js will become noticeable. Its non-blocking architecture, built on the use of callback, performs well under concurrency when it is necessary to handle a lot of I / O operations.

Libraries

For more than ten years, Ruby on Rails framework has managed to develop almost all necessary plug-ins and extensions, which not only simplify the work, but also guarantee the absence of problems with their use. For such a long time, all the critical errors and imperfections of the functional have long been found and corrected.

Node.js is actively developing, and therefore not all libraries and additions have taken their final form and often conflict with each other. Yes, they can be easily installed with the help of a convenient NPM package manager, but, unfortunately, he does not insure against errors.
Using JavaScript frameworks like Sails.js or Kraken.js does not help much. Although they are trying to conceptually resemble Rails, they still lack the magic and gems of this framework.

Other features

  • Node.js is an asynchronous platform, which provides an excellent query processing speed. However, this same feature complicates the debugging of JavaScript code. Ruby is a classic multithreaded language, and it lacks this disadvantage.
  • Rails immediately uses MVC and offers a set of necessary functions for development. Pure Node.js does not have these advantages, the use of Express.js even though it makes it possible to use the "model-controller-view" model, still does not allow to achieve RoR flexibility. On the other hand, the way to solve a problem in Ruby on Rails is not always obvious and is hidden behind the abundance of gems and magic. Node.js will show exactly what you wrote, with a minimum of distortion.

Technical documentation and community

JavaScript is one of the most fashionable languages ​​of recent years. Therefore Node.js can be found in very different projects: web applications, messaging systems, CRM-systems, sometimes even on usual sites. Thanks to this, a large circle of developers actively engaged in the development of the language has formed around it. To the platform itself is excellent documentation, but the comments and details of the use of some not very popular libraries may not be enough.

Ruby - this is a fairly long-established community. Rails is the most popular framework for this language, so it's easy to find information on it. In addition, RoR has a detailed technical background, and gems are usually accompanied by detailed developer and community comments.

Final comparison of Ruby on Rails and Node.js

Node.js Ruby on Rails
Development platform Framework
Easy-to learn, based on popular JavaScript  More complicated syntax and the needs to learn from the scratch
High performance Lower performance
Big selection of libraries, but not all of them are equally reliable and compatible Many ready-made add-ons with detailed descriptions and comments
Using an asynchronous programming language Using a multithreaded programming language
Detailed documentartion on Node.js itself, but less detailed about add-ons Formed community and documentation around the framework and add-ons to it.

What technology do you like more?

Node.js and Ruby on Rails are popular programming best on JavaScript and Ruby. Each of them has strong and weak sides. In your opinion, what technology is more perspective and interesting? Maybe, you have a real-work experience with one or both of them? Please, share your opinion!

Ruby on Rails
54% (25 votes)
Node.js
46% (21 votes)
Total votes: 46

Ruby and Rails to Get New Updates

Six vulnerabilities in the RubyGems package management system are now fixed and three in Rails framework
14 March 2019   620

There are corrective versions of the Ruby 2.6.2 and 2.5.4 programming language, which eliminate six vulnerabilities in the RubyGems package management system:

  • CVE-2019-8324: the ability to execute code when installing an untested package (an attacker can place the code on the gemspec and this code will be executed via a call to eval to ensure_loadable_spec at the verification stage before installation);
  • CVE-2019-8320: the ability to delete directories through manipulations with symbolic links when unpacking tar files;
  • CVE-2019-8321: the ability to substitute escape sequences through the handler Gem :: UserInteraction # verbose;
  • CVE-2019-8322: the ability to substitute escape sequences through the command "gem owner";
  • CVE-2019-8323: Ability to substitute escape sequences in the API handler (Gem :: GemcutterUtilities # with_response);
  • CVE-2019-8325: The ability to substitute escape sequences through error handlers (Gem :: CommandManager # run calls alert_error without escaping characters).

In addition, an update was provided to the Rails 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2 framework. and 6.0.0.beta3 with the elimination of three vulnerabilities:

  • CVE-2019-5420 - potentially allows you to remotely execute your code on the server, when Rails is running in Development Mode. If there is information about the attacked application, you can predict the automatically generated mode token for developers, knowledge of which allows you to achieve the execution of your code;
  • CVE-2019-5418 is a vulnerability in the Action View that allows you to get the contents of arbitrary files from the server's file system by sending a specially crafted HTTP Accept header if the code in the "render file:" handler is present.
  • CVE-2019-5419 - DoS-vulnerability in Action View (MODULE / COMPONENT), allowing to achieve 100% load on the CPU through manipulations with the contents of the HTTP-header Accept;