Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Making it on your own and the pitfalls of gem dependencies by Nikki Murray and Maggie Epps Putting "require '[gem name]'" at the top of your Ruby file and running 'gem install' or 'bundle install' can be an easy way to solve a difficult problem. But you could be potentially adding hundreds of lines of code you didn't write or read, for only half a of a fix. Did the gem actually solve your problem or is it just an approximate solution? How much research did you do on that gem first? Are there hidden security risks in it? In this talk, you will learn how to evaluate gems for fit, figure out when it makes more sense to write your own, and how to go about writing your own. Help us caption & translate this video! http://amara.org/v/H0c0/
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
In the video titled *Making it on your own and the pitfalls of gem dependencies*, speakers Nikki Murray and Maggie Epps share insights from their experiences as former social workers turned software developers working in a consultancy. They emphasize the importance of properly assessing specific needs before integrating any Ruby gems into a project. **Key Points Discussed:** - **Introduction to Gems**: Gems can be convenient for addressing common programming problems swiftly, promoting code sharing among developers, but misuse can occur when there is a lack of understanding of their implications. - **Importance of Assessment**: The speakers argue that a thorough needs assessment is crucial before blindly opting for a gem. It involves gathering input from all stakeholders—users, designers, marketers—to ensure the right gem is chosen. They assert that assessment should be dynamic and responsive, taking into account all perspectives and potential edge cases. - **Risks of Gem Misuse**: They detail the potential risks of over-relying on gems, which include introducing unnecessary complexity, security vulnerabilities, and unknown dependencies. The speakers highlight that about 66% of gems could have vulnerabilities in their versions. Examples include performance issues like memory leaks associated with commonly used gems. - **Maintaining Gems**: When considering a gem, its maintenance status, community involvement, and documentation quality are vital. They encourage developers to actively read source code and test cases to ensure reliability and partial solutions don’t become roadblocks. - **Building Custom Solutions**: If existing gems do not fulfill specific requirements, the presenters recommend a methodology for creating custom solutions: overcome initial hurdles, assess the problem, conduct research, build and maintain the solution. They stress the need for thorough documentation and evaluating whether the new code could be beneficial for broader use in the community. - **Final Reflections**: Murray and Epps conclude by encouraging developers to reflect on their choices critically, even when using popular gems. They suggest that sometimes simpler, tailor-made solutions can be beneficial and could avoid the pitfalls associated with complex, ready-made gems. **Conclusions**: The primary takeaway from this talk is the necessity for developers to critically evaluate their needs and the resources they adopt, ensuring thoughtful integration of gems into their projects, or opting to craft customized solutions when appropriate.
Suggest modifications
Cancel
