00:00:17.560
Good morning, everybody! So, let's see. We posted the last couple of weeks, and we had questions from the community. We reached out and received about 40 questions. We have an hour, so I don’t think we’re going to get through all 40 questions, but we’ll do our best. Thank you, everyone, for being here bright and early. I hope you had a good time yesterday on your first day. Here’s how it’s going to work: I’ve kind of curated the questions and talked about different topics and themes that you were interested in. I’ve combined some questions a little bit, so if your name is not referenced, I apologize. I'm just trying to make sense of 40 questions for everybody. So, if everybody's ready, let's get into it.
00:01:02.680
Uh, also blue. That's great! David, do you disagree?
00:01:11.280
Yeah, I gotta be on Team Blue.
00:01:24.240
All right, this is going well! So, Dr. U, which part of the Rails codebase do you think is a must-read for every Rails developer?
00:01:31.360
I don’t think there’s any specific part that you absolutely must read. The part you should read is whenever you say, "Oh, this seems like magic." You absolutely need to examine it and realize that it’s not magic. You should just go read that.
00:01:42.720
Carlos, do you have anything more specific to say?
00:02:06.079
Yeah, I think the part that people usually use in all of their applications is the integration between controllers and views. So getting to know that a little bit better is a good place to start.
00:02:17.319
What about you, Aaron?
00:02:40.920
I think the number one thing you should read is the implementation of 42—what is that, R 42? Which library is that in?
00:03:01.760
That would be in Active Support.
00:03:08.360
A similar question came through from Anonymous. Is there a lesser-known Rails feature that you wish more developers were aware of?
00:03:36.599
I don’t think there’s anything specific that lots of people should know about but don’t. I think that it’s valuable that there are a lot of features that you only need to find when you need them. I hope that we hide away that complexity.
00:03:56.480
So something like composite primary keys is being better supported now in Rails 7.1. Hopefully, you’ll only come across it if you’re actually looking for it because most of the time, you shouldn’t be reaching for that as your default.
00:04:21.560
For those of you who don’t know what composite keys are, it’s okay. Everybody knows—great!
00:04:41.920
Also, there was a question that came in related to this. Matthew, you know, there are a lot of references to MySQL, and I know from running the Ruby on Rails survey every couple of years, PostgreSQL is far more popular and preferred, despite some of the legendary companies using MySQL.
00:05:06.160
So some people were curious, is there something wrong with PostgreSQL or is MySQL better? What’s your take on that, Matthew?
00:05:47.720
Yeah, I think it’s true that most of us work on MySQL applications. Personally, if I were starting an application today, I would choose PostgreSQL. PostgreSQL is always going to have first-class support in ActiveRecord.
00:06:05.560
I think there’s some historical context to the fact that several of the largest and oldest Rails applications started on MySQL and have remained there without much opportunity to change that choice. There are also benefits where MySQL has a longer history of effective replication, which matters at certain huge scales.
00:06:38.840
But yeah, PostgreSQL is a fully supported database, and I encourage everyone to use it! But as we’re hearing, it sounds like SQLite is the future.
00:07:05.600
Quick thing—I want to do a little activity for you all. Yesterday, David and Eileen both mentioned that there have been nearly 7,000 contributors to the Rails core project.
00:07:22.720
So outside of these 10 people, and all the other two core team members who weren’t able to make it here, if you have contributed code and that code has been merged, could you please quickly stand up so we can see you?
00:07:40.400
Now, stay standing for a moment. If you’ve ever contributed a comment or helped review a pull request, also stay standing.
00:08:03.160
If you’ve submitted a bug report or participated in GitHub issues on the Rails project, tested something, could you also quickly stand up? Look around; these people are part of the community as well. Thank you to everyone, whether you stood or waved your hand. You can sit down now.
00:08:30.960
So, the question for you, Eileen, is just to sip some water. Joshua from Brisbane asks, "What’s the criteria for joining the Rails core team? Do you have any hot tips on joining the cool kids' club?"
00:08:54.560
Well, we actually recently added another team we call triage. Part of that is because issues have merge rights, and we wanted a way to let people get involved earlier before they built up the trust to not merge the wrong PRs. You start out on the triage team, and usually, it’s just if we see you around commenting on issues, running bug reports that people leave, and reviewing pull requests.
00:09:43.000
Once you get triaged, then you can actually add labels and close issues, which is nice because it helps us out a lot. Then the issues team is allowed to merge documentation changes, but not code changes. GitHub has no way to differentiate, so that’s why it’s a high-trust transition from triage to issues.
00:10:01.039
Once you do a lot of work on issues, you move to committers. Committers can merge pretty much anything, but if it’s a big feature, we don’t want you to merge without talking to core first. Core gets the final say.
00:10:32.280
As a committer, usually, you’ve built a couple of features and are really present and active, and you’re nice to the other new contributors. The interaction with the community on GitHub is essential.
00:11:08.440
For triage and issues, we don’t really need a consensus; we just add people to those. For core, we usually have discussions where someone might say, "I think this person is ready for core," and then others might agree or provide feedback.
00:11:49.440
It’s not a strict process and has changed over time a little bit, but I don’t know if anyone has anything more to add.
00:12:12.339
It’s great that many of you are eager to join the cool kids' club! Now, regarding the Rails development environment setup, I’ve found it a little intimidating to start just to run the test suite. Do you feel like there are things the community could do to make that easier?
00:12:58.240
Does anybody want to pair on my laptop later, and we can get this going? Yeah, great! David, how does Rails core decide which features to abstract from the framework? How do you balance proven features from your own apps, like 37signals, against contributions from other teams and different domains?
00:13:41.720
That’s a good question. For me, the most important thing for putting stuff into Rails is that it represents a core element of the problems we’re dealing with in web development. It has to be general enough that it’s not particular to a specific app. You need the vision that if you were starting a new app, you would also want to use that.
00:14:28.760
A lot of the approach I’ve driven for my own contributions and the contributions from 37signals to Rails over the years has been that whenever we start a new application, we have a golden rule: you are not allowed to copy any code from an old application without contributing it to open source.
00:15:29.240
Sometimes that means direct contribution to Rails; sometimes it means a new gem, but having that firewall when we started working on Hay, we were not allowed to just copy things over from Basecamp. That led to the creation of Active Storage, which was an unextracted feature that lived inside of Basecamp for many years.
00:16:13.160
We needed the same kind of code in Hay. It wasn’t going to make it straight in, so it meant the extraction of Action Text, and Active Job came out of that transition as well. There are three major frameworks that emerged from that large transition.
00:17:02.720
I really enjoy working on new greenfield applications because it’s an opportunity to do that. I think the same has been true for other major contributions happening from other companies. GitHub had a wonderful implementation for handling multiple databases, and Eileen and their team worked to extract that.
00:17:53.560
That enabled them to use it for new functionalities, and we can all benefit from that as well. In terms of contributions from the community, one that stands out to me is the internationalization feature, which was added relatively early on.
00:18:31.920
This feature did not originate from any of the core applications. We had discussed it for several years, and then someone stepped up, did exceptional work, and provided a gem that was excellent. It became an obvious choice to include it in the framework.
00:19:03.720
Proving things out in a gem, if you’re not already part of the Rails core team or contributor team, is the best way to go about it: make a wonderful gem and get it on the radar of someone on the core team.
00:19:48.240
A lot of questions that came in were related to the interesting dynamic of 37signals building new apps every few years, while many people have apps that were started 14 years ago. It’s challenging to keep up. How do you balance that and ensure that Rails remains backward compatible, while also providing security updates, which I understand is necessary?
00:20:44.480
At GitHub, we’re actually upgrading Rails almost every week—we are running on Rails Main—similar to what Shopify is doing. Our hope is that by doing this constantly, we can catch any regressions immediately and ensure that things stay forward and backward compatible.
00:21:40.880
Hopefully, that has been your experience that modern upgrades have been much easier. They have been. However, I know it’s still challenging for companies.
00:22:30.800
Raphael from Japan asks what criteria makes a feature worthy of joining the Rails core project? What kind of problems should it aim to solve?
00:23:03.560
I think it needs to be generic enough to solve problems for web developers. One specific aspect I focus on when I review a feature is how generically it will be useful to applications. You might want to add a feature that is specific to a user case, but not every application will need it.
00:23:35.680
I personally dislike most of the Active Support extensions because they tend to not be generic enough. Adding something to prime your boolean is very specific to your needs, and I think a feature I like is one that introduces a stepping stone for your application.
00:24:16.760
Rails is good for starting your application to IPO. There are lots of stepping stones you need to take to get there. It’s not just a matter of throwing Rails on and being ready to IPO.
00:25:00.440
You sometimes need to implement features that increase the resilience of your application or how many requests per second you can handle. I particularly enjoy features that increase the scalability of Rails.
00:25:45.360
Jeremy Benjamin from Del asks if there are plans to support key rotation for deterministic keys in Active Record encryption. Yes?
00:26:10.360
Could you explain what that means? When you have a bunch of data encrypted with one key and need to rotate to a new key, how do you read data that was encrypted with the old one while encrypting new data with the new key?
00:26:41.280
Actually, this is already supported. If you look at the old FastSKeys option, there’s also a method called `reinc` that will decrypt with the existing key and then re-encrypt with the new key. There was a good talk on that yesterday.
00:27:45.360
Aaron P from Seattle asks if you might ever make AAL table public. No. There has been a request to expose AAL, which is the underlying library for low-level relation management. Many feel they need to go deeper when, in fact, Active Record can do what you need.
00:28:56.320
The hazard in exposing something lower level is that everyone may feel the need to reach for that to do something already possible out of the box.
00:29:57.280
Aaron, where do you live? Seattle? What do you say you do here?
00:30:23.160
I didn’t know it was time for reviews, so I received some feedback from the team. I know you had a retreat recently. That was like the first time everyone could meet together in a while. What were some of the big decisions made behind closed doors that we’re all curious about?
00:31:35.679
Sure, I feel very put on the spot here. In general, a lot of my involvement has been around security stuff, which is extremely not fun.
00:32:21.440
Brandon from Brazil asks about the Rails core vision for the future of Rails. Are you open to pull requests for extending existing functionalities, such as how to handle image optimization?
00:32:58.800
A great example is if you want to fix something with Active Storage, I would love a PR. The important thing is to do the feature you want for your own application and that you would have done anyway.
00:33:50.560
I try out ideas often and see if they may be a valuable feature for Rails. Quite often, I learn it’s not generic enough, or the implementation isn’t good enough. These ideas often do not progress further.
00:34:38.880
If you find something that you actually use in your application and feel it is good, that is the time to share it with the community.
00:35:22.760
Rafael, could you speak a bit more about how the team evaluates submitted features? We recently had our first panel discussion about pull requests, and we usually don’t discuss external contributions. One person spearheads it to take ownership of the decision.
00:36:42.560
If we need consensus, we do that; if we don’t, we individually decide whether to merge something. So we have a streamlined way of unblocking ourselves.
00:37:35.920
Everyone has opinions, but it would take too long to wait for consensus. We usually align well, which is why we are keen on it.
00:37:56.240
Joshua from Zurich asks, with Rails being approximately 300,000 lines of code, who on the team really feels like they understand everything?
00:38:27.680
The truth is, everyone on the team is capable of understanding the whole framework. It doesn’t mean we all have it loaded in our heads at the same time.
00:39:07.440
If there’s an issue open, you can read the code. There are a few touchy parts, and you might ping the original author to ask them about it.
00:40:07.680
However, most parts—Active Record aside—can be navigated easily, and we all do our part in bug fixes and new feature developments.
00:40:50.360
Talking about the pressure of being ready for the release of Rails 7.1—it’s not like a strict clock ticking.
00:41:12.080
Aaron, how do you describe the difference between releases (like 7.0 to 7.1 versus 8.0)? Is it arbitrary?
00:42:01.040
It’s pretty much what David decides.
00:42:30.080
Aaron says many things have the potential to be clear, but the issues often lie in naming them correctly or simple life catch-up over ambiguous ideas.
00:43:38.560
On security handling, the general process is to report bugs via our HackerOne account. We hold monthly meetings to monitor and fix issues.
00:44:37.760
Thus, the community can report any security issues and keep dialogue alive as necessary.
00:45:19.680
John, which areas of the framework do you personally find most difficult to work on? Active Record is definitely the most complex with deep mysteries.
00:46:21.680
And as Carlos mentioned, the more recent Active Storage frameworks may seem daunting without a deeper dive.
00:46:59.680
Realizing that many developers come from different backgrounds, it’s important not to become discouraged by paths taken or qualifications.
00:48:24.800
Our community should remain open to all newcomers, celebrating experiences shared, whether by education or self-taught endeavors.
00:49:02.600
Lastly, we take a moment to recognize members of the core team for their extensive contributions and dedication to the Ruby on Rails community.