What Is PurgeCSS and Why Should You Care?

PurgeCSS is a tool that analyzes your content and CSS, then removes unused CSS selectors, stripping away dead weight to leave you with lean, optimized stylesheets.

For example, if you’re using the full Bootstrap CSS framework (approximately 200KB) but only utilizing 30% of its components, PurgeCSS can scan your HTML (ERB files), JavaScript (including Stimulus controllers), and other templates to identify which Bootstrap classes you actually use. It then generates a new CSS file containing only those classes, potentially reducing your Bootstrap footprint by 70% or more.

Benefits for Your Rails Application

PurgeCSS improves performance by reducing the amount of data browsers must download, parse, and process—directly improving metrics like Largest Contentful Paint (LCP). Beyond faster load times, tools like Google PageSpeed Insights and Lighthouse reward lean assets, making unused CSS removal a high-impact, low-effort optimization.

This approach also enhances developer experience by allowing you to confidently use large CSS frameworks or generate extensive utility classes (like with Tailwind) without worrying about shipping bloated, unused code to production.

Implementing PurgeCSS in Rails

The cleanest way to integrate PurgeCSS into a Rails application is using the cssbundling-rails gem, the modern successor to Webpacker for CSS (with jsbundling-rails covering the JavaScript side). It seamlessly integrates PostCSS and other build processes into assets:precompile.

Prerequisites and Setup

First, ensure you’re using cssbundling-rails to build your CSS. If you created a new Rails app with rails new myapp --css=bootstrap, you’re already using it.

For older applications, you may need to migrate. This guide assumes you have a setup that uses yarn build:css to process your styles.

Installation

Since PurgeCSS is a PostCSS plugin, we’ll install it and add it to our PostCSS configuration. Add the package using Yarn:

yarn add -D @fullhuman/postcss-purgecss

Configuration

Next, open (or create) your postcss.config.js file in your Rails project root. It’s important to only run PurgeCSS in production since running it in development would strip classes with every file change, severely impacting developer experience.

To gate it, we check NODE_ENV rather than RAILS_ENV. PostCSS runs inside the Node process that cssbundling-rails spawns for yarn build:css, and RAILS_ENV isn’t reliably exported into that child process across every platform and CI setup. NODE_ENV is the signal the Node toolchain already understands, so make sure your production build sets NODE_ENV=production (Rails does this by default during assets:precompile).

Here’s a sample configuration:

// postcss.config.js
module.exports = {
  plugins: [
    require('postcss-import'),
    require('postcss-nesting'),
    require('autoprefixer'),
    // Only run PurgeCSS in production
    ...(process.env.NODE_ENV === 'production' ? [
      require('@fullhuman/postcss-purgecss')({
        content: [
          './app/views/**/*.html.erb',
          './app/helpers/**/*.rb',
          './app/javascript/**/*.js',
          './app/javascript/**/*.ts',
          './app/components/**/*.rb',
          './app/components/**/*.html.erb',
          // Add any other directories containing class names
        ],
        defaultExtractor: content => content.match(/[A-Za-z0-9-_:/]+/g) || [],
        safelist: [
          /bg-(red|green|blue)-\d00/, // Dynamic class patterns (e.g., bg-red-500)
          'btn-primary',
          'is-invalid',
          /^alert-/,
          /^modal-/,
          // Add classes added via JavaScript not found in static templates
        ]
      })
    ] : [])
  ]
}

Configuration Breakdown

• content: This array tells PurgeCSS where to find CSS class names. We include ERB templates, helpers that generate HTML with classes, JavaScript files (including Stimulus controllers), and component directories.
• defaultExtractor: This function extracts class names from your files. The provided regex handles various class name formats, including those with colons (like sm:flex). It’s a permissive starting point that errs toward keeping more tokens (it also matches /), so it’s safer than it is precise. If you’re on Tailwind, prefer Tailwind’s own extractor rather than rolling your own here.
• safelist: Essential for preserving dynamically added classes. You can safelist specific strings ('btn-primary') or use regular expressions (/bg-(red|green|blue)-\d00/ for Tailwind color utilities).

Testing and Deployment

With configuration complete, build for production:

RAILS_ENV=production bundle exec rails assets:precompile

This runs your CSS build process with PurgeCSS enabled. Check the compiled CSS file in public/assets—you should see a dramatically smaller file compared to your development version.

Crucially, thoroughly test in a staging environment before deploying to production. Click through every page and application state to identify any missing styles. If you find issues, add the missing classes or patterns to your safelist array.

Important Considerations

• Stage Before Production: PurgeCSS can be aggressive. Test in a staging environment that mirrors production data, as some classes may only appear under specific conditions or with certain data.
• Use Safelist Liberally: When in doubt, add classes to your safelist. It’s better to preserve a few extra classes than to have broken styles.
• Tailwind Users: If you’re using Tailwind CSS (via the tailwindcss-rails gem), you don’t need PurgeCSS at all. Tailwind dropped PurgeCSS back in v3 in favor of its JIT engine, which only ever generates the classes it finds in your content paths. Your job there is simply to keep those content paths in tailwind.config.js comprehensive so nothing you actually use gets missed.

Conclusion

Integrating PurgeCSS into your Rails asset pipeline is straightforward and offers substantial benefits. By systematically removing unused CSS, you deliver faster, more performant experiences to users while maintaining the developer-friendly workflow of comprehensive CSS frameworks.

Need Help Speeding Up Your Rails App?

If you’d like a hand trimming unused CSS, optimizing your asset pipeline, or improving your app’s performance, we’d be happy to help. Send us a message over here: FastRuby.io Contact Form

Fast forward a few years: Sidekiq needed an update. You find out the gem wasn’t actively maintained anymore. But by then, the entire application depended on it. Core features like sending notifications, syncing with third-party APIs, and triggering billing logic all ran through this pub/sub layer.

Now you face a painful choice: either keep running on an unmaintained gem and risk breakage every time Sidekiq or Rails is updated, or rip it out and refactor the app to use a supported approach.

What began as a new dependency to save time has turned into a critical piece of fragile infrastructure. The lack of maintenance has turned what should have been a simple dependency update into a full-blown project.

How do we avoid getting into this situation in the first place? In this post, we’ll show you by digging into five critical areas to check before you choose a new gem.

When working with Ruby on Rails, it’s tempting to install a gem for every new feature. Gems are one of the best parts of the Ruby ecosystem.

They save time, bring in expertise from the community, and help teams deliver quickly. But gems are also long-term commitments. Every gem you add becomes part of your application’s foundation, for better or worse.

At our company, we focus on fixed-cost Ruby and Rails maintenance. A big part of that work involves keeping an eye on gems: their security, their stability, and whether they still make sense for the app.

Here are the areas we check when deciding whether to keep a gem: how well the gem has been maintained and whether it’s active, the community surrounding it and how well it’s known, its licensing, its security, and its overall fit.

Do You Even Need a Gem?

The five areas below help you size up a gem you’re planning to adopt. But sometimes the leanest, safest dependency is the one you never add, so start with a more basic question: do you actually need this gem, or could you write the few lines it would take yourself?

Mike Perham, the author of Sidekiq, makes this point well in Kill Your Dependencies:

Every dependency in your application has the potential to bloat your app, to destabilize your app, to inject odd behavior via monkeypatching or buggy native code.

Whether owning it yourself wins out depends on how much code it would take and how many edge cases you’d have to handle.

A small string helper or a thin wrapper around a single HTTP call is often a few lines you can own outright, with no maintenance, security, or licensing tail to worry about.

A PDF renderer or a full OAuth flow is the opposite: enough edge cases that a well-maintained gem is the smarter bet. The line moves with your app, but it’s worth drawing every time. Before you reach for the Gemfile, definitely consider whether you can implement the minimal functionality yourself and skip the dependency entirely.

Here is the whole decision in one view, from “do I really need it?” all the way to “add it and keep an eye on it”:

The rest of this post breaks down that last question, the checks we run before we trust a gem.

1. Maintenance and Activity

The biggest thing to look for is whether your new dependency is maintained. An abandoned gem may work today but become a roadblock tomorrow when Ruby or Rails versions move forward.

Here are a few metrics to watch:

• Last release date: Check how recently the gem was updated. A project that hasn’t seen a release in years may no longer be compatible with modern Ruby versions. For example, many gems built for Ruby 2.x break on Ruby 3.x because of the breaking changes between those versions.

• Commit history: A steady stream of commits, even small ones, shows that the project is still alive. In contrast, a repo with one commit in the past two years likely means the maintainers have moved on.

• Open issues and pull requests: A backlog of unresolved issues can be a red flag. If critical bugs linger without maintainer response, you may end up maintaining the gem yourself. On the other hand, active triaging and merged pull requests signal a healthy project.

For gems you already depend on, bundle outdated gives you a quick snapshot of how far behind you are, and gem list --remote <name> shows the available versions and their release dates. We dug into this across some of the most popular gems in the ecosystem in How outdated are these popular Ruby projects?, and the results were surprising even to us.

2. Community and Adoption

Again, these aren’t perfect metrics, but they can help you gauge whether your gem will be maintainable in the long term.

• Downloads and stars: These metrics indicate how widely the gem is used and trusted. A gem with millions of downloads or thousands of GitHub stars is less likely to vanish overnight.

• Ecosystem mentions: Does the gem appear in blogs, tutorials, or other projects? Broad adoption usually means more eyes on the code, quicker bug reports, and shared knowledge on how to use it.

• Forks and contributors: A project with multiple active contributors is less dependent on a single maintainer. If one person drops out, others can keep it alive. A gem with a single owner and no active forks is far more fragile.

Where do you find these numbers? The gem’s page on RubyGems.org shows total and recent downloads, Libraries.io gives each project a SourceRank score based on its adoption and maintenance signals, and a repository’s GitHub “Insights” tab shows the commit and contributor activity over time. None of these is decisive on its own, but together they paint a picture.

3. Licensing

Licensing may not be glamorous, but it can have real consequences.

• Open source license: Always check the license to ensure it’s compatible with your project. Most gems use permissive licenses like MIT, which are fine for commercial use. But occasionally you’ll find more restrictive licenses (like GPL) that could create legal hurdles for commercial projects. Knowing this up front saves pain later.

If you want to audit the whole dependency tree instead of one gem at a time, the license_finder gem scans your bundle, lists the license of every dependency, and lets you whitelist the ones your organization has approved so a surprise GPL transitive dependency fails your build instead of your legal review.

4. Security

When adding a gem to your Rails application, you’re not just trusting the code you see, you’re also trusting the maintainer’s track record and the entire dependency chain that comes with it.

• Vulnerability reports: Before adopting a gem, check for known security issues in sources like the Ruby Advisory Database or CVE listings.

The easiest way to do this is to run bundler-audit against your project (bundle-audit check --update), which cross-references your Gemfile.lock against that same advisory database and flags any vulnerable versions.

Just as important: look at how quickly those issues were patched. For example, Nokogiri, one of the most widely used gems in Rails apps, has had several high-profile security issues over the years. But it’s also an excellent case study in good maintenance: the team consistently issues patches quickly, often within days. That responsiveness makes it a safe choice despite past vulnerabilities.

• Dependency chain: Gems often depend on other gems, which may in turn depend on others. This creates a web of transitive dependencies, each one potentially carrying risks. For instance, using OmniAuth can bring in multiple third-party strategies as sub-gems, some maintained better than others. Without oversight, one poorly maintained dependency could expose the entire authentication flow to risk. A regular maintenance process ensures these dependencies are reviewed, patched, or swapped out before they become liabilities.

• Supply chain risk: The maintainer’s account is part of the attack surface too. A gem with a single owner, no two-factor authentication, and the ability to push directly to RubyGems is one compromised credential away from shipping malicious code to everyone who depends on it. We covered several real examples and how to defend against them in The Hidden Dangers in Your Gemfile: Supply Chain Attacks in RubyGems.

If you want to go further, Brakeman and the rest of the essential Ruby security tools we rely on can catch issues that a gem introduces into your own application code.

5. Stability and Fit

Even if a gem is secure, it has to be the right fit for your application. Stability, maturity, and alignment with your actual needs all play a role in making that judgment.

• API maturity: A gem that changes its API with every minor release can create constant churn in your codebase. Look for signs of maturity such as semantic versioning, a predictable release cadence, and clear deprecation policies.

A quick read of the CHANGELOG tells you a lot here: are breaking changes called out clearly, or do they show up unannounced in patch releases? For example, Devise has been around for years, with a mature API and strong community support. You can rely on it for authentication without fearing constant breaking changes. In contrast, newer authentication gems might be moving fast but lack the stability you need in production.

• Documentation and tests: Good documentation isn’t just about developer convenience; it’s a marker of quality and maintainability. Similarly, a gem with a comprehensive test suite signals that the maintainers care about stability and regression safety. RSpec is a great example: its extensive docs and test coverage make it a reliable foundation for testing, even in large, complex applications.

• Alignment with your needs: Pulling in a massive gem when you only need one small feature is like renting a moving truck just to carry a single box. The overhead in maintenance and potential vulnerabilities rarely pays off. For example, developers often reach for RailsAdmin or ActiveAdmin when they only need a very basic admin interface.

Those gems are powerful, but they’re also heavy, with lots of dependencies and DSL conventions. In many cases, building a few CRUD screens with plain Rails is safer, lighter, and more maintainable.

A quick gem-vetting checklist

Before you add gem "shiny_new_thing" to your Gemfile, run through this:

• ✅ Has it had a release in the last year, with a steady commit history?
• ✅ Are issues and pull requests being triaged, or is there a graveyard of stale ones?
• ✅ Does the download count and contributor list suggest it will outlive its original author?
• ✅ Is the license compatible with your project? (license_finder can confirm.)
• ✅ Does bundle-audit come back clean, and does the team patch vulnerabilities quickly?
• ✅ Does it follow semantic versioning with a readable CHANGELOG?
• ✅ Is it the right size for the job, or are you renting a moving truck to carry one box?

If a gem clears all seven, it is a much safer bet for the long term.

Conclusion

Adding a gem may feel like a shortcut today, but every gem becomes part of your app’s long-term health. By considering maintenance, community, licensing, security, and fit, you can make smarter choices that reduce risks and avoid painful migrations later.

And if you don’t have time to review every gem, or if your app already relies on dozens of them, that’s where we can help.

Our fixed-cost Rails maintenance service keeps your dependencies updated, identifies risks before they become roadblocks, and ensures your application stays secure, stable, and fit for the future.

Want peace of mind about your Rails app’s gem ecosystem? Let’s talk.

Sidekiq’s maintenance policy only covers the current and previous major versions (8.x and 7.x today), as long as they are less than five years old. Older versions (6.x and below) no longer receive updates, including security fixes, so if you are on a legacy version, upgrading is the safer path.

To find more information about the most recent Ruby releases check out this page: Ruby Releases

To check Sidekiq’s changes through releases you can check Sidekiq changes document in their GitHub repository.

Sidekiq’s versions maintenance policy is shared in their wiki where it says:

“Support the current major version and previous major version as long as they are less than five years old”

Need to Upgrade Sidekiq?

If you don’t have the time to do it yourself, you can hire our team to do it for you. Send us a message over here: Contact FastRuby.io | Rails Upgrade Service

Feedback Wanted: Updates

If you find that this article has fallen out of date, feel free to reach out to us on Mastodon or Bluesky and we will bring it up to speed. We will continue to update this article as new versions of Sidekiq and Ruby are released.

In this article, I share my experience migrating from Sprockets to JS Bundling (JavaScript Bundling for Rails).

This is not a step-by-step guide, as each application has its own unique needs. Instead, I discuss the problems I encountered and the approach I took during the migration to JavaScript bundling.

Why We Needed to Migrate

Before we discuss why we needed to migrate, let me give you some insights into the state of the application. The application had .js files, .es6 files, jquery, bootstrap.js, and a few other 3rd party JS plugins loaded via CDNs.

The Gemfile also had jquery-rails, coffee-rails, babel-transpiler, terser gems in it. The application was using Sprockets for asset management. All of these factors indicated that the JavaScript assets had not been updated in a while, and there was some confusion about the internal best practices for writing JavaScript:

• “Should the code be in .js files?”
• “Should the code be in .es6 files?”
• “Should they continue adding more inline JavaScript code?”

Also, I knew, in the future, the client wanted to start using Stimulus.

Considering the existing state of JS asset management and the future needs, the best course forward was to migrate from Sprockets to JS bundling. JS bundling along with esbuild as the bundler supported all existing features that the application utilized, so the developers did not face a huge learning curve, and it also gave access to features like tree shaking, instant reloads, and extremely fast bundling, elevating the overall developer experience.

Planning the Migration Strategy

When we began planning our migration from Sprockets to jsbundling-rails + esbuild, we knew that migrating our substantial JavaScript codebase across a production Rails application required careful orchestration.

The application presented unique challenges:

• Numerous Stimulus-like controllers using .es6 extensions
• A large application.js file filled with global functions
• Complex jQuery and Bootstrap 2 dependencies
• A Docker-based development environment that needed seamless build integration

Rather than attempting a risky “big bang” rewrite, we developed a three-phase strategy that would allow us to validate each step.

Our approach centered on creating parallel asset pipelines, keeping the existing Sprockets system running while building and testing the new esbuild setup alongside it.

This meant we could migrate incrementally, test thoroughly at each phase. We also front-loaded the infrastructure work, setting up our npm dependencies, Docker build processes, and development workflows before touching a single JavaScript file.

Critical Distinction: Testing vs Merging Strategy

While we tested incrementally after every step, we were careful not to deploy partial work to production. Our strategy was:

• Test incrementally: Validate functionality after each small change (file migration, dependency addition, configuration update)
• Commit to feature branch: We kept committing changes and merging to our base pull request throughout the process
• Merge to main only at the end: The feature branch was merged to main only when the entire migration was complete and all cleanup was done

This approach prevented deploying half-finished migrations to production while still allowing us to track progress and collaborate on the feature branch. The parallel asset pipeline setup allowed continuous testing and incremental commits without risk of breaking the production application.

The diagram below summarizes the six phases that follow, and how the parallel pipeline period tapered into an esbuild-only setup once the migration was complete.

Phase 1: Foundation Setup

The foundation phase focused on establishing the infrastructure needed for esbuild without touching existing JavaScript files.

Setting up the build infrastructure first meant we could test that esbuild actually worked in our specific environment including Docker, Rails asset pipeline integration, and development workflow. If the build system didn’t work properly, we would find out immediately rather than discovering fundamental infrastructure problems after we’d already migrated files.

Adding jsbundling-rails Gem

First, we added jsbundling-rails to our Gemfile and generated the initial setup:

# Gemfile
gem "jsbundling-rails"

bundle install
./bin/rails javascript:install:esbuild

Creating the Initial Package.json Structure

We started with a minimal package.json and progressively added dependencies:

{
  "name": "app",
  "private": true,
  "scripts": {
    "build": "esbuild app/javascript/*.* --bundle --sourcemap --format=iife --outdir=app/assets/builds --public-path=/assets"
  }
}

Adding esbuild as Development Dependency

{
  "name": "app",
  "private": true,
  "devDependencies": {
    "esbuild": "^0.25.6"
  },
  "scripts": {
    "build": "esbuild app/javascript/*.* --bundle --sourcemap --format=iife --outdir=app/assets/builds --public-path=/assets"
  }
}

Front-loading All JavaScript Dependencies

Rather than adding dependencies incrementally, we added all required packages upfront to avoid mid-migration dependency issues. Here’s how we determined which dependencies to add to our package.json:

1. Audit Your Layout Files for CDN Links Look for <script src="https://..."> tags to identify externally loaded libraries:

<!-- Found in app/views/layouts/application.html.erb -->
<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/flatpickr"></script>

2. Check Your Sprockets Manifests Review app/assets/javascripts/application.js for //= require statements:

//= require jquery
//= require bootstrap
//= require flatpickr

3. Search Your Codebase for Global Variable Usage Use grep to find library-specific globals:

grep -r "jQuery\|\\$\\." app/  # Find jQuery usage
grep -r "flatpickr\|bootstrap" app/  # Find other library usage

4. Review Your Ruby Gems Check your Gemfile for -rails gems that wrap JS libraries:

gem "jquery-rails"        # Indicates jQuery dependency
gem "bootstrap-sass"      # Indicates Bootstrap dependency

5. Version Matching Strategy Match existing CDN/gem versions exactly first, then upgrade as a separate step after migration works.

{
  "name": "app",
  "private": true,
  "dependencies": {
    "jquery": "^3.7.1",
    "bootstrap": "4.4.1",
    "popper.js": "1.16.0",
    "flatpickr": "^4.6.13",
    "bootstrap-select": "^1.13.18"
  },
  "devDependencies": {
    "esbuild": "^0.25.6"
  },
  "scripts": {
    "build": "esbuild app/javascript/application-esbuild.js --bundle --sourcemap --format=iife --outfile=app/assets/builds/application-bundled.js"
  }
}

Key Decision: We chose specific versions that matched our existing CDN dependencies to ensure compatibility.

With npm packages installed, we could remove CDN links from our layout files:

Before (CDN approach):

<!-- app/views/layouts/application.html.erb -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css">
<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>

After (esbuild approach):

<!-- Dependencies now bundled in application.js -->
<%= javascript_include_tag "application", "data-turbo-track": "reload" %>

This eliminated external dependencies and improved performance by reducing HTTP requests and enabling better caching control.

Setting Up the Entry Point

Created the initial JavaScript entry point that would eventually replace our Sprockets bundle:

// app/javascript/application-esbuild.js
// Entry point for the build script in your package.json

// Import jQuery and make it available globally
import $ from "jquery";
window.jQuery = $;
window.$ = $;

// Import Popper.js (required by Bootstrap 4)
import Popper from "popper.js";
window.Popper = Popper;

// Import Bootstrap
import "bootstrap";

// Import Flatpickr
import flatpickr from "flatpickr";
window.flatpickr = flatpickr;

// Import bootstrap-select
import "bootstrap-select";

Critical Decision: We maintained global variable assignments (window.$ = $) to ensure compatibility with existing legacy code that expected these globals.

Configuring the Asset Pipeline Integration

Updated the Sprockets manifest to include esbuild output:

// app/assets/config/manifest.js
//= link_tree ../images
//= link application-bootstrap4.css
//= link_directory ../stylesheets .css
//= link bootstrap-select.min.js
//= link_tree ../builds  // Added this line

Key Integration Point: The //= link_tree ../builds line is crucial because it tells Sprockets to include all files from the app/assets/builds/ directory in the asset pipeline. This is where esbuild outputs the bundled JavaScript file (as configured in the package.json --outfile=app/assets/builds/application-bundled.js). Without this line, Rails wouldn’t know about the esbuild-generated JavaScript and couldn’t serve it to browsers.

Setting Up Parallel Asset Pipeline

We added JavaScript includes to layouts for testing while keeping the existing Sprockets system running. “Keeping Sprockets” meant two things: first, Sprockets continued to handle all non-JavaScript assets (CSS, images, fonts) and serve as the overall asset pipeline coordinator; second, the old Sprockets-managed JavaScript bundle (application.js) remained functional alongside the new esbuild-managed bundle (application-bundled.js), allowing us to test by switching between them:

<!-- app/views/layouts/application.html.erb -->
<%= javascript_include_tag "application", "data-turbo-track": "reload", type: "module" %>

Docker Integration for Development

Updated Dockerfile to handle npm dependencies:

# Install Node.js and npm first (before copying files)
RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \
    apt-get install -y nodejs
RUN node -v && npm -v

# Copy dependency files first for better Docker caching
COPY Gemfile* /code/
COPY package*.json /code/

# Install Ruby dependencies
RUN bundle install

# Install JavaScript dependencies
RUN npm install

# Copy all the application's files into the /code directory
COPY . /code

# Build JavaScript assets
RUN npm run build

Updated development startup scripts to include JavaScript asset building alongside Rails server startup.

Development Process Setup

Created Procfile.dev for concurrent Rails and esbuild processes:

# Procfile.dev
web: env RUBY_DEBUG_OPEN=true bin/rails server
js: npm run build -- --watch

Phase 2: The Great File Migration

Once our foundation was solid, we began the systematic migration of JavaScript files from the Sprockets world to the esbuild world. This phase was broken into various sub-phases to manage complexity and validate functionality at each step.

Phase 2a: Basic Utility Files

We started with simple, standalone files that had minimal dependencies:

// Files migrated in Phase 2a:
// app/javascript/extensions.js
// app/javascript/safari_datepicker_fix.js
// app/javascript/chrome_datapicker_fix.js

Key Learning: These files required no changes beyond moving location - they were already using modern JavaScript patterns.

Phase 2b: Application Logic and Business Rules

Next, we moved files containing business logic and form handling:

// Files migrated in Phase 2b:
// app/javascript/file_upload.js
// app/javascript/user_form.js

Example Migration - users.js:

// Previously loaded via Sprockets directive: //= require users
// Now imported as ES6 module in app/javascript/application.js:
// import('./users.js');

let setupUserEvents = function () {
  $("a[data-delete-unpaid-user]").click(function (event) {
    $("a[data-delete-unpaid-user-confirm]").attr("href", $(this).attr("href"));
    $("#delete_unpaid_associate_modal").modal("show");
    event.preventDefault();
  });

  $("input[data-user-role-toggle]").change(function () {
    let action = $(this).prop("checked") ? "add" : "remove";
    $("#confirm_role_change_action").text(action);
    // ... rest of function logic
  });
};

// Make globally accessible for .js.erb files
window.setupUserEvents = setupUserEvents;

Phase 2c: Complex Business Forms

The most complex files were migrated last:

// Files migrated in Phase 2c:
// app/javascript/user_worklist.js
// app/javascript/user_services_form.js

Some of the reasons that made these files particularly complex were:

• Multiple AJAX interactions - Both files heavily used $.ajax() calls for dynamic form submissions without page refreshes
• Complex DOM manipulation - Extensive jQuery selectors and event handlers for form interactions
• State management - Managing form state, pagination, sorting, and filtering logic
• Global function dependencies - Required multiple functions to be globally accessible for Rails .js.erb integration

Phase 2d: The ES6 Controller Migration

This was the largest single migration step - moving all Stimulus-style controllers:

Before (.es6 files in app/assets/javascripts):

app/assets/javascripts/controllers/
├── aria_checked_controller.es6
└── hr/pagination_controller.es6

After (.js files in app/javascript):

app/javascript/controllers/
├── aria_checked_controller.js
└── hr/pagination_controller.js

Simple File Extension Migration:

A major advantage in our case was that all our .es6 files contained vanilla JavaScript that was already compatible with modern browsers. This meant we could simply rename the files from .es6 to .js without any code changes:

# Our migration was this simple:
mv aria_checked_controller.es6 aria_checked_controller.js
mv hr/pagination_controller.es6 hr/pagination_controller.js
# ... and so on

Example Controller - No Code Changes Needed:

// FROM: app/assets/javascripts/controllers/aria_checked_controller.es6
// TO: app/javascript/controllers/aria_checked_controller.js
// (Content identical - just file extension and location changed)

class AriaCheckedController {
  constructor(fieldset) {
    this.fieldset = fieldset;
    this.connect();
  }

  connect() {
    this.updateState();
    this.listen();
  }

  listen() {
    this.listenToInputs();
  }

  listenToInputs() {
    this.inputs.forEach((input) => {
      input.addEventListener("change", () => this.updateState());
    });
  }

  updateState() {
    this.radioLabels.forEach((label) => (label.ariaChecked = "false"));
    this.checkedLabels.forEach((label) => (label.ariaChecked = "true"));
  }

  // ... rest of controller
}

// Export for global access (needed for Rails .js.erb files)
window.AriaCheckedController = AriaCheckedController;

Our Lucky Break:

Since our .es6 files were essentially vanilla JavaScript with ES6 classes and modern syntax that browsers already supported, the migration was purely mechanical - just moving files and updating import statements.

If Code Changes Were Needed:

Had our ES6 code contained incompatible syntax or used ES6 modules extensively like the example shown below:

// BEFORE (.es6 file with ES6 modules):
import { SomeUtility } from "./utilities"; // ← ES6 import syntax

export class MyController {
  // ← ES6 export syntax
  // ES6 syntax that needs transpilation
  async handleClick() {
    const result = await fetch("/api/data");
    const data = await result.json();
    // ...
  }
}

We would have needed to implement a transpilation solution using either:

• esbuild’s built-in transpilation with appropriate target settings (--target=es2017)
• Babel integration for more complex transformations via plugins like esbuild-plugin-babel

This would have added complexity to the build process but kept our code more modern and maintainable.

Managing Import Dependencies in application-esbuild.js

As we migrated files, we updated our entry point to import them:

// app/javascript/application-esbuild.js progression

import("./extensions.js");
import("./safari_datepicker_fix.js");
import("./chrome_datepicker_fix.js");

import("./aria_checked_controller.js");
import("./hr/pagination_controller.es6");
import("./user_worklist.js");
import("./user_services_form.js");

Critical Pattern: Global Function Accessibility

A key challenge was maintaining global function access for Rails .js.erb files:

// Pattern we used throughout migration:

// Modern ES6 approach (preferred):
export function setupuserTableEvents() {
  /* ... */
}

// But also global assignment (necessary for Rails):
window.setupuserTableEvents = setupuserTableEvents;

Why This Was Necessary: Rails .js.erb files expect functions to be globally accessible:

<!-- app/views/users/edit.js.erb -->
$('#users_table').replaceWith('<%= j render(partial: "users/users_table") %>')
setupuserTableEvents()  <!-- This expects global function -->

Module-wise Testing Strategy

While we followed the file migration phases described above, we also implemented a module-wise testing approach to validate functionality incrementally. This required creating multiple temporary JavaScript bundles so we could test incremental changes by moving only specific parts of the app to jsbundling, testing that, while the rest of the app continued being served by the old asset pipeline:

1. application.js - Original Sprockets bundle (unchanged during migration)
2. application-bundled.js - Initial esbuild output file containing new dependencies like jQuery, Bootstrap (later renamed to application.js)
3. application-modern.js - Temporary Sprockets bundle for testing during migration (later removed)

Creating the Hybrid JavaScript Bundle (application-modern.js):

// app/assets/javascripts/application-modern.js
// This is a manifest file for the modern JavaScript setup with esbuild
// It excludes jQuery since that's loaded from the bundled file
//
//= require users
//= require extensions
//= require safari_datepicker_fix
//= require_tree ./controllers
//= require_tree ./helpers
//= require_tree ./services
//= require_tree ./timecards
//= require_tree ./vsr

// ... rest of application logic

Layout-level Testing: We could then test specific modules by modifying which JavaScript bundle the layouts loaded:

<!-- app/views/layouts/application.html.erb -->
<!-- BEFORE: Original Sprockets + CDN approach -->
<%= javascript_include_tag "application" %>
<script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js"></script>

<!-- AFTER: Modern esbuild + Sprockets hybrid approach -->
<%= javascript_include_tag "application-bundled" %>  <!-- esbuild dependencies -->
<%= javascript_include_tag "application-modern" %>   <!-- core app logic -->

Layout-specific Testing: Different layouts could use different JavaScript bundles:

<!-- Test User module: app/views/layouts/user.html.erb -->
<%= javascript_include_tag "application-bundled" %>
<%= javascript_include_tag "application-modern" %>

<!-- Keep main app on old system: app/views/layouts/application.html.erb -->
<%= javascript_include_tag "application" %>
<!-- CDN scripts... -->

Benefits of Module-wise Testing:

• Risk Mitigation: Issues isolated to specific functionality areas
• Faster Debugging: Easier to identify which JavaScript caused issues
• Stakeholder Confidence: Could demonstrate working functionality module by module
• Incremental Validation: Each module tested thoroughly before moving to next

This approach was particularly valuable for our client since different modules had different user bases and usage patterns.

Results of Phase 2

After this phase, we had:

• JavaScript files migrated to esbuild
• All .es6 extensions converted to .js
• Global function access preserved for Rails integration
• Organized file structure (controllers/, services/, helpers/)
• Module-wise testing capability through parallel layouts
• No breaking changes to existing functionality

Phase 3: Solving jQuery and Legacy Dependencies

Phase 3 addressed the most challenging aspect of the migration: ensuring jQuery and other dependencies were available when legacy code expected them, while managing multiple Bootstrap versions across different layouts.

The jquery-loader.js Solution

Our biggest challenge was timing - ensuring jQuery was globally available before other scripts tried to use it.

We initially tried a couple of different approaches: Before (problematic timing):

// app/javascript/application.js - BROKEN approach
import $ from "jquery";
window.jQuery = $;
window.$ = $;

// These imports might execute before $ is globally available
setTimeout(() => {
  import("./users.js"); // Might fail if $ not ready
  import("./controllers/nav_tabs_controller.js");
}, 0);

Both approaches had problems. We solved those with a custom loader:

// app/javascript/jquery-loader.js
import $ from "jquery";

// Attach to window for legacy plugins
window.jQuery = $;
window.$ = $;

// Resolved promise to guarantee jQuery is globally available before dependent code executes
export const jqueryReady = Promise.resolve($);

/**
 * Helper function to ensure jQuery is ready before executing code.
 * @param {Function} callback - An async or sync function that receives the $ object.
 * @returns {Promise<void>} A promise that resolves when the callback is done.
 */
export async function withJquery(callback) {
  const jq = await jqueryReady;
  return callback(jq);
}

After (guaranteed timing):

// app/javascript/application.js - WORKING approach
import { withJquery } from "./jquery-loader.js";

withJquery(async ($) => {
  // All imports happen after jQuery is confirmed available
  await import("./users.js");
  await import("./nav_tabs_controller.js");
  await import("./pagination_controller.js");
  // ... all other imports
});

Switching from Rails UJS to jQuery UJS

We were using the jquery-rails gem, which made our AJAX requests work. However, as we were integrating JS bundling, we took it as an opportunity to get rid of the gem and take a step further to drop jquery-ujs altogether and replace it with rails/ujs.

As we integrated rails/ujs, we discovered compatibility issues with it and switched back to the jQuery-based version:

Before (@rails/ujs - Complex event handling):

// Complex event handling for @rails/ujs
$(document).on("ajax:before", "#add_line_item", function (e) {
  var $link = $(this);
  var baseUrl = $link.attr("href").split("&count=")[0];
  $link.attr("href", baseUrl + "&count=" + ++window.line_item_count);
});

$(document).on("ajax:success", "#add_line_item", function (e) {
  // In @rails/ujs, the response is in e.detail[0]
  var response = e.detail[0];
  // Complex response parsing logic...
});

After (jquery-ujs - Simple and familiar):

// Much simpler with jquery-ujs
$("#add_line_item")
  .on("ajax:beforeSend", function (e, data, status, xhr) {
    status.url = status.url + "&count=" + ++window.line_item_count;
  })
  .on("ajax:success", function (e, data, status, xhr) {
    $("#line_items tbody").append(xhr.responseText);
  })
  .on("ajax:error", function (e, xhr, status, error) {
    $("#line_items tbody").append("<p>ERROR</p>");
  });

Package change:

{
  "dependencies": {
    "@rails/ujs": "^7.1.3-4", // ← Removed
    "jquery-ujs": "^1.2.3" // ← Added
  }
}

The reason we did not invest too much effort into making rails/ujs work with our existing forms was that we wanted to remain focused on migrating to JS bundling, and rewriting our forms to work with rails/ujs seemed like a big enough deviation from our original goal.

Bootstrap Version Detection and Conditional Loading

Our application used different Bootstrap versions across layouts, requiring conditional loading:

Layout Detection Strategy:

<!-- app/views/layouts/application.html.erb (Bootstrap 2) -->
<html lang="en" data-bootstrap-version="2">

<!-- app/views/layouts/application_bootstrap4.html.erb (Bootstrap 4) -->
<html lang="en" data-bootstrap-version="4">

Conditional Bootstrap Loading:

// app/javascript/application.js
// Conditionally import Bootstrap based on layout
if (document.documentElement.getAttribute("data-bootstrap-version") === "4") {
  // Import Bootstrap 4 for modern layouts
  import("bootstrap");
} else {
  // Import custom Bootstrap 2 modal for legacy layouts
  import("bootstrap2");
}

Bootstrap Version Compatibility

The conditional loading handled different Bootstrap versions across layouts without requiring separate modal implementations.

Managing Vendor Library Integrations

Flatpickr jQuery Plugin:

// app/javascript/application.js
import flatpickr from "flatpickr";
window.flatpickr = flatpickr;

// Add flatpickr as a jQuery plugin for legacy code compatibility
$.fn.flatpickr = function (config) {
  return this.each(function () {
    flatpickr(this, config);
  });
};

Global Function Pattern for Rails Integration

Many functions needed global access for .js.erb files:

// Pattern used throughout the application
window.capturePaginationAndSortLinks = function () {
  $("a.page-link").click(function (e) {
    e.preventDefault();
    const page = $(this)
      .attr("href")
      .match(/page=(\d*)/)[1];
    $("input[data-page-field]").val(page);
    submitForm();
  });
};

window.clearSupervisor = function () {
  // Clear supervisor data logic
};

// Multiple other global functions...

Results of Phase 3

After this phase, we had:

• Reliable jQuery loading with proper timing
• Simplified AJAX handling with jquery-ujs
• Multi-Bootstrap version support
• All vendor libraries properly integrated
• Global function access maintained for Rails
• No breaking changes to existing jQuery-dependent code

Key Insight: The jquery-loader pattern proved essential for any Rails application with significant jQuery dependencies, ensuring consistent timing and global availability.

Phase 4: Docker and Development Workflow Changes

The migration to esbuild required significant changes to our Docker-based development environment and build processes to support both npm dependencies and JavaScript bundling.

Key Additions:

1. Node.js installation - Added official Node.js APT repository
2. Package.json copying - Copy npm dependency files for caching
3. JavaScript dependencies - Install npm packages
4. Asset building - Build JavaScript assets during image creation

Development Server Integration

We added JavaScript asset management to our development startup script:

# Ensure npm packages are installed (in case of volume mount)
echo "Installing npm packages..."
npm install

# Clean precompiled assets to ensure fresh builds are served
echo "Cleaning precompiled assets..."
bundle exec rails assets:clobber

# Build JavaScript assets in background
echo "Starting JavaScript build watcher..."
npm run build:watch &

Why These Additions Were Necessary:

1. Volume mounts - In Docker development, node_modules might not persist, requiring npm install on startup
2. Asset conflicts - Rails asset clobber prevents conflicts between Sprockets and esbuild outputs
3. Hot reloading - Background build:watch enables instant JavaScript updates during development

Build Script Configuration

Created separate build configurations for development and production:

{
  "scripts": {
    "build:watch": "esbuild app/javascript/application.js --bundle --sourcemap --format=iife --outfile=app/assets/builds/application.js --watch=forever",
    "build": "esbuild app/javascript/application.js --bundle --sourcemap --format=iife --outfile=app/assets/builds/application.js --minify"
  }
}

Development vs Production Differences:

Docker Compose Integration

Our docker-compose.yml worked seamlessly with the JavaScript build integration - no changes were needed to the volume configuration since the npm dependencies and builds happen inside the container.

Development Workflow Impact

Before esbuild:

# Simple workflow
docker-compose up
# Rails server starts immediately

After esbuild:

# Enhanced workflow
docker-compose up
# Container runs: npm install → build:watch → rails server
# JavaScript changes automatically trigger esbuild rebuilds
# Hot reloading works seamlessly

Asset Serving Strategy

Development:

• esbuild outputs to app/assets/builds/application.js
• Rails serves via standard asset pipeline
• Changes trigger immediate rebuilds

Production:

• Assets precompiled during Docker build
• Minified bundles served with fingerprinting
• No runtime JavaScript compilation needed

Results of Docker Integration

After these changes, we achieved:

• Seamless development experience - No manual JavaScript building required
• Hot reloading - JavaScript changes reflected immediately in browser
• Production readiness - Minified assets built during deployment
• Developer onboarding - Single docker-compose up command works for new developers
• No environment inconsistencies - Same Node.js version across all environments

Key Insight: Docker layer optimization and proper build sequencing were crucial for maintaining fast development cycles while supporting the new JavaScript toolchain.

Phase 5: Asset Pipeline Cleanup

Once our esbuild system was working reliably, we systematically cleaned up the legacy Sprockets configuration and removed obsolete JavaScript files. This cleanup phase was critical for preventing confusion and reducing maintenance burden.

Updating manifest.js Configuration

The Sprockets manifest needed significant cleanup to remove JavaScript references:

Before (including all JavaScript):

// app/assets/config/manifest.js
//= link_tree ../images
//= link_directory ../javascripts .js
//= link_directory ../stylesheets .css
//= link bootstrap-select.min.js
//= link_tree ../builds

After (JavaScript removed from Sprockets):

// app/assets/config/manifest.js
//= link_tree ../images
//= link_directory ../stylesheets .css
//= link_tree ../builds

Key Changes:

• Removed //= link_directory ../javascripts .js - No more Sprockets JavaScript processing
• Removed //= link bootstrap-select.min.js - Now bundled via npm
• Kept //= link_tree ../builds - esbuild output served by Sprockets

Removing Sprockets JavaScript Processing

Updated production environment to stop JavaScript compression:

Before (Sprockets handling JavaScript):

# config/environments/production.rb
# Compress JavaScripts and CSS.
config.assets.js_compressor = :terser

After (esbuild handling JavaScript):

# config/environments/production.rb
# Compress CSS.
# JavaScript is now handled by esbuild, not Sprockets

This eliminated the need for server-side JavaScript minification since esbuild handles it during the build process.

Gem Dependencies Cleanup

Removed obsolete Ruby gems from Gemfile:

Before:

# Gemfile
gem "jquery-rails"        # ← Removed: jQuery now via npm
gem "coffee-rails"        # ← Removed: No CoffeeScript files
gem "terser"              # ← Removed: esbuild handles minification
gem "babel-transpiler"    # ← Removed: esbuild handles transpilation

After:

# Gemfile
gem "jsbundling-rails"    # ← Only JavaScript-related gem needed

Benefits of Gem Cleanup:

• Simplified Bundler dependencies - 4 fewer gems to manage
• Faster bundle install - Reduced dependency resolution time
• Cleaner production environment - Easier management of JavaScript processors
• Reduced attack surface - Fewer dependencies to maintain and update

Layout File Simplification

Layout files became much cleaner without CDN dependencies:

Before (multiple script tags):

<!-- app/views/layouts/application.html.erb -->
<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css">
<script src="https://cdn.jsdelivr.net/npm/flatpickr"></script>

<%= javascript_include_tag "application", "data-turbo-track": "reload" %>

After (single bundled script):

<!-- app/views/layouts/application.html.erb -->
<%= javascript_include_tag "application", "data-turbo-track": "reload" %>

CDN Dependency Consolidation

Complete elimination of external JavaScript CDNs:

Benefits of CDN Consolidation:

• Improved Performance - Single HTTP request instead of 5-6 separate CDN requests
• Better Caching - All JavaScript served from same domain with consistent cache headers
• Version Control - All dependencies locked to specific versions in package.json
• Offline Development - No external dependencies required for local development
• Security - No third-party CDN dependencies that could be compromised

Results of Asset Pipeline Cleanup

After this cleanup phase, we achieved:

• Single source of truth - esbuild handles all JavaScript, Sprockets handles CSS/images
• Simplified configuration - Removed 4 gems and multiple CDN dependencies
• Faster builds - No duplicate JavaScript processing
• Cleaner codebase - legacy files removed from version control
• Better security - No external CDN dependencies
• Easier maintenance - One build system to understand and debug

Key Insight: The cleanup phase proved as important as the migration itself. Having both systems running parallel during development was helpful for validation, but cleaning up promptly after migration prevented confusion and technical debt accumulation.

Phase 6: Testing and Validation

The testing and validation phase was critical for ensuring our migration didn’t break any existing functionality. We followed a systematic approach to catch issues early and validate that our new esbuild setup worked identically to the old Sprockets system.

Ensuring Functionality Parity

Module-wise Testing Approach:

Rather than testing the entire application at once, we tested functionality module by module using our parallel asset pipeline setup:

<!-- Testing different modules with different JavaScript bundles -->

<!-- app/views/layouts/user.html.erb - User module testing -->
<%= javascript_include_tag "application-bundled" %>  <!-- esbuild dependencies -->
<%= javascript_include_tag "application-modern" %>   <!-- core app logic -->

<!-- app/views/layouts/application.html.erb - Main app (control group) -->
<%= javascript_include_tag "application" %>          <!-- Original Sprockets -->

Testing Methodology:

1. Side-by-side comparison - Open same page in two browser tabs with different JavaScript bundles
2. AJAX functionality verification - Ensure all dynamic features worked identically
3. Cross-browser testing - Validate across Chrome, Firefox.

Discovered Issues and Fixes During Testing

Issue 1: Rails UJS Compatibility

During initial testing, we found that AJAX functionality on our forms (originally written for jquery-ujs) was no longer working and behaved differently:

Problem discovered:

// This worked with rails/ujs but not with jquery-ujs
$("#add_line_item").on("ajax:success", function (e, data, status, xhr) {
  $("#line_items tbody").append(xhr.responseText);
});

Root cause: Different event object structure between @rails/ujs and jquery-ujs

Solution implemented:

We stopped using rails/ujs, reverted to jquery-ujs, and rewrote the code as follows:

$(document).on("ajax:success", "#add_line_item", function (e) {
  var response = e.detail[0];
  var responseText;

  if (typeof response === "string") {
    responseText = response;
  } else if (response.body) {
    responseText = response.body.innerHTML;
  } else if (response.responseText) {
    responseText = response.responseText;
  }

  $("#line_items tbody").append(responseText);
});

Issue 2: Variable Declaration Errors

esbuild’s stricter parsing caught undeclared variables:

Problem discovered:

// This worked in Sprockets (loose mode) but failed in esbuild
triggerTarget(trigger){
  targetName = this.triggerFor(trigger) // ← Undeclared variable
  return this.page.querySelector(`[data-nav-tabs-name="${targetName}"]`)
}

Solution implemented:

// Fixed version with proper variable declaration
triggerTarget(trigger){
  let targetName = this.triggerFor(trigger) // ← Properly declared
  return this.page.querySelector(`[data-nav-tabs-name="${targetName}"]`)
}

Production Deployment Considerations

Pre-deployment Validation:

1. Asset compilation test - Verified assets built successfully in production environment
2. CDN integration - Confirmed bundled assets served correctly from Rails asset pipeline
3. Caching validation - Ensured proper cache busting with asset fingerprinting

Lessons Learned and Gotchas

Our migration taught us several important lessons about moving from Sprockets to modern JavaScript bundling. Here are the key challenges we encountered and practical solutions that saved us significant time and debugging effort.

Common Pitfalls and How We Solved Them

Pitfall 1: Assuming All ES6 Files Need Code Changes

What we initially thought: “All our .es6 files will need significant refactoring to work with esbuild”

Reality: Our .es6 files were mostly vanilla JavaScript with ES6 syntax that worked perfectly in modern browsers.

Solution:

# This simple approach worked for 30+ files:
mv file.es6 file.js
# No code changes needed

Lesson: Always audit your existing code first. Don’t assume you need complex transpilation setups.

Pitfall 2: Trying to Import Everything as ES6 Modules

What we initially tried:

// app/javascript/application.js - WRONG approach
import { setupuserTableEvents } from "./users.js";
import { calculateTotal } from "./line_items.js";
// ... trying to make everything modular

Problem: Rails .js.erb files expect global functions, not ES6 module exports.

Reality-based solution:

// app/javascript/users.js - WORKING approach
function setupuserTableEvents() {
  // Implementation here
}

// Make available globally for Rails integration
window.setupuserTableEvents = setupuserTableEvents;

Lesson: In Rails applications, you often need to maintain global function access alongside modern module patterns.

Pitfall 3: Underestimating jQuery Timing Issues

What we initially thought: “jQuery should just work if we import it first”

What actually happened:

// This caused random failures
import $ from "jquery";
window.$ = $;

import("./users.js"); // Sometimes executed before $ was ready

Solution that actually works:

// app/javascript/jquery-loader.js
import $ from "jquery";
window.jQuery = $;
window.$ = $;

export const jqueryReady = Promise.resolve($);

export async function withJquery(callback) {
  const jq = await jqueryReady;
  return callback(jq);
}

// app/javascript/application.js
import { withJquery } from "./jquery-loader.js";

withJquery(async ($) => {
  // All imports happen after jQuery is confirmed available
  await import("./users.js");
  await import("./line_items.js");
  // ...
});

Lesson: Asynchronous imports require explicit dependency management. Don’t rely on import order for timing-sensitive dependencies.

jQuery Compatibility Challenges

Challenge 1: Different UJS Event Structures

Problem: @rails/ujs and jquery-ujs fire events with different data structures.

Symptoms:

// This worked with Sprockets + jquery-ujs
$("#form").on("ajax:success", function (e, data, status, xhr) {
  console.log(xhr.responseText); // ← Undefined with @rails/ujs
});

Solution: Just switch to jquery-ujs for consistency:

{
  "dependencies": {
    "jquery-ujs": "^1.2.3"
  }
}

Challenge 2: Plugin Integration Patterns

Problem: Some jQuery plugins expect specific global setup.

Example with Flatpickr:

// WRONG - Doesn't make it available for legacy code
import flatpickr from "flatpickr";

// CORRECT - Maintains both modern and legacy access
import flatpickr from "flatpickr";
window.flatpickr = flatpickr;

// Add as jQuery plugin for legacy compatibility
$.fn.flatpickr = function (config) {
  return this.each(function () {
    flatpickr(this, config);
  });
};

Import Order Dependencies

Challenge: Bootstrap + Popper.js Dependency Chain

Problem discovered:

// This order caused "Popper is not defined" errors
import "bootstrap";
import Popper from "popper.js";

Correct order:

// Popper must be available before Bootstrap imports
import Popper from "popper.js";
window.Popper = Popper;

import "bootstrap";

Lesson: Some libraries have implicit global dependencies. Check the documentation and test thoroughly.

Key Takeaways

1. Test early and often - Don’t wait until the end to test functionality
2. Maintain compatibility layers - Global function access is often necessary
3. Handle timing explicitly - Don’t rely on import order for critical dependencies
4. Document decisions - Note why you chose specific patterns for future maintainers

Most Important Lesson: The biggest time-saver was creating the parallel asset pipeline system. This allowed us to test incrementally and compare behavior directly, catching issues early when they were easier to fix.

Results and Benefits

After completing our migration from Sprockets to jsbundling-rails + esbuild, the improvements exceeded our expectations across multiple dimensions. Here’s a comprehensive analysis of the tangible benefits we achieved.

Maintenance Advantages

Simplified Dependency Management:

Before (Sprockets approach):

# Gemfile - JavaScript managed via Ruby gems
gem 'jquery-rails'        # jQuery via Ruby wrapper
gem 'coffee-rails'        # CoffeeScript support
gem 'terser'              # JavaScript minification
gem 'babel-transpiler'    # ES6 transpilation

# Plus CDN links in layout files:
# <script src="https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/...">
# <script src="https://code.jquery.com/jquery-3.7.1.min.js">

After (npm approach):

{
  "dependencies": {
    "jquery": "^3.7.1",
    "bootstrap": "4.4.1",
    "flatpickr": "^4.6.13"
  },
  "devDependencies": {
    "esbuild": "^0.25.6"
  }
}

Benefits:

• 4 fewer Ruby gems to maintain and update
• Single source of truth for JavaScript dependencies
• Explicit version control in package.json vs implicit CDN versions
• Offline development without CDN dependencies

Reduced Configuration Complexity:

Before (multiple configuration points):

# config/environments/production.rb
config.assets.js_compressor = :terser

# app/assets/config/manifest.js
//= link_directory ../javascripts .js
//= link bootstrap-select.min.js

# Various gem-specific configuration

After (single build configuration):

{
  "scripts": {
    "build": "esbuild app/javascript/application.js --bundle --sourcemap --format=iife --outfile=app/assets/builds/application.js --minify"
  }
}

Network Performance:

• Reduced latency: Single request vs multiple CDN requests
• Better caching: All JavaScript served from same domain with consistent cache headers
• Improved reliability: No dependency on external CDN availability

Access to Modern JavaScript Ecosystem:

// Now possible - direct npm package usage
import dayjs from "dayjs";
import axios from "axios";

// Previously required manual vendoring or gem wrappers

Infrastructure Benefits:

• Reduced CDN costs: No external JavaScript CDN dependencies
• Simplified deployment: Single asset pipeline reduces deployment complexity

Risk Reduction:

• Fewer external dependencies: Eliminates CDN availability risks
• Modern tooling: Reduces risk of legacy tool abandonment
• Industry alignment: Easier to hire developers familiar with standard JavaScript tooling

Conclusion

Some of the specific problems and solutions documented in this blog post are unique to our particular Rails application and its configuration. However, we’ve shared them in case you encounter similar challenges during your own migration. The patterns and approaches described should be adaptable to most Rails applications making this transition.

Need Help with Your JavaScript Modernization?

If you’re considering a similar migration for your Rails application or need assistance with JavaScript modernization, dependency cleanup, or build optimization, we’d be happy to help.

Whether you’re dealing with a complex legacy JavaScript codebase, evaluating different bundling approaches, or planning a gradual migration strategy, our experience with this transition can help you avoid common pitfalls and achieve a smooth modernization.

Feel free to reach out if you’d like to discuss your specific situation or explore how we can help modernize your JavaScript infrastructure.

Introduction

When discussing accessibility (a11y), we all focus on the structure of our <h1>/<h2>, the alt image texts, the contrast, and all the necessary rules to be covered. The problem is that during the process, we forget to think about usability: Is the page saying what it is supposed to be saying? Does the image description reflect what you can see there? Or take link text as an example: Does “Read More” explain what content the user is about to access?

Most of the time, usability is overshadowed by a focus on compliance with accessibility standards. As a result, we end up with a site that passes validation but neglects to measure usability… or worse, we don’t even consider it.

This article will explore a few key concepts and examples to highlight why usability is an essential complement to accessibility.

What is Usability?

Most of the ideas we will cover here come from “Don’t Make Me Think! A Common Sense Approach to Web Usability”¹ by the usability guru Steve Krug, who helps to understand the principles of intuitive navigation and information design.

The book starts with a conversation that I would like to share:

• “What’s the most important thing I should do if I want to make sure my website is easy to use?”

The answer is simple. It’s not “Nothing important should ever be more than two clicks away,” or “Speak the user’s language,” or even “Be consistent.” It’s…

Usability is about making things simple and intuitive.

A website or app should require minimal effort for users to navigate and understand.

The key questions to ask are:

• Can users easily figure out how to interact with your site?
• Does the content say what it’s supposed to say?
• Are the goals of your design clear at a glance?

The Missing Link Between Usability and Accessibility

We usually use an external validator such as Axe Deque² or automated accessibility testing tools like axe-core-gems³ to check if we live up to the WCAG standards⁴.

Still, at the end of the day, it is more of a grammar checker than a spell checker. They are nice and helpful tools that will help us fix contrast andmissing text and give us a list of corrections, some of them just suggestions, to try to reduce the typically long list.

However, these technical fixes do not ensure usability.

For example, if an image’s alt text says, “Image of a person,”but the image is actually an instructional graphic, the alt text fails to convey its purpose.

Usability ensures alt text communicates meaning.

Correct nested headings <h1>/<h2> help a lot to the screen readers, but if your <h1> reads “Welcome” without context at all; yes, it’s technically accessible but practically unhelpful.

A Few Concepts to Consider

From our book, we can walk through a few concepts that I consider are the most interesting ones:

The Simplicity Concept

Making it simple, not necessary is something easy to do. Each iteration that you plan in your website, since a link in your sidebar nav until a form with multiple steps, must be intuitive.

Wear the visitor hat for a moment and start using your site. As soon as you notice a delay of seconds or milliseconds, that moment that makes you doubt about what you are doing, is when you realize that there is an opportunity to decrease the complexity.

Use The Right Words

Did you take in mind that no one is ever going to read all the entire content on your home page or that a visitor would think that it is necessary to read everything to understand what is going on?

Do an exercise of reducing the total of words, let’s say 30%, on your site. If you find that it is not a problem and that your site still making sense, then you decrease the noise level of the page, you are making your content more prominent, and also given that your pages are shortened, you increase usability, for example, avoid unnecessary scrolling in long sites.

Examples of Doing It Right

Label text on a link:

bad: “Click here” on a link text
good: “Learn More About Our Services”

The first option says nothing at all.

Instead, the second one gives you context for visual and assistive technologies making it better for usability and accessibility purposes.

Alt text on an image:

bad: “Image of a cat”
good: “A cat lying on its back being petted by a person”

The second description is much more descriptive and meaningful about the image. On the first one, the text is vague and does not say too much about it.

Probably, at first, you spend business time to find or create that specific image for a real intention, and then, when you can describe it, and people in general, miss the intention and the motivation when writing the text.

Form placeholders:

bad: A form with placeholders in all the inputs
good: A form with also a label like “full name”

It is considered a poor practice as it can significantly impact usability, especially for users with visual or cognitive impairments.

Last Words

We are conscious that usability has even more complexity than accessibility, but we must be conscious that they go hand in hand.

When you work on a11y take extra time to keep focus at the same time if makes sense of what you are describing or writing.

When you work on accessibility, take the extra time to ask yourself:

• Does this make sense?
• Does it serve its purpose clearly?

By considering both usability and accessibility together, you create a better experience for everyone.

References

1. Krug, Steve. Don’t Make Me Think! A Common Sense Approach to Web Usability (2nd Edition). New Riders Publishing, 2005.
2. Deque Systems. Axe Accessibility Testing Tools
3. Deque Labs. axe-core-gems: Accessibility Testing for Ruby and Rails Applications
4. World Wide Web Consortium (W3C). Web Content Accessibility Guidelines (WCAG) 2.1
5. A Garriga, Dolores and others. El espectro gramatical: formas, significados y conducta humana. Revista Española de Lingüística, 2003.
6. Columbia School Linguistic Society. Columbia School of Linguistics Official Website

It’s a multi-tenant Rails app where each hospital gets its own subdomain, one.doctors.com, two.doctors.com, and so on.

Five hospitals, around 25,000 appointments, 9,700+ patients. Not huge, but not trivial either.

Here’s how it went, including the part where I accidentally broke the database.

The setup

I already had a Railway project running with a test domain (*.juanvasquez.dev) from earlier experiments. The web service was deployed from GitHub and the Postgres 17 instance was co-located in us-east4. Cloudflare R2 handles file storage, that stays the same regardless of where the app runs.

The plan was simple: put Heroku in maintenance mode, dump the database, restore it to Railway, flip the DNS, and go home.

The database restore

First, I captured a fresh Heroku backup and downloaded it:

heroku pg:backups:capture --app doctors
heroku pg:backups:download --app doctors --output /tmp/heroku_backup.dump

Then I wiped the Railway database and restored:

# Wipe
psql -h <railway-host> -p <port> -U postgres -d database_name \
  -c "DROP SCHEMA public CASCADE; CREATE SCHEMA public;"

# Restore
pg_restore --verbose --no-owner --no-acl \
  -h <railway-host> -p <port> -U postgres -d database_name /tmp/heroku_backup.dump

The restore threw two errors, both about the unaccent extension. Heroku installs extensions in a heroku_ext schema that doesn’t exist on Railway. The fix is to just create it manually afterward:

psql -h <railway-host> -p <port> -U postgres -d database_name \
  -c "CREATE EXTENSION IF NOT EXISTS unaccent;"

Everything else restored cleanly. I verified every table:

All 12 tables matched exactly. If you take one thing from this post: always verify row counts after a restore.

The moment I broke the database

With the data restored, I wanted to trigger a deploy on the web service. I ran:

railway up --detach

Without --service web.

That command deployed my Rails application code onto the Postgres service. It replaced the PostgreSQL 17 container with Puma. The database was now a Rails web server that couldn’t handle Postgres connections.

The logs told the story immediately:

HTTP parse error, malformed request: #<Puma::HttpParserError:
Invalid HTTP format, parsing fails. Are you trying to open
an SSL connection to a non-SSL Puma?>

The web service was trying to connect to Postgres, but Postgres was now running Puma, responding to TCP connections with HTTP errors.

The fix was to roll back the Postgres service to its last good deployment. Railway’s CLI doesn’t have a rollback command, so I used the dashboard to roll back the deployment.

After about 45 seconds, Postgres was back. Data intact. Lesson learned: always pass --service web when deploying.

Flipping the domain

Removing the test domain was another adventure. Railway’s CLI can add domains but can’t delete them. I used the dashboard to remove it.

Then I added the production wildcard domain:

railway domain "*.doctors.com" --service web --port 8080

Railway returned the DNS records I needed. In Squarespace (my domain registrar), I added:

There was also a _railway-verify record for domain ownership. I initially tried adding it as a CNAME, but Squarespace rejected the value; it’s actually a TXT record, not a CNAME. Small thing, but it tripped me up.

DNS propagated fast. Within a couple of minutes, Railway confirmed the domain was verified and SSL was provisioned.

One more thing: RACK_ENV

The first request to demo.doctors.com returned a 500. I checked the logs and saw… a Rails development error page. RACK_ENV was set to development. A quick variable update and redeploy fixed it:

railway variable set RACK_ENV=production --service web

Then all five hospital subdomains came back with 200s.

Trial plan limitations

Railway’s trial plan only allows one custom domain per service. The wildcard *.doctors.com uses that single slot, which works great for multi-tenancy, every subdomain routes correctly. But I can’t also add the root domain doctors.com. For now, I’ll handle that with a redirect at the registrar level.

Pricing

For my scale, Railway is slightly cheaper. The real win is simplicity, no buildpack configuration, no add-on marketplace to navigate, and Postgres is just there.

What I also did

While I was at it, I replaced Sentry with Honeybadger (referral link) for error tracking. Sentry’s initializer still referenced Heroku env vars, so it was a good time to clean house. Honeybadger has a free plan, built-in uptime monitoring, and the Rails setup is just a YAML file:

# config/honeybadger.yml
api_key: <%= ENV.fetch("HONEYBADGER_API_KEY", "") %>
env: <%= Rails.env %>
exceptions:
  enabled: <%= Rails.env.production? %>

I also updated the CI pipeline, upgraded Postgres from 10.13 to 17 (matching production) and Node.js from 20 to 22 (matching package.json). Removed the Puppeteer and Chrome setup steps that were left over from when the app used Grover for PDF generation.

Things I’d tell myself before starting

1. Verify row counts after every restore. Don’t trust “no errors”, count the rows.
2. Always specify --service when running Railway CLI commands. Especially railway up.
3. Railway’s CLI can’t do everything. Domain deletion and deployment rollbacks need to be done through the dashboard.
4. railway run executes locally, not on Railway’s infrastructure. Use railway shell for remote access.
5. Heroku’s heroku_ext schema for extensions doesn’t exist on Railway. Expect restore errors for extensions, and re-create them manually.
6. Check your RACK_ENV. It seems obvious, but it’s easy to forget when you’re focused on the database.
7. The _railway-verify DNS record is a TXT record, even though it looks like it could be a CNAME. Your registrar will reject it if you pick the wrong type.

Fair warning

Since migrating, I’ve seen reports from other developers that give me pause. One team experienced persistent 150-200ms request queuing on Railway that they couldn’t resolve even with Pro plan support, response times that were 40ms on Heroku, Render, and DigitalOcean. Another long-time customer reported a caching misconfiguration that leaked user data between accounts, on top of weeks of near-daily incidents.

I measured my own response times after reading these reports, and for my scale they’re good enough. But if you’re running something larger, do thorough stress testing before committing, and have a rollback plan. Railway is young, and that cuts both ways: fast iteration, but also growing pains.

Was it worth it?

The whole migration took about an hour. Most of that was waiting for DNS propagation and debugging the Postgres incident. The actual work, dump, restore, set variables, flip DNS, was maybe 30 minutes.

Railway feels like what Heroku should have become. The dashboard is clean, deploys are fast, and the Postgres integration just works. I miss heroku run (Railway’s local execution model is confusing at first), but railway shell covers most cases.

For a small multi-tenant Rails app like mine, it’s a good fit. But I’m keeping my Heroku knowledge fresh, just in case.

We have documented every minor version from Rails 2.3 through 8.1 in our Rails Upgrade Series and distilled our methodology into an ebook: The Complete Guide to Upgrade Rails

All of that knowledge comes from more than 60,000 developer-hours of hands-on upgrade work for companies of all sizes, from solo-founded SaaS products to huge Rails monoliths running at Fortune 500 public companies.

Today, we are making that methodology available to everyone as an open source Claude Code Skill: claude-code_rails-upgrade-skill.

Why a Claude Code Skill?

Claude Code is a powerful AI assistant for software engineering. It can read your codebase, run commands, and propose changes.

However, when it comes to Rails upgrades, general programming intelligence is not enough. It can lead you down the wrong path.

A Rails upgrade is not just about fixing deprecation warnings and updating gem versions.

It requires a battle-tested methodology: a sequence of steps, a testing strategy, and a set of opinions about how to manage risk during the upgrade.

Without that structure, even the most capable AI will take shortcuts that create problems down the road.

That is why we built this skill and made it open source.

It gives Claude Code the methodology and domain knowledge it needs to guide you through a Rails upgrade the FastRuby.io way.

Our teams have already made all the judgment calls that are included in the methodology, so that you don’t have to delegate those calls to Claude.

Why Open Source?

We believe that the Rails community benefits when upgrade knowledge is widely accessible. We have always shared our learnings through blog posts, conference talks and workshops, and open source tools like next_rails and Skunk.

Open sourcing this skill is the natural next step.

If you have the time and confidence to upgrade your Rails application yourself, this skill will guide you through it with the same methodology we use with our clients.

Of course, if you would rather have us handle it, our fixed-cost, monthly maintenance service and upgrade services are always available. I know many leaders in the industry prefer to have their engineering teams focus on their product roadmap instead of Rails upgrades.

What Makes This Skill Opinionated

This is not a generic “help me upgrade Rails” prompt. It encodes specific opinions that we have developed over hundreds of upgrade projects.

It Always Uses Dual Booting

The skill will always set up dual booting for your upgrade project.

This means your application runs with both the current and target versions of Rails simultaneously during the upgrade project.

Claude Code on its own does not know that dual booting is worth the effort. From a pure code perspective, if we didn’t extend it with a skill, it would advise against this technique because it adds conditionals everywhere:

if NextRails.next?
  # Code for the TARGET version (new behavior)
else
  # Code for the CURRENT version (old behavior)
end

While it does add many conditionals to your codebase, it’s worth it. Claude will say that it is unnecessary complexity. Our teams have learned from experience that dual booting is essential for debugging, testing, and even gradual deployments to production

Dual booting lets you:

• Run your test suite against both Rails versions in CI
• Catch compatibility issues early instead of discovering them after a risky big-bang deploy
• Clean up all the conditionals in one pass after the upgrade is complete
• Quickly debug between two versions of Rails by setting/unsetting the BUNDLE_GEMFILE environment variable

Run the test suite (models only) with the current Rails version:

bundle exec rspec spec/models

Then run the test suite with the target Rails version:

BUNDLE_GEMFILE=Gemfile.next bundle exec rspec spec/models

Combined with byebug or debugger it can be a powerful tool for understanding the internal changes that happened in Rails that are causing thorny issues in your upgrade project.

It Runs the Test Suite Constantly

The skill requires your test suite to pass before any upgrade work begins. Then it runs tests against both the current and target Rails versions throughout the process.

Every change is verified against both versions.

This is non-negotiable. An upgrade without test coverage is a gamble. The skill will block the upgrade and help you fix failing tests before proceeding.

It Sets the Right Defaults First

Before upgrading to a new Rails version, the skill verifies that your config.load_defaults matches your current Rails version.

If it does not, the skill delegates to our companion skill, rails-load-defaults-skill, to walk through each framework default one at a time, grouped by risk tier.

This is a step that many teams skip, and it causes subtle bugs after the upgrade. Getting your defaults aligned before bumping the Rails version eliminates an entire category of issues.

It Never Skips Versions

The skill enforces sequential upgrades. If you are on Rails 5.2 and want to reach 8.1, it will plan the path: 5.2 -> 6.0 -> 6.1 -> 7.0 -> 7.1 -> 7.2 -> 8.0 -> 8.1.

If you really want to do more than one minor version at a time, you can override our skill by telling Claude what target version you want to upgrade to.

Each hop is completed fully before moving to the next one.

We have seen what happens when teams try to skip versions. The compound breakage is nearly impossible to debug. Sequential upgrades are slower on paper but faster in practice.

How the Three Skills Work Together

The upgrade process involves three open source skills that work in tandem:

The Ruby on Rails Upgrade Skill

This Claude Code skill is the orchestrator. It detects breaking changes, generates upgrade reports, plans the sequential upgrade path, and coordinates the other two skills throughout the process.

You can find the source code for this open source skill under the OmbuLabs.ai organization: github.com/ombulabs/claude-code_rails-upgrade-skill

The Dual Boot Skill

This skill sets up and manages dual-boot environments using the next_rails gem.

It handles the Gemfile.next setup, teaches Claude Code to write version-dependent code using NextRails.next?, configures CI to test against both dependency sets, and cleans up dual-boot code after the upgrade is complete.

While most commonly used for Rails upgrades, it works equally well for upgrading Ruby versions or any core dependency like sidekiq or devise.

You can find the source code for this open source skill under the OmbuLabs.ai organization: github.com/ombulabs/claude-code_dual-boot-skill

The Rails Defaults Skill

This skill handles the incremental update of config.load_defaults by walking through each framework config one at a time with tiered risk assessment (low-risk configs first, configs requiring human review last).

You can find the source code for this open source skill under the OmbuLabs.ai organization: github.com/ombulabs/claude-code_rails-load-defaults-skill

This separation keeps each skill focused and makes them independently useful. You can use the dual-boot skill on its own for any dependency upgrade, or the load-defaults skill by itself to align your framework defaults without doing a full Rails upgrade.

Built on 8+ Years of Published Knowledge

These skills are not just a wrapper around the official Rails upgrade guides.

They incorporate the specific patterns, edge cases, and hard-won lessons from our Rails Upgrade Series, which covers every upgrade path from Rails 2.3 to 8.1.

It also draws from our ebook The Complete Guide to Upgrade Rails, which documents the full FastRuby.io upgrade methodology.

The version-specific guides in the skill include detection patterns for breaking changes, before/after code examples, and difficulty ratings based on what we have seen across hundreds of real-world upgrades.

Installation

Here is a quick guide for installing these skills in your local environment:

# 1. The dual-boot skill
git clone https://github.com/ombulabs/claude-code_dual-boot-skill.git
cp -r claude-code_dual-boot-skill/dual-boot ~/.claude/skills/

# 2. The load-defaults skill
git clone https://github.com/ombulabs/claude-code_rails-load-defaults-skill.git
cp -r claude-code_rails-load-defaults-skill/rails-load-defaults ~/.claude/skills/

# 3. The upgrade skill (depends on the two above)
git clone https://github.com/ombulabs/claude-code_rails-upgrade-skill.git
cp -r claude-code_rails-upgrade-skill/rails-upgrade ~/.claude/skills/

Usage

Navigate to your Rails application directory and fire up Claude Code in your terminal. You will see three new slash commands:

• /rails-upgrade – The orchestrator skill to upgrade Rails
• /rails-load-defaults – The load_defaults enforcer
• /dual-boot – The dual boot skill to set up your project for dual booting

All of these commands can be called with or without an instruction. As a general rule, I recommend you provide some context to the slash command, so that Claude can be more efficient (and less expensive!)

If you call the Rails upgrade skill it will:

1. Run your test suite to establish a baseline
2. Keep track of deprecation warnings
3. Address deprecation warnings
4. Verify your load_defaults is aligned with your current Rails version
5. Detect breaking changes in your codebase
6. Generate a comprehensive upgrade report with real code examples from your project
7. Ask for input on next steps

What’s Next?

I would love to see teams use these skills in their next Ruby or Rails upgrade project. The more people who use it (and extend it!), the more issues we can fix, and the more effective Claude can be at upgrading applications.

If you want to try it, the installation takes less than a minute.

Please give it a try and hit me up on GitHub or Bluesky if you find any problems.

Contributing

We welcome contributions. If you have encountered edge cases in your own upgrades, found incorrect detection patterns, or want to add support for new Rails versions, please open an issue or submit a pull request:

• claude-code_rails-upgrade-skill
• claude-code_dual-boot-skill
• claude-code_rails-load-defaults-skill

Wrapping Up

AI is changing how we write and maintain software, but it still needs domain expertise to handle complex tasks like Rails upgrades well.

By open sourcing this skill, we are giving the community access to the same methodology we use with our clients, built on 60,000+ hours of real upgrade experience.

If you really don’t have the time to upgrade, I get it. Feel free to reach out, we are always here to help you upgrade Rails. 🚀

Here was the situation

Tim Peterson, Founder of TitleLeaf, is a solopreneur balancing the challenges of entrepreneurship with a flexible lifestyle. One of his dreams is to have more time and freedom to do what he enjoys most—skiing and biking in the mountains of Northern California while still running his company as efficiently as possible.

Peterson’s goal is to build an ever-evolving, feature-rich SaaS service and share his domain knowledge with customers without having to manage a team or chase technical updates:

“I got fed up chasing contractors and micromanaging. I tried hiring and outsourcing, but nothing was the right fit. I just wanted reliable maintenance so I didn’t have to worry about it.”

Here is how it evolved

In 2023, Peterson reached out to us for help and was particularly interested in our Bonsai service, our signature fixed-cost monthly maintenance plan for Ruby applications that helps alleviate technical debt. He was hoping we could provide the kind of hands-off service he was looking for.

“I felt like I was behind the curve on technology and was getting overwhelmed. I decided to try FastRuby.io’s Bonsai Service on a whim, and the relationship has really worked out. I wanted them to focus on maintenance and keeping everything up-to-date, but then I started to lean on them for other technical issues and features that I wanted to implement,” Peterson explained.

The TitleLeaf engagement started with our monthly maintenance service. This included updating the codebase, patching security issues, and ensuring server compatibility remained solid. TitleLeaf was lagging behind on a few Rails versions, and we reduced their technical debt without disrupting his publishers or workflows. Peterson asked us to tackle a few other projects, such as handling PCI compliance and updates to the new APIs.

“Our publishers needed to jump through PCI compliance hoops for the school districts that are buying the products. I was able to lean on FastRuby.io to handle the compliance and API updates. This was a huge help, as these are essential systems to an e-commerce platform. FastRuby.io made sure it was a smooth transition,” stated Peterson.

At one point, he was looking for more ways to reduce his workload and time interacting with clients by creating a knowledge base they could lean on. He asked for our help, and we decided to give it a try to see if we could handle the helpdesk interactions. However, we found that Peterson’s knowledge wasn’t easily transferable—the solution was U.S. specific (i.e., the market and understanding how school libraries operate) with very domain-specific client needs.

“Even though I tried to put everything into a knowledge base, there was too much inside my head, so I still had to interact with clients. I met with the FastRuby.io team every month, and at one point, we all laughed because we were sensing the exact same thing; it wasn’t working. Even though the test didn’t work, the realization that they were willing to try and also to accept when things don’t work was wonderful,” Peterson noted.

Here’s how we approached the engagement

From day one, we knew that Peterson wanted a relationship built on minimal friction, mutual trust, and clear communication. Our goal was to make sure that we made consistent progress towards the priorities he set with a team he could rely on.

We approached the upgrades in different stages by updating the core parts of the application, enabling him to make use of new features. Peterson also asked us to conduct internal QA on our work and then deploy it to a staging environment, where he could then take it to production.

Some months are light, and some are more intensive. We increase or decrease the workload based on need, and that gives TitleLeaf both flexibility and reliability. This allows Peterson to focus on features instead of technical debt with the peace of mind knowing that updated dependencies are taken care of.

“What really stands out to me is how little communication is needed. The Bonsai team sends regular reports, we huddle each month to set goals and after a quick review, I can go off and do my job. FastRuby.io quietly works in the background and plays a pivotal role in my business. Their services are as essential as hosting—a non-negotiable. I can’t imagine doing business without this partnership; it requires almost no oversight from me.” he observed.

Here’s the outcome of our work

TitleLeaf’s code is healthy and up-to-date and critical systems are compliant and stable. This allows its clients to bid confidently on school district contracts without worrying about technological red flags and gives Peterson the peace of mind that he was hoping for. The upgrade rhythm is predictable and reliable, and this provides the space for him to experiment with new ideas or tweak something for a client.

Peterson pointed out that “sometimes being a one-person team is challenging, and burnout can be difficult to deal with. FastRuby.io is the steady baseline behind everything. They’ve simplified my life, taken to-do’s off my plate, and freed me up to focus on what’s important. They are central to how TitleLeaf runs, and I’d recommend them to anyone building or scaling a SaaS company.”

See the value we delivered

TitleLeaf needed reliability and sustainability. The real value was reducing what was on Peterson’s plate: the stress of falling behind, the inability to launch new features, keeping security up-to-date, and the mental stress of having to wear every hat. Today, Peterson can flex his workload, step away when he wants, focus on what intrigues him most, and dream about platform improvements instead of putting out fires.

“You need these people. Whether you’re a solo founder or niche SaaS operator, FastRuby.io is an indispensable part of your team and organization,” said Peterson.

Project type

• Bonsai by FastRuby.io (signature fixed-cost, monthly maintenance service)
• Ruby and Rails Upgrades
• PCI Compliance
• Security Upgrades

Who we are

OmbuLabs.ai is Philadelphia’s AI Consulting Boutique and creators of FastRuby.io: A set of productized services to remediate technical debt.

Specializing in custom AI and machine learning solutions, we help startups to Fortune 500 companies leverage their data to build and improve their digital products. Founded in 2011 and headquartered in Philadelphia, Pennsylvania, our experienced and diverse team of software engineers is ready to do whatever it takes to help your business grow. To learn more about our custom AI services: AI Consulting Services by OmbuLabs.ai

FastRuby.io is a set of battle-tested productized services for your Ruby and Rails applications. We help companies gradually improve their security, performance, technical debt, and software engineering best practices.

In Tim’s words:

“FastRuby.io works independently and reliably-I can trust their work without worrying that something will break. They take real ownership of their commitments and deliver consistently. That level of dependability easily justifies the investment.”

Slow & steady maintenance work is as essential as paying your hosting bill:

“Their services are as essential as hosting—a non-negotiable. I can’t imagine doing business without this partnership; it requires almost no oversight from me.”

Tim Peterson, Founder at TitleLeaf

To learn more about our services, read more about them over here:

• Bonsai, Fixed-cost Monthly Rails Maintenance Services
• Rails Security Audits with Pen Testing
• Tune: Rails Performance Audits

This article will cover the most important aspects that you need to know to get your Ruby on Rails application from version 8.0 to version 8.1.

1. 1. Preparations
2. 2. Ruby Version
3. 3. Gems
4. 4. Config Files
5. 5. Rails Guides
6. 6. Notable New Features
7. 7. Application Code
   • 7.1 Railties
   • 7.2 Action Pack
   • 7.3 Active Record
   • 7.4 Active Storage
   • 7.5 Active Support
   • 7.6 Active Job
8. 8. Next Steps

1. Preparations

Before beginning with the upgrade process, we have some recommended preparations:

• Your Rails app should have the latest patch version before you move to the next major/minor version.
• You should have at least 80% test coverage. We do have an article for strategies on upgrading with low test coverage as well.
• Have a staging environment that is as similar as possible to production, so that proper QA can be completed.
• Check your Gemfile.lock for incompatibilities by using RailsBump.
• Create a dual boot mechanism, the fastest way to do this is installing the handy gem next_rails. Find out more about how and why to dual boot.
• To learn more about dual booting with non-backwards compatible changes you can refer to our Solving Dual Booting Issues when Changes aren’t Backwards Compatible article.

For full details check out our article on How to Prepare Your App for a Rails Upgrade.

2. Ruby Version

For the Rails 8.1 release, Ruby 3.2 is the required minimum version.

Check out our Ruby & Rails Compatibility Table to see all the required Ruby versions across all Rails versions.

3. Gems

Make sure you check the GitHub page of the gems currently installed in your application for more information about compatibility with Rails 8.1. If you are the maintainer of the gem, you’ll need to make sure it supports Rails 8.1. A great tool to checkout gems compatibility is RailsBump. We also encourage you to use the next-rails gem to run bundle_report outdated for more information on gems that will require an update. Check out our article on The Next Rails Gem to learn more.

4. Config Files

Rails includes the rails app:update task. You can use this task as a guideline as explained thoroughly by this Revisiting rails:update blog post.

As an alternative, check out RailsDiff, which provides an overview of the changes in a basic Rails app between 8.0.x and 8.1.x (or any other source/target versions).

5. Rails Guides

It is important to check through the official Rails Guides and follow any of the steps necessary for your application.

6. Notable New Features

Active Job Continuations: Long-running jobs can now be broken into discrete steps that allow execution to continue from the last completed step rather than the beginning after a restart. This is especially helpful when doing deploys with Kamal, which will only give job-running containers thirty seconds to shut down by default.

Structured Event Reporting: The new Event Reporter provides a unified interface for producing structured events in Rails applications. Check out this article on what that means for your Rails app.

Local CI: Rails has added a default CI declaration DSL, which is defined in config/ci.rb and run by bin/ci. You can learn more about this here.

Mardown Rendering: Markdown has become the lingua franca of AI, and Rails has embraced this adoption by making it easier to respond to markdown requests and render them directly.

Command-line Credentials Fetching: Kamal can now easily grab its secrets from the encrypted Rails credentials store for deploys. This makes it a low-fi alternative to external secret stores that only needs the master key available to work.

7. Application Code

If you have ignored deprecation warnings on past version jumps, and haven’t stayed up to date with them you may find that you have issues with broken tests or broken parts of the application. If you have trouble figuring out why something is broken it may be because a deprecation is removed. The following is a list of the removals in Rails 8.1.

7.1 Railties

• Remove deprecated rails/console/methods.rb file.
• Remove deprecated bin/rake stats command.
• Remove deprecated STATS_DIRECTORIES.
• See full list of changes in the changelog.

7.2 Action Pack

• Remove deprecated support to skipping over leading brackets in parameter names in the parameter parser.
• Remove deprecated support for using semicolons as a query string separator.
• Remove deprecated support to a route to multiple paths.
• See full list of changes in the changelog.

7.3 Active Record

• Remove deprecated :retries option for the SQLite3 adapter.
• Remove deprecated :unsigned_float and :unsigned_decimal column methods for MySQL.
• See full list of changes in the changelog.

7.4 Active Storage

• Remove deprecated :azure storage service.
• See full list of changes in the changelog.

7.5 Active Support

• Remove deprecated passing a Time object to Time#since.
• Remove deprecated Benchmark.ms method. It is now defined in the benchmark gem.
• Remove deprecated addition for Time instances with ActiveSupport::TimeWithZone.
• Remove deprecated support for to_time to preserve the system local time. It will now always preserve the receiver timezone.
• See full list of changes in the changelog.

7.6 Active Job

• Remove support to set ActiveJob::Base.enqueue_after_transaction_commit to :never, :always and :default.
• Remove deprecated Rails.application.config.active_job.enqueue_after_transaction_commit.
• Remove deprecated internal SuckerPunch adapter in favor of the adapter included with the sucker_punch gem.
• See full list of changes in the changelog.

8. Next Steps

If you successfully followed all of these steps, you should now be running Rails 8.1!

If you find yourself in need of assistance or your team doesn’t have the time to tackle these challenges, you can always contact us. Our experts are here to help you navigate the upgrade process and ensure your Rails application continues to thrive.

Download our free eBook: The Complete Guide to Upgrade Rails.

After finishing the upgrade (we got the application to Rails 8.1.1 and Ruby 3.4.7), we focused our attention on improving the test’s speed and we reduced the time it took to run the whole test suite (over 10k tests) from 40 minutes to around 4!

The Different Causes of Slow Tests

The Test Runner

The most popular test runners for Rails are currently Minitest and RSpec, and this application was using Test::Unit. Minitest is the default testing framework in new Rails applications and it’s known to be the fastest of the 3.

This, along with other improvements from Ruby and Rails upgrades, already proved beneficial… not on the total run time, but we did notice that the time it took to start the tests improved significantly: when trying to run a single file or a single method, it used to take around 30 seconds booting the app, and by the time we finished the upgrades and the migration to Minitest, this was reduced to a few seconds.

Trying to run a single test inside a file took even longer (we don’t know the exact cause, but it was really slow), when now it takes a similar time to boot the app for the test either with a single file or with a file and a line number specified.

This had a huge impact on the feedback loop when working locally, since running a few specific test files was already better.

But we still had to improve the test suite speed and not just the boot time.

Factories vs Fixtures

This application was already using mostly fixtures for the tests data, with a few factories here and there for some dynamic data. We didn’t have that much to change here, but it’s worth mentioning here.

When we work with factories (like using the factory_bot gem), if our tests keep persisting similar objects, we would be performing the same work many many times, adding up the more tests we have. Imagine a test suite that creates a new User record for every test for authentication purposes, always the same, with database writes every single time.

We can improve those cases with fixtures, records that get created in the database at the beginning of the test suite that can be reused by all tests, reducing the number of database writes and code executed. This always shows a positive improvement in tests speed, and factories can still be used for exceptional cases or more dynamic data that still requires writing to the db. We can also go “all in” and use fixtures for almost everything, but it can be hard to keep them clean and organized.

There are some trade-offs with fixtures though:

• the data is defined in a fixtures file instead of close to the test: this makes it a bit harder to understand what’s the specific state required for a test
• fixtures can be invalid by mistake: since Rails simply inserts the data in the database, if our fixture is not correct, we’ll have an invalid record when reading it from the database (this is really common when models change over time and people forget to update the fixtures to reflect those changes)
• complex associations are hard to setup and maintain: when the fixtures are loaded, Rails will insert records in bulks in the db, without setting up proper associations or join models, and without running callbacks, so setting associations means configuring all the records properly ahead of time, instead of letting Rails handle all that complexity
• fixtures that are only used once can make things hard to maintain with little performance gain

Our experience is that it’s better to combine both Fixtures and Factories in a test suite and use them when they make more sense: use fixtures to generate data that is created constantly by tests, and keep factories for data that is not shared that much or that is really hard to set up properly.

Slow Tests

Sometimes, the reason for a test suite to be slow are specific tests. We have seen in the past some ideas to speed up tests that were correct, changing a known slow pattern in a single file, but for a test that was already fast and the slowness of the pattern was not noticeable in practice.

Always, when talking about performance, it’s important to measure to find where to focus our efforts. With both RSpec and Minitest, the --profile flag can be passed in the command line to get a list of the top 10 slowest tests. With that information we can be more effective and really tackle the tests that will have the highest impact.

With this command we identified some tests that had a sleep(1) call (for historical reasons and some race conditions from when the application used threads) and we could remove them by addressing the actual problem.

Tests Parallelization

One of our goals during the upgrade was to migrate to Minitest, not only because we knew it’s faster, but also because we could remove the test-unit and test-unit-rails gems, and, more importantly, we knew we would be able to use Rails’ parallelization feature to split the workload of running the tests and significantly reduce the time.

Randomized Order

From the beginning of the project, the 10 thousand tests were executed in a non-random order. One of the first things we had to solve was making sure the tests ran randomized. This was not essential for the actual upgrades, but it’s a general good practice and also it was really important for the parallelization in the future, as adding/removing tests or having different numbers of cores was going to have the side effect of having the tests grouped differently over time and with different computers.

These issues typically involved tests changing something and not reverting it back at the end, or some that actually depended on these changes that “leaked” from other tests that ran before. We were already using transactional tests so the data in the database was not a problem, but that won’t solve issues caused by, for example, changing I18n.locale in a test and not changing it back to the original value.

There’s no single way of solving these issues, as they can be anything: a locale change, a file being deleted, a class constant override, some code loaded explicitly in a test, etc. What helps a lot is using the --seed flag to be able to run tests over and over in the same order.

Once we had the test suite running in randomized order, we could finally enable parallelization: a simple parallelize(workers: :number_of_processors) in the ActiveSupport::TestCase class in our test_helper.rb file. We ran the tests and now there’s a line that says Running 10438 tests in parallel using 14 processes and that’s it! … in theory.

Race Conditions

The theory is not wrong though, Rails was running the tests in parallel, but we quickly found out more problems, not just with randomized order for new combinations we didn’t catch before, but also with tests with side-effects that would conflict with other tests running at the same time, a kind of race condition.

Something that we noticed right away was that the test suite total run time changed from over 40 minutes to less than 4! but we could not be confident yet about these results, because we had so many tests failing from these race conditions that many tests were not running all the way to the end, making them take way less time than they should. But it was a good first teaser of the speed improvement!

We found that the main culprit for these race conditions was the heavy use of temporary files by this particular application, and how the tests were creating and deleting files and folders all the time. If two tests are adding files to (or clearing) the tmp/export folder (as an example) before or after they run, when they run in parallel, both will try to remove a file the other test needs.

The solutions were too specific for the client’s application, but there were a few common patterns:

• hardcoded directories: either directly in the code or as class constants
• aggressive deletion of files: instead of deleting the files just created, it was clearing complete directories
• pessimistic deletion of files: clearing complete directories in case a file was problematic (instead of relying on proper cleanup of previous tests)
• tests modifying the same file: with more than one test writing and reading a single file before reverting the changes

This was the most time-consuming process, because, combined with the randomized order and the fact that there’s no warranty 2 tests are going to run at the same time, it was not always easy to find the correct combinations to reproduce these issues (or even find them in the first place!). We had to run the tests over and over and over again for days while fixing these issues.

But now, running the tests was not a problem, it was not tedious, we could run the whole test suite (the 10 thousand tests) in around 4 minutes!

No Minitest? No Problem!

Since the application was using Test::Unit, it was fairly easy to migrate to Minitest, a lot of the syntax is similar, the assertion patterns are similar (even though with different assertion methods), and we knew we wanted to use the built-in parallelization of Rails. But this is not the case for all clients, when they use RSpec or Cucumber we can’t really use Rails’ parallelization, so we have to use alternative gems. Some tools we found over time that could help are:

• flatware (works with RSpec and Cucumber)
• parallel_tests (works with RSpec, Cucumber, and Test::Unit)
• turbo_tests (only RSpec, uses parallel_tests internally but with better output at the end)
• knapsack_pro (integrates with the CI infra to use more than the CPUs of the current machine)

Conclusion

This change was one of our objectives since the beginning of the project, the first priority was always to upgrade Ruby and Rails versions, but keeping in mind that we wanted to enable parallelization down the road right after, so we took small steps in that direction during the whole process. Rails’ parallelization feature was introduced in Rails 6 so it can be enabled earlier if that’s the main priority for your app.

All the upgrades and parallelization of the tests really improved the developer experience:

• engineers can now use modern Ruby and Rails feature and remove old code and dependencies
• they can find better resources for new features
• all the Ruby and Rails speed improvements made the development faster, with better code loading, Ruby speed optimizations, and more
• the engineers could finally start running the tests locally if needed to not rely always on CI for small changes

But the main 2 benefits of the parallelization translate both in release speed and infrastructure costs. Before, they could effectively only merge code into the main branch once every 40 minutes, while it can now happen after 5; and if existing PRs had conflicts, those PRs had to be updated and wait another 40 minutes before being ready for merge. This removed the biggest blocker for engineers to quickly iterate. The whole test suite runs in around 4 minutes (some machines have more or less processors), and it’s not the bottleneck of the process anymore.

The other benefit relates to costs of the CI infrastructure: CI machines were underutilized for years. Each CI machine had between 14 and 16 processors, but, before parallelization, only one core was used to run the tests while the rest were doing practically nothing. This also led to adding more CI machines to speed up the queue of the PRs waiting for tests to run. Now that the machines are being fully used and for a shorter time, the fleet can be reduced, saving not only time but also costs. And since engineers can now run tests locally, this also reduced the number of elements in the CI queue, allowing the fleet to be even smaller.

Do you need help with your slow tests? We can take a look!